kCFI is a tool that enables the compilation of commodity Operating Systems with Control-Flow Integrity protection. kCFI first prototype was developed/implemented during a PhD program held in the University of Campinas, in Brazil. Although fully functional, the tool remains in a very experimental shape, needing to be refactored prior to being released.

As kCFI consists in multiple tools, which include compiler plugins, kernel patches and binary analyzers, its deployment is considerably complex. Once code refactoring is finished, the next step consists in setting up proper repositories for the tool and for each submodule, along with scripts and documentation to enable easy configuration and compilation on new environments.

Current documentation on kCFI (which by the time was called FLOW) is limited to this paper: <a href=http://sbseg2016.ic.uff.br/pt/files/anais/completos/ST8-1.pdf> Go with the FLOW: Fine-Grained Control-Flow Integrity for the Kernel</a> (slightly outdated)

Looking for mad skills in:

Nothing? Add some keywords!

This project is part of:

Hack Week 15 Hack Week 16

Activity

  • over 1 year ago: dsterba liked kCFI Release
  • about 2 years ago: jmoreira started kCFI Release
  • about 2 years ago: jmoreira originated kCFI Release
  • Show History

    Comments

    Be the first to comment!

    Similar Projects

    This project is one of its kind!