From patchwork Tue Mar 25 17:41:08 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Andrew Cooper <andrew.cooper3@citrix.com>
X-Patchwork-Id: 14029319
Return-Path: <xen-devel-bounces@lists.xenproject.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.lore.kernel.org (Postfix) with ESMTPS id 60AF1C36008
	for <xen-devel@archiver.kernel.org>; Tue, 25 Mar 2025 17:41:24 +0000 (UTC)
Received: from list by lists.xenproject.org with
 outflank-mailman.926851.1329691 (Exim 4.92)
	(envelope-from <xen-devel-bounces@lists.xenproject.org>)
	id 1tx8H5-0004HV-QM; Tue, 25 Mar 2025 17:41:15 +0000
X-Outflank-Mailman: Message body and most headers restored to incoming version
Received: by outflank-mailman (output) from mailman id 926851.1329691;
 Tue, 25 Mar 2025 17:41:15 +0000
Received: from localhost ([127.0.0.1] helo=lists.xenproject.org)
	by lists.xenproject.org with esmtp (Exim 4.92)
	(envelope-from <xen-devel-bounces@lists.xenproject.org>)
	id 1tx8H5-0004Gn-MO; Tue, 25 Mar 2025 17:41:15 +0000
Received: by outflank-mailman (input) for mailman id 926851;
 Tue, 25 Mar 2025 17:41:14 +0000
Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254]
 helo=se1-gles-sth1.inumbo.com)
 by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from
 <SRS0=+BiV=WM=cloud.com=andrew.cooper@srs-se1.protection.inumbo.net>)
 id 1tx8H4-00045y-Aj
 for xen-devel@lists.xenproject.org; Tue, 25 Mar 2025 17:41:14 +0000
Received: from mail-wm1-x331.google.com (mail-wm1-x331.google.com
 [2a00:1450:4864:20::331])
 by se1-gles-sth1.inumbo.com (Halon) with ESMTPS
 id 58ce70f9-09a0-11f0-9ea3-5ba50f476ded;
 Tue, 25 Mar 2025 18:41:13 +0100 (CET)
Received: by mail-wm1-x331.google.com with SMTP id
 5b1f17b1804b1-43d04dc73b7so62128485e9.3
 for <xen-devel@lists.xenproject.org>; Tue, 25 Mar 2025 10:41:13 -0700 (PDT)
Received: from localhost.localdomain (host-92-26-98-202.as13285.net.
 [92.26.98.202]) by smtp.gmail.com with ESMTPSA id
 5b1f17b1804b1-43d4fdbd0a9sm158386185e9.38.2025.03.25.10.41.11
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Tue, 25 Mar 2025 10:41:12 -0700 (PDT)
X-BeenThere: xen-devel@lists.xenproject.org
List-Id: Xen developer discussion <xen-devel.lists.xenproject.org>
List-Unsubscribe: <https://lists.xenproject.org/mailman/options/xen-devel>,
 <mailto:xen-devel-request@lists.xenproject.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xenproject.org>
List-Help: <mailto:xen-devel-request@lists.xenproject.org?subject=help>
List-Subscribe: <https://lists.xenproject.org/mailman/listinfo/xen-devel>,
 <mailto:xen-devel-request@lists.xenproject.org?subject=subscribe>
Errors-To: xen-devel-bounces@lists.xenproject.org
Precedence: list
Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org>
X-Inumbo-ID: 58ce70f9-09a0-11f0-9ea3-5ba50f476ded
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=citrix.com; s=google; t=1742924473; x=1743529273;
 darn=lists.xenproject.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:from:to:cc:subject:date
         :message-id:reply-to;
        bh=39zuQsNX+5s9i10elnMfxeTcLe1AG54UNFOTJvkzFeQ=;
        b=jDm1GHfuQGstW/K4HYt68g2TJFwvM4PWt7EMgzQWk5w/80EVKcmtrrmfVOoglq6AUe
         FG4TVGB5qifj8lEG5J+clTrTLEOvJ95VImjk6bYUtREkPL/wo/LZxtrkzagy6Qq3tGe3
         uR6f86GpmQbadcs1w3LAX1IiWkSfc/LCYE3g0=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1742924473; x=1743529273;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=39zuQsNX+5s9i10elnMfxeTcLe1AG54UNFOTJvkzFeQ=;
        b=i+GI/axR/i5EPIk55+Tn0FBkls4mpEp/8qOJijwBqRttLD5td0sFT0GTMEFDh9sdGC
         v8A9FmtcZyphEkmUBJsOCrO+OcQZy9x95BU9LpM+EbFrpK02wrun2jblPSIxp16WjUrT
         gO7pVDnjsUfM7osr7dE1Gt/zAIiBeZ5tfsLgS1aZSoXkkgkG8wr1vUH9/mJ5ivfeRvwr
         jt/NPFN5abdUJQnhZCzyOINMkLxZgYOsW7xcMm8u3BAEEs8e9viA2jfhLJZBy/yQ2pPO
         HF3Sqqck37/TgVSSymqTSIQfhY4X532xH8QJQ2AkaIyPChg9hrIK+Q1mmH21K4IoJnQW
         a9OA==
X-Gm-Message-State: AOJu0YwnLYiIE2/zJmu10D0d4ZFRqwXqxwWkHcS565+HkdvTetYiskGH
	MuUn/Z44oIdN9F9op4zGQmRCiDm5DwIIK+vQxb2uwkVPQigkxHFZHSrpeIAHD2FP/lzw4avHV89
	cQbQ=
X-Gm-Gg: ASbGnctnLGjn54pwjiEl876isY4szBFllePrhdjm1Tx3p7dQ96p7ROueGlW4mUKShPz
	6AUbcEIMf/c7D3viWaA6IHbIYTBmFpUgr1r9SGjdPZ1gDSiX2AOlSRHRJy80/siAfgC4rWp7w78
	//wLm/em8RFJVMlUxQ+nEI5EAM/QOwxURAkktJNmJ98QxKLvERhvXppZE82mJo1CfPPrtnP7PRH
	Aufan8ViTTUuPz1NTS+4gKHBf2xK+sAEAIqCGaOHbTPHHbkYfxg+jQei75xKPUiJmYmS9D036H1
	HKd/26DJNGnaMNFAeFuxN2seuOFvV5lVHA/vcuhJeZSpbXIjDVwu5s5Lyi4fn62kLsIz3cMcgs9
	I3ybRb38yjFOVw57RZw==
X-Google-Smtp-Source: 
 AGHT+IEcr5Ypu2eA71qKcEz4MS9slSJvj8G8O1faoSHHalixmW5/AiBaSDWbwNspqBwt7JbzAdaqJw==
X-Received: by 2002:a05:600c:8488:b0:43c:f5fe:5c26 with SMTP id
 5b1f17b1804b1-43d6dc2e933mr38171095e9.4.1742924473028;
        Tue, 25 Mar 2025 10:41:13 -0700 (PDT)
From: Andrew Cooper <andrew.cooper3@citrix.com>
To: Xen-devel <xen-devel@lists.xenproject.org>
Cc: Andrew Cooper <andrew.cooper3@citrix.com>,
 Jan Beulich <JBeulich@suse.com>,
 =?utf-8?q?Roger_Pau_Monn=C3=A9?= <roger.pau@citrix.com>, =?utf-8?q?Petr_Ben?=
	=?utf-8?q?e=C5=A1?= <w1benny@gmail.com>
Subject: [PATCH 1/2] x86/hvm: Rearrange the logic in hvmemul_{read,write}_cr()
Date: Tue, 25 Mar 2025 17:41:08 +0000
Message-Id: <20250325174109.267974-2-andrew.cooper3@citrix.com>
X-Mailer: git-send-email 2.39.5
In-Reply-To: <20250325174109.267974-1-andrew.cooper3@citrix.com>
References: <20250325174109.267974-1-andrew.cooper3@citrix.com>
MIME-Version: 1.0

