KVM: x86: Report KVM supported CET MSRs as to-be-saved

Add CET MSRs to the list of MSRs reported to userspace if the feature,
i.e. IBT or SHSTK, associated with the MSRs is supported by KVM.

Suggested-by: Chao Gao <chao.gao@intel.com>
Signed-off-by: Yang Weijiang <weijiang.yang@intel.com>
Tested-by: Mathias Krause <minipli@grsecurity.net>
Tested-by: John Allen <john.allen@amd.com>
Tested-by: Rick Edgecombe <rick.p.edgecombe@intel.com>
Signed-off-by: Chao Gao <chao.gao@intel.com>
Reviewed-by: Binbin Wu <binbin.wu@linux.intel.com>
Reviewed-by: Xiaoyao Li <xiaoyao.li@intel.com>
Link: https://lore.kernel.org/r/20250919223258.1604852-12-seanjc@google.com
Signed-off-by: Sean Christopherson <seanjc@google.com>

diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index 6d67c969e18a089c14a9c4ff7a212c6069916afb..5f23d2d2731d4c3954f1b62feb97aa927db5d4b7 100644 (file)
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -344,6 +344,10 @@ static const u32 msrs_to_save_base[] = {
        MSR_IA32_UMWAIT_CONTROL,
 
        MSR_IA32_XFD, MSR_IA32_XFD_ERR, MSR_IA32_XSS,
+
+       MSR_IA32_U_CET, MSR_IA32_S_CET,
+       MSR_IA32_PL0_SSP, MSR_IA32_PL1_SSP, MSR_IA32_PL2_SSP,
+       MSR_IA32_PL3_SSP, MSR_IA32_INT_SSP_TAB,
 };
 
 static const u32 msrs_to_save_pmu[] = {
@@ -7603,6 +7607,20 @@ static void kvm_probe_msr_to_save(u32 msr_index)
                if (!kvm_caps.supported_xss)
                        return;
                break;
+       case MSR_IA32_U_CET:
+       case MSR_IA32_S_CET:
+               if (!kvm_cpu_cap_has(X86_FEATURE_SHSTK) &&
+                   !kvm_cpu_cap_has(X86_FEATURE_IBT))
+                       return;
+               break;
+       case MSR_IA32_INT_SSP_TAB:
+               if (!kvm_cpu_cap_has(X86_FEATURE_LM))
+                       return;
+               fallthrough;
+       case MSR_IA32_PL0_SSP ... MSR_IA32_PL3_SSP:
+               if (!kvm_cpu_cap_has(X86_FEATURE_SHSTK))
+                       return;
+               break;
        default:
                break;
        }