From: Xiaoyao Li <xiaoyao.li@intel.com>
To: Zhao Liu <zhao1.liu@intel.com>,
Paolo Bonzini <pbonzini@redhat.com>,
Marcelo Tosatti <mtosatti@redhat.com>
Cc: qemu-devel@nongnu.org, kvm@vger.kernel.org,
Chao Gao <chao.gao@intel.com>, John Allen <john.allen@amd.com>,
Babu Moger <babu.moger@amd.com>,
Mathias Krause <minipli@grsecurity.net>,
Dapeng Mi <dapeng1.mi@intel.com>, Zide Chen <zide.chen@intel.com>,
Chenyi Qiang <chenyi.qiang@intel.com>,
Farrah Chen <farrah.chen@intel.com>,
Yang Weijiang <weijiang.yang@intel.com>
Subject: Re: [PATCH v3 17/20] i386/cpu: Advertise CET related flags in feature words
Date: Tue, 28 Oct 2025 16:33:11 +0800 [thread overview]
Message-ID: <534db36d-d440-409a-8a80-ee0fe9df12b4@intel.com> (raw)
In-Reply-To: <20251024065632.1448606-18-zhao1.liu@intel.com>
On 10/24/2025 2:56 PM, Zhao Liu wrote:
> From: Yang Weijiang <weijiang.yang@intel.com>
>
> Add SHSTK and IBT flags in feature words with entry/exit
> control flags.
>
> CET SHSTK and IBT feature are enumerated via CPUID(EAX=7,ECX=0)
> ECX[bit 7] and EDX[bit 20]. CET states load/restore at vmentry/
> vmexit are controlled by VMX_ENTRY_CTLS[bit 20] and VMX_EXIT_CTLS[bit 28].
> Enable these flags so that KVM can enumerate the features properly.
>
> Tested-by: Farrah Chen <farrah.chen@intel.com>
> Signed-off-by: Yang Weijiang <weijiang.yang@intel.com>
> Co-developed-by: Chao Gao <chao.gao@intel.com>
> Signed-off-by: Chao Gao <chao.gao@intel.com>
> Co-developed-by: Zhao Liu <zhao1.liu@intel.com>
> Signed-off-by: Zhao Liu <zhao1.liu@intel.com>
Reviewed-by: Xiaoyao Li <xiaoyao.li@intel.com>
> ---
> Changes Since v2:
> - Rename "shstk"/"ibt" to "cet-ss"/"cet-ibt" to match feature names
> in SDM & APM.
> - Rename "vmx-exit-save-cet-ctl"/"vmx-entry-load-cet-ctl" to
> "vmx-exit-save-cet"/"vmx-entry-load-cet".
> - Define the feature mask macro for easier double check.
> ---
> target/i386/cpu.c | 8 ++++----
> target/i386/cpu.h | 2 ++
> 2 files changed, 6 insertions(+), 4 deletions(-)
>
> diff --git a/target/i386/cpu.c b/target/i386/cpu.c
> index c08066a338a3..9a1001c47891 100644
> --- a/target/i386/cpu.c
> +++ b/target/i386/cpu.c
> @@ -1221,7 +1221,7 @@ FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
> .type = CPUID_FEATURE_WORD,
> .feat_names = {
> NULL, "avx512vbmi", "umip", "pku",
> - NULL /* ospke */, "waitpkg", "avx512vbmi2", NULL,
> + NULL /* ospke */, "waitpkg", "avx512vbmi2", "cet-ss",
> "gfni", "vaes", "vpclmulqdq", "avx512vnni",
> "avx512bitalg", NULL, "avx512-vpopcntdq", NULL,
> "la57", NULL, NULL, NULL,
> @@ -1244,7 +1244,7 @@ FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
> "avx512-vp2intersect", NULL, "md-clear", NULL,
> NULL, NULL, "serialize", NULL,
> "tsx-ldtrk", NULL, NULL /* pconfig */, "arch-lbr",
> - NULL, NULL, "amx-bf16", "avx512-fp16",
> + "cet-ibt", NULL, "amx-bf16", "avx512-fp16",
> "amx-tile", "amx-int8", "spec-ctrl", "stibp",
