xref: /openbmc/qemu/target/i386/cpu.c (revision d27532e479aa5f097bed35677a001f686336b294)
1 /*
2  *  i386 CPUID, CPU class, definitions, models
3  *
4  *  Copyright (c) 2003 Fabrice Bellard
5  *
6  * This library is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Lesser General Public
8  * License as published by the Free Software Foundation; either
9  * version 2.1 of the License, or (at your option) any later version.
10  *
11  * This library is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
14  * Lesser General Public License for more details.
15  *
16  * You should have received a copy of the GNU Lesser General Public
17  * License along with this library; if not, see <http://www.gnu.org/licenses/>.
18  */
19 
20 #include "qemu/osdep.h"
21 #include "qemu/units.h"
22 #include "qemu/cutils.h"
23 #include "qemu/qemu-print.h"
24 #include "qemu/hw-version.h"
25 #include "cpu.h"
26 #include "tcg/helper-tcg.h"
27 #include "sysemu/reset.h"
28 #include "sysemu/hvf.h"
29 #include "kvm/kvm_i386.h"
30 #include "sev.h"
31 #include "qapi/error.h"
32 #include "qapi/qapi-visit-machine.h"
33 #include "qapi/qmp/qerror.h"
34 #include "standard-headers/asm-x86/kvm_para.h"
35 #include "hw/qdev-properties.h"
36 #include "hw/i386/topology.h"
37 #ifndef CONFIG_USER_ONLY
38 #include "qapi/qapi-commands-machine-target.h"
39 #include "exec/address-spaces.h"
40 #include "hw/boards.h"
41 #include "hw/i386/sgx-epc.h"
42 #endif
43 
44 #include "disas/capstone.h"
45 #include "cpu-internal.h"
46 
47 /* Helpers for building CPUID[2] descriptors: */
48 
49 struct CPUID2CacheDescriptorInfo {
50     enum CacheType type;
51     int level;
52     int size;
53     int line_size;
54     int associativity;
55 };
56 
57 /*
58  * Known CPUID 2 cache descriptors.
59  * From Intel SDM Volume 2A, CPUID instruction
60  */
61 struct CPUID2CacheDescriptorInfo cpuid2_cache_descriptors[] = {
62     [0x06] = { .level = 1, .type = INSTRUCTION_CACHE, .size =   8 * KiB,
63                .associativity = 4,  .line_size = 32, },
64     [0x08] = { .level = 1, .type = INSTRUCTION_CACHE, .size =  16 * KiB,
65                .associativity = 4,  .line_size = 32, },
66     [0x09] = { .level = 1, .type = INSTRUCTION_CACHE, .size =  32 * KiB,
67                .associativity = 4,  .line_size = 64, },
68     [0x0A] = { .level = 1, .type = DATA_CACHE,        .size =   8 * KiB,
69                .associativity = 2,  .line_size = 32, },
70     [0x0C] = { .level = 1, .type = DATA_CACHE,        .size =  16 * KiB,
71                .associativity = 4,  .line_size = 32, },
72     [0x0D] = { .level = 1, .type = DATA_CACHE,        .size =  16 * KiB,
73                .associativity = 4,  .line_size = 64, },
74     [0x0E] = { .level = 1, .type = DATA_CACHE,        .size =  24 * KiB,
75                .associativity = 6,  .line_size = 64, },
76     [0x1D] = { .level = 2, .type = UNIFIED_CACHE,     .size = 128 * KiB,
77                .associativity = 2,  .line_size = 64, },
78     [0x21] = { .level = 2, .type = UNIFIED_CACHE,     .size = 256 * KiB,
79                .associativity = 8,  .line_size = 64, },
80     /* lines per sector is not supported cpuid2_cache_descriptor(),
81     * so descriptors 0x22, 0x23 are not included
82     */
83     [0x24] = { .level = 2, .type = UNIFIED_CACHE,     .size =   1 * MiB,
84                .associativity = 16, .line_size = 64, },
85     /* lines per sector is not supported cpuid2_cache_descriptor(),
86     * so descriptors 0x25, 0x20 are not included
87     */
88     [0x2C] = { .level = 1, .type = DATA_CACHE,        .size =  32 * KiB,
89                .associativity = 8,  .line_size = 64, },
90     [0x30] = { .level = 1, .type = INSTRUCTION_CACHE, .size =  32 * KiB,
91                .associativity = 8,  .line_size = 64, },
92     [0x41] = { .level = 2, .type = UNIFIED_CACHE,     .size = 128 * KiB,
93                .associativity = 4,  .line_size = 32, },
94     [0x42] = { .level = 2, .type = UNIFIED_CACHE,     .size = 256 * KiB,
95                .associativity = 4,  .line_size = 32, },
96     [0x43] = { .level = 2, .type = UNIFIED_CACHE,     .size = 512 * KiB,
97                .associativity = 4,  .line_size = 32, },
98     [0x44] = { .level = 2, .type = UNIFIED_CACHE,     .size =   1 * MiB,
99                .associativity = 4,  .line_size = 32, },
100     [0x45] = { .level = 2, .type = UNIFIED_CACHE,     .size =   2 * MiB,
101                .associativity = 4,  .line_size = 32, },
102     [0x46] = { .level = 3, .type = UNIFIED_CACHE,     .size =   4 * MiB,
103                .associativity = 4,  .line_size = 64, },
104     [0x47] = { .level = 3, .type = UNIFIED_CACHE,     .size =   8 * MiB,
105                .associativity = 8,  .line_size = 64, },
106     [0x48] = { .level = 2, .type = UNIFIED_CACHE,     .size =   3 * MiB,
107                .associativity = 12, .line_size = 64, },
108     /* Descriptor 0x49 depends on CPU family/model, so it is not included */
109     [0x4A] = { .level = 3, .type = UNIFIED_CACHE,     .size =   6 * MiB,
110                .associativity = 12, .line_size = 64, },
111     [0x4B] = { .level = 3, .type = UNIFIED_CACHE,     .size =   8 * MiB,
112                .associativity = 16, .line_size = 64, },
113     [0x4C] = { .level = 3, .type = UNIFIED_CACHE,     .size =  12 * MiB,
114                .associativity = 12, .line_size = 64, },
115     [0x4D] = { .level = 3, .type = UNIFIED_CACHE,     .size =  16 * MiB,
116                .associativity = 16, .line_size = 64, },
117     [0x4E] = { .level = 2, .type = UNIFIED_CACHE,     .size =   6 * MiB,
118                .associativity = 24, .line_size = 64, },
119     [0x60] = { .level = 1, .type = DATA_CACHE,        .size =  16 * KiB,
120                .associativity = 8,  .line_size = 64, },
121     [0x66] = { .level = 1, .type = DATA_CACHE,        .size =   8 * KiB,
122                .associativity = 4,  .line_size = 64, },
123     [0x67] = { .level = 1, .type = DATA_CACHE,        .size =  16 * KiB,
124                .associativity = 4,  .line_size = 64, },
125     [0x68] = { .level = 1, .type = DATA_CACHE,        .size =  32 * KiB,
126                .associativity = 4,  .line_size = 64, },
127     [0x78] = { .level = 2, .type = UNIFIED_CACHE,     .size =   1 * MiB,
128                .associativity = 4,  .line_size = 64, },
129     /* lines per sector is not supported cpuid2_cache_descriptor(),
130     * so descriptors 0x79, 0x7A, 0x7B, 0x7C are not included.
131     */
132     [0x7D] = { .level = 2, .type = UNIFIED_CACHE,     .size =   2 * MiB,
133                .associativity = 8,  .line_size = 64, },
134     [0x7F] = { .level = 2, .type = UNIFIED_CACHE,     .size = 512 * KiB,
135                .associativity = 2,  .line_size = 64, },
136     [0x80] = { .level = 2, .type = UNIFIED_CACHE,     .size = 512 * KiB,
137                .associativity = 8,  .line_size = 64, },
138     [0x82] = { .level = 2, .type = UNIFIED_CACHE,     .size = 256 * KiB,
139                .associativity = 8,  .line_size = 32, },
140     [0x83] = { .level = 2, .type = UNIFIED_CACHE,     .size = 512 * KiB,
141                .associativity = 8,  .line_size = 32, },
142     [0x84] = { .level = 2, .type = UNIFIED_CACHE,     .size =   1 * MiB,
143                .associativity = 8,  .line_size = 32, },
144     [0x85] = { .level = 2, .type = UNIFIED_CACHE,     .size =   2 * MiB,
145                .associativity = 8,  .line_size = 32, },
146     [0x86] = { .level = 2, .type = UNIFIED_CACHE,     .size = 512 * KiB,
147                .associativity = 4,  .line_size = 64, },
148     [0x87] = { .level = 2, .type = UNIFIED_CACHE,     .size =   1 * MiB,
149                .associativity = 8,  .line_size = 64, },
150     [0xD0] = { .level = 3, .type = UNIFIED_CACHE,     .size = 512 * KiB,
151                .associativity = 4,  .line_size = 64, },
152     [0xD1] = { .level = 3, .type = UNIFIED_CACHE,     .size =   1 * MiB,
153                .associativity = 4,  .line_size = 64, },
154     [0xD2] = { .level = 3, .type = UNIFIED_CACHE,     .size =   2 * MiB,
155                .associativity = 4,  .line_size = 64, },
156     [0xD6] = { .level = 3, .type = UNIFIED_CACHE,     .size =   1 * MiB,
157                .associativity = 8,  .line_size = 64, },
158     [0xD7] = { .level = 3, .type = UNIFIED_CACHE,     .size =   2 * MiB,
159                .associativity = 8,  .line_size = 64, },
160     [0xD8] = { .level = 3, .type = UNIFIED_CACHE,     .size =   4 * MiB,
161                .associativity = 8,  .line_size = 64, },
162     [0xDC] = { .level = 3, .type = UNIFIED_CACHE,     .size = 1.5 * MiB,
163                .associativity = 12, .line_size = 64, },
164     [0xDD] = { .level = 3, .type = UNIFIED_CACHE,     .size =   3 * MiB,
165                .associativity = 12, .line_size = 64, },
166     [0xDE] = { .level = 3, .type = UNIFIED_CACHE,     .size =   6 * MiB,
167                .associativity = 12, .line_size = 64, },
168     [0xE2] = { .level = 3, .type = UNIFIED_CACHE,     .size =   2 * MiB,
169                .associativity = 16, .line_size = 64, },
170     [0xE3] = { .level = 3, .type = UNIFIED_CACHE,     .size =   4 * MiB,
171                .associativity = 16, .line_size = 64, },
172     [0xE4] = { .level = 3, .type = UNIFIED_CACHE,     .size =   8 * MiB,
173                .associativity = 16, .line_size = 64, },
174     [0xEA] = { .level = 3, .type = UNIFIED_CACHE,     .size =  12 * MiB,
175                .associativity = 24, .line_size = 64, },
176     [0xEB] = { .level = 3, .type = UNIFIED_CACHE,     .size =  18 * MiB,
177                .associativity = 24, .line_size = 64, },
178     [0xEC] = { .level = 3, .type = UNIFIED_CACHE,     .size =  24 * MiB,
179                .associativity = 24, .line_size = 64, },
180 };
181 
182 /*
183  * "CPUID leaf 2 does not report cache descriptor information,
184  * use CPUID leaf 4 to query cache parameters"
185  */
186 #define CACHE_DESCRIPTOR_UNAVAILABLE 0xFF
187 
188 /*
189  * Return a CPUID 2 cache descriptor for a given cache.
190  * If no known descriptor is found, return CACHE_DESCRIPTOR_UNAVAILABLE
191  */
192 static uint8_t cpuid2_cache_descriptor(CPUCacheInfo *cache)
193 {
194     int i;
195 
196     assert(cache->size > 0);
197     assert(cache->level > 0);
198     assert(cache->line_size > 0);
199     assert(cache->associativity > 0);
200     for (i = 0; i < ARRAY_SIZE(cpuid2_cache_descriptors); i++) {
201         struct CPUID2CacheDescriptorInfo *d = &cpuid2_cache_descriptors[i];
202         if (d->level == cache->level && d->type == cache->type &&
203             d->size == cache->size && d->line_size == cache->line_size &&
204             d->associativity == cache->associativity) {
205                 return i;
206             }
207     }
208 
209     return CACHE_DESCRIPTOR_UNAVAILABLE;
210 }
211 
212 /* CPUID Leaf 4 constants: */
213 
214 /* EAX: */
215 #define CACHE_TYPE_D    1
216 #define CACHE_TYPE_I    2
217 #define CACHE_TYPE_UNIFIED   3
218 
219 #define CACHE_LEVEL(l)        (l << 5)
220 
221 #define CACHE_SELF_INIT_LEVEL (1 << 8)
222 
223 /* EDX: */
224 #define CACHE_NO_INVD_SHARING   (1 << 0)
225 #define CACHE_INCLUSIVE       (1 << 1)
226 #define CACHE_COMPLEX_IDX     (1 << 2)
227 
228 /* Encode CacheType for CPUID[4].EAX */
229 #define CACHE_TYPE(t) (((t) == DATA_CACHE) ? CACHE_TYPE_D : \
230                        ((t) == INSTRUCTION_CACHE) ? CACHE_TYPE_I : \
231                        ((t) == UNIFIED_CACHE) ? CACHE_TYPE_UNIFIED : \
232                        0 /* Invalid value */)
233 
234 
235 /* Encode cache info for CPUID[4] */
236 static void encode_cache_cpuid4(CPUCacheInfo *cache,
237                                 int num_apic_ids, int num_cores,
238                                 uint32_t *eax, uint32_t *ebx,
239                                 uint32_t *ecx, uint32_t *edx)
240 {
241     assert(cache->size == cache->line_size * cache->associativity *
242                           cache->partitions * cache->sets);
243 
244     assert(num_apic_ids > 0);
245     *eax = CACHE_TYPE(cache->type) |
246            CACHE_LEVEL(cache->level) |
247            (cache->self_init ? CACHE_SELF_INIT_LEVEL : 0) |
248            ((num_cores - 1) << 26) |
249            ((num_apic_ids - 1) << 14);
250 
251     assert(cache->line_size > 0);
252     assert(cache->partitions > 0);
253     assert(cache->associativity > 0);
254     /* We don't implement fully-associative caches */
255     assert(cache->associativity < cache->sets);
256     *ebx = (cache->line_size - 1) |
257            ((cache->partitions - 1) << 12) |
258            ((cache->associativity - 1) << 22);
259 
260     assert(cache->sets > 0);
261     *ecx = cache->sets - 1;
262 
263     *edx = (cache->no_invd_sharing ? CACHE_NO_INVD_SHARING : 0) |
264            (cache->inclusive ? CACHE_INCLUSIVE : 0) |
265            (cache->complex_indexing ? CACHE_COMPLEX_IDX : 0);
266 }
267 
268 /* Encode cache info for CPUID[0x80000005].ECX or CPUID[0x80000005].EDX */
269 static uint32_t encode_cache_cpuid80000005(CPUCacheInfo *cache)
270 {
271     assert(cache->size % 1024 == 0);
272     assert(cache->lines_per_tag > 0);
273     assert(cache->associativity > 0);
274     assert(cache->line_size > 0);
275     return ((cache->size / 1024) << 24) | (cache->associativity << 16) |
276            (cache->lines_per_tag << 8) | (cache->line_size);
277 }
278 
279 #define ASSOC_FULL 0xFF
280 
281 /* AMD associativity encoding used on CPUID Leaf 0x80000006: */
282 #define AMD_ENC_ASSOC(a) (a <=   1 ? a   : \
283                           a ==   2 ? 0x2 : \
284                           a ==   4 ? 0x4 : \
285                           a ==   8 ? 0x6 : \
286                           a ==  16 ? 0x8 : \
287                           a ==  32 ? 0xA : \
288                           a ==  48 ? 0xB : \
289                           a ==  64 ? 0xC : \
290                           a ==  96 ? 0xD : \
291                           a == 128 ? 0xE : \
292                           a == ASSOC_FULL ? 0xF : \
293                           0 /* invalid value */)
294 
295 /*
296  * Encode cache info for CPUID[0x80000006].ECX and CPUID[0x80000006].EDX
297  * @l3 can be NULL.
298  */
299 static void encode_cache_cpuid80000006(CPUCacheInfo *l2,
300                                        CPUCacheInfo *l3,
301                                        uint32_t *ecx, uint32_t *edx)
302 {
303     assert(l2->size % 1024 == 0);
304     assert(l2->associativity > 0);
305     assert(l2->lines_per_tag > 0);
306     assert(l2->line_size > 0);
307     *ecx = ((l2->size / 1024) << 16) |
308            (AMD_ENC_ASSOC(l2->associativity) << 12) |
309            (l2->lines_per_tag << 8) | (l2->line_size);
310 
311     if (l3) {
312         assert(l3->size % (512 * 1024) == 0);
313         assert(l3->associativity > 0);
314         assert(l3->lines_per_tag > 0);
315         assert(l3->line_size > 0);
316         *edx = ((l3->size / (512 * 1024)) << 18) |
317                (AMD_ENC_ASSOC(l3->associativity) << 12) |
318                (l3->lines_per_tag << 8) | (l3->line_size);
319     } else {
320         *edx = 0;
321     }
322 }
323 
324 /* Encode cache info for CPUID[8000001D] */
325 static void encode_cache_cpuid8000001d(CPUCacheInfo *cache,
326                                        X86CPUTopoInfo *topo_info,
327                                        uint32_t *eax, uint32_t *ebx,
328                                        uint32_t *ecx, uint32_t *edx)
329 {
330     uint32_t l3_threads;
331     assert(cache->size == cache->line_size * cache->associativity *
332                           cache->partitions * cache->sets);
333 
334     *eax = CACHE_TYPE(cache->type) | CACHE_LEVEL(cache->level) |
335                (cache->self_init ? CACHE_SELF_INIT_LEVEL : 0);
336 
337     /* L3 is shared among multiple cores */
338     if (cache->level == 3) {
339         l3_threads = topo_info->cores_per_die * topo_info->threads_per_core;
340         *eax |= (l3_threads - 1) << 14;
341     } else {
342         *eax |= ((topo_info->threads_per_core - 1) << 14);
343     }
344 
345     assert(cache->line_size > 0);
346     assert(cache->partitions > 0);
347     assert(cache->associativity > 0);
348     /* We don't implement fully-associative caches */
349     assert(cache->associativity < cache->sets);
350     *ebx = (cache->line_size - 1) |
351            ((cache->partitions - 1) << 12) |
352            ((cache->associativity - 1) << 22);
353 
354     assert(cache->sets > 0);
355     *ecx = cache->sets - 1;
356 
357     *edx = (cache->no_invd_sharing ? CACHE_NO_INVD_SHARING : 0) |
358            (cache->inclusive ? CACHE_INCLUSIVE : 0) |
359            (cache->complex_indexing ? CACHE_COMPLEX_IDX : 0);
360 }
361 
362 /* Encode cache info for CPUID[8000001E] */
363 static void encode_topo_cpuid8000001e(X86CPU *cpu, X86CPUTopoInfo *topo_info,
364                                       uint32_t *eax, uint32_t *ebx,
365                                       uint32_t *ecx, uint32_t *edx)
366 {
367     X86CPUTopoIDs topo_ids;
368 
369     x86_topo_ids_from_apicid(cpu->apic_id, topo_info, &topo_ids);
370 
371     *eax = cpu->apic_id;
372 
373     /*
374      * CPUID_Fn8000001E_EBX [Core Identifiers] (CoreId)
375      * Read-only. Reset: 0000_XXXXh.
376      * See Core::X86::Cpuid::ExtApicId.
377      * Core::X86::Cpuid::CoreId_lthree[1:0]_core[3:0]_thread[1:0];
378      * Bits Description
379      * 31:16 Reserved.
380      * 15:8 ThreadsPerCore: threads per core. Read-only. Reset: XXh.
381      *      The number of threads per core is ThreadsPerCore+1.
382      *  7:0 CoreId: core ID. Read-only. Reset: XXh.
383      *
384      *  NOTE: CoreId is already part of apic_id. Just use it. We can
385      *  use all the 8 bits to represent the core_id here.
386      */
387     *ebx = ((topo_info->threads_per_core - 1) << 8) | (topo_ids.core_id & 0xFF);
388 
389     /*
390      * CPUID_Fn8000001E_ECX [Node Identifiers] (NodeId)
391      * Read-only. Reset: 0000_0XXXh.
392      * Core::X86::Cpuid::NodeId_lthree[1:0]_core[3:0]_thread[1:0];
393      * Bits Description
394      * 31:11 Reserved.
395      * 10:8 NodesPerProcessor: Node per processor. Read-only. Reset: XXXb.
396      *      ValidValues:
397      *      Value Description
398      *      000b  1 node per processor.
399      *      001b  2 nodes per processor.
400      *      010b Reserved.
401      *      011b 4 nodes per processor.
402      *      111b-100b Reserved.
403      *  7:0 NodeId: Node ID. Read-only. Reset: XXh.
404      *
405      * NOTE: Hardware reserves 3 bits for number of nodes per processor.
406      * But users can create more nodes than the actual hardware can
407      * support. To genaralize we can use all the upper 8 bits for nodes.
408      * NodeId is combination of node and socket_id which is already decoded
409      * in apic_id. Just use it by shifting.
410      */
411     *ecx = ((topo_info->dies_per_pkg - 1) << 8) |
412            ((cpu->apic_id >> apicid_die_offset(topo_info)) & 0xFF);
413 
414     *edx = 0;
415 }
416 
417 /*
418  * Definitions of the hardcoded cache entries we expose:
419  * These are legacy cache values. If there is a need to change any
420  * of these values please use builtin_x86_defs
421  */
422 
423 /* L1 data cache: */
424 static CPUCacheInfo legacy_l1d_cache = {
425     .type = DATA_CACHE,
426     .level = 1,
427     .size = 32 * KiB,
428     .self_init = 1,
429     .line_size = 64,
430     .associativity = 8,
431     .sets = 64,
432     .partitions = 1,
433     .no_invd_sharing = true,
434 };
435 
436 /*FIXME: CPUID leaf 0x80000005 is inconsistent with leaves 2 & 4 */
437 static CPUCacheInfo legacy_l1d_cache_amd = {
438     .type = DATA_CACHE,
439     .level = 1,
440     .size = 64 * KiB,
441     .self_init = 1,
442     .line_size = 64,
443     .associativity = 2,
444     .sets = 512,
445     .partitions = 1,
446     .lines_per_tag = 1,
447     .no_invd_sharing = true,
448 };
449 
450 /* L1 instruction cache: */
451 static CPUCacheInfo legacy_l1i_cache = {
452     .type = INSTRUCTION_CACHE,
453     .level = 1,
454     .size = 32 * KiB,
455     .self_init = 1,
456     .line_size = 64,
457     .associativity = 8,
458     .sets = 64,
459     .partitions = 1,
460     .no_invd_sharing = true,
461 };
462 
463 /*FIXME: CPUID leaf 0x80000005 is inconsistent with leaves 2 & 4 */
464 static CPUCacheInfo legacy_l1i_cache_amd = {
465     .type = INSTRUCTION_CACHE,
466     .level = 1,
467     .size = 64 * KiB,
468     .self_init = 1,
469     .line_size = 64,
470     .associativity = 2,
471     .sets = 512,
472     .partitions = 1,
473     .lines_per_tag = 1,
474     .no_invd_sharing = true,
475 };
476 
477 /* Level 2 unified cache: */
478 static CPUCacheInfo legacy_l2_cache = {
479     .type = UNIFIED_CACHE,
480     .level = 2,
481     .size = 4 * MiB,
482     .self_init = 1,
483     .line_size = 64,
484     .associativity = 16,
485     .sets = 4096,
486     .partitions = 1,
487     .no_invd_sharing = true,
488 };
489 
490 /*FIXME: CPUID leaf 2 descriptor is inconsistent with CPUID leaf 4 */
491 static CPUCacheInfo legacy_l2_cache_cpuid2 = {
492     .type = UNIFIED_CACHE,
493     .level = 2,
494     .size = 2 * MiB,
495     .line_size = 64,
496     .associativity = 8,
497 };
498 
499 
500 /*FIXME: CPUID leaf 0x80000006 is inconsistent with leaves 2 & 4 */
501 static CPUCacheInfo legacy_l2_cache_amd = {
502     .type = UNIFIED_CACHE,
503     .level = 2,
504     .size = 512 * KiB,
505     .line_size = 64,
506     .lines_per_tag = 1,
507     .associativity = 16,
508     .sets = 512,
509     .partitions = 1,
510 };
511 
512 /* Level 3 unified cache: */
513 static CPUCacheInfo legacy_l3_cache = {
514     .type = UNIFIED_CACHE,
515     .level = 3,
516     .size = 16 * MiB,
517     .line_size = 64,
518     .associativity = 16,
519     .sets = 16384,
520     .partitions = 1,
521     .lines_per_tag = 1,
522     .self_init = true,
523     .inclusive = true,
524     .complex_indexing = true,
525 };
526 
527 /* TLB definitions: */
528 
529 #define L1_DTLB_2M_ASSOC       1
530 #define L1_DTLB_2M_ENTRIES   255
531 #define L1_DTLB_4K_ASSOC       1
532 #define L1_DTLB_4K_ENTRIES   255
533 
534 #define L1_ITLB_2M_ASSOC       1
535 #define L1_ITLB_2M_ENTRIES   255
536 #define L1_ITLB_4K_ASSOC       1
537 #define L1_ITLB_4K_ENTRIES   255
538 
539 #define L2_DTLB_2M_ASSOC       0 /* disabled */
540 #define L2_DTLB_2M_ENTRIES     0 /* disabled */
541 #define L2_DTLB_4K_ASSOC       4
542 #define L2_DTLB_4K_ENTRIES   512
543 
544 #define L2_ITLB_2M_ASSOC       0 /* disabled */
545 #define L2_ITLB_2M_ENTRIES     0 /* disabled */
546 #define L2_ITLB_4K_ASSOC       4
547 #define L2_ITLB_4K_ENTRIES   512
548 
549 /* CPUID Leaf 0x14 constants: */
550 #define INTEL_PT_MAX_SUBLEAF     0x1
551 /*
552  * bit[00]: IA32_RTIT_CTL.CR3 filter can be set to 1 and IA32_RTIT_CR3_MATCH
553  *          MSR can be accessed;
554  * bit[01]: Support Configurable PSB and Cycle-Accurate Mode;
555  * bit[02]: Support IP Filtering, TraceStop filtering, and preservation
556  *          of Intel PT MSRs across warm reset;
557  * bit[03]: Support MTC timing packet and suppression of COFI-based packets;
558  */
559 #define INTEL_PT_MINIMAL_EBX     0xf
560 /*
561  * bit[00]: Tracing can be enabled with IA32_RTIT_CTL.ToPA = 1 and
562  *          IA32_RTIT_OUTPUT_BASE and IA32_RTIT_OUTPUT_MASK_PTRS MSRs can be
563  *          accessed;
564  * bit[01]: ToPA tables can hold any number of output entries, up to the
565  *          maximum allowed by the MaskOrTableOffset field of
566  *          IA32_RTIT_OUTPUT_MASK_PTRS;
567  * bit[02]: Support Single-Range Output scheme;
568  */
569 #define INTEL_PT_MINIMAL_ECX     0x7
570 /* generated packets which contain IP payloads have LIP values */
571 #define INTEL_PT_IP_LIP          (1 << 31)
572 #define INTEL_PT_ADDR_RANGES_NUM 0x2 /* Number of configurable address ranges */
573 #define INTEL_PT_ADDR_RANGES_NUM_MASK 0x3
574 #define INTEL_PT_MTC_BITMAP      (0x0249 << 16) /* Support ART(0,3,6,9) */
575 #define INTEL_PT_CYCLE_BITMAP    0x1fff         /* Support 0,2^(0~11) */
576 #define INTEL_PT_PSB_BITMAP      (0x003f << 16) /* Support 2K,4K,8K,16K,32K,64K */
577 
578 /* CPUID Leaf 0x1D constants: */
579 #define INTEL_AMX_TILE_MAX_SUBLEAF     0x1
580 #define INTEL_AMX_TOTAL_TILE_BYTES     0x2000
581 #define INTEL_AMX_BYTES_PER_TILE       0x400
582 #define INTEL_AMX_BYTES_PER_ROW        0x40
583 #define INTEL_AMX_TILE_MAX_NAMES       0x8
584 #define INTEL_AMX_TILE_MAX_ROWS        0x10
585 
586 /* CPUID Leaf 0x1E constants: */
587 #define INTEL_AMX_TMUL_MAX_K           0x10
588 #define INTEL_AMX_TMUL_MAX_N           0x40
589 
590 void x86_cpu_vendor_words2str(char *dst, uint32_t vendor1,
591                               uint32_t vendor2, uint32_t vendor3)
592 {
593     int i;
594     for (i = 0; i < 4; i++) {
595         dst[i] = vendor1 >> (8 * i);
596         dst[i + 4] = vendor2 >> (8 * i);
597         dst[i + 8] = vendor3 >> (8 * i);
598     }
599     dst[CPUID_VENDOR_SZ] = '\0';
600 }
601 
602 #define I486_FEATURES (CPUID_FP87 | CPUID_VME | CPUID_PSE)
603 #define PENTIUM_FEATURES (I486_FEATURES | CPUID_DE | CPUID_TSC | \
604           CPUID_MSR | CPUID_MCE | CPUID_CX8 | CPUID_MMX | CPUID_APIC)
605 #define PENTIUM2_FEATURES (PENTIUM_FEATURES | CPUID_PAE | CPUID_SEP | \
606           CPUID_MTRR | CPUID_PGE | CPUID_MCA | CPUID_CMOV | CPUID_PAT | \
607           CPUID_PSE36 | CPUID_FXSR)
608 #define PENTIUM3_FEATURES (PENTIUM2_FEATURES | CPUID_SSE)
609 #define PPRO_FEATURES (CPUID_FP87 | CPUID_DE | CPUID_PSE | CPUID_TSC | \
610           CPUID_MSR | CPUID_MCE | CPUID_CX8 | CPUID_PGE | CPUID_CMOV | \
611           CPUID_PAT | CPUID_FXSR | CPUID_MMX | CPUID_SSE | CPUID_SSE2 | \
612           CPUID_PAE | CPUID_SEP | CPUID_APIC)
613 
614 #define TCG_FEATURES (CPUID_FP87 | CPUID_PSE | CPUID_TSC | CPUID_MSR | \
615           CPUID_PAE | CPUID_MCE | CPUID_CX8 | CPUID_APIC | CPUID_SEP | \
616           CPUID_MTRR | CPUID_PGE | CPUID_MCA | CPUID_CMOV | CPUID_PAT | \
617           CPUID_PSE36 | CPUID_CLFLUSH | CPUID_ACPI | CPUID_MMX | \
618           CPUID_FXSR | CPUID_SSE | CPUID_SSE2 | CPUID_SS | CPUID_DE)
619           /* partly implemented:
620           CPUID_MTRR, CPUID_MCA, CPUID_CLFLUSH (needed for Win64) */
621           /* missing:
622           CPUID_VME, CPUID_DTS, CPUID_SS, CPUID_HT, CPUID_TM, CPUID_PBE */
623 #define TCG_EXT_FEATURES (CPUID_EXT_SSE3 | CPUID_EXT_PCLMULQDQ | \
624           CPUID_EXT_MONITOR | CPUID_EXT_SSSE3 | CPUID_EXT_CX16 | \
625           CPUID_EXT_SSE41 | CPUID_EXT_SSE42 | CPUID_EXT_POPCNT | \
626           CPUID_EXT_XSAVE | /* CPUID_EXT_OSXSAVE is dynamic */   \
627           CPUID_EXT_MOVBE | CPUID_EXT_AES | CPUID_EXT_HYPERVISOR | \
628           CPUID_EXT_RDRAND | CPUID_EXT_AVX | CPUID_EXT_F16C | \
629           CPUID_EXT_FMA)
630           /* missing:
631           CPUID_EXT_DTES64, CPUID_EXT_DSCPL, CPUID_EXT_VMX, CPUID_EXT_SMX,
632           CPUID_EXT_EST, CPUID_EXT_TM2, CPUID_EXT_CID,
633           CPUID_EXT_XTPR, CPUID_EXT_PDCM, CPUID_EXT_PCID, CPUID_EXT_DCA,
634           CPUID_EXT_X2APIC, CPUID_EXT_TSC_DEADLINE_TIMER */
635 
636 #ifdef TARGET_X86_64
637 #define TCG_EXT2_X86_64_FEATURES (CPUID_EXT2_SYSCALL | CPUID_EXT2_LM)
638 #else
639 #define TCG_EXT2_X86_64_FEATURES 0
640 #endif
641 
642 #define TCG_EXT2_FEATURES ((TCG_FEATURES & CPUID_EXT2_AMD_ALIASES) | \
643           CPUID_EXT2_NX | CPUID_EXT2_MMXEXT | CPUID_EXT2_RDTSCP | \
644           CPUID_EXT2_3DNOW | CPUID_EXT2_3DNOWEXT | CPUID_EXT2_PDPE1GB | \
645           TCG_EXT2_X86_64_FEATURES)
646 #define TCG_EXT3_FEATURES (CPUID_EXT3_LAHF_LM | CPUID_EXT3_SVM | \
647           CPUID_EXT3_CR8LEG | CPUID_EXT3_ABM | CPUID_EXT3_SSE4A)
648 #define TCG_EXT4_FEATURES 0
649 #define TCG_SVM_FEATURES (CPUID_SVM_NPT | CPUID_SVM_VGIF | \
650           CPUID_SVM_SVME_ADDR_CHK)
651 #define TCG_KVM_FEATURES 0
652 #define TCG_7_0_EBX_FEATURES (CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_SMAP | \
653           CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ADX | \
654           CPUID_7_0_EBX_PCOMMIT | CPUID_7_0_EBX_CLFLUSHOPT |            \
655           CPUID_7_0_EBX_CLWB | CPUID_7_0_EBX_MPX | CPUID_7_0_EBX_FSGSBASE | \
656           CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_AVX2)
657           /* missing:
658           CPUID_7_0_EBX_HLE
659           CPUID_7_0_EBX_INVPCID, CPUID_7_0_EBX_RTM,
660           CPUID_7_0_EBX_RDSEED */
661 #define TCG_7_0_ECX_FEATURES (CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_PKU | \
662           /* CPUID_7_0_ECX_OSPKE is dynamic */ \
663           CPUID_7_0_ECX_LA57 | CPUID_7_0_ECX_PKS | CPUID_7_0_ECX_VAES)
664 #define TCG_7_0_EDX_FEATURES CPUID_7_0_EDX_FSRM
665 #define TCG_7_1_EAX_FEATURES (CPUID_7_1_EAX_FZRM | CPUID_7_1_EAX_FSRS | \
666           CPUID_7_1_EAX_FSRC)
667 #define TCG_APM_FEATURES 0
668 #define TCG_6_EAX_FEATURES CPUID_6_EAX_ARAT
669 #define TCG_XSAVE_FEATURES (CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XGETBV1)
670           /* missing:
671           CPUID_XSAVE_XSAVEC, CPUID_XSAVE_XSAVES */
672 #define TCG_14_0_ECX_FEATURES 0
673 #define TCG_SGX_12_0_EAX_FEATURES 0
674 #define TCG_SGX_12_0_EBX_FEATURES 0
675 #define TCG_SGX_12_1_EAX_FEATURES 0
676 
677 FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
678     [FEAT_1_EDX] = {
679         .type = CPUID_FEATURE_WORD,
680         .feat_names = {
681             "fpu", "vme", "de", "pse",
682             "tsc", "msr", "pae", "mce",
683             "cx8", "apic", NULL, "sep",
684             "mtrr", "pge", "mca", "cmov",
685             "pat", "pse36", "pn" /* Intel psn */, "clflush" /* Intel clfsh */,
686             NULL, "ds" /* Intel dts */, "acpi", "mmx",
687             "fxsr", "sse", "sse2", "ss",
688             "ht" /* Intel htt */, "tm", "ia64", "pbe",
689         },
690         .cpuid = {.eax = 1, .reg = R_EDX, },
691         .tcg_features = TCG_FEATURES,
692     },
693     [FEAT_1_ECX] = {
694         .type = CPUID_FEATURE_WORD,
695         .feat_names = {
696             "pni" /* Intel,AMD sse3 */, "pclmulqdq", "dtes64", "monitor",
697             "ds-cpl", "vmx", "smx", "est",
698             "tm2", "ssse3", "cid", NULL,
699             "fma", "cx16", "xtpr", "pdcm",
700             NULL, "pcid", "dca", "sse4.1",
701             "sse4.2", "x2apic", "movbe", "popcnt",
702             "tsc-deadline", "aes", "xsave", NULL /* osxsave */,
703             "avx", "f16c", "rdrand", "hypervisor",
704         },
705         .cpuid = { .eax = 1, .reg = R_ECX, },
706         .tcg_features = TCG_EXT_FEATURES,
707     },
708     /* Feature names that are already defined on feature_name[] but
709      * are set on CPUID[8000_0001].EDX on AMD CPUs don't have their
710      * names on feat_names below. They are copied automatically
711      * to features[FEAT_8000_0001_EDX] if and only if CPU vendor is AMD.
