From: Xiaoyao Li <xiaoyao.li@intel.com>
To: Chao Gao <chao.gao@intel.com>, Zhao Liu <zhao1.liu@intel.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>,
Marcelo Tosatti <mtosatti@redhat.com>,
qemu-devel@nongnu.org, kvm@vger.kernel.org,
John Allen <john.allen@amd.com>, Babu Moger <babu.moger@amd.com>,
Mathias Krause <minipli@grsecurity.net>,
Dapeng Mi <dapeng1.mi@intel.com>, Zide Chen <zide.chen@intel.com>,
Chenyi Qiang <chenyi.qiang@intel.com>,
Farrah Chen <farrah.chen@intel.com>,
Yang Weijiang <weijiang.yang@intel.com>
Subject: Re: [PATCH v3 11/20] i386/cpu: Enable xsave support for CET states
Date: Thu, 30 Oct 2025 12:29:54 +0800 [thread overview]
Message-ID: <4806bc74-e4c2-4aa1-b003-e72895a11f11@intel.com> (raw)
In-Reply-To: <aQGe66NsIm7AglKb@intel.com>
On 10/29/2025 12:58 PM, Chao Gao wrote:
> On Fri, Oct 24, 2025 at 02:56:23PM +0800, Zhao Liu wrote:
>> From: Yang Weijiang <weijiang.yang@intel.com>
>>
>> Add CET_U/S bits in xstate area and report support in xstate
>> feature mask.
>> MSR_XSS[bit 11] corresponds to CET user mode states.
>> MSR_XSS[bit 12] corresponds to CET supervisor mode states.
>>
>> CET Shadow Stack(SHSTK) and Indirect Branch Tracking(IBT) features
>> are enumerated via CPUID.(EAX=07H,ECX=0H):ECX[7] and EDX[20]
>> respectively, two features share the same state bits in XSS, so
>> if either of the features is enabled, set CET_U and CET_S bits
>> together.
>>
>> Tested-by: Farrah Chen <farrah.chen@intel.com>
>> Signed-off-by: Yang Weijiang <weijiang.yang@intel.com>
>> Co-developed-by: Chao Gao <chao.gao@intel.com>
>> Signed-off-by: Chao Gao <chao.gao@intel.com>
>> Co-developed-by: Zhao Liu <zhao1.liu@intel.com>
>> Signed-off-by: Zhao Liu <zhao1.liu@intel.com>
>
> It just occurred to me that KVM_GET/SET_XSAVE don't save/restore supervisor
> states. Supervisor states need to be saved/restored via MSR APIs. So, there
> is no need to add supervisor states (including ARCH_LBR states) to
> x86_ext_save_areas[].
x86_ext_save_areas[] is not used only for xsave state, it's also used
for the setup of xsave features, i.e., CPUID leaf 0xD.
And you did catch the missing part of this series, it lacks the
save/restore of CET XSAVE state in
x86_cpu_xsave_all_areas()/x86_cpu_xrstor_all_areas()
next prev parent reply other threads:[~2025-10-30 4:31 UTC|newest]
Thread overview: 64+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-10-24 6:56 [PATCH v3 00/20] i386: Support CET for KVM Zhao Liu
2025-10-24 6:56 ` [PATCH v3 01/20] linux-headers: Update to v6.18-rc2 Zhao Liu
2025-10-24 6:56 ` [PATCH v3 02/20] i386/cpu: Clean up indent style of x86_ext_save_areas[] Zhao Liu
2025-10-27 5:47 ` Xiaoyao Li
2025-10-30 15:11 ` Zhao Liu
2025-10-24 6:56 ` [PATCH v3 03/20] i386/cpu: Clean up arch lbr xsave struct and comment Zhao Liu
2025-10-24 18:20 ` Chen, Zide
2025-10-27 6:08 ` Xiaoyao Li
2025-10-24 6:56 ` [PATCH v3 04/20] i386/cpu: Reorganize arch lbr structure definitions Zhao Liu
2025-10-24 18:20 ` Chen, Zide
2025-10-27 6:22 ` Xiaoyao Li
2025-10-24 6:56 ` [PATCH v3 05/20] i386/cpu: Make ExtSaveArea store an array of dependencies Zhao Liu
