On Fri, 2023-04-21 at 09:46 -0400, Yang Weijiang wrote: > Introduce a host-only synthetic MSR, MSR_KVM_GUEST_SSP, so that the > VMM > can read/write the guest's SSP, e.g. to migrate CET state. Use a > synthetic > MSR, e.g. as opposed to a VCPU_REG_, as GUEST_SSP is subject to the > same > consistency checks as the PL*_SSP MSRs, i.e. can share code. It seems this is exposed to the guest? I'm thinking maybe it should not be. IA32_PL0_SSP comes with some extra checks, so MSR_KVM_GUEST_SSP seems a bit powerful. I think the guest doesn't need it either.
