[$] Kernel control-flow-integrity support comes to GCC

Date:
Fri, 06 Feb 2026 16:23:30 +0000

Description:
Control-flow integrity (CFI) is a set of techniques that make it more difficult for
attackers to hijack indirect jumps to exploit a system. The Linux kernel has supported forward-edge CFI (which protects indirect function calls) since
2020 , with the most recent implementation
of the feature introduced in 2022 . That
version avoids the overhead introduced by the earlier approach by using a compiler flag ( -fsanitize=kcfi ) that is present in Clang but not in
GCC. Now, Kees Cook has a patch set adding that support to GCC that looks likely to land in GCC
17.

======================================================================
Link to news story:
https://lwn.net/Articles/1056601/


--- Mystic BBS v1.12 A49 (Linux/64)
* Origin: tqwNet UK HUB @ hub.uk.erb.pw (1337:1/100)