Post Syndicated from corbet original https://lwn.net/Articles/940403/

Return-oriented
programming (ROP) has, for some years now, been a valuable tool for
those who would subvert a system’s security. It is thus not surprising
that a lot of effort has gone into thwarting ROP attacks, which depend on
corrupting the call stack with a carefully chosen set of return addresses,
at both the hardware and software levels. One result of this work is
shadow stacks, which can detect corruption of the call stack, allowing the
operating system to react accordingly. The 64-bit Arm implementation of
shadow stacks is called “guarded control stack” (GCS); patches implementing
support for this feature are currently under discussion.