Show Your Support: Did you know that the hundreds of articles written on Phoronix each month are mostly authored by one individual? Phoronix.com doesn't have a whole news room with unlimited resources and relies upon people reading our content without blocking ads and alternatively by people subscribing to Phoronix Premium for our ad-free service with other extra features.
Clang CFI Patches For The Linux Kernel Aim To Provide Better Security
Clang's CFI support depended upon the link-time optimization (LTO) support first landing in the kernel. Now that LTO is in place, Sami Tolvanen and the other Google engineers sent out their kernel patches for bringing up the CFI security feature.
Clang's Control-Flow Integrity injects run-time checks before every indirect function call to ensure the target is a valid function and with a valid static type. Clang CFI is implemented as a sanitizer and depends upon the LTO support for checking on hidden LTO visibility of a class. Clang CFI ultimately aims to ensure that the original control flow graph of the binary is not changed and makes it more difficult for malicious actors to change the control flow and take advantage of memory safety issues. CFI is all the more important for the kernel given its privileges.
Clang CFI in general is commonly reported as having a ~1% overhead or less on performance from the added run-time checks.
These patches allow the Linux kernel to be built with Clang Control-Flow Integrity enabled. At the moment it's about 600 lines of code to hook in all of the compiler instrumentation. At the moment this is only working for ARM64 but x86_64 support is expected in short order.