[RFC PATCH 0/7] SVM guest shadow stack support

[RFC PATCH 0/7] SVM guest shadow stack support

[John Allen]

AMD Zen3 and newer processors support shadow stack, a feature designed to
protect against ROP (return-oriented programming) attacks in which an attacker
manipulates return addresses on the call stack in order to execute arbitrary
code. To prevent this, shadow stacks can be allocated that are only used by
control transfer and return instructions. When a CALL instruction is issued, it
writes the return address to both the program stack and the shadow stack. When
the subsequent RET instruction is issued, it pops the return address from both
stacks and compares them. If the addresses don't match, a control-protection
exception is raised.

Shadow stack and a related feature, Indirect Branch Tracking (IBT), are
collectively referred to as Control-flow Enforcement Technology (CET). However,
current AMD processors only support shadow stack and not IBT.

This series adds support for shadow stack in SVM guests and builds upon the
support added in the CET guest support patch series [1] and the CET kernel
patch series [2]. Additional patches are required to support shadow stack
enabled guests in qemu [3] and glibc [4].

[1]: CET guest support patches
https://lore.kernel.org/all/20220616084643.19564-1-weijiang.yang@intel.com/

[2]: Latest CET kernel patches
https://lore.kernel.org/all/20220929222936.14584-1-rick.p.edgecombe@intel.com/

[3]: CET qemu patches
https://patchwork.ozlabs.org/project/qemu-devel/patch/20201013051935.6052-2-weijiang.yang@intel.com/

[4]: glibc tree containing necessary updates
https://gitlab.com/x86-glibc/glibc/-/tree/users/hjl/cet/master/

John Allen (7):
  KVM: x86: Move shared CET routine to common x86 kvm code
  KVM: x86: SVM: Emulate reads and writes to shadow stack MSRs
  KVM: x86: SVM: Update dump_vmcb with shadow stack save area additions
  KVM: x86: SVM: Pass through shadow stack MSRs
  KVM: SVM: Save shadow stack host state on VMRUN
  KVM: SVM: Add MSR_IA32_XSS to the GHCB for hypervisor kernel
  KVM: SVM: Add CET features to supported_xss

 arch/x86/include/asm/svm.h |  1 +
 arch/x86/kvm/svm/sev.c     | 25 ++++++++++-
 arch/x86/kvm/svm/svm.c     | 85 ++++++++++++++++++++++++++++++++++++++
 arch/x86/kvm/svm/svm.h     |  2 +-
 arch/x86/kvm/vmx/vmx.c     | 32 ++------------
 arch/x86/kvm/x86.c         | 26 ++++++++++++
 arch/x86/kvm/x86.h         |  2 +
 7 files changed, 141 insertions(+), 32 deletions(-)

-- 
2.34.3

[RFC PATCH 1/7] KVM: x86: Move shared CET routine to common x86 kvm code

[John Allen]

cet_is_msr_accessible can also by used for shadow stack support in SVM.
Move this to common x86 kvm code.

Signed-off-by: John Allen <john.allen@amd.com>
---
 arch/x86/kvm/vmx/vmx.c | 32 +++-----------------------------
 arch/x86/kvm/x86.c     | 26 ++++++++++++++++++++++++++
 arch/x86/kvm/x86.h     |  2 ++
 3 files changed, 31 insertions(+), 29 deletions(-)

diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
index 4558b13d0610..8b79a727b29c 100644
--- a/arch/x86/kvm/vmx/vmx.c
+++ b/arch/x86/kvm/vmx/vmx.c
@@ -1845,32 +1845,6 @@ static int vmx_get_msr_feature(struct kvm_msr_entry *msr)
 	}
 }
 
-static bool cet_is_msr_accessible(struct kvm_vcpu *vcpu,
-				  struct msr_data *msr)
-{
-	if (!kvm_cet_user_supported() &&
-	    !cet_kernel_ibt_supported())
-		return false;
-
-	if (msr->host_initiated)
-		return true;
-
-	if (!guest_cpuid_has(vcpu, X86_FEATURE_SHSTK) &&
-	    !guest_cpuid_has(vcpu, X86_FEATURE_IBT))
-		return false;
-
-	if (msr->index == MSR_IA32_S_CET &&
-	    guest_cpuid_has(vcpu, X86_FEATURE_IBT))
-		return true;
-
-	if ((msr->index == MSR_IA32_PL3_SSP ||
-	     msr->index == MSR_KVM_GUEST_SSP) &&
-	    !guest_cpuid_has(vcpu, X86_FEATURE_SHSTK))
-		return false;
-
-	return true;
-}
-
 /*
  * Reads an msr value (of 'msr_info->index') into 'msr_info->data'.
  * Returns 0 on success, non-0 otherwise.
@@ -2014,7 +1988,7 @@ static int vmx_get_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info)
 	case MSR_IA32_PL3_SSP:
 	case MSR_KVM_GUEST_SSP:
 	case MSR_IA32_S_CET:
-		if (!cet_is_msr_accessible(vcpu, msr_info))
+		if (!kvm_cet_is_msr_accessible(vcpu, msr_info))
 			return 1;
 		if (msr_info->index == MSR_KVM_GUEST_SSP)
 			msr_info->data = vmcs_readl(GUEST_SSP);
@@ -2363,7 +2337,7 @@ static int vmx_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info)
 		break;
 	case MSR_IA32_U_CET:
 	case MSR_IA32_S_CET:
-		if (!cet_is_msr_accessible(vcpu, msr_info))
+		if (!kvm_cet_is_msr_accessible(vcpu, msr_info))
 			return 1;
 		if ((data & GENMASK(9, 6)) ||
 		    is_noncanonical_address(data, vcpu))
@@ -2375,7 +2349,7 @@ static int vmx_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info)
 		break;
 	case MSR_IA32_PL3_SSP:
 	case MSR_KVM_GUEST_SSP:
-		if (!cet_is_msr_accessible(vcpu, msr_info))
+		if (!kvm_cet_is_msr_accessible(vcpu, msr_info))
 			return 1;
 		if ((data & GENMASK(2, 0)) ||
 		    is_noncanonical_address(data, vcpu))
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index 5786225c0dfa..486e91f4a538 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -13475,6 +13475,32 @@ int kvm_sev_es_string_io(struct kvm_vcpu *vcpu, unsigned int size,
 }
 EXPORT_SYMBOL_GPL(kvm_sev_es_string_io);
 
