When a guest issues a cpuid instruction for Fn0000000D_x0B (CetUserOffset), the hypervisor may intercept and access the guest XSS value. For SEV-ES, this is encrypted and needs to be included in the GHCB to be visible to the hypervisor. The rdmsr instruction needs to be called directly as the code may be used in early boot in which case the rdmsr wrappers should be avoided as they are incompatible with the decompression boot phase. Signed-off-by: John Allen <john.allen@xxxxxxx> --- v2: - Use raw_rdmsr instead of calling rdmsr directly. --- arch/x86/kernel/sev-shared.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/arch/x86/kernel/sev-shared.c b/arch/x86/kernel/sev-shared.c index 1d24ec679915..10ac130cc953 100644 --- a/arch/x86/kernel/sev-shared.c +++ b/arch/x86/kernel/sev-shared.c @@ -966,6 +966,13 @@ static enum es_result vc_handle_cpuid(struct ghcb *ghcb, /* xgetbv will cause #GP - use reset value for xcr0 */ ghcb_set_xcr0(ghcb, 1); + if (has_cpuflag(X86_FEATURE_SHSTK) && regs->ax == 0xd && regs->cx <= 1) { + struct msr m; + + raw_rdmsr(MSR_IA32_XSS, &m); + ghcb_set_xss(ghcb, m.q); + } + ret = sev_es_ghcb_hv_call(ghcb, ctxt, SVM_EXIT_CPUID, 0, 0); if (ret != ES_OK) return ret; -- 2.40.1