In hvmemul_read_cr(), make the TRACE()/X86EMUL_OKAY path common in preparation
for adding a %cr8 case.  Use a local 'val' variable instead of always
operating on a deferenced pointer.

In both, calculate curr once.

No functional change.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
---
CC: Jan Beulich <JBeulich@suse.com>
CC: Roger Pau Monné <roger.pau@citrix.com>
CC: Petr Beneš <w1benny@gmail.com>

v2:
 * New
---
 xen/arch/x86/hvm/emulate.c | 24 ++++++++++++++++--------
 1 file changed, 16 insertions(+), 8 deletions(-)

diff --git a/xen/arch/x86/hvm/emulate.c b/xen/arch/x86/hvm/emulate.c
index dbf6b5543adf..172ed55bd5e7 100644
--- a/xen/arch/x86/hvm/emulate.c
+++ b/xen/arch/x86/hvm/emulate.c
@@ -2273,23 +2273,30 @@ static int cf_check hvmemul_write_io(
 
 static int cf_check hvmemul_read_cr(
     unsigned int reg,
-    unsigned long *val,
+    unsigned long *_val,
     struct x86_emulate_ctxt *ctxt)
 {
+    struct vcpu *curr = current;
+    unsigned long val;
+
     switch ( reg )
     {
     case 0:
     case 2:
     case 3:
     case 4:
-        *val = current->arch.hvm.guest_cr[reg];
-        TRACE(TRC_HVM_CR_READ64, reg, *val, *val >> 32);
-        return X86EMUL_OKAY;
-    default:
+        val = curr->arch.hvm.guest_cr[reg];
         break;
+
+    default:
+        return X86EMUL_UNHANDLEABLE;
     }
 
