Language Selection

English French German Italian Portuguese Spanish

Control Flow Integrity in the Android kernel

Filed under

Android's security model is enforced by the Linux kernel, which makes it a tempting target for attackers. We have put a lot of effort into hardening the kernel in previous Android releases and in Android 9, we continued this work by focusing on compiler-based security mitigations against code reuse attacks.

Google's Pixel 3 will be the first Android device to ship with LLVM's forward-edge Control Flow Integrity (CFI) enforcement in the kernel, and we have made CFI support available in Android kernel versions 4.9 and 4.14. This post describes how kernel CFI works and provides solutions to the most common issues developers might run into when enabling the feature.

Read more

More in Tux Machines

Type Title Author Replies Last Postsort icon
Story Android Leftovers Rianne Schestowitz 16/10/2018 - 8:59am
Story piwheels: Speedy Python package installation for the Raspberry Pi Rianne Schestowitz 16/10/2018 - 8:52am
Story Security: 'Cyber' Wars, IPFS, Updates and PHP FUD Roy Schestowitz 1 16/10/2018 - 8:20am
Story KDE: digiKam Recipes, Krita and Calligra Boost From Handshake Foundation Roy Schestowitz 16/10/2018 - 4:36am
Story GNOME: Restyling, Geoclue and Outreachy Roy Schestowitz 16/10/2018 - 4:33am
Story Kali Linux: What You Must Know Before Using it Roy Schestowitz 16/10/2018 - 3:32am
Story Kernel: Qualcomm/Atheros "Ath10k", FUSE and Code of Conduct Roy Schestowitz 16/10/2018 - 3:29am
Story Plasma 5.14 – Phasers on stun Roy Schestowitz 16/10/2018 - 3:27am
Story today's howtos Roy Schestowitz 16/10/2018 - 3:19am
Story Graphics: CodeXL, X.Org Server, and SIMD32 Roy Schestowitz 16/10/2018 - 2:52am