+bool kvm_cet_is_msr_accessible(struct kvm_vcpu *vcpu, struct msr_data *msr)
+{
+	if (!kvm_cet_user_supported() &&
+	    !cet_kernel_ibt_supported())
+		return false;
+
+	if (msr->host_initiated)
+		return true;
+
+	if (!guest_cpuid_has(vcpu, X86_FEATURE_SHSTK) &&
+	    !guest_cpuid_has(vcpu, X86_FEATURE_IBT))
+		return false;
+
+	if (msr->index == MSR_IA32_S_CET &&
+	    guest_cpuid_has(vcpu, X86_FEATURE_IBT))
+		return true;
+
+	if ((msr->index == MSR_IA32_PL3_SSP ||
+	     msr->index == MSR_KVM_GUEST_SSP) &&
+	    !guest_cpuid_has(vcpu, X86_FEATURE_SHSTK))
+		return false;
+
+	return true;
+}
+EXPORT_SYMBOL_GPL(kvm_cet_is_msr_accessible);
+
 EXPORT_TRACEPOINT_SYMBOL_GPL(kvm_entry);
 EXPORT_TRACEPOINT_SYMBOL_GPL(kvm_exit);
 EXPORT_TRACEPOINT_SYMBOL_GPL(kvm_fast_mmio);
diff --git a/arch/x86/kvm/x86.h b/arch/x86/kvm/x86.h
index a55f262d1e61..fb871be7131e 100644
--- a/arch/x86/kvm/x86.h
+++ b/arch/x86/kvm/x86.h
@@ -502,6 +502,8 @@ int kvm_sev_es_string_io(struct kvm_vcpu *vcpu, unsigned int size,
 			 unsigned int port, void *data,  unsigned int count,
 			 int in);
 
+bool kvm_cet_is_msr_accessible(struct kvm_vcpu *vcpu, struct msr_data *msr);
+
 /*
  * We've already loaded guest MSRs in __msr_io() when check the MSR index.
  * In case vcpu has been preempted, we need to disable preemption, check
-- 
2.34.3

[RFC PATCH 2/7] KVM: x86: SVM: Emulate reads and writes to shadow stack MSRs

[John Allen]

Set up interception of shadow stack MSRs. In the event that shadow stack
is unsupported on the host or the MSRs are otherwise inaccessible, the
interception code will return an error. In certain circumstances such as
host initiated MSR reads or writes, the interception code will get or
set the requested MSR value.

Signed-off-by: John Allen <john.allen@amd.com>
---
Adapted from: https://lore.kernel.org/all/20220616084643.19564-13-weijiang.yang@intel.com/
---
 arch/x86/kvm/svm/svm.c | 58 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 58 insertions(+)

diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
index f3813dbacb9f..1f31a991c745 100644
--- a/arch/x86/kvm/svm/svm.c
+++ b/arch/x86/kvm/svm/svm.c
@@ -2764,6 +2764,31 @@ static int svm_get_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info)
 		if (guest_cpuid_is_intel(vcpu))
 			msr_info->data |= (u64)svm->sysenter_esp_hi << 32;
 		break;
+	case MSR_IA32_S_CET:
+		if (!kvm_cet_is_msr_accessible(vcpu, msr_info))
+			return 1;
+		msr_info->data = svm->vmcb->save.s_cet;
+		break;
+	case MSR_IA32_U_CET:
+		if (!kvm_cet_is_msr_accessible(vcpu, msr_info))
+			return 1;
+		kvm_get_xsave_msr(msr_info);
+		break;
+	case MSR_IA32_INT_SSP_TAB:
+		if (!kvm_cet_is_msr_accessible(vcpu, msr_info))
+			return 1;
+		msr_info->data = svm->vmcb->save.isst_addr;
+		break;
+	case MSR_KVM_GUEST_SSP:
+		if (!kvm_cet_is_msr_accessible(vcpu, msr_info))
+			return 1;
+		msr_info->data = svm->vmcb->save.ssp;
+		break;
+	case MSR_IA32_PL0_SSP ... MSR_IA32_PL3_SSP:
+		if (!kvm_cet_is_msr_accessible(vcpu, msr_info))
+			return 1;
+		kvm_get_xsave_msr(msr_info);
+		break;
 	case MSR_TSC_AUX:
 		msr_info->data = svm->tsc_aux;
 		break;
@@ -2995,6 +3020,39 @@ static int svm_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr)
 		svm->vmcb01.ptr->save.sysenter_esp = (u32)data;
 		svm->sysenter_esp_hi = guest_cpuid_is_intel(vcpu) ? (data >> 32) : 0;
 		break;
+	case MSR_IA32_S_CET:
+		if (!kvm_cet_is_msr_accessible(vcpu, msr))
+			return 1;
+		svm->vmcb->save.s_cet = data;
+		break;
+	case MSR_IA32_U_CET:
+		if (!kvm_cet_is_msr_accessible(vcpu, msr))
+			return 1;
+		kvm_set_xsave_msr(msr);
+		break;
+	case MSR_IA32_INT_SSP_TAB:
+		if (!kvm_cet_is_msr_accessible(vcpu, msr))
+			return 1;
+		if (is_noncanonical_address(data, vcpu))
+			return 1;
+		svm->vmcb->save.isst_addr = data;
+		break;
+	case MSR_KVM_GUEST_SSP:
+		if (!kvm_cet_is_msr_accessible(vcpu, msr))
+			return 1;
+		/* SSP MSR values should be a 4-byte aligned canonical addresses */
+		if ((data & GENMASK(1, 0)) || is_noncanonical_address(data, vcpu))
+			return 1;
+		svm->vmcb->save.ssp = data;
+		break;
+	case MSR_IA32_PL0_SSP ... MSR_IA32_PL3_SSP:
+		if (!kvm_cet_is_msr_accessible(vcpu, msr))
+			return 1;
+		/* SSP MSR values should be a 4-byte aligned canonical addresses */
+		if ((data & GENMASK(1, 0)) || is_noncanonical_address(data, vcpu))
+			return 1;
+		kvm_set_xsave_msr(msr);
+		break;
 	case MSR_TSC_AUX:
 		/*
 		 * TSC_AUX is usually changed only during boot and never read
-- 
2.34.3

[RFC PATCH 3/7] KVM: x86: SVM: Update dump_vmcb with shadow stack save area additions

[John Allen]

Add shadow stack VMCB save area fields to dump_vmcb. Only include S_CET,
SSP, and ISST_ADDR. Since there currently isn't support to decrypt and
dump the SEV-ES save area, exclude PL0_SSP, PL1_SSP, PL2_SSP, PL3_SSP, and
U_CET which are only inlcuded in the SEV-ES save area.

