diff --git a/hypervisor/arch/x86/guest/vmsr.c b/hypervisor/arch/x86/guest/vmsr.c
index 69d0d3afe..33b7f30aa 100644
--- a/hypervisor/arch/x86/guest/vmsr.c
+++ b/hypervisor/arch/x86/guest/vmsr.c
@@ -13,6 +13,7 @@
 #include <vm.h>
 #include <vmcs.h>
 #include <vmx.h>
+#include <sgx.h>
 #include <guest_pm.h>
 #include <ucode.h>
 #include <trace.h>
@@ -49,6 +50,14 @@ static const uint32_t emulated_guest_msrs[NUM_GUEST_MSRS] = {
 	MSR_IA32_MCG_CAP,
 	MSR_IA32_MCG_STATUS,
 	MSR_IA32_MISC_ENABLE,
+
+	/* Don't support SGX Launch Control yet, read only */
+	MSR_IA32_SGXLEPUBKEYHASH0,
+	MSR_IA32_SGXLEPUBKEYHASH1,
+	MSR_IA32_SGXLEPUBKEYHASH2,
+	MSR_IA32_SGXLEPUBKEYHASH3,
+	/* Read only */
+	MSR_IA32_SGX_SVN_STATUS,
 };
 
 #define NUM_MTRR_MSRS	13U
@@ -69,7 +78,7 @@ static const uint32_t mtrr_msrs[NUM_MTRR_MSRS] = {
 };
 
 /* Following MSRs are intercepted, but it throws GPs for any guest accesses */
-#define NUM_UNSUPPORTED_MSRS	104U
+#define NUM_UNSUPPORTED_MSRS	99U
 static const uint32_t unsupported_msrs[NUM_UNSUPPORTED_MSRS] = {
 	/* Variable MTRRs are not supported */
 	MSR_IA32_MTRR_PHYSBASE_0,
@@ -116,15 +125,6 @@ static const uint32_t unsupported_msrs[NUM_UNSUPPORTED_MSRS] = {
 	MSR_IA32_VMX_TRUE_ENTRY_CTLS,
 	MSR_IA32_VMX_VMFUNC,
 
-	/* SGX disabled: CPUID.12H.EAX[0], CPUID.07H.ECX[30] */
-	MSR_IA32_SGXLEPUBKEYHASH0,
-	MSR_IA32_SGXLEPUBKEYHASH1,
-	MSR_IA32_SGXLEPUBKEYHASH2,
-	MSR_IA32_SGXLEPUBKEYHASH3,
-
-	/* SGX disabled : CPUID.07H.EBX[2] */
-	MSR_IA32_SGX_SVN_STATUS,
-
 	/* MPX disabled: CPUID.07H.EBX[14] */
 	MSR_IA32_BNDCFGS,
 
@@ -399,6 +399,9 @@ int32_t rdmsr_vmexit_handler(struct acrn_vcpu *vcpu)
 	case MSR_IA32_FEATURE_CONTROL:
 	{
 		v = MSR_IA32_FEATURE_CONTROL_LOCK;
+		if (is_vsgx_supported(vcpu->vm->vm_id)) {
+			v |= MSR_IA32_FEATURE_CONTROL_SGX_GE;
+		}
 		break;
 	}
 	case MSR_IA32_MCG_CAP:
@@ -412,6 +415,19 @@ int32_t rdmsr_vmexit_handler(struct acrn_vcpu *vcpu)
 		v = vcpu_get_guest_msr(vcpu, MSR_IA32_MISC_ENABLE);
 		break;
 	}
+	case MSR_IA32_SGXLEPUBKEYHASH0:
+	case MSR_IA32_SGXLEPUBKEYHASH1:
+	case MSR_IA32_SGXLEPUBKEYHASH2:
+	case MSR_IA32_SGXLEPUBKEYHASH3:
+	case MSR_IA32_SGX_SVN_STATUS:
+	{
+		if (is_vsgx_supported(vcpu->vm->vm_id)) {
+			v = msr_read(msr);
+		} else {
+			err = -EACCES;
+		}
+		break;
+	}
 	default:
 	{
 		if (is_x2apic_msr(msr)) {
@@ -622,6 +638,11 @@ int32_t wrmsr_vmexit_handler(struct acrn_vcpu *vcpu)
 	case MSR_IA32_MCG_CAP:
 	case MSR_IA32_MCG_STATUS:
 	case MSR_IA32_FEATURE_CONTROL:
+	case MSR_IA32_SGXLEPUBKEYHASH0:
+	case MSR_IA32_SGXLEPUBKEYHASH1:
+	case MSR_IA32_SGXLEPUBKEYHASH2:
+	case MSR_IA32_SGXLEPUBKEYHASH3:
+	case MSR_IA32_SGX_SVN_STATUS:
 	{
 		err = -EACCES;
 		break;
diff --git a/hypervisor/include/arch/x86/guest/vcpu.h b/hypervisor/include/arch/x86/guest/vcpu.h
index a2ddabc96..18032916c 100644
--- a/hypervisor/include/arch/x86/guest/vcpu.h
+++ b/hypervisor/include/arch/x86/guest/vcpu.h
@@ -259,7 +259,7 @@ struct ext_context {
 #define SECURE_WORLD	1
 
 #define NUM_WORLD_MSRS		2U
-#define NUM_COMMON_MSRS		10U
+#define NUM_COMMON_MSRS		15U
 #define NUM_GUEST_MSRS		(NUM_WORLD_MSRS + NUM_COMMON_MSRS)
 
 #define EOI_EXIT_BITMAP_SIZE	256U