-    return X86EMUL_UNHANDLEABLE;
+    TRACE(TRC_HVM_CR_READ64, reg, val, val >> 32);
+
+    *_val = val;
+
+    return X86EMUL_OKAY;
 }
 
 static int cf_check hvmemul_write_cr(
@@ -2297,6 +2304,7 @@ static int cf_check hvmemul_write_cr(
     unsigned long val,
     struct x86_emulate_ctxt *ctxt)
 {
+    struct vcpu *curr = current;
     int rc;
 
     TRACE(TRC_HVM_CR_WRITE64, reg, val, val >> 32);
@@ -2307,13 +2315,13 @@ static int cf_check hvmemul_write_cr(
         break;
 
     case 2:
-        current->arch.hvm.guest_cr[2] = val;
+        curr->arch.hvm.guest_cr[2] = val;
         rc = X86EMUL_OKAY;
         break;
 
     case 3:
     {
-        bool noflush = hvm_pcid_enabled(current) && (val & X86_CR3_NOFLUSH);
+        bool noflush = hvm_pcid_enabled(curr) && (val & X86_CR3_NOFLUSH);
 
         if ( noflush )
             val &= ~X86_CR3_NOFLUSH;

From patchwork Tue Mar 25 17:41:09 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Andrew Cooper <andrew.cooper3@citrix.com>
X-Patchwork-Id: 14029321
Return-Path: <xen-devel-bounces@lists.xenproject.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.lore.kernel.org (Postfix) with ESMTPS id 4F051C3600B
	for <xen-devel@archiver.kernel.org>; Tue, 25 Mar 2025 17:41:26 +0000 (UTC)
Received: from list by lists.xenproject.org with
 outflank-mailman.926852.1329706 (Exim 4.92)
	(envelope-from <xen-devel-bounces@lists.xenproject.org>)
	id 1tx8H7-0004h9-64; Tue, 25 Mar 2025 17:41:17 +0000
X-Outflank-Mailman: Message body and most headers restored to incoming version
Received: by outflank-mailman (output) from mailman id 926852.1329706;
 Tue, 25 Mar 2025 17:41:17 +0000
Received: from localhost ([127.0.0.1] helo=lists.xenproject.org)
	by lists.xenproject.org with esmtp (Exim 4.92)
	(envelope-from <xen-devel-bounces@lists.xenproject.org>)
	id 1tx8H7-0004h2-2j; Tue, 25 Mar 2025 17:41:17 +0000
Received: by outflank-mailman (input) for mailman id 926852;
 Tue, 25 Mar 2025 17:41:15 +0000
Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254]
 helo=se1-gles-sth1.inumbo.com)
 by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from
 <SRS0=+BiV=WM=cloud.com=andrew.cooper@srs-se1.protection.inumbo.net>)
 id 1tx8H5-00045y-PP
 for xen-devel@lists.xenproject.org; Tue, 25 Mar 2025 17:41:15 +0000
Received: from mail-wr1-x42e.google.com (mail-wr1-x42e.google.com
 [2a00:1450:4864:20::42e])
 by se1-gles-sth1.inumbo.com (Halon) with ESMTPS
 id 59b17cf4-09a0-11f0-9ea3-5ba50f476ded;
 Tue, 25 Mar 2025 18:41:15 +0100 (CET)
Received: by mail-wr1-x42e.google.com with SMTP id
 ffacd0b85a97d-39127512371so3993715f8f.0
 for <xen-devel@lists.xenproject.org>; Tue, 25 Mar 2025 10:41:15 -0700 (PDT)
Received: from localhost.localdomain (host-92-26-98-202.as13285.net.
 [92.26.98.202]) by smtp.gmail.com with ESMTPSA id
 5b1f17b1804b1-43d4fdbd0a9sm158386185e9.38.2025.03.25.10.41.13
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Tue, 25 Mar 2025 10:41:13 -0700 (PDT)
X-BeenThere: xen-devel@lists.xenproject.org
List-Id: Xen developer discussion <xen-devel.lists.xenproject.org>