2025-10-27 7:04 ` Xiaoyao Li
2025-10-27 10:09 ` Zhao Liu
2025-10-24 6:56 ` [PATCH v3 06/20] i386/cpu: Add avx10 dependency for Opmask/ZMM_Hi256/Hi16_ZMM Zhao Liu
2025-10-27 7:05 ` Xiaoyao Li
2025-10-24 6:56 ` [PATCH v3 07/20] i386/cpu: Reorganize dependency check for arch lbr state Zhao Liu
2025-10-24 18:21 ` Chen, Zide
2025-10-27 7:40 ` Xiaoyao Li
2025-10-27 10:12 ` Zhao Liu
2025-10-27 11:15 ` Xiaoyao Li
2025-10-30 15:40 ` Zhao Liu
2025-10-24 6:56 ` [PATCH v3 08/20] i386/cpu: Drop pmu check in CPUID 0x1C encoding Zhao Liu
2025-10-24 18:21 ` Chen, Zide
2025-10-27 7:51 ` Xiaoyao Li
2025-10-27 11:01 ` Zhao Liu
2025-10-24 6:56 ` [PATCH v3 09/20] i386/cpu: Fix supervisor xstate initialization Zhao Liu
2025-10-27 7:55 ` Xiaoyao Li
2025-10-27 10:13 ` Zhao Liu
2025-10-24 6:56 ` [PATCH v3 10/20] i386/cpu: Add missing migratable xsave features Zhao Liu
2025-10-27 8:42 ` Xiaoyao Li
2025-10-27 10:19 ` Zhao Liu
2025-10-27 11:18 ` Zhao Liu
2025-10-27 12:02 ` Xiaoyao Li
2025-10-30 15:56 ` Zhao Liu
2025-10-27 11:36 ` Zhao Liu
2025-10-24 6:56 ` [PATCH v3 11/20] i386/cpu: Enable xsave support for CET states Zhao Liu
2025-10-28 8:00 ` Xiaoyao Li
2025-10-29 4:58 ` Chao Gao
2025-10-30 4:29 ` Xiaoyao Li [this message]
2025-10-30 16:39 ` Zhao Liu
2025-10-24 6:56 ` [PATCH v3 12/20] i386/cpu: Add CET support in CR4 Zhao Liu
2025-10-28 2:04 ` Chenyi Qiang
2025-10-30 15:57 ` Zhao Liu
2025-10-24 6:56 ` [PATCH v3 13/20] i386/kvm: Add save/load support for CET MSRs Zhao Liu
2025-10-24 6:56 ` [PATCH v3 14/20] i386/kvm: Add save/load support for KVM_REG_GUEST_SSP Zhao Liu
2025-10-28 8:21 ` Xiaoyao Li
2025-10-24 6:56 ` [PATCH v3 15/20] i386/machine: Add vmstate for cet-ss and cet-ibt Zhao Liu
2025-10-28 8:29 ` Xiaoyao Li
2025-10-30 16:04 ` Zhao Liu
2025-10-24 6:56 ` [PATCH v3 16/20] i386/cpu: Mark cet-u & cet-s xstates as migratable Zhao Liu
2025-10-27 11:34 ` Zhao Liu
2025-10-29 6:13 ` Chao Gao
2025-10-29 6:10 ` Chao Gao
2025-10-30 16:09 ` Zhao Liu
2025-10-24 6:56 ` [PATCH v3 17/20] i386/cpu: Advertise CET related flags in feature words Zhao Liu
2025-10-28 8:33 ` Xiaoyao Li
2025-10-24 6:56 ` [PATCH v3 18/20] i386/cpu: Enable cet-ss & cet-ibt for supported CPU models Zhao Liu
2025-10-28 8:34 ` Xiaoyao Li
2025-10-24 6:56 ` [PATCH v3 19/20] i386/tdx: Fix missing spaces in tdx_xfam_deps[] Zhao Liu
2025-10-28 8:37 ` Xiaoyao Li
2025-10-24 6:56 ` [PATCH v3 20/20] i386/tdx: Add CET SHSTK/IBT into the supported CPUID by XFAM Zhao Liu
2025-10-28 8:55 ` Xiaoyao Li
2025-10-30 16:07 ` Zhao Liu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4806bc74-e4c2-4aa1-b003-e72895a11f11@intel.com \
--to=xiaoyao.li@intel.com \
--cc=babu.moger@amd.com \
--cc=chao.gao@intel.com \
--cc=chenyi.qiang@intel.com \
--cc=dapeng1.mi@intel.com \
--cc=farrah.chen@intel.com \
--cc=john.allen@amd.com \
--cc=kvm@vger.kernel.org \
--cc=minipli@grsecurity.net \
--cc=mtosatti@redhat.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=weijiang.yang@intel.com \
--cc=zhao1.liu@intel.com \
--cc=zide.chen@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).