712      */
713     [FEAT_8000_0001_EDX] = {
714         .type = CPUID_FEATURE_WORD,
715         .feat_names = {
716             NULL /* fpu */, NULL /* vme */, NULL /* de */, NULL /* pse */,
717             NULL /* tsc */, NULL /* msr */, NULL /* pae */, NULL /* mce */,
718             NULL /* cx8 */, NULL /* apic */, NULL, "syscall",
719             NULL /* mtrr */, NULL /* pge */, NULL /* mca */, NULL /* cmov */,
720             NULL /* pat */, NULL /* pse36 */, NULL, NULL /* Linux mp */,
721             "nx", NULL, "mmxext", NULL /* mmx */,
722             NULL /* fxsr */, "fxsr-opt", "pdpe1gb", "rdtscp",
723             NULL, "lm", "3dnowext", "3dnow",
724         },
725         .cpuid = { .eax = 0x80000001, .reg = R_EDX, },
726         .tcg_features = TCG_EXT2_FEATURES,
727     },
728     [FEAT_8000_0001_ECX] = {
729         .type = CPUID_FEATURE_WORD,
730         .feat_names = {
731             "lahf-lm", "cmp-legacy", "svm", "extapic",
732             "cr8legacy", "abm", "sse4a", "misalignsse",
733             "3dnowprefetch", "osvw", "ibs", "xop",
734             "skinit", "wdt", NULL, "lwp",
735             "fma4", "tce", NULL, "nodeid-msr",
736             NULL, "tbm", "topoext", "perfctr-core",
737             "perfctr-nb", NULL, NULL, NULL,
738             NULL, NULL, NULL, NULL,
739         },
740         .cpuid = { .eax = 0x80000001, .reg = R_ECX, },
741         .tcg_features = TCG_EXT3_FEATURES,
742         /*
743          * TOPOEXT is always allowed but can't be enabled blindly by
744          * "-cpu host", as it requires consistent cache topology info
745          * to be provided so it doesn't confuse guests.
746          */
747         .no_autoenable_flags = CPUID_EXT3_TOPOEXT,
748     },
749     [FEAT_C000_0001_EDX] = {
750         .type = CPUID_FEATURE_WORD,
751         .feat_names = {
752             NULL, NULL, "xstore", "xstore-en",
753             NULL, NULL, "xcrypt", "xcrypt-en",
754             "ace2", "ace2-en", "phe", "phe-en",
755             "pmm", "pmm-en", NULL, NULL,
756             NULL, NULL, NULL, NULL,
757             NULL, NULL, NULL, NULL,
758             NULL, NULL, NULL, NULL,
759             NULL, NULL, NULL, NULL,
760         },
761         .cpuid = { .eax = 0xC0000001, .reg = R_EDX, },
762         .tcg_features = TCG_EXT4_FEATURES,
763     },
764     [FEAT_KVM] = {
765         .type = CPUID_FEATURE_WORD,
766         .feat_names = {
767             "kvmclock", "kvm-nopiodelay", "kvm-mmu", "kvmclock",
768             "kvm-asyncpf", "kvm-steal-time", "kvm-pv-eoi", "kvm-pv-unhalt",
769             NULL, "kvm-pv-tlb-flush", NULL, "kvm-pv-ipi",
770             "kvm-poll-control", "kvm-pv-sched-yield", "kvm-asyncpf-int", "kvm-msi-ext-dest-id",
771             NULL, NULL, NULL, NULL,
772             NULL, NULL, NULL, NULL,
773             "kvmclock-stable-bit", NULL, NULL, NULL,
774             NULL, NULL, NULL, NULL,
775         },
776         .cpuid = { .eax = KVM_CPUID_FEATURES, .reg = R_EAX, },
777         .tcg_features = TCG_KVM_FEATURES,
778     },
779     [FEAT_KVM_HINTS] = {
780         .type = CPUID_FEATURE_WORD,
781         .feat_names = {
782             "kvm-hint-dedicated", NULL, NULL, NULL,
783             NULL, NULL, NULL, NULL,
784             NULL, NULL, NULL, NULL,
785             NULL, NULL, NULL, NULL,
786             NULL, NULL, NULL, NULL,
787             NULL, NULL, NULL, NULL,
788             NULL, NULL, NULL, NULL,
789             NULL, NULL, NULL, NULL,
790         },
791         .cpuid = { .eax = KVM_CPUID_FEATURES, .reg = R_EDX, },
792         .tcg_features = TCG_KVM_FEATURES,
793         /*
794          * KVM hints aren't auto-enabled by -cpu host, they need to be
795          * explicitly enabled in the command-line.
796          */
797         .no_autoenable_flags = ~0U,
798     },
799     [FEAT_SVM] = {
800         .type = CPUID_FEATURE_WORD,
801         .feat_names = {
802             "npt", "lbrv", "svm-lock", "nrip-save",
803             "tsc-scale", "vmcb-clean",  "flushbyasid", "decodeassists",
804             NULL, NULL, "pause-filter", NULL,
805             "pfthreshold", "avic", NULL, "v-vmsave-vmload",
806             "vgif", NULL, NULL, NULL,
807             NULL, NULL, NULL, NULL,
808             NULL, NULL, NULL, NULL,
809             "svme-addr-chk", NULL, NULL, NULL,
810         },
811         .cpuid = { .eax = 0x8000000A, .reg = R_EDX, },
812         .tcg_features = TCG_SVM_FEATURES,
813     },
814     [FEAT_7_0_EBX] = {
815         .type = CPUID_FEATURE_WORD,
816         .feat_names = {
817             "fsgsbase", "tsc-adjust", "sgx", "bmi1",
818             "hle", "avx2", NULL, "smep",
819             "bmi2", "erms", "invpcid", "rtm",
820             NULL, NULL, "mpx", NULL,
821             "avx512f", "avx512dq", "rdseed", "adx",
822             "smap", "avx512ifma", "pcommit", "clflushopt",
823             "clwb", "intel-pt", "avx512pf", "avx512er",
824             "avx512cd", "sha-ni", "avx512bw", "avx512vl",
825         },
826         .cpuid = {
827             .eax = 7,
828             .needs_ecx = true, .ecx = 0,
829             .reg = R_EBX,
830         },
831         .tcg_features = TCG_7_0_EBX_FEATURES,
832     },
833     [FEAT_7_0_ECX] = {
834         .type = CPUID_FEATURE_WORD,
835         .feat_names = {
836             NULL, "avx512vbmi", "umip", "pku",
837             NULL /* ospke */, "waitpkg", "avx512vbmi2", NULL,
838             "gfni", "vaes", "vpclmulqdq", "avx512vnni",
839             "avx512bitalg", NULL, "avx512-vpopcntdq", NULL,
840             "la57", NULL, NULL, NULL,
841             NULL, NULL, "rdpid", NULL,
842             "bus-lock-detect", "cldemote", NULL, "movdiri",
843             "movdir64b", NULL, "sgxlc", "pks",
844         },
845         .cpuid = {
846             .eax = 7,
847             .needs_ecx = true, .ecx = 0,
848             .reg = R_ECX,
849         },
850         .tcg_features = TCG_7_0_ECX_FEATURES,
851     },
852     [FEAT_7_0_EDX] = {
853         .type = CPUID_FEATURE_WORD,
854         .feat_names = {
855             NULL, NULL, "avx512-4vnniw", "avx512-4fmaps",
856             "fsrm", NULL, NULL, NULL,
857             "avx512-vp2intersect", NULL, "md-clear", NULL,
858             NULL, NULL, "serialize", NULL,
859             "tsx-ldtrk", NULL, NULL /* pconfig */, "arch-lbr",
860             NULL, NULL, "amx-bf16", "avx512-fp16",
861             "amx-tile", "amx-int8", "spec-ctrl", "stibp",
862             NULL, "arch-capabilities", "core-capability", "ssbd",
863         },
864         .cpuid = {
865             .eax = 7,
866             .needs_ecx = true, .ecx = 0,
867             .reg = R_EDX,
868         },
869         .tcg_features = TCG_7_0_EDX_FEATURES,
870     },
871     [FEAT_7_1_EAX] = {
872         .type = CPUID_FEATURE_WORD,
873         .feat_names = {
874             NULL, NULL, NULL, NULL,
875             "avx-vnni", "avx512-bf16", NULL, NULL,
876             NULL, NULL, "fzrm", "fsrs",
877             "fsrc", NULL, NULL, NULL,
878             NULL, NULL, NULL, NULL,
879             NULL, NULL, NULL, NULL,
880             NULL, NULL, NULL, NULL,
881             NULL, NULL, NULL, NULL,
882         },
883         .cpuid = {
884             .eax = 7,
885             .needs_ecx = true, .ecx = 1,
886             .reg = R_EAX,
887         },
888         .tcg_features = TCG_7_1_EAX_FEATURES,
889     },
890     [FEAT_8000_0007_EDX] = {
891         .type = CPUID_FEATURE_WORD,
892         .feat_names = {
893             NULL, NULL, NULL, NULL,
894             NULL, NULL, NULL, NULL,
895             "invtsc", NULL, NULL, NULL,
896             NULL, NULL, NULL, NULL,
897             NULL, NULL, NULL, NULL,
898             NULL, NULL, NULL, NULL,
899             NULL, NULL, NULL, NULL,
900             NULL, NULL, NULL, NULL,
901         },
902         .cpuid = { .eax = 0x80000007, .reg = R_EDX, },
903         .tcg_features = TCG_APM_FEATURES,
904         .unmigratable_flags = CPUID_APM_INVTSC,
905     },
906     [FEAT_8000_0008_EBX] = {
907         .type = CPUID_FEATURE_WORD,
908         .feat_names = {
909             "clzero", NULL, "xsaveerptr", NULL,
910             NULL, NULL, NULL, NULL,
911             NULL, "wbnoinvd", NULL, NULL,
912             "ibpb", NULL, "ibrs", "amd-stibp",
913             NULL, NULL, NULL, NULL,
914             NULL, NULL, NULL, NULL,
915             "amd-ssbd", "virt-ssbd", "amd-no-ssb", NULL,
916             NULL, NULL, NULL, NULL,
917         },
918         .cpuid = { .eax = 0x80000008, .reg = R_EBX, },
919         .tcg_features = 0,
920         .unmigratable_flags = 0,
921     },
922     [FEAT_XSAVE] = {
923         .type = CPUID_FEATURE_WORD,
924         .feat_names = {
925             "xsaveopt", "xsavec", "xgetbv1", "xsaves",
926             "xfd", NULL, NULL, NULL,
927             NULL, NULL, NULL, NULL,
928             NULL, NULL, NULL, NULL,
929             NULL, NULL, NULL, NULL,
930             NULL, NULL, NULL, NULL,
931             NULL, NULL, NULL, NULL,
932             NULL, NULL, NULL, NULL,
933         },
934         .cpuid = {
935             .eax = 0xd,
936             .needs_ecx = true, .ecx = 1,
937             .reg = R_EAX,
938         },
939         .tcg_features = TCG_XSAVE_FEATURES,
940     },
941     [FEAT_XSAVE_XSS_LO] = {
942         .type = CPUID_FEATURE_WORD,
943         .feat_names = {
944             NULL, NULL, NULL, NULL,
945             NULL, NULL, NULL, NULL,
946             NULL, NULL, NULL, NULL,
947             NULL, NULL, NULL, NULL,
948             NULL, NULL, NULL, NULL,
949             NULL, NULL, NULL, NULL,
950             NULL, NULL, NULL, NULL,
951             NULL, NULL, NULL, NULL,
952         },
953         .cpuid = {
954             .eax = 0xD,
955             .needs_ecx = true,
956             .ecx = 1,
957             .reg = R_ECX,
958         },
959     },
960     [FEAT_XSAVE_XSS_HI] = {
961         .type = CPUID_FEATURE_WORD,
962         .cpuid = {
963             .eax = 0xD,
964             .needs_ecx = true,
965             .ecx = 1,
966             .reg = R_EDX
967         },
968     },
969     [FEAT_6_EAX] = {
970         .type = CPUID_FEATURE_WORD,
971         .feat_names = {
972             NULL, NULL, "arat", NULL,
973             NULL, NULL, NULL, NULL,
974             NULL, NULL, NULL, NULL,
975             NULL, NULL, NULL, NULL,
976             NULL, NULL, NULL, NULL,
977             NULL, NULL, NULL, NULL,
978             NULL, NULL, NULL, NULL,
979             NULL, NULL, NULL, NULL,
980         },
981         .cpuid = { .eax = 6, .reg = R_EAX, },
982         .tcg_features = TCG_6_EAX_FEATURES,
983     },
984     [FEAT_XSAVE_XCR0_LO] = {
985         .type = CPUID_FEATURE_WORD,
986         .cpuid = {
987             .eax = 0xD,
988             .needs_ecx = true, .ecx = 0,
989             .reg = R_EAX,
990         },
991         .tcg_features = ~0U,
992         .migratable_flags = XSTATE_FP_MASK | XSTATE_SSE_MASK |
993             XSTATE_YMM_MASK | XSTATE_BNDREGS_MASK | XSTATE_BNDCSR_MASK |
994             XSTATE_OPMASK_MASK | XSTATE_ZMM_Hi256_MASK | XSTATE_Hi16_ZMM_MASK |
995             XSTATE_PKRU_MASK,
996     },
997     [FEAT_XSAVE_XCR0_HI] = {
998         .type = CPUID_FEATURE_WORD,
999         .cpuid = {
1000             .eax = 0xD,
1001             .needs_ecx = true, .ecx = 0,
1002             .reg = R_EDX,
1003         },
1004         .tcg_features = ~0U,
1005     },
1006     /*Below are MSR exposed features*/
1007     [FEAT_ARCH_CAPABILITIES] = {
1008         .type = MSR_FEATURE_WORD,
1009         .feat_names = {
1010             "rdctl-no", "ibrs-all", "rsba", "skip-l1dfl-vmentry",
1011             "ssb-no", "mds-no", "pschange-mc-no", "tsx-ctrl",
1012             "taa-no", NULL, NULL, NULL,
1013             NULL, NULL, NULL, NULL,
1014             NULL, NULL, NULL, NULL,
1015             NULL, NULL, NULL, NULL,
1016             NULL, NULL, NULL, NULL,
1017             NULL, NULL, NULL, NULL,
1018         },
1019         .msr = {
1020             .index = MSR_IA32_ARCH_CAPABILITIES,
1021         },
1022     },
1023     [FEAT_CORE_CAPABILITY] = {
1024         .type = MSR_FEATURE_WORD,
1025         .feat_names = {
1026             NULL, NULL, NULL, NULL,
1027             NULL, "split-lock-detect", NULL, NULL,
1028             NULL, NULL, NULL, NULL,
1029             NULL, NULL, NULL, NULL,
1030             NULL, NULL, NULL, NULL,
1031             NULL, NULL, NULL, NULL,
1032             NULL, NULL, NULL, NULL,
1033             NULL, NULL, NULL, NULL,
1034         },
1035         .msr = {
1036             .index = MSR_IA32_CORE_CAPABILITY,
1037         },
1038     },
1039     [FEAT_PERF_CAPABILITIES] = {
1040         .type = MSR_FEATURE_WORD,
1041         .feat_names = {
1042             NULL, NULL, NULL, NULL,
1043             NULL, NULL, NULL, NULL,
1044             NULL, NULL, NULL, NULL,
1045             NULL, "full-width-write", NULL, NULL,
1046             NULL, NULL, NULL, NULL,
1047             NULL, NULL, NULL, NULL,
1048             NULL, NULL, NULL, NULL,
1049             NULL, NULL, NULL, NULL,
1050         },
1051         .msr = {
1052             .index = MSR_IA32_PERF_CAPABILITIES,
1053         },
1054     },
1055 
1056     [FEAT_VMX_PROCBASED_CTLS] = {
1057         .type = MSR_FEATURE_WORD,
1058         .feat_names = {
1059             NULL, NULL, "vmx-vintr-pending", "vmx-tsc-offset",
1060             NULL, NULL, NULL, "vmx-hlt-exit",
1061             NULL, "vmx-invlpg-exit", "vmx-mwait-exit", "vmx-rdpmc-exit",
1062             "vmx-rdtsc-exit", NULL, NULL, "vmx-cr3-load-noexit",
1063             "vmx-cr3-store-noexit", NULL, NULL, "vmx-cr8-load-exit",
1064             "vmx-cr8-store-exit", "vmx-flexpriority", "vmx-vnmi-pending", "vmx-movdr-exit",
1065             "vmx-io-exit", "vmx-io-bitmap", NULL, "vmx-mtf",
1066             "vmx-msr-bitmap", "vmx-monitor-exit", "vmx-pause-exit", "vmx-secondary-ctls",
1067         },
1068         .msr = {
1069             .index = MSR_IA32_VMX_TRUE_PROCBASED_CTLS,
1070         }
1071     },
1072 
1073     [FEAT_VMX_SECONDARY_CTLS] = {
1074         .type = MSR_FEATURE_WORD,
1075         .feat_names = {
1076             "vmx-apicv-xapic", "vmx-ept", "vmx-desc-exit", "vmx-rdtscp-exit",
1077             "vmx-apicv-x2apic", "vmx-vpid", "vmx-wbinvd-exit", "vmx-unrestricted-guest",
1078             "vmx-apicv-register", "vmx-apicv-vid", "vmx-ple", "vmx-rdrand-exit",
1079             "vmx-invpcid-exit", "vmx-vmfunc", "vmx-shadow-vmcs", "vmx-encls-exit",
1080             "vmx-rdseed-exit", "vmx-pml", NULL, NULL,
1081             "vmx-xsaves", NULL, NULL, NULL,
1082             NULL, "vmx-tsc-scaling", NULL, NULL,
1083             NULL, NULL, NULL, NULL,
1084         },
1085         .msr = {
1086             .index = MSR_IA32_VMX_PROCBASED_CTLS2,
1087         }
1088     },
1089 
1090     [FEAT_VMX_PINBASED_CTLS] = {
1091         .type = MSR_FEATURE_WORD,
1092         .feat_names = {
1093             "vmx-intr-exit", NULL, NULL, "vmx-nmi-exit",
1094             NULL, "vmx-vnmi", "vmx-preemption-timer", "vmx-posted-intr",
1095             NULL, NULL, NULL, NULL,
1096             NULL, NULL, NULL, NULL,
1097             NULL, NULL, NULL, NULL,
1098             NULL, NULL, NULL, NULL,
1099             NULL, NULL, NULL, NULL,
1100             NULL, NULL, NULL, NULL,
1101         },
1102         .msr = {
1103             .index = MSR_IA32_VMX_TRUE_PINBASED_CTLS,
1104         }
1105     },
1106 
1107     [FEAT_VMX_EXIT_CTLS] = {
1108         .type = MSR_FEATURE_WORD,
1109         /*
1110          * VMX_VM_EXIT_HOST_ADDR_SPACE_SIZE is copied from
1111          * the LM CPUID bit.
1112          */
1113         .feat_names = {
1114             NULL, NULL, "vmx-exit-nosave-debugctl", NULL,
1115             NULL, NULL, NULL, NULL,
1116             NULL, NULL /* vmx-exit-host-addr-space-size */, NULL, NULL,
1117             "vmx-exit-load-perf-global-ctrl", NULL, NULL, "vmx-exit-ack-intr",
1118             NULL, NULL, "vmx-exit-save-pat", "vmx-exit-load-pat",
1119             "vmx-exit-save-efer", "vmx-exit-load-efer",
1120                 "vmx-exit-save-preemption-timer", "vmx-exit-clear-bndcfgs",
1121             NULL, "vmx-exit-clear-rtit-ctl", NULL, NULL,
1122             NULL, "vmx-exit-load-pkrs", NULL, NULL,
1123         },
1124         .msr = {
1125             .index = MSR_IA32_VMX_TRUE_EXIT_CTLS,
1126         }
1127     },
1128 
1129     [FEAT_VMX_ENTRY_CTLS] = {
1130         .type = MSR_FEATURE_WORD,
1131         .feat_names = {
1132             NULL, NULL, "vmx-entry-noload-debugctl", NULL,
1133             NULL, NULL, NULL, NULL,
1134             NULL, "vmx-entry-ia32e-mode", NULL, NULL,
1135             NULL, "vmx-entry-load-perf-global-ctrl", "vmx-entry-load-pat", "vmx-entry-load-efer",
1136             "vmx-entry-load-bndcfgs", NULL, "vmx-entry-load-rtit-ctl", NULL,
1137             NULL, NULL, "vmx-entry-load-pkrs", NULL,
1138             NULL, NULL, NULL, NULL,
1139             NULL, NULL, NULL, NULL,
1140         },
1141         .msr = {
1142             .index = MSR_IA32_VMX_TRUE_ENTRY_CTLS,
1143         }
1144     },
1145 
1146     [FEAT_VMX_MISC] = {
1147         .type = MSR_FEATURE_WORD,
1148         .feat_names = {
1149             NULL, NULL, NULL, NULL,
1150             NULL, "vmx-store-lma", "vmx-activity-hlt", "vmx-activity-shutdown",
1151             "vmx-activity-wait-sipi", NULL, NULL, NULL,
1152             NULL, NULL, NULL, NULL,
1153             NULL, NULL, NULL, NULL,
1154             NULL, NULL, NULL, NULL,
1155             NULL, NULL, NULL, NULL,
1156             NULL, "vmx-vmwrite-vmexit-fields", "vmx-zero-len-inject", NULL,
1157         },
1158         .msr = {
1159             .index = MSR_IA32_VMX_MISC,
1160         }
1161     },
1162 
1163     [FEAT_VMX_EPT_VPID_CAPS] = {
1164         .type = MSR_FEATURE_WORD,
1165         .feat_names = {
1166             "vmx-ept-execonly", NULL, NULL, NULL,
1167             NULL, NULL, "vmx-page-walk-4", "vmx-page-walk-5",
1168             NULL, NULL, NULL, NULL,
1169             NULL, NULL, NULL, NULL,
1170             "vmx-ept-2mb", "vmx-ept-1gb", NULL, NULL,
1171             "vmx-invept", "vmx-eptad", "vmx-ept-advanced-exitinfo", NULL,
1172             NULL, "vmx-invept-single-context", "vmx-invept-all-context", NULL,
1173             NULL, NULL, NULL, NULL,
1174             "vmx-invvpid", NULL, NULL, NULL,
1175             NULL, NULL, NULL, NULL,
1176             "vmx-invvpid-single-addr", "vmx-invept-single-context",
1177                 "vmx-invvpid-all-context", "vmx-invept-single-context-noglobals",
1178             NULL, NULL, NULL, NULL,
1179             NULL, NULL, NULL, NULL,
1180             NULL, NULL, NULL, NULL,
1181             NULL, NULL, NULL, NULL,
1182             NULL, NULL, NULL, NULL,
1183         },
1184         .msr = {
1185             .index = MSR_IA32_VMX_EPT_VPID_CAP,
1186         }
1187     },
1188 
1189     [FEAT_VMX_BASIC] = {
1190         .type = MSR_FEATURE_WORD,
1191         .feat_names = {
1192             [54] = "vmx-ins-outs",
1193             [55] = "vmx-true-ctls",
1194         },
1195         .msr = {
1196             .index = MSR_IA32_VMX_BASIC,
1197         },
1198         /* Just to be safe - we don't support setting the MSEG version field.  */
1199         .no_autoenable_flags = MSR_VMX_BASIC_DUAL_MONITOR,
1200     },
1201 
1202     [FEAT_VMX_VMFUNC] = {
1203         .type = MSR_FEATURE_WORD,
1204         .feat_names = {
1205             [0] = "vmx-eptp-switching",
1206         },
1207         .msr = {
1208             .index = MSR_IA32_VMX_VMFUNC,
1209         }
1210     },
1211 
1212     [FEAT_14_0_ECX] = {
1213         .type = CPUID_FEATURE_WORD,
1214         .feat_names = {
1215             NULL, NULL, NULL, NULL,
1216             NULL, NULL, NULL, NULL,
1217             NULL, NULL, NULL, NULL,
1218             NULL, NULL, NULL, NULL,
1219             NULL, NULL, NULL, NULL,
1220             NULL, NULL, NULL, NULL,
1221             NULL, NULL, NULL, NULL,
1222             NULL, NULL, NULL, "intel-pt-lip",
1223         },
1224         .cpuid = {
1225             .eax = 0x14,
1226             .needs_ecx = true, .ecx = 0,
1227             .reg = R_ECX,
1228         },
1229         .tcg_features = TCG_14_0_ECX_FEATURES,
1230      },
1231 
1232     [FEAT_SGX_12_0_EAX] = {
1233         .type = CPUID_FEATURE_WORD,
1234         .feat_names = {
1235             "sgx1", "sgx2", NULL, NULL,
1236             NULL, NULL, NULL, NULL,
1237             NULL, NULL, NULL, "sgx-edeccssa",
1238             NULL, NULL, NULL, NULL,
1239             NULL, NULL, NULL, NULL,
1240             NULL, NULL, NULL, NULL,
1241             NULL, NULL, NULL, NULL,
1242             NULL, NULL, NULL, NULL,
1243         },
1244         .cpuid = {
1245             .eax = 0x12,
1246             .needs_ecx = true, .ecx = 0,
1247             .reg = R_EAX,
1248         },
1249         .tcg_features = TCG_SGX_12_0_EAX_FEATURES,
1250     },
1251 
1252     [FEAT_SGX_12_0_EBX] = {
1253         .type = CPUID_FEATURE_WORD,
1254         .feat_names = {
1255             "sgx-exinfo" , NULL, NULL, NULL,
1256             NULL, NULL, NULL, NULL,
1257             NULL, NULL, NULL, NULL,
1258             NULL, NULL, NULL, NULL,
1259             NULL, NULL, NULL, NULL,
1260             NULL, NULL, NULL, NULL,
1261             NULL, NULL, NULL, NULL,
1262             NULL, NULL, NULL, NULL,
1263         },
1264         .cpuid = {
1265             .eax = 0x12,
1266             .needs_ecx = true, .ecx = 0,
1267             .reg = R_EBX,
1268         },
1269         .tcg_features = TCG_SGX_12_0_EBX_FEATURES,
1270     },
1271 
1272     [FEAT_SGX_12_1_EAX] = {
1273         .type = CPUID_FEATURE_WORD,
1274         .feat_names = {
1275             NULL, "sgx-debug", "sgx-mode64", NULL,
1276             "sgx-provisionkey", "sgx-tokenkey", NULL, "sgx-kss",
1277             NULL, NULL, "sgx-aex-notify", NULL,
1278             NULL, NULL, NULL, NULL,
1279             NULL, NULL, NULL, NULL,
1280             NULL, NULL, NULL, NULL,
1281             NULL, NULL, NULL, NULL,
1282             NULL, NULL, NULL, NULL,
1283         },
1284         .cpuid = {
1285             .eax = 0x12,
1286             .needs_ecx = true, .ecx = 1,
1287             .reg = R_EAX,
1288         },
1289         .tcg_features = TCG_SGX_12_1_EAX_FEATURES,
1290     },
1291 };
1292 
1293 typedef struct FeatureMask {
1294     FeatureWord index;
1295     uint64_t mask;
1296 } FeatureMask;
1297 
1298 typedef struct FeatureDep {
1299     FeatureMask from, to;
1300 } FeatureDep;
1301 
1302 static FeatureDep feature_dependencies[] = {
1303     {
1304         .from = { FEAT_7_0_EDX,             CPUID_7_0_EDX_ARCH_CAPABILITIES },
1305         .to = { FEAT_ARCH_CAPABILITIES,     ~0ull },
1306     },
1307     {
1308         .from = { FEAT_7_0_EDX,             CPUID_7_0_EDX_CORE_CAPABILITY },
1309         .to = { FEAT_CORE_CAPABILITY,       ~0ull },
1310     },
1311     {
1312         .from = { FEAT_1_ECX,             CPUID_EXT_PDCM },
1313         .to = { FEAT_PERF_CAPABILITIES,       ~0ull },
1314     },
1315     {
1316         .from = { FEAT_1_ECX,               CPUID_EXT_VMX },
1317         .to = { FEAT_VMX_PROCBASED_CTLS,    ~0ull },
1318     },
1319     {
1320         .from = { FEAT_1_ECX,               CPUID_EXT_VMX },
1321         .to = { FEAT_VMX_PINBASED_CTLS,     ~0ull },
1322     },
1323     {
1324         .from = { FEAT_1_ECX,               CPUID_EXT_VMX },
1325         .to = { FEAT_VMX_EXIT_CTLS,         ~0ull },
1326     },
1327     {
1328         .from = { FEAT_1_ECX,               CPUID_EXT_VMX },
1329         .to = { FEAT_VMX_ENTRY_CTLS,        ~0ull },
1330     },
1331     {
1332         .from = { FEAT_1_ECX,               CPUID_EXT_VMX },
1333         .to = { FEAT_VMX_MISC,              ~0ull },
1334     },
1335     {
1336         .from = { FEAT_1_ECX,               CPUID_EXT_VMX },
1337         .to = { FEAT_VMX_BASIC,             ~0ull },
1338     },
1339     {
1340         .from = { FEAT_8000_0001_EDX,       CPUID_EXT2_LM },
1341         .to = { FEAT_VMX_ENTRY_CTLS,        VMX_VM_ENTRY_IA32E_MODE },
1342     },
1343     {
1344         .from = { FEAT_VMX_PROCBASED_CTLS,  VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS },
1345         .to = { FEAT_VMX_SECONDARY_CTLS,    ~0ull },
1346     },
1347     {
1348         .from = { FEAT_XSAVE,               CPUID_XSAVE_XSAVES },
1349         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_XSAVES },
1350     },
1351     {
1352         .from = { FEAT_1_ECX,               CPUID_EXT_RDRAND },
1353         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_RDRAND_EXITING },
1354     },
1355     {
1356         .from = { FEAT_7_0_EBX,             CPUID_7_0_EBX_INVPCID },
1357         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_ENABLE_INVPCID },
1358     },
1359     {
1360         .from = { FEAT_7_0_EBX,             CPUID_7_0_EBX_MPX },
1361         .to = { FEAT_VMX_EXIT_CTLS,         VMX_VM_EXIT_CLEAR_BNDCFGS },
1362     },
1363     {
1364         .from = { FEAT_7_0_EBX,             CPUID_7_0_EBX_MPX },
1365         .to = { FEAT_VMX_ENTRY_CTLS,        VMX_VM_ENTRY_LOAD_BNDCFGS },
1366     },
1367     {
1368         .from = { FEAT_7_0_EBX,             CPUID_7_0_EBX_RDSEED },
1369         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_RDSEED_EXITING },
1370     },
1371     {
1372         .from = { FEAT_7_0_EBX,             CPUID_7_0_EBX_INTEL_PT },
1373         .to = { FEAT_14_0_ECX,              ~0ull },
1374     },
1375     {
1376         .from = { FEAT_8000_0001_EDX,       CPUID_EXT2_RDTSCP },
1377         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_RDTSCP },
1378     },
1379     {
1380         .from = { FEAT_VMX_SECONDARY_CTLS,  VMX_SECONDARY_EXEC_ENABLE_EPT },
1381         .to = { FEAT_VMX_EPT_VPID_CAPS,     0xffffffffull },
1382     },
1383     {
1384         .from = { FEAT_VMX_SECONDARY_CTLS,  VMX_SECONDARY_EXEC_ENABLE_EPT },
1385         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST },
1386     },
1387     {
1388         .from = { FEAT_VMX_SECONDARY_CTLS,  VMX_SECONDARY_EXEC_ENABLE_VPID },
1389         .to = { FEAT_VMX_EPT_VPID_CAPS,     0xffffffffull << 32 },
1390     },
1391     {
1392         .from = { FEAT_VMX_SECONDARY_CTLS,  VMX_SECONDARY_EXEC_ENABLE_VMFUNC },
1393         .to = { FEAT_VMX_VMFUNC,            ~0ull },
1394     },
1395     {
1396         .from = { FEAT_8000_0001_ECX,       CPUID_EXT3_SVM },
1397         .to = { FEAT_SVM,                   ~0ull },
1398     },
1399 };
1400 
1401 typedef struct X86RegisterInfo32 {
1402     /* Name of register */
1403     const char *name;
1404     /* QAPI enum value register */
1405     X86CPURegister32 qapi_enum;
1406 } X86RegisterInfo32;
1407 
1408 #define REGISTER(reg) \
1409     [R_##reg] = { .name = #reg, .qapi_enum = X86_CPU_REGISTER32_##reg }
1410 static const X86RegisterInfo32 x86_reg_info_32[CPU_NB_REGS32] = {
1411     REGISTER(EAX),
1412     REGISTER(ECX),
1413     REGISTER(EDX),
1414     REGISTER(EBX),
1415     REGISTER(ESP),
1416     REGISTER(EBP),
1417     REGISTER(ESI),
1418     REGISTER(EDI),
1419 };
1420 #undef REGISTER
1421 
1422 /* CPUID feature bits available in XSS */
1423 #define CPUID_XSTATE_XSS_MASK    (XSTATE_ARCH_LBR_MASK)
1424 
1425 ExtSaveArea x86_ext_save_areas[XSAVE_STATE_AREA_COUNT] = {
1426     [XSTATE_FP_BIT] = {
1427         /* x87 FP state component is always enabled if XSAVE is supported */
1428         .feature = FEAT_1_ECX, .bits = CPUID_EXT_XSAVE,
1429         .size = sizeof(X86LegacyXSaveArea) + sizeof(X86XSaveHeader),
1430     },
1431     [XSTATE_SSE_BIT] = {
1432         /* SSE state component is always enabled if XSAVE is supported */
1433         .feature = FEAT_1_ECX, .bits = CPUID_EXT_XSAVE,
1434         .size = sizeof(X86LegacyXSaveArea) + sizeof(X86XSaveHeader),
1435     },
1436     [XSTATE_YMM_BIT] =
1437           { .feature = FEAT_1_ECX, .bits = CPUID_EXT_AVX,
1438             .size = sizeof(XSaveAVX) },
1439     [XSTATE_BNDREGS_BIT] =
1440           { .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_MPX,
1441             .size = sizeof(XSaveBNDREG)  },
1442     [XSTATE_BNDCSR_BIT] =
1443           { .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_MPX,
1444             .size = sizeof(XSaveBNDCSR)  },
1445     [XSTATE_OPMASK_BIT] =
1446           { .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_AVX512F,
1447             .size = sizeof(XSaveOpmask) },
1448     [XSTATE_ZMM_Hi256_BIT] =
1449           { .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_AVX512F,
1450             .size = sizeof(XSaveZMM_Hi256) },
1451     [XSTATE_Hi16_ZMM_BIT] =
1452           { .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_AVX512F,
1453             .size = sizeof(XSaveHi16_ZMM) },
1454     [XSTATE_PKRU_BIT] =
1455           { .feature = FEAT_7_0_ECX, .bits = CPUID_7_0_ECX_PKU,
1456             .size = sizeof(XSavePKRU) },
1457     [XSTATE_ARCH_LBR_BIT] = {
1458             .feature = FEAT_7_0_EDX, .bits = CPUID_7_0_EDX_ARCH_LBR,
1459             .offset = 0 /*supervisor mode component, offset = 0 */,
1460             .size = sizeof(XSavesArchLBR) },
1461     [XSTATE_XTILE_CFG_BIT] = {
1462         .feature = FEAT_7_0_EDX, .bits = CPUID_7_0_EDX_AMX_TILE,
1463         .size = sizeof(XSaveXTILECFG),
1464     },
1465     [XSTATE_XTILE_DATA_BIT] = {
1466         .feature = FEAT_7_0_EDX, .bits = CPUID_7_0_EDX_AMX_TILE,
1467         .size = sizeof(XSaveXTILEDATA)
1468     },
1469 };
1470 
1471 uint32_t xsave_area_size(uint64_t mask, bool compacted)
1472 {
1473     uint64_t ret = x86_ext_save_areas[0].size;
1474     const ExtSaveArea *esa;
1475     uint32_t offset = 0;
1476     int i;
1477 
1478     for (i = 2; i < ARRAY_SIZE(x86_ext_save_areas); i++) {
1479         esa = &x86_ext_save_areas[i];
1480         if ((mask >> i) & 1) {
1481             offset = compacted ? ret : esa->offset;
1482             ret = MAX(ret, offset + esa->size);
1483         }
1484     }
1485     return ret;
1486 }
1487 
1488 static inline bool accel_uses_host_cpuid(void)
1489 {
1490     return kvm_enabled() || hvf_enabled();
1491 }
1492 
1493 static inline uint64_t x86_cpu_xsave_xcr0_components(X86CPU *cpu)
1494 {
1495     return ((uint64_t)cpu->env.features[FEAT_XSAVE_XCR0_HI]) << 32 |
1496            cpu->env.features[FEAT_XSAVE_XCR0_LO];
1497 }
1498 
1499 /* Return name of 32-bit register, from a R_* constant */
1500 static const char *get_register_name_32(unsigned int reg)
1501 {
1502     if (reg >= CPU_NB_REGS32) {
1503         return NULL;
1504     }
1505     return x86_reg_info_32[reg].name;
1506 }
1507 
1508 static inline uint64_t x86_cpu_xsave_xss_components(X86CPU *cpu)
1509 {
1510     return ((uint64_t)cpu->env.features[FEAT_XSAVE_XSS_HI]) << 32 |
1511            cpu->env.features[FEAT_XSAVE_XSS_LO];
1512 }
1513 
1514 /*
1515  * Returns the set of feature flags that are supported and migratable by
1516  * QEMU, for a given FeatureWord.
