Control-flow
integrity (CFI) is a technique used to reduce the ability to
redirect the execution of a program’s code in attacker-specified ways. The
Clang compiler has some features that can assist in maintaining
control-flow integrity, which have been applied to the Android kernel. Kees
Cook gave a talk about CFI for the Linux kernel at the recently concluded
linux.conf.au in Gold Coast, Australia.

Source: LWN.net – [$] Control-flow integrity for the kernel