solidot新版网站常见问题,请点击这里查看。
消息
本文已被查看6869次
Control Flow Integrity in the Android kernel (Android Developers)
来源于:LWN
The Android Developers Blog describes
the control-flow integrity work that is shipping on the Pixel 3
handset. "LLVM's CFI implementation adds a check before each
indirect branch to confirm that the target address points to a valid
function with a correct signature. This prevents an indirect branch from
jumping to an arbitrary code location and even limits the functions that
can be called. As C compilers do not enforce similar restrictions on
indirect branches, there were several CFI violations due to function type
declaration mismatches even in the core kernel that we have addressed in
our CFI patch sets for kernels 4.9 and 4.14." 查看全文>>