Signed-off-by: John Allen <john.allen@amd.com>
---
 arch/x86/kvm/svm/svm.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
index 1f31a991c745..411c815d2d91 100644
--- a/arch/x86/kvm/svm/svm.c
+++ b/arch/x86/kvm/svm/svm.c
@@ -3372,6 +3372,10 @@ static void dump_vmcb(struct kvm_vcpu *vcpu)
 	       "rip:", save->rip, "rflags:", save->rflags);
 	pr_err("%-15s %016llx %-13s %016llx\n",
 	       "rsp:", save->rsp, "rax:", save->rax);
+	pr_err("%-15s %016llx %-13s %016llx\n",
+	       "s_cet:", save->s_cet, "ssp:", save->ssp);
+	pr_err("%-15s %016llx\n",
+	       "isst_addr:", save->isst_addr);
 	pr_err("%-15s %016llx %-13s %016llx\n",
 	       "star:", save01->star, "lstar:", save01->lstar);
 	pr_err("%-15s %016llx %-13s %016llx\n",
-- 
2.34.3

[RFC PATCH 4/7] KVM: x86: SVM: Pass through shadow stack MSRs

[John Allen]

If kvm supports shadow stack, pass through shadow stack MSRs to improve
guest performance.

Signed-off-by: John Allen <john.allen@amd.com>
---
 arch/x86/kvm/svm/svm.c | 17 +++++++++++++++++
 arch/x86/kvm/svm/svm.h |  2 +-
 2 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
index 411c815d2d91..f40d3df2c1be 100644
--- a/arch/x86/kvm/svm/svm.c
+++ b/arch/x86/kvm/svm/svm.c
@@ -134,6 +134,13 @@ static const struct svm_direct_access_msrs {
 	{ .index = X2APIC_MSR(APIC_TMICT),		.always = false },
 	{ .index = X2APIC_MSR(APIC_TMCCT),		.always = false },
 	{ .index = X2APIC_MSR(APIC_TDCR),		.always = false },
+	{ .index = MSR_IA32_U_CET,                      .always = false },
+	{ .index = MSR_IA32_S_CET,                      .always = false },
+	{ .index = MSR_IA32_INT_SSP_TAB,                .always = false },
+	{ .index = MSR_IA32_PL0_SSP,                    .always = false },
+	{ .index = MSR_IA32_PL1_SSP,                    .always = false },
+	{ .index = MSR_IA32_PL2_SSP,                    .always = false },
+	{ .index = MSR_IA32_PL3_SSP,                    .always = false },
 	{ .index = MSR_INVALID,				.always = false },
 };
 
@@ -1174,6 +1181,16 @@ static inline void init_vmcb_after_set_cpuid(struct kvm_vcpu *vcpu)
 		set_msr_interception(vcpu, svm->msrpm, MSR_IA32_SYSENTER_EIP, 1, 1);
 		set_msr_interception(vcpu, svm->msrpm, MSR_IA32_SYSENTER_ESP, 1, 1);
 	}
+
+	if (kvm_cet_user_supported() && guest_cpuid_has(vcpu, X86_FEATURE_SHSTK)) {
+		set_msr_interception(vcpu, svm->msrpm, MSR_IA32_U_CET, 1, 1);
+		set_msr_interception(vcpu, svm->msrpm, MSR_IA32_S_CET, 1, 1);
+		set_msr_interception(vcpu, svm->msrpm, MSR_IA32_INT_SSP_TAB, 1, 1);
+		set_msr_interception(vcpu, svm->msrpm, MSR_IA32_PL0_SSP, 1, 1);
+		set_msr_interception(vcpu, svm->msrpm, MSR_IA32_PL1_SSP, 1, 1);
+		set_msr_interception(vcpu, svm->msrpm, MSR_IA32_PL2_SSP, 1, 1);
+		set_msr_interception(vcpu, svm->msrpm, MSR_IA32_PL3_SSP, 1, 1);
+	}
 }
 
 static void init_vmcb(struct kvm_vcpu *vcpu)
diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h
index 6a7686bf6900..c1c3e090ff9d 100644
--- a/arch/x86/kvm/svm/svm.h
+++ b/arch/x86/kvm/svm/svm.h
@@ -29,7 +29,7 @@
 #define	IOPM_SIZE PAGE_SIZE * 3
 #define	MSRPM_SIZE PAGE_SIZE * 2
 
-#define MAX_DIRECT_ACCESS_MSRS	46
+#define MAX_DIRECT_ACCESS_MSRS	53
 #define MSRPM_OFFSETS	32
 extern u32 msrpm_offsets[MSRPM_OFFSETS] __read_mostly;
 extern bool npt_enabled;
-- 
2.34.3

[RFC PATCH 5/7] KVM: SVM: Save shadow stack host state on VMRUN

[John Allen]

When running as an SEV-ES guest, the PL0_SSP, PL1_SSP, PL2_SSP, PL3_SSP,
and U_CET fields in the VMCB save area are type B, meaning the host
state is automatically loaded on a VMEXIT, but is not saved on a VMRUN.
The other shadow stack MSRs, S_CET, SSP, and ISST_ADDR are type A,
meaning they are loaded on VMEXIT and saved on VMRUN. Manually save the
type B host MSR values before VMRUN.

