On 06/11/20 02:16, Yang Weijiang wrote:
+
+ if (((cr4 ^ old_cr4) & X86_CR4_CET) && kvm_cet_supported()) {
+ vmcs_writel(GUEST_SSP, 0);
+ vmcs_writel(GUEST_S_CET, 0);
+ vmcs_writel(GUEST_INTR_SSP_TABLE, 0);
+ }
+
Is this behavior documented for bare metal? I suspect it is at least not true for S_CET and INTR_SSP_TABLE, because SMM entry does not save those to SMRAM (and clears CR4.CET).
Also, you need to save/restore GUEST_SSP to SMRAM. Paolo
