[PATCH v3 0/5] Enable Shadow Stack Virtualization for SVM

[PATCH v3 0/5] Enable Shadow Stack Virtualization for SVM

[John Allen]

AMD Zen3 and newer processors support shadow stack, a feature designed
to protect against ROP (return-oriented programming) attacks in which an
attacker manipulates return addresses on the call stack in order to
execute arbitrary code. To prevent this, shadow stacks can be allocated
that are only used by control transfer and return instructions. When a
CALL instruction is issued, it writes the return address to both the
program stack and the shadow stack. When the subsequent RET instruction
is issued, it pops the return address from both stacks and compares
them. If the addresses don't match, a control-protection exception is
raised.

Shadow stack and a related feature, Indirect Branch Tracking (IBT), are
collectively referred to as Control-flow Enforcement Technology (CET).
However, current AMD processors only support shadow stack and not IBT.

This series adds support for shadow stack in SVM guests and builds upon
the support added in the CET guest support patch series [1]. Additional
patches are required to support shadow stack enabled guests in qemu [2].

[1]: CET guest support patches (v11)
https://lore.kernel.org/all/20250704085027.182163-1-chao.gao@intel.com/

[2]: CET qemu patches
https://lore.kernel.org/all/20230720111445.99509-1-weijiang.yang@intel.com/

[3]:  Previous SVM support patches (v2)
https://lore.kernel.org/all/20240226213244.18441-1-john.allen@amd.com/

---

RFC v2:
  - Rebased on v3 of the Intel CET virtualization series, dropping the
    patch that moved cet_is_msr_accessible to common code as that has
    been pulled into the Intel series.
  - Minor change removing curly brackets around if statement introduced
    in patch 6/6.
RFC v3:
  - Rebased on v5 of the Intel CET virtualization series.
  - Add patch changing the name of vmplX_ssp SEV-ES save area fields to
    plX_ssp.
  - Merge this series intended for KVM with the separate guest kernel
    patch (now patch 7/8).
  - Update MSR passthrough code to conditionally pass through shadow
    stack MSRS based on both host and guest support.
  - Don't save PL0_SSP, PL1_SSP, and PL2_SSP MSRs on SEV-ES VMRUN as
    these are currently unused.
v1:
  - Remove RFC tag from series
  - Rebase on v6 of the Intel CET virtualization series
  - Use KVM-governed feature to track SHSTK for SVM
v2:
  - Add new patch renaming boot_*msr to raw_*msr. Utilize raw_rdmsr when
    reading XSS on SEV-ES cpuid instructions.
  - Omit unnecessary patch for saving shadow stack msrs on SEV-ES VMRUN
  - Omit passing through of XSS for SEV-ES as support has already been
    properly implemented in a26b7cd22546 ("KVM: SEV: Do not intercept
    accesses to MSR_IA32_XSS for SEV-ES guests") 
v3:
  - Rebased on v11 of the Intel CET Virtualization series.
  - Split guest kernel patches into a separate series as these are
    independent of this series and are needed to support non-KVM
    hypervisors.

John Allen (5):
  KVM: x86: SVM: Emulate reads and writes to shadow stack MSRs
  KVM: x86: SVM: Update dump_vmcb with shadow stack save area additions
  KVM: x86: SVM: Pass through shadow stack MSRs
  KVM: SVM: Add MSR_IA32_XSS to the GHCB for hypervisor kernel
  KVM: SVM: Enable shadow stack virtualization for SVM

 arch/x86/kvm/svm/sev.c |  9 +++++++--
 arch/x86/kvm/svm/svm.c | 39 ++++++++++++++++++++++++++++++++++-----
 arch/x86/kvm/svm/svm.h |  1 +
 3 files changed, 42 insertions(+), 7 deletions(-)

-- 
2.34.1

[PATCH v3 1/5] KVM: x86: SVM: Emulate reads and writes to shadow stack MSRs

[John Allen]

Set up interception of shadow stack MSRs. In the event that shadow stack
is unsupported on the host or the MSRs are otherwise inaccessible, the
interception code will return an error. In certain circumstances such as
host initiated MSR reads or writes, the interception code will get or
set the requested MSR value.

