[RFC,v4,0/5] This patch-set is to enable Guest

Message ID	20190318151131.15649-1-weijiang.yang@intel.com (mailing list archive)
Headers	show Return-Path: <qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org> From: Yang Weijiang <weijiang.yang@intel.com> To: pbonzini@redhat.com, qemu-devel@nongnu.org, mst@redhat.com, cdupontd@redhat.com, rkrcmar@redhat.com, sean.j.christopherson@intel.com Date: Mon, 18 Mar 2019 23:11:26 +0800 Message-Id: <20190318151131.15649-1-weijiang.yang@intel.com> Subject: [Qemu-devel] [RFC PATCH v4 0/5] This patch-set is to enable Guest Precedence: list Cc: Yang Weijiang <weijiang.yang@intel.com> Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" <qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org>
Series	This patch-set is to enable Guest \| expand [RFC,v4,0/5] This patch-set is to enable Guest [RFC,v4,1/5] Add CET xsaves/xrstors related macros and structures. [RFC,v4,2/5] Add CET SHSTK and IBT CPUID feature-word definitions. [RFC,v4,3/5] Add hepler functions for CPUID xsave area size calculation. [RFC,v4,4/5] Report CPUID xsave area support for CET. [RFC,v4,5/5] Add CET MSR save/restore support for migration

Message ID

20190318151131.15649-1-weijiang.yang@intel.com (mailing list archive)

Headers

From: Yang Weijiang <weijiang.yang@intel.com>
To: pbonzini@redhat.com, qemu-devel@nongnu.org, mst@redhat.com,
	cdupontd@redhat.com, rkrcmar@redhat.com, sean.j.christopherson@intel.com
Date: Mon, 18 Mar 2019 23:11:26 +0800
Message-Id: <20190318151131.15649-1-weijiang.yang@intel.com>
Subject: [Qemu-devel] [RFC PATCH v4 0/5] This patch-set is to enable Guest
Precedence: list
Cc: Yang Weijiang <weijiang.yang@intel.com>
Errors-To: 
 qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org
Sender: "Qemu-devel"
	<qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org>

Series

This patch-set is to enable Guest | expand

Message

Yang, Weijiang March 18, 2019, 3:11 p.m. UTC

Control-flow Enforcement Technology (CET) provides protection against
return/jump-oriented programming (ROP) attacks. To make kvm Guest OS own
the capability, this patch-set is required. It enables CET related CPUID
report, xsaves/xrstors and live-migration etc. in Qemu.

Changelog:
 v4:
 - Added MSR read/write interface for PL1_SSP/PL2_SSP.
 - Removed CET structures from X86XSaveArea.
 - Cleared ebx in return of CPUID.(EAX=d, ECX=1).

 v3:
 - Add CET MSR save/restore support for live-migration.

 v2:
 - In CPUID.(EAX=d, ECX=1), set return ECX[n] = 0 if bit n corresponds
   to a bit in MSR_IA32_XSS.
 - In CPUID.(EAX=d, ECX=n), set return ECX = 1 if bit n corresponds
   to a bit in MSR_IA32_XSS.
 - Skip Supervisor mode xsave component when calculate User mode
   xave component size in xsave_area_size() and x86_cpu_reset().

Yang Weijiang (5):
  Add CET xsaves/xrstors related macros and structures.
  Add CET SHSTK and IBT CPUID feature-word definitions.
  Add hepler functions for CPUID xsave area size calculation.
  Report CPUID xsave area support for CET.
  Add CET MSR save/restore support for migration

 target/i386/cpu.c     |  56 ++++++++++++++++-
 target/i386/cpu.h     |  49 ++++++++++++++-
 target/i386/kvm.c     |  53 ++++++++++++++++
 target/i386/machine.c | 141 ++++++++++++++++++++++++++++++++++++++++++
 4 files changed, 295 insertions(+), 4 deletions(-)