> "flush-l1d", "arch-capabilities", "core-capability", "ssbd",
> },
> @@ -1666,7 +1666,7 @@ FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
> "vmx-exit-save-efer", "vmx-exit-load-efer",
> "vmx-exit-save-preemption-timer", "vmx-exit-clear-bndcfgs",
> NULL, "vmx-exit-clear-rtit-ctl", NULL, NULL,
> - NULL, "vmx-exit-load-pkrs", NULL, "vmx-exit-secondary-ctls",
> + "vmx-exit-save-cet", "vmx-exit-load-pkrs", NULL, "vmx-exit-secondary-ctls",
> },
> .msr = {
> .index = MSR_IA32_VMX_TRUE_EXIT_CTLS,
> @@ -1681,7 +1681,7 @@ FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
> NULL, "vmx-entry-ia32e-mode", NULL, NULL,
> NULL, "vmx-entry-load-perf-global-ctrl", "vmx-entry-load-pat", "vmx-entry-load-efer",
> "vmx-entry-load-bndcfgs", NULL, "vmx-entry-load-rtit-ctl", NULL,
> - NULL, NULL, "vmx-entry-load-pkrs", "vmx-entry-load-fred",
> + "vmx-entry-load-cet", NULL, "vmx-entry-load-pkrs", "vmx-entry-load-fred",
> NULL, NULL, NULL, NULL,
> NULL, NULL, NULL, NULL,
> },
> diff --git a/target/i386/cpu.h b/target/i386/cpu.h
> index ad4287822831..fa3e5d87fe50 100644
> --- a/target/i386/cpu.h
> +++ b/target/i386/cpu.h
> @@ -1369,6 +1369,7 @@ uint64_t x86_cpu_get_supported_feature_word(X86CPU *cpu, FeatureWord w);
> #define VMX_VM_EXIT_CLEAR_BNDCFGS 0x00800000
> #define VMX_VM_EXIT_PT_CONCEAL_PIP 0x01000000
> #define VMX_VM_EXIT_CLEAR_IA32_RTIT_CTL 0x02000000
> +#define VMX_VM_EXIT_SAVE_CET 0x10000000
> #define VMX_VM_EXIT_LOAD_IA32_PKRS 0x20000000
> #define VMX_VM_EXIT_ACTIVATE_SECONDARY_CONTROLS 0x80000000
>
> @@ -1382,6 +1383,7 @@ uint64_t x86_cpu_get_supported_feature_word(X86CPU *cpu, FeatureWord w);
> #define VMX_VM_ENTRY_LOAD_BNDCFGS 0x00010000
> #define VMX_VM_ENTRY_PT_CONCEAL_PIP 0x00020000
> #define VMX_VM_ENTRY_LOAD_IA32_RTIT_CTL 0x00040000
> +#define VMX_VM_ENTRY_LOAD_CET 0x00100000
> #define VMX_VM_ENTRY_LOAD_IA32_PKRS 0x00400000
>
> /* Supported Hyper-V Enlightenments */
next prev parent reply other threads:[~2025-10-28 8:34 UTC|newest]
Thread overview: 64+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-10-24 6:56 [PATCH v3 00/20] i386: Support CET for KVM Zhao Liu
2025-10-24 6:56 ` [PATCH v3 01/20] linux-headers: Update to v6.18-rc2 Zhao Liu
2025-10-24 6:56 ` [PATCH v3 02/20] i386/cpu: Clean up indent style of x86_ext_save_areas[] Zhao Liu
2025-10-27 5:47 ` Xiaoyao Li
2025-10-30 15:11 ` Zhao Liu
2025-10-24 6:56 ` [PATCH v3 03/20] i386/cpu: Clean up arch lbr xsave struct and comment Zhao Liu
2025-10-24 18:20 ` Chen, Zide
2025-10-27 6:08 ` Xiaoyao Li
2025-10-24 6:56 ` [PATCH v3 04/20] i386/cpu: Reorganize arch lbr structure definitions Zhao Liu
2025-10-24 18:20 ` Chen, Zide
2025-10-27 6:22 ` Xiaoyao Li
2025-10-24 6:56 ` [PATCH v3 05/20] i386/cpu: Make ExtSaveArea store an array of dependencies Zhao Liu
2025-10-27 7:04 ` Xiaoyao Li
2025-10-27 10:09 ` Zhao Liu
2025-10-24 6:56 ` [PATCH v3 06/20] i386/cpu: Add avx10 dependency for Opmask/ZMM_Hi256/Hi16_ZMM Zhao Liu