Signed-off-by: John Allen <john.allen@amd.com>
---
 arch/x86/kvm/svm/svm.c | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
index 6375695ce285..d4e27e70b926 100644
--- a/arch/x86/kvm/svm/svm.c
+++ b/arch/x86/kvm/svm/svm.c
@@ -2776,6 +2776,15 @@ static int svm_get_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info)
 		if (guest_cpuid_is_intel_compatible(vcpu))
 			msr_info->data |= (u64)svm->sysenter_esp_hi << 32;
 		break;
+	case MSR_IA32_S_CET:
+		msr_info->data = svm->vmcb->save.s_cet;
+		break;
+	case MSR_IA32_INT_SSP_TAB:
+		msr_info->data = svm->vmcb->save.isst_addr;
+		break;
+	case MSR_KVM_INTERNAL_GUEST_SSP:
+		msr_info->data = svm->vmcb->save.ssp;
+		break;
 	case MSR_TSC_AUX:
 		msr_info->data = svm->tsc_aux;
 		break;
@@ -3008,6 +3017,15 @@ static int svm_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr)
 		svm->vmcb01.ptr->save.sysenter_esp = (u32)data;
 		svm->sysenter_esp_hi = guest_cpuid_is_intel_compatible(vcpu) ? (data >> 32) : 0;
 		break;
+	case MSR_IA32_S_CET:
+		svm->vmcb->save.s_cet = data;
+		break;
+	case MSR_IA32_INT_SSP_TAB:
+		svm->vmcb->save.isst_addr = data;
+		break;
+	case MSR_KVM_INTERNAL_GUEST_SSP:
+		svm->vmcb->save.ssp = data;
+		break;
 	case MSR_TSC_AUX:
 		/*
 		 * TSC_AUX is always virtualized for SEV-ES guests when the
-- 
2.34.1

[PATCH v3 2/5] KVM: x86: SVM: Update dump_vmcb with shadow stack save area additions

[John Allen]

Add shadow stack VMCB save area fields to dump_vmcb. Only include S_CET,
SSP, and ISST_ADDR. Since there currently isn't support to decrypt and
dump the SEV-ES save area, exclude PL0_SSP, PL1_SSP, PL2_SSP, PL3_SSP,
and U_CET which are only inlcuded in the SEV-ES save area.

Signed-off-by: John Allen <john.allen@amd.com>
Reviewed-by: Maxim Levitsky <mlevitsk@redhat.com>
---
 arch/x86/kvm/svm/svm.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
index d4e27e70b926..a027d3c37181 100644
--- a/arch/x86/kvm/svm/svm.c
+++ b/arch/x86/kvm/svm/svm.c
@@ -3416,6 +3416,10 @@ static void dump_vmcb(struct kvm_vcpu *vcpu)
 	       "rip:", save->rip, "rflags:", save->rflags);
 	pr_err("%-15s %016llx %-13s %016llx\n",
 	       "rsp:", save->rsp, "rax:", save->rax);
+	pr_err("%-15s %016llx %-13s %016llx\n",
+	       "s_cet:", save->s_cet, "ssp:", save->ssp);
+	pr_err("%-15s %016llx\n",
+	       "isst_addr:", save->isst_addr);
 	pr_err("%-15s %016llx %-13s %016llx\n",
 	       "star:", save01->star, "lstar:", save01->lstar);
 	pr_err("%-15s %016llx %-13s %016llx\n",
-- 
2.34.1

[PATCH v3 3/5] KVM: x86: SVM: Pass through shadow stack MSRs

[John Allen]

If kvm supports shadow stack, pass through shadow stack MSRs to improve
guest performance.

