[8/9] KVM: SVM: Use KVM-governed features to track SHSTK

Message ID	20231010200220.897953-9-john.allen@amd.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <kvm-owner@vger.kernel.org> Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C From: John Allen <john.allen@amd.com> To: <kvm@vger.kernel.org> CC: <linux-kernel@vger.kernel.org>, <pbonzini@redhat.com>, <weijiang.yang@intel.com>, <rick.p.edgecombe@intel.com>, <seanjc@google.com>, <x86@kernel.org>, <thomas.lendacky@amd.com>, <bp@alien8.de>, John Allen <john.allen@amd.com> Subject: [PATCH 8/9] KVM: SVM: Use KVM-governed features to track SHSTK Date: Tue, 10 Oct 2023 20:02:19 +0000 Message-ID: <20231010200220.897953-9-john.allen@amd.com> In-Reply-To: <20231010200220.897953-1-john.allen@amd.com> References: <20231010200220.897953-1-john.allen@amd.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain Precedence: bulk
Series	SVM guest shadow stack support \| expand [0/9] SVM guest shadow stack support [1/9] KVM: x86: SVM: Emulate reads and writes to shadow stack MSRs [2/9] KVM: x86: SVM: Update dump_vmcb with shadow stack save area additions [3/9] KVM: x86: SVM: Pass through shadow stack MSRs [4/9] KVM: SVM: Rename vmplX_ssp -> plX_ssp [5/9] KVM: SVM: Save shadow stack host state on VMRUN [6/9] KVM: SVM: Add MSR_IA32_XSS to the GHCB for hypervisor kernel [7/9] x86/sev-es: Include XSS value in GHCB CPUID request [8/9] KVM: SVM: Use KVM-governed features to track SHSTK [9/9] KVM: SVM: Add CET features to supported_xss

Message ID

20231010200220.897953-9-john.allen@amd.com (mailing list archive)

State

New, archived

Headers

Received-SPF: Pass (protection.outlook.com: domain of amd.com designates
 165.204.84.17 as permitted sender) receiver=protection.outlook.com;
 client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C
From: John Allen <john.allen@amd.com>
To: <kvm@vger.kernel.org>
CC: <linux-kernel@vger.kernel.org>, <pbonzini@redhat.com>,
        <weijiang.yang@intel.com>, <rick.p.edgecombe@intel.com>,
        <seanjc@google.com>, <x86@kernel.org>, <thomas.lendacky@amd.com>,
        <bp@alien8.de>, John Allen <john.allen@amd.com>
Subject: [PATCH 8/9] KVM: SVM: Use KVM-governed features to track SHSTK
Date: Tue, 10 Oct 2023 20:02:19 +0000
Message-ID: <20231010200220.897953-9-john.allen@amd.com>
In-Reply-To: <20231010200220.897953-1-john.allen@amd.com>
References: <20231010200220.897953-1-john.allen@amd.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 10 Oct 2023 20:03:45.7356
 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 833f4a0c-3326-4d60-1199-08dbc9cc02a8
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: 
 TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com]
X-MS-Exchange-CrossTenant-AuthSource: 
 DS2PEPF0000343E.namprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB4170
Precedence: bulk
List-ID: <kvm.vger.kernel.org>
X-Mailing-List: kvm@vger.kernel.org

Series

SVM guest shadow stack support | expand

Use the KVM-governed features framework to track whether SHSTK can be by both userspace and guest for SVM. Signed-off-by: John Allen <john.allen@amd.com> --- arch/x86/kvm/svm/svm.c | 1 + 1 file changed, 1 insertion(+)

Comments

Maxim Levitsky Nov. 2, 2023, 6:07 p.m. UTC | #1

On Tue, 2023-10-10 at 20:02 +0000, John Allen wrote:
> Use the KVM-governed features framework to track whether SHSTK can be by
> both userspace and guest for SVM.
> 
> Signed-off-by: John Allen <john.allen@amd.com>
> ---
>  arch/x86/kvm/svm/svm.c | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
> index ee7c7d0a09ab..00a8cef3cbb8 100644
> --- a/arch/x86/kvm/svm/svm.c
> +++ b/arch/x86/kvm/svm/svm.c
> @@ -4366,6 +4366,7 @@ static void svm_vcpu_after_set_cpuid(struct kvm_vcpu *vcpu)
>  	kvm_governed_feature_check_and_set(vcpu, X86_FEATURE_PFTHRESHOLD);
>  	kvm_governed_feature_check_and_set(vcpu, X86_FEATURE_VGIF);
>  	kvm_governed_feature_check_and_set(vcpu, X86_FEATURE_VNMI);
> +	kvm_governed_feature_check_and_set(vcpu, X86_FEATURE_SHSTK);
>  
>  	svm_recalc_instruction_intercepts(vcpu, svm);
>  

Reviewed-by: Maxim Levitsky <mlevitsk@redhat.com>

Best regards,
	Maxim Levitsky

diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
index ee7c7d0a09ab..00a8cef3cbb8 100644
--- a/arch/x86/kvm/svm/svm.c
+++ b/arch/x86/kvm/svm/svm.c
@@ -4366,6 +4366,7 @@  static void svm_vcpu_after_set_cpuid(struct kvm_vcpu *vcpu)
 	kvm_governed_feature_check_and_set(vcpu, X86_FEATURE_PFTHRESHOLD);
 	kvm_governed_feature_check_and_set(vcpu, X86_FEATURE_VGIF);
 	kvm_governed_feature_check_and_set(vcpu, X86_FEATURE_VNMI);
+	kvm_governed_feature_check_and_set(vcpu, X86_FEATURE_SHSTK);
 
 	svm_recalc_instruction_intercepts(vcpu, svm);

[8/9] KVM: SVM: Use KVM-governed features to track SHSTK

Commit Message

Comments

Patch