Post Syndicated from jake original https://lwn.net/Articles/977720/

Redirecting execution flow is a common malware
technique that can be used to compromise operating systems. To protect from such attacks,
the chip makers of leading architectures like x86 and arm64 have implemented
control-flow-integrity (CFI) extensions, though they need system
software support to function. At the Linux
Security Summit North America, RISC-V kernel developer Deepak Gupta described the CFI
protections for that architecture and invited community input on the
kernel support for them.