GCC 15 feature development is soon wrapping up to focus on bug fixing before releasing GCC 15.1 as stable in the early months of 2025. One of the latest features to make it in the compiler codebase is code generation support around Arm Guarded Control Stack (GCS) functionality.
Arm introduced Guarded Control Stack with their 2022 CPU extensions and is a means of helping mitigate against some return object programming (ROP) attacks. As explained in the Arm documentation:
“A GCS is a protected region of virtual address space allocated by software. When the processor executes a Branch with Link instruction, such as BL, the return address is pushed onto the GCS as well as being written into the Link Register (LR). On a procedure return, the latest stored return address is popped from the GCS. The processor either compares the popped value with the LR, or uses the popped value directly…To prevent accidental or malicious changes to the GCS, a new Stage 1 permission is introduced. This permission allows reads by software, but restricts writes to either GCSPUSH instructions or as a side-effect of executing a BL.”
With the latest GCC patches merged on Thursday, there is now a “-mbranch-protection=gcs” option supported. This enables Arm Guarded Control Stack compatible code generation. This branch protection option is the same one that can also be set to Branch Target Identification “BTI” for earlier Arm processors.
The -mbranch-protection=gcs option is introduced via this commit while related Arm GCS patches were also merged on Thursday and will all be part of the upcoming GCC 15.1 release.
