On 10/12/21 1:23 AM, Nick Desaulniers wrote:
On Mon, Oct 11, 2021 at 8:42 AM Dan Li <ashimida@xxxxxxxxxxxxxxxxx> wrote:
On 10/10/21 11:43 PM, Miguel Ojeda wrote:
On Sun, Oct 10, 2021 at 5:16 PM Dan Li <ashimida@xxxxxxxxxxxxxxxxx> wrote:
- This option enables Clang's Shadow Call Stack, which uses a
- shadow stack to protect function return addresses from being
- overwritten by an attacker. More information can be found in
- Clang's documentation:
+ This option enables Clang/GCC plugin's Shadow Call Stack, which
+ uses a shadow stack to protect function return addresses from
+ being overwritten by an attacker. More information can be found
+ in Clang's documentation:
Perhaps it could be worded in a better way? It sounds like it is a
custom plugin for Clang as well, e.g.:
This option enables Shadow Call Stack (in the case of GCC, as a plugin),
Cheers,
Miguel
Thanks Miguel.
How about writing like this:
This option enables Shadow Call Stack (supported as a compiler option in
the case of clang, supported as a plugin in the case of gcc), which uses
a shadow stack to ...
That sounds reasonable.
One question I have Dan, what is your sense for getting this feature
landed upstream in GCC proper? It's neat to be able to use plugins to
support older versions of a compiler than when the feature initially
lands; I was curious if you're working to submit this into GCC as
well? I didn't see anything in GCC's bug tracker for "shadow call
stack," but maybe there's a different feature bug tracking this?
Thanks Nick.
The original intention of this plugin is to provide the customer's (bsp)
kernel with the ability to enable SCS protection under gcc. It's not
always feasible to recompile gcc or convince customers to switch to a
higher version, so I implemented this feature through a plugin. For bsp,
this method could reduce its use cost.
Because my main area of concern is kernel security, I first submitted
this plugin to the community.
I think [PATCH V2] can also be submitted to the gcc mainline. This is
my next plan, and I still need some time to reorganize it into the gcc
source code.