On 9/8/20 10:50 AM, Yu, Yu-cheng wrote: > What about this: > > - Do not add any new syscall or arch_prctl for creating a new shadow stack. > > - Add a new arch_prctl that can turn an anonymous mapping to a shadow > stack mapping. > > This allows the application to do whatever is necessary. It can even > allow GDB or JIT code to create or fix a call stack. Fine with me. But, it's going to effectively be arch_prctl(PR_CONVERT_TO_SHS..., addr, len); when it could just as easily be: madvise(addr, len, MADV_SHSTK...); Or a new syscall. The only question in my mind is whether we want to do something generic that we can use for other similar things in the future, like: madvise2(addr, len, flags, MADV2_SHSTK...); I don't really feel strongly about it, though. Could you please share your logic on why you want a prctl() as opposed to a whole new syscall?
