Google's new Pixel 3 handset[1] is the first Android device to feature a new kernel code protection system, the company said today.
Named Control Flow Integrity[2] (CFI), this technique works by preventing malware, exploits, or other malicious code from hijacking the execution flows of legitimate applications.
CFI prevents attackers from hijacking functions and pieces of code from legitimate apps and using those apps and their permissions to perform malicious operations.
CFI is not new per-se, being already used for more than a decade inside Linux, Windows (known as Control Flow Guard), and for the protection of individual application binaries (such as Chromium[3]). It is generally considered the best way to defend against "code reuse attacks[4]" and it has now also been added to the Android kernel as well.
Android 9.0 (also known as P or Pie), released at the end of August, was the first Android OS version to feature some CFI support.
For that version, CFI support was enabled by default "within the media frameworks and other security-critical components, such as NFC and Bluetooth," Google said in June[5].
In a blog post[6] today, Google said the entire Android kernel is now protected by CFI, and specifically, by "forward-edge Control Flow Integrity (CFI)[7]," as implemented by the LLVM compiler, which Google uses to compile the Android OS kernel.
"Google's Pixel 3 will be the first Android device to ship with these protections, and we have made the feature available to all device vendors through the Android common kernel," said Sami Tolvanen, Staff Software Engineer, Android Security.
The company now hopes that Android OEM vendors will also integrate and activate this security