Signed-off-by: John Allen <john.allen@amd.com>
---
 arch/x86/kvm/svm/svm.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
index a027d3c37181..82cde3578c96 100644
--- a/arch/x86/kvm/svm/svm.c
+++ b/arch/x86/kvm/svm/svm.c
@@ -838,6 +838,18 @@ static void svm_recalc_msr_intercepts(struct kvm_vcpu *vcpu)
 	svm_set_intercept_for_msr(vcpu, MSR_IA32_SYSENTER_ESP, MSR_TYPE_RW,
 				  guest_cpuid_is_intel_compatible(vcpu));
 
+	if (kvm_cpu_cap_has(X86_FEATURE_SHSTK)) {
+		bool shstk_enabled = guest_cpu_cap_has(vcpu, X86_FEATURE_SHSTK);
+
+		svm_set_intercept_for_msr(vcpu, MSR_IA32_U_CET, MSR_TYPE_RW, !shstk_enabled);
+		svm_set_intercept_for_msr(vcpu, MSR_IA32_S_CET, MSR_TYPE_RW, !shstk_enabled);
+		svm_set_intercept_for_msr(vcpu, MSR_IA32_PL0_SSP, MSR_TYPE_RW, !shstk_enabled);
+		svm_set_intercept_for_msr(vcpu, MSR_IA32_PL1_SSP, MSR_TYPE_RW, !shstk_enabled);
+		svm_set_intercept_for_msr(vcpu, MSR_IA32_PL2_SSP, MSR_TYPE_RW, !shstk_enabled);
+		svm_set_intercept_for_msr(vcpu, MSR_IA32_PL3_SSP, MSR_TYPE_RW, !shstk_enabled);
+		svm_set_intercept_for_msr(vcpu, MSR_IA32_INT_SSP_TAB, MSR_TYPE_RW, !shstk_enabled);
+	}
+
 	if (sev_es_guest(vcpu->kvm))
 		sev_es_recalc_msr_intercepts(vcpu);
 
-- 
2.34.1

[PATCH v3 4/5] KVM: SVM: Add MSR_IA32_XSS to the GHCB for hypervisor kernel

[John Allen]

When a guest issues a cpuid instruction for Fn0000000D_x0B
(CetUserOffset), KVM will intercept and need to access the guest
MSR_IA32_XSS value. For SEV-ES, this is encrypted and needs to be
included in the GHCB to be visible to the hypervisor.

Signed-off-by: John Allen <john.allen@amd.com>
---
v2:
  - Omit passing through XSS as this has already been properly
    implemented in a26b7cd22546 ("KVM: SEV: Do not intercept
    accesses to MSR_IA32_XSS for SEV-ES guests")
v3:
  - Move guest kernel GHCB_ACCESSORS definition to new series.
---
 arch/x86/kvm/svm/sev.c | 9 +++++++--
 arch/x86/kvm/svm/svm.h | 1 +
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
index 3f20f6eb1ef6..2905a62e7bf2 100644
--- a/arch/x86/kvm/svm/sev.c
+++ b/arch/x86/kvm/svm/sev.c
@@ -3239,8 +3239,13 @@ static void sev_es_sync_from_ghcb(struct vcpu_svm *svm)
 
 	svm->vmcb->save.cpl = kvm_ghcb_get_cpl_if_valid(svm, ghcb);
 
-	if (kvm_ghcb_xcr0_is_valid(svm)) {
-		vcpu->arch.xcr0 = ghcb_get_xcr0(ghcb);
+	if (kvm_ghcb_xcr0_is_valid(svm) || kvm_ghcb_xss_is_valid(svm)) {
+		if (kvm_ghcb_xcr0_is_valid(svm))
+			vcpu->arch.xcr0 = ghcb_get_xcr0(ghcb);
+
+		if (kvm_ghcb_xss_is_valid(svm))
+			vcpu->arch.ia32_xss = ghcb_get_xss(ghcb);
+
 		vcpu->arch.cpuid_dynamic_bits_dirty = true;
 	}
 
diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h
index dabd69d6fd15..b189647d8389 100644
--- a/arch/x86/kvm/svm/svm.h
+++ b/arch/x86/kvm/svm/svm.h
@@ -925,5 +925,6 @@ DEFINE_KVM_GHCB_ACCESSORS(sw_exit_info_1)
 DEFINE_KVM_GHCB_ACCESSORS(sw_exit_info_2)
 DEFINE_KVM_GHCB_ACCESSORS(sw_scratch)
 DEFINE_KVM_GHCB_ACCESSORS(xcr0)
+DEFINE_KVM_GHCB_ACCESSORS(xss)
 