Signed-off-by: John Allen <john.allen@amd.com>
---
 arch/x86/kvm/svm/sev.c | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
index 28064060413a..a5e72b2c94aa 100644
--- a/arch/x86/kvm/svm/sev.c
+++ b/arch/x86/kvm/svm/sev.c
@@ -3027,6 +3027,19 @@ void sev_es_prepare_switch_to_guest(struct sev_es_save_area *hostsa)
 
 	/* MSR_IA32_XSS is restored on VMEXIT, save the currnet host value */
 	hostsa->xss = host_xss;
+
+	if (boot_cpu_has(X86_FEATURE_SHSTK)) {
+		/*
+		 * MSR_IA32_U_CET, MSR_IA32_PL0_SSP, MSR_IA32_PL1_SSP,
+		 * MSR_IA32_PL2_SSP, and MSR_IA32_PL3_SSP are restored on
+		 * VMEXIT, save the current host values.
+		 */
+		rdmsrl(MSR_IA32_U_CET, hostsa->u_cet);
+		rdmsrl(MSR_IA32_PL0_SSP, hostsa->vmpl0_ssp);
+		rdmsrl(MSR_IA32_PL1_SSP, hostsa->vmpl1_ssp);
+		rdmsrl(MSR_IA32_PL2_SSP, hostsa->vmpl2_ssp);
+		rdmsrl(MSR_IA32_PL3_SSP, hostsa->vmpl3_ssp);
+	}
 }
 
 void sev_vcpu_deliver_sipi_vector(struct kvm_vcpu *vcpu, u8 vector)
-- 
2.34.3

[RFC PATCH 6/7] KVM: SVM: Add MSR_IA32_XSS to the GHCB for hypervisor kernel

[John Allen]

When a guest issues a cpuid instruction for Fn0000000D_x0B
(CetUserOffset), KVM will intercept and need to access the guest
MSR_IA32_XSS value. For SEV-ES, this is encrypted and needs to be
included in the GHCB to be visible to the hypervisor.

Signed-off-by: John Allen <john.allen@amd.com>
---
 arch/x86/include/asm/svm.h |  1 +
 arch/x86/kvm/svm/sev.c     | 12 ++++++++++--
 arch/x86/kvm/svm/svm.c     |  1 +
 arch/x86/kvm/svm/svm.h     |  2 +-
 4 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/arch/x86/include/asm/svm.h b/arch/x86/include/asm/svm.h
index 0361626841bc..b98c2a1087c0 100644
--- a/arch/x86/include/asm/svm.h
+++ b/arch/x86/include/asm/svm.h
@@ -625,5 +625,6 @@ DEFINE_GHCB_ACCESSORS(sw_exit_info_1)
 DEFINE_GHCB_ACCESSORS(sw_exit_info_2)
 DEFINE_GHCB_ACCESSORS(sw_scratch)
 DEFINE_GHCB_ACCESSORS(xcr0)
+DEFINE_GHCB_ACCESSORS(xss)
 
 #endif
diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
index a5e72b2c94aa..55730055ee4c 100644
--- a/arch/x86/kvm/svm/sev.c
+++ b/arch/x86/kvm/svm/sev.c
@@ -2418,8 +2418,13 @@ static void sev_es_sync_from_ghcb(struct vcpu_svm *svm)
 
 	svm->vmcb->save.cpl = ghcb_get_cpl_if_valid(ghcb);
 
-	if (ghcb_xcr0_is_valid(ghcb)) {
-		vcpu->arch.xcr0 = ghcb_get_xcr0(ghcb);
+	if (ghcb_xcr0_is_valid(ghcb) || ghcb_xss_is_valid(ghcb)) {
+		if (ghcb_xcr0_is_valid(ghcb))
+			vcpu->arch.xcr0 = ghcb_get_xcr0(ghcb);
+
+		if (ghcb_xss_is_valid(ghcb))
+			vcpu->arch.ia32_xss = ghcb_get_xss(ghcb);
+
 		kvm_update_cpuid_runtime(vcpu);
 	}
 
@@ -2988,6 +2993,9 @@ static void sev_es_init_vmcb(struct vcpu_svm *svm)
 		if (guest_cpuid_has(&svm->vcpu, X86_FEATURE_RDTSCP))
 			svm_clr_intercept(svm, INTERCEPT_RDTSCP);
 	}
+
+	if (kvm_caps.supported_xss)
+		set_msr_interception(vcpu, svm->msrpm, MSR_IA32_XSS, 1, 1);
 }
 
 void sev_init_vmcb(struct vcpu_svm *svm)
diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
index f40d3df2c1be..b474c7e57139 100644
--- a/arch/x86/kvm/svm/svm.c
+++ b/arch/x86/kvm/svm/svm.c
@@ -141,6 +141,7 @@ static const struct svm_direct_access_msrs {
 	{ .index = MSR_IA32_PL1_SSP,                    .always = false },
 	{ .index = MSR_IA32_PL2_SSP,                    .always = false },
 	{ .index = MSR_IA32_PL3_SSP,                    .always = false },
+	{ .index = MSR_IA32_XSS,                        .always = false },
 	{ .index = MSR_INVALID,				.always = false },
 };
 
diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h
index c1c3e090ff9d..ad89b1dbe62d 100644
--- a/arch/x86/kvm/svm/svm.h
+++ b/arch/x86/kvm/svm/svm.h
@@ -29,7 +29,7 @@
 #define	IOPM_SIZE PAGE_SIZE * 3
 #define	MSRPM_SIZE PAGE_SIZE * 2
 
-#define MAX_DIRECT_ACCESS_MSRS	53
+#define MAX_DIRECT_ACCESS_MSRS	54
 #define MSRPM_OFFSETS	32
 extern u32 msrpm_offsets[MSRPM_OFFSETS] __read_mostly;
 extern bool npt_enabled;
-- 
2.34.3

[RFC PATCH 7/7] KVM: SVM: Add CET features to supported_xss

[John Allen]

If the CPU supports CET, add CET XSAVES feature bits to the
supported_xss mask.

