[v1] Support for SEV-ES guest shadow stack

[PATCH 0/2] Support for SEV-ES guest shadow stack

John Allen posted 2 patches 1 month, 4 weeks ago

Diff against v2
Download series mbox

There is a newer version of this series

arch/x86/boot/compressed/sev.c    |  7 ++++---
arch/x86/boot/compressed/sev.h    |  6 +++---
arch/x86/boot/cpucheck.c          | 16 ++++++++--------
arch/x86/boot/msr.h               | 26 --------------------------
arch/x86/coco/sev/vc-shared.c     | 11 +++++++++++
arch/x86/include/asm/shared/msr.h | 15 +++++++++++++++
arch/x86/include/asm/svm.h        |  1 +
7 files changed, 42 insertions(+), 40 deletions(-)
delete mode 100644 arch/x86/boot/msr.h

Expand all Fold all

[PATCH 0/2] Support for SEV-ES guest shadow stack

Posted by John Allen 1 month, 4 weeks ago

For shadow stack support in SVM when using SEV-ES, the guest kernel needs to
save XSS to the GHCB in order for the hypervisor to determine the XSAVES save
area size.

This series can be applied independently of the hypervisor series in order to
support non-KVM hypervisors.

John Allen (2):
  x86/boot: Move boot_*msr helpers to asm/shared/msr.h
  x86/sev-es: Include XSS value in GHCB CPUID request

 arch/x86/boot/compressed/sev.c    |  7 ++++---
 arch/x86/boot/compressed/sev.h    |  6 +++---
 arch/x86/boot/cpucheck.c          | 16 ++++++++--------
 arch/x86/boot/msr.h               | 26 --------------------------
 arch/x86/coco/sev/vc-shared.c     | 11 +++++++++++
 arch/x86/include/asm/shared/msr.h | 15 +++++++++++++++
 arch/x86/include/asm/svm.h        |  1 +
 7 files changed, 42 insertions(+), 40 deletions(-)
 delete mode 100644 arch/x86/boot/msr.h

-- 
2.34.1