Control-flow integrity for the kernel
Control-flow integrity for the kernel
[Kernel] Posted Jan 22, 2020 0:46 UTC (Wed) by jake
Control-flow integrity (CFI) is a technique used to reduce the ability to redirect the execution of a program's code in attacker-specified ways. The Clang compiler has some features that can assist in maintaining control-flow integrity, which have been applied to the Android kernel. Kees Cook gave a talk about CFI for the Linux kernel at the recently concluded linux.conf.au in Gold Coast, Australia.