2025-10-27 7:05 ` Xiaoyao Li
2025-10-24 6:56 ` [PATCH v3 07/20] i386/cpu: Reorganize dependency check for arch lbr state Zhao Liu
2025-10-24 18:21 ` Chen, Zide
2025-10-27 7:40 ` Xiaoyao Li
2025-10-27 10:12 ` Zhao Liu
2025-10-27 11:15 ` Xiaoyao Li
2025-10-30 15:40 ` Zhao Liu
2025-10-24 6:56 ` [PATCH v3 08/20] i386/cpu: Drop pmu check in CPUID 0x1C encoding Zhao Liu
2025-10-24 18:21 ` Chen, Zide
2025-10-27 7:51 ` Xiaoyao Li
2025-10-27 11:01 ` Zhao Liu
2025-10-24 6:56 ` [PATCH v3 09/20] i386/cpu: Fix supervisor xstate initialization Zhao Liu
2025-10-27 7:55 ` Xiaoyao Li
2025-10-27 10:13 ` Zhao Liu
2025-10-24 6:56 ` [PATCH v3 10/20] i386/cpu: Add missing migratable xsave features Zhao Liu
2025-10-27 8:42 ` Xiaoyao Li
2025-10-27 10:19 ` Zhao Liu
2025-10-27 11:18 ` Zhao Liu
2025-10-27 12:02 ` Xiaoyao Li
2025-10-30 15:56 ` Zhao Liu
2025-10-27 11:36 ` Zhao Liu
2025-10-24 6:56 ` [PATCH v3 11/20] i386/cpu: Enable xsave support for CET states Zhao Liu
2025-10-28 8:00 ` Xiaoyao Li
2025-10-29 4:58 ` Chao Gao
2025-10-30 4:29 ` Xiaoyao Li
2025-10-30 16:39 ` Zhao Liu
2025-10-24 6:56 ` [PATCH v3 12/20] i386/cpu: Add CET support in CR4 Zhao Liu
2025-10-28 2:04 ` Chenyi Qiang
2025-10-30 15:57 ` Zhao Liu
2025-10-24 6:56 ` [PATCH v3 13/20] i386/kvm: Add save/load support for CET MSRs Zhao Liu
2025-10-24 6:56 ` [PATCH v3 14/20] i386/kvm: Add save/load support for KVM_REG_GUEST_SSP Zhao Liu
2025-10-28 8:21 ` Xiaoyao Li
2025-10-24 6:56 ` [PATCH v3 15/20] i386/machine: Add vmstate for cet-ss and cet-ibt Zhao Liu
2025-10-28 8:29 ` Xiaoyao Li
2025-10-30 16:04 ` Zhao Liu
2025-10-24 6:56 ` [PATCH v3 16/20] i386/cpu: Mark cet-u & cet-s xstates as migratable Zhao Liu
2025-10-27 11:34 ` Zhao Liu
2025-10-29 6:13 ` Chao Gao
2025-10-29 6:10 ` Chao Gao
2025-10-30 16:09 ` Zhao Liu
2025-10-24 6:56 ` [PATCH v3 17/20] i386/cpu: Advertise CET related flags in feature words Zhao Liu
2025-10-28 8:33 ` Xiaoyao Li [this message]
2025-10-24 6:56 ` [PATCH v3 18/20] i386/cpu: Enable cet-ss & cet-ibt for supported CPU models Zhao Liu
2025-10-28 8:34 ` Xiaoyao Li
2025-10-24 6:56 ` [PATCH v3 19/20] i386/tdx: Fix missing spaces in tdx_xfam_deps[] Zhao Liu
2025-10-28 8:37 ` Xiaoyao Li
2025-10-24 6:56 ` [PATCH v3 20/20] i386/tdx: Add CET SHSTK/IBT into the supported CPUID by XFAM Zhao Liu
2025-10-28 8:55 ` Xiaoyao Li
2025-10-30 16:07 ` Zhao Liu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=534db36d-d440-409a-8a80-ee0fe9df12b4@intel.com \
--to=xiaoyao.li@intel.com \
--cc=babu.moger@amd.com \
--cc=chao.gao@intel.com \
--cc=chenyi.qiang@intel.com \
--cc=dapeng1.mi@intel.com \
--cc=farrah.chen@intel.com \
--cc=john.allen@amd.com \
--cc=kvm@vger.kernel.org \
--cc=minipli@grsecurity.net \
--cc=mtosatti@redhat.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=weijiang.yang@intel.com \
--cc=zhao1.liu@intel.com \
--cc=zide.chen@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).