On Thu, 2023-09-14 at 02:33 -0400, Yang Weijiang wrote: > Remove XFEATURE_CET_USER entry from dependency array as the entry > doesn't > reflect true dependency between CET features and the xstate bit, > instead > manually check and add the bit back if either SHSTK or IBT is > supported. > > Both user mode shadow stack and indirect branch tracking features > depend > on XFEATURE_CET_USER bit in XSS to automatically save/restore user > mode > xstate registers, i.e., IA32_U_CET and IA32_PL3_SSP whenever > necessary. > > Although in real world a platform with IBT but no SHSTK is rare, but > in > virtualization world it's common, guest SHSTK and IBT can be > controlled > independently via userspace app. Nit, not sure we can assert it's common yet. It's true in general that guests can have CPUID combinations that don't appear in real world of course. Is that what you meant? Also, this doesn't discuss the real main reason for this patch, and that is that KVM will soon use the xfeature for user ibt, and so there will now be a reason to have XFEATURE_CET_USER depend on IBT. > > Signed-off-by: Yang Weijiang <weijiang.yang@xxxxxxxxx> Otherwise: Reviewed-by: Rick Edgecombe <rick.p.edgecombe@xxxxxxxxx> Tested-by: Rick Edgecombe <rick.p.edgecombe@xxxxxxxxx>