List-Unsubscribe: <https://lists.xenproject.org/mailman/options/xen-devel>,
 <mailto:xen-devel-request@lists.xenproject.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xenproject.org>
List-Help: <mailto:xen-devel-request@lists.xenproject.org?subject=help>
List-Subscribe: <https://lists.xenproject.org/mailman/listinfo/xen-devel>,
 <mailto:xen-devel-request@lists.xenproject.org?subject=subscribe>
Errors-To: xen-devel-bounces@lists.xenproject.org
Precedence: list
Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org>
X-Inumbo-ID: 59b17cf4-09a0-11f0-9ea3-5ba50f476ded
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=citrix.com; s=google; t=1742924474; x=1743529274;
 darn=lists.xenproject.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:from:to:cc:subject:date
         :message-id:reply-to;
        bh=5pcwLJmB1yC+r9MBb3YQ0Qzf5TTJGwAw3sPrq/2+5tw=;
        b=FdWJrVMCr0DYaSCiSET4fXp3z1WCio8trnCy84gsOCMuiOwoQIZvDiMsIEzh0du0dV
         u8KfztBPRc0T3zBoA1S4CpXhj0jsd97/JE1Jm4XOZWaxFQui7knpisUbJyzUkHqWjo44
         bjO5UU5u5/gBeBeeralf9bHFZMnaUL3cgn6Q0=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1742924474; x=1743529274;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=5pcwLJmB1yC+r9MBb3YQ0Qzf5TTJGwAw3sPrq/2+5tw=;
        b=QxBJ1UfKNsnTld1+x6z8qolxlxKadWsoOdgtAihbZX2r0x+p/NofIcHf4sWIlXC6yT
         b+X8g3zXBq4kbS+8AIWRyLx2jLBEQLSb+mEO7Wh33Xc8c0+0D3oBeBd0jSWv1l/uRVdO
         8hWiyjFLpLLiHEX9FOI5BcMAMccvwXcyQWhXGXjIEcp7V0JyFd3awv63Xtpm9e2T79Yg
         eV1+bh99EDknz6VfO81Ny8Qpkb0Dxzo562ysfGpQhxOUW5l7QZQeUcC8FN+TRQdsyhkx
         PiWwaJwOti3/Bt4wZk7f7SbGkxvt9RAefkaAtbEMBL2ei7eB4oQMHBuOmUJqNET6dASV
         aWIA==
X-Gm-Message-State: AOJu0YwLrFTNwislOPBg74xjtzg8zvI0P7hzp0EGkSgYCVDOhY3Oq1oE
	dDacx7oCy2rC5YG0ymGgy2R8eu7lRMQfOD5hKZe422Dr7Na5ivAn9r4FwEAkXRZjB/9OD2Byyfd
	iVoE=
X-Gm-Gg: ASbGnctJcSvJ8PmQD1wyvw5GQWadZzNqHeAtnAtveQH7KZy3QxRifXBT53kjThEF9aN
	S1zGiPtoifseIHck0e6lxSNgblEpurornkW3x1myqIhutZo0boU/FpFyissA+c9slfGl9mSKnkU
	7ReOASBPU0kSyDYq2msLjZw0d1HvFXYujOmLZP7XQTO4HrRGN8HI8K5aFu2N6Tiy4qbqJG1yUQK
	om9O5Ybi+LibNv0CuWH5oXGl9bfGfBhey5bi6e6lDvKNPT+6XNlxzh6ktrtfGCCkBN6UuR4Xu7C
	lZJi9jxIme9H+cP+/nIOC+/Vysd3o62rcUsqlWGPjA6eWiqSeQ3hNm0jtDTU0qUrBfNmSrJyUMr
	a7s+Zd2Ty1QkKvUoTrOE0SUMSRadb
X-Google-Smtp-Source: 
 AGHT+IGnA1nhRYU/s0KClBcfRPcWZiRte8COkIcLEjxWQDpxV0xFR5pLYXSeSmb88ByK93Z4Ot2Atg==
X-Received: by 2002:a05:6000:2b08:b0:391:13ef:1b1b with SMTP id
 ffacd0b85a97d-3997f90ecd8mr10847032f8f.30.1742924474538;
        Tue, 25 Mar 2025 10:41:14 -0700 (PDT)
From: Andrew Cooper <andrew.cooper3@citrix.com>
To: Xen-devel <xen-devel@lists.xenproject.org>
Cc: Andrew Cooper <andrew.cooper3@citrix.com>,
 =?utf-8?q?Petr_Bene=C5=A1?= <w1benny@gmail.com>,
 Jan Beulich <JBeulich@suse.com>,
 =?utf-8?q?Roger_Pau_Monn=C3=A9?= <roger.pau@citrix.com>
Subject: [PATCH 2/2] x86/emul: Emulate %cr8 accesses
Date: Tue, 25 Mar 2025 17:41:09 +0000
Message-Id: <20250325174109.267974-3-andrew.cooper3@citrix.com>
X-Mailer: git-send-email 2.39.5
In-Reply-To: <20250325174109.267974-1-andrew.cooper3@citrix.com>
References: <20250325174109.267974-1-andrew.cooper3@citrix.com>
MIME-Version: 1.0

