> You do realize that a full kernel vulnerability like this allows you to feed falsified information to SafetyNet?
Are you sure that's true? The whole reason why modern Safetynet/Play Integrity uses HSM data where possible is that you can't spoof that with root (without a microcode bug). It does not trust the running OS by design
I just tried GrapheneOS's https://attestation.app/ on a stock Pixel, and all of the OS version info shows in the "hardware verified" section
There's a lot of confusion around attestation, some of which is IMO done intentionally.
First there is Android's attestation framework. That does actual hardware attestation, as used by GrapheneOS, and supported by literally no app whatsoever.
Then there is SafetyNet, now Play Integrity. Depending on what level of integrity checking is being done, this will do a combination of cursory surface-level software checks, delegation to the aforementioned hardware attestation framework, and several other checks.
Importantly, SafetyNet/Play Integrity rejects some devices that pass hardware attestation (e.g., Graphene OS), and accepts some devices that fail hardware attestation (fairphone, many cheaper devices with broken ROMs, etc).
e.g., fairphone leaked the private key for their attestation, but many of their devices still pass SafetyNet, while some other devices that pass attestation but have known bootloader flaws are blocked by SafetyNet.
Because this isn't strict cryptographic verification, but a mess of heuristics and guesswork, it's a constant cat and mouse game.
What Google really achieved here is to make it expensive enough that no casual user can bypass it to e.g. cheat in Pokemon Go, but only a determined attacker has a chance.
And with "determined attacker" I'm not just talking about states, but even e.g. movie pirates breaking DRM to rip Netflix movies.
Of course, even full cryptographic attestation isn't perfect, and can be bypassed with enough effort. As shown by the famous iPhone hardware jailbreak, where you drill into the SoC and solder directly to the CPU's internal wiring.