This HTML5 document contains 40 embedded RDF statements represented using HTML+Microdata notation.

The embedded RDF content will be recognized by any processor of HTML5 Microdata.

Namespace Prefixes

PrefixIRI
dctermshttp://purl.org/dc/terms/
yago-reshttp://yago-knowledge.org/resource/
dbohttp://dbpedia.org/ontology/
foafhttp://xmlns.com/foaf/0.1/
n6https://global.dbpedia.org/id/
dbthttp://dbpedia.org/resource/Template:
rdfshttp://www.w3.org/2000/01/rdf-schema#
rdfhttp://www.w3.org/1999/02/22-rdf-syntax-ns#
owlhttp://www.w3.org/2002/07/owl#
wikipedia-enhttp://en.wikipedia.org/wiki/
dbchttp://dbpedia.org/resource/Category:
provhttp://www.w3.org/ns/prov#
dbphttp://dbpedia.org/property/
xsdhhttp://www.w3.org/2001/XMLSchema#
wikidatahttp://www.wikidata.org/entity/
dbrhttp://dbpedia.org/resource/

Statements

Subject Item
dbr:Control-flow_integrity
dbo:wikiPageWikiLink
dbr:Shadow_stack
Subject Item
dbr:Zen_3
dbo:wikiPageWikiLink
dbr:Shadow_stack
Subject Item
dbr:Tiger_Lake
dbo:wikiPageWikiLink
dbr:Shadow_stack
Subject Item
dbr:Willow_Cove
dbo:wikiPageWikiLink
dbr:Shadow_stack
Subject Item
dbr:Windows_10_version_20H2
dbo:wikiPageWikiLink
dbr:Shadow_stack
Subject Item
dbr:Alder_Lake
dbo:wikiPageWikiLink
dbr:Shadow_stack
Subject Item
dbr:Intel_Core
dbo:wikiPageWikiLink
dbr:Shadow_stack
Subject Item
dbr:X86_instruction_listings
dbo:wikiPageWikiLink
dbr:Shadow_stack
Subject Item
dbr:Sigreturn-oriented_programming
dbo:wikiPageWikiLink
dbr:Shadow_stack
Subject Item
dbr:Shadow_stack
rdfs:label
Shadow stack
rdfs:comment
In computer security, a shadow stack is a mechanism for protecting a procedure's stored return address, such as from a stack buffer overflow. The shadow stack itself is a second, separate stack that "shadows" the program call stack. In the function prologue, a function stores its return address to both the call stack and the shadow stack. In the function epilogue, a function loads the return address from both the call stack and the shadow stack, and then compares them. If the two records of the return address differ, then an attack is detected; the typical course of action is simply to terminate the program or alert system administrators about a possible intrusion attempt. A shadow stack is similar to stack canaries in that both mechanisms aim to maintain the control-flow integrity of the
dcterms:subject
dbc:Computer_security
dbo:wikiPageID
51622444
dbo:wikiPageRevisionID
1067615323
dbo:wikiPageWikiLink
dbc:Computer_security dbr:Thread_(computing) dbr:Function_epilogue dbr:Exploit_(computer_security) dbr:Computer_security dbr:Setjmp.h dbr:Stack_buffer_overflow dbr:Buffer_overflow dbr:Buffer_overflow_protection dbr:Subroutine dbr:Control-flow_integrity dbr:Exception_handling dbr:Function_prologue dbr:Memory_safety dbr:Intel dbr:Return_address_(computing) dbr:Call_stack
owl:sameAs
n6:2aL27 wikidata:Q27628368 yago-res:Shadow_stack
dbp:wikiPageUsesTemplate
dbt:Reflist
dbo:abstract
In computer security, a shadow stack is a mechanism for protecting a procedure's stored return address, such as from a stack buffer overflow. The shadow stack itself is a second, separate stack that "shadows" the program call stack. In the function prologue, a function stores its return address to both the call stack and the shadow stack. In the function epilogue, a function loads the return address from both the call stack and the shadow stack, and then compares them. If the two records of the return address differ, then an attack is detected; the typical course of action is simply to terminate the program or alert system administrators about a possible intrusion attempt. A shadow stack is similar to stack canaries in that both mechanisms aim to maintain the control-flow integrity of the protected program by detecting attacks that tamper the stored return address by an attacker during an exploitation attempt. Shadow stacks can be implemented by recompiling programs with modified prologues and epilogues, by dynamic binary rewriting techniques to achieve the same effect, or with hardware support. Unlike the call stack, which also stores local program variables, passed arguments, spilled registers and other data, the shadow stack typically just stores a second copy of a function's return address. Shadow stacks provide more protection for return addresses than stack canaries, which rely on the secrecy of the canary value and are vulnerable to non-contiguous write attacks. Shadow stacks themselves can be protected with guard pages or with information hiding, such that an attacker would also need to locate the shadow stack to overwrite a return address stored there. Like stack canaries, shadow stacks do not protect stack data other than return addresses, and so offer incomplete protection against security vulnerabilities that result from memory safety errors. In 2016, Intel announced upcoming hardware support for shadow stacks with their Control-flow Enforcement Technology. Shadow stacks face some compatibility problems. After a program throws an exception or a longjmp occurs, the return address at the top of the shadow stack will not match return address popped from the call stack. The typical solution for this problem is to pop entries from the shadow stack until a matching return address is found, and to only terminate the program when no match is found in the shadow stack. A multithreaded program, which would have a call stack for each executing thread, would then also have a shadow stack shadowing each of the call stacks.
prov:wasDerivedFrom
wikipedia-en:Shadow_stack?oldid=1067615323&ns=0
dbo:wikiPageLength
5371
foaf:isPrimaryTopicOf
wikipedia-en:Shadow_stack
Subject Item
wikipedia-en:Shadow_stack
foaf:primaryTopic
dbr:Shadow_stack