In case any compiler people who follow me are into the compiler horror genre:
github.com/djb77/samsung-
I posted about this years ago. It's Samsung's nightmarish kernel CFI implementation based on post-processing disassembled kernel code with a Python script calling objdump.
Conversation
The only part they implemented in the compiler (GCC) was reserving 3 registers and inserting a bunch of NOPs in the backend code generation for them to use in their post-processing script. It's extremely coarse CFI since it has no proper form of compiler analysis available to it.
1
4
Google implemented proper CFI in Clang along with ShadowCallStack for arm64 (didn't work out for x86). Pixels were an early adopter of deploying both for the Linux kernel and Android increasingly uses them in userspace too. Samsung finally switched to using those years later...
Replying to
They kept using this horrifying nonsense for a long time after better alternatives were available. It's really worth looking through that script. I don't even know where to start on how disgusting it is. They actually used that nonsense in production as headline Knox features....
4