On Mon, Oct 11, 2021 at 8:42 AM Dan Li <ashimida@xxxxxxxxxxxxxxxxx> wrote: > > > > On 10/10/21 11:43 PM, Miguel Ojeda wrote: > > On Sun, Oct 10, 2021 at 5:16 PM Dan Li <ashimida@xxxxxxxxxxxxxxxxx> wrote: > >> > >> - This option enables Clang's Shadow Call Stack, which uses a > >> - shadow stack to protect function return addresses from being > >> - overwritten by an attacker. More information can be found in > >> - Clang's documentation: > >> + This option enables Clang/GCC plugin's Shadow Call Stack, which > >> + uses a shadow stack to protect function return addresses from > >> + being overwritten by an attacker. More information can be found > >> + in Clang's documentation: > > > > Perhaps it could be worded in a better way? It sounds like it is a > > custom plugin for Clang as well, e.g.: > > > > This option enables Shadow Call Stack (in the case of GCC, as a plugin), > > > > Cheers, > > Miguel > > > > Thanks Miguel. > > How about writing like this: > This option enables Shadow Call Stack (supported as a compiler option in > the case of clang, supported as a plugin in the case of gcc), which uses > a shadow stack to ... That sounds reasonable. One question I have Dan, what is your sense for getting this feature landed upstream in GCC proper? It's neat to be able to use plugins to support older versions of a compiler than when the feature initially lands; I was curious if you're working to submit this into GCC as well? I didn't see anything in GCC's bug tracker for "shadow call stack," but maybe there's a different feature bug tracking this? -- Thanks, ~Nick Desaulniers
