Google has added a new security feature to the latest Linux kernels for Android devices. Control-Flow Integrity (CFI) is a security policy that ensures software execution at run-time must follow the path of a previously determined control flow graph (CFG) Google recommends all Android device vendors to enable the feature in the kernel of their new arm64 devices running Android 9 for additional protection against kernel vulnerabilities. Google Pixel 3 launched earlier this week is the first Android device to integrate the new kernel code protection system.
Source: https://thehackernews.com/2018/10/android-linux-kernel-cfi.html