On Mon, Jul 31, 2023 at 02:43:09PM +0100, Mark Brown wrote:
The arm64 Guarded Control Stack (GCS) feature provides support for hardware protected stacks of return addresses, intended to provide hardening against return oriented programming (ROP) attacks and to make it easier to gather call stacks for applications such as profiling.
Why is this better than Clang's software shadow stack implementation? It would be nice to see some justification behind adding all this, rather than it being an architectural tick-box exercise.
Will