Petr reports:

  (XEN) MMIO emulation failed (1): d12v1 64bit @ 0010:fffff8057ba7dfbf -> 45 0f 20 c2 ...

during introspection.

This is MOV %cr8, which is wired up for hvm_mov_{to,from}_cr(); the VMExit
fastpaths, but not for the full emulation slowpaths.

Xen's handling of %cr8 turns out to be quite wrong.  At a minimum, we need
storage for %cr8 separate to APIC_TPR, and to alter intercepts based on
whether the vLAPIC is enabled or not.  But that's more work than there is time
for in the short term, so make a stopgap fix.

Extend hvmemul_{read,write}_cr() with %cr8 cases.  Unlike hvm_mov_to_cr(),
hardware hasn't filtered out invalid values (#GP checks are ahead of
intercepts), so introduce X86_CR8_VALID_MASK.

Reported-by: Petr Beneš <w1benny@gmail.com>
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
---
CC: Jan Beulich <JBeulich@suse.com>
CC: Roger Pau Monné <roger.pau@citrix.com>
CC: Petr Beneš <w1benny@gmail.com>

v2:
 * Check for reserved bits

In CPUs, CR8 has has 4 bits of storage, and can explicitly get out of sync of
APIC_TPR if the the LAPIC is hardware-disabled in MSR_APIC_BASE.  Writes to
APIC_TPR don't get reflected back into CR8 (according to AMD at least).  Both
Intel and AMD accelerate TPR differently; SVM in the base architecture, and
VT-x as the ~first optional extension.
---
 xen/arch/x86/hvm/emulate.c           | 15 +++++++++++++++
 xen/arch/x86/include/asm/x86-defns.h |  2 ++
 2 files changed, 17 insertions(+)

diff --git a/xen/arch/x86/hvm/emulate.c b/xen/arch/x86/hvm/emulate.c
index 172ed55bd5e7..61aa356d5736 100644
--- a/xen/arch/x86/hvm/emulate.c
+++ b/xen/arch/x86/hvm/emulate.c
@@ -2288,6 +2288,10 @@ static int cf_check hvmemul_read_cr(
         val = curr->arch.hvm.guest_cr[reg];
         break;
 
+    case 8:
+        val = (vlapic_get_reg(vcpu_vlapic(curr), APIC_TASKPRI) & 0xf0) >> 4;
+        break;
+
     default:
         return X86EMUL_UNHANDLEABLE;
     }
@@ -2333,6 +2337,17 @@ static int cf_check hvmemul_write_cr(
         rc = hvm_set_cr4(val, true);
         break;
 
+    case 8:
+        if ( val & ~X86_CR8_VALID_MASK )
+        {
+            rc = X86EMUL_EXCEPTION;
+            break;
+        }
+
+        vlapic_set_reg(vcpu_vlapic(curr), APIC_TASKPRI, val << 4);
+        rc = X86EMUL_OKAY;
+        break;
+
     default:
         rc = X86EMUL_UNHANDLEABLE;
         break;
diff --git a/xen/arch/x86/include/asm/x86-defns.h b/xen/arch/x86/include/asm/x86-defns.h
index 61b0cea8f37c..23579c471f4a 100644
--- a/xen/arch/x86/include/asm/x86-defns.h
+++ b/xen/arch/x86/include/asm/x86-defns.h
@@ -76,6 +76,8 @@
 #define X86_CR4_CET        0x00800000 /* Control-flow Enforcement Technology */
 #define X86_CR4_PKS        0x01000000 /* Protection Key Supervisor */
 
+#define X86_CR8_VALID_MASK 0xf
+
 /*
  * XSTATE component flags in XCR0 | MSR_XSS
  */