1517  */
1518 static uint64_t x86_cpu_get_migratable_flags(FeatureWord w)
1519 {
1520     FeatureWordInfo *wi = &feature_word_info[w];
1521     uint64_t r = 0;
1522     int i;
1523 
1524     for (i = 0; i < 64; i++) {
1525         uint64_t f = 1ULL << i;
1526 
1527         /* If the feature name is known, it is implicitly considered migratable,
1528          * unless it is explicitly set in unmigratable_flags */
1529         if ((wi->migratable_flags & f) ||
1530             (wi->feat_names[i] && !(wi->unmigratable_flags & f))) {
1531             r |= f;
1532         }
1533     }
1534     return r;
1535 }
1536 
1537 void host_cpuid(uint32_t function, uint32_t count,
1538                 uint32_t *eax, uint32_t *ebx, uint32_t *ecx, uint32_t *edx)
1539 {
1540     uint32_t vec[4];
1541 
1542 #ifdef __x86_64__
1543     asm volatile("cpuid"
1544                  : "=a"(vec[0]), "=b"(vec[1]),
1545                    "=c"(vec[2]), "=d"(vec[3])
1546                  : "0"(function), "c"(count) : "cc");
1547 #elif defined(__i386__)
1548     asm volatile("pusha \n\t"
1549                  "cpuid \n\t"
1550                  "mov %%eax, 0(%2) \n\t"
1551                  "mov %%ebx, 4(%2) \n\t"
1552                  "mov %%ecx, 8(%2) \n\t"
1553                  "mov %%edx, 12(%2) \n\t"
1554                  "popa"
1555                  : : "a"(function), "c"(count), "S"(vec)
1556                  : "memory", "cc");
1557 #else
1558     abort();
1559 #endif
1560 
1561     if (eax)
1562         *eax = vec[0];
1563     if (ebx)
1564         *ebx = vec[1];
1565     if (ecx)
1566         *ecx = vec[2];
1567     if (edx)
1568         *edx = vec[3];
1569 }
1570 
1571 /* CPU class name definitions: */
1572 
1573 /* Return type name for a given CPU model name
1574  * Caller is responsible for freeing the returned string.
1575  */
1576 static char *x86_cpu_type_name(const char *model_name)
1577 {
1578     return g_strdup_printf(X86_CPU_TYPE_NAME("%s"), model_name);
1579 }
1580 
1581 static ObjectClass *x86_cpu_class_by_name(const char *cpu_model)
1582 {
1583     g_autofree char *typename = x86_cpu_type_name(cpu_model);
1584     return object_class_by_name(typename);
1585 }
1586 
1587 static char *x86_cpu_class_get_model_name(X86CPUClass *cc)
1588 {
1589     const char *class_name = object_class_get_name(OBJECT_CLASS(cc));
1590     assert(g_str_has_suffix(class_name, X86_CPU_TYPE_SUFFIX));
1591     return g_strndup(class_name,
1592                      strlen(class_name) - strlen(X86_CPU_TYPE_SUFFIX));
1593 }
1594 
1595 typedef struct X86CPUVersionDefinition {
1596     X86CPUVersion version;
1597     const char *alias;
1598     const char *note;
1599     PropValue *props;
1600 } X86CPUVersionDefinition;
1601 
1602 /* Base definition for a CPU model */
1603 typedef struct X86CPUDefinition {
1604     const char *name;
1605     uint32_t level;
1606     uint32_t xlevel;
1607     /* vendor is zero-terminated, 12 character ASCII string */
1608     char vendor[CPUID_VENDOR_SZ + 1];
1609     int family;
1610     int model;
1611     int stepping;
1612     FeatureWordArray features;
1613     const char *model_id;
1614     const CPUCaches *const cache_info;
1615     /*
1616      * Definitions for alternative versions of CPU model.
1617      * List is terminated by item with version == 0.
1618      * If NULL, version 1 will be registered automatically.
1619      */
1620     const X86CPUVersionDefinition *versions;
1621     const char *deprecation_note;
1622 } X86CPUDefinition;
1623 
1624 /* Reference to a specific CPU model version */
1625 struct X86CPUModel {
1626     /* Base CPU definition */
1627     const X86CPUDefinition *cpudef;
1628     /* CPU model version */
1629     X86CPUVersion version;
1630     const char *note;
1631     /*
1632      * If true, this is an alias CPU model.
1633      * This matters only for "-cpu help" and query-cpu-definitions
1634      */
1635     bool is_alias;
1636 };
1637 
1638 /* Get full model name for CPU version */
1639 static char *x86_cpu_versioned_model_name(const X86CPUDefinition *cpudef,
1640                                           X86CPUVersion version)
1641 {
1642     assert(version > 0);
1643     return g_strdup_printf("%s-v%d", cpudef->name, (int)version);
1644 }
1645 
1646 static const X86CPUVersionDefinition *
1647 x86_cpu_def_get_versions(const X86CPUDefinition *def)
1648 {
1649     /* When X86CPUDefinition::versions is NULL, we register only v1 */
1650     static const X86CPUVersionDefinition default_version_list[] = {
1651         { 1 },
1652         { /* end of list */ }
1653     };
1654 
1655     return def->versions ?: default_version_list;
1656 }
1657 
1658 static const CPUCaches epyc_cache_info = {
1659     .l1d_cache = &(CPUCacheInfo) {
1660         .type = DATA_CACHE,
1661         .level = 1,
1662         .size = 32 * KiB,
1663         .line_size = 64,
1664         .associativity = 8,
1665         .partitions = 1,
1666         .sets = 64,
1667         .lines_per_tag = 1,
1668         .self_init = 1,
1669         .no_invd_sharing = true,
1670     },
1671     .l1i_cache = &(CPUCacheInfo) {
1672         .type = INSTRUCTION_CACHE,
1673         .level = 1,
1674         .size = 64 * KiB,
1675         .line_size = 64,
1676         .associativity = 4,
1677         .partitions = 1,
1678         .sets = 256,
1679         .lines_per_tag = 1,
1680         .self_init = 1,
1681         .no_invd_sharing = true,
1682     },
1683     .l2_cache = &(CPUCacheInfo) {
1684         .type = UNIFIED_CACHE,
1685         .level = 2,
1686         .size = 512 * KiB,
1687         .line_size = 64,
1688         .associativity = 8,
1689         .partitions = 1,
1690         .sets = 1024,
1691         .lines_per_tag = 1,
1692     },
1693     .l3_cache = &(CPUCacheInfo) {
1694         .type = UNIFIED_CACHE,
1695         .level = 3,
1696         .size = 8 * MiB,
1697         .line_size = 64,
1698         .associativity = 16,
1699         .partitions = 1,
1700         .sets = 8192,
1701         .lines_per_tag = 1,
1702         .self_init = true,
1703         .inclusive = true,
1704         .complex_indexing = true,
1705     },
1706 };
1707 
1708 static const CPUCaches epyc_rome_cache_info = {
1709     .l1d_cache = &(CPUCacheInfo) {
1710         .type = DATA_CACHE,
1711         .level = 1,
1712         .size = 32 * KiB,
1713         .line_size = 64,
1714         .associativity = 8,
1715         .partitions = 1,
1716         .sets = 64,
1717         .lines_per_tag = 1,
1718         .self_init = 1,
1719         .no_invd_sharing = true,
1720     },
1721     .l1i_cache = &(CPUCacheInfo) {
1722         .type = INSTRUCTION_CACHE,
1723         .level = 1,
1724         .size = 32 * KiB,
1725         .line_size = 64,
1726         .associativity = 8,
1727         .partitions = 1,
1728         .sets = 64,
1729         .lines_per_tag = 1,
1730         .self_init = 1,
1731         .no_invd_sharing = true,
1732     },
1733     .l2_cache = &(CPUCacheInfo) {
1734         .type = UNIFIED_CACHE,
1735         .level = 2,
1736         .size = 512 * KiB,
1737         .line_size = 64,
1738         .associativity = 8,
1739         .partitions = 1,
1740         .sets = 1024,
1741         .lines_per_tag = 1,
1742     },
1743     .l3_cache = &(CPUCacheInfo) {
1744         .type = UNIFIED_CACHE,
1745         .level = 3,
1746         .size = 16 * MiB,
1747         .line_size = 64,
1748         .associativity = 16,
1749         .partitions = 1,
1750         .sets = 16384,
1751         .lines_per_tag = 1,
1752         .self_init = true,
1753         .inclusive = true,
1754         .complex_indexing = true,
1755     },
1756 };
1757 
1758 static const CPUCaches epyc_milan_cache_info = {
1759     .l1d_cache = &(CPUCacheInfo) {
1760         .type = DATA_CACHE,
1761         .level = 1,
1762         .size = 32 * KiB,
1763         .line_size = 64,
1764         .associativity = 8,
1765         .partitions = 1,
1766         .sets = 64,
1767         .lines_per_tag = 1,
1768         .self_init = 1,
1769         .no_invd_sharing = true,
1770     },
1771     .l1i_cache = &(CPUCacheInfo) {
1772         .type = INSTRUCTION_CACHE,
1773         .level = 1,
1774         .size = 32 * KiB,
1775         .line_size = 64,
1776         .associativity = 8,
1777         .partitions = 1,
1778         .sets = 64,
1779         .lines_per_tag = 1,
1780         .self_init = 1,
1781         .no_invd_sharing = true,
1782     },
1783     .l2_cache = &(CPUCacheInfo) {
1784         .type = UNIFIED_CACHE,
1785         .level = 2,
1786         .size = 512 * KiB,
1787         .line_size = 64,
1788         .associativity = 8,
1789         .partitions = 1,
1790         .sets = 1024,
1791         .lines_per_tag = 1,
1792     },
1793     .l3_cache = &(CPUCacheInfo) {
1794         .type = UNIFIED_CACHE,
1795         .level = 3,
1796         .size = 32 * MiB,
1797         .line_size = 64,
1798         .associativity = 16,
1799         .partitions = 1,
1800         .sets = 32768,
1801         .lines_per_tag = 1,
1802         .self_init = true,
1803         .inclusive = true,
1804         .complex_indexing = true,
1805     },
1806 };
1807 
1808 /* The following VMX features are not supported by KVM and are left out in the
1809  * CPU definitions:
1810  *
1811  *  Dual-monitor support (all processors)
1812  *  Entry to SMM
1813  *  Deactivate dual-monitor treatment
1814  *  Number of CR3-target values
1815  *  Shutdown activity state
1816  *  Wait-for-SIPI activity state
1817  *  PAUSE-loop exiting (Westmere and newer)
1818  *  EPT-violation #VE (Broadwell and newer)
1819  *  Inject event with insn length=0 (Skylake and newer)
1820  *  Conceal non-root operation from PT
1821  *  Conceal VM exits from PT
1822  *  Conceal VM entries from PT
1823  *  Enable ENCLS exiting
1824  *  Mode-based execute control (XS/XU)
1825  s  TSC scaling (Skylake Server and newer)
1826  *  GPA translation for PT (IceLake and newer)
1827  *  User wait and pause
1828  *  ENCLV exiting
1829  *  Load IA32_RTIT_CTL
1830  *  Clear IA32_RTIT_CTL
1831  *  Advanced VM-exit information for EPT violations
1832  *  Sub-page write permissions
1833  *  PT in VMX operation
1834  */
1835 
1836 static const X86CPUDefinition builtin_x86_defs[] = {
1837     {
1838         .name = "qemu64",
1839         .level = 0xd,
1840         .vendor = CPUID_VENDOR_AMD,
1841         .family = 15,
1842         .model = 107,
1843         .stepping = 1,
1844         .features[FEAT_1_EDX] =
1845             PPRO_FEATURES |
1846             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA |
1847             CPUID_PSE36,
1848         .features[FEAT_1_ECX] =
1849             CPUID_EXT_SSE3 | CPUID_EXT_CX16,
1850         .features[FEAT_8000_0001_EDX] =
1851             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX,
1852         .features[FEAT_8000_0001_ECX] =
1853             CPUID_EXT3_LAHF_LM | CPUID_EXT3_SVM,
1854         .xlevel = 0x8000000A,
1855         .model_id = "QEMU Virtual CPU version " QEMU_HW_VERSION,
1856     },
1857     {
1858         .name = "phenom",
1859         .level = 5,
1860         .vendor = CPUID_VENDOR_AMD,
1861         .family = 16,
1862         .model = 2,
1863         .stepping = 3,
1864         /* Missing: CPUID_HT */
1865         .features[FEAT_1_EDX] =
1866             PPRO_FEATURES |
1867             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA |
1868             CPUID_PSE36 | CPUID_VME,
1869         .features[FEAT_1_ECX] =
1870             CPUID_EXT_SSE3 | CPUID_EXT_MONITOR | CPUID_EXT_CX16 |
1871             CPUID_EXT_POPCNT,
1872         .features[FEAT_8000_0001_EDX] =
1873             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX |
1874             CPUID_EXT2_3DNOW | CPUID_EXT2_3DNOWEXT | CPUID_EXT2_MMXEXT |
1875             CPUID_EXT2_FFXSR | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP,
1876         /* Missing: CPUID_EXT3_CMP_LEG, CPUID_EXT3_EXTAPIC,
1877                     CPUID_EXT3_CR8LEG,
1878                     CPUID_EXT3_MISALIGNSSE, CPUID_EXT3_3DNOWPREFETCH,
1879                     CPUID_EXT3_OSVW, CPUID_EXT3_IBS */
1880         .features[FEAT_8000_0001_ECX] =
1881             CPUID_EXT3_LAHF_LM | CPUID_EXT3_SVM |
1882             CPUID_EXT3_ABM | CPUID_EXT3_SSE4A,
1883         /* Missing: CPUID_SVM_LBRV */
1884         .features[FEAT_SVM] =
1885             CPUID_SVM_NPT,
1886         .xlevel = 0x8000001A,
1887         .model_id = "AMD Phenom(tm) 9550 Quad-Core Processor"
1888     },
1889     {
1890         .name = "core2duo",
1891         .level = 10,
1892         .vendor = CPUID_VENDOR_INTEL,
1893         .family = 6,
1894         .model = 15,
1895         .stepping = 11,
1896         /* Missing: CPUID_DTS, CPUID_HT, CPUID_TM, CPUID_PBE */
1897         .features[FEAT_1_EDX] =
1898             PPRO_FEATURES |
1899             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA |
1900             CPUID_PSE36 | CPUID_VME | CPUID_ACPI | CPUID_SS,
1901         /* Missing: CPUID_EXT_DTES64, CPUID_EXT_DSCPL, CPUID_EXT_EST,
1902          * CPUID_EXT_TM2, CPUID_EXT_XTPR, CPUID_EXT_PDCM, CPUID_EXT_VMX */
1903         .features[FEAT_1_ECX] =
1904             CPUID_EXT_SSE3 | CPUID_EXT_MONITOR | CPUID_EXT_SSSE3 |
1905             CPUID_EXT_CX16,
1906         .features[FEAT_8000_0001_EDX] =
1907             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX,
1908         .features[FEAT_8000_0001_ECX] =
1909             CPUID_EXT3_LAHF_LM,
1910         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS,
1911         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE,
1912         .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT,
1913         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
1914         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
1915              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS,
1916         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
1917              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
1918              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
1919              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
1920              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
1921              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
1922              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
1923              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
1924              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
1925              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
1926         .features[FEAT_VMX_SECONDARY_CTLS] =
1927              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES,
1928         .xlevel = 0x80000008,
1929         .model_id = "Intel(R) Core(TM)2 Duo CPU     T7700  @ 2.40GHz",
1930     },
1931     {
1932         .name = "kvm64",
1933         .level = 0xd,
1934         .vendor = CPUID_VENDOR_INTEL,
1935         .family = 15,
1936         .model = 6,
1937         .stepping = 1,
1938         /* Missing: CPUID_HT */
1939         .features[FEAT_1_EDX] =
1940             PPRO_FEATURES | CPUID_VME |
1941             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA |
1942             CPUID_PSE36,
1943         /* Missing: CPUID_EXT_POPCNT, CPUID_EXT_MONITOR */
1944         .features[FEAT_1_ECX] =
1945             CPUID_EXT_SSE3 | CPUID_EXT_CX16,
1946         /* Missing: CPUID_EXT2_PDPE1GB, CPUID_EXT2_RDTSCP */
1947         .features[FEAT_8000_0001_EDX] =
1948             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX,
1949         /* Missing: CPUID_EXT3_LAHF_LM, CPUID_EXT3_CMP_LEG, CPUID_EXT3_EXTAPIC,
1950                     CPUID_EXT3_CR8LEG, CPUID_EXT3_ABM, CPUID_EXT3_SSE4A,
1951                     CPUID_EXT3_MISALIGNSSE, CPUID_EXT3_3DNOWPREFETCH,
1952                     CPUID_EXT3_OSVW, CPUID_EXT3_IBS, CPUID_EXT3_SVM */
1953         .features[FEAT_8000_0001_ECX] =
1954             0,
1955         /* VMX features from Cedar Mill/Prescott */
1956         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE,
1957         .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT,
1958         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
1959         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
1960              VMX_PIN_BASED_NMI_EXITING,
1961         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
1962              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
1963              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
1964              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
1965              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
1966              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
1967              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
1968              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING,
1969         .xlevel = 0x80000008,
1970         .model_id = "Common KVM processor"
1971     },
1972     {
1973         .name = "qemu32",
1974         .level = 4,
1975         .vendor = CPUID_VENDOR_INTEL,
1976         .family = 6,
1977         .model = 6,
1978         .stepping = 3,
1979         .features[FEAT_1_EDX] =
1980             PPRO_FEATURES,
1981         .features[FEAT_1_ECX] =
1982             CPUID_EXT_SSE3,
1983         .xlevel = 0x80000004,
1984         .model_id = "QEMU Virtual CPU version " QEMU_HW_VERSION,
1985     },
1986     {
1987         .name = "kvm32",
1988         .level = 5,
1989         .vendor = CPUID_VENDOR_INTEL,
1990         .family = 15,
1991         .model = 6,
1992         .stepping = 1,
1993         .features[FEAT_1_EDX] =
1994             PPRO_FEATURES | CPUID_VME |
1995             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA | CPUID_PSE36,
1996         .features[FEAT_1_ECX] =
1997             CPUID_EXT_SSE3,
1998         .features[FEAT_8000_0001_ECX] =
1999             0,
2000         /* VMX features from Yonah */
2001         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE,
2002         .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT,
2003         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
2004         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2005              VMX_PIN_BASED_NMI_EXITING,
2006         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2007              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2008              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2009              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2010              VMX_CPU_BASED_MOV_DR_EXITING | VMX_CPU_BASED_UNCOND_IO_EXITING |
2011              VMX_CPU_BASED_USE_IO_BITMAPS | VMX_CPU_BASED_MONITOR_EXITING |
2012              VMX_CPU_BASED_PAUSE_EXITING | VMX_CPU_BASED_USE_MSR_BITMAPS,
2013         .xlevel = 0x80000008,
2014         .model_id = "Common 32-bit KVM processor"
2015     },
2016     {
2017         .name = "coreduo",
2018         .level = 10,
2019         .vendor = CPUID_VENDOR_INTEL,
2020         .family = 6,
2021         .model = 14,
2022         .stepping = 8,
2023         /* Missing: CPUID_DTS, CPUID_HT, CPUID_TM, CPUID_PBE */
2024         .features[FEAT_1_EDX] =
2025             PPRO_FEATURES | CPUID_VME |
2026             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA | CPUID_ACPI |
2027             CPUID_SS,
2028         /* Missing: CPUID_EXT_EST, CPUID_EXT_TM2 , CPUID_EXT_XTPR,
2029          * CPUID_EXT_PDCM, CPUID_EXT_VMX */
2030         .features[FEAT_1_ECX] =
2031             CPUID_EXT_SSE3 | CPUID_EXT_MONITOR,
2032         .features[FEAT_8000_0001_EDX] =
2033             CPUID_EXT2_NX,
2034         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE,
2035         .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT,
2036         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
2037         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2038              VMX_PIN_BASED_NMI_EXITING,
2039         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2040              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2041              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2042              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2043              VMX_CPU_BASED_MOV_DR_EXITING | VMX_CPU_BASED_UNCOND_IO_EXITING |
2044              VMX_CPU_BASED_USE_IO_BITMAPS | VMX_CPU_BASED_MONITOR_EXITING |
2045              VMX_CPU_BASED_PAUSE_EXITING | VMX_CPU_BASED_USE_MSR_BITMAPS,
2046         .xlevel = 0x80000008,
2047         .model_id = "Genuine Intel(R) CPU           T2600  @ 2.16GHz",
2048     },
2049     {
2050         .name = "486",
2051         .level = 1,
2052         .vendor = CPUID_VENDOR_INTEL,
2053         .family = 4,
2054         .model = 8,
2055         .stepping = 0,
2056         .features[FEAT_1_EDX] =
2057             I486_FEATURES,
2058         .xlevel = 0,
2059         .model_id = "",
2060     },
2061     {
2062         .name = "pentium",
2063         .level = 1,
2064         .vendor = CPUID_VENDOR_INTEL,
2065         .family = 5,
2066         .model = 4,
2067         .stepping = 3,
2068         .features[FEAT_1_EDX] =
2069             PENTIUM_FEATURES,
2070         .xlevel = 0,
2071         .model_id = "",
2072     },
2073     {
2074         .name = "pentium2",
2075         .level = 2,
2076         .vendor = CPUID_VENDOR_INTEL,
2077         .family = 6,
2078         .model = 5,
2079         .stepping = 2,
2080         .features[FEAT_1_EDX] =
2081             PENTIUM2_FEATURES,
2082         .xlevel = 0,
2083         .model_id = "",
2084     },
2085     {
2086         .name = "pentium3",
2087         .level = 3,
2088         .vendor = CPUID_VENDOR_INTEL,
2089         .family = 6,
2090         .model = 7,
2091         .stepping = 3,
2092         .features[FEAT_1_EDX] =
2093             PENTIUM3_FEATURES,
2094         .xlevel = 0,
2095         .model_id = "",
2096     },
2097     {
2098         .name = "athlon",
2099         .level = 2,
2100         .vendor = CPUID_VENDOR_AMD,
2101         .family = 6,
2102         .model = 2,
2103         .stepping = 3,
2104         .features[FEAT_1_EDX] =
2105             PPRO_FEATURES | CPUID_PSE36 | CPUID_VME | CPUID_MTRR |
2106             CPUID_MCA,
2107         .features[FEAT_8000_0001_EDX] =
2108             CPUID_EXT2_MMXEXT | CPUID_EXT2_3DNOW | CPUID_EXT2_3DNOWEXT,
2109         .xlevel = 0x80000008,
2110         .model_id = "QEMU Virtual CPU version " QEMU_HW_VERSION,
2111     },
2112     {
2113         .name = "n270",
2114         .level = 10,
2115         .vendor = CPUID_VENDOR_INTEL,
2116         .family = 6,
2117         .model = 28,
2118         .stepping = 2,
2119         /* Missing: CPUID_DTS, CPUID_HT, CPUID_TM, CPUID_PBE */
2120         .features[FEAT_1_EDX] =
2121             PPRO_FEATURES |
2122             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA | CPUID_VME |
2123             CPUID_ACPI | CPUID_SS,
2124             /* Some CPUs got no CPUID_SEP */
2125         /* Missing: CPUID_EXT_DSCPL, CPUID_EXT_EST, CPUID_EXT_TM2,
2126          * CPUID_EXT_XTPR */
2127         .features[FEAT_1_ECX] =
2128             CPUID_EXT_SSE3 | CPUID_EXT_MONITOR | CPUID_EXT_SSSE3 |
2129             CPUID_EXT_MOVBE,
2130         .features[FEAT_8000_0001_EDX] =
2131             CPUID_EXT2_NX,
2132         .features[FEAT_8000_0001_ECX] =
2133             CPUID_EXT3_LAHF_LM,
2134         .xlevel = 0x80000008,
2135         .model_id = "Intel(R) Atom(TM) CPU N270   @ 1.60GHz",
2136     },
2137     {
2138         .name = "Conroe",
2139         .level = 10,
2140         .vendor = CPUID_VENDOR_INTEL,
2141         .family = 6,
2142         .model = 15,
2143         .stepping = 3,
2144         .features[FEAT_1_EDX] =
2145             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2146             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2147             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2148             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2149             CPUID_DE | CPUID_FP87,
2150         .features[FEAT_1_ECX] =
2151             CPUID_EXT_SSSE3 | CPUID_EXT_SSE3,
2152         .features[FEAT_8000_0001_EDX] =
2153             CPUID_EXT2_LM | CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
2154         .features[FEAT_8000_0001_ECX] =
2155             CPUID_EXT3_LAHF_LM,
2156         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS,
2157         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE,
2158         .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT,
2159         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
2160         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2161              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS,
2162         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2163              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2164              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2165              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2166              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2167              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2168              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2169              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2170              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2171              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2172         .features[FEAT_VMX_SECONDARY_CTLS] =
2173              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES,
2174         .xlevel = 0x80000008,
2175         .model_id = "Intel Celeron_4x0 (Conroe/Merom Class Core 2)",
2176     },
2177     {
2178         .name = "Penryn",
2179         .level = 10,
2180         .vendor = CPUID_VENDOR_INTEL,
2181         .family = 6,
2182         .model = 23,
2183         .stepping = 3,
2184         .features[FEAT_1_EDX] =
2185             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2186             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2187             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2188             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2189             CPUID_DE | CPUID_FP87,
2190         .features[FEAT_1_ECX] =
2191             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
2192             CPUID_EXT_SSE3,
2193         .features[FEAT_8000_0001_EDX] =
2194             CPUID_EXT2_LM | CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
2195         .features[FEAT_8000_0001_ECX] =
2196             CPUID_EXT3_LAHF_LM,
2197         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS,
2198         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2199              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL,
2200         .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT |
2201              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL,
2202         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
2203         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2204              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS,
2205         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2206              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2207              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2208              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2209              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2210              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2211              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2212              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2213              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2214              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2215         .features[FEAT_VMX_SECONDARY_CTLS] =
2216              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2217              VMX_SECONDARY_EXEC_WBINVD_EXITING,
2218         .xlevel = 0x80000008,
2219         .model_id = "Intel Core 2 Duo P9xxx (Penryn Class Core 2)",
2220     },
2221     {
2222         .name = "Nehalem",
2223         .level = 11,
2224         .vendor = CPUID_VENDOR_INTEL,
2225         .family = 6,
2226         .model = 26,
2227         .stepping = 3,
2228         .features[FEAT_1_EDX] =
2229             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2230             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2231             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2232             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2233             CPUID_DE | CPUID_FP87,
2234         .features[FEAT_1_ECX] =
2235             CPUID_EXT_POPCNT | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
2236             CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | CPUID_EXT_SSE3,
2237         .features[FEAT_8000_0001_EDX] =
2238             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX,
2239         .features[FEAT_8000_0001_ECX] =
2240             CPUID_EXT3_LAHF_LM,
2241         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2242              MSR_VMX_BASIC_TRUE_CTLS,
2243         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2244              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2245              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2246         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2247              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2248              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2249              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2250              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2251              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2252              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS,
2253         .features[FEAT_VMX_EXIT_CTLS] =
2254              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2255              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2256              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2257              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2258              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2259         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
2260         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2261              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2262              VMX_PIN_BASED_VMX_PREEMPTION_TIMER,
2263         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2264              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2265              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2266              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2267              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2268              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2269              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2270              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2271              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2272              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2273              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2274              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2275         .features[FEAT_VMX_SECONDARY_CTLS] =
2276              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2277              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2278              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2279              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
2280              VMX_SECONDARY_EXEC_ENABLE_VPID,
2281         .xlevel = 0x80000008,
2282         .model_id = "Intel Core i7 9xx (Nehalem Class Core i7)",
2283         .versions = (X86CPUVersionDefinition[]) {
2284             { .version = 1 },
2285             {
2286                 .version = 2,
2287                 .alias = "Nehalem-IBRS",
2288                 .props = (PropValue[]) {
2289                     { "spec-ctrl", "on" },
2290                     { "model-id",
2291                       "Intel Core i7 9xx (Nehalem Core i7, IBRS update)" },
2292                     { /* end of list */ }
2293                 }
2294             },
2295             { /* end of list */ }
2296         }
2297     },
2298     {
2299         .name = "Westmere",
2300         .level = 11,
2301         .vendor = CPUID_VENDOR_INTEL,
2302         .family = 6,
2303         .model = 44,
2304         .stepping = 1,
2305         .features[FEAT_1_EDX] =
2306             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2307             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2308             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2309             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2310             CPUID_DE | CPUID_FP87,
2311         .features[FEAT_1_ECX] =
2312             CPUID_EXT_AES | CPUID_EXT_POPCNT | CPUID_EXT_SSE42 |
2313             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
2314             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3,
2315         .features[FEAT_8000_0001_EDX] =
2316             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX,
2317         .features[FEAT_8000_0001_ECX] =
2318             CPUID_EXT3_LAHF_LM,
2319         .features[FEAT_6_EAX] =
2320             CPUID_6_EAX_ARAT,
2321         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2322              MSR_VMX_BASIC_TRUE_CTLS,
2323         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2324              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2325              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2326         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2327              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2328              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2329              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2330              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2331              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2332              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS,
2333         .features[FEAT_VMX_EXIT_CTLS] =
2334              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2335              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2336              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2337              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2338              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2339         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
2340              MSR_VMX_MISC_STORE_LMA,
2341         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2342              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2343              VMX_PIN_BASED_VMX_PREEMPTION_TIMER,
2344         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2345              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2346              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2347              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2348              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2349              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2350              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2351              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2352              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2353              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2354              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2355              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2356         .features[FEAT_VMX_SECONDARY_CTLS] =
2357              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2358              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2359              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2360              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
2361              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST,
2362         .xlevel = 0x80000008,
2363         .model_id = "Westmere E56xx/L56xx/X56xx (Nehalem-C)",
2364         .versions = (X86CPUVersionDefinition[]) {
2365             { .version = 1 },
2366             {
2367                 .version = 2,
2368                 .alias = "Westmere-IBRS",
2369                 .props = (PropValue[]) {
2370                     { "spec-ctrl", "on" },
2371                     { "model-id",
2372                       "Westmere E56xx/L56xx/X56xx (IBRS update)" },
2373                     { /* end of list */ }
2374                 }
2375             },
2376             { /* end of list */ }
2377         }
2378     },
2379     {
2380         .name = "SandyBridge",
2381         .level = 0xd,
2382         .vendor = CPUID_VENDOR_INTEL,
2383         .family = 6,
2384         .model = 42,
2385         .stepping = 1,
2386         .features[FEAT_1_EDX] =
2387             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2388             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2389             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2390             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2391             CPUID_DE | CPUID_FP87,
2392         .features[FEAT_1_ECX] =
2393             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
2394             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_POPCNT |
2395             CPUID_EXT_X2APIC | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
2396             CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | CPUID_EXT_PCLMULQDQ |
2397             CPUID_EXT_SSE3,
2398         .features[FEAT_8000_0001_EDX] =
2399             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
2400             CPUID_EXT2_SYSCALL,
2401         .features[FEAT_8000_0001_ECX] =
2402             CPUID_EXT3_LAHF_LM,
2403         .features[FEAT_XSAVE] =
2404             CPUID_XSAVE_XSAVEOPT,
2405         .features[FEAT_6_EAX] =
2406             CPUID_6_EAX_ARAT,
2407         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2408              MSR_VMX_BASIC_TRUE_CTLS,
2409         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2410              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2411              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2412         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2413              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2414              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2415              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2416              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2417              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2418              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS,
2419         .features[FEAT_VMX_EXIT_CTLS] =
2420              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2421              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2422              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2423              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2424              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2425         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
2426              MSR_VMX_MISC_STORE_LMA,
2427         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2428              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2429              VMX_PIN_BASED_VMX_PREEMPTION_TIMER,
2430         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2431              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2432              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2433              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2434              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2435              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2436              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2437              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2438              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2439              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2440              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2441              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2442         .features[FEAT_VMX_SECONDARY_CTLS] =
2443              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2444              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2445              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2446              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
2447              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST,
2448         .xlevel = 0x80000008,
2449         .model_id = "Intel Xeon E312xx (Sandy Bridge)",
2450         .versions = (X86CPUVersionDefinition[]) {
2451             { .version = 1 },
2452             {
2453                 .version = 2,
2454                 .alias = "SandyBridge-IBRS",
2455                 .props = (PropValue[]) {
2456                     { "spec-ctrl", "on" },
2457                     { "model-id",
2458                       "Intel Xeon E312xx (Sandy Bridge, IBRS update)" },
2459                     { /* end of list */ }
2460                 }
2461             },
2462             { /* end of list */ }
2463         }
2464     },
2465     {
2466         .name = "IvyBridge",
2467         .level = 0xd,
2468         .vendor = CPUID_VENDOR_INTEL,
2469         .family = 6,
2470         .model = 58,
2471         .stepping = 9,
2472         .features[FEAT_1_EDX] =
2473             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2474             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2475             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2476             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2477             CPUID_DE | CPUID_FP87,
2478         .features[FEAT_1_ECX] =
2479             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
2480             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_POPCNT |
2481             CPUID_EXT_X2APIC | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
2482             CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | CPUID_EXT_PCLMULQDQ |
2483             CPUID_EXT_SSE3 | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
2484         .features[FEAT_7_0_EBX] =
2485             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_SMEP |
2486             CPUID_7_0_EBX_ERMS,
2487         .features[FEAT_8000_0001_EDX] =
2488             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
2489             CPUID_EXT2_SYSCALL,
2490         .features[FEAT_8000_0001_ECX] =
2491             CPUID_EXT3_LAHF_LM,
2492         .features[FEAT_XSAVE] =
2493             CPUID_XSAVE_XSAVEOPT,
2494         .features[FEAT_6_EAX] =
2495             CPUID_6_EAX_ARAT,
2496         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2497              MSR_VMX_BASIC_TRUE_CTLS,
2498         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2499              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2500              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2501         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2502              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2503              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2504              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2505              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2506              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2507              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS,
2508         .features[FEAT_VMX_EXIT_CTLS] =
2509              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2510              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2511              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2512              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2513              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2514         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
2515              MSR_VMX_MISC_STORE_LMA,
2516         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2517              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2518              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
2519         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2520              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2521              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2522              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2523              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2524              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2525              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2526              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2527              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2528              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2529              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2530              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2531         .features[FEAT_VMX_SECONDARY_CTLS] =
2532              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2533              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2534              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2535              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
2536              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
2537              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
2538              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
2539              VMX_SECONDARY_EXEC_RDRAND_EXITING,
2540         .xlevel = 0x80000008,
2541         .model_id = "Intel Xeon E3-12xx v2 (Ivy Bridge)",
2542         .versions = (X86CPUVersionDefinition[]) {
2543             { .version = 1 },
2544             {
2545                 .version = 2,
2546                 .alias = "IvyBridge-IBRS",
2547                 .props = (PropValue[]) {
2548                     { "spec-ctrl", "on" },
2549                     { "model-id",
2550                       "Intel Xeon E3-12xx v2 (Ivy Bridge, IBRS)" },
2551                     { /* end of list */ }
2552                 }
2553             },
2554             { /* end of list */ }
2555         }
2556     },
2557     {
2558         .name = "Haswell",
2559         .level = 0xd,
2560         .vendor = CPUID_VENDOR_INTEL,
2561         .family = 6,
2562         .model = 60,
2563         .stepping = 4,
2564         .features[FEAT_1_EDX] =
2565             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2566             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2567             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2568             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2569             CPUID_DE | CPUID_FP87,
2570         .features[FEAT_1_ECX] =
2571             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
2572             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
2573             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
2574             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
2575             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
2576             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
2577         .features[FEAT_8000_0001_EDX] =
2578             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
2579             CPUID_EXT2_SYSCALL,
2580         .features[FEAT_8000_0001_ECX] =
2581             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM,
2582         .features[FEAT_7_0_EBX] =
2583             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
2584             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
2585             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
2586             CPUID_7_0_EBX_RTM,
2587         .features[FEAT_XSAVE] =
2588             CPUID_XSAVE_XSAVEOPT,
2589         .features[FEAT_6_EAX] =
2590             CPUID_6_EAX_ARAT,
2591         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2592              MSR_VMX_BASIC_TRUE_CTLS,
2593         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2594              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2595              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2596         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2597              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2598              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2599              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2600              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2601              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2602              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
2603         .features[FEAT_VMX_EXIT_CTLS] =
2604              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2605              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2606              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2607              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2608              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2609         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
2610              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
2611         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2612              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2613              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
2614         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2615              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2616              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2617              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2618              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2619              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2620              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2621              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2622              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2623              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2624              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2625              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2626         .features[FEAT_VMX_SECONDARY_CTLS] =
