Language Selection

English French German Italian Portuguese Spanish

Control Flow Integrity in the Android kernel

Filed under
Android

Android's security model is enforced by the Linux kernel, which makes it a tempting target for attackers. We have put a lot of effort into hardening the kernel in previous Android releases and in Android 9, we continued this work by focusing on compiler-based security mitigations against code reuse attacks.

Google's Pixel 3 will be the first Android device to ship with LLVM's forward-edge Control Flow Integrity (CFI) enforcement in the kernel, and we have made CFI support available in Android kernel versions 4.9 and 4.14. This post describes how kernel CFI works and provides solutions to the most common issues developers might run into when enabling the feature.

Read more

More in Tux Machines

Type Title Author Replies Last Postsort icon
Story KIT Scenarist is a Powerful Tool for Creating Screenplays itsfoss 17/06/2019 - 11:14am
Story Android Leftovers Rianne Schestowitz 17/06/2019 - 6:31am
Story R.T. Russell's Z80 BBC Basic is now open source Roy Schestowitz 17/06/2019 - 4:29am
Story Games: Strange Loop Games and City Builder Roy Schestowitz 17/06/2019 - 2:49am
Story The best, until OpenMandriva does better: released OMLx 4.0 Rianne Schestowitz 2 17/06/2019 - 2:41am
Story Debian GNU/Linux riscv64 port in mid 2019 Roy Schestowitz 17/06/2019 - 2:37am
Story Latest Security FUD Roy Schestowitz 17/06/2019 - 2:17am
Story Software: Synapse, Qmmp and LibreOffice Roy Schestowitz 17/06/2019 - 2:16am
Story Lenovo ThinkPad P Laptops Are Available with Ubuntu Roy Schestowitz 17/06/2019 - 2:13am
Story Move to pay Debian devs for project work rears its head again Roy Schestowitz 17/06/2019 - 2:09am