On 10/24/2025 2:56 PM, Zhao Liu wrote:
> From: Yang Weijiang <weijiang.yang@intel.com>
>
> Add SHSTK and IBT flags in feature words with entry/exit
> control flags.
>
> CET SHSTK and IBT feature are enumerated via CPUID(EAX=7,ECX=0)
> ECX[bit 7] and EDX[bit 20]. CET states load/restore at vmentry/
> vmexit are controlled by VMX_ENTRY_CTLS[bit 20] and VMX_EXIT_CTLS[bit 28].
> Enable these flags so that KVM can enumerate the features properly.
>
> Tested-by: Farrah Chen <farrah.chen@intel.com>
> Signed-off-by: Yang Weijiang <weijiang.yang@intel.com>
> Co-developed-by: Chao Gao <chao.gao@intel.com>
> Signed-off-by: Chao Gao <chao.gao@intel.com>
> Co-developed-by: Zhao Liu <zhao1.liu@intel.com>
> Signed-off-by: Zhao Liu <zhao1.liu@intel.com>
Reviewed-by: Xiaoyao Li <xiaoyao.li@intel.com>
> ---
> Changes Since v2:
> - Rename "shstk"/"ibt" to "cet-ss"/"cet-ibt" to match feature names
> in SDM & APM.
> - Rename "vmx-exit-save-cet-ctl"/"vmx-entry-load-cet-ctl" to
> "vmx-exit-save-cet"/"vmx-entry-load-cet".
> - Define the feature mask macro for easier double check.
> ---
> target/i386/cpu.c | 8 ++++----
> target/i386/cpu.h | 2 ++
> 2 files changed, 6 insertions(+), 4 deletions(-)
>
> diff --git a/target/i386/cpu.c b/target/i386/cpu.c
> index c08066a338a3..9a1001c47891 100644
> --- a/target/i386/cpu.c
> +++ b/target/i386/cpu.c
> @@ -1221,7 +1221,7 @@ FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
> .type = CPUID_FEATURE_WORD,
> .feat_names = {
> NULL, "avx512vbmi", "umip", "pku",
> - NULL /* ospke */, "waitpkg", "avx512vbmi2", NULL,
> + NULL /* ospke */, "waitpkg", "avx512vbmi2", "cet-ss",
> "gfni", "vaes", "vpclmulqdq", "avx512vnni",
> "avx512bitalg", NULL, "avx512-vpopcntdq", NULL,
> "la57", NULL, NULL, NULL,
> @@ -1244,7 +1244,7 @@ FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
> "avx512-vp2intersect", NULL, "md-clear", NULL,
> NULL, NULL, "serialize", NULL,
> "tsx-ldtrk", NULL, NULL /* pconfig */, "arch-lbr",
> - NULL, NULL, "amx-bf16", "avx512-fp16",
> + "cet-ibt", NULL, "amx-bf16", "avx512-fp16",
> "amx-tile", "amx-int8", "spec-ctrl", "stibp",
> "flush-l1d", "arch-capabilities", "core-capability", "ssbd",
> },
> @@ -1666,7 +1666,7 @@ FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
> "vmx-exit-save-efer", "vmx-exit-load-efer",
> "vmx-exit-save-preemption-timer", "vmx-exit-clear-bndcfgs",
> NULL, "vmx-exit-clear-rtit-ctl", NULL, NULL,
> - NULL, "vmx-exit-load-pkrs", NULL, "vmx-exit-secondary-ctls",
> + "vmx-exit-save-cet", "vmx-exit-load-pkrs", NULL, "vmx-exit-secondary-ctls",
> },
> .msr = {
> .index = MSR_IA32_VMX_TRUE_EXIT_CTLS,
> @@ -1681,7 +1681,7 @@ FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
> NULL, "vmx-entry-ia32e-mode", NULL, NULL,
> NULL, "vmx-entry-load-perf-global-ctrl", "vmx-entry-load-pat", "vmx-entry-load-efer",
> "vmx-entry-load-bndcfgs", NULL, "vmx-entry-load-rtit-ctl", NULL,
> - NULL, NULL, "vmx-entry-load-pkrs", "vmx-entry-load-fred",
> + "vmx-entry-load-cet", NULL, "vmx-entry-load-pkrs", "vmx-entry-load-fred",
> NULL, NULL, NULL, NULL,
> NULL, NULL, NULL, NULL,
> },
> diff --git a/target/i386/cpu.h b/target/i386/cpu.h
> index ad4287822831..fa3e5d87fe50 100644
> --- a/target/i386/cpu.h
> +++ b/target/i386/cpu.h
> @@ -1369,6 +1369,7 @@ uint64_t x86_cpu_get_supported_feature_word(X86CPU *cpu, FeatureWord w);
> #define VMX_VM_EXIT_CLEAR_BNDCFGS 0x00800000
> #define VMX_VM_EXIT_PT_CONCEAL_PIP 0x01000000
> #define VMX_VM_EXIT_CLEAR_IA32_RTIT_CTL 0x02000000
> +#define VMX_VM_EXIT_SAVE_CET 0x10000000
> #define VMX_VM_EXIT_LOAD_IA32_PKRS 0x20000000
> #define VMX_VM_EXIT_ACTIVATE_SECONDARY_CONTROLS 0x80000000
>
> @@ -1382,6 +1383,7 @@ uint64_t x86_cpu_get_supported_feature_word(X86CPU *cpu, FeatureWord w);
> #define VMX_VM_ENTRY_LOAD_BNDCFGS 0x00010000
> #define VMX_VM_ENTRY_PT_CONCEAL_PIP 0x00020000
> #define VMX_VM_ENTRY_LOAD_IA32_RTIT_CTL 0x00040000
> +#define VMX_VM_ENTRY_LOAD_CET 0x00100000
> #define VMX_VM_ENTRY_LOAD_IA32_PKRS 0x00400000
>
> /* Supported Hyper-V Enlightenments */