Control Flow Integrity in the Android kernel (Android Developers)

The Android Developers Blog describes the control-flow integrity work that is shipping on the Pixel 3 handset. "LLVM's CFI implementation adds a check before each indirect branch to confirm that the target address points to a valid function with a correct signature. This prevents an indirect branch from jumping to an arbitrary code location and even limits the functions that can be called. As C compilers do not enforce similar restrictions on indirect branches, there were several CFI violations due to function type declaration mismatches even in the core kernel that we have addressed in our CFI patch sets for kernels 4.9 and 4.14." 查看全文>>