> It's really just a couple of new primitives to emit a jump as a call and > one to slam in a new return address. Given those I think you can do the > entire implementation as RTL at expansion time and you've got a damn > good shot at protecting most architectures from these kinds of attacks.
I think that you're a bit optimistic here and that implementing a generic and robust framework at the RTL level might require some time. Given the time and (back-)portability constraints, it might be wiser to rush into architecture- specific countermeasures than to rush into an half-backed RTL framework. -- Eric Botcazou
