[PATCH v4 0/2] Support for SEV-ES guest shadow stack

Next message: John Allen: "[PATCH v4 1/2] x86/boot: Move boot_*msr helpers to asm/shared/msr.h"
Previous message: Peter Zijlstra: "Re: [PATCH v13 01/17] preempt: Track NMI nesting to separate per-CPU counter"
Next in thread: John Allen: "[PATCH v4 1/2] x86/boot: Move boot_*msr helpers to asm/shared/msr.h"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: John Allen

Date: Tue Oct 14 2025 - 15:44:19 EST

For shadow stack support in SVM when using SEV-ES, the guest kernel
needs to save XSS to the GHCB in order for the hypervisor to determine
the XSAVES save area size.
---
v4:
- Use CPUID_LEAF_XSTATE instead of open coding 0xd.
v3:
- Only CPUID.0xD.1 consumes XSS. Limit including XSS in GHCB for this
case.
v2:
- Update changelog for patch 2/2

John Allen (2):
x86/boot: Move boot_*msr helpers to asm/shared/msr.h
x86/sev-es: Include XSS value in GHCB CPUID request

arch/x86/boot/compressed/sev.c | 7 ++++---
arch/x86/boot/compressed/sev.h | 6 +++---
arch/x86/boot/cpucheck.c | 16 ++++++++--------
arch/x86/boot/msr.h | 26 --------------------------
arch/x86/coco/sev/vc-shared.c | 13 +++++++++++++
arch/x86/include/asm/shared/msr.h | 15 +++++++++++++++
arch/x86/include/asm/svm.h | 1 +
7 files changed, 44 insertions(+), 40 deletions(-)
delete mode 100644 arch/x86/boot/msr.h

--
2.47.3