Linux Foundation e phatlalalitse hore Google e fane ka chelete bakeng sa mosebetsi ho boloka mekhoa ea ts'ireletso ho Linux kernel le ho matlafatsa ts'ireletso ea kernel. Gustavo Silva le Nathan Chancellor ba tla hiroa ka nako eohle.
Nathan o tsejoa ka mosebetsi oa hae oa ho etsa bonnete ba hore kernel ea Linux e hahiloe ho sebelisoa motlatsi oa Clang le ho kenyelletsa mekhoa ea ts'ireletso ea nako e kang CFI (Control Flow Integrity) mohahong. Mosebetsi oa nakong e tlang oa Nathan mothating oa pele o tla tsepamisa maikutlo ho feliseng liphoso tsohle tse hlahang ha o sebelisa Clang/LLVM, le ho kenya tšebetsong sistimi e tsoelang pele ea ho kopanya bakeng sa liteko tsa Clang-based builds. Hang ha litaba tse tsebahalang li rarollotsoe, mosebetsi o tla qala ho eketsa lintlafatso tse ling tsa ts'ireletso tse fanoeng ke motlalehi oa Clang ho kernel.
Gustavo ke e mong oa bankakarolo ba mafolofolo morerong oa KSPP (Kernel Self Protection Project) ho khothaletsa mahlale a ts'ireletso a sebetsang kernel ea Linux. Mosebetsi o ka sehloohong oa Gustavo e tla ba ho felisa lihlopha tse itseng tsa li-buffer overflows ka ho fetola mehlala eohle ea lihlopha tse nang le bolelele ba zero kapa tse nang le ntho e le 'ngoe feela e nang le phatlalatso e se nang moeli (Flexible Array Member). Ho phaella moo, Gustavo o tla kenya letsoho ho lokisa liphoso ka khoutu pele e kena karolong e ka sehloohong ea kernel, le ho hlahisa mekhoa ea ts'ireletso e sebetsang ka har'a kernel.
Source: opennet.ru