From: "Xin Li (Intel)" <[email protected]> Both FRED and CET shadow stack define the MSR MSR_IA32_PL0_SSP (aka MSR_IA32_FRED_SSP0 in FRED spec).
MSR_IA32_PL0_SSP is a FRED SSP MSR, so that if a processor doesn't support CET shadow stack, FRED transitions won't use MSR_IA32_PL0_SSP, but this MSR would still be accessible using MSR-access instructions (e.g., RDMSR, WRMSR). Therefore, save/restore SSP0 MSR for FRED. Tested-by: Farrah Chen <[email protected]> Signed-off-by: Xin Li (Intel) <[email protected]> Signed-off-by: Zhao Liu <[email protected]> --- Changes Since v3: - New commit. --- target/i386/cpu.h | 6 ++++++ target/i386/kvm/kvm.c | 13 +++++++++++++ 2 files changed, 19 insertions(+) diff --git a/target/i386/cpu.h b/target/i386/cpu.h index f4cb1dc49b71..0432af1769d2 100644 --- a/target/i386/cpu.h +++ b/target/i386/cpu.h @@ -554,6 +554,9 @@ typedef enum X86Seg { #define MSR_IA32_FRED_SSP3 0x000001d3 /* Stack level 3 shadow stack pointer in ring 0 */ #define MSR_IA32_FRED_CONFIG 0x000001d4 /* FRED Entrypoint and interrupt stack level */ +/* FRED and CET MSR */ +#define MSR_IA32_PL0_SSP 0x000006a4 /* ring-0 shadow stack pointer (aka MSR_IA32_FRED_SSP0 for FRED) */ + #define MSR_IA32_BNDCFGS 0x00000d90 #define MSR_IA32_XSS 0x00000da0 #define MSR_IA32_UMWAIT_CONTROL 0xe1 @@ -1973,6 +1976,9 @@ typedef struct CPUArchState { uint64_t fred_config; #endif + /* MSR used for both FRED and CET (SHSTK) */ + uint64_t pl0_ssp; + uint64_t tsc_adjust; uint64_t tsc_deadline; uint64_t tsc_aux; diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c index 60c798113823..00fead0827ed 100644 --- a/target/i386/kvm/kvm.c +++ b/target/i386/kvm/kvm.c @@ -4008,6 +4008,11 @@ static int kvm_put_msrs(X86CPU *cpu, KvmPutState level) kvm_msr_entry_add(cpu, MSR_IA32_FRED_SSP2, env->fred_ssp2); kvm_msr_entry_add(cpu, MSR_IA32_FRED_SSP3, env->fred_ssp3); kvm_msr_entry_add(cpu, MSR_IA32_FRED_CONFIG, env->fred_config); + /* + * Aka MSR_IA32_FRED_SSP0. This MSR is accessible even if + * CET shadow stack is not supported. + */ + kvm_msr_entry_add(cpu, MSR_IA32_PL0_SSP, env->pl0_ssp); } } #endif @@ -4495,6 +4500,11 @@ static int kvm_get_msrs(X86CPU *cpu) kvm_msr_entry_add(cpu, MSR_IA32_FRED_SSP2, 0); kvm_msr_entry_add(cpu, MSR_IA32_FRED_SSP3, 0); kvm_msr_entry_add(cpu, MSR_IA32_FRED_CONFIG, 0); + /* + * Aka MSR_IA32_FRED_SSP0. This MSR is accessible even if + * CET shadow stack is not supported. + */ + kvm_msr_entry_add(cpu, MSR_IA32_PL0_SSP, 0); } } #endif @@ -4746,6 +4756,9 @@ static int kvm_get_msrs(X86CPU *cpu) case MSR_IA32_FRED_CONFIG: env->fred_config = msrs[i].data; break; + case MSR_IA32_PL0_SSP: /* aka MSR_IA32_FRED_SSP0 */ + env->pl0_ssp = msrs[i].data; + break; #endif case MSR_IA32_TSC: env->tsc = msrs[i].data; -- 2.34.1
