Kees Cook, former kernel.org CIO and leader of the Ubuntu Security Team, now working for Google to secure Android and ChromeOS, experimental with patches that allow building a kernel for the x86_64 architecture using the Clang compiler and activating the CFI (Control Flow Integrity) protection mechanism. CFI provides for the detection of some forms of undefined behavior that can potentially lead to a violation of the normal control flow (control flow) as a result of the execution of exploits.
Recall that in Changes needed to build the Linux kernel using Clang for x86_64 systems have been included. Android and ChromeOS projects already Clang for kernel building, and Google is testing Clang as the main platform for building kernels for its production Linux systems. Kernel variants built with Clang also develop projects ΠΈ .
Source: opennet.ru