Signed-off-by: John Allen <john.allen@amd.com>
---
 arch/x86/kvm/svm/svm.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
index b474c7e57139..b815865ad0fb 100644
--- a/arch/x86/kvm/svm/svm.c
+++ b/arch/x86/kvm/svm/svm.c
@@ -5026,6 +5026,11 @@ static __init void svm_set_cpu_caps(void)
 	    boot_cpu_has(X86_FEATURE_AMD_SSBD))
 		kvm_cpu_cap_set(X86_FEATURE_VIRT_SSBD);
 
+	if (kvm_cpu_cap_has(X86_FEATURE_SHSTK)) {
+		kvm_caps.supported_xss |= XFEATURE_MASK_CET_USER |
+					  XFEATURE_MASK_CET_KERNEL;
+	}
+
 	/* AMD PMU PERFCTR_CORE CPUID */
 	if (enable_pmu && boot_cpu_has(X86_FEATURE_PERFCTR_CORE))
 		kvm_cpu_cap_set(X86_FEATURE_PERFCTR_CORE);
-- 
2.34.3

Re: [RFC PATCH 7/7] KVM: SVM: Add CET features to supported_xss

[Sean Christopherson]

On Wed, Oct 12, 2022, John Allen wrote:
> If the CPU supports CET, add CET XSAVES feature bits to the
> supported_xss mask.
> 
> Signed-off-by: John Allen <john.allen@amd.com>
> ---
>  arch/x86/kvm/svm/svm.c | 5 +++++
>  1 file changed, 5 insertions(+)
> 
> diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
> index b474c7e57139..b815865ad0fb 100644
> --- a/arch/x86/kvm/svm/svm.c
> +++ b/arch/x86/kvm/svm/svm.c
> @@ -5026,6 +5026,11 @@ static __init void svm_set_cpu_caps(void)
>  	    boot_cpu_has(X86_FEATURE_AMD_SSBD))
>  		kvm_cpu_cap_set(X86_FEATURE_VIRT_SSBD);
>  
> +	if (kvm_cpu_cap_has(X86_FEATURE_SHSTK)) {

No need for curly braces.

> +		kvm_caps.supported_xss |= XFEATURE_MASK_CET_USER |
> +					  XFEATURE_MASK_CET_KERNEL;
> +	}
> +
>  	/* AMD PMU PERFCTR_CORE CPUID */
>  	if (enable_pmu && boot_cpu_has(X86_FEATURE_PERFCTR_CORE))
>  		kvm_cpu_cap_set(X86_FEATURE_PERFCTR_CORE);
> -- 
> 2.34.3
> 

Re: [RFC PATCH 0/7] SVM guest shadow stack support

[Sean Christopherson]

On Wed, Oct 12, 2022, John Allen wrote:
> AMD Zen3 and newer processors support shadow stack, a feature designed to
> protect against ROP (return-oriented programming) attacks in which an attacker
> manipulates return addresses on the call stack in order to execute arbitrary
> code. To prevent this, shadow stacks can be allocated that are only used by
> control transfer and return instructions. When a CALL instruction is issued, it
> writes the return address to both the program stack and the shadow stack. When
> the subsequent RET instruction is issued, it pops the return address from both
> stacks and compares them. If the addresses don't match, a control-protection
> exception is raised.
> 
> Shadow stack and a related feature, Indirect Branch Tracking (IBT), are
> collectively referred to as Control-flow Enforcement Technology (CET). However,
> current AMD processors only support shadow stack and not IBT.
> 
> This series adds support for shadow stack in SVM guests and builds upon the
> support added in the CET guest support patch series [1] and the CET kernel
> patch series [2]. Additional patches are required to support shadow stack
> enabled guests in qemu [3] and glibc [4].
> 
> [1]: CET guest support patches
> https://lore.kernel.org/all/20220616084643.19564-1-weijiang.yang@intel.com/
> 
> [2]: Latest CET kernel patches
> https://lore.kernel.org/all/20220929222936.14584-1-rick.p.edgecombe@intel.com/

That dependency chain makes me sad.

Outside of a very shallow comment on the last patch, I don't plan on reviewing
this until the kernel side of things gets out of our way.  When that finally
does happen, I'll definitely prioritize reviewing and merging this and the KVM
Intel series.  I'd love to see this land.

Sorry :-(

Re: [RFC PATCH 0/7] SVM guest shadow stack support

[Edgecombe, Rick P]

On Wed, 2023-01-25 at 00:55 +0000, Sean Christopherson wrote:
> On Wed, Oct 12, 2022, John Allen wrote:
> > AMD Zen3 and newer processors support shadow stack, a feature
> > designed to
> > protect against ROP (return-oriented programming) attacks in which
> > an attacker
> > manipulates return addresses on the call stack in order to execute
> > arbitrary
> > code. To prevent this, shadow stacks can be allocated that are only
> > used by
> > control transfer and return instructions. When a CALL instruction
> > is issued, it
> > writes the return address to both the program stack and the shadow
> > stack. When
> > the subsequent RET instruction is issued, it pops the return
> > address from both
> > stacks and compares them. If the addresses don't match, a control-
> > protection
> > exception is raised.
> > 
> > Shadow stack and a related feature, Indirect Branch Tracking (IBT),
> > are
> > collectively referred to as Control-flow Enforcement Technology
> > (CET). However,
> > current AMD processors only support shadow stack and not IBT.
> > 
> > This series adds support for shadow stack in SVM guests and builds
> > upon the
> > support added in the CET guest support patch series [1] and the CET
> > kernel
> > patch series [2]. Additional patches are required to support shadow
> > stack
> > enabled guests in qemu [3] and glibc [4].
> > 
> > [1]: CET guest support patches
> > 
https://lore.kernel.org/all/20220616084643.19564-1-weijiang.yang@intel.com/
> > 
> > [2]: Latest CET kernel patches
> > 
https://lore.kernel.org/all/20220929222936.14584-1-rick.p.edgecombe@intel.com/
> 
> That dependency chain makes me sad.
> 
> Outside of a very shallow comment on the last patch, I don't plan on
> reviewing
> this until the kernel side of things gets out of our way.  When that
> finally
> does happen, I'll definitely prioritize reviewing and merging this
> and the KVM
> Intel series.  I'd love to see this land.

I think all KVM needs is a few patches from the beginning of the host
series (the FPU stuff). At one point Weijiang and I had discussed with
Paolo and x86 folks that those few could go up with the KVM series if
desired.

