> > Note, in KVM case, guest CET supervisor state i.e.,
> > IA32_PL{0,1,2}_MSRs, are preserved after VM-Exit until host/guest
> > fpstates are swapped, but since host supervisor shadow stack is
> > disabled, the preserved MSRs won't hurt host.
>
> Just to be clear, with FRED all this changes, right? Then we get more VMCS fields
> for SSS state.
The FRED spec 5.0 adds new VMCS fields for SSS state. As a result, minimal
changes are required to enable FRED for KVM regarding SSS.
The FRED spec 5.0 defines 4 MSRs related to SSS: IA32_FRED_SSP[0123] (
the numbers 0-3 in the MSR names refer to the corresponding stack level
and not to privilege level).
IA32_FRED_SSP0 is just an alias of IA32_PL0_SSP, while IA32_FRED_SSP[123]
are new.
IA32_FRED_SSP0 is referenced during user level (ring 3) event delivery
only with FRED, thus it's fine to run KVM with guest IA32_FRED_SSP0. And
I think this is what the change log of this patch tries to clarify.
However, with FRED, because IA32_FRED_SSP[123] could be referenced right
after VM entry/exit when SSS is enabled, VMX adds new VMCS fields for the
3 MSRs in both guest and host state areas, and does the IA32_FRED_SSP[123]
context switch between host and guest during VM entry/exit.
Got to mention, there is no additional VMX controls to have CPU save/load
IA32_FRED_SSP[123], they share the same controls for IA32_FRED_RSP[123].
So I would say, regarding SSS, *logiclly* FRED enabling for KVM needs no
change besides what are done in this patch set.
