[llvm] [BOLT] Gadget scanner: detect non-protected indirect calls (PR #131899)

[Kristof Beyls via llvm-commits]

================
@@ -247,12 +247,14 @@ static cl::opt<bool> WriteBoltInfoSection(
     "bolt-info", cl::desc("write bolt info section in the output binary"),
     cl::init(true), cl::Hidden, cl::cat(BoltOutputCategory));
 
-cl::list<GadgetScannerKind>
-    GadgetScannersToRun("scanners", cl::desc("which gadget scanners to run"),
-                        cl::values(clEnumValN(GS_PACRET, "pacret", "pac-ret"),
-                                   clEnumValN(GS_ALL, "all", "all")),
-                        cl::ZeroOrMore, cl::CommaSeparated,
-                        cl::cat(BinaryAnalysisCategory));
+cl::bits<GadgetScannerKind> GadgetScannersToRun(
+    "scanners", cl::desc("which gadget scanners to run"),
+    cl::values(clEnumValN(GS_PACRET, "pacret",
+                          "Return address protection (subset of \"pauth\")"),
----------------
kbeyls wrote:

the `pac-ret` hardening scheme is enabled in gcc and clang using the command line option `-mbranch-protection=none|standard|pac-ret`.
Since compiler users know this protection from the term `pac-ret` on the command line and the compiler documentation, I think it would be good if the term `pac-ret` also appears in the documentation string for this command line option.

What about `"pac-ret: return address protection (subset of `"pauth\")"`.

(Aside: looking at this, I'm starting to wonder if we shouldn't change the command line option here from `pacret` to `pac-ret`, for consistency with the gcc and clang command line options. But let's leave that for a separate PR if we decide that's the right thing to do.)

https://github.com/llvm/llvm-project/pull/131899