On 21/04/2020 08:11, Jan Beulich wrote: > On 20.04.2020 21:08, Andrew Cooper wrote: >> --- a/xen/include/public/arch-x86/cpufeatureset.h >> +++ b/xen/include/public/arch-x86/cpufeatureset.h >> @@ -229,6 +229,7 @@ XEN_CPUFEATURE(UMIP, 6*32+ 2) /*S User Mode >> Instruction Prevention */ >> XEN_CPUFEATURE(PKU, 6*32+ 3) /*H Protection Keys for Userspace */ >> XEN_CPUFEATURE(OSPKE, 6*32+ 4) /*! OS Protection Keys Enable */ >> XEN_CPUFEATURE(AVX512_VBMI2, 6*32+ 6) /*A Additional AVX-512 Vector Byte >> Manipulation Instrs */ >> +XEN_CPUFEATURE(CET_SS, 6*32+ 7) /* CET - Shadow Stacks */ >> XEN_CPUFEATURE(GFNI, 6*32+ 8) /*A Galois Field Instrs */ >> XEN_CPUFEATURE(VAES, 6*32+ 9) /*A Vector AES Instrs */ >> XEN_CPUFEATURE(VPCLMULQDQ, 6*32+10) /*A Vector Carry-less >> Multiplication Instrs */ >> @@ -255,6 +256,7 @@ XEN_CPUFEATURE(AVX512_4FMAPS, 9*32+ 3) /*A AVX512 >> Multiply Accumulation Single >> XEN_CPUFEATURE(MD_CLEAR, 9*32+10) /*A VERW clears microarchitectural >> buffers */ >> XEN_CPUFEATURE(TSX_FORCE_ABORT, 9*32+13) /* MSR_TSX_FORCE_ABORT.RTM_ABORT */ >> XEN_CPUFEATURE(IBRSB, 9*32+26) /*A IBRS and IBPB support (used by >> Intel) */ >> +XEN_CPUFEATURE(CET_IBT, 6*32+20) /* CET - Indirect Branch Tracking >> */ > s/6/9/, moved up a line, and then
Oops. I only spotted during final review that CET-SS and CET-IBT are in different feature leaves, then failed at adjusting the CET-IBT adequately. > Reviewed-by: Jan Beulich <jbeul...@suse.com> Thanks, > > I take it you intentionally don't mean to add #CP related bits yet, > first and foremost TRAP_control_flow or some such, as well as its > error code bits? Nor definitions for the bits within the MSRs you > add, nor XSAVE pieces? Those pieces aren't necessary to hide the MSRs, whereas this patch wants backporting in due course. Every "make the MSRs have correct architectural properties" will until MSR handling is fixed properly (and by this, I mean no default cases which leak state/availability, or discard writes). ~Andrew