 #endif
-- 
2.34.1

[PATCH v3 5/5] KVM: SVM: Enable shadow stack virtualization for SVM

[John Allen]

Remove the explicit clearing of shadow stack CPU capabilities.

Signed-off-by: John Allen <john.allen@amd.com>
---
v3:
  - New in v3.
---
 arch/x86/kvm/svm/svm.c | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
index 82cde3578c96..b67aa546d8f4 100644
--- a/arch/x86/kvm/svm/svm.c
+++ b/arch/x86/kvm/svm/svm.c
@@ -5255,11 +5255,6 @@ static __init void svm_set_cpu_caps(void)
 	kvm_set_cpu_caps();
 
 	kvm_caps.supported_perf_cap = 0;
-	kvm_caps.supported_xss = 0;
-
-	/* KVM doesn't yet support CET virtualization for SVM. */
-	kvm_cpu_cap_clear(X86_FEATURE_SHSTK);
-	kvm_cpu_cap_clear(X86_FEATURE_IBT);
 
 	/* CPUID 0x80000001 and 0x8000000A (SVM features) */
 	if (nested) {
-- 
2.34.1

Re: [PATCH v3 2/5] KVM: x86: SVM: Update dump_vmcb with shadow stack save area additions

[Tom Lendacky]

On 8/6/25 15:45, John Allen wrote:
> Add shadow stack VMCB save area fields to dump_vmcb. Only include S_CET,
> SSP, and ISST_ADDR. Since there currently isn't support to decrypt and
> dump the SEV-ES save area, exclude PL0_SSP, PL1_SSP, PL2_SSP, PL3_SSP,
> and U_CET which are only inlcuded in the SEV-ES save area.

There has been a recent patch series that can decrypt and dump VMSA
contents, so you could add those fields if you think they should be dumped.

Thanks,
Tom

> 
> Signed-off-by: John Allen <john.allen@amd.com>
> Reviewed-by: Maxim Levitsky <mlevitsk@redhat.com>
> ---
>  arch/x86/kvm/svm/svm.c | 4 ++++
>  1 file changed, 4 insertions(+)
> 
> diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
> index d4e27e70b926..a027d3c37181 100644
> --- a/arch/x86/kvm/svm/svm.c
> +++ b/arch/x86/kvm/svm/svm.c
> @@ -3416,6 +3416,10 @@ static void dump_vmcb(struct kvm_vcpu *vcpu)
>  	       "rip:", save->rip, "rflags:", save->rflags);
>  	pr_err("%-15s %016llx %-13s %016llx\n",
>  	       "rsp:", save->rsp, "rax:", save->rax);
> +	pr_err("%-15s %016llx %-13s %016llx\n",
> +	       "s_cet:", save->s_cet, "ssp:", save->ssp);
> +	pr_err("%-15s %016llx\n",
> +	       "isst_addr:", save->isst_addr);
>  	pr_err("%-15s %016llx %-13s %016llx\n",
>  	       "star:", save01->star, "lstar:", save01->lstar);
>  	pr_err("%-15s %016llx %-13s %016llx\n",

Re: [PATCH v3 3/5] KVM: x86: SVM: Pass through shadow stack MSRs

[Chao Gao]

On Wed, Aug 06, 2025 at 08:45:08PM +0000, John Allen wrote:
>If kvm supports shadow stack, pass through shadow stack MSRs to improve
>guest performance.

The changelog is a bit sparse. Perhaps you could include something similar
to what I did in my v13 version:

Pass through shadow stack MSRs that are managed by XSAVE, as they cannot be
intercepted without also intercepting XSAVE. However, intercepting XSAVE would
likely cause unacceptable performance overhead.

