This series implements Shadow Stack support for Xen to use.

You'll need a CET-capable toolchain (Binutils 2.32 and later), but no specific
compiler support required.

CET-SS makes PV32 unusable, so using shadow stacks prevents the use of 32bit
PV guests.  Compatibilty can be obtained using PV Shim

Andrew Cooper (16):
  x86/traps: Drop last_extable_addr
  x86/traps: Clean up printing in do_reserved_trap()/fatal_trap()
  x86/traps: Factor out exception_fixup() and make printing consistent
  x86/smpboot: Write the top-of-stack block in cpu_smpboot_alloc()
  x86/shstk: Introduce Supervisor Shadow Stack support
  x86/traps: Implement #CP handler and extend #PF for shadow stacks
  x86/shstk: Re-layout the stack block for shadow stacks
  x86/shstk: Create shadow stacks
  x86/cpu: Adjust enable_nmis() to be shadow stack compatible
  x86/cpu: Adjust reset_stack_and_jump() to be shadow stack compatible
  x86/spec-ctrl: Adjust DO_OVERWRITE_RSB to be shadow stack compatible
  x86/extable: Adjust extable handling to be shadow stack compatible
  x86/ioemul: Rewrite stub generation to be shadow stack compatible
  x86/alt: Adjust _alternative_instructions() to not create shadow stacks
  x86/entry: Adjust guest paths to be shadow stack compatible
  x86/shstk: Activate Supervisor Shadow Stacks

 xen/arch/x86/Kconfig                |  17 +++
 xen/arch/x86/acpi/wakeup_prot.S     |  56 ++++++++++
 xen/arch/x86/alternative.c          |  14 +++
 xen/arch/x86/boot/x86_64.S          |  30 +++++-
 xen/arch/x86/cpu/common.c           |  34 +++++-
 xen/arch/x86/crash.c                |   7 ++
 xen/arch/x86/ioport_emulate.c       |  11 +-
 xen/arch/x86/mm.c                   |  41 ++++---
 xen/arch/x86/pv/emul-priv-op.c      |  91 ++++++++++++----
 xen/arch/x86/pv/gpr_switch.S        |  37 ++-----
 xen/arch/x86/setup.c                |  56 ++++++++++
 xen/arch/x86/smpboot.c              |  10 +-
 xen/arch/x86/spec_ctrl.c            |   8 ++
 xen/arch/x86/traps.c                | 206 ++++++++++++++++++++++--------------
 xen/arch/x86/x86_64/compat/entry.S  |   2 +-
 xen/arch/x86/x86_64/entry.S         |  39 ++++++-
 xen/include/asm-x86/cpufeature.h    |   1 +
 xen/include/asm-x86/cpufeatures.h   |   1 +
 xen/include/asm-x86/current.h       |  59 ++++++++---
 xen/include/asm-x86/io.h            |   3 +-
 xen/include/asm-x86/mm.h            |   1 -
 xen/include/asm-x86/msr-index.h     |   3 +
 xen/include/asm-x86/page.h          |   1 +
 xen/include/asm-x86/processor.h     |  60 +++++++----
 xen/include/asm-x86/spec_ctrl_asm.h |  16 ++-
 xen/include/asm-x86/x86-defns.h     |  36 +++++++
 xen/include/asm-x86/x86_64/page.h   |   1 +
 xen/scripts/Kconfig.include         |   4 +
 28 files changed, 640 insertions(+), 205 deletions(-)

-- 
2.11.0