US 11,656,805 B2
Processors, methods, systems, and instructions to protect shadow stacks
Vedvyas Shanbhogue, Austin, TX (US); Jason W. Brandt, Austin, TX (US); Ravi L. Sahita, Beaverton, OR (US); Barry E. Huntley, Hillsboro, OR (US); and Baiju V. Patel, Portland, OR (US)
Assigned to INTEL CORPORATION, Santa Clara, CA (US)
Filed by Intel Corporation, Santa Clara, CA (US)
Filed on Dec. 22, 2020, as Appl. No. 17/131,731.
Application 17/131,731 is a continuation of application No. 14/752,221, filed on Jun. 26, 2015.
Prior Publication US 2021/0109684 A1, Apr. 15, 2021
Int. Cl. H04L 29/06 (2006.01); G06F 3/06 (2006.01); G06F 9/30 (2018.01); G06F 21/52 (2013.01); G06F 9/38 (2018.01); G06F 12/1009 (2016.01); G06F 12/109 (2016.01); G06F 12/1027 (2016.01); G06F 12/1081 (2016.01); G06F 12/1045 (2016.01); G06F 12/14 (2006.01); G06F 12/1036 (2016.01)
CPC G06F 3/0673 (2013.01) [G06F 3/0622 (2013.01); G06F 3/0629 (2013.01); G06F 9/30054 (2013.01); G06F 9/30101 (2013.01); G06F 9/30134 (2013.01); G06F 9/30145 (2013.01); G06F 9/3806 (2013.01); G06F 9/3861 (2013.01); G06F 12/1009 (2013.01); G06F 12/109 (2013.01); G06F 12/1027 (2013.01); G06F 12/1036 (2013.01); G06F 12/1063 (2013.01); G06F 12/1081 (2013.01); G06F 12/1491 (2013.01); G06F 21/52 (2013.01); G06F 2212/1052 (2013.01); G06F 2212/151 (2013.01); G06F 2212/651 (2013.01); G06F 2212/657 (2013.01)] 21 Claims
OG exemplary drawing
 
1. A processor comprising:
a shadow stack pointer (SSP) register to store an SSP, including a first SSP to identify a top of a first shadow stack, the SSP register to indicate a current SSP for a current shadow stack;
a decode unit to decode a shadow stack protection instruction, the shadow stack protection instruction to indicate a second SSP, the second SSP to identify a top of a second shadow stack; and
an execution unit coupled with the decode unit, the execution unit, in response to the shadow stack protection instruction, to:
perform a plurality of security checks, including to determine whether the second SSP is compatible with a value stored on the second shadow stack;
wherein, if at least one of the security checks fail, the execution unit is further to:
not make the second SSP the current SSP; and
cause an exception; and
wherein, if all of the security checks succeed the execution unit is further to switch from the first shadow stack to the second shadow stack, wherein to switch from the first shadow stack to the second shadow stack the execution unit is to:
change the value; and
update the SSP register to the second SSP to make the second SSP the current SSP.