From: Sean Christopherson <seanjc@google.com>
To: Paolo Bonzini <pbonzini@redhat.com>,
Sean Christopherson <seanjc@google.com>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
Tom Lendacky <thomas.lendacky@amd.com>,
Mathias Krause <minipli@grsecurity.net>,
John Allen <john.allen@amd.com>,
Rick Edgecombe <rick.p.edgecombe@intel.com>,
Chao Gao <chao.gao@intel.com>,
Binbin Wu <binbin.wu@linux.intel.com>,
Xiaoyao Li <xiaoyao.li@intel.com>,
Maxim Levitsky <mlevitsk@redhat.com>,
Zhang Yi Z <yi.z.zhang@linux.intel.com>, Xin Li <xin@zytor.com>
Subject: [PATCH v16 37/51] KVM: SVM: Update dump_vmcb with shadow stack save area additions
Date: Fri, 19 Sep 2025 15:32:44 -0700 [thread overview]
Message-ID: <20250919223258.1604852-38-seanjc@google.com> (raw)
In-Reply-To: <20250919223258.1604852-1-seanjc@google.com>
From: John Allen <john.allen@amd.com>
Add shadow stack VMCB fields to dump_vmcb. PL0_SSP, PL1_SSP, PL2_SSP,
PL3_SSP, and U_CET are part of the SEV-ES save area and are encrypted,
but can be decrypted and dumped if the guest policy allows debugging.
Reviewed-by: Maxim Levitsky <mlevitsk@redhat.com>
Signed-off-by: John Allen <john.allen@amd.com>
Signed-off-by: Sean Christopherson <seanjc@google.com>
---
arch/x86/kvm/svm/svm.c | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
index 52d2241d8188..e50e6847fe72 100644
--- a/arch/x86/kvm/svm/svm.c
+++ b/arch/x86/kvm/svm/svm.c
@@ -3410,6 +3410,10 @@ static void dump_vmcb(struct kvm_vcpu *vcpu)
"rip:", save->rip, "rflags:", save->rflags);
pr_err("%-15s %016llx %-13s %016llx\n",
"rsp:", save->rsp, "rax:", save->rax);
+ pr_err("%-15s %016llx %-13s %016llx\n",
+ "s_cet:", save->s_cet, "ssp:", save->ssp);
+ pr_err("%-15s %016llx\n",
+ "isst_addr:", save->isst_addr);
pr_err("%-15s %016llx %-13s %016llx\n",
"star:", save01->star, "lstar:", save01->lstar);
pr_err("%-15s %016llx %-13s %016llx\n",
@@ -3434,6 +3438,13 @@ static void dump_vmcb(struct kvm_vcpu *vcpu)
pr_err("%-15s %016llx\n",
"sev_features", vmsa->sev_features);
+ pr_err("%-15s %016llx %-13s %016llx\n",
+ "pl0_ssp:", vmsa->pl0_ssp, "pl1_ssp:", vmsa->pl1_ssp);
+ pr_err("%-15s %016llx %-13s %016llx\n",
+ "pl2_ssp:", vmsa->pl2_ssp, "pl3_ssp:", vmsa->pl3_ssp);
+ pr_err("%-15s %016llx\n",
+ "u_cet:", vmsa->u_cet);
+
pr_err("%-15s %016llx %-13s %016llx\n",
"rax:", vmsa->rax, "rbx:", vmsa->rbx);
pr_err("%-15s %016llx %-13s %016llx\n",
--
2.51.0.470.ga7dc726c21-goog
next prev parent reply other threads:[~2025-09-19 22:34 UTC|newest]
Thread overview: 114+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-09-19 22:32 [PATCH v16 00/51] KVM: x86: Super Mega CET Sean Christopherson
2025-09-19 22:32 ` [PATCH v16 01/51] KVM: SEV: Rename kvm_ghcb_get_sw_exit_code() to kvm_get_cached_sw_exit_code() Sean Christopherson