Re: [RFC PATCH 0/7] SVM guest shadow stack support

[John Allen]

On 1/24/23 6:55 PM, Sean Christopherson wrote:
> On Wed, Oct 12, 2022, John Allen wrote:
>> AMD Zen3 and newer processors support shadow stack, a feature designed to
>> protect against ROP (return-oriented programming) attacks in which an attacker
>> manipulates return addresses on the call stack in order to execute arbitrary
>> code. To prevent this, shadow stacks can be allocated that are only used by
>> control transfer and return instructions. When a CALL instruction is issued, it
>> writes the return address to both the program stack and the shadow stack. When
>> the subsequent RET instruction is issued, it pops the return address from both
>> stacks and compares them. If the addresses don't match, a control-protection
>> exception is raised.
>>
>> Shadow stack and a related feature, Indirect Branch Tracking (IBT), are
>> collectively referred to as Control-flow Enforcement Technology (CET). However,
>> current AMD processors only support shadow stack and not IBT.
>>
>> This series adds support for shadow stack in SVM guests and builds upon the
>> support added in the CET guest support patch series [1] and the CET kernel
>> patch series [2]. Additional patches are required to support shadow stack
>> enabled guests in qemu [3] and glibc [4].
>>
>> [1]: CET guest support patches
>> https://lore.kernel.org/all/20220616084643.19564-1-weijiang.yang@intel.com/
>>
>> [2]: Latest CET kernel patches
>> https://lore.kernel.org/all/20220929222936.14584-1-rick.p.edgecombe@intel.com/
> 
> That dependency chain makes me sad.
> 
> Outside of a very shallow comment on the last patch, I don't plan on reviewing
> this until the kernel side of things gets out of our way.  When that finally
> does happen, I'll definitely prioritize reviewing and merging this and the KVM
> Intel series.  I'd love to see this land.
> 
> Sorry :-(

Thanks Sean, understood. This submission is mainly for community awareness,
but any feedback we can get now prior to the main kernel series getting
merged is much appreciated. This would give us a longer lead on addressing
any concerns that the community might have and potentially allow us to get
this in more quickly when the kernel series has been merged.

Thanks,
John

Re: [RFC PATCH 0/7] SVM guest shadow stack support

[John Allen]

On Wed, Jan 25, 2023 at 01:11:44AM +0000, Edgecombe, Rick P wrote:
> On Wed, 2023-01-25 at 00:55 +0000, Sean Christopherson wrote:
> > On Wed, Oct 12, 2022, John Allen wrote:
> > > AMD Zen3 and newer processors support shadow stack, a feature
> > > designed to
> > > protect against ROP (return-oriented programming) attacks in which
> > > an attacker
> > > manipulates return addresses on the call stack in order to execute
> > > arbitrary
> > > code. To prevent this, shadow stacks can be allocated that are only
> > > used by
> > > control transfer and return instructions. When a CALL instruction
> > > is issued, it
> > > writes the return address to both the program stack and the shadow
> > > stack. When
> > > the subsequent RET instruction is issued, it pops the return
> > > address from both
> > > stacks and compares them. If the addresses don't match, a control-
> > > protection
> > > exception is raised.
> > > 
> > > Shadow stack and a related feature, Indirect Branch Tracking (IBT),
> > > are
> > > collectively referred to as Control-flow Enforcement Technology
> > > (CET). However,
> > > current AMD processors only support shadow stack and not IBT.
> > > 
> > > This series adds support for shadow stack in SVM guests and builds
> > > upon the
> > > support added in the CET guest support patch series [1] and the CET
> > > kernel
> > > patch series [2]. Additional patches are required to support shadow
> > > stack
> > > enabled guests in qemu [3] and glibc [4].
> > > 
> > > [1]: CET guest support patches
> > > 
> https://lore.kernel.org/all/20220616084643.19564-1-weijiang.yang@intel.com/
> > > 
> > > [2]: Latest CET kernel patches
> > > 
> https://lore.kernel.org/all/20220929222936.14584-1-rick.p.edgecombe@intel.com/
> > 
> > That dependency chain makes me sad.
> > 
> > Outside of a very shallow comment on the last patch, I don't plan on
> > reviewing
> > this until the kernel side of things gets out of our way.  When that
> > finally
> > does happen, I'll definitely prioritize reviewing and merging this
> > and the KVM
> > Intel series.  I'd love to see this land.
> 
> I think all KVM needs is a few patches from the beginning of the host
> series (the FPU stuff). At one point Weijiang and I had discussed with
> Paolo and x86 folks that those few could go up with the KVM series if
> desired.

Now that the baremetal series has been accepted, how do we want to
proceed? I think I'd like to send a refreshed version based on the
version that was accpeted, but I'd want to wait to base it on a new
version of Weijiang's kvm/vmx series (if one is planned).

Weijiang and Rick,

Are you planning on sending a new version of the kvm/vmx series?

Thanks,
John

Re: [RFC PATCH 0/7] SVM guest shadow stack support

[Yang, Weijiang]

On 3/29/2023 1:51 AM, John Allen wrote:
> On Wed, Jan 25, 2023 at 01:11:44AM +0000, Edgecombe, Rick P wrote:
>> On Wed, 2023-01-25 at 00:55 +0000, Sean Christopherson wrote:
>>> On Wed, Oct 12, 2022, John Allen wrote:
>>>> AMD Zen3 and newer processors support shadow stack, a feature
>>>> designed to
>>>> protect against ROP (return-oriented programming) attacks in which
>>>> an attacker
>>>> manipulates return addresses on the call stack in order to execute
>>>> arbitrary
>>>> code. To prevent this, shadow stacks can be allocated that are only
>>>> used by
>>>> control transfer and return instructions. When a CALL instruction
>>>> is issued, it
>>>> writes the return address to both the program stack and the shadow
>>>> stack. When
>>>> the subsequent RET instruction is issued, it pops the return
>>>> address from both
>>>> stacks and compares them. If the addresses don't match, a control-
>>>> protection
>>>> exception is raised.
>>>>
>>>> Shadow stack and a related feature, Indirect Branch Tracking (IBT),
>>>> are
>>>> collectively referred to as Control-flow Enforcement Technology
>>>> (CET). However,
>>>> current AMD processors only support shadow stack and not IBT.
>>>>
>>>> This series adds support for shadow stack in SVM guests and builds
>>>> upon the
>>>> support added in the CET guest support patch series [1] and the CET
>>>> kernel
>>>> patch series [2]. Additional patches are required to support shadow
>>>> stack
>>>> enabled guests in qemu [3] and glibc [4].
>>>>
>>>> [1]: CET guest support patches
>>>>
>> https://lore.kernel.org/all/20220616084643.19564-1-weijiang.yang@intel.com/
>>>> [2]: Latest CET kernel patches
>>>>
>> https://lore.kernel.org/all/20220929222936.14584-1-rick.p.edgecombe@intel.com/
>>> That dependency chain makes me sad.
>>>
>>> Outside of a very shallow comment on the last patch, I don't plan on
>>> reviewing
>>> this until the kernel side of things gets out of our way.  When that
>>> finally
>>> does happen, I'll definitely prioritize reviewing and merging this
>>> and the KVM
>>> Intel series.  I'd love to see this land.
>> I think all KVM needs is a few patches from the beginning of the host
>> series (the FPU stuff). At one point Weijiang and I had discussed with
>> Paolo and x86 folks that those few could go up with the KVM series if
>> desired.
> Now that the baremetal series has been accepted, how do we want to
> proceed? I think I'd like to send a refreshed version based on the
> version that was accpeted, but I'd want to wait to base it on a new
> version of Weijiang's kvm/vmx series (if one is planned).
>
> Weijiang and Rick,
>
> Are you planning on sending a new version of the kvm/vmx series?

