Add an "scs" flag for enabling shadow call stack on targets. Shadow call stack (SCS) is a security mitigation that uses a separate stack (the SCS) for return addresses. The effect of setting sanitize.scs on a shared library is to build the library and all of its static library dependencies with SCS. This is similar to CFI and the other sanitizers. Bug: 112907825 Bug: 119557795 Change-Id: I82fb2b38b10eac911c4d2d120b74fea4af0622ad

commit: 8c7e6e2626274c060483b02792a6dd6488264b2f [log] [tgz]
author: Peter Collingbourne <pcc@google.com> Mon Nov 19 16:03:58 2018 -0800
committer: Peter Collingbourne <pcc@google.com> Mon Nov 19 17:39:23 2018 -0800
tree: 0bdf9ca907f0fb8a7ca361aba40d7eb5488b281c
parent: bba551c1faa41025e2e76230b258f94d042b99d9 [diff] [blame]
diff --git a/cc/cc.go b/cc/cc.go
index ed65aa6..5485ae3 100644
--- a/cc/cc.go
+++ b/cc/cc.go

@@ -53,6 +53,9 @@
 		ctx.TopDown("cfi_deps", sanitizerDepsMutator(cfi))
 		ctx.BottomUp("cfi", sanitizerMutator(cfi)).Parallel()
 
+		ctx.TopDown("scs_deps", sanitizerDepsMutator(scs))
+		ctx.BottomUp("scs", sanitizerMutator(scs)).Parallel()
+
 		ctx.TopDown("tsan_deps", sanitizerDepsMutator(tsan))
 		ctx.BottomUp("tsan", sanitizerMutator(tsan)).Parallel()
commit	8c7e6e2626274c060483b02792a6dd6488264b2f	[log] [tgz]
author	Peter Collingbourne <pcc@google.com>	Mon Nov 19 16:03:58 2018 -0800
committer	Peter Collingbourne <pcc@google.com>	Mon Nov 19 17:39:23 2018 -0800
tree	0bdf9ca907f0fb8a7ca361aba40d7eb5488b281c
parent	bba551c1faa41025e2e76230b258f94d042b99d9 [diff] [blame]