2025-09-19 22:32 ` [PATCH v16 02/51] KVM: SEV: Read save fields from GHCB exactly once Sean Christopherson
2025-09-22 21:39 ` Tom Lendacky
2025-09-19 22:32 ` [PATCH v16 03/51] KVM: SEV: Validate XCR0 provided by guest in GHCB Sean Christopherson
2025-09-19 22:32 ` [PATCH v16 04/51] KVM: x86: Introduce KVM_{G,S}ET_ONE_REG uAPIs support Sean Christopherson
2025-09-19 22:32 ` [PATCH v16 05/51] KVM: x86: Report XSS as to-be-saved if there are supported features Sean Christopherson
2025-09-19 22:32 ` [PATCH v16 06/51] KVM: x86: Check XSS validity against guest CPUIDs Sean Christopherson
2025-09-19 22:32 ` [PATCH v16 07/51] KVM: x86: Refresh CPUID on write to guest MSR_IA32_XSS Sean Christopherson
2025-09-19 22:32 ` [PATCH v16 08/51] KVM: x86: Initialize kvm_caps.supported_xss Sean Christopherson
2025-09-19 22:32 ` [PATCH v16 09/51] KVM: x86: Load guest FPU state when access XSAVE-managed MSRs Sean Christopherson
2025-09-22 2:10 ` Binbin Wu
2025-09-22 16:41 ` Sean Christopherson
2025-09-19 22:32 ` [PATCH v16 10/51] KVM: x86: Add fault checks for guest CR4.CET setting Sean Christopherson
2025-09-19 22:32 ` [PATCH v16 11/51] KVM: x86: Report KVM supported CET MSRs as to-be-saved Sean Christopherson
2025-09-19 22:32 ` [PATCH v16 12/51] KVM: VMX: Introduce CET VMCS fields and control bits Sean Christopherson
2025-09-19 22:32 ` [PATCH v16 13/51] KVM: x86: Enable guest SSP read/write interface with new uAPIs Sean Christopherson
2025-09-22 2:58 ` Binbin Wu
2025-09-23 9:06 ` Xiaoyao Li
2025-09-19 22:32 ` [PATCH v16 14/51] KVM: VMX: Emulate read and write to CET MSRs Sean Christopherson
2025-09-19 22:32 ` [PATCH v16 15/51] KVM: x86: Save and reload SSP to/from SMRAM Sean Christopherson
2025-09-19 22:32 ` [PATCH v16 16/51] KVM: VMX: Set up interception for CET MSRs Sean Christopherson
2025-09-19 22:32 ` [PATCH v16 17/51] KVM: VMX: Set host constant supervisor states to VMCS fields Sean Christopherson
2025-09-22 3:03 ` Binbin Wu
2025-09-19 22:32 ` [PATCH v16 18/51] KVM: x86: Don't emulate instructions affected by CET features Sean Christopherson
2025-09-22 5:39 ` Binbin Wu
2025-09-22 16:47 ` Sean Christopherson
2025-09-22 10:27 ` Chao Gao
2025-09-22 20:04 ` Sean Christopherson
2025-09-23 14:12 ` Xiaoyao Li
2025-09-23 16:15 ` Sean Christopherson
2025-09-19 22:32 ` [PATCH v16 19/51] KVM: x86: Don't emulate task switches when IBT or SHSTK is enabled Sean Christopherson
2025-09-22 6:41 ` Binbin Wu
2025-09-22 17:23 ` Sean Christopherson
2025-09-23 14:16 ` Xiaoyao Li
2025-09-22 11:27 ` Chao Gao
2025-09-19 22:32 ` [PATCH v16 20/51] KVM: x86: Emulate SSP[63:32]!=0 #GP(0) for FAR JMP to 32-bit mode Sean Christopherson
2025-09-22 7:15 ` Binbin Wu
2025-09-23 14:29 ` Xiaoyao Li