2627              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2628              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2629              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2630              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
2631              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
2632              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
2633              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
2634              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
2635              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS,
2636         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
2637         .xlevel = 0x80000008,
2638         .model_id = "Intel Core Processor (Haswell)",
2639         .versions = (X86CPUVersionDefinition[]) {
2640             { .version = 1 },
2641             {
2642                 .version = 2,
2643                 .alias = "Haswell-noTSX",
2644                 .props = (PropValue[]) {
2645                     { "hle", "off" },
2646                     { "rtm", "off" },
2647                     { "stepping", "1" },
2648                     { "model-id", "Intel Core Processor (Haswell, no TSX)", },
2649                     { /* end of list */ }
2650                 },
2651             },
2652             {
2653                 .version = 3,
2654                 .alias = "Haswell-IBRS",
2655                 .props = (PropValue[]) {
2656                     /* Restore TSX features removed by -v2 above */
2657                     { "hle", "on" },
2658                     { "rtm", "on" },
2659                     /*
2660                      * Haswell and Haswell-IBRS had stepping=4 in
2661                      * QEMU 4.0 and older
2662                      */
2663                     { "stepping", "4" },
2664                     { "spec-ctrl", "on" },
2665                     { "model-id",
2666                       "Intel Core Processor (Haswell, IBRS)" },
2667                     { /* end of list */ }
2668                 }
2669             },
2670             {
2671                 .version = 4,
2672                 .alias = "Haswell-noTSX-IBRS",
2673                 .props = (PropValue[]) {
2674                     { "hle", "off" },
2675                     { "rtm", "off" },
2676                     /* spec-ctrl was already enabled by -v3 above */
2677                     { "stepping", "1" },
2678                     { "model-id",
2679                       "Intel Core Processor (Haswell, no TSX, IBRS)" },
2680                     { /* end of list */ }
2681                 }
2682             },
2683             { /* end of list */ }
2684         }
2685     },
2686     {
2687         .name = "Broadwell",
2688         .level = 0xd,
2689         .vendor = CPUID_VENDOR_INTEL,
2690         .family = 6,
2691         .model = 61,
2692         .stepping = 2,
2693         .features[FEAT_1_EDX] =
2694             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2695             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2696             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2697             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2698             CPUID_DE | CPUID_FP87,
2699         .features[FEAT_1_ECX] =
2700             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
2701             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
2702             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
2703             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
2704             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
2705             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
2706         .features[FEAT_8000_0001_EDX] =
2707             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
2708             CPUID_EXT2_SYSCALL,
2709         .features[FEAT_8000_0001_ECX] =
2710             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
2711         .features[FEAT_7_0_EBX] =
2712             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
2713             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
2714             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
2715             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
2716             CPUID_7_0_EBX_SMAP,
2717         .features[FEAT_XSAVE] =
2718             CPUID_XSAVE_XSAVEOPT,
2719         .features[FEAT_6_EAX] =
2720             CPUID_6_EAX_ARAT,
2721         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2722              MSR_VMX_BASIC_TRUE_CTLS,
2723         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2724              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2725              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2726         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2727              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2728              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2729              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2730              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2731              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2732              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
2733         .features[FEAT_VMX_EXIT_CTLS] =
2734              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2735              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2736              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2737              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2738              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2739         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
2740              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
2741         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2742              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2743              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
2744         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2745              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2746              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2747              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2748              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2749              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2750              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2751              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2752              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2753              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2754              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2755              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2756         .features[FEAT_VMX_SECONDARY_CTLS] =
2757              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2758              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2759              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2760              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
2761              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
2762              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
2763              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
2764              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
2765              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
2766              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
2767         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
2768         .xlevel = 0x80000008,
2769         .model_id = "Intel Core Processor (Broadwell)",
2770         .versions = (X86CPUVersionDefinition[]) {
2771             { .version = 1 },
2772             {
2773                 .version = 2,
2774                 .alias = "Broadwell-noTSX",
2775                 .props = (PropValue[]) {
2776                     { "hle", "off" },
2777                     { "rtm", "off" },
2778                     { "model-id", "Intel Core Processor (Broadwell, no TSX)", },
2779                     { /* end of list */ }
2780                 },
2781             },
2782             {
2783                 .version = 3,
2784                 .alias = "Broadwell-IBRS",
2785                 .props = (PropValue[]) {
2786                     /* Restore TSX features removed by -v2 above */
2787                     { "hle", "on" },
2788                     { "rtm", "on" },
2789                     { "spec-ctrl", "on" },
2790                     { "model-id",
2791                       "Intel Core Processor (Broadwell, IBRS)" },
2792                     { /* end of list */ }
2793                 }
2794             },
2795             {
2796                 .version = 4,
2797                 .alias = "Broadwell-noTSX-IBRS",
2798                 .props = (PropValue[]) {
2799                     { "hle", "off" },
2800                     { "rtm", "off" },
2801                     /* spec-ctrl was already enabled by -v3 above */
2802                     { "model-id",
2803                       "Intel Core Processor (Broadwell, no TSX, IBRS)" },
2804                     { /* end of list */ }
2805                 }
2806             },
2807             { /* end of list */ }
2808         }
2809     },
2810     {
2811         .name = "Skylake-Client",
2812         .level = 0xd,
2813         .vendor = CPUID_VENDOR_INTEL,
2814         .family = 6,
2815         .model = 94,
2816         .stepping = 3,
2817         .features[FEAT_1_EDX] =
2818             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2819             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2820             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2821             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2822             CPUID_DE | CPUID_FP87,
2823         .features[FEAT_1_ECX] =
2824             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
2825             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
2826             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
2827             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
2828             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
2829             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
2830         .features[FEAT_8000_0001_EDX] =
2831             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
2832             CPUID_EXT2_SYSCALL,
2833         .features[FEAT_8000_0001_ECX] =
2834             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
2835         .features[FEAT_7_0_EBX] =
2836             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
2837             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
2838             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
2839             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
2840             CPUID_7_0_EBX_SMAP,
2841         /* XSAVES is added in version 4 */
2842         .features[FEAT_XSAVE] =
2843             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
2844             CPUID_XSAVE_XGETBV1,
2845         .features[FEAT_6_EAX] =
2846             CPUID_6_EAX_ARAT,
2847         /* Missing: Mode-based execute control (XS/XU), processor tracing, TSC scaling */
2848         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2849              MSR_VMX_BASIC_TRUE_CTLS,
2850         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2851              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2852              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2853         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2854              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2855              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2856              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2857              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2858              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2859              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
2860         .features[FEAT_VMX_EXIT_CTLS] =
2861              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2862              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2863              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2864              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2865              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2866         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
2867              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
2868         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2869              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2870              VMX_PIN_BASED_VMX_PREEMPTION_TIMER,
2871         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2872              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2873              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2874              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2875              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2876              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2877              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2878              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2879              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2880              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2881              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2882              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2883         .features[FEAT_VMX_SECONDARY_CTLS] =
2884              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2885              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2886              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2887              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
2888              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
2889              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
2890              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
2891         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
2892         .xlevel = 0x80000008,
2893         .model_id = "Intel Core Processor (Skylake)",
2894         .versions = (X86CPUVersionDefinition[]) {
2895             { .version = 1 },
2896             {
2897                 .version = 2,
2898                 .alias = "Skylake-Client-IBRS",
2899                 .props = (PropValue[]) {
2900                     { "spec-ctrl", "on" },
2901                     { "model-id",
2902                       "Intel Core Processor (Skylake, IBRS)" },
2903                     { /* end of list */ }
2904                 }
2905             },
2906             {
2907                 .version = 3,
2908                 .alias = "Skylake-Client-noTSX-IBRS",
2909                 .props = (PropValue[]) {
2910                     { "hle", "off" },
2911                     { "rtm", "off" },
2912                     { "model-id",
2913                       "Intel Core Processor (Skylake, IBRS, no TSX)" },
2914                     { /* end of list */ }
2915                 }
2916             },
2917             {
2918                 .version = 4,
2919                 .note = "IBRS, XSAVES, no TSX",
2920                 .props = (PropValue[]) {
2921                     { "xsaves", "on" },
2922                     { "vmx-xsaves", "on" },
2923                     { /* end of list */ }
2924                 }
2925             },
2926             { /* end of list */ }
2927         }
2928     },
2929     {
2930         .name = "Skylake-Server",
2931         .level = 0xd,
2932         .vendor = CPUID_VENDOR_INTEL,
2933         .family = 6,
2934         .model = 85,
2935         .stepping = 4,
2936         .features[FEAT_1_EDX] =
2937             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2938             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2939             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2940             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2941             CPUID_DE | CPUID_FP87,
2942         .features[FEAT_1_ECX] =
2943             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
2944             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
2945             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
2946             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
2947             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
2948             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
2949         .features[FEAT_8000_0001_EDX] =
2950             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
2951             CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
2952         .features[FEAT_8000_0001_ECX] =
2953             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
2954         .features[FEAT_7_0_EBX] =
2955             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
2956             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
2957             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
2958             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
2959             CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLWB |
2960             CPUID_7_0_EBX_AVX512F | CPUID_7_0_EBX_AVX512DQ |
2961             CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512CD |
2962             CPUID_7_0_EBX_AVX512VL | CPUID_7_0_EBX_CLFLUSHOPT,
2963         .features[FEAT_7_0_ECX] =
2964             CPUID_7_0_ECX_PKU,
2965         /* XSAVES is added in version 5 */
2966         .features[FEAT_XSAVE] =
2967             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
2968             CPUID_XSAVE_XGETBV1,
2969         .features[FEAT_6_EAX] =
2970             CPUID_6_EAX_ARAT,
2971         /* Missing: Mode-based execute control (XS/XU), processor tracing, TSC scaling */
2972         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2973              MSR_VMX_BASIC_TRUE_CTLS,
2974         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2975              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2976              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2977         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2978              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2979              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2980              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2981              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2982              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2983              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
2984         .features[FEAT_VMX_EXIT_CTLS] =
2985              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2986              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2987              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2988              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2989              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2990         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
2991              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
2992         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2993              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2994              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
2995         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2996              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2997              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2998              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2999              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3000              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3001              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3002              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3003              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3004              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3005              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3006              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3007         .features[FEAT_VMX_SECONDARY_CTLS] =
3008              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3009              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3010              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3011              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3012              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3013              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
3014              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
3015              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3016              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
3017              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
3018         .xlevel = 0x80000008,
3019         .model_id = "Intel Xeon Processor (Skylake)",
3020         .versions = (X86CPUVersionDefinition[]) {
3021             { .version = 1 },
3022             {
3023                 .version = 2,
3024                 .alias = "Skylake-Server-IBRS",
3025                 .props = (PropValue[]) {
3026                     /* clflushopt was not added to Skylake-Server-IBRS */
3027                     /* TODO: add -v3 including clflushopt */
3028                     { "clflushopt", "off" },
3029                     { "spec-ctrl", "on" },
3030                     { "model-id",
3031                       "Intel Xeon Processor (Skylake, IBRS)" },
3032                     { /* end of list */ }
3033                 }
3034             },
3035             {
3036                 .version = 3,
3037                 .alias = "Skylake-Server-noTSX-IBRS",
3038                 .props = (PropValue[]) {
3039                     { "hle", "off" },
3040                     { "rtm", "off" },
3041                     { "model-id",
3042                       "Intel Xeon Processor (Skylake, IBRS, no TSX)" },
3043                     { /* end of list */ }
3044                 }
3045             },
3046             {
3047                 .version = 4,
3048                 .props = (PropValue[]) {
3049                     { "vmx-eptp-switching", "on" },
3050                     { /* end of list */ }
3051                 }
3052             },
3053             {
3054                 .version = 5,
3055                 .note = "IBRS, XSAVES, EPT switching, no TSX",
3056                 .props = (PropValue[]) {
3057                     { "xsaves", "on" },
3058                     { "vmx-xsaves", "on" },
3059                     { /* end of list */ }
3060                 }
3061             },
3062             { /* end of list */ }
3063         }
3064     },
3065     {
3066         .name = "Cascadelake-Server",
3067         .level = 0xd,
3068         .vendor = CPUID_VENDOR_INTEL,
3069         .family = 6,
3070         .model = 85,
3071         .stepping = 6,
3072         .features[FEAT_1_EDX] =
3073             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3074             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3075             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3076             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3077             CPUID_DE | CPUID_FP87,
3078         .features[FEAT_1_ECX] =
3079             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
3080             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
3081             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
3082             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
3083             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
3084             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
3085         .features[FEAT_8000_0001_EDX] =
3086             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
3087             CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
3088         .features[FEAT_8000_0001_ECX] =
3089             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
3090         .features[FEAT_7_0_EBX] =
3091             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
3092             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
3093             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
3094             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
3095             CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLWB |
3096             CPUID_7_0_EBX_AVX512F | CPUID_7_0_EBX_AVX512DQ |
3097             CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512CD |
3098             CPUID_7_0_EBX_AVX512VL | CPUID_7_0_EBX_CLFLUSHOPT,
3099         .features[FEAT_7_0_ECX] =
3100             CPUID_7_0_ECX_PKU |
3101             CPUID_7_0_ECX_AVX512VNNI,
3102         .features[FEAT_7_0_EDX] =
3103             CPUID_7_0_EDX_SPEC_CTRL | CPUID_7_0_EDX_SPEC_CTRL_SSBD,
3104         /* XSAVES is added in version 5 */
3105         .features[FEAT_XSAVE] =
3106             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
3107             CPUID_XSAVE_XGETBV1,
3108         .features[FEAT_6_EAX] =
3109             CPUID_6_EAX_ARAT,
3110         /* Missing: Mode-based execute control (XS/XU), processor tracing, TSC scaling */
3111         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
3112              MSR_VMX_BASIC_TRUE_CTLS,
3113         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
3114              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
3115              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
3116         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
3117              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
3118              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
3119              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3120              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3121              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3122              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
3123         .features[FEAT_VMX_EXIT_CTLS] =
3124              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3125              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3126              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
3127              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3128              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3129         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
3130              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
3131         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
3132              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
3133              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
3134         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3135              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3136              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3137              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3138              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3139              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3140              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3141              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3142              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3143              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3144              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3145              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3146         .features[FEAT_VMX_SECONDARY_CTLS] =
3147              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3148              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3149              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3150              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3151              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3152              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
3153              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
3154              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3155              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
3156              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
3157         .xlevel = 0x80000008,
3158         .model_id = "Intel Xeon Processor (Cascadelake)",
3159         .versions = (X86CPUVersionDefinition[]) {
3160             { .version = 1 },
3161             { .version = 2,
3162               .note = "ARCH_CAPABILITIES",
3163               .props = (PropValue[]) {
3164                   { "arch-capabilities", "on" },
3165                   { "rdctl-no", "on" },
3166                   { "ibrs-all", "on" },
3167                   { "skip-l1dfl-vmentry", "on" },
3168                   { "mds-no", "on" },
3169                   { /* end of list */ }
3170               },
3171             },
3172             { .version = 3,
3173               .alias = "Cascadelake-Server-noTSX",
3174               .note = "ARCH_CAPABILITIES, no TSX",
3175               .props = (PropValue[]) {
3176                   { "hle", "off" },
3177                   { "rtm", "off" },
3178                   { /* end of list */ }
3179               },
3180             },
3181             { .version = 4,
3182               .note = "ARCH_CAPABILITIES, no TSX",
3183               .props = (PropValue[]) {
3184                   { "vmx-eptp-switching", "on" },
3185                   { /* end of list */ }
3186               },
3187             },
3188             { .version = 5,
3189               .note = "ARCH_CAPABILITIES, EPT switching, XSAVES, no TSX",
3190               .props = (PropValue[]) {
3191                   { "xsaves", "on" },
3192                   { "vmx-xsaves", "on" },
3193                   { /* end of list */ }
3194               },
3195             },
3196             { /* end of list */ }
3197         }
3198     },
3199     {
3200         .name = "Cooperlake",
3201         .level = 0xd,
3202         .vendor = CPUID_VENDOR_INTEL,
3203         .family = 6,
3204         .model = 85,
3205         .stepping = 10,
3206         .features[FEAT_1_EDX] =
3207             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3208             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3209             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3210             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3211             CPUID_DE | CPUID_FP87,
3212         .features[FEAT_1_ECX] =
3213             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
3214             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
3215             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
3216             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
3217             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
3218             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
3219         .features[FEAT_8000_0001_EDX] =
3220             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
3221             CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
3222         .features[FEAT_8000_0001_ECX] =
3223             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
3224         .features[FEAT_7_0_EBX] =
3225             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
3226             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
3227             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
3228             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
3229             CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLWB |
3230             CPUID_7_0_EBX_AVX512F | CPUID_7_0_EBX_AVX512DQ |
3231             CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512CD |
3232             CPUID_7_0_EBX_AVX512VL | CPUID_7_0_EBX_CLFLUSHOPT,
3233         .features[FEAT_7_0_ECX] =
3234             CPUID_7_0_ECX_PKU |
3235             CPUID_7_0_ECX_AVX512VNNI,
3236         .features[FEAT_7_0_EDX] =
3237             CPUID_7_0_EDX_SPEC_CTRL | CPUID_7_0_EDX_STIBP |
3238             CPUID_7_0_EDX_SPEC_CTRL_SSBD | CPUID_7_0_EDX_ARCH_CAPABILITIES,
3239         .features[FEAT_ARCH_CAPABILITIES] =
3240             MSR_ARCH_CAP_RDCL_NO | MSR_ARCH_CAP_IBRS_ALL |
3241             MSR_ARCH_CAP_SKIP_L1DFL_VMENTRY | MSR_ARCH_CAP_MDS_NO |
3242             MSR_ARCH_CAP_PSCHANGE_MC_NO | MSR_ARCH_CAP_TAA_NO,
3243         .features[FEAT_7_1_EAX] =
3244             CPUID_7_1_EAX_AVX512_BF16,
3245         /* XSAVES is added in version 2 */
3246         .features[FEAT_XSAVE] =
3247             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
3248             CPUID_XSAVE_XGETBV1,
3249         .features[FEAT_6_EAX] =
3250             CPUID_6_EAX_ARAT,
3251         /* Missing: Mode-based execute control (XS/XU), processor tracing, TSC scaling */
3252         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
3253              MSR_VMX_BASIC_TRUE_CTLS,
3254         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
3255              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
3256              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
3257         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
3258              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
3259              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
3260              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3261              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3262              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3263              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
3264         .features[FEAT_VMX_EXIT_CTLS] =
3265              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3266              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3267              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
3268              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3269              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3270         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
3271              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
3272         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
3273              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
3274              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
3275         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3276              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3277              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3278              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3279              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3280              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3281              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3282              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3283              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3284              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3285              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3286              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3287         .features[FEAT_VMX_SECONDARY_CTLS] =
3288              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3289              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3290              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3291              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3292              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3293              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
3294              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
3295              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3296              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
3297              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
3298         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
3299         .xlevel = 0x80000008,
3300         .model_id = "Intel Xeon Processor (Cooperlake)",
3301         .versions = (X86CPUVersionDefinition[]) {
3302             { .version = 1 },
3303             { .version = 2,
3304               .note = "XSAVES",
3305               .props = (PropValue[]) {
3306                   { "xsaves", "on" },
3307                   { "vmx-xsaves", "on" },
3308                   { /* end of list */ }
3309               },
3310             },
3311             { /* end of list */ }
3312         }
3313     },
3314     {
3315         .name = "Icelake-Server",
3316         .level = 0xd,
3317         .vendor = CPUID_VENDOR_INTEL,
3318         .family = 6,
3319         .model = 134,
3320         .stepping = 0,
3321         .features[FEAT_1_EDX] =
3322             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3323             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3324             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3325             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3326             CPUID_DE | CPUID_FP87,
3327         .features[FEAT_1_ECX] =
3328             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
3329             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
3330             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
3331             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
3332             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
3333             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
3334         .features[FEAT_8000_0001_EDX] =
3335             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
3336             CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
3337         .features[FEAT_8000_0001_ECX] =
3338             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
3339         .features[FEAT_8000_0008_EBX] =
3340             CPUID_8000_0008_EBX_WBNOINVD,
3341         .features[FEAT_7_0_EBX] =
3342             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
3343             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
3344             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
3345             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
3346             CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLWB |
3347             CPUID_7_0_EBX_AVX512F | CPUID_7_0_EBX_AVX512DQ |
3348             CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512CD |
3349             CPUID_7_0_EBX_AVX512VL | CPUID_7_0_EBX_CLFLUSHOPT,
3350         .features[FEAT_7_0_ECX] =
3351             CPUID_7_0_ECX_AVX512_VBMI | CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_PKU |
3352             CPUID_7_0_ECX_AVX512_VBMI2 | CPUID_7_0_ECX_GFNI |
3353             CPUID_7_0_ECX_VAES | CPUID_7_0_ECX_VPCLMULQDQ |
3354             CPUID_7_0_ECX_AVX512VNNI | CPUID_7_0_ECX_AVX512BITALG |
3355             CPUID_7_0_ECX_AVX512_VPOPCNTDQ | CPUID_7_0_ECX_LA57,
3356         .features[FEAT_7_0_EDX] =
3357             CPUID_7_0_EDX_SPEC_CTRL | CPUID_7_0_EDX_SPEC_CTRL_SSBD,
3358         /* XSAVES is added in version 5 */
3359         .features[FEAT_XSAVE] =
3360             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
3361             CPUID_XSAVE_XGETBV1,
3362         .features[FEAT_6_EAX] =
3363             CPUID_6_EAX_ARAT,
3364         /* Missing: Mode-based execute control (XS/XU), processor tracing, TSC scaling */
3365         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
3366              MSR_VMX_BASIC_TRUE_CTLS,
3367         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
3368              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
3369              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
3370         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
3371              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
3372              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
3373              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3374              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3375              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3376              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
3377         .features[FEAT_VMX_EXIT_CTLS] =
3378              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3379              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3380              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
3381              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3382              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3383         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
3384              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
3385         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
3386              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
3387              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
3388         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3389              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3390              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3391              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3392              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3393              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3394              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3395              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3396              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3397              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3398              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3399              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3400         .features[FEAT_VMX_SECONDARY_CTLS] =
3401              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3402              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3403              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3404              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3405              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3406              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
3407              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
3408              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3409              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS,
3410         .xlevel = 0x80000008,
3411         .model_id = "Intel Xeon Processor (Icelake)",
3412         .versions = (X86CPUVersionDefinition[]) {
3413             { .version = 1 },
3414             {
3415                 .version = 2,
3416                 .note = "no TSX",
3417                 .alias = "Icelake-Server-noTSX",
3418                 .props = (PropValue[]) {
3419                     { "hle", "off" },
3420                     { "rtm", "off" },
3421                     { /* end of list */ }
3422                 },
3423             },
3424             {
3425                 .version = 3,
3426                 .props = (PropValue[]) {
3427                     { "arch-capabilities", "on" },
3428                     { "rdctl-no", "on" },
3429                     { "ibrs-all", "on" },
3430                     { "skip-l1dfl-vmentry", "on" },
3431                     { "mds-no", "on" },
3432                     { "pschange-mc-no", "on" },
3433                     { "taa-no", "on" },
3434                     { /* end of list */ }
3435                 },
3436             },
3437             {
3438                 .version = 4,
3439                 .props = (PropValue[]) {
3440                     { "sha-ni", "on" },
3441                     { "avx512ifma", "on" },
3442                     { "rdpid", "on" },
3443                     { "fsrm", "on" },
3444                     { "vmx-rdseed-exit", "on" },
3445                     { "vmx-pml", "on" },
3446                     { "vmx-eptp-switching", "on" },
3447                     { "model", "106" },
3448                     { /* end of list */ }
3449                 },
3450             },
3451             {
3452                 .version = 5,
3453                 .note = "XSAVES",
3454                 .props = (PropValue[]) {
3455                     { "xsaves", "on" },
3456                     { "vmx-xsaves", "on" },
3457                     { /* end of list */ }
3458                 },
3459             },
3460             {
3461                 .version = 6,
3462                 .note = "5-level EPT",
3463                 .props = (PropValue[]) {
3464                     { "vmx-page-walk-5", "on" },
3465                     { /* end of list */ }
3466                 },
3467             },
3468             { /* end of list */ }
3469         }
3470     },
3471     {
3472         .name = "SapphireRapids",
3473         .level = 0x20,
3474         .vendor = CPUID_VENDOR_INTEL,
3475         .family = 6,
3476         .model = 143,
3477         .stepping = 4,
3478         /*
3479          * please keep the ascending order so that we can have a clear view of
3480          * bit position of each feature.
3481          */
3482         .features[FEAT_1_EDX] =
3483             CPUID_FP87 | CPUID_VME | CPUID_DE | CPUID_PSE | CPUID_TSC |
3484             CPUID_MSR | CPUID_PAE | CPUID_MCE | CPUID_CX8 | CPUID_APIC |
3485             CPUID_SEP | CPUID_MTRR | CPUID_PGE | CPUID_MCA | CPUID_CMOV |
3486             CPUID_PAT | CPUID_PSE36 | CPUID_CLFLUSH | CPUID_MMX | CPUID_FXSR |
3487             CPUID_SSE | CPUID_SSE2,
3488         .features[FEAT_1_ECX] =
3489             CPUID_EXT_SSE3 | CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSSE3 |
3490             CPUID_EXT_FMA | CPUID_EXT_CX16 | CPUID_EXT_PCID | CPUID_EXT_SSE41 |
3491             CPUID_EXT_SSE42 | CPUID_EXT_X2APIC | CPUID_EXT_MOVBE |
3492             CPUID_EXT_POPCNT | CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_AES |
3493             CPUID_EXT_XSAVE | CPUID_EXT_AVX | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
3494         .features[FEAT_8000_0001_EDX] =
3495             CPUID_EXT2_SYSCALL | CPUID_EXT2_NX | CPUID_EXT2_PDPE1GB |
3496             CPUID_EXT2_RDTSCP | CPUID_EXT2_LM,
3497         .features[FEAT_8000_0001_ECX] =
3498             CPUID_EXT3_LAHF_LM | CPUID_EXT3_ABM | CPUID_EXT3_3DNOWPREFETCH,
3499         .features[FEAT_8000_0008_EBX] =
3500             CPUID_8000_0008_EBX_WBNOINVD,
3501         .features[FEAT_7_0_EBX] =
3502             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_HLE |
3503             CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 |
3504             CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID | CPUID_7_0_EBX_RTM |
3505             CPUID_7_0_EBX_AVX512F | CPUID_7_0_EBX_AVX512DQ |
3506             CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_SMAP |
3507             CPUID_7_0_EBX_AVX512IFMA | CPUID_7_0_EBX_CLFLUSHOPT |
3508             CPUID_7_0_EBX_CLWB | CPUID_7_0_EBX_AVX512CD | CPUID_7_0_EBX_SHA_NI |
3509             CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512VL,
3510         .features[FEAT_7_0_ECX] =
3511             CPUID_7_0_ECX_AVX512_VBMI | CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_PKU |
3512             CPUID_7_0_ECX_AVX512_VBMI2 | CPUID_7_0_ECX_GFNI |
3513             CPUID_7_0_ECX_VAES | CPUID_7_0_ECX_VPCLMULQDQ |
3514             CPUID_7_0_ECX_AVX512VNNI | CPUID_7_0_ECX_AVX512BITALG |
3515             CPUID_7_0_ECX_AVX512_VPOPCNTDQ | CPUID_7_0_ECX_LA57 |
3516             CPUID_7_0_ECX_RDPID | CPUID_7_0_ECX_BUS_LOCK_DETECT,
3517         .features[FEAT_7_0_EDX] =
3518             CPUID_7_0_EDX_FSRM | CPUID_7_0_EDX_SERIALIZE |
3519             CPUID_7_0_EDX_TSX_LDTRK | CPUID_7_0_EDX_AMX_BF16 |
3520             CPUID_7_0_EDX_AVX512_FP16 | CPUID_7_0_EDX_AMX_TILE |
3521             CPUID_7_0_EDX_AMX_INT8 | CPUID_7_0_EDX_SPEC_CTRL |
3522             CPUID_7_0_EDX_ARCH_CAPABILITIES | CPUID_7_0_EDX_SPEC_CTRL_SSBD,
3523         .features[FEAT_ARCH_CAPABILITIES] =
3524             MSR_ARCH_CAP_RDCL_NO | MSR_ARCH_CAP_IBRS_ALL |
3525             MSR_ARCH_CAP_SKIP_L1DFL_VMENTRY | MSR_ARCH_CAP_MDS_NO |
3526             MSR_ARCH_CAP_PSCHANGE_MC_NO | MSR_ARCH_CAP_TAA_NO,
3527         .features[FEAT_XSAVE] =
3528             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
3529             CPUID_XSAVE_XGETBV1 | CPUID_XSAVE_XSAVES | CPUID_D_1_EAX_XFD,
3530         .features[FEAT_6_EAX] =
3531             CPUID_6_EAX_ARAT,
3532         .features[FEAT_7_1_EAX] =
3533             CPUID_7_1_EAX_AVX_VNNI | CPUID_7_1_EAX_AVX512_BF16 |
3534             CPUID_7_1_EAX_FZRM | CPUID_7_1_EAX_FSRS | CPUID_7_1_EAX_FSRC,
3535         .features[FEAT_VMX_BASIC] =
3536             MSR_VMX_BASIC_INS_OUTS | MSR_VMX_BASIC_TRUE_CTLS,
3537         .features[FEAT_VMX_ENTRY_CTLS] =
3538             VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_IA32E_MODE |
3539             VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL |
3540             VMX_VM_ENTRY_LOAD_IA32_PAT | VMX_VM_ENTRY_LOAD_IA32_EFER,
3541         .features[FEAT_VMX_EPT_VPID_CAPS] =
3542             MSR_VMX_EPT_EXECONLY |
3543             MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_PAGE_WALK_LENGTH_5 |
3544             MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB | MSR_VMX_EPT_1GB |
3545             MSR_VMX_EPT_INVEPT | MSR_VMX_EPT_AD_BITS |
3546             MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3547             MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3548             MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT |
3549             MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3550             MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS,
3551         .features[FEAT_VMX_EXIT_CTLS] =
