[$] Shadow-stack control in clone3()

Shadow stacks are a control-flow-integrity feature designed to defendagainst exploits that manipulate a thread's call stack. The kernel firstgained support for hardware-implemented shadowstacks, for the x86 architecture, in the 6.6 release; 64-bit Armsupport followed in 6.13. This feature does not give user space muchcontrol over the allocation of shadow stacks for new threads, though; a patchseries from Mark Brown may, after many attempts, finally be aboutto change that situation.