2025-09-19 22:32 ` [PATCH v16 21/51] KVM: x86/mmu: WARN on attempt to check permissions for Shadow Stack #PF Sean Christopherson
2025-09-22 7:17 ` Binbin Wu
2025-09-22 7:46 ` Binbin Wu
2025-09-23 14:33 ` Xiaoyao Li
2025-09-19 22:32 ` [PATCH v16 22/51] KVM: x86/mmu: Pretty print PK, SS, and SGX flags in MMU tracepoints Sean Christopherson
2025-09-22 7:18 ` Binbin Wu
2025-09-22 16:18 ` Sean Christopherson
2025-09-23 14:46 ` Xiaoyao Li
2025-09-19 22:32 ` [PATCH v16 23/51] KVM: x86: Allow setting CR4.CET if IBT or SHSTK is supported Sean Christopherson
2025-09-22 7:25 ` Binbin Wu
2025-09-23 14:46 ` Xiaoyao Li
2025-09-19 22:32 ` [PATCH v16 24/51] KVM: nVMX: Always forward XSAVES/XRSTORS exits from L2 to L1 Sean Christopherson
2025-09-23 8:15 ` Chao Gao
2025-09-23 14:49 ` Xiaoyao Li
2025-09-19 22:32 ` [PATCH v16 25/51] KVM: x86: Add XSS support for CET_KERNEL and CET_USER Sean Christopherson
2025-09-22 7:31 ` Binbin Wu
2025-09-23 14:55 ` Xiaoyao Li
2025-09-19 22:32 ` [PATCH v16 26/51] KVM: x86: Disable support for Shadow Stacks if TDP is disabled Sean Christopherson
2025-09-22 7:45 ` Binbin Wu
2025-09-23 14:56 ` Xiaoyao Li
2025-09-19 22:32 ` [PATCH v16 27/51] KVM: x86: Disable support for IBT and SHSTK if allow_smaller_maxphyaddr is true Sean Christopherson
2025-09-22 8:00 ` Binbin Wu
2025-09-22 18:40 ` Sean Christopherson
2025-09-23 14:44 ` Xiaoyao Li
2025-09-23 15:04 ` Sean Christopherson
2025-09-19 22:32 ` [PATCH v16 28/51] KVM: x86: Enable CET virtualization for VMX and advertise to userspace Sean Christopherson
2025-09-22 8:06 ` Binbin Wu
2025-09-23 14:57 ` Xiaoyao Li
2025-09-19 22:32 ` [PATCH v16 29/51] KVM: VMX: Configure nested capabilities after CPU capabilities Sean Christopherson
2025-09-23 2:37 ` Chao Gao
2025-09-23 16:24 ` Sean Christopherson
2025-09-23 16:49 ` Xin Li
2025-09-19 22:32 ` [PATCH v16 30/51] KVM: nVMX: Virtualize NO_HW_ERROR_CODE_CC for L1 event injection to L2 Sean Christopherson
2025-09-22 8:37 ` Binbin Wu
2025-09-19 22:32 ` [PATCH v16 31/51] KVM: nVMX: Prepare for enabling CET support for nested guest Sean Christopherson
2025-09-19 22:32 ` [PATCH v16 32/51] KVM: nVMX: Add consistency checks for CR0.WP and CR4.CET Sean Christopherson
2025-09-22 8:47 ` Binbin Wu
2025-09-19 22:32 ` [PATCH v16 33/51] KVM: nVMX: Add consistency checks for CET states Sean Christopherson
2025-09-22 9:23 ` Binbin Wu
2025-09-22 16:35 ` Sean Christopherson
2025-09-19 22:32 ` [PATCH v16 34/51] KVM: nVMX: Advertise new VM-Entry/Exit control bits for CET state Sean Christopherson
2025-09-23 2:43 ` Chao Gao
2025-09-23 16:28 ` Sean Christopherson
2025-09-19 22:32 ` [PATCH v16 35/51] KVM: SVM: Emulate reads and writes to shadow stack MSRs Sean Christopherson
2025-09-19 22:32 ` [PATCH v16 36/51] KVM: nSVM: Save/load CET Shadow Stack state to/from vmcb12/vmcb02 Sean Christopherson