MSR_IA32_INT_SSP_TAB is not managed by XSAVE, so it is intercepted.

>
>Signed-off-by: John Allen <john.allen@amd.com>
>---
> arch/x86/kvm/svm/svm.c | 12 ++++++++++++
> 1 file changed, 12 insertions(+)
>
>diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
>index a027d3c37181..82cde3578c96 100644
>--- a/arch/x86/kvm/svm/svm.c
>+++ b/arch/x86/kvm/svm/svm.c
>@@ -838,6 +838,18 @@ static void svm_recalc_msr_intercepts(struct kvm_vcpu *vcpu)
> 	svm_set_intercept_for_msr(vcpu, MSR_IA32_SYSENTER_ESP, MSR_TYPE_RW,
> 				  guest_cpuid_is_intel_compatible(vcpu));
> 
>+	if (kvm_cpu_cap_has(X86_FEATURE_SHSTK)) {
>+		bool shstk_enabled = guest_cpu_cap_has(vcpu, X86_FEATURE_SHSTK);
>+
>+		svm_set_intercept_for_msr(vcpu, MSR_IA32_U_CET, MSR_TYPE_RW, !shstk_enabled);
>+		svm_set_intercept_for_msr(vcpu, MSR_IA32_S_CET, MSR_TYPE_RW, !shstk_enabled);
>+		svm_set_intercept_for_msr(vcpu, MSR_IA32_PL0_SSP, MSR_TYPE_RW, !shstk_enabled);
>+		svm_set_intercept_for_msr(vcpu, MSR_IA32_PL1_SSP, MSR_TYPE_RW, !shstk_enabled);
>+		svm_set_intercept_for_msr(vcpu, MSR_IA32_PL2_SSP, MSR_TYPE_RW, !shstk_enabled);
>+		svm_set_intercept_for_msr(vcpu, MSR_IA32_PL3_SSP, MSR_TYPE_RW, !shstk_enabled);
>+		svm_set_intercept_for_msr(vcpu, MSR_IA32_INT_SSP_TAB, MSR_TYPE_RW, !shstk_enabled);

MSR_IA32_INT_SSP_TAB should be intercepted unless there is a justification for
pass-through. See Sean's comment below

https://lore.kernel.org/kvm/aKTGVvOb8PZ7mzVr@google.com/

With above nits fixed,

Reviewed-by: Chao Gao <chao.gao@intel.com>

>+	}
>+
> 	if (sev_es_guest(vcpu->kvm))
> 		sev_es_recalc_msr_intercepts(vcpu);
> 
>-- 
>2.34.1
>

Re: [PATCH v3 1/5] KVM: x86: SVM: Emulate reads and writes to shadow stack MSRs

[Chao Gao]

On Wed, Aug 06, 2025 at 08:45:06PM +0000, John Allen wrote:
>Set up interception of shadow stack MSRs. In the event that shadow stack
>is unsupported on the host or the MSRs are otherwise inaccessible, the
>interception code will return an error. In certain circumstances such as
>host initiated MSR reads or writes, the interception code will get or
>set the requested MSR value.

The changelog does not match the code. This patch does not set up interception
for shadow stack MSRs; instead, it emulates shadow stack MSR read/write by
accessing the corresponding fields in the VMCB.

