A preview is not available for this record, please engage by choosing from the available options ‘download’ or ‘view’ to engage with the material
Description
Intel’s Control-Flow Enforcement Technology (CET) uses shadow stacks to ensure the correctness of certain control-flow transfers. Some control-flow transfers update a shadow stack with multiple accesses. Such shadow-stack updates are said to be complex. Certain events encountered during a complex shadow-stack update in a virtual machine may lead to unexpected behavior. This paper presents recommendations that operating systems and virtual-machine monitors can use to prevent these unexpected behaviors. These recommendations are based on new CPU support planned by Intel.