yjugl
commented
3 months ago MinGW builds are failing not finding ProcessUserShadowStackPolicy and PROCESS_MITIGATION_USER_SHADOW_STACK_POLICY, although these two symbols were pushed to mingw-w64 in July 2021 (integration, original message). Could it be that the CI is using an outdated version of mingw-w64? Do you have control over that?
Since #791 we are ensuring a proper call-ret discipline in the x86 interceptor, if we detect that the CPU is compatible with Intel CET shadow stacks. As discussed in #791, this has an unnecessary performance cost if the mitigation is not used by the current process. This extra patch thus ignores CET shadow stacks compatibility on Windows if we detect that the current process is not using the mitigation. It might be cleaner to move this code outside
gum_do_query_cpu_features, but putting it there makes the patch very simple and atomic.