>
>Signed-off-by: John Allen <john.allen@amd.com>
>---
> arch/x86/kvm/svm/svm.c | 18 ++++++++++++++++++
> 1 file changed, 18 insertions(+)
>
>diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
>index 6375695ce285..d4e27e70b926 100644
>--- a/arch/x86/kvm/svm/svm.c
>+++ b/arch/x86/kvm/svm/svm.c
>@@ -2776,6 +2776,15 @@ static int svm_get_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info)
> 		if (guest_cpuid_is_intel_compatible(vcpu))
> 			msr_info->data |= (u64)svm->sysenter_esp_hi << 32;
> 		break;
>+	case MSR_IA32_S_CET:
>+		msr_info->data = svm->vmcb->save.s_cet;
>+		break;
>+	case MSR_IA32_INT_SSP_TAB:
>+		msr_info->data = svm->vmcb->save.isst_addr;
>+		break;
>+	case MSR_KVM_INTERNAL_GUEST_SSP:
>+		msr_info->data = svm->vmcb->save.ssp;
>+		break;
> 	case MSR_TSC_AUX:
> 		msr_info->data = svm->tsc_aux;
> 		break;
>@@ -3008,6 +3017,15 @@ static int svm_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr)
> 		svm->vmcb01.ptr->save.sysenter_esp = (u32)data;
> 		svm->sysenter_esp_hi = guest_cpuid_is_intel_compatible(vcpu) ? (data >> 32) : 0;
> 		break;
>+	case MSR_IA32_S_CET:
>+		svm->vmcb->save.s_cet = data;
>+		break;
>+	case MSR_IA32_INT_SSP_TAB:
>+		svm->vmcb->save.isst_addr = data;
>+		break;
>+	case MSR_KVM_INTERNAL_GUEST_SSP:
>+		svm->vmcb->save.ssp = data;
>+		break;
> 	case MSR_TSC_AUX:
> 		/*
> 		 * TSC_AUX is always virtualized for SEV-ES guests when the
>-- 
>2.34.1
>

Re: [PATCH v3 5/5] KVM: SVM: Enable shadow stack virtualization for SVM

[Chao Gao]

On Wed, Aug 06, 2025 at 08:45:10PM +0000, John Allen wrote:
>Remove the explicit clearing of shadow stack CPU capabilities.
>
>Signed-off-by: John Allen <john.allen@amd.com>
>---
>v3:
>  - New in v3.
>---
> arch/x86/kvm/svm/svm.c | 5 -----
> 1 file changed, 5 deletions(-)
>
>diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
>index 82cde3578c96..b67aa546d8f4 100644
>--- a/arch/x86/kvm/svm/svm.c
>+++ b/arch/x86/kvm/svm/svm.c
>@@ -5255,11 +5255,6 @@ static __init void svm_set_cpu_caps(void)
> 	kvm_set_cpu_caps();
> 
> 	kvm_caps.supported_perf_cap = 0;
>-	kvm_caps.supported_xss = 0;
>-
>-	/* KVM doesn't yet support CET virtualization for SVM. */
>-	kvm_cpu_cap_clear(X86_FEATURE_SHSTK);
>-	kvm_cpu_cap_clear(X86_FEATURE_IBT);

IIUC, IBT should be cleared because KVM doesn't support IBT for SVM.

With this fixed:

Reviewed-by: Chao Gao <chao.gao@intel.com>

> 
> 	/* CPUID 0x80000001 and 0x8000000A (SVM features) */
> 	if (nested) {
>-- 
>2.34.1
>

Re: [PATCH v3 4/5] KVM: SVM: Add MSR_IA32_XSS to the GHCB for hypervisor kernel

[Chao Gao]