Hi, Allen,

Yes, I'm working on the new version of kvm/vmx series, will cc you when

send it to community.


>
> Thanks,
> John

Re: [RFC PATCH 0/7] SVM guest shadow stack support

[Yang, Weijiang]

On 3/29/2023 8:16 AM, Yang, Weijiang wrote:
>
> On 3/29/2023 1:51 AM, John Allen wrote:
>> On Wed, Jan 25, 2023 at 01:11:44AM +0000, Edgecombe, Rick P wrote:
>>> On Wed, 2023-01-25 at 00:55 +0000, Sean Christopherson wrote:
>>>> On Wed, Oct 12, 2022, John Allen wrote:
>>>>> AMD Zen3 and newer processors support shadow stack, a feature
>>>>> designed to
>>>>> protect against ROP (return-oriented programming) attacks in which
>>>>> an attacker
>>>>> manipulates return addresses on the call stack in order to execute
>>>>> arbitrary
>>>>> code. To prevent this, shadow stacks can be allocated that are only
>>>>> used by
>>>>> control transfer and return instructions. When a CALL instruction
>>>>> is issued, it
>>>>> writes the return address to both the program stack and the shadow
>>>>> stack. When
>>>>> the subsequent RET instruction is issued, it pops the return
>>>>> address from both
>>>>> stacks and compares them. If the addresses don't match, a control-
>>>>> protection
>>>>> exception is raised.
>>>>>
>>>>> Shadow stack and a related feature, Indirect Branch Tracking (IBT),
>>>>> are
>>>>> collectively referred to as Control-flow Enforcement Technology
>>>>> (CET). However,
>>>>> current AMD processors only support shadow stack and not IBT.
>>>>>
>>>>> This series adds support for shadow stack in SVM guests and builds
>>>>> upon the
>>>>> support added in the CET guest support patch series [1] and the CET
>>>>> kernel
>>>>> patch series [2]. Additional patches are required to support shadow
>>>>> stack
>>>>> enabled guests in qemu [3] and glibc [4].
>>>>>
>>>>> [1]: CET guest support patches
>>>>>
>>> https://lore.kernel.org/all/20220616084643.19564-1-weijiang.yang@intel.com/ 
>>>
>>>>> [2]: Latest CET kernel patches
>>>>>
>>> https://lore.kernel.org/all/20220929222936.14584-1-rick.p.edgecombe@intel.com/ 
>>>
>>>> That dependency chain makes me sad.
>>>>
>>>> Outside of a very shallow comment on the last patch, I don't plan on
>>>> reviewing
>>>> this until the kernel side of things gets out of our way. When that
>>>> finally
>>>> does happen, I'll definitely prioritize reviewing and merging this
>>>> and the KVM
>>>> Intel series.  I'd love to see this land.
>>> I think all KVM needs is a few patches from the beginning of the host
>>> series (the FPU stuff). At one point Weijiang and I had discussed with
>>> Paolo and x86 folks that those few could go up with the KVM series if
>>> desired.
>> Now that the baremetal series has been accepted, how do we want to
>> proceed? I think I'd like to send a refreshed version based on the
>> version that was accpeted, but I'd want to wait to base it on a new
>> version of Weijiang's kvm/vmx series (if one is planned).
>>
>> Weijiang and Rick,
>>
>> Are you planning on sending a new version of the kvm/vmx series?
>
> Hi, Allen,
>
> Yes, I'm working on the new version of kvm/vmx series, will cc you when
>
> send it to community.

Patch 1/7 did what I wanted to implement to support AMD SHSTK, my next 
version

will continue refactoring them in vmx scope, then  your series may pick 
up the helper

and modify accordingly.

Please note, in my series, I removed check for MSR_IA32_PL{0,1,2}_SSP 
since they're

not supported right now, but your series supports for the MSRs, so you 
have to change

the helper a bit to adapt to your patches.

>
>
>>
>> Thanks,
>> John

Re: [RFC PATCH 0/7] SVM guest shadow stack support

[John Allen]