3552             VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3553             VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3554             VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_IA32_PAT |
3555             VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3556             VMX_VM_EXIT_LOAD_IA32_EFER | VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3557         .features[FEAT_VMX_MISC] =
3558             MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_ACTIVITY_HLT |
3559             MSR_VMX_MISC_VMWRITE_VMEXIT,
3560         .features[FEAT_VMX_PINBASED_CTLS] =
3561             VMX_PIN_BASED_EXT_INTR_MASK | VMX_PIN_BASED_NMI_EXITING |
3562             VMX_PIN_BASED_VIRTUAL_NMIS | VMX_PIN_BASED_VMX_PREEMPTION_TIMER |
3563             VMX_PIN_BASED_POSTED_INTR,
3564         .features[FEAT_VMX_PROCBASED_CTLS] =
3565             VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3566             VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3567             VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3568             VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3569             VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3570             VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3571             VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_VIRTUAL_NMI_PENDING |
3572             VMX_CPU_BASED_MOV_DR_EXITING | VMX_CPU_BASED_UNCOND_IO_EXITING |
3573             VMX_CPU_BASED_USE_IO_BITMAPS | VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3574             VMX_CPU_BASED_USE_MSR_BITMAPS | VMX_CPU_BASED_MONITOR_EXITING |
3575             VMX_CPU_BASED_PAUSE_EXITING |
3576             VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3577         .features[FEAT_VMX_SECONDARY_CTLS] =
3578             VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3579             VMX_SECONDARY_EXEC_ENABLE_EPT | VMX_SECONDARY_EXEC_DESC |
3580             VMX_SECONDARY_EXEC_RDTSCP |
3581             VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3582             VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_WBINVD_EXITING |
3583             VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3584             VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
3585             VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
3586             VMX_SECONDARY_EXEC_RDRAND_EXITING |
3587             VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3588             VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
3589             VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML |
3590             VMX_SECONDARY_EXEC_XSAVES,
3591         .features[FEAT_VMX_VMFUNC] =
3592             MSR_VMX_VMFUNC_EPT_SWITCHING,
3593         .xlevel = 0x80000008,
3594         .model_id = "Intel Xeon Processor (SapphireRapids)",
3595         .versions = (X86CPUVersionDefinition[]) {
3596             { .version = 1 },
3597             { /* end of list */ },
3598         },
3599     },
3600     {
3601         .name = "Denverton",
3602         .level = 21,
3603         .vendor = CPUID_VENDOR_INTEL,
3604         .family = 6,
3605         .model = 95,
3606         .stepping = 1,
3607         .features[FEAT_1_EDX] =
3608             CPUID_FP87 | CPUID_VME | CPUID_DE | CPUID_PSE | CPUID_TSC |
3609             CPUID_MSR | CPUID_PAE | CPUID_MCE | CPUID_CX8 | CPUID_APIC |
3610             CPUID_SEP | CPUID_MTRR | CPUID_PGE | CPUID_MCA | CPUID_CMOV |
3611             CPUID_PAT | CPUID_PSE36 | CPUID_CLFLUSH | CPUID_MMX | CPUID_FXSR |
3612             CPUID_SSE | CPUID_SSE2,
3613         .features[FEAT_1_ECX] =
3614             CPUID_EXT_SSE3 | CPUID_EXT_PCLMULQDQ | CPUID_EXT_MONITOR |
3615             CPUID_EXT_SSSE3 | CPUID_EXT_CX16 | CPUID_EXT_SSE41 |
3616             CPUID_EXT_SSE42 | CPUID_EXT_X2APIC | CPUID_EXT_MOVBE |
3617             CPUID_EXT_POPCNT | CPUID_EXT_TSC_DEADLINE_TIMER |
3618             CPUID_EXT_AES | CPUID_EXT_XSAVE | CPUID_EXT_RDRAND,
3619         .features[FEAT_8000_0001_EDX] =
3620             CPUID_EXT2_SYSCALL | CPUID_EXT2_NX | CPUID_EXT2_PDPE1GB |
3621             CPUID_EXT2_RDTSCP | CPUID_EXT2_LM,
3622         .features[FEAT_8000_0001_ECX] =
3623             CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
3624         .features[FEAT_7_0_EBX] =
3625             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_ERMS |
3626             CPUID_7_0_EBX_MPX | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_SMAP |
3627             CPUID_7_0_EBX_CLFLUSHOPT | CPUID_7_0_EBX_SHA_NI,
3628         .features[FEAT_7_0_EDX] =
3629             CPUID_7_0_EDX_SPEC_CTRL | CPUID_7_0_EDX_ARCH_CAPABILITIES |
3630             CPUID_7_0_EDX_SPEC_CTRL_SSBD,
3631         /* XSAVES is added in version 3 */
3632         .features[FEAT_XSAVE] =
3633             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC | CPUID_XSAVE_XGETBV1,
3634         .features[FEAT_6_EAX] =
3635             CPUID_6_EAX_ARAT,
3636         .features[FEAT_ARCH_CAPABILITIES] =
3637             MSR_ARCH_CAP_RDCL_NO | MSR_ARCH_CAP_SKIP_L1DFL_VMENTRY,
3638         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
3639              MSR_VMX_BASIC_TRUE_CTLS,
3640         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
3641              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
3642              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
3643         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
3644              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
3645              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
3646              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3647              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3648              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3649              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
3650         .features[FEAT_VMX_EXIT_CTLS] =
3651              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3652              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3653              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
3654              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3655              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3656         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
3657              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
3658         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
3659              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
3660              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
3661         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3662              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3663              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3664              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3665              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3666              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3667              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3668              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3669              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3670              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3671              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3672              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3673         .features[FEAT_VMX_SECONDARY_CTLS] =
3674              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3675              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3676              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3677              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3678              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3679              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
3680              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
3681              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3682              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
3683              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
3684         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
3685         .xlevel = 0x80000008,
3686         .model_id = "Intel Atom Processor (Denverton)",
3687         .versions = (X86CPUVersionDefinition[]) {
3688             { .version = 1 },
3689             {
3690                 .version = 2,
3691                 .note = "no MPX, no MONITOR",
3692                 .props = (PropValue[]) {
3693                     { "monitor", "off" },
3694                     { "mpx", "off" },
3695                     { /* end of list */ },
3696                 },
3697             },
3698             {
3699                 .version = 3,
3700                 .note = "XSAVES, no MPX, no MONITOR",
3701                 .props = (PropValue[]) {
3702                     { "xsaves", "on" },
3703                     { "vmx-xsaves", "on" },
3704                     { /* end of list */ },
3705                 },
3706             },
3707             { /* end of list */ },
3708         },
3709     },
3710     {
3711         .name = "Snowridge",
3712         .level = 27,
3713         .vendor = CPUID_VENDOR_INTEL,
3714         .family = 6,
3715         .model = 134,
3716         .stepping = 1,
3717         .features[FEAT_1_EDX] =
3718             /* missing: CPUID_PN CPUID_IA64 */
3719             /* missing: CPUID_DTS, CPUID_HT, CPUID_TM, CPUID_PBE */
3720             CPUID_FP87 | CPUID_VME | CPUID_DE | CPUID_PSE |
3721             CPUID_TSC | CPUID_MSR | CPUID_PAE | CPUID_MCE |
3722             CPUID_CX8 | CPUID_APIC | CPUID_SEP |
3723             CPUID_MTRR | CPUID_PGE | CPUID_MCA | CPUID_CMOV |
3724             CPUID_PAT | CPUID_PSE36 | CPUID_CLFLUSH |
3725             CPUID_MMX |
3726             CPUID_FXSR | CPUID_SSE | CPUID_SSE2,
3727         .features[FEAT_1_ECX] =
3728             CPUID_EXT_SSE3 | CPUID_EXT_PCLMULQDQ | CPUID_EXT_MONITOR |
3729             CPUID_EXT_SSSE3 |
3730             CPUID_EXT_CX16 |
3731             CPUID_EXT_SSE41 |
3732             CPUID_EXT_SSE42 | CPUID_EXT_X2APIC | CPUID_EXT_MOVBE |
3733             CPUID_EXT_POPCNT |
3734             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_AES | CPUID_EXT_XSAVE |
3735             CPUID_EXT_RDRAND,
3736         .features[FEAT_8000_0001_EDX] =
3737             CPUID_EXT2_SYSCALL |
3738             CPUID_EXT2_NX |
3739             CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
3740             CPUID_EXT2_LM,
3741         .features[FEAT_8000_0001_ECX] =
3742             CPUID_EXT3_LAHF_LM |
3743             CPUID_EXT3_3DNOWPREFETCH,
3744         .features[FEAT_7_0_EBX] =
3745             CPUID_7_0_EBX_FSGSBASE |
3746             CPUID_7_0_EBX_SMEP |
3747             CPUID_7_0_EBX_ERMS |
3748             CPUID_7_0_EBX_MPX |  /* missing bits 13, 15 */
3749             CPUID_7_0_EBX_RDSEED |
3750             CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLFLUSHOPT |
3751             CPUID_7_0_EBX_CLWB |
3752             CPUID_7_0_EBX_SHA_NI,
3753         .features[FEAT_7_0_ECX] =
3754             CPUID_7_0_ECX_UMIP |
3755             /* missing bit 5 */
3756             CPUID_7_0_ECX_GFNI |
3757             CPUID_7_0_ECX_MOVDIRI | CPUID_7_0_ECX_CLDEMOTE |
3758             CPUID_7_0_ECX_MOVDIR64B,
3759         .features[FEAT_7_0_EDX] =
3760             CPUID_7_0_EDX_SPEC_CTRL |
3761             CPUID_7_0_EDX_ARCH_CAPABILITIES | CPUID_7_0_EDX_SPEC_CTRL_SSBD |
3762             CPUID_7_0_EDX_CORE_CAPABILITY,
3763         .features[FEAT_CORE_CAPABILITY] =
3764             MSR_CORE_CAP_SPLIT_LOCK_DETECT,
3765         /* XSAVES is added in version 3 */
3766         .features[FEAT_XSAVE] =
3767             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
3768             CPUID_XSAVE_XGETBV1,
3769         .features[FEAT_6_EAX] =
3770             CPUID_6_EAX_ARAT,
3771         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
3772              MSR_VMX_BASIC_TRUE_CTLS,
3773         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
3774              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
3775              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
3776         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
3777              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
3778              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
3779              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3780              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3781              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3782              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
3783         .features[FEAT_VMX_EXIT_CTLS] =
3784              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3785              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3786              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
3787              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3788              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3789         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
3790              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
3791         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
3792              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
3793              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
3794         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3795              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3796              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3797              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3798              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3799              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3800              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3801              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3802              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3803              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3804              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3805              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3806         .features[FEAT_VMX_SECONDARY_CTLS] =
3807              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3808              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3809              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3810              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3811              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3812              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
3813              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
3814              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3815              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
3816              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
3817         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
3818         .xlevel = 0x80000008,
3819         .model_id = "Intel Atom Processor (SnowRidge)",
3820         .versions = (X86CPUVersionDefinition[]) {
3821             { .version = 1 },
3822             {
3823                 .version = 2,
3824                 .props = (PropValue[]) {
3825                     { "mpx", "off" },
3826                     { "model-id", "Intel Atom Processor (Snowridge, no MPX)" },
3827                     { /* end of list */ },
3828                 },
3829             },
3830             {
3831                 .version = 3,
3832                 .note = "XSAVES, no MPX",
3833                 .props = (PropValue[]) {
3834                     { "xsaves", "on" },
3835                     { "vmx-xsaves", "on" },
3836                     { /* end of list */ },
3837                 },
3838             },
3839             {
3840                 .version = 4,
3841                 .note = "no split lock detect, no core-capability",
3842                 .props = (PropValue[]) {
3843                     { "split-lock-detect", "off" },
3844                     { "core-capability", "off" },
3845                     { /* end of list */ },
3846                 },
3847             },
3848             { /* end of list */ },
3849         },
3850     },
3851     {
3852         .name = "KnightsMill",
3853         .level = 0xd,
3854         .vendor = CPUID_VENDOR_INTEL,
3855         .family = 6,
3856         .model = 133,
3857         .stepping = 0,
3858         .features[FEAT_1_EDX] =
3859             CPUID_VME | CPUID_SS | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR |
3860             CPUID_MMX | CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV |
3861             CPUID_MCA | CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC |
3862             CPUID_CX8 | CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC |
3863             CPUID_PSE | CPUID_DE | CPUID_FP87,
3864         .features[FEAT_1_ECX] =
3865             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
3866             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
3867             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
3868             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
3869             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
3870             CPUID_EXT_F16C | CPUID_EXT_RDRAND,
3871         .features[FEAT_8000_0001_EDX] =
3872             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
3873             CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
3874         .features[FEAT_8000_0001_ECX] =
3875             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
3876         .features[FEAT_7_0_EBX] =
3877             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_AVX2 |
3878             CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS |
3879             CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_AVX512F |
3880             CPUID_7_0_EBX_AVX512CD | CPUID_7_0_EBX_AVX512PF |
3881             CPUID_7_0_EBX_AVX512ER,
3882         .features[FEAT_7_0_ECX] =
3883             CPUID_7_0_ECX_AVX512_VPOPCNTDQ,
3884         .features[FEAT_7_0_EDX] =
3885             CPUID_7_0_EDX_AVX512_4VNNIW | CPUID_7_0_EDX_AVX512_4FMAPS,
3886         .features[FEAT_XSAVE] =
3887             CPUID_XSAVE_XSAVEOPT,
3888         .features[FEAT_6_EAX] =
3889             CPUID_6_EAX_ARAT,
3890         .xlevel = 0x80000008,
3891         .model_id = "Intel Xeon Phi Processor (Knights Mill)",
3892     },
3893     {
3894         .name = "Opteron_G1",
3895         .level = 5,
3896         .vendor = CPUID_VENDOR_AMD,
3897         .family = 15,
3898         .model = 6,
3899         .stepping = 1,
3900         .features[FEAT_1_EDX] =
3901             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3902             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3903             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3904             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3905             CPUID_DE | CPUID_FP87,
3906         .features[FEAT_1_ECX] =
3907             CPUID_EXT_SSE3,
3908         .features[FEAT_8000_0001_EDX] =
3909             CPUID_EXT2_LM | CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
3910         .xlevel = 0x80000008,
3911         .model_id = "AMD Opteron 240 (Gen 1 Class Opteron)",
3912     },
3913     {
3914         .name = "Opteron_G2",
3915         .level = 5,
3916         .vendor = CPUID_VENDOR_AMD,
3917         .family = 15,
3918         .model = 6,
3919         .stepping = 1,
3920         .features[FEAT_1_EDX] =
3921             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3922             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3923             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3924             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3925             CPUID_DE | CPUID_FP87,
3926         .features[FEAT_1_ECX] =
3927             CPUID_EXT_CX16 | CPUID_EXT_SSE3,
3928         .features[FEAT_8000_0001_EDX] =
3929             CPUID_EXT2_LM | CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
3930         .features[FEAT_8000_0001_ECX] =
3931             CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM,
3932         .xlevel = 0x80000008,
3933         .model_id = "AMD Opteron 22xx (Gen 2 Class Opteron)",
3934     },
3935     {
3936         .name = "Opteron_G3",
3937         .level = 5,
3938         .vendor = CPUID_VENDOR_AMD,
3939         .family = 16,
3940         .model = 2,
3941         .stepping = 3,
3942         .features[FEAT_1_EDX] =
3943             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3944             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3945             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3946             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3947             CPUID_DE | CPUID_FP87,
3948         .features[FEAT_1_ECX] =
3949             CPUID_EXT_POPCNT | CPUID_EXT_CX16 | CPUID_EXT_MONITOR |
3950             CPUID_EXT_SSE3,
3951         .features[FEAT_8000_0001_EDX] =
3952             CPUID_EXT2_LM | CPUID_EXT2_NX | CPUID_EXT2_SYSCALL |
3953             CPUID_EXT2_RDTSCP,
3954         .features[FEAT_8000_0001_ECX] =
3955             CPUID_EXT3_MISALIGNSSE | CPUID_EXT3_SSE4A |
3956             CPUID_EXT3_ABM | CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM,
3957         .xlevel = 0x80000008,
3958         .model_id = "AMD Opteron 23xx (Gen 3 Class Opteron)",
3959     },
3960     {
3961         .name = "Opteron_G4",
3962         .level = 0xd,
3963         .vendor = CPUID_VENDOR_AMD,
3964         .family = 21,
3965         .model = 1,
3966         .stepping = 2,
3967         .features[FEAT_1_EDX] =
3968             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3969             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3970             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3971             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3972             CPUID_DE | CPUID_FP87,
3973         .features[FEAT_1_ECX] =
3974             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
3975             CPUID_EXT_POPCNT | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
3976             CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | CPUID_EXT_PCLMULQDQ |
3977             CPUID_EXT_SSE3,
3978         .features[FEAT_8000_0001_EDX] =
3979             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_NX |
3980             CPUID_EXT2_SYSCALL | CPUID_EXT2_RDTSCP,
3981         .features[FEAT_8000_0001_ECX] =
3982             CPUID_EXT3_FMA4 | CPUID_EXT3_XOP |
3983             CPUID_EXT3_3DNOWPREFETCH | CPUID_EXT3_MISALIGNSSE |
3984             CPUID_EXT3_SSE4A | CPUID_EXT3_ABM | CPUID_EXT3_SVM |
3985             CPUID_EXT3_LAHF_LM,
3986         .features[FEAT_SVM] =
3987             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE,
3988         /* no xsaveopt! */
3989         .xlevel = 0x8000001A,
3990         .model_id = "AMD Opteron 62xx class CPU",
3991     },
3992     {
3993         .name = "Opteron_G5",
3994         .level = 0xd,
3995         .vendor = CPUID_VENDOR_AMD,
3996         .family = 21,
3997         .model = 2,
3998         .stepping = 0,
3999         .features[FEAT_1_EDX] =
4000             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
4001             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
4002             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
4003             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
4004             CPUID_DE | CPUID_FP87,
4005         .features[FEAT_1_ECX] =
4006             CPUID_EXT_F16C | CPUID_EXT_AVX | CPUID_EXT_XSAVE |
4007             CPUID_EXT_AES | CPUID_EXT_POPCNT | CPUID_EXT_SSE42 |
4008             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_FMA |
4009             CPUID_EXT_SSSE3 | CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3,
4010         .features[FEAT_8000_0001_EDX] =
4011             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_NX |
4012             CPUID_EXT2_SYSCALL | CPUID_EXT2_RDTSCP,
4013         .features[FEAT_8000_0001_ECX] =
4014             CPUID_EXT3_TBM | CPUID_EXT3_FMA4 | CPUID_EXT3_XOP |
4015             CPUID_EXT3_3DNOWPREFETCH | CPUID_EXT3_MISALIGNSSE |
4016             CPUID_EXT3_SSE4A | CPUID_EXT3_ABM | CPUID_EXT3_SVM |
4017             CPUID_EXT3_LAHF_LM,
4018         .features[FEAT_SVM] =
4019             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE,
4020         /* no xsaveopt! */
4021         .xlevel = 0x8000001A,
4022         .model_id = "AMD Opteron 63xx class CPU",
4023     },
4024     {
4025         .name = "EPYC",
4026         .level = 0xd,
4027         .vendor = CPUID_VENDOR_AMD,
4028         .family = 23,
4029         .model = 1,
4030         .stepping = 2,
4031         .features[FEAT_1_EDX] =
4032             CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | CPUID_CLFLUSH |
4033             CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | CPUID_PGE |
4034             CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | CPUID_MCE |
4035             CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | CPUID_DE |
4036             CPUID_VME | CPUID_FP87,
4037         .features[FEAT_1_ECX] =
4038             CPUID_EXT_RDRAND | CPUID_EXT_F16C | CPUID_EXT_AVX |
4039             CPUID_EXT_XSAVE | CPUID_EXT_AES |  CPUID_EXT_POPCNT |
4040             CPUID_EXT_MOVBE | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
4041             CPUID_EXT_CX16 | CPUID_EXT_FMA | CPUID_EXT_SSSE3 |
4042             CPUID_EXT_MONITOR | CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3,
4043         .features[FEAT_8000_0001_EDX] =
4044             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_PDPE1GB |
4045             CPUID_EXT2_FFXSR | CPUID_EXT2_MMXEXT | CPUID_EXT2_NX |
4046             CPUID_EXT2_SYSCALL,
4047         .features[FEAT_8000_0001_ECX] =
4048             CPUID_EXT3_OSVW | CPUID_EXT3_3DNOWPREFETCH |
4049             CPUID_EXT3_MISALIGNSSE | CPUID_EXT3_SSE4A | CPUID_EXT3_ABM |
4050             CPUID_EXT3_CR8LEG | CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM |
4051             CPUID_EXT3_TOPOEXT,
4052         .features[FEAT_7_0_EBX] =
4053             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_AVX2 |
4054             CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_RDSEED |
4055             CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLFLUSHOPT |
4056             CPUID_7_0_EBX_SHA_NI,
4057         .features[FEAT_XSAVE] =
4058             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
4059             CPUID_XSAVE_XGETBV1,
4060         .features[FEAT_6_EAX] =
4061             CPUID_6_EAX_ARAT,
4062         .features[FEAT_SVM] =
4063             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE,
4064         .xlevel = 0x8000001E,
4065         .model_id = "AMD EPYC Processor",
4066         .cache_info = &epyc_cache_info,
4067         .versions = (X86CPUVersionDefinition[]) {
4068             { .version = 1 },
4069             {
4070                 .version = 2,
4071                 .alias = "EPYC-IBPB",
4072                 .props = (PropValue[]) {
4073                     { "ibpb", "on" },
4074                     { "model-id",
4075                       "AMD EPYC Processor (with IBPB)" },
4076                     { /* end of list */ }
4077                 }
4078             },
4079             {
4080                 .version = 3,
4081                 .props = (PropValue[]) {
4082                     { "ibpb", "on" },
4083                     { "perfctr-core", "on" },
4084                     { "clzero", "on" },
4085                     { "xsaveerptr", "on" },
4086                     { "xsaves", "on" },
4087                     { "model-id",
4088                       "AMD EPYC Processor" },
4089                     { /* end of list */ }
4090                 }
4091             },
4092             { /* end of list */ }
4093         }
4094     },
4095     {
4096         .name = "Dhyana",
4097         .level = 0xd,
4098         .vendor = CPUID_VENDOR_HYGON,
4099         .family = 24,
4100         .model = 0,
4101         .stepping = 1,
4102         .features[FEAT_1_EDX] =
4103             CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | CPUID_CLFLUSH |
4104             CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | CPUID_PGE |
4105             CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | CPUID_MCE |
4106             CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | CPUID_DE |
4107             CPUID_VME | CPUID_FP87,
4108         .features[FEAT_1_ECX] =
4109             CPUID_EXT_RDRAND | CPUID_EXT_F16C | CPUID_EXT_AVX |
4110             CPUID_EXT_XSAVE | CPUID_EXT_POPCNT |
4111             CPUID_EXT_MOVBE | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
4112             CPUID_EXT_CX16 | CPUID_EXT_FMA | CPUID_EXT_SSSE3 |
4113             CPUID_EXT_MONITOR | CPUID_EXT_SSE3,
4114         .features[FEAT_8000_0001_EDX] =
4115             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_PDPE1GB |
4116             CPUID_EXT2_FFXSR | CPUID_EXT2_MMXEXT | CPUID_EXT2_NX |
4117             CPUID_EXT2_SYSCALL,
4118         .features[FEAT_8000_0001_ECX] =
4119             CPUID_EXT3_OSVW | CPUID_EXT3_3DNOWPREFETCH |
4120             CPUID_EXT3_MISALIGNSSE | CPUID_EXT3_SSE4A | CPUID_EXT3_ABM |
4121             CPUID_EXT3_CR8LEG | CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM |
4122             CPUID_EXT3_TOPOEXT,
4123         .features[FEAT_8000_0008_EBX] =
4124             CPUID_8000_0008_EBX_IBPB,
4125         .features[FEAT_7_0_EBX] =
4126             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_AVX2 |
4127             CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_RDSEED |
4128             CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLFLUSHOPT,
4129         /* XSAVES is added in version 2 */
4130         .features[FEAT_XSAVE] =
4131             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
4132             CPUID_XSAVE_XGETBV1,
4133         .features[FEAT_6_EAX] =
4134             CPUID_6_EAX_ARAT,
4135         .features[FEAT_SVM] =
4136             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE,
4137         .xlevel = 0x8000001E,
4138         .model_id = "Hygon Dhyana Processor",
4139         .cache_info = &epyc_cache_info,
4140         .versions = (X86CPUVersionDefinition[]) {
4141             { .version = 1 },
4142             { .version = 2,
4143               .note = "XSAVES",
4144               .props = (PropValue[]) {
4145                   { "xsaves", "on" },
4146                   { /* end of list */ }
4147               },
4148             },
4149             { /* end of list */ }
4150         }
4151     },
4152     {
4153         .name = "EPYC-Rome",
4154         .level = 0xd,
4155         .vendor = CPUID_VENDOR_AMD,
4156         .family = 23,
4157         .model = 49,
4158         .stepping = 0,
4159         .features[FEAT_1_EDX] =
4160             CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | CPUID_CLFLUSH |
4161             CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | CPUID_PGE |
4162             CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | CPUID_MCE |
4163             CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | CPUID_DE |
4164             CPUID_VME | CPUID_FP87,
4165         .features[FEAT_1_ECX] =
4166             CPUID_EXT_RDRAND | CPUID_EXT_F16C | CPUID_EXT_AVX |
4167             CPUID_EXT_XSAVE | CPUID_EXT_AES |  CPUID_EXT_POPCNT |
4168             CPUID_EXT_MOVBE | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
4169             CPUID_EXT_CX16 | CPUID_EXT_FMA | CPUID_EXT_SSSE3 |
4170             CPUID_EXT_MONITOR | CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3,
4171         .features[FEAT_8000_0001_EDX] =
4172             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_PDPE1GB |
4173             CPUID_EXT2_FFXSR | CPUID_EXT2_MMXEXT | CPUID_EXT2_NX |
4174             CPUID_EXT2_SYSCALL,
4175         .features[FEAT_8000_0001_ECX] =
4176             CPUID_EXT3_OSVW | CPUID_EXT3_3DNOWPREFETCH |
4177             CPUID_EXT3_MISALIGNSSE | CPUID_EXT3_SSE4A | CPUID_EXT3_ABM |
4178             CPUID_EXT3_CR8LEG | CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM |
4179             CPUID_EXT3_TOPOEXT | CPUID_EXT3_PERFCORE,
4180         .features[FEAT_8000_0008_EBX] =
4181             CPUID_8000_0008_EBX_CLZERO | CPUID_8000_0008_EBX_XSAVEERPTR |
4182             CPUID_8000_0008_EBX_WBNOINVD | CPUID_8000_0008_EBX_IBPB |
4183             CPUID_8000_0008_EBX_STIBP,
4184         .features[FEAT_7_0_EBX] =
4185             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_AVX2 |
4186             CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_RDSEED |
4187             CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLFLUSHOPT |
4188             CPUID_7_0_EBX_SHA_NI | CPUID_7_0_EBX_CLWB,
4189         .features[FEAT_7_0_ECX] =
4190             CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_RDPID,
4191         .features[FEAT_XSAVE] =
4192             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
4193             CPUID_XSAVE_XGETBV1 | CPUID_XSAVE_XSAVES,
4194         .features[FEAT_6_EAX] =
4195             CPUID_6_EAX_ARAT,
4196         .features[FEAT_SVM] =
4197             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE,
4198         .xlevel = 0x8000001E,
4199         .model_id = "AMD EPYC-Rome Processor",
4200         .cache_info = &epyc_rome_cache_info,
4201         .versions = (X86CPUVersionDefinition[]) {
4202             { .version = 1 },
4203             {
4204                 .version = 2,
4205                 .props = (PropValue[]) {
4206                     { "ibrs", "on" },
4207                     { "amd-ssbd", "on" },
4208                     { /* end of list */ }
4209                 }
4210             },
4211             { /* end of list */ }
4212         }
4213     },
4214     {
4215         .name = "EPYC-Milan",
4216         .level = 0xd,
4217         .vendor = CPUID_VENDOR_AMD,
4218         .family = 25,
4219         .model = 1,
4220         .stepping = 1,
4221         .features[FEAT_1_EDX] =
4222             CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | CPUID_CLFLUSH |
4223             CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | CPUID_PGE |
4224             CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | CPUID_MCE |
4225             CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | CPUID_DE |
4226             CPUID_VME | CPUID_FP87,
4227         .features[FEAT_1_ECX] =
4228             CPUID_EXT_RDRAND | CPUID_EXT_F16C | CPUID_EXT_AVX |
4229             CPUID_EXT_XSAVE | CPUID_EXT_AES |  CPUID_EXT_POPCNT |
4230             CPUID_EXT_MOVBE | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
4231             CPUID_EXT_CX16 | CPUID_EXT_FMA | CPUID_EXT_SSSE3 |
4232             CPUID_EXT_MONITOR | CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
4233             CPUID_EXT_PCID,
4234         .features[FEAT_8000_0001_EDX] =
4235             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_PDPE1GB |
4236             CPUID_EXT2_FFXSR | CPUID_EXT2_MMXEXT | CPUID_EXT2_NX |
4237             CPUID_EXT2_SYSCALL,
4238         .features[FEAT_8000_0001_ECX] =
4239             CPUID_EXT3_OSVW | CPUID_EXT3_3DNOWPREFETCH |
4240             CPUID_EXT3_MISALIGNSSE | CPUID_EXT3_SSE4A | CPUID_EXT3_ABM |
4241             CPUID_EXT3_CR8LEG | CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM |
4242             CPUID_EXT3_TOPOEXT | CPUID_EXT3_PERFCORE,
4243         .features[FEAT_8000_0008_EBX] =
4244             CPUID_8000_0008_EBX_CLZERO | CPUID_8000_0008_EBX_XSAVEERPTR |
4245             CPUID_8000_0008_EBX_WBNOINVD | CPUID_8000_0008_EBX_IBPB |
4246             CPUID_8000_0008_EBX_IBRS | CPUID_8000_0008_EBX_STIBP |
4247             CPUID_8000_0008_EBX_AMD_SSBD,
4248         .features[FEAT_7_0_EBX] =
4249             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_AVX2 |
4250             CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_RDSEED |
4251             CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLFLUSHOPT |
4252             CPUID_7_0_EBX_SHA_NI | CPUID_7_0_EBX_CLWB | CPUID_7_0_EBX_ERMS |
4253             CPUID_7_0_EBX_INVPCID,
4254         .features[FEAT_7_0_ECX] =
4255             CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_RDPID | CPUID_7_0_ECX_PKU,
4256         .features[FEAT_7_0_EDX] =
4257             CPUID_7_0_EDX_FSRM,
4258         .features[FEAT_XSAVE] =
4259             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
4260             CPUID_XSAVE_XGETBV1 | CPUID_XSAVE_XSAVES,
4261         .features[FEAT_6_EAX] =
4262             CPUID_6_EAX_ARAT,
4263         .features[FEAT_SVM] =
4264             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE | CPUID_SVM_SVME_ADDR_CHK,
4265         .xlevel = 0x8000001E,
4266         .model_id = "AMD EPYC-Milan Processor",
4267         .cache_info = &epyc_milan_cache_info,
4268     },
4269 };
4270 
4271 /*
4272  * We resolve CPU model aliases using -v1 when using "-machine
4273  * none", but this is just for compatibility while libvirt isn't
4274  * adapted to resolve CPU model versions before creating VMs.
4275  * See "Runnability guarantee of CPU models" at
4276  * docs/about/deprecated.rst.
4277  */
4278 X86CPUVersion default_cpu_version = 1;
4279 
4280 void x86_cpu_set_default_version(X86CPUVersion version)
4281 {
4282     /* Translating CPU_VERSION_AUTO to CPU_VERSION_AUTO doesn't make sense */
4283     assert(version != CPU_VERSION_AUTO);
4284     default_cpu_version = version;
4285 }
4286 
4287 static X86CPUVersion x86_cpu_model_last_version(const X86CPUModel *model)
4288 {
4289     int v = 0;
4290     const X86CPUVersionDefinition *vdef =
4291         x86_cpu_def_get_versions(model->cpudef);
4292     while (vdef->version) {
4293         v = vdef->version;
4294         vdef++;
4295     }
4296     return v;
4297 }
4298 
4299 /* Return the actual version being used for a specific CPU model */
4300 static X86CPUVersion x86_cpu_model_resolve_version(const X86CPUModel *model)
4301 {
4302     X86CPUVersion v = model->version;
4303     if (v == CPU_VERSION_AUTO) {
4304         v = default_cpu_version;
4305     }
4306     if (v == CPU_VERSION_LATEST) {
4307         return x86_cpu_model_last_version(model);
4308     }
4309     return v;
4310 }
4311 
4312 static Property max_x86_cpu_properties[] = {
4313     DEFINE_PROP_BOOL("migratable", X86CPU, migratable, true),
4314     DEFINE_PROP_BOOL("host-cache-info", X86CPU, cache_info_passthrough, false),
4315     DEFINE_PROP_END_OF_LIST()
4316 };
4317 
4318 static void max_x86_cpu_class_init(ObjectClass *oc, void *data)
4319 {
4320     DeviceClass *dc = DEVICE_CLASS(oc);
4321     X86CPUClass *xcc = X86_CPU_CLASS(oc);
4322 
4323     xcc->ordering = 9;
4324 
4325     xcc->model_description =
4326         "Enables all features supported by the accelerator in the current host";
4327 
4328     device_class_set_props(dc, max_x86_cpu_properties);
4329 }
4330 
4331 static void max_x86_cpu_initfn(Object *obj)
4332 {
4333     X86CPU *cpu = X86_CPU(obj);
4334 
4335     /* We can't fill the features array here because we don't know yet if
4336      * "migratable" is true or false.
4337      */
4338     cpu->max_features = true;
4339     object_property_set_bool(OBJECT(cpu), "pmu", true, &error_abort);
4340 
4341     /*
4342      * these defaults are used for TCG and all other accelerators
4343      * besides KVM and HVF, which overwrite these values
4344      */
4345     object_property_set_str(OBJECT(cpu), "vendor", CPUID_VENDOR_AMD,
4346                             &error_abort);
4347 #ifdef TARGET_X86_64
4348     object_property_set_int(OBJECT(cpu), "family", 15, &error_abort);
4349     object_property_set_int(OBJECT(cpu), "model", 107, &error_abort);
4350     object_property_set_int(OBJECT(cpu), "stepping", 1, &error_abort);
4351 #else
4352     object_property_set_int(OBJECT(cpu), "family", 6, &error_abort);
4353     object_property_set_int(OBJECT(cpu), "model", 6, &error_abort);
4354     object_property_set_int(OBJECT(cpu), "stepping", 3, &error_abort);
4355 #endif
4356     object_property_set_str(OBJECT(cpu), "model-id",
4357                             "QEMU TCG CPU version " QEMU_HW_VERSION,
4358                             &error_abort);
4359 }
4360 
4361 static const TypeInfo max_x86_cpu_type_info = {
4362     .name = X86_CPU_TYPE_NAME("max"),
4363     .parent = TYPE_X86_CPU,
4364     .instance_init = max_x86_cpu_initfn,
4365     .class_init = max_x86_cpu_class_init,
4366 };
4367 
4368 static char *feature_word_description(FeatureWordInfo *f, uint32_t bit)
4369 {
4370     assert(f->type == CPUID_FEATURE_WORD || f->type == MSR_FEATURE_WORD);
4371 
4372     switch (f->type) {
4373     case CPUID_FEATURE_WORD:
4374         {
4375             const char *reg = get_register_name_32(f->cpuid.reg);
4376             assert(reg);
4377             return g_strdup_printf("CPUID.%02XH:%s",
4378                                    f->cpuid.eax, reg);
4379         }
4380     case MSR_FEATURE_WORD:
4381         return g_strdup_printf("MSR(%02XH)",
4382                                f->msr.index);
4383     }
4384 
4385     return NULL;
4386 }
4387 
4388 static bool x86_cpu_have_filtered_features(X86CPU *cpu)
4389 {
4390     FeatureWord w;
4391 
4392     for (w = 0; w < FEATURE_WORDS; w++) {
4393         if (cpu->filtered_features[w]) {
4394             return true;
4395         }
4396     }
4397 
4398     return false;
4399 }
4400 
4401 static void mark_unavailable_features(X86CPU *cpu, FeatureWord w, uint64_t mask,
4402                                       const char *verbose_prefix)
4403 {
4404     CPUX86State *env = &cpu->env;
4405     FeatureWordInfo *f = &feature_word_info[w];
4406     int i;
4407 
4408     if (!cpu->force_features) {
4409         env->features[w] &= ~mask;
4410     }
4411     cpu->filtered_features[w] |= mask;
4412 
4413     if (!verbose_prefix) {
4414         return;
4415     }
4416 
4417     for (i = 0; i < 64; ++i) {
4418         if ((1ULL << i) & mask) {
4419             g_autofree char *feat_word_str = feature_word_description(f, i);
4420             warn_report("%s: %s%s%s [bit %d]",
4421                         verbose_prefix,
4422                         feat_word_str,
4423                         f->feat_names[i] ? "." : "",
4424                         f->feat_names[i] ? f->feat_names[i] : "", i);
4425         }
4426     }
4427 }
4428 
4429 static void x86_cpuid_version_get_family(Object *obj, Visitor *v,
4430                                          const char *name, void *opaque,
4431                                          Error **errp)
4432 {
4433     X86CPU *cpu = X86_CPU(obj);
4434     CPUX86State *env = &cpu->env;
4435     int64_t value;
4436 
4437     value = (env->cpuid_version >> 8) & 0xf;
4438     if (value == 0xf) {
4439         value += (env->cpuid_version >> 20) & 0xff;
4440     }
4441     visit_type_int(v, name, &value, errp);
4442 }
4443 
4444 static void x86_cpuid_version_set_family(Object *obj, Visitor *v,
4445                                          const char *name, void *opaque,
4446                                          Error **errp)
4447 {
4448     X86CPU *cpu = X86_CPU(obj);
4449     CPUX86State *env = &cpu->env;
4450     const int64_t min = 0;
4451     const int64_t max = 0xff + 0xf;
4452     int64_t value;
4453 
4454     if (!visit_type_int(v, name, &value, errp)) {
4455         return;
4456     }
4457     if (value < min || value > max) {
4458         error_setg(errp, QERR_PROPERTY_VALUE_OUT_OF_RANGE, "",
4459                    name ? name : "null", value, min, max);
4460         return;
4461     }
4462 
4463     env->cpuid_version &= ~0xff00f00;
4464     if (value > 0x0f) {
4465         env->cpuid_version |= 0xf00 | ((value - 0x0f) << 20);
4466     } else {
4467         env->cpuid_version |= value << 8;
4468     }
4469 }
4470 
4471 static void x86_cpuid_version_get_model(Object *obj, Visitor *v,
4472                                         const char *name, void *opaque,
4473                                         Error **errp)
4474 {
4475     X86CPU *cpu = X86_CPU(obj);
4476     CPUX86State *env = &cpu->env;
4477     int64_t value;
4478 
4479     value = (env->cpuid_version >> 4) & 0xf;
4480     value |= ((env->cpuid_version >> 16) & 0xf) << 4;
4481     visit_type_int(v, name, &value, errp);
4482 }
4483 
4484 static void x86_cpuid_version_set_model(Object *obj, Visitor *v,
4485                                         const char *name, void *opaque,
4486                                         Error **errp)
4487 {
4488     X86CPU *cpu = X86_CPU(obj);
4489     CPUX86State *env = &cpu->env;
4490     const int64_t min = 0;
4491     const int64_t max = 0xff;
4492     int64_t value;
4493 
4494     if (!visit_type_int(v, name, &value, errp)) {
4495         return;
4496     }
4497     if (value < min || value > max) {
4498         error_setg(errp, QERR_PROPERTY_VALUE_OUT_OF_RANGE, "",
4499                    name ? name : "null", value, min, max);
4500         return;
4501     }
4502 
4503     env->cpuid_version &= ~0xf00f0;
4504     env->cpuid_version |= ((value & 0xf) << 4) | ((value >> 4) << 16);
4505 }
4506 
4507 static void x86_cpuid_version_get_stepping(Object *obj, Visitor *v,
4508                                            const char *name, void *opaque,
4509                                            Error **errp)
4510 {
4511     X86CPU *cpu = X86_CPU(obj);
4512     CPUX86State *env = &cpu->env;
4513     int64_t value;
4514 
4515     value = env->cpuid_version & 0xf;
4516     visit_type_int(v, name, &value, errp);
4517 }
4518 
4519 static void x86_cpuid_version_set_stepping(Object *obj, Visitor *v,
4520                                            const char *name, void *opaque,
4521                                            Error **errp)
4522 {
4523     X86CPU *cpu = X86_CPU(obj);
4524     CPUX86State *env = &cpu->env;
4525     const int64_t min = 0;
4526     const int64_t max = 0xf;
4527     int64_t value;
4528 
4529     if (!visit_type_int(v, name, &value, errp)) {
4530         return;
4531     }
4532     if (value < min || value > max) {
4533         error_setg(errp, QERR_PROPERTY_VALUE_OUT_OF_RANGE, "",
4534                    name ? name : "null", value, min, max);
4535         return;
4536     }
4537 
4538     env->cpuid_version &= ~0xf;
4539     env->cpuid_version |= value & 0xf;
4540 }
4541 
4542 static char *x86_cpuid_get_vendor(Object *obj, Error **errp)
4543 {
4544     X86CPU *cpu = X86_CPU(obj);
4545     CPUX86State *env = &cpu->env;
4546     char *value;
4547 
4548     value = g_malloc(CPUID_VENDOR_SZ + 1);
4549     x86_cpu_vendor_words2str(value, env->cpuid_vendor1, env->cpuid_vendor2,
4550                              env->cpuid_vendor3);
4551     return value;
4552 }
4553 
4554 static void x86_cpuid_set_vendor(Object *obj, const char *value,
4555                                  Error **errp)
4556 {
4557     X86CPU *cpu = X86_CPU(obj);
4558     CPUX86State *env = &cpu->env;
4559     int i;
4560 
4561     if (strlen(value) != CPUID_VENDOR_SZ) {
4562         error_setg(errp, QERR_PROPERTY_VALUE_BAD, "", "vendor", value);
4563         return;
4564     }
4565 
4566     env->cpuid_vendor1 = 0;
4567     env->cpuid_vendor2 = 0;
4568     env->cpuid_vendor3 = 0;
4569     for (i = 0; i < 4; i++) {
4570         env->cpuid_vendor1 |= ((uint8_t)value[i    ]) << (8 * i);
4571         env->cpuid_vendor2 |= ((uint8_t)value[i + 4]) << (8 * i);
4572         env->cpuid_vendor3 |= ((uint8_t)value[i + 8]) << (8 * i);
4573     }
4574 }
4575 
4576 static char *x86_cpuid_get_model_id(Object *obj, Error **errp)
4577 {
4578     X86CPU *cpu = X86_CPU(obj);
4579     CPUX86State *env = &cpu->env;
4580     char *value;
4581     int i;
4582 
4583     value = g_malloc(48 + 1);
4584     for (i = 0; i < 48; i++) {
4585         value[i] = env->cpuid_model[i >> 2] >> (8 * (i & 3));
4586     }
4587     value[48] = '\0';
4588     return value;
4589 }
4590 
4591 static void x86_cpuid_set_model_id(Object *obj, const char *model_id,
4592                                    Error **errp)
4593 {
4594     X86CPU *cpu = X86_CPU(obj);
4595     CPUX86State *env = &cpu->env;
4596     int c, len, i;
4597 
4598     if (model_id == NULL) {
4599         model_id = "";
4600     }
4601     len = strlen(model_id);
4602     memset(env->cpuid_model, 0, 48);
4603     for (i = 0; i < 48; i++) {
4604         if (i >= len) {
4605             c = '\0';
4606         } else {
4607             c = (uint8_t)model_id[i];
4608         }
4609         env->cpuid_model[i >> 2] |= c << (8 * (i & 3));
4610     }
4611 }
4612 
4613 static void x86_cpuid_get_tsc_freq(Object *obj, Visitor *v, const char *name,
4614                                    void *opaque, Error **errp)
4615 {
4616     X86CPU *cpu = X86_CPU(obj);
4617     int64_t value;
4618 
4619     value = cpu->env.tsc_khz * 1000;
4620     visit_type_int(v, name, &value, errp);
4621 }
4622 
4623 static void x86_cpuid_set_tsc_freq(Object *obj, Visitor *v, const char *name,
4624                                    void *opaque, Error **errp)
4625 {
4626     X86CPU *cpu = X86_CPU(obj);
4627     const int64_t min = 0;
4628     const int64_t max = INT64_MAX;
4629     int64_t value;
4630 
4631     if (!visit_type_int(v, name, &value, errp)) {
4632         return;
4633     }
4634     if (value < min || value > max) {
4635         error_setg(errp, QERR_PROPERTY_VALUE_OUT_OF_RANGE, "",
4636                    name ? name : "null", value, min, max);
4637         return;
4638     }
4639 
4640     cpu->env.tsc_khz = cpu->env.user_tsc_khz = value / 1000;
4641 }
4642 
4643 /* Generic getter for "feature-words" and "filtered-features" properties */
4644 static void x86_cpu_get_feature_words(Object *obj, Visitor *v,
4645                                       const char *name, void *opaque,
4646                                       Error **errp)
4647 {
4648     uint64_t *array = (uint64_t *)opaque;
4649     FeatureWord w;
4650     X86CPUFeatureWordInfo word_infos[FEATURE_WORDS] = { };
4651     X86CPUFeatureWordInfoList list_entries[FEATURE_WORDS] = { };
4652     X86CPUFeatureWordInfoList *list = NULL;
4653 
4654     for (w = 0; w < FEATURE_WORDS; w++) {
4655         FeatureWordInfo *wi = &feature_word_info[w];
4656         /*
4657                 * We didn't have MSR features when "feature-words" was
4658                 *  introduced. Therefore skipped other type entries.