On Wed, Aug 06, 2025 at 08:45:09PM +0000, John Allen wrote:
>When a guest issues a cpuid instruction for Fn0000000D_x0B
>(CetUserOffset), KVM will intercept and need to access the guest
>MSR_IA32_XSS value. For SEV-ES, this is encrypted and needs to be
>included in the GHCB to be visible to the hypervisor.
>
>Signed-off-by: John Allen <john.allen@amd.com>
>---
>v2:
>  - Omit passing through XSS as this has already been properly
>    implemented in a26b7cd22546 ("KVM: SEV: Do not intercept
>    accesses to MSR_IA32_XSS for SEV-ES guests")
>v3:
>  - Move guest kernel GHCB_ACCESSORS definition to new series.
>---
> arch/x86/kvm/svm/sev.c | 9 +++++++--
> arch/x86/kvm/svm/svm.h | 1 +
> 2 files changed, 8 insertions(+), 2 deletions(-)
>
>diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
>index 3f20f6eb1ef6..2905a62e7bf2 100644
>--- a/arch/x86/kvm/svm/sev.c
>+++ b/arch/x86/kvm/svm/sev.c
>@@ -3239,8 +3239,13 @@ static void sev_es_sync_from_ghcb(struct vcpu_svm *svm)
> 
> 	svm->vmcb->save.cpl = kvm_ghcb_get_cpl_if_valid(svm, ghcb);
> 
>-	if (kvm_ghcb_xcr0_is_valid(svm)) {
>-		vcpu->arch.xcr0 = ghcb_get_xcr0(ghcb);
>+	if (kvm_ghcb_xcr0_is_valid(svm) || kvm_ghcb_xss_is_valid(svm)) {
>+		if (kvm_ghcb_xcr0_is_valid(svm))
>+			vcpu->arch.xcr0 = ghcb_get_xcr0(ghcb);
>+
>+		if (kvm_ghcb_xss_is_valid(svm))
>+			vcpu->arch.ia32_xss = ghcb_get_xss(ghcb);
>+
> 		vcpu->arch.cpuid_dynamic_bits_dirty = true;

It seems a bit odd to me. How about:

	if (kvm_ghcb_xcr0_is_valid(svm)) {
		vcpu->arch.xcr0 = ghcb_get_xcr0(ghcb);
		vcpu->arch.cpuid_dynamic_bits_dirty = true;
	}

	if (kvm_ghcb_xss_is_valid(svm)) {
		vcpu->arch.xss = ghcb_get_xss(ghcb);
		vcpu->arch.cpuid_dynamic_bits_dirty = true;
	}

This looks better because it has less indentation and reduces the number
of "if" statements by one.

> 	}
> 
>diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h
>index dabd69d6fd15..b189647d8389 100644
>--- a/arch/x86/kvm/svm/svm.h
>+++ b/arch/x86/kvm/svm/svm.h
>@@ -925,5 +925,6 @@ DEFINE_KVM_GHCB_ACCESSORS(sw_exit_info_1)
> DEFINE_KVM_GHCB_ACCESSORS(sw_exit_info_2)
> DEFINE_KVM_GHCB_ACCESSORS(sw_scratch)
> DEFINE_KVM_GHCB_ACCESSORS(xcr0)
>+DEFINE_KVM_GHCB_ACCESSORS(xss)
> 
> #endif
>-- 
>2.34.1
>

Re: [PATCH v3 5/5] KVM: SVM: Enable shadow stack virtualization for SVM

[John Allen]

On Mon, Aug 25, 2025 at 09:33:09AM +0800, Chao Gao wrote:
> On Wed, Aug 06, 2025 at 08:45:10PM +0000, John Allen wrote:
> >Remove the explicit clearing of shadow stack CPU capabilities.
> >
> >Signed-off-by: John Allen <john.allen@amd.com>
> >---
> >v3:
> >  - New in v3.
> >---
> > arch/x86/kvm/svm/svm.c | 5 -----
> > 1 file changed, 5 deletions(-)
> >
> >diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
> >index 82cde3578c96..b67aa546d8f4 100644
> >--- a/arch/x86/kvm/svm/svm.c
> >+++ b/arch/x86/kvm/svm/svm.c
> >@@ -5255,11 +5255,6 @@ static __init void svm_set_cpu_caps(void)
> > 	kvm_set_cpu_caps();
> > 
> > 	kvm_caps.supported_perf_cap = 0;
> >-	kvm_caps.supported_xss = 0;
> >-
> >-	/* KVM doesn't yet support CET virtualization for SVM. */
> >-	kvm_cpu_cap_clear(X86_FEATURE_SHSTK);
> >-	kvm_cpu_cap_clear(X86_FEATURE_IBT);
> 
> IIUC, IBT should be cleared because KVM doesn't support IBT for SVM.

Yeah, I wondered about this. The reason I chose to not clear this is
because we don't explicitly clear other features that are not supported
on AMD hardware AFAICT. Is there a reason we should clear this and not
other unsupported features?

Thanks,
John