On Thu, Sep 29, 2022 at 03:29:00PM -0700, Rick Edgecombe wrote: > From: Yu-cheng Yu <yu-cheng.yu@xxxxxxxxx> > > The Control-Flow Enforcement Technology contains two related features, > one of which is Shadow Stacks. Future patches will utilize this feature > for shadow stack support in KVM, so add a CPU feature flags for Shadow > Stacks (CPUID.(EAX=7,ECX=0):ECX[bit 7]). > > To protect shadow stack state from malicious modification, the registers > are only accessible in supervisor mode. This implementation > context-switches the registers with XSAVES. Make X86_FEATURE_SHSTK depend > on XSAVES. > > Signed-off-by: Yu-cheng Yu <yu-cheng.yu@xxxxxxxxx> Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx> -- Kees Cook