4659                 */
4660         if (wi->type != CPUID_FEATURE_WORD) {
4661             continue;
4662         }
4663         X86CPUFeatureWordInfo *qwi = &word_infos[w];
4664         qwi->cpuid_input_eax = wi->cpuid.eax;
4665         qwi->has_cpuid_input_ecx = wi->cpuid.needs_ecx;
4666         qwi->cpuid_input_ecx = wi->cpuid.ecx;
4667         qwi->cpuid_register = x86_reg_info_32[wi->cpuid.reg].qapi_enum;
4668         qwi->features = array[w];
4669 
4670         /* List will be in reverse order, but order shouldn't matter */
4671         list_entries[w].next = list;
4672         list_entries[w].value = &word_infos[w];
4673         list = &list_entries[w];
4674     }
4675 
4676     visit_type_X86CPUFeatureWordInfoList(v, "feature-words", &list, errp);
4677 }
4678 
4679 /* Convert all '_' in a feature string option name to '-', to make feature
4680  * name conform to QOM property naming rule, which uses '-' instead of '_'.
4681  */
4682 static inline void feat2prop(char *s)
4683 {
4684     while ((s = strchr(s, '_'))) {
4685         *s = '-';
4686     }
4687 }
4688 
4689 /* Return the feature property name for a feature flag bit */
4690 static const char *x86_cpu_feature_name(FeatureWord w, int bitnr)
4691 {
4692     const char *name;
4693     /* XSAVE components are automatically enabled by other features,
4694      * so return the original feature name instead
4695      */
4696     if (w == FEAT_XSAVE_XCR0_LO || w == FEAT_XSAVE_XCR0_HI) {
4697         int comp = (w == FEAT_XSAVE_XCR0_HI) ? bitnr + 32 : bitnr;
4698 
4699         if (comp < ARRAY_SIZE(x86_ext_save_areas) &&
4700             x86_ext_save_areas[comp].bits) {
4701             w = x86_ext_save_areas[comp].feature;
4702             bitnr = ctz32(x86_ext_save_areas[comp].bits);
4703         }
4704     }
4705 
4706     assert(bitnr < 64);
4707     assert(w < FEATURE_WORDS);
4708     name = feature_word_info[w].feat_names[bitnr];
4709     assert(bitnr < 32 || !(name && feature_word_info[w].type == CPUID_FEATURE_WORD));
4710     return name;
4711 }
4712 
4713 /* Compatibily hack to maintain legacy +-feat semantic,
4714  * where +-feat overwrites any feature set by
4715  * feat=on|feat even if the later is parsed after +-feat
4716  * (i.e. "-x2apic,x2apic=on" will result in x2apic disabled)
4717  */
4718 static GList *plus_features, *minus_features;
4719 
4720 static gint compare_string(gconstpointer a, gconstpointer b)
4721 {
4722     return g_strcmp0(a, b);
4723 }
4724 
4725 /* Parse "+feature,-feature,feature=foo" CPU feature string
4726  */
4727 static void x86_cpu_parse_featurestr(const char *typename, char *features,
4728                                      Error **errp)
4729 {
4730     char *featurestr; /* Single 'key=value" string being parsed */
4731     static bool cpu_globals_initialized;
4732     bool ambiguous = false;
4733 
4734     if (cpu_globals_initialized) {
4735         return;
4736     }
4737     cpu_globals_initialized = true;
4738 
4739     if (!features) {
4740         return;
4741     }
4742 
4743     for (featurestr = strtok(features, ",");
4744          featurestr;
4745          featurestr = strtok(NULL, ",")) {
4746         const char *name;
4747         const char *val = NULL;
4748         char *eq = NULL;
4749         char num[32];
4750         GlobalProperty *prop;
4751 
4752         /* Compatibility syntax: */
4753         if (featurestr[0] == '+') {
4754             plus_features = g_list_append(plus_features,
4755                                           g_strdup(featurestr + 1));
4756             continue;
4757         } else if (featurestr[0] == '-') {
4758             minus_features = g_list_append(minus_features,
4759                                            g_strdup(featurestr + 1));
4760             continue;
4761         }
4762 
4763         eq = strchr(featurestr, '=');
4764         if (eq) {
4765             *eq++ = 0;
4766             val = eq;
4767         } else {
4768             val = "on";
4769         }
4770 
4771         feat2prop(featurestr);
4772         name = featurestr;
4773 
4774         if (g_list_find_custom(plus_features, name, compare_string)) {
4775             warn_report("Ambiguous CPU model string. "
4776                         "Don't mix both \"+%s\" and \"%s=%s\"",
4777                         name, name, val);
4778             ambiguous = true;
4779         }
4780         if (g_list_find_custom(minus_features, name, compare_string)) {
4781             warn_report("Ambiguous CPU model string. "
4782                         "Don't mix both \"-%s\" and \"%s=%s\"",
4783                         name, name, val);
4784             ambiguous = true;
4785         }
4786 
4787         /* Special case: */
4788         if (!strcmp(name, "tsc-freq")) {
4789             int ret;
4790             uint64_t tsc_freq;
4791 
4792             ret = qemu_strtosz_metric(val, NULL, &tsc_freq);
4793             if (ret < 0 || tsc_freq > INT64_MAX) {
4794                 error_setg(errp, "bad numerical value %s", val);
4795                 return;
4796             }
4797             snprintf(num, sizeof(num), "%" PRId64, tsc_freq);
4798             val = num;
4799             name = "tsc-frequency";
4800         }
4801 
4802         prop = g_new0(typeof(*prop), 1);
4803         prop->driver = typename;
4804         prop->property = g_strdup(name);
4805         prop->value = g_strdup(val);
4806         qdev_prop_register_global(prop);
4807     }
4808 
4809     if (ambiguous) {
4810         warn_report("Compatibility of ambiguous CPU model "
4811                     "strings won't be kept on future QEMU versions");
4812     }
4813 }
4814 
4815 static void x86_cpu_filter_features(X86CPU *cpu, bool verbose);
4816 
4817 /* Build a list with the name of all features on a feature word array */
4818 static void x86_cpu_list_feature_names(FeatureWordArray features,
4819                                        strList **list)
4820 {
4821     strList **tail = list;
4822     FeatureWord w;
4823 
4824     for (w = 0; w < FEATURE_WORDS; w++) {
4825         uint64_t filtered = features[w];
4826         int i;
4827         for (i = 0; i < 64; i++) {
4828             if (filtered & (1ULL << i)) {
4829                 QAPI_LIST_APPEND(tail, g_strdup(x86_cpu_feature_name(w, i)));
4830             }
4831         }
4832     }
4833 }
4834 
4835 static void x86_cpu_get_unavailable_features(Object *obj, Visitor *v,
4836                                              const char *name, void *opaque,
4837                                              Error **errp)
4838 {
4839     X86CPU *xc = X86_CPU(obj);
4840     strList *result = NULL;
4841 
4842     x86_cpu_list_feature_names(xc->filtered_features, &result);
4843     visit_type_strList(v, "unavailable-features", &result, errp);
4844 }
4845 
4846 /* Print all cpuid feature names in featureset
4847  */
4848 static void listflags(GList *features)
4849 {
4850     size_t len = 0;
4851     GList *tmp;
4852 
4853     for (tmp = features; tmp; tmp = tmp->next) {
4854         const char *name = tmp->data;
4855         if ((len + strlen(name) + 1) >= 75) {
4856             qemu_printf("\n");
4857             len = 0;
4858         }
4859         qemu_printf("%s%s", len == 0 ? "  " : " ", name);
4860         len += strlen(name) + 1;
4861     }
4862     qemu_printf("\n");
4863 }
4864 
4865 /* Sort alphabetically by type name, respecting X86CPUClass::ordering. */
4866 static gint x86_cpu_list_compare(gconstpointer a, gconstpointer b)
4867 {
4868     ObjectClass *class_a = (ObjectClass *)a;
4869     ObjectClass *class_b = (ObjectClass *)b;
4870     X86CPUClass *cc_a = X86_CPU_CLASS(class_a);
4871     X86CPUClass *cc_b = X86_CPU_CLASS(class_b);
4872     int ret;
4873 
4874     if (cc_a->ordering != cc_b->ordering) {
4875         ret = cc_a->ordering - cc_b->ordering;
4876     } else {
4877         g_autofree char *name_a = x86_cpu_class_get_model_name(cc_a);
4878         g_autofree char *name_b = x86_cpu_class_get_model_name(cc_b);
4879         ret = strcmp(name_a, name_b);
4880     }
4881     return ret;
4882 }
4883 
4884 static GSList *get_sorted_cpu_model_list(void)
4885 {
4886     GSList *list = object_class_get_list(TYPE_X86_CPU, false);
4887     list = g_slist_sort(list, x86_cpu_list_compare);
4888     return list;
4889 }
4890 
4891 static char *x86_cpu_class_get_model_id(X86CPUClass *xc)
4892 {
4893     Object *obj = object_new_with_class(OBJECT_CLASS(xc));
4894     char *r = object_property_get_str(obj, "model-id", &error_abort);
4895     object_unref(obj);
4896     return r;
4897 }
4898 
4899 static char *x86_cpu_class_get_alias_of(X86CPUClass *cc)
4900 {
4901     X86CPUVersion version;
4902 
4903     if (!cc->model || !cc->model->is_alias) {
4904         return NULL;
4905     }
4906     version = x86_cpu_model_resolve_version(cc->model);
4907     if (version <= 0) {
4908         return NULL;
4909     }
4910     return x86_cpu_versioned_model_name(cc->model->cpudef, version);
4911 }
4912 
4913 static void x86_cpu_list_entry(gpointer data, gpointer user_data)
4914 {
4915     ObjectClass *oc = data;
4916     X86CPUClass *cc = X86_CPU_CLASS(oc);
4917     g_autofree char *name = x86_cpu_class_get_model_name(cc);
4918     g_autofree char *desc = g_strdup(cc->model_description);
4919     g_autofree char *alias_of = x86_cpu_class_get_alias_of(cc);
4920     g_autofree char *model_id = x86_cpu_class_get_model_id(cc);
4921 
4922     if (!desc && alias_of) {
4923         if (cc->model && cc->model->version == CPU_VERSION_AUTO) {
4924             desc = g_strdup("(alias configured by machine type)");
4925         } else {
4926             desc = g_strdup_printf("(alias of %s)", alias_of);
4927         }
4928     }
4929     if (!desc && cc->model && cc->model->note) {
4930         desc = g_strdup_printf("%s [%s]", model_id, cc->model->note);
4931     }
4932     if (!desc) {
4933         desc = g_strdup_printf("%s", model_id);
4934     }
4935 
4936     if (cc->model && cc->model->cpudef->deprecation_note) {
4937         g_autofree char *olddesc = desc;
4938         desc = g_strdup_printf("%s (deprecated)", olddesc);
4939     }
4940 
4941     qemu_printf("x86 %-20s  %s\n", name, desc);
4942 }
4943 
4944 /* list available CPU models and flags */
4945 void x86_cpu_list(void)
4946 {
4947     int i, j;
4948     GSList *list;
4949     GList *names = NULL;
4950 
4951     qemu_printf("Available CPUs:\n");
4952     list = get_sorted_cpu_model_list();
4953     g_slist_foreach(list, x86_cpu_list_entry, NULL);
4954     g_slist_free(list);
4955 
4956     names = NULL;
4957     for (i = 0; i < ARRAY_SIZE(feature_word_info); i++) {
4958         FeatureWordInfo *fw = &feature_word_info[i];
4959         for (j = 0; j < 64; j++) {
4960             if (fw->feat_names[j]) {
4961                 names = g_list_append(names, (gpointer)fw->feat_names[j]);
4962             }
4963         }
4964     }
4965 
4966     names = g_list_sort(names, (GCompareFunc)strcmp);
4967 
4968     qemu_printf("\nRecognized CPUID flags:\n");
4969     listflags(names);
4970     qemu_printf("\n");
4971     g_list_free(names);
4972 }
4973 
4974 #ifndef CONFIG_USER_ONLY
4975 
4976 /* Check for missing features that may prevent the CPU class from
4977  * running using the current machine and accelerator.
4978  */
4979 static void x86_cpu_class_check_missing_features(X86CPUClass *xcc,
4980                                                  strList **list)
4981 {
4982     strList **tail = list;
4983     X86CPU *xc;
4984     Error *err = NULL;
4985 
4986     if (xcc->host_cpuid_required && !accel_uses_host_cpuid()) {
4987         QAPI_LIST_APPEND(tail, g_strdup("kvm"));
4988         return;
4989     }
4990 
4991     xc = X86_CPU(object_new_with_class(OBJECT_CLASS(xcc)));
4992 
4993     x86_cpu_expand_features(xc, &err);
4994     if (err) {
4995         /* Errors at x86_cpu_expand_features should never happen,
4996          * but in case it does, just report the model as not
4997          * runnable at all using the "type" property.
4998          */
4999         QAPI_LIST_APPEND(tail, g_strdup("type"));
5000         error_free(err);
5001     }
5002 
5003     x86_cpu_filter_features(xc, false);
5004 
5005     x86_cpu_list_feature_names(xc->filtered_features, tail);
5006 
5007     object_unref(OBJECT(xc));
5008 }
5009 
5010 static void x86_cpu_definition_entry(gpointer data, gpointer user_data)
5011 {
5012     ObjectClass *oc = data;
5013     X86CPUClass *cc = X86_CPU_CLASS(oc);
5014     CpuDefinitionInfoList **cpu_list = user_data;
5015     CpuDefinitionInfo *info;
5016 
5017     info = g_malloc0(sizeof(*info));
5018     info->name = x86_cpu_class_get_model_name(cc);
5019     x86_cpu_class_check_missing_features(cc, &info->unavailable_features);
5020     info->has_unavailable_features = true;
5021     info->q_typename = g_strdup(object_class_get_name(oc));
5022     info->migration_safe = cc->migration_safe;
5023     info->has_migration_safe = true;
5024     info->q_static = cc->static_model;
5025     if (cc->model && cc->model->cpudef->deprecation_note) {
5026         info->deprecated = true;
5027     } else {
5028         info->deprecated = false;
5029     }
5030     /*
5031      * Old machine types won't report aliases, so that alias translation
5032      * doesn't break compatibility with previous QEMU versions.
5033      */
5034     if (default_cpu_version != CPU_VERSION_LEGACY) {
5035         info->alias_of = x86_cpu_class_get_alias_of(cc);
5036     }
5037 
5038     QAPI_LIST_PREPEND(*cpu_list, info);
5039 }
5040 
5041 CpuDefinitionInfoList *qmp_query_cpu_definitions(Error **errp)
5042 {
5043     CpuDefinitionInfoList *cpu_list = NULL;
5044     GSList *list = get_sorted_cpu_model_list();
5045     g_slist_foreach(list, x86_cpu_definition_entry, &cpu_list);
5046     g_slist_free(list);
5047     return cpu_list;
5048 }
5049 
5050 #endif /* !CONFIG_USER_ONLY */
5051 
5052 uint64_t x86_cpu_get_supported_feature_word(FeatureWord w,
5053                                             bool migratable_only)
5054 {
5055     FeatureWordInfo *wi = &feature_word_info[w];
5056     uint64_t r = 0;
5057 
5058     if (kvm_enabled()) {
5059         switch (wi->type) {
5060         case CPUID_FEATURE_WORD:
5061             r = kvm_arch_get_supported_cpuid(kvm_state, wi->cpuid.eax,
5062                                                         wi->cpuid.ecx,
5063                                                         wi->cpuid.reg);
5064             break;
5065         case MSR_FEATURE_WORD:
5066             r = kvm_arch_get_supported_msr_feature(kvm_state,
5067                         wi->msr.index);
5068             break;
5069         }
5070     } else if (hvf_enabled()) {
5071         if (wi->type != CPUID_FEATURE_WORD) {
5072             return 0;
5073         }
5074         r = hvf_get_supported_cpuid(wi->cpuid.eax,
5075                                     wi->cpuid.ecx,
5076                                     wi->cpuid.reg);
5077     } else if (tcg_enabled()) {
5078         r = wi->tcg_features;
5079     } else {
5080         return ~0;
5081     }
5082 #ifndef TARGET_X86_64
5083     if (w == FEAT_8000_0001_EDX) {
5084         r &= ~CPUID_EXT2_LM;
5085     }
5086 #endif
5087     if (migratable_only) {
5088         r &= x86_cpu_get_migratable_flags(w);
5089     }
5090     return r;
5091 }
5092 
5093 static void x86_cpu_get_supported_cpuid(uint32_t func, uint32_t index,
5094                                         uint32_t *eax, uint32_t *ebx,
5095                                         uint32_t *ecx, uint32_t *edx)
5096 {
5097     if (kvm_enabled()) {
5098         *eax = kvm_arch_get_supported_cpuid(kvm_state, func, index, R_EAX);
5099         *ebx = kvm_arch_get_supported_cpuid(kvm_state, func, index, R_EBX);
5100         *ecx = kvm_arch_get_supported_cpuid(kvm_state, func, index, R_ECX);
5101         *edx = kvm_arch_get_supported_cpuid(kvm_state, func, index, R_EDX);
5102     } else if (hvf_enabled()) {
5103         *eax = hvf_get_supported_cpuid(func, index, R_EAX);
5104         *ebx = hvf_get_supported_cpuid(func, index, R_EBX);
5105         *ecx = hvf_get_supported_cpuid(func, index, R_ECX);
5106         *edx = hvf_get_supported_cpuid(func, index, R_EDX);
5107     } else {
5108         *eax = 0;
5109         *ebx = 0;
5110         *ecx = 0;
5111         *edx = 0;
5112     }
5113 }
5114 
5115 static void x86_cpu_get_cache_cpuid(uint32_t func, uint32_t index,
5116                                     uint32_t *eax, uint32_t *ebx,
5117                                     uint32_t *ecx, uint32_t *edx)
5118 {
5119     uint32_t level, unused;
5120 
5121     /* Only return valid host leaves.  */
5122     switch (func) {
5123     case 2:
5124     case 4:
5125         host_cpuid(0, 0, &level, &unused, &unused, &unused);
5126         break;
5127     case 0x80000005:
5128     case 0x80000006:
5129     case 0x8000001d:
5130         host_cpuid(0x80000000, 0, &level, &unused, &unused, &unused);
5131         break;
5132     default:
5133         return;
5134     }
5135 
5136     if (func > level) {
5137         *eax = 0;
5138         *ebx = 0;
5139         *ecx = 0;
5140         *edx = 0;
5141     } else {
5142         host_cpuid(func, index, eax, ebx, ecx, edx);
5143     }
5144 }
5145 
5146 /*
5147  * Only for builtin_x86_defs models initialized with x86_register_cpudef_types.
5148  */
5149 void x86_cpu_apply_props(X86CPU *cpu, PropValue *props)
5150 {
5151     PropValue *pv;
5152     for (pv = props; pv->prop; pv++) {
5153         if (!pv->value) {
5154             continue;
5155         }
5156         object_property_parse(OBJECT(cpu), pv->prop, pv->value,
5157                               &error_abort);
5158     }
5159 }
5160 
5161 /*
5162  * Apply properties for the CPU model version specified in model.
5163  * Only for builtin_x86_defs models initialized with x86_register_cpudef_types.
5164  */
5165 
5166 static void x86_cpu_apply_version_props(X86CPU *cpu, X86CPUModel *model)
5167 {
5168     const X86CPUVersionDefinition *vdef;
5169     X86CPUVersion version = x86_cpu_model_resolve_version(model);
5170 
5171     if (version == CPU_VERSION_LEGACY) {
5172         return;
5173     }
5174 
5175     for (vdef = x86_cpu_def_get_versions(model->cpudef); vdef->version; vdef++) {
5176         PropValue *p;
5177 
5178         for (p = vdef->props; p && p->prop; p++) {
5179             object_property_parse(OBJECT(cpu), p->prop, p->value,
5180                                   &error_abort);
5181         }
5182 
5183         if (vdef->version == version) {
5184             break;
5185         }
5186     }
5187 
5188     /*
5189      * If we reached the end of the list, version number was invalid
5190      */
5191     assert(vdef->version == version);
5192 }
5193 
5194 /*
5195  * Load data from X86CPUDefinition into a X86CPU object.
5196  * Only for builtin_x86_defs models initialized with x86_register_cpudef_types.
5197  */
5198 static void x86_cpu_load_model(X86CPU *cpu, X86CPUModel *model)
5199 {
5200     const X86CPUDefinition *def = model->cpudef;
5201     CPUX86State *env = &cpu->env;
5202     FeatureWord w;
5203 
5204     /*NOTE: any property set by this function should be returned by
5205      * x86_cpu_static_props(), so static expansion of
5206      * query-cpu-model-expansion is always complete.
5207      */
5208 
5209     /* CPU models only set _minimum_ values for level/xlevel: */
5210     object_property_set_uint(OBJECT(cpu), "min-level", def->level,
5211                              &error_abort);
5212     object_property_set_uint(OBJECT(cpu), "min-xlevel", def->xlevel,
5213                              &error_abort);
5214 
5215     object_property_set_int(OBJECT(cpu), "family", def->family, &error_abort);
5216     object_property_set_int(OBJECT(cpu), "model", def->model, &error_abort);
5217     object_property_set_int(OBJECT(cpu), "stepping", def->stepping,
5218                             &error_abort);
5219     object_property_set_str(OBJECT(cpu), "model-id", def->model_id,
5220                             &error_abort);
5221     for (w = 0; w < FEATURE_WORDS; w++) {
5222         env->features[w] = def->features[w];
5223     }
5224 
5225     /* legacy-cache defaults to 'off' if CPU model provides cache info */
5226     cpu->legacy_cache = !def->cache_info;
5227 
5228     env->features[FEAT_1_ECX] |= CPUID_EXT_HYPERVISOR;
5229 
5230     /* sysenter isn't supported in compatibility mode on AMD,
5231      * syscall isn't supported in compatibility mode on Intel.
5232      * Normally we advertise the actual CPU vendor, but you can
5233      * override this using the 'vendor' property if you want to use
5234      * KVM's sysenter/syscall emulation in compatibility mode and
5235      * when doing cross vendor migration
5236      */
5237 
5238     /*
5239      * vendor property is set here but then overloaded with the
5240      * host cpu vendor for KVM and HVF.
5241      */
5242     object_property_set_str(OBJECT(cpu), "vendor", def->vendor, &error_abort);
5243 
5244     x86_cpu_apply_version_props(cpu, model);
5245 
5246     /*
5247      * Properties in versioned CPU model are not user specified features.
5248      * We can simply clear env->user_features here since it will be filled later
5249      * in x86_cpu_expand_features() based on plus_features and minus_features.
5250      */
5251     memset(&env->user_features, 0, sizeof(env->user_features));
5252 }
5253 
5254 static gchar *x86_gdb_arch_name(CPUState *cs)
5255 {
5256 #ifdef TARGET_X86_64
5257     return g_strdup("i386:x86-64");
5258 #else
5259     return g_strdup("i386");
5260 #endif
5261 }
5262 
5263 static void x86_cpu_cpudef_class_init(ObjectClass *oc, void *data)
5264 {
5265     X86CPUModel *model = data;
5266     X86CPUClass *xcc = X86_CPU_CLASS(oc);
5267     CPUClass *cc = CPU_CLASS(oc);
5268 
5269     xcc->model = model;
5270     xcc->migration_safe = true;
5271     cc->deprecation_note = model->cpudef->deprecation_note;
5272 }
5273 
5274 static void x86_register_cpu_model_type(const char *name, X86CPUModel *model)
5275 {
5276     g_autofree char *typename = x86_cpu_type_name(name);
5277     TypeInfo ti = {
5278         .name = typename,
5279         .parent = TYPE_X86_CPU,
5280         .class_init = x86_cpu_cpudef_class_init,
5281         .class_data = model,
5282     };
5283 
5284     type_register(&ti);
5285 }
5286 
5287 
5288 /*
5289  * register builtin_x86_defs;
5290  * "max", "base" and subclasses ("host") are not registered here.
5291  * See x86_cpu_register_types for all model registrations.
5292  */
5293 static void x86_register_cpudef_types(const X86CPUDefinition *def)
5294 {
5295     X86CPUModel *m;
5296     const X86CPUVersionDefinition *vdef;
5297 
5298     /* AMD aliases are handled at runtime based on CPUID vendor, so
5299      * they shouldn't be set on the CPU model table.
5300      */
5301     assert(!(def->features[FEAT_8000_0001_EDX] & CPUID_EXT2_AMD_ALIASES));
5302     /* catch mistakes instead of silently truncating model_id when too long */
5303     assert(def->model_id && strlen(def->model_id) <= 48);
5304 
5305     /* Unversioned model: */
5306     m = g_new0(X86CPUModel, 1);
5307     m->cpudef = def;
5308     m->version = CPU_VERSION_AUTO;
5309     m->is_alias = true;
5310     x86_register_cpu_model_type(def->name, m);
5311 
5312     /* Versioned models: */
5313 
5314     for (vdef = x86_cpu_def_get_versions(def); vdef->version; vdef++) {
5315         X86CPUModel *m = g_new0(X86CPUModel, 1);
5316         g_autofree char *name =
5317             x86_cpu_versioned_model_name(def, vdef->version);
5318         m->cpudef = def;
5319         m->version = vdef->version;
5320         m->note = vdef->note;
5321         x86_register_cpu_model_type(name, m);
5322 
5323         if (vdef->alias) {
5324             X86CPUModel *am = g_new0(X86CPUModel, 1);
5325             am->cpudef = def;
5326             am->version = vdef->version;
5327             am->is_alias = true;
5328             x86_register_cpu_model_type(vdef->alias, am);
5329         }
5330     }
5331 
5332 }
5333 
5334 uint32_t cpu_x86_virtual_addr_width(CPUX86State *env)
5335 {
5336     if  (env->features[FEAT_7_0_ECX] & CPUID_7_0_ECX_LA57) {
5337         return 57; /* 57 bits virtual */
5338     } else {
5339         return 48; /* 48 bits virtual */
5340     }
5341 }
5342 
5343 void cpu_x86_cpuid(CPUX86State *env, uint32_t index, uint32_t count,
5344                    uint32_t *eax, uint32_t *ebx,
5345                    uint32_t *ecx, uint32_t *edx)
5346 {
5347     X86CPU *cpu = env_archcpu(env);
5348     CPUState *cs = env_cpu(env);
5349     uint32_t die_offset;
5350     uint32_t limit;
5351     uint32_t signature[3];
5352     X86CPUTopoInfo topo_info;
5353 
5354     topo_info.dies_per_pkg = env->nr_dies;
5355     topo_info.cores_per_die = cs->nr_cores;
5356     topo_info.threads_per_core = cs->nr_threads;
5357 
5358     /* Calculate & apply limits for different index ranges */
5359     if (index >= 0xC0000000) {
5360         limit = env->cpuid_xlevel2;
5361     } else if (index >= 0x80000000) {
5362         limit = env->cpuid_xlevel;
5363     } else if (index >= 0x40000000) {
5364         limit = 0x40000001;
5365     } else {
5366         limit = env->cpuid_level;
5367     }
5368 
5369     if (index > limit) {
5370         /* Intel documentation states that invalid EAX input will
5371          * return the same information as EAX=cpuid_level
5372          * (Intel SDM Vol. 2A - Instruction Set Reference - CPUID)
5373          */
5374         index = env->cpuid_level;
5375     }
5376 
5377     switch(index) {
5378     case 0:
5379         *eax = env->cpuid_level;
5380         *ebx = env->cpuid_vendor1;
5381         *edx = env->cpuid_vendor2;
5382         *ecx = env->cpuid_vendor3;
5383         break;
5384     case 1:
5385         *eax = env->cpuid_version;
5386         *ebx = (cpu->apic_id << 24) |
5387                8 << 8; /* CLFLUSH size in quad words, Linux wants it. */
5388         *ecx = env->features[FEAT_1_ECX];
5389         if ((*ecx & CPUID_EXT_XSAVE) && (env->cr[4] & CR4_OSXSAVE_MASK)) {
5390             *ecx |= CPUID_EXT_OSXSAVE;
5391         }
5392         *edx = env->features[FEAT_1_EDX];
5393         if (cs->nr_cores * cs->nr_threads > 1) {
5394             *ebx |= (cs->nr_cores * cs->nr_threads) << 16;
5395             *edx |= CPUID_HT;
5396         }
5397         if (!cpu->enable_pmu) {
5398             *ecx &= ~CPUID_EXT_PDCM;
5399         }
5400         break;
5401     case 2:
5402         /* cache info: needed for Pentium Pro compatibility */
5403         if (cpu->cache_info_passthrough) {
5404             x86_cpu_get_cache_cpuid(index, 0, eax, ebx, ecx, edx);
5405             break;
5406         } else if (cpu->vendor_cpuid_only && IS_AMD_CPU(env)) {
5407             *eax = *ebx = *ecx = *edx = 0;
5408             break;
5409         }
5410         *eax = 1; /* Number of CPUID[EAX=2] calls required */
5411         *ebx = 0;
5412         if (!cpu->enable_l3_cache) {
5413             *ecx = 0;
5414         } else {
5415             *ecx = cpuid2_cache_descriptor(env->cache_info_cpuid2.l3_cache);
5416         }
5417         *edx = (cpuid2_cache_descriptor(env->cache_info_cpuid2.l1d_cache) << 16) |
5418                (cpuid2_cache_descriptor(env->cache_info_cpuid2.l1i_cache) <<  8) |
5419                (cpuid2_cache_descriptor(env->cache_info_cpuid2.l2_cache));
5420         break;
5421     case 4:
5422         /* cache info: needed for Core compatibility */
5423         if (cpu->cache_info_passthrough) {
5424             x86_cpu_get_cache_cpuid(index, count, eax, ebx, ecx, edx);
5425             /*
5426              * QEMU has its own number of cores/logical cpus,
5427              * set 24..14, 31..26 bit to configured values
5428              */
5429             if (*eax & 31) {
5430                 int host_vcpus_per_cache = 1 + ((*eax & 0x3FFC000) >> 14);
5431                 int vcpus_per_socket = env->nr_dies * cs->nr_cores *
5432                                        cs->nr_threads;
5433                 if (cs->nr_cores > 1) {
5434                     *eax &= ~0xFC000000;
5435                     *eax |= (pow2ceil(cs->nr_cores) - 1) << 26;
5436                 }
5437                 if (host_vcpus_per_cache > vcpus_per_socket) {
5438                     *eax &= ~0x3FFC000;
5439                     *eax |= (pow2ceil(vcpus_per_socket) - 1) << 14;
5440                 }
5441             }
5442         } else if (cpu->vendor_cpuid_only && IS_AMD_CPU(env)) {
5443             *eax = *ebx = *ecx = *edx = 0;
5444         } else {
5445             *eax = 0;
5446             switch (count) {
5447             case 0: /* L1 dcache info */
5448                 encode_cache_cpuid4(env->cache_info_cpuid4.l1d_cache,
5449                                     1, cs->nr_cores,
5450                                     eax, ebx, ecx, edx);
5451                 break;
5452             case 1: /* L1 icache info */
5453                 encode_cache_cpuid4(env->cache_info_cpuid4.l1i_cache,
5454                                     1, cs->nr_cores,
5455                                     eax, ebx, ecx, edx);
5456                 break;
5457             case 2: /* L2 cache info */
5458                 encode_cache_cpuid4(env->cache_info_cpuid4.l2_cache,
5459                                     cs->nr_threads, cs->nr_cores,
5460                                     eax, ebx, ecx, edx);
5461                 break;
5462             case 3: /* L3 cache info */
5463                 die_offset = apicid_die_offset(&topo_info);
5464                 if (cpu->enable_l3_cache) {
5465                     encode_cache_cpuid4(env->cache_info_cpuid4.l3_cache,
5466                                         (1 << die_offset), cs->nr_cores,
5467                                         eax, ebx, ecx, edx);
5468                     break;
5469                 }
5470                 /* fall through */
5471             default: /* end of info */
5472                 *eax = *ebx = *ecx = *edx = 0;
5473                 break;
5474             }
5475         }
5476         break;
5477     case 5:
5478         /* MONITOR/MWAIT Leaf */
5479         *eax = cpu->mwait.eax; /* Smallest monitor-line size in bytes */
5480         *ebx = cpu->mwait.ebx; /* Largest monitor-line size in bytes */
5481         *ecx = cpu->mwait.ecx; /* flags */
5482         *edx = cpu->mwait.edx; /* mwait substates */
5483         break;
5484     case 6:
5485         /* Thermal and Power Leaf */
5486         *eax = env->features[FEAT_6_EAX];
5487         *ebx = 0;
5488         *ecx = 0;
5489         *edx = 0;
5490         break;
5491     case 7:
5492         /* Structured Extended Feature Flags Enumeration Leaf */
5493         if (count == 0) {
5494             /* Maximum ECX value for sub-leaves */
5495             *eax = env->cpuid_level_func7;
5496             *ebx = env->features[FEAT_7_0_EBX]; /* Feature flags */
5497             *ecx = env->features[FEAT_7_0_ECX]; /* Feature flags */
5498             if ((*ecx & CPUID_7_0_ECX_PKU) && env->cr[4] & CR4_PKE_MASK) {
5499                 *ecx |= CPUID_7_0_ECX_OSPKE;
5500             }
5501             *edx = env->features[FEAT_7_0_EDX]; /* Feature flags */
5502 
5503             /*
5504              * SGX cannot be emulated in software.  If hardware does not
5505              * support enabling SGX and/or SGX flexible launch control,
5506              * then we need to update the VM's CPUID values accordingly.