2025-10-28 22:23 ` Yosry Ahmed
2025-12-09 0:48 ` Yosry Ahmed
2025-09-19 22:32 ` Sean Christopherson [this message]
2025-09-19 22:32 ` [PATCH v16 38/51] KVM: SVM: Pass through shadow stack MSRs as appropriate Sean Christopherson
2025-09-19 22:32 ` [PATCH v16 39/51] KVM: SEV: Synchronize MSR_IA32_XSS from the GHCB when it's valid Sean Christopherson
2025-09-19 22:32 ` [PATCH v16 40/51] KVM: SVM: Enable shadow stack virtualization for SVM Sean Christopherson
2025-09-19 22:32 ` [PATCH v16 41/51] KVM: x86: Add human friendly formatting for #XM, and #VE Sean Christopherson
2025-09-22 8:29 ` Binbin Wu
2025-09-19 22:32 ` [PATCH v16 42/51] KVM: x86: Define Control Protection Exception (#CP) vector Sean Christopherson
2025-09-22 8:29 ` Binbin Wu
2025-09-19 22:32 ` [PATCH v16 43/51] KVM: x86: Define AMD's #HV, #VC, and #SX exception vectors Sean Christopherson
2025-09-19 22:32 ` [PATCH v16 44/51] KVM: selftests: Add ex_str() to print human friendly name of " Sean Christopherson
2025-09-19 22:32 ` [PATCH v16 45/51] KVM: selftests: Add an MSR test to exercise guest/host and read/write Sean Christopherson
2025-09-23 8:03 ` Chao Gao
2025-09-23 16:51 ` Sean Christopherson
2025-09-19 22:32 ` [PATCH v16 46/51] KVM: selftests: Add support for MSR_IA32_{S,U}_CET to MSRs test Sean Christopherson
2025-09-23 7:12 ` Chao Gao
2025-09-19 22:32 ` [PATCH v16 47/51] KVM: selftests: Extend MSRs test to validate vCPUs without supported features Sean Christopherson
2025-09-19 22:32 ` [PATCH v16 48/51] KVM: selftests: Add KVM_{G,S}ET_ONE_REG coverage to MSRs test Sean Christopherson
2025-09-23 6:52 ` Chao Gao
2025-09-19 22:32 ` [PATCH v16 49/51] KVM: selftests: Add coverate for KVM-defined registers in " Sean Christopherson
2025-09-23 6:31 ` Chao Gao
2025-09-23 16:59 ` Sean Christopherson
2025-09-19 22:32 ` [PATCH v16 50/51] KVM: selftests: Verify MSRs are (not) in save/restore list when (un)supported Sean Christopherson
2025-09-23 6:46 ` Chao Gao
2025-09-23 17:02 ` Sean Christopherson
2025-09-19 22:32 ` [PATCH v16 51/51] KVM: VMX: Make CR4.CET a guest owned bit Sean Christopherson
2025-09-22 8:34 ` Binbin Wu
2025-09-24 14:32 ` [PATCH v16 00/51] KVM: x86: Super Mega CET Chao Gao
2025-09-24 18:07 ` Sean Christopherson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250919223258.1604852-38-seanjc@google.com \
--to=seanjc@google.com \
--cc=binbin.wu@linux.intel.com \
--cc=chao.gao@intel.com \
--cc=john.allen@amd.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=minipli@grsecurity.net \
--cc=mlevitsk@redhat.com \
--cc=pbonzini@redhat.com \
--cc=rick.p.edgecombe@intel.com \
--cc=thomas.lendacky@amd.com \
--cc=xiaoyao.li@intel.com \
--cc=xin@zytor.com \
--cc=yi.z.zhang@linux.intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox