←back to thread

Transition to using 16 KB page sizes for Android apps and games

(android-developers.googleblog.com)
95 points ingve | 1 comments | 11 Jul 25 07:04 UTC | HN request time: 0.208s | source
Show context
nubinetwork ◴[15 Jul 25 02:01 UTC] No.44567177[source]
I can understand the desire for google to want devs to recompile their apps, but I don't see the need to dump old apps from the app store... who cares if an old app that works wastes 12k if it only needs a single 4k page?
replies(7): >>44567219 #>>44567321 #>>44567891 #>>44567924 #>>44568023 #>>44568923 #>>44571850 #
ryao ◴[15 Jul 25 02:11 UTC] No.44567219[source]
I am not familiar with Android, but Linux ELF binaries that specify 4KB alignment will not work on systems with 16KB page sizes, since the ELF interpreter will refuse to load them. This hit me recently when trying to run a 32-bit binary on a Linux ARM system that had 16KB size pages, since the 32-bit OpenSSL libraries specified 4KB alignment. Presumably, this was done for maximizing entropy available to ASLR, but it breaks the binaries when the page size increases.

In any case, I assume that there is something similar affecting Android.

replies(2): >>44567516 #>>44571146 #
dwattttt ◴[15 Jul 25 03:08 UTC] No.44567516[source]
Page size impacts page permissions; it's not a matter of wasting 12k, it's that with 4kb pages you're allowed to have a consecutive 8kb region with different permissions. 16kb pages can't do that without segfaulting every time memory is used "wrong", and trying to fix that up transparently would be a nightmare.
replies(2): >>44567758 #>>44575845 #
bjourne ◴[15 Jul 25 21:08 UTC] No.44575845[source]
That's a valid point, but isn't memory protection the only common user-visible effect of changed page sizes? It would seem most apps which do not use write-protected memory would be unaffected.
replies(1): >>44576887 #
1. dwattttt ◴[15 Jul 25 23:11 UTC] No.44576887[source]
I think the most immediate problem would be ELF segments that aren't 16kb aligned. Code will abut data, you can't add a gap without breaking offsets inside the ELF, and you'll induce the segfault during every write to a global at the start of the writable code, or executing code at the end of the code segment.

A less safe option would be for permissions to be a union in that region, as code rarely depends on a permission being absent. That would be quite the security hole though.