> On 2/5/20 10:19 AM, Yu-cheng Yu wrote: > > Introduce Kconfig option: X86_INTEL_SHADOW_STACK_USER. > > > > Shadow Stack (SHSTK) provides protection against function return address > > corruption. It is active when the kernel has this feature enabled, and > > both the processor and the application support it. When this feature is > > enabled, legacy non-SHSTK applications continue to work, but without SHSTK > > protection. > > > > The user-mode SHSTK protection is only implemented for the 64-bit kernel. > > IA32 applications are supported under the compatibility mode. > > I think what you're trying to say here is that the hardware supports > shadow stacks with 32-bit kernels. However, this series does not > include that support and we have no plans to add it. > > Right? > > I'll let others weigh in, but I rather dislike the use of acronyms here. > I'd much rather see the english "shadow stack" everywhere than SHSTK. For the record, I like "shadow stack" better, too.