5507              */
5508             if ((*ebx & CPUID_7_0_EBX_SGX) &&
5509                 (!kvm_enabled() ||
5510                  !(kvm_arch_get_supported_cpuid(cs->kvm_state, 0x7, 0, R_EBX) &
5511                     CPUID_7_0_EBX_SGX))) {
5512                 *ebx &= ~CPUID_7_0_EBX_SGX;
5513             }
5514 
5515             if ((*ecx & CPUID_7_0_ECX_SGX_LC) &&
5516                 (!(*ebx & CPUID_7_0_EBX_SGX) || !kvm_enabled() ||
5517                  !(kvm_arch_get_supported_cpuid(cs->kvm_state, 0x7, 0, R_ECX) &
5518                     CPUID_7_0_ECX_SGX_LC))) {
5519                 *ecx &= ~CPUID_7_0_ECX_SGX_LC;
5520             }
5521         } else if (count == 1) {
5522             *eax = env->features[FEAT_7_1_EAX];
5523             *ebx = 0;
5524             *ecx = 0;
5525             *edx = 0;
5526         } else {
5527             *eax = 0;
5528             *ebx = 0;
5529             *ecx = 0;
5530             *edx = 0;
5531         }
5532         break;
5533     case 9:
5534         /* Direct Cache Access Information Leaf */
5535         *eax = 0; /* Bits 0-31 in DCA_CAP MSR */
5536         *ebx = 0;
5537         *ecx = 0;
5538         *edx = 0;
5539         break;
5540     case 0xA:
5541         /* Architectural Performance Monitoring Leaf */
5542         if (accel_uses_host_cpuid() && cpu->enable_pmu) {
5543             x86_cpu_get_supported_cpuid(0xA, count, eax, ebx, ecx, edx);
5544         } else {
5545             *eax = 0;
5546             *ebx = 0;
5547             *ecx = 0;
5548             *edx = 0;
5549         }
5550         break;
5551     case 0xB:
5552         /* Extended Topology Enumeration Leaf */
5553         if (!cpu->enable_cpuid_0xb) {
5554                 *eax = *ebx = *ecx = *edx = 0;
5555                 break;
5556         }
5557 
5558         *ecx = count & 0xff;
5559         *edx = cpu->apic_id;
5560 
5561         switch (count) {
5562         case 0:
5563             *eax = apicid_core_offset(&topo_info);
5564             *ebx = cs->nr_threads;
5565             *ecx |= CPUID_TOPOLOGY_LEVEL_SMT;
5566             break;
5567         case 1:
5568             *eax = apicid_pkg_offset(&topo_info);
5569             *ebx = cs->nr_cores * cs->nr_threads;
5570             *ecx |= CPUID_TOPOLOGY_LEVEL_CORE;
5571             break;
5572         default:
5573             *eax = 0;
5574             *ebx = 0;
5575             *ecx |= CPUID_TOPOLOGY_LEVEL_INVALID;
5576         }
5577 
5578         assert(!(*eax & ~0x1f));
5579         *ebx &= 0xffff; /* The count doesn't need to be reliable. */
5580         break;
5581     case 0x1C:
5582         if (accel_uses_host_cpuid() && cpu->enable_pmu &&
5583             (env->features[FEAT_7_0_EDX] & CPUID_7_0_EDX_ARCH_LBR)) {
5584             x86_cpu_get_supported_cpuid(0x1C, 0, eax, ebx, ecx, edx);
5585             *edx = 0;
5586         }
5587         break;
5588     case 0x1F:
5589         /* V2 Extended Topology Enumeration Leaf */
5590         if (env->nr_dies < 2) {
5591             *eax = *ebx = *ecx = *edx = 0;
5592             break;
5593         }
5594 
5595         *ecx = count & 0xff;
5596         *edx = cpu->apic_id;
5597         switch (count) {
5598         case 0:
5599             *eax = apicid_core_offset(&topo_info);
5600             *ebx = cs->nr_threads;
5601             *ecx |= CPUID_TOPOLOGY_LEVEL_SMT;
5602             break;
5603         case 1:
5604             *eax = apicid_die_offset(&topo_info);
5605             *ebx = cs->nr_cores * cs->nr_threads;
5606             *ecx |= CPUID_TOPOLOGY_LEVEL_CORE;
5607             break;
5608         case 2:
5609             *eax = apicid_pkg_offset(&topo_info);
5610             *ebx = env->nr_dies * cs->nr_cores * cs->nr_threads;
5611             *ecx |= CPUID_TOPOLOGY_LEVEL_DIE;
5612             break;
5613         default:
5614             *eax = 0;
5615             *ebx = 0;
5616             *ecx |= CPUID_TOPOLOGY_LEVEL_INVALID;
5617         }
5618         assert(!(*eax & ~0x1f));
5619         *ebx &= 0xffff; /* The count doesn't need to be reliable. */
5620         break;
5621     case 0xD: {
5622         /* Processor Extended State */
5623         *eax = 0;
5624         *ebx = 0;
5625         *ecx = 0;
5626         *edx = 0;
5627         if (!(env->features[FEAT_1_ECX] & CPUID_EXT_XSAVE)) {
5628             break;
5629         }
5630 
5631         if (count == 0) {
5632             *ecx = xsave_area_size(x86_cpu_xsave_xcr0_components(cpu), false);
5633             *eax = env->features[FEAT_XSAVE_XCR0_LO];
5634             *edx = env->features[FEAT_XSAVE_XCR0_HI];
5635             /*
5636              * The initial value of xcr0 and ebx == 0, On host without kvm
5637              * commit 412a3c41(e.g., CentOS 6), the ebx's value always == 0
5638              * even through guest update xcr0, this will crash some legacy guest
5639              * (e.g., CentOS 6), So set ebx == ecx to workaroud it.
5640              */
5641             *ebx = kvm_enabled() ? *ecx : xsave_area_size(env->xcr0, false);
5642         } else if (count == 1) {
5643             uint64_t xstate = x86_cpu_xsave_xcr0_components(cpu) |
5644                               x86_cpu_xsave_xss_components(cpu);
5645 
5646             *eax = env->features[FEAT_XSAVE];
5647             *ebx = xsave_area_size(xstate, true);
5648             *ecx = env->features[FEAT_XSAVE_XSS_LO];
5649             *edx = env->features[FEAT_XSAVE_XSS_HI];
5650             if (kvm_enabled() && cpu->enable_pmu &&
5651                 (env->features[FEAT_7_0_EDX] & CPUID_7_0_EDX_ARCH_LBR) &&
5652                 (*eax & CPUID_XSAVE_XSAVES)) {
5653                 *ecx |= XSTATE_ARCH_LBR_MASK;
5654             } else {
5655                 *ecx &= ~XSTATE_ARCH_LBR_MASK;
5656             }
5657         } else if (count == 0xf &&
5658                    accel_uses_host_cpuid() && cpu->enable_pmu &&
5659                    (env->features[FEAT_7_0_EDX] & CPUID_7_0_EDX_ARCH_LBR)) {
5660             x86_cpu_get_supported_cpuid(0xD, count, eax, ebx, ecx, edx);
5661         } else if (count < ARRAY_SIZE(x86_ext_save_areas)) {
5662             const ExtSaveArea *esa = &x86_ext_save_areas[count];
5663 
5664             if (x86_cpu_xsave_xcr0_components(cpu) & (1ULL << count)) {
5665                 *eax = esa->size;
5666                 *ebx = esa->offset;
5667                 *ecx = esa->ecx &
5668                        (ESA_FEATURE_ALIGN64_MASK | ESA_FEATURE_XFD_MASK);
5669             } else if (x86_cpu_xsave_xss_components(cpu) & (1ULL << count)) {
5670                 *eax = esa->size;
5671                 *ebx = 0;
5672                 *ecx = 1;
5673             }
5674         }
5675         break;
5676     }
5677     case 0x12:
5678 #ifndef CONFIG_USER_ONLY
5679         if (!kvm_enabled() ||
5680             !(env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_SGX)) {
5681             *eax = *ebx = *ecx = *edx = 0;
5682             break;
5683         }
5684 
5685         /*
5686          * SGX sub-leafs CPUID.0x12.{0x2..N} enumerate EPC sections.  Retrieve
5687          * the EPC properties, e.g. confidentiality and integrity, from the
5688          * host's first EPC section, i.e. assume there is one EPC section or
5689          * that all EPC sections have the same security properties.
5690          */
5691         if (count > 1) {
5692             uint64_t epc_addr, epc_size;
5693 
5694             if (sgx_epc_get_section(count - 2, &epc_addr, &epc_size)) {
5695                 *eax = *ebx = *ecx = *edx = 0;
5696                 break;
5697             }
5698             host_cpuid(index, 2, eax, ebx, ecx, edx);
5699             *eax = (uint32_t)(epc_addr & 0xfffff000) | 0x1;
5700             *ebx = (uint32_t)(epc_addr >> 32);
5701             *ecx = (uint32_t)(epc_size & 0xfffff000) | (*ecx & 0xf);
5702             *edx = (uint32_t)(epc_size >> 32);
5703             break;
5704         }
5705 
5706         /*
5707          * SGX sub-leafs CPUID.0x12.{0x0,0x1} are heavily dependent on hardware
5708          * and KVM, i.e. QEMU cannot emulate features to override what KVM
5709          * supports.  Features can be further restricted by userspace, but not
5710          * made more permissive.
5711          */
5712         x86_cpu_get_supported_cpuid(0x12, count, eax, ebx, ecx, edx);
5713 
5714         if (count == 0) {
5715             *eax &= env->features[FEAT_SGX_12_0_EAX];
5716             *ebx &= env->features[FEAT_SGX_12_0_EBX];
5717         } else {
5718             *eax &= env->features[FEAT_SGX_12_1_EAX];
5719             *ebx &= 0; /* ebx reserve */
5720             *ecx &= env->features[FEAT_XSAVE_XSS_LO];
5721             *edx &= env->features[FEAT_XSAVE_XSS_HI];
5722 
5723             /* FP and SSE are always allowed regardless of XSAVE/XCR0. */
5724             *ecx |= XSTATE_FP_MASK | XSTATE_SSE_MASK;
5725 
5726             /* Access to PROVISIONKEY requires additional credentials. */
5727             if ((*eax & (1U << 4)) &&
5728                 !kvm_enable_sgx_provisioning(cs->kvm_state)) {
5729                 *eax &= ~(1U << 4);
5730             }
5731         }
5732 #endif
5733         break;
5734     case 0x14: {
5735         /* Intel Processor Trace Enumeration */
5736         *eax = 0;
5737         *ebx = 0;
5738         *ecx = 0;
5739         *edx = 0;
5740         if (!(env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_INTEL_PT) ||
5741             !kvm_enabled()) {
5742             break;
5743         }
5744 
5745         if (count == 0) {
5746             *eax = INTEL_PT_MAX_SUBLEAF;
5747             *ebx = INTEL_PT_MINIMAL_EBX;
5748             *ecx = INTEL_PT_MINIMAL_ECX;
5749             if (env->features[FEAT_14_0_ECX] & CPUID_14_0_ECX_LIP) {
5750                 *ecx |= CPUID_14_0_ECX_LIP;
5751             }
5752         } else if (count == 1) {
5753             *eax = INTEL_PT_MTC_BITMAP | INTEL_PT_ADDR_RANGES_NUM;
5754             *ebx = INTEL_PT_PSB_BITMAP | INTEL_PT_CYCLE_BITMAP;
5755         }
5756         break;
5757     }
5758     case 0x1D: {
5759         /* AMX TILE, for now hardcoded for Sapphire Rapids*/
5760         *eax = 0;
5761         *ebx = 0;
5762         *ecx = 0;
5763         *edx = 0;
5764         if (!(env->features[FEAT_7_0_EDX] & CPUID_7_0_EDX_AMX_TILE)) {
5765             break;
5766         }
5767 
5768         if (count == 0) {
5769             /* Highest numbered palette subleaf */
5770             *eax = INTEL_AMX_TILE_MAX_SUBLEAF;
5771         } else if (count == 1) {
5772             *eax = INTEL_AMX_TOTAL_TILE_BYTES |
5773                    (INTEL_AMX_BYTES_PER_TILE << 16);
5774             *ebx = INTEL_AMX_BYTES_PER_ROW | (INTEL_AMX_TILE_MAX_NAMES << 16);
5775             *ecx = INTEL_AMX_TILE_MAX_ROWS;
5776         }
5777         break;
5778     }
5779     case 0x1E: {
5780         /* AMX TMUL, for now hardcoded for Sapphire Rapids */
5781         *eax = 0;
5782         *ebx = 0;
5783         *ecx = 0;
5784         *edx = 0;
5785         if (!(env->features[FEAT_7_0_EDX] & CPUID_7_0_EDX_AMX_TILE)) {
5786             break;
5787         }
5788 
5789         if (count == 0) {
5790             /* Highest numbered palette subleaf */
5791             *ebx = INTEL_AMX_TMUL_MAX_K | (INTEL_AMX_TMUL_MAX_N << 8);
5792         }
5793         break;
5794     }
5795     case 0x40000000:
5796         /*
5797          * CPUID code in kvm_arch_init_vcpu() ignores stuff
5798          * set here, but we restrict to TCG none the less.
5799          */
5800         if (tcg_enabled() && cpu->expose_tcg) {
5801             memcpy(signature, "TCGTCGTCGTCG", 12);
5802             *eax = 0x40000001;
5803             *ebx = signature[0];
5804             *ecx = signature[1];
5805             *edx = signature[2];
5806         } else {
5807             *eax = 0;
5808             *ebx = 0;
5809             *ecx = 0;
5810             *edx = 0;
5811         }
5812         break;
5813     case 0x40000001:
5814         *eax = 0;
5815         *ebx = 0;
5816         *ecx = 0;
5817         *edx = 0;
5818         break;
5819     case 0x80000000:
5820         *eax = env->cpuid_xlevel;
5821         *ebx = env->cpuid_vendor1;
5822         *edx = env->cpuid_vendor2;
5823         *ecx = env->cpuid_vendor3;
5824         break;
5825     case 0x80000001:
5826         *eax = env->cpuid_version;
5827         *ebx = 0;
5828         *ecx = env->features[FEAT_8000_0001_ECX];
5829         *edx = env->features[FEAT_8000_0001_EDX];
5830 
5831         /* The Linux kernel checks for the CMPLegacy bit and
5832          * discards multiple thread information if it is set.
5833          * So don't set it here for Intel to make Linux guests happy.
5834          */
5835         if (cs->nr_cores * cs->nr_threads > 1) {
5836             if (env->cpuid_vendor1 != CPUID_VENDOR_INTEL_1 ||
5837                 env->cpuid_vendor2 != CPUID_VENDOR_INTEL_2 ||
5838                 env->cpuid_vendor3 != CPUID_VENDOR_INTEL_3) {
5839                 *ecx |= 1 << 1;    /* CmpLegacy bit */
5840             }
5841         }
5842         break;
5843     case 0x80000002:
5844     case 0x80000003:
5845     case 0x80000004:
5846         *eax = env->cpuid_model[(index - 0x80000002) * 4 + 0];
5847         *ebx = env->cpuid_model[(index - 0x80000002) * 4 + 1];
5848         *ecx = env->cpuid_model[(index - 0x80000002) * 4 + 2];
5849         *edx = env->cpuid_model[(index - 0x80000002) * 4 + 3];
5850         break;
5851     case 0x80000005:
5852         /* cache info (L1 cache) */
5853         if (cpu->cache_info_passthrough) {
5854             x86_cpu_get_cache_cpuid(index, 0, eax, ebx, ecx, edx);
5855             break;
5856         }
5857         *eax = (L1_DTLB_2M_ASSOC << 24) | (L1_DTLB_2M_ENTRIES << 16) |
5858                (L1_ITLB_2M_ASSOC <<  8) | (L1_ITLB_2M_ENTRIES);
5859         *ebx = (L1_DTLB_4K_ASSOC << 24) | (L1_DTLB_4K_ENTRIES << 16) |
5860                (L1_ITLB_4K_ASSOC <<  8) | (L1_ITLB_4K_ENTRIES);
5861         *ecx = encode_cache_cpuid80000005(env->cache_info_amd.l1d_cache);
5862         *edx = encode_cache_cpuid80000005(env->cache_info_amd.l1i_cache);
5863         break;
5864     case 0x80000006:
5865         /* cache info (L2 cache) */
5866         if (cpu->cache_info_passthrough) {
5867             x86_cpu_get_cache_cpuid(index, 0, eax, ebx, ecx, edx);
5868             break;
5869         }
5870         *eax = (AMD_ENC_ASSOC(L2_DTLB_2M_ASSOC) << 28) |
5871                (L2_DTLB_2M_ENTRIES << 16) |
5872                (AMD_ENC_ASSOC(L2_ITLB_2M_ASSOC) << 12) |
5873                (L2_ITLB_2M_ENTRIES);
5874         *ebx = (AMD_ENC_ASSOC(L2_DTLB_4K_ASSOC) << 28) |
5875                (L2_DTLB_4K_ENTRIES << 16) |
5876                (AMD_ENC_ASSOC(L2_ITLB_4K_ASSOC) << 12) |
5877                (L2_ITLB_4K_ENTRIES);
5878         encode_cache_cpuid80000006(env->cache_info_amd.l2_cache,
5879                                    cpu->enable_l3_cache ?
5880                                    env->cache_info_amd.l3_cache : NULL,
5881                                    ecx, edx);
5882         break;
5883     case 0x80000007:
5884         *eax = 0;
5885         *ebx = 0;
5886         *ecx = 0;
5887         *edx = env->features[FEAT_8000_0007_EDX];
5888         break;
5889     case 0x80000008:
5890         /* virtual & phys address size in low 2 bytes. */
5891         *eax = cpu->phys_bits;
5892         if (env->features[FEAT_8000_0001_EDX] & CPUID_EXT2_LM) {
5893             /* 64 bit processor */
5894              *eax |= (cpu_x86_virtual_addr_width(env) << 8);
5895         }
5896         *ebx = env->features[FEAT_8000_0008_EBX];
5897         if (cs->nr_cores * cs->nr_threads > 1) {
5898             /*
5899              * Bits 15:12 is "The number of bits in the initial
5900              * Core::X86::Apic::ApicId[ApicId] value that indicate
5901              * thread ID within a package".
5902              * Bits 7:0 is "The number of threads in the package is NC+1"
5903              */
5904             *ecx = (apicid_pkg_offset(&topo_info) << 12) |
5905                    ((cs->nr_cores * cs->nr_threads) - 1);
5906         } else {
5907             *ecx = 0;
5908         }
5909         *edx = 0;
5910         break;
5911     case 0x8000000A:
5912         if (env->features[FEAT_8000_0001_ECX] & CPUID_EXT3_SVM) {
5913             *eax = 0x00000001; /* SVM Revision */
5914             *ebx = 0x00000010; /* nr of ASIDs */
5915             *ecx = 0;
5916             *edx = env->features[FEAT_SVM]; /* optional features */
5917         } else {
5918             *eax = 0;
5919             *ebx = 0;
5920             *ecx = 0;
5921             *edx = 0;
5922         }
5923         break;
5924     case 0x8000001D:
5925         *eax = 0;
5926         if (cpu->cache_info_passthrough) {
5927             x86_cpu_get_cache_cpuid(index, count, eax, ebx, ecx, edx);
5928             break;
5929         }
5930         switch (count) {
5931         case 0: /* L1 dcache info */
5932             encode_cache_cpuid8000001d(env->cache_info_amd.l1d_cache,
5933                                        &topo_info, eax, ebx, ecx, edx);
5934             break;
5935         case 1: /* L1 icache info */
5936             encode_cache_cpuid8000001d(env->cache_info_amd.l1i_cache,
5937                                        &topo_info, eax, ebx, ecx, edx);
5938             break;
5939         case 2: /* L2 cache info */
5940             encode_cache_cpuid8000001d(env->cache_info_amd.l2_cache,
5941                                        &topo_info, eax, ebx, ecx, edx);
5942             break;
5943         case 3: /* L3 cache info */
5944             encode_cache_cpuid8000001d(env->cache_info_amd.l3_cache,
5945                                        &topo_info, eax, ebx, ecx, edx);
5946             break;
5947         default: /* end of info */
5948             *eax = *ebx = *ecx = *edx = 0;
5949             break;
5950         }
5951         break;
5952     case 0x8000001E:
5953         if (cpu->core_id <= 255) {
5954             encode_topo_cpuid8000001e(cpu, &topo_info, eax, ebx, ecx, edx);
5955         } else {
5956             *eax = 0;
5957             *ebx = 0;
5958             *ecx = 0;
5959             *edx = 0;
5960         }
5961         break;
5962     case 0xC0000000:
5963         *eax = env->cpuid_xlevel2;
5964         *ebx = 0;
5965         *ecx = 0;
5966         *edx = 0;
5967         break;
5968     case 0xC0000001:
5969         /* Support for VIA CPU's CPUID instruction */
5970         *eax = env->cpuid_version;
5971         *ebx = 0;
5972         *ecx = 0;
5973         *edx = env->features[FEAT_C000_0001_EDX];
5974         break;
5975     case 0xC0000002:
5976     case 0xC0000003:
5977     case 0xC0000004:
5978         /* Reserved for the future, and now filled with zero */
5979         *eax = 0;
5980         *ebx = 0;
5981         *ecx = 0;
5982         *edx = 0;
5983         break;
5984     case 0x8000001F:
5985         *eax = *ebx = *ecx = *edx = 0;
5986         if (sev_enabled()) {
5987             *eax = 0x2;
5988             *eax |= sev_es_enabled() ? 0x8 : 0;
5989             *ebx = sev_get_cbit_position();
5990             *ebx |= sev_get_reduced_phys_bits() << 6;
5991         }
5992         break;
5993     default:
5994         /* reserved values: zero */
5995         *eax = 0;
5996         *ebx = 0;
5997         *ecx = 0;
5998         *edx = 0;
5999         break;
6000     }
6001 }
6002 
6003 static void x86_cpu_set_sgxlepubkeyhash(CPUX86State *env)
6004 {
6005 #ifndef CONFIG_USER_ONLY
6006     /* Those default values are defined in Skylake HW */
6007     env->msr_ia32_sgxlepubkeyhash[0] = 0xa6053e051270b7acULL;
6008     env->msr_ia32_sgxlepubkeyhash[1] = 0x6cfbe8ba8b3b413dULL;
6009     env->msr_ia32_sgxlepubkeyhash[2] = 0xc4916d99f2b3735dULL;
6010     env->msr_ia32_sgxlepubkeyhash[3] = 0xd4f8c05909f9bb3bULL;
6011 #endif
6012 }
6013 
6014 static void x86_cpu_reset_hold(Object *obj)
6015 {
6016     CPUState *s = CPU(obj);
6017     X86CPU *cpu = X86_CPU(s);
6018     X86CPUClass *xcc = X86_CPU_GET_CLASS(cpu);
6019     CPUX86State *env = &cpu->env;
6020     target_ulong cr4;
6021     uint64_t xcr0;
6022     int i;
6023 
6024     if (xcc->parent_phases.hold) {
6025         xcc->parent_phases.hold(obj);
6026     }
6027 
6028     memset(env, 0, offsetof(CPUX86State, end_reset_fields));
6029 
6030     env->old_exception = -1;
6031 
6032     /* init to reset state */
6033     env->int_ctl = 0;
6034     env->hflags2 |= HF2_GIF_MASK;
6035     env->hflags2 |= HF2_VGIF_MASK;
6036     env->hflags &= ~HF_GUEST_MASK;
6037 
6038     cpu_x86_update_cr0(env, 0x60000010);
6039     env->a20_mask = ~0x0;
6040     env->smbase = 0x30000;
6041     env->msr_smi_count = 0;
6042 
6043     env->idt.limit = 0xffff;
6044     env->gdt.limit = 0xffff;
6045     env->ldt.limit = 0xffff;
6046     env->ldt.flags = DESC_P_MASK | (2 << DESC_TYPE_SHIFT);
6047     env->tr.limit = 0xffff;
6048     env->tr.flags = DESC_P_MASK | (11 << DESC_TYPE_SHIFT);
6049 
6050     cpu_x86_load_seg_cache(env, R_CS, 0xf000, 0xffff0000, 0xffff,
6051                            DESC_P_MASK | DESC_S_MASK | DESC_CS_MASK |
6052                            DESC_R_MASK | DESC_A_MASK);
6053     cpu_x86_load_seg_cache(env, R_DS, 0, 0, 0xffff,
6054                            DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
6055                            DESC_A_MASK);
6056     cpu_x86_load_seg_cache(env, R_ES, 0, 0, 0xffff,
6057                            DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
6058                            DESC_A_MASK);
6059     cpu_x86_load_seg_cache(env, R_SS, 0, 0, 0xffff,
6060                            DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
6061                            DESC_A_MASK);
6062     cpu_x86_load_seg_cache(env, R_FS, 0, 0, 0xffff,
6063                            DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
6064                            DESC_A_MASK);
6065     cpu_x86_load_seg_cache(env, R_GS, 0, 0, 0xffff,
6066                            DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
6067                            DESC_A_MASK);
6068 
6069     env->eip = 0xfff0;
6070     env->regs[R_EDX] = env->cpuid_version;
6071 
6072     env->eflags = 0x2;
6073 
6074     /* FPU init */
6075     for (i = 0; i < 8; i++) {
6076         env->fptags[i] = 1;
6077     }
6078     cpu_set_fpuc(env, 0x37f);
6079 
6080     env->mxcsr = 0x1f80;
6081     /* All units are in INIT state.  */
6082     env->xstate_bv = 0;
6083 
6084     env->pat = 0x0007040600070406ULL;
6085 
6086     if (kvm_enabled()) {
6087         /*
6088          * KVM handles TSC = 0 specially and thinks we are hot-plugging
6089          * a new CPU, use 1 instead to force a reset.
6090          */
6091         if (env->tsc != 0) {
6092             env->tsc = 1;
6093         }
6094     } else {
6095         env->tsc = 0;
6096     }
6097 
6098     env->msr_ia32_misc_enable = MSR_IA32_MISC_ENABLE_DEFAULT;
6099     if (env->features[FEAT_1_ECX] & CPUID_EXT_MONITOR) {
6100         env->msr_ia32_misc_enable |= MSR_IA32_MISC_ENABLE_MWAIT;
6101     }
6102 
6103     memset(env->dr, 0, sizeof(env->dr));
6104     env->dr[6] = DR6_FIXED_1;
6105     env->dr[7] = DR7_FIXED_1;
6106     cpu_breakpoint_remove_all(s, BP_CPU);
6107     cpu_watchpoint_remove_all(s, BP_CPU);
6108 
6109     cr4 = 0;
6110     xcr0 = XSTATE_FP_MASK;
6111 
6112 #ifdef CONFIG_USER_ONLY
6113     /* Enable all the features for user-mode.  */
6114     if (env->features[FEAT_1_EDX] & CPUID_SSE) {
6115         xcr0 |= XSTATE_SSE_MASK;
6116     }
6117     for (i = 2; i < ARRAY_SIZE(x86_ext_save_areas); i++) {
6118         const ExtSaveArea *esa = &x86_ext_save_areas[i];
6119         if (!((1 << i) & CPUID_XSTATE_XCR0_MASK)) {
6120             continue;
6121         }
6122         if (env->features[esa->feature] & esa->bits) {
6123             xcr0 |= 1ull << i;
6124         }
6125     }
6126 
6127     if (env->features[FEAT_1_ECX] & CPUID_EXT_XSAVE) {
6128         cr4 |= CR4_OSFXSR_MASK | CR4_OSXSAVE_MASK;
6129     }
6130     if (env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_FSGSBASE) {
6131         cr4 |= CR4_FSGSBASE_MASK;
6132     }
6133 #endif
6134 
6135     env->xcr0 = xcr0;
6136     cpu_x86_update_cr4(env, cr4);
6137 
6138     /*
6139      * SDM 11.11.5 requires:
6140      *  - IA32_MTRR_DEF_TYPE MSR.E = 0
6141      *  - IA32_MTRR_PHYSMASKn.V = 0
6142      * All other bits are undefined.  For simplification, zero it all.
6143      */
6144     env->mtrr_deftype = 0;
6145     memset(env->mtrr_var, 0, sizeof(env->mtrr_var));
6146     memset(env->mtrr_fixed, 0, sizeof(env->mtrr_fixed));
6147 
6148     env->interrupt_injected = -1;
6149     env->exception_nr = -1;
6150     env->exception_pending = 0;
6151     env->exception_injected = 0;
6152     env->exception_has_payload = false;
6153     env->exception_payload = 0;
6154     env->nmi_injected = false;
6155     env->triple_fault_pending = false;
6156 #if !defined(CONFIG_USER_ONLY)
6157     /* We hard-wire the BSP to the first CPU. */
6158     apic_designate_bsp(cpu->apic_state, s->cpu_index == 0);
6159 
6160     s->halted = !cpu_is_bsp(cpu);
6161 
6162     if (kvm_enabled()) {
6163         kvm_arch_reset_vcpu(cpu);
6164     }
6165 
6166     x86_cpu_set_sgxlepubkeyhash(env);
6167 
6168     env->amd_tsc_scale_msr =  MSR_AMD64_TSC_RATIO_DEFAULT;
6169 
6170 #endif
6171 }
6172 
6173 void x86_cpu_after_reset(X86CPU *cpu)
6174 {
6175 #ifndef CONFIG_USER_ONLY
6176     if (kvm_enabled()) {
6177         kvm_arch_after_reset_vcpu(cpu);
6178     }
6179 
6180     if (cpu->apic_state) {
6181         device_cold_reset(cpu->apic_state);
6182     }
6183 #endif
6184 }
6185 
6186 static void mce_init(X86CPU *cpu)
6187 {
6188     CPUX86State *cenv = &cpu->env;
6189     unsigned int bank;
6190 
6191     if (((cenv->cpuid_version >> 8) & 0xf) >= 6
6192         && (cenv->features[FEAT_1_EDX] & (CPUID_MCE | CPUID_MCA)) ==
6193             (CPUID_MCE | CPUID_MCA)) {
6194         cenv->mcg_cap = MCE_CAP_DEF | MCE_BANKS_DEF |
6195                         (cpu->enable_lmce ? MCG_LMCE_P : 0);
6196         cenv->mcg_ctl = ~(uint64_t)0;
6197         for (bank = 0; bank < MCE_BANKS_DEF; bank++) {
6198             cenv->mce_banks[bank * 4] = ~(uint64_t)0;
6199         }
6200     }
6201 }
6202 
6203 static void x86_cpu_adjust_level(X86CPU *cpu, uint32_t *min, uint32_t value)
6204 {
6205     if (*min < value) {
6206         *min = value;
6207     }
6208 }
6209 
6210 /* Increase cpuid_min_{level,xlevel,xlevel2} automatically, if appropriate */
6211 static void x86_cpu_adjust_feat_level(X86CPU *cpu, FeatureWord w)
6212 {
6213     CPUX86State *env = &cpu->env;
6214     FeatureWordInfo *fi = &feature_word_info[w];
6215     uint32_t eax = fi->cpuid.eax;
6216     uint32_t region = eax & 0xF0000000;
6217 
6218     assert(feature_word_info[w].type == CPUID_FEATURE_WORD);
6219     if (!env->features[w]) {
6220         return;
6221     }
6222 
6223     switch (region) {
6224     case 0x00000000:
6225         x86_cpu_adjust_level(cpu, &env->cpuid_min_level, eax);
6226     break;
6227     case 0x80000000:
6228         x86_cpu_adjust_level(cpu, &env->cpuid_min_xlevel, eax);
6229     break;
6230     case 0xC0000000:
6231         x86_cpu_adjust_level(cpu, &env->cpuid_min_xlevel2, eax);
6232     break;
6233     }
6234 
6235     if (eax == 7) {
6236         x86_cpu_adjust_level(cpu, &env->cpuid_min_level_func7,
6237                              fi->cpuid.ecx);
6238     }
6239 }
6240 
6241 /* Calculate XSAVE components based on the configured CPU feature flags */
6242 static void x86_cpu_enable_xsave_components(X86CPU *cpu)
6243 {
6244     CPUX86State *env = &cpu->env;
6245     int i;
6246     uint64_t mask;
6247     static bool request_perm;
6248 
6249     if (!(env->features[FEAT_1_ECX] & CPUID_EXT_XSAVE)) {
6250         env->features[FEAT_XSAVE_XCR0_LO] = 0;
6251         env->features[FEAT_XSAVE_XCR0_HI] = 0;
6252         return;
6253     }
6254 
6255     mask = 0;
6256     for (i = 0; i < ARRAY_SIZE(x86_ext_save_areas); i++) {
6257         const ExtSaveArea *esa = &x86_ext_save_areas[i];
6258         if (env->features[esa->feature] & esa->bits) {
6259             mask |= (1ULL << i);
6260         }
6261     }
6262 
6263     /* Only request permission for first vcpu */
6264     if (kvm_enabled() && !request_perm) {
6265         kvm_request_xsave_components(cpu, mask);
6266         request_perm = true;
6267     }
6268 
6269     env->features[FEAT_XSAVE_XCR0_LO] = mask & CPUID_XSTATE_XCR0_MASK;
6270     env->features[FEAT_XSAVE_XCR0_HI] = mask >> 32;
6271     env->features[FEAT_XSAVE_XSS_LO] = mask & CPUID_XSTATE_XSS_MASK;
6272     env->features[FEAT_XSAVE_XSS_HI] = mask >> 32;
6273 }
6274 
6275 /***** Steps involved on loading and filtering CPUID data
6276  *
6277  * When initializing and realizing a CPU object, the steps
6278  * involved in setting up CPUID data are:
6279  *
6280  * 1) Loading CPU model definition (X86CPUDefinition). This is
6281  *    implemented by x86_cpu_load_model() and should be completely
6282  *    transparent, as it is done automatically by instance_init.
6283  *    No code should need to look at X86CPUDefinition structs
6284  *    outside instance_init.
6285  *
6286  * 2) CPU expansion. This is done by realize before CPUID
6287  *    filtering, and will make sure host/accelerator data is
6288  *    loaded for CPU models that depend on host capabilities
6289  *    (e.g. "host"). Done by x86_cpu_expand_features().
6290  *
6291  * 3) CPUID filtering. This initializes extra data related to
6292  *    CPUID, and checks if the host supports all capabilities
6293  *    required by the CPU. Runnability of a CPU model is
6294  *    determined at this step. Done by x86_cpu_filter_features().
6295  *
6296  * Some operations don't require all steps to be performed.
6297  * More precisely:
6298  *
6299  * - CPU instance creation (instance_init) will run only CPU
6300  *   model loading. CPU expansion can't run at instance_init-time
6301  *   because host/accelerator data may be not available yet.
6302  * - CPU realization will perform both CPU model expansion and CPUID
6303  *   filtering, and return an error in case one of them fails.
6304  * - query-cpu-definitions needs to run all 3 steps. It needs
6305  *   to run CPUID filtering, as the 'unavailable-features'
6306  *   field is set based on the filtering results.
6307  * - The query-cpu-model-expansion QMP command only needs to run
6308  *   CPU model loading and CPU expansion. It should not filter
6309  *   any CPUID data based on host capabilities.
6310  */
6311 
6312 /* Expand CPU configuration data, based on configured features
6313  * and host/accelerator capabilities when appropriate.
6314  */
6315 void x86_cpu_expand_features(X86CPU *cpu, Error **errp)
6316 {
6317     CPUX86State *env = &cpu->env;
6318     FeatureWord w;
6319     int i;
6320     GList *l;
6321 
6322     for (l = plus_features; l; l = l->next) {
6323         const char *prop = l->data;
6324         if (!object_property_set_bool(OBJECT(cpu), prop, true, errp)) {
6325             return;
6326         }
6327     }
6328 
6329     for (l = minus_features; l; l = l->next) {
6330         const char *prop = l->data;
6331         if (!object_property_set_bool(OBJECT(cpu), prop, false, errp)) {
6332             return;
6333         }
6334     }
6335 
6336     /*TODO: Now cpu->max_features doesn't overwrite features
6337      * set using QOM properties, and we can convert
6338      * plus_features & minus_features to global properties
6339      * inside x86_cpu_parse_featurestr() too.
6340      */
6341     if (cpu->max_features) {
6342         for (w = 0; w < FEATURE_WORDS; w++) {
6343             /* Override only features that weren't set explicitly
6344              * by the user.
