Hardware shadow stack support for legacy guests

The invention claimed is: 1. A method for shadow stack support for legacy guests, the method comprising: executing, by a call module of a processor of a computing device, a call instruction in stack monitoring mode, wherein executing the call instruction comprises: determining, by the call module, whether a legacy stack pointer of the computing device is within a stack bounds of the computing device; generating, by the call module, a virtual machine exit to a stack out-of-bounds handler in response to determining the legacy stack pointer is not within the stack bounds; pushing, by the call module, a return address onto a legacy stack stored in a first memory region of the computing device in response to determining the legacy stack pointer is within the stack bounds; and pushing, by the call module, the return address onto a shadow stack stored in a second memory region of the computing device in response to determining the legacy stack pointer is within the stack bounds, wherein the second memory region is isolated from the first memory region; and executing, by a return module of the processor of the computing device, a return instruction in stack monitoring mode, wherein executing the return instruction comprises: determining, by the return module, whether a to return address of the legacy stack matches a to return address of the shadow stack; generating, by the return module, a virtual machine exit to a stack mismatch handler in response to determining the top return address of the legacy stack does not match the top return address of the shadow stack; popping, by the return module, the top return address from the shadow stack in response to determining the top return address of the legacy stack matches the top return address of the shadow stack; and popping, by the return module, the top return address from the legacy stack in response to determining the top return address of the legacy stack matches the top return address of the shadow stack. 2. The method of claim 1 , further comprising executing, by the computing device, the stack mismatch handler in response to generating the virtual machine exit, wherein the stack mismatch handler is established by a hypervisor of the computing device, and wherein executing the stack mismatch handler comprises: determining whether the stack mismatch is legitimate by applying a heuristic check; handling a suspected return-oriented-programming exploit in response to determining the stack mismatch is not legitimate; and resuming a guest process in response to determining the stack mismatch is legitimate. 3. The method of claim 2 , wherein determining whether the stack mismatch is legitimate comprises: determining whether a part of the shadow stack may be skipped to match the legacy stack; determining, in response to determining the part of the shadow stack may not be skipped, whether a number of consecutive stack mismatches that were not skipped has a predefined relationship to a threshold number of consecutive stack mismatches; calculating a cost value as a function of a gadget length and a stack age of the legacy stack in response to determining the number of consecutive stack mismatches that were not skipped has the predefined relationship to the threshold number of consecutive stack mismatches; determining whether the cost value has a predefined relationship to a threshold total cost; and handling a suspected return-oriented-programming exploit in response to determining the cost value has the predefined relationship to a threshold total cost. 4. The method of claim 3 , wherein executing the stack mismatch handler further comprises: pushing the return address of the legacy stack onto the shadow stack in response to determining the cost value does not have the predefined relationship to the threshold total cost or determining the number of consecutive stack mismatches that were not skipped does not have the predefined relationship to the threshold number of consecutive stack mismatches; and resuming the guest process in response to pushing the return address of the legacy stack onto the shadow stack. 5. The method of claim 1 , further comprising executing, by the computing device, the stack out-of-bounds handler in response to generating the virtual machine exit, wherein the stack out-of-bounds handler is established by a hypervisor of the computing device, and wherein executing the stack out-of-bounds handler comprises: determining a next legacy stack pointer value as a function of the stack out-of-bounds virtual machine exit; determining a maximum stack growth amount without a stack out-of-bounds virtual machine exit associated with the next legacy stack pointer value; allocating shadow stack memory as a function of the maximum stack growth amount, wherein the shadow stack memory is stored in the second memory region of the computing device; and updating the stack bounds of the computing device to allow the next legacy stack pointer value. 6. A computing device for shadow stack support for legacy guests, the computing device comprising: a processor comprising a call module to execute a call instruction in stack monitoring mode and a return module to execute a return instruction in stack monitoring mode, wherein to execute the call instruction comprises to: determine whether a legacy stack pointer of the computing device is within a stack bounds of the computing device; generate a virtual machine exit to a stack out-of-bounds handler in response to a determination that the legacy stack pointer is not within the stack bounds; push a return address onto a legacy stack stored in a first memory region of the computing device in response to a determination that the legacy stack pointer is within the stack bounds; and push the return address onto a shadow stack stored in a second memory region of the computing device in response to the determination that the legacy stack pointer is within the stack bounds, wherein the second memory region is isolated from the first memory region; and wherein to execute the return instruction comprises to: determine whether a top return address of the legacy stack matches a top return address of the shadow stack; generate a virtual machine exit to a stack mismatch handler in response to a determination that the top return address of the legacy stack does not match the top return address of the shadow stack; pop the top return address from the shadow stack in response to a determination that the top return address of the legacy stack matches the top return address of the shadow stack; and pop the top return address from the legacy stack in response to the determination that the top return address of the legacy stack matches the top return address of the shadow stack. 7. The computing device of claim 6 , further comprising a mismatch module established by a hypervisor of the computing device to execute the stack mismatch handler in response to generation of the virtual machine exit, wherein to execute the stack mismatch handler comprises to: determine whether the stack mismatch is legitimate by application of a heuristic check; handle a suspected return-oriented-programming exploit in response to a determination that the stack mismatch is not legitimate; and resume a guest process in response to a determination that the stack mismatch is legitimate. 8. The computing device of claim 7 , wherein to determine whether the stack mismatch is legitimate comprises to: determine whether a part of the shadow stack may be skipped to match the legacy stack; skip the part of the shadow stack in response to a determination that the part of the shadow stack may be skipped; and resume the guest process in response to skipping of the part of the sha