On Thu, Mar 30, 2023 at 01:37:38PM +0800, Yang, Weijiang wrote:
> 
> On 3/29/2023 8:16 AM, Yang, Weijiang wrote:
> > 
> > On 3/29/2023 1:51 AM, John Allen wrote:
> > > On Wed, Jan 25, 2023 at 01:11:44AM +0000, Edgecombe, Rick P wrote:
> > > > On Wed, 2023-01-25 at 00:55 +0000, Sean Christopherson wrote:
> > > > > On Wed, Oct 12, 2022, John Allen wrote:
> > > > > > AMD Zen3 and newer processors support shadow stack, a feature
> > > > > > designed to
> > > > > > protect against ROP (return-oriented programming) attacks in which
> > > > > > an attacker
> > > > > > manipulates return addresses on the call stack in order to execute
> > > > > > arbitrary
> > > > > > code. To prevent this, shadow stacks can be allocated that are only
> > > > > > used by
> > > > > > control transfer and return instructions. When a CALL instruction
> > > > > > is issued, it
> > > > > > writes the return address to both the program stack and the shadow
> > > > > > stack. When
> > > > > > the subsequent RET instruction is issued, it pops the return
> > > > > > address from both
> > > > > > stacks and compares them. If the addresses don't match, a control-
> > > > > > protection
> > > > > > exception is raised.
> > > > > > 
> > > > > > Shadow stack and a related feature, Indirect Branch Tracking (IBT),
> > > > > > are
> > > > > > collectively referred to as Control-flow Enforcement Technology
> > > > > > (CET). However,
> > > > > > current AMD processors only support shadow stack and not IBT.
> > > > > > 
> > > > > > This series adds support for shadow stack in SVM guests and builds
> > > > > > upon the
> > > > > > support added in the CET guest support patch series [1] and the CET
> > > > > > kernel
> > > > > > patch series [2]. Additional patches are required to support shadow
> > > > > > stack
> > > > > > enabled guests in qemu [3] and glibc [4].
> > > > > > 
> > > > > > [1]: CET guest support patches
> > > > > > 
> > > > https://lore.kernel.org/all/20220616084643.19564-1-weijiang.yang@intel.com/
> > > > 
> > > > > > [2]: Latest CET kernel patches
> > > > > > 
> > > > https://lore.kernel.org/all/20220929222936.14584-1-rick.p.edgecombe@intel.com/
> > > > 
> > > > > That dependency chain makes me sad.
> > > > > 
> > > > > Outside of a very shallow comment on the last patch, I don't plan on
> > > > > reviewing
> > > > > this until the kernel side of things gets out of our way. When that
> > > > > finally
> > > > > does happen, I'll definitely prioritize reviewing and merging this
> > > > > and the KVM
> > > > > Intel series.  I'd love to see this land.
> > > > I think all KVM needs is a few patches from the beginning of the host
> > > > series (the FPU stuff). At one point Weijiang and I had discussed with
> > > > Paolo and x86 folks that those few could go up with the KVM series if
> > > > desired.
> > > Now that the baremetal series has been accepted, how do we want to
> > > proceed? I think I'd like to send a refreshed version based on the
> > > version that was accpeted, but I'd want to wait to base it on a new
> > > version of Weijiang's kvm/vmx series (if one is planned).
> > > 
> > > Weijiang and Rick,
> > > 
> > > Are you planning on sending a new version of the kvm/vmx series?
> > 
> > Hi, Allen,
> > 
> > Yes, I'm working on the new version of kvm/vmx series, will cc you when
> > 
> > send it to community.
> 
> Patch 1/7 did what I wanted to implement to support AMD SHSTK, my next
> version
> 
> will continue refactoring them in vmx scope, then  your series may pick up
> the helper
> 
> and modify accordingly.
> 
> Please note, in my series, I removed check for MSR_IA32_PL{0,1,2}_SSP since
> they're
> 
> not supported right now, but your series supports for the MSRs, so you have
> to change
> 
> the helper a bit to adapt to your patches.

The reason we decided to include the PL{0,1,2}_SSP MSRs is that even
though linux doesn't support supervisor shadow stack, a non-linux guest
OS might support it and could make use of the MSRs. It could be
something the vmx patches might want to account for as well 

Thanks,
John

Re: [RFC PATCH 0/7] SVM guest shadow stack support

[Sean Christopherson]

On Thu, Mar 30, 2023, John Allen wrote:
> On Thu, Mar 30, 2023 at 01:37:38PM +0800, Yang, Weijiang wrote:
> > 
> > On 3/29/2023 8:16 AM, Yang, Weijiang wrote:
> > > > Now that the baremetal series has been accepted, how do we want to
> > > > proceed? I think I'd like to send a refreshed version based on the
> > > > version that was accpeted, but I'd want to wait to base it on a new
> > > > version of Weijiang's kvm/vmx series (if one is planned).
> > 
> > Patch 1/7 did what I wanted to implement to support AMD SHSTK, my next
> > version will continue refactoring them in vmx scope, then� your series may
> > pick up the helper and modify accordingly.
> > 
> > Please note, in my series, I removed check for MSR_IA32_PL{0,1,2}_SSP since
> > they're not supported right now, but your series supports for the MSRs, so
> > you have to change the helper a bit to adapt to your patches.
> 
> The reason we decided to include the PL{0,1,2}_SSP MSRs is that even
> though linux doesn't support supervisor shadow stack, a non-linux guest
> OS might support it and could make use of the MSRs. It could be
> something the vmx patches might want to account for as well 

And emulating/virtualizing those MSRs is mandatory unless KVM can hide those MSRs
without violating the architecture (been a while since I looked at CET).  If the
architecture does allow enumerating support for userspace but not supervisor, then
ideally the two would be enabled separately in KVM, e.g. so that that if one is
completely busted, we might be able to precisely revert only the broken code.

Re: [RFC PATCH 0/7] SVM guest shadow stack support

[Yang, Weijiang]

On 3/31/2023 4:05 AM, Sean Christopherson wrote:
> On Thu, Mar 30, 2023, John Allen wrote:
>> On Thu, Mar 30, 2023 at 01:37:38PM +0800, Yang, Weijiang wrote:
>>> On 3/29/2023 8:16 AM, Yang, Weijiang wrote:
>>>>> Now that the baremetal series has been accepted, how do we want to
>>>>> proceed? I think I'd like to send a refreshed version based on the
>>>>> version that was accpeted, but I'd want to wait to base it on a new
>>>>> version of Weijiang's kvm/vmx series (if one is planned).
>>> Patch 1/7 did what I wanted to implement to support AMD SHSTK, my next
>>> version will continue refactoring them in vmx scope, then� your series may
>>> pick up the helper and modify accordingly.
>>>
>>> Please note, in my series, I removed check for MSR_IA32_PL{0,1,2}_SSP since
>>> they're not supported right now, but your series supports for the MSRs, so
>>> you have to change the helper a bit to adapt to your patches.
>> The reason we decided to include the PL{0,1,2}_SSP MSRs is that even
>> though linux doesn't support supervisor shadow stack, a non-linux guest
>> OS might support it and could make use of the MSRs. It could be
>> something the vmx patches might want to account for as well
> And emulating/virtualizing those MSRs is mandatory unless KVM can hide those MSRs
> without violating the architecture (been a while since I looked at CET).  If the
> architecture does allow enumerating support for userspace but not supervisor, then
> ideally the two would be enabled separately in KVM, e.g. so that that if one is
> completely busted, we might be able to precisely revert only the broken code.

OK, I'll add a separate patch to expose these supervisor MSRs but they 
are not accessible on Intel

platform right now, i.e., resulting into #GP.

Meanwhile CPUID(7,1).EDX.bit 18 is always cleared to tell guest 
supervisor SHSTK is not supported.

Allen can modify per AMD needs.