kCFI is a tool that enables the compilation of commodity Operating Systems with Control-Flow Integrity protection. kCFI first prototype was developed/implemented during a PhD program held in the University of Campinas, in Brazil. Although fully functional, the tool remains in a very experimental shape, needing to be refactored prior to being released.

As kCFI consists in multiple tools, which include compiler plugins, kernel patches and binary analyzers, its deployment is considerably complex. Once code refactoring is finished, the next step consists in setting up proper repositories for the tool and for each submodule, along with scripts and documentation to enable easy configuration and compilation on new environments.

Current documentation on kCFI (which by the time was called FLOW) is limited to this paper: <a href=http://sbseg2016.ic.uff.br/pt/files/anais/completos/ST8-1.pdf> Go with the FLOW: Fine-Grained Control-Flow Integrity for the Kernel</a> (slightly outdated)

Looking for hackers with the skills:

Nothing? Add some keywords!

This project is part of:

Hack Week 15 Hack Week 16

Activity

  • over 6 years ago: dsterba liked this project.
  • about 7 years ago: jmoreira started this project.
  • about 7 years ago: jmoreira originated this project.

  • Comments

    Be the first to comment!

    Similar Projects

    This project is one of its kind!