Language Selection

English French German Italian Portuguese Spanish

Control Flow Integrity in the Android kernel

Filed under

Android's security model is enforced by the Linux kernel, which makes it a tempting target for attackers. We have put a lot of effort into hardening the kernel in previous Android releases and in Android 9, we continued this work by focusing on compiler-based security mitigations against code reuse attacks.

Google's Pixel 3 will be the first Android device to ship with LLVM's forward-edge Control Flow Integrity (CFI) enforcement in the kernel, and we have made CFI support available in Android kernel versions 4.9 and 4.14. This post describes how kernel CFI works and provides solutions to the most common issues developers might run into when enabling the feature.

Read more

More in Tux Machines

Type Title Author Replies Last Postsort icon
Story Games: Evan's Remains, Path of Titans, GIGABUSTER, SpriteStack Roy Schestowitz 18/07/2019 - 12:43pm
Story Shrinking Linux Attack Surfaces Roy Schestowitz 18/07/2019 - 12:28pm
Story Concept of Hard Links in Linux Explained itsfoss 18/07/2019 - 11:59am
Story today's leftovers Roy Schestowitz 18/07/2019 - 11:43am
Story Today in Techrights Roy Schestowitz 18/07/2019 - 11:36am
Story Android Leftovers Rianne Schestowitz 18/07/2019 - 11:30am
Story Ubuntu 18.10 Cosmic Cuttlefish reaches end of life on Thursday, upgrade now Rianne Schestowitz 1 18/07/2019 - 11:12am
Story Android Leftovers Rianne Schestowitz 18/07/2019 - 8:52am
Story Software: GnuCash, Health-check and Xsnow Roy Schestowitz 18/07/2019 - 3:31am
Story IBM, Fedora, and Servers Roy Schestowitz 18/07/2019 - 3:29am