> void set_cr4_guest_host_mask(struct vcpu_vmx *vmx)
>diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
>index cc39ace47262..91e78c506105 100644
>--- a/arch/x86/kvm/x86.c
>+++ b/arch/x86/kvm/x86.c
>@@ -9845,6 +9845,18 @@ int kvm_x86_vendor_init(struct kvm_x86_init_ops *ops)
> return -EIO;
> }
>
>+ if (boot_cpu_has(X86_FEATURE_SHSTK)) {
>+ rdmsrl(MSR_IA32_S_CET, kvm_host.s_cet);
This should be rdmsrq for consistency with other call sites in this file.
>+ /*
>+ * Linux doesn't yet support supervisor shadow stacks (SSS), so
>+ * KVM doesn't save/restore the associated MSRs, i.e. KVM may
>+ * clobber the host values. Yell and refuse to load if SSS is
>+ * unexpectedly enabled, e.g. to avoid crashing the host.
>+ */
>+ if (WARN_ON_ONCE(kvm_host.s_cet & CET_SHSTK_EN))
>+ return -EIO;
>+ }
>+
> memset(&kvm_caps, 0, sizeof(kvm_caps));
>
> x86_emulator_cache = kvm_alloc_emulator_cache();
>diff --git a/arch/x86/kvm/x86.h b/arch/x86/kvm/x86.h
>index d5b039addd11..d612ddcae247 100644
>--- a/arch/x86/kvm/x86.h
>+++ b/arch/x86/kvm/x86.h
>@@ -50,6 +50,7 @@ struct kvm_host_values {
> u64 efer;
> u64 xcr0;
> u64 xss;
>+ u64 s_cet;
> u64 arch_capabilities;
> };
>
>--
>2.47.1
>