6345              */
6346             env->features[w] |=
6347                 x86_cpu_get_supported_feature_word(w, cpu->migratable) &
6348                 ~env->user_features[w] &
6349                 ~feature_word_info[w].no_autoenable_flags;
6350         }
6351     }
6352 
6353     for (i = 0; i < ARRAY_SIZE(feature_dependencies); i++) {
6354         FeatureDep *d = &feature_dependencies[i];
6355         if (!(env->features[d->from.index] & d->from.mask)) {
6356             uint64_t unavailable_features = env->features[d->to.index] & d->to.mask;
6357 
6358             /* Not an error unless the dependent feature was added explicitly.  */
6359             mark_unavailable_features(cpu, d->to.index,
6360                                       unavailable_features & env->user_features[d->to.index],
6361                                       "This feature depends on other features that were not requested");
6362 
6363             env->features[d->to.index] &= ~unavailable_features;
6364         }
6365     }
6366 
6367     if (!kvm_enabled() || !cpu->expose_kvm) {
6368         env->features[FEAT_KVM] = 0;
6369     }
6370 
6371     x86_cpu_enable_xsave_components(cpu);
6372 
6373     /* CPUID[EAX=7,ECX=0].EBX always increased level automatically: */
6374     x86_cpu_adjust_feat_level(cpu, FEAT_7_0_EBX);
6375     if (cpu->full_cpuid_auto_level) {
6376         x86_cpu_adjust_feat_level(cpu, FEAT_1_EDX);
6377         x86_cpu_adjust_feat_level(cpu, FEAT_1_ECX);
6378         x86_cpu_adjust_feat_level(cpu, FEAT_6_EAX);
6379         x86_cpu_adjust_feat_level(cpu, FEAT_7_0_ECX);
6380         x86_cpu_adjust_feat_level(cpu, FEAT_7_1_EAX);
6381         x86_cpu_adjust_feat_level(cpu, FEAT_8000_0001_EDX);
6382         x86_cpu_adjust_feat_level(cpu, FEAT_8000_0001_ECX);
6383         x86_cpu_adjust_feat_level(cpu, FEAT_8000_0007_EDX);
6384         x86_cpu_adjust_feat_level(cpu, FEAT_8000_0008_EBX);
6385         x86_cpu_adjust_feat_level(cpu, FEAT_C000_0001_EDX);
6386         x86_cpu_adjust_feat_level(cpu, FEAT_SVM);
6387         x86_cpu_adjust_feat_level(cpu, FEAT_XSAVE);
6388 
6389         /* Intel Processor Trace requires CPUID[0x14] */
6390         if ((env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_INTEL_PT)) {
6391             if (cpu->intel_pt_auto_level) {
6392                 x86_cpu_adjust_level(cpu, &cpu->env.cpuid_min_level, 0x14);
6393             } else if (cpu->env.cpuid_min_level < 0x14) {
6394                 mark_unavailable_features(cpu, FEAT_7_0_EBX,
6395                     CPUID_7_0_EBX_INTEL_PT,
6396                     "Intel PT need CPUID leaf 0x14, please set by \"-cpu ...,intel-pt=on,min-level=0x14\"");
6397             }
6398         }
6399 
6400         /*
6401          * Intel CPU topology with multi-dies support requires CPUID[0x1F].
6402          * For AMD Rome/Milan, cpuid level is 0x10, and guest OS should detect
6403          * extended toplogy by leaf 0xB. Only adjust it for Intel CPU, unless
6404          * cpu->vendor_cpuid_only has been unset for compatibility with older
6405          * machine types.
6406          */
6407         if ((env->nr_dies > 1) &&
6408             (IS_INTEL_CPU(env) || !cpu->vendor_cpuid_only)) {
6409             x86_cpu_adjust_level(cpu, &env->cpuid_min_level, 0x1F);
6410         }
6411 
6412         /* SVM requires CPUID[0x8000000A] */
6413         if (env->features[FEAT_8000_0001_ECX] & CPUID_EXT3_SVM) {
6414             x86_cpu_adjust_level(cpu, &env->cpuid_min_xlevel, 0x8000000A);
6415         }
6416 
6417         /* SEV requires CPUID[0x8000001F] */
6418         if (sev_enabled()) {
6419             x86_cpu_adjust_level(cpu, &env->cpuid_min_xlevel, 0x8000001F);
6420         }
6421 
6422         /* SGX requires CPUID[0x12] for EPC enumeration */
6423         if (env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_SGX) {
6424             x86_cpu_adjust_level(cpu, &env->cpuid_min_level, 0x12);
6425         }
6426     }
6427 
6428     /* Set cpuid_*level* based on cpuid_min_*level, if not explicitly set */
6429     if (env->cpuid_level_func7 == UINT32_MAX) {
6430         env->cpuid_level_func7 = env->cpuid_min_level_func7;
6431     }
6432     if (env->cpuid_level == UINT32_MAX) {
6433         env->cpuid_level = env->cpuid_min_level;
6434     }
6435     if (env->cpuid_xlevel == UINT32_MAX) {
6436         env->cpuid_xlevel = env->cpuid_min_xlevel;
6437     }
6438     if (env->cpuid_xlevel2 == UINT32_MAX) {
6439         env->cpuid_xlevel2 = env->cpuid_min_xlevel2;
6440     }
6441 
6442     if (kvm_enabled()) {
6443         kvm_hyperv_expand_features(cpu, errp);
6444     }
6445 }
6446 
6447 /*
6448  * Finishes initialization of CPUID data, filters CPU feature
6449  * words based on host availability of each feature.
6450  *
6451  * Returns: 0 if all flags are supported by the host, non-zero otherwise.
6452  */
6453 static void x86_cpu_filter_features(X86CPU *cpu, bool verbose)
6454 {
6455     CPUX86State *env = &cpu->env;
6456     FeatureWord w;
6457     const char *prefix = NULL;
6458 
6459     if (verbose) {
6460         prefix = accel_uses_host_cpuid()
6461                  ? "host doesn't support requested feature"
6462                  : "TCG doesn't support requested feature";
6463     }
6464 
6465     for (w = 0; w < FEATURE_WORDS; w++) {
6466         uint64_t host_feat =
6467             x86_cpu_get_supported_feature_word(w, false);
6468         uint64_t requested_features = env->features[w];
6469         uint64_t unavailable_features = requested_features & ~host_feat;
6470         mark_unavailable_features(cpu, w, unavailable_features, prefix);
6471     }
6472 
6473     if ((env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_INTEL_PT) &&
6474         kvm_enabled()) {
6475         KVMState *s = CPU(cpu)->kvm_state;
6476         uint32_t eax_0 = kvm_arch_get_supported_cpuid(s, 0x14, 0, R_EAX);
6477         uint32_t ebx_0 = kvm_arch_get_supported_cpuid(s, 0x14, 0, R_EBX);
6478         uint32_t ecx_0 = kvm_arch_get_supported_cpuid(s, 0x14, 0, R_ECX);
6479         uint32_t eax_1 = kvm_arch_get_supported_cpuid(s, 0x14, 1, R_EAX);
6480         uint32_t ebx_1 = kvm_arch_get_supported_cpuid(s, 0x14, 1, R_EBX);
6481 
6482         if (!eax_0 ||
6483            ((ebx_0 & INTEL_PT_MINIMAL_EBX) != INTEL_PT_MINIMAL_EBX) ||
6484            ((ecx_0 & INTEL_PT_MINIMAL_ECX) != INTEL_PT_MINIMAL_ECX) ||
6485            ((eax_1 & INTEL_PT_MTC_BITMAP) != INTEL_PT_MTC_BITMAP) ||
6486            ((eax_1 & INTEL_PT_ADDR_RANGES_NUM_MASK) <
6487                                            INTEL_PT_ADDR_RANGES_NUM) ||
6488            ((ebx_1 & (INTEL_PT_PSB_BITMAP | INTEL_PT_CYCLE_BITMAP)) !=
6489                 (INTEL_PT_PSB_BITMAP | INTEL_PT_CYCLE_BITMAP)) ||
6490            ((ecx_0 & CPUID_14_0_ECX_LIP) !=
6491                 (env->features[FEAT_14_0_ECX] & CPUID_14_0_ECX_LIP))) {
6492             /*
6493              * Processor Trace capabilities aren't configurable, so if the
6494              * host can't emulate the capabilities we report on
6495              * cpu_x86_cpuid(), intel-pt can't be enabled on the current host.
6496              */
6497             mark_unavailable_features(cpu, FEAT_7_0_EBX, CPUID_7_0_EBX_INTEL_PT, prefix);
6498         }
6499     }
6500 }
6501 
6502 static void x86_cpu_hyperv_realize(X86CPU *cpu)
6503 {
6504     size_t len;
6505 
6506     /* Hyper-V vendor id */
6507     if (!cpu->hyperv_vendor) {
6508         object_property_set_str(OBJECT(cpu), "hv-vendor-id", "Microsoft Hv",
6509                                 &error_abort);
6510     }
6511     len = strlen(cpu->hyperv_vendor);
6512     if (len > 12) {
6513         warn_report("hv-vendor-id truncated to 12 characters");
6514         len = 12;
6515     }
6516     memset(cpu->hyperv_vendor_id, 0, 12);
6517     memcpy(cpu->hyperv_vendor_id, cpu->hyperv_vendor, len);
6518 
6519     /* 'Hv#1' interface identification*/
6520     cpu->hyperv_interface_id[0] = 0x31237648;
6521     cpu->hyperv_interface_id[1] = 0;
6522     cpu->hyperv_interface_id[2] = 0;
6523     cpu->hyperv_interface_id[3] = 0;
6524 
6525     /* Hypervisor implementation limits */
6526     cpu->hyperv_limits[0] = 64;
6527     cpu->hyperv_limits[1] = 0;
6528     cpu->hyperv_limits[2] = 0;
6529 }
6530 
6531 static void x86_cpu_realizefn(DeviceState *dev, Error **errp)
6532 {
6533     CPUState *cs = CPU(dev);
6534     X86CPU *cpu = X86_CPU(dev);
6535     X86CPUClass *xcc = X86_CPU_GET_CLASS(dev);
6536     CPUX86State *env = &cpu->env;
6537     Error *local_err = NULL;
6538     static bool ht_warned;
6539     unsigned requested_lbr_fmt;
6540 
6541     /* Use pc-relative instructions in system-mode */
6542 #ifndef CONFIG_USER_ONLY
6543     cs->tcg_cflags |= CF_PCREL;
6544 #endif
6545 
6546     if (cpu->apic_id == UNASSIGNED_APIC_ID) {
6547         error_setg(errp, "apic-id property was not initialized properly");
6548         return;
6549     }
6550 
6551     /*
6552      * Process Hyper-V enlightenments.
6553      * Note: this currently has to happen before the expansion of CPU features.
6554      */
6555     x86_cpu_hyperv_realize(cpu);
6556 
6557     x86_cpu_expand_features(cpu, &local_err);
6558     if (local_err) {
6559         goto out;
6560     }
6561 
6562     /*
6563      * Override env->features[FEAT_PERF_CAPABILITIES].LBR_FMT
6564      * with user-provided setting.
6565      */
6566     if (cpu->lbr_fmt != ~PERF_CAP_LBR_FMT) {
6567         if ((cpu->lbr_fmt & PERF_CAP_LBR_FMT) != cpu->lbr_fmt) {
6568             error_setg(errp, "invalid lbr-fmt");
6569             return;
6570         }
6571         env->features[FEAT_PERF_CAPABILITIES] &= ~PERF_CAP_LBR_FMT;
6572         env->features[FEAT_PERF_CAPABILITIES] |= cpu->lbr_fmt;
6573     }
6574 
6575     /*
6576      * vPMU LBR is supported when 1) KVM is enabled 2) Option pmu=on and
6577      * 3)vPMU LBR format matches that of host setting.
6578      */
6579     requested_lbr_fmt =
6580         env->features[FEAT_PERF_CAPABILITIES] & PERF_CAP_LBR_FMT;
6581     if (requested_lbr_fmt && kvm_enabled()) {
6582         uint64_t host_perf_cap =
6583             x86_cpu_get_supported_feature_word(FEAT_PERF_CAPABILITIES, false);
6584         unsigned host_lbr_fmt = host_perf_cap & PERF_CAP_LBR_FMT;
6585 
6586         if (!cpu->enable_pmu) {
6587             error_setg(errp, "vPMU: LBR is unsupported without pmu=on");
6588             return;
6589         }
6590         if (requested_lbr_fmt != host_lbr_fmt) {
6591             error_setg(errp, "vPMU: the lbr-fmt value (0x%x) does not match "
6592                         "the host value (0x%x).",
6593                         requested_lbr_fmt, host_lbr_fmt);
6594             return;
6595         }
6596     }
6597 
6598     x86_cpu_filter_features(cpu, cpu->check_cpuid || cpu->enforce_cpuid);
6599 
6600     if (cpu->enforce_cpuid && x86_cpu_have_filtered_features(cpu)) {
6601         error_setg(&local_err,
6602                    accel_uses_host_cpuid() ?
6603                        "Host doesn't support requested features" :
6604                        "TCG doesn't support requested features");
6605         goto out;
6606     }
6607 
6608     /* On AMD CPUs, some CPUID[8000_0001].EDX bits must match the bits on
6609      * CPUID[1].EDX.
6610      */
6611     if (IS_AMD_CPU(env)) {
6612         env->features[FEAT_8000_0001_EDX] &= ~CPUID_EXT2_AMD_ALIASES;
6613         env->features[FEAT_8000_0001_EDX] |= (env->features[FEAT_1_EDX]
6614            & CPUID_EXT2_AMD_ALIASES);
6615     }
6616 
6617     x86_cpu_set_sgxlepubkeyhash(env);
6618 
6619     /*
6620      * note: the call to the framework needs to happen after feature expansion,
6621      * but before the checks/modifications to ucode_rev, mwait, phys_bits.
6622      * These may be set by the accel-specific code,
6623      * and the results are subsequently checked / assumed in this function.
6624      */
6625     cpu_exec_realizefn(cs, &local_err);
6626     if (local_err != NULL) {
6627         error_propagate(errp, local_err);
6628         return;
6629     }
6630 
6631     if (xcc->host_cpuid_required && !accel_uses_host_cpuid()) {
6632         g_autofree char *name = x86_cpu_class_get_model_name(xcc);
6633         error_setg(&local_err, "CPU model '%s' requires KVM or HVF", name);
6634         goto out;
6635     }
6636 
6637     if (cpu->ucode_rev == 0) {
6638         /*
6639          * The default is the same as KVM's. Note that this check
6640          * needs to happen after the evenual setting of ucode_rev in
6641          * accel-specific code in cpu_exec_realizefn.
6642          */
6643         if (IS_AMD_CPU(env)) {
6644             cpu->ucode_rev = 0x01000065;
6645         } else {
6646             cpu->ucode_rev = 0x100000000ULL;
6647         }
6648     }
6649 
6650     /*
6651      * mwait extended info: needed for Core compatibility
6652      * We always wake on interrupt even if host does not have the capability.
6653      *
6654      * requires the accel-specific code in cpu_exec_realizefn to
6655      * have already acquired the CPUID data into cpu->mwait.
6656      */
6657     cpu->mwait.ecx |= CPUID_MWAIT_EMX | CPUID_MWAIT_IBE;
6658 
6659     /* For 64bit systems think about the number of physical bits to present.
6660      * ideally this should be the same as the host; anything other than matching
6661      * the host can cause incorrect guest behaviour.
6662      * QEMU used to pick the magic value of 40 bits that corresponds to
6663      * consumer AMD devices but nothing else.
6664      *
6665      * Note that this code assumes features expansion has already been done
6666      * (as it checks for CPUID_EXT2_LM), and also assumes that potential
6667      * phys_bits adjustments to match the host have been already done in
6668      * accel-specific code in cpu_exec_realizefn.
6669      */
6670     if (env->features[FEAT_8000_0001_EDX] & CPUID_EXT2_LM) {
6671         if (cpu->phys_bits &&
6672             (cpu->phys_bits > TARGET_PHYS_ADDR_SPACE_BITS ||
6673             cpu->phys_bits < 32)) {
6674             error_setg(errp, "phys-bits should be between 32 and %u "
6675                              " (but is %u)",
6676                              TARGET_PHYS_ADDR_SPACE_BITS, cpu->phys_bits);
6677             return;
6678         }
6679         /*
6680          * 0 means it was not explicitly set by the user (or by machine
6681          * compat_props or by the host code in host-cpu.c).
6682          * In this case, the default is the value used by TCG (40).
6683          */
6684         if (cpu->phys_bits == 0) {
6685             cpu->phys_bits = TCG_PHYS_ADDR_BITS;
6686         }
6687     } else {
6688         /* For 32 bit systems don't use the user set value, but keep
6689          * phys_bits consistent with what we tell the guest.
6690          */
6691         if (cpu->phys_bits != 0) {
6692             error_setg(errp, "phys-bits is not user-configurable in 32 bit");
6693             return;
6694         }
6695 
6696         if (env->features[FEAT_1_EDX] & CPUID_PSE36) {
6697             cpu->phys_bits = 36;
6698         } else {
6699             cpu->phys_bits = 32;
6700         }
6701     }
6702 
6703     /* Cache information initialization */
6704     if (!cpu->legacy_cache) {
6705         if (!xcc->model || !xcc->model->cpudef->cache_info) {
6706             g_autofree char *name = x86_cpu_class_get_model_name(xcc);
6707             error_setg(errp,
6708                        "CPU model '%s' doesn't support legacy-cache=off", name);
6709             return;
6710         }
6711         env->cache_info_cpuid2 = env->cache_info_cpuid4 = env->cache_info_amd =
6712             *xcc->model->cpudef->cache_info;
6713     } else {
6714         /* Build legacy cache information */
6715         env->cache_info_cpuid2.l1d_cache = &legacy_l1d_cache;
6716         env->cache_info_cpuid2.l1i_cache = &legacy_l1i_cache;
6717         env->cache_info_cpuid2.l2_cache = &legacy_l2_cache_cpuid2;
6718         env->cache_info_cpuid2.l3_cache = &legacy_l3_cache;
6719 
6720         env->cache_info_cpuid4.l1d_cache = &legacy_l1d_cache;
6721         env->cache_info_cpuid4.l1i_cache = &legacy_l1i_cache;
6722         env->cache_info_cpuid4.l2_cache = &legacy_l2_cache;
6723         env->cache_info_cpuid4.l3_cache = &legacy_l3_cache;
6724 
6725         env->cache_info_amd.l1d_cache = &legacy_l1d_cache_amd;
6726         env->cache_info_amd.l1i_cache = &legacy_l1i_cache_amd;
6727         env->cache_info_amd.l2_cache = &legacy_l2_cache_amd;
6728         env->cache_info_amd.l3_cache = &legacy_l3_cache;
6729     }
6730 
6731 #ifndef CONFIG_USER_ONLY
6732     MachineState *ms = MACHINE(qdev_get_machine());
6733     qemu_register_reset(x86_cpu_machine_reset_cb, cpu);
6734 
6735     if (cpu->env.features[FEAT_1_EDX] & CPUID_APIC || ms->smp.cpus > 1) {
6736         x86_cpu_apic_create(cpu, &local_err);
6737         if (local_err != NULL) {
6738             goto out;
6739         }
6740     }
6741 #endif
6742 
6743     mce_init(cpu);
6744 
6745     qemu_init_vcpu(cs);
6746 
6747     /*
6748      * Most Intel and certain AMD CPUs support hyperthreading. Even though QEMU
6749      * fixes this issue by adjusting CPUID_0000_0001_EBX and CPUID_8000_0008_ECX
6750      * based on inputs (sockets,cores,threads), it is still better to give
6751      * users a warning.
6752      *
6753      * NOTE: the following code has to follow qemu_init_vcpu(). Otherwise
6754      * cs->nr_threads hasn't be populated yet and the checking is incorrect.
6755      */
6756     if (IS_AMD_CPU(env) &&
6757         !(env->features[FEAT_8000_0001_ECX] & CPUID_EXT3_TOPOEXT) &&
6758         cs->nr_threads > 1 && !ht_warned) {
6759             warn_report("This family of AMD CPU doesn't support "
6760                         "hyperthreading(%d)",
6761                         cs->nr_threads);
6762             error_printf("Please configure -smp options properly"
6763                          " or try enabling topoext feature.\n");
6764             ht_warned = true;
6765     }
6766 
6767 #ifndef CONFIG_USER_ONLY
6768     x86_cpu_apic_realize(cpu, &local_err);
6769     if (local_err != NULL) {
6770         goto out;
6771     }
6772 #endif /* !CONFIG_USER_ONLY */
6773     cpu_reset(cs);
6774 
6775     xcc->parent_realize(dev, &local_err);
6776 
6777 out:
6778     if (local_err != NULL) {
6779         error_propagate(errp, local_err);
6780         return;
6781     }
6782 }
6783 
6784 static void x86_cpu_unrealizefn(DeviceState *dev)
6785 {
6786     X86CPU *cpu = X86_CPU(dev);
6787     X86CPUClass *xcc = X86_CPU_GET_CLASS(dev);
6788 
6789 #ifndef CONFIG_USER_ONLY
6790     cpu_remove_sync(CPU(dev));
6791     qemu_unregister_reset(x86_cpu_machine_reset_cb, dev);
6792 #endif
6793 
6794     if (cpu->apic_state) {
6795         object_unparent(OBJECT(cpu->apic_state));
6796         cpu->apic_state = NULL;
6797     }
6798 
6799     xcc->parent_unrealize(dev);
6800 }
6801 
6802 typedef struct BitProperty {
6803     FeatureWord w;
6804     uint64_t mask;
6805 } BitProperty;
6806 
6807 static void x86_cpu_get_bit_prop(Object *obj, Visitor *v, const char *name,
6808                                  void *opaque, Error **errp)
6809 {
6810     X86CPU *cpu = X86_CPU(obj);
6811     BitProperty *fp = opaque;
6812     uint64_t f = cpu->env.features[fp->w];
6813     bool value = (f & fp->mask) == fp->mask;
6814     visit_type_bool(v, name, &value, errp);
6815 }
6816 
6817 static void x86_cpu_set_bit_prop(Object *obj, Visitor *v, const char *name,
6818                                  void *opaque, Error **errp)
6819 {
6820     DeviceState *dev = DEVICE(obj);
6821     X86CPU *cpu = X86_CPU(obj);
6822     BitProperty *fp = opaque;
6823     bool value;
6824 
6825     if (dev->realized) {
6826         qdev_prop_set_after_realize(dev, name, errp);
6827         return;
6828     }
6829 
6830     if (!visit_type_bool(v, name, &value, errp)) {
6831         return;
6832     }
6833 
6834     if (value) {
6835         cpu->env.features[fp->w] |= fp->mask;
6836     } else {
6837         cpu->env.features[fp->w] &= ~fp->mask;
6838     }
6839     cpu->env.user_features[fp->w] |= fp->mask;
6840 }
6841 
6842 /* Register a boolean property to get/set a single bit in a uint32_t field.
6843  *
6844  * The same property name can be registered multiple times to make it affect
6845  * multiple bits in the same FeatureWord. In that case, the getter will return
6846  * true only if all bits are set.
6847  */
6848 static void x86_cpu_register_bit_prop(X86CPUClass *xcc,
6849                                       const char *prop_name,
6850                                       FeatureWord w,
6851                                       int bitnr)
6852 {
6853     ObjectClass *oc = OBJECT_CLASS(xcc);
6854     BitProperty *fp;
6855     ObjectProperty *op;
6856     uint64_t mask = (1ULL << bitnr);
6857 
6858     op = object_class_property_find(oc, prop_name);
6859     if (op) {
6860         fp = op->opaque;
6861         assert(fp->w == w);
6862         fp->mask |= mask;
6863     } else {
6864         fp = g_new0(BitProperty, 1);
6865         fp->w = w;
6866         fp->mask = mask;
6867         object_class_property_add(oc, prop_name, "bool",
6868                                   x86_cpu_get_bit_prop,
6869                                   x86_cpu_set_bit_prop,
6870                                   NULL, fp);
6871     }
6872 }
6873 
6874 static void x86_cpu_register_feature_bit_props(X86CPUClass *xcc,
6875                                                FeatureWord w,
6876                                                int bitnr)
6877 {
6878     FeatureWordInfo *fi = &feature_word_info[w];
6879     const char *name = fi->feat_names[bitnr];
6880 
6881     if (!name) {
6882         return;
6883     }
6884 
6885     /* Property names should use "-" instead of "_".
6886      * Old names containing underscores are registered as aliases
6887      * using object_property_add_alias()
6888      */
6889     assert(!strchr(name, '_'));
6890     /* aliases don't use "|" delimiters anymore, they are registered
6891      * manually using object_property_add_alias() */
6892     assert(!strchr(name, '|'));
6893     x86_cpu_register_bit_prop(xcc, name, w, bitnr);
6894 }
6895 
6896 static void x86_cpu_post_initfn(Object *obj)
6897 {
6898     accel_cpu_instance_init(CPU(obj));
6899 }
6900 
6901 static void x86_cpu_initfn(Object *obj)
6902 {
6903     X86CPU *cpu = X86_CPU(obj);
6904     X86CPUClass *xcc = X86_CPU_GET_CLASS(obj);
6905     CPUX86State *env = &cpu->env;
6906 
6907     env->nr_dies = 1;
6908     cpu_set_cpustate_pointers(cpu);
6909 
6910     object_property_add(obj, "feature-words", "X86CPUFeatureWordInfo",
6911                         x86_cpu_get_feature_words,
6912                         NULL, NULL, (void *)env->features);
6913     object_property_add(obj, "filtered-features", "X86CPUFeatureWordInfo",
6914                         x86_cpu_get_feature_words,
6915                         NULL, NULL, (void *)cpu->filtered_features);
6916 
6917     object_property_add_alias(obj, "sse3", obj, "pni");
6918     object_property_add_alias(obj, "pclmuldq", obj, "pclmulqdq");
6919     object_property_add_alias(obj, "sse4-1", obj, "sse4.1");
6920     object_property_add_alias(obj, "sse4-2", obj, "sse4.2");
6921     object_property_add_alias(obj, "xd", obj, "nx");
6922     object_property_add_alias(obj, "ffxsr", obj, "fxsr-opt");
6923     object_property_add_alias(obj, "i64", obj, "lm");
6924 
6925     object_property_add_alias(obj, "ds_cpl", obj, "ds-cpl");
6926     object_property_add_alias(obj, "tsc_adjust", obj, "tsc-adjust");
6927     object_property_add_alias(obj, "fxsr_opt", obj, "fxsr-opt");
6928     object_property_add_alias(obj, "lahf_lm", obj, "lahf-lm");
6929     object_property_add_alias(obj, "cmp_legacy", obj, "cmp-legacy");
6930     object_property_add_alias(obj, "nodeid_msr", obj, "nodeid-msr");
6931     object_property_add_alias(obj, "perfctr_core", obj, "perfctr-core");
6932     object_property_add_alias(obj, "perfctr_nb", obj, "perfctr-nb");
6933     object_property_add_alias(obj, "kvm_nopiodelay", obj, "kvm-nopiodelay");
6934     object_property_add_alias(obj, "kvm_mmu", obj, "kvm-mmu");
6935     object_property_add_alias(obj, "kvm_asyncpf", obj, "kvm-asyncpf");
6936     object_property_add_alias(obj, "kvm_asyncpf_int", obj, "kvm-asyncpf-int");
6937     object_property_add_alias(obj, "kvm_steal_time", obj, "kvm-steal-time");
6938     object_property_add_alias(obj, "kvm_pv_eoi", obj, "kvm-pv-eoi");
6939     object_property_add_alias(obj, "kvm_pv_unhalt", obj, "kvm-pv-unhalt");
6940     object_property_add_alias(obj, "kvm_poll_control", obj, "kvm-poll-control");
6941     object_property_add_alias(obj, "svm_lock", obj, "svm-lock");
6942     object_property_add_alias(obj, "nrip_save", obj, "nrip-save");
6943     object_property_add_alias(obj, "tsc_scale", obj, "tsc-scale");
6944     object_property_add_alias(obj, "vmcb_clean", obj, "vmcb-clean");
6945     object_property_add_alias(obj, "pause_filter", obj, "pause-filter");
6946     object_property_add_alias(obj, "sse4_1", obj, "sse4.1");
6947     object_property_add_alias(obj, "sse4_2", obj, "sse4.2");
6948 
6949     object_property_add_alias(obj, "hv-apicv", obj, "hv-avic");
6950     cpu->lbr_fmt = ~PERF_CAP_LBR_FMT;
6951     object_property_add_alias(obj, "lbr_fmt", obj, "lbr-fmt");
6952 
6953     if (xcc->model) {
6954         x86_cpu_load_model(cpu, xcc->model);
6955     }
6956 }
6957 
6958 static int64_t x86_cpu_get_arch_id(CPUState *cs)
6959 {
6960     X86CPU *cpu = X86_CPU(cs);
6961 
6962     return cpu->apic_id;
6963 }
6964 
6965 #if !defined(CONFIG_USER_ONLY)
6966 static bool x86_cpu_get_paging_enabled(const CPUState *cs)
6967 {
6968     X86CPU *cpu = X86_CPU(cs);
6969 
6970     return cpu->env.cr[0] & CR0_PG_MASK;
6971 }
6972 #endif /* !CONFIG_USER_ONLY */
6973 
6974 static void x86_cpu_set_pc(CPUState *cs, vaddr value)
6975 {
6976     X86CPU *cpu = X86_CPU(cs);
6977 
6978     cpu->env.eip = value;
6979 }
6980 
6981 static vaddr x86_cpu_get_pc(CPUState *cs)
6982 {
6983     X86CPU *cpu = X86_CPU(cs);
6984 
6985     /* Match cpu_get_tb_cpu_state. */
6986     return cpu->env.eip + cpu->env.segs[R_CS].base;
6987 }
6988 
6989 int x86_cpu_pending_interrupt(CPUState *cs, int interrupt_request)
6990 {
6991     X86CPU *cpu = X86_CPU(cs);
6992     CPUX86State *env = &cpu->env;
6993 
6994 #if !defined(CONFIG_USER_ONLY)
6995     if (interrupt_request & CPU_INTERRUPT_POLL) {
6996         return CPU_INTERRUPT_POLL;
6997     }
6998 #endif
6999     if (interrupt_request & CPU_INTERRUPT_SIPI) {
7000         return CPU_INTERRUPT_SIPI;
7001     }
7002 
7003     if (env->hflags2 & HF2_GIF_MASK) {
7004         if ((interrupt_request & CPU_INTERRUPT_SMI) &&
7005             !(env->hflags & HF_SMM_MASK)) {
7006             return CPU_INTERRUPT_SMI;
7007         } else if ((interrupt_request & CPU_INTERRUPT_NMI) &&
7008                    !(env->hflags2 & HF2_NMI_MASK)) {
7009             return CPU_INTERRUPT_NMI;
7010         } else if (interrupt_request & CPU_INTERRUPT_MCE) {
7011             return CPU_INTERRUPT_MCE;
7012         } else if ((interrupt_request & CPU_INTERRUPT_HARD) &&
7013                    (((env->hflags2 & HF2_VINTR_MASK) &&
7014                      (env->hflags2 & HF2_HIF_MASK)) ||
7015                     (!(env->hflags2 & HF2_VINTR_MASK) &&
7016                      (env->eflags & IF_MASK &&
7017                       !(env->hflags & HF_INHIBIT_IRQ_MASK))))) {
7018             return CPU_INTERRUPT_HARD;
7019 #if !defined(CONFIG_USER_ONLY)
7020         } else if (env->hflags2 & HF2_VGIF_MASK) {
7021             if((interrupt_request & CPU_INTERRUPT_VIRQ) &&
7022                    (env->eflags & IF_MASK) &&
7023                    !(env->hflags & HF_INHIBIT_IRQ_MASK)) {
7024                         return CPU_INTERRUPT_VIRQ;
7025             }
7026 #endif
7027         }
7028     }
7029 
7030     return 0;
7031 }
7032 
7033 static bool x86_cpu_has_work(CPUState *cs)
7034 {
7035     return x86_cpu_pending_interrupt(cs, cs->interrupt_request) != 0;
7036 }
7037 
7038 static void x86_disas_set_info(CPUState *cs, disassemble_info *info)
7039 {
7040     X86CPU *cpu = X86_CPU(cs);
7041     CPUX86State *env = &cpu->env;
7042 
7043     info->mach = (env->hflags & HF_CS64_MASK ? bfd_mach_x86_64
7044                   : env->hflags & HF_CS32_MASK ? bfd_mach_i386_i386
7045                   : bfd_mach_i386_i8086);
7046 
7047     info->cap_arch = CS_ARCH_X86;
7048     info->cap_mode = (env->hflags & HF_CS64_MASK ? CS_MODE_64
7049                       : env->hflags & HF_CS32_MASK ? CS_MODE_32
7050                       : CS_MODE_16);
7051     info->cap_insn_unit = 1;
7052     info->cap_insn_split = 8;
7053 }
7054 
7055 void x86_update_hflags(CPUX86State *env)
7056 {
7057    uint32_t hflags;
7058 #define HFLAG_COPY_MASK \
7059     ~( HF_CPL_MASK | HF_PE_MASK | HF_MP_MASK | HF_EM_MASK | \
7060        HF_TS_MASK | HF_TF_MASK | HF_VM_MASK | HF_IOPL_MASK | \
7061        HF_OSFXSR_MASK | HF_LMA_MASK | HF_CS32_MASK | \
7062        HF_SS32_MASK | HF_CS64_MASK | HF_ADDSEG_MASK)
7063 
7064     hflags = env->hflags & HFLAG_COPY_MASK;
7065     hflags |= (env->segs[R_SS].flags >> DESC_DPL_SHIFT) & HF_CPL_MASK;
7066     hflags |= (env->cr[0] & CR0_PE_MASK) << (HF_PE_SHIFT - CR0_PE_SHIFT);
7067     hflags |= (env->cr[0] << (HF_MP_SHIFT - CR0_MP_SHIFT)) &
7068                 (HF_MP_MASK | HF_EM_MASK | HF_TS_MASK);
7069     hflags |= (env->eflags & (HF_TF_MASK | HF_VM_MASK | HF_IOPL_MASK));
7070 
7071     if (env->cr[4] & CR4_OSFXSR_MASK) {
7072         hflags |= HF_OSFXSR_MASK;
7073     }
7074 
7075     if (env->efer & MSR_EFER_LMA) {
7076         hflags |= HF_LMA_MASK;
7077     }
7078 
7079     if ((hflags & HF_LMA_MASK) && (env->segs[R_CS].flags & DESC_L_MASK)) {
7080         hflags |= HF_CS32_MASK | HF_SS32_MASK | HF_CS64_MASK;
7081     } else {
7082         hflags |= (env->segs[R_CS].flags & DESC_B_MASK) >>
7083                     (DESC_B_SHIFT - HF_CS32_SHIFT);
7084         hflags |= (env->segs[R_SS].flags & DESC_B_MASK) >>
7085                     (DESC_B_SHIFT - HF_SS32_SHIFT);
7086         if (!(env->cr[0] & CR0_PE_MASK) || (env->eflags & VM_MASK) ||
7087             !(hflags & HF_CS32_MASK)) {
7088             hflags |= HF_ADDSEG_MASK;
7089         } else {
7090             hflags |= ((env->segs[R_DS].base | env->segs[R_ES].base |
7091                         env->segs[R_SS].base) != 0) << HF_ADDSEG_SHIFT;
7092         }
7093     }
7094     env->hflags = hflags;
7095 }
7096 
7097 static Property x86_cpu_properties[] = {
7098 #ifdef CONFIG_USER_ONLY
7099     /* apic_id = 0 by default for *-user, see commit 9886e834 */
7100     DEFINE_PROP_UINT32("apic-id", X86CPU, apic_id, 0),
7101     DEFINE_PROP_INT32("thread-id", X86CPU, thread_id, 0),
7102     DEFINE_PROP_INT32("core-id", X86CPU, core_id, 0),
7103     DEFINE_PROP_INT32("die-id", X86CPU, die_id, 0),
7104     DEFINE_PROP_INT32("socket-id", X86CPU, socket_id, 0),
7105 #else
7106     DEFINE_PROP_UINT32("apic-id", X86CPU, apic_id, UNASSIGNED_APIC_ID),
7107     DEFINE_PROP_INT32("thread-id", X86CPU, thread_id, -1),
7108     DEFINE_PROP_INT32("core-id", X86CPU, core_id, -1),
7109     DEFINE_PROP_INT32("die-id", X86CPU, die_id, -1),
7110     DEFINE_PROP_INT32("socket-id", X86CPU, socket_id, -1),
7111 #endif
7112     DEFINE_PROP_INT32("node-id", X86CPU, node_id, CPU_UNSET_NUMA_NODE_ID),
7113     DEFINE_PROP_BOOL("pmu", X86CPU, enable_pmu, false),
7114     DEFINE_PROP_UINT64_CHECKMASK("lbr-fmt", X86CPU, lbr_fmt, PERF_CAP_LBR_FMT),
7115 
7116     DEFINE_PROP_UINT32("hv-spinlocks", X86CPU, hyperv_spinlock_attempts,
7117                        HYPERV_SPINLOCK_NEVER_NOTIFY),
7118     DEFINE_PROP_BIT64("hv-relaxed", X86CPU, hyperv_features,
7119                       HYPERV_FEAT_RELAXED, 0),
7120     DEFINE_PROP_BIT64("hv-vapic", X86CPU, hyperv_features,
7121                       HYPERV_FEAT_VAPIC, 0),
7122     DEFINE_PROP_BIT64("hv-time", X86CPU, hyperv_features,
7123                       HYPERV_FEAT_TIME, 0),
7124     DEFINE_PROP_BIT64("hv-crash", X86CPU, hyperv_features,
7125                       HYPERV_FEAT_CRASH, 0),
7126     DEFINE_PROP_BIT64("hv-reset", X86CPU, hyperv_features,
7127                       HYPERV_FEAT_RESET, 0),
7128     DEFINE_PROP_BIT64("hv-vpindex", X86CPU, hyperv_features,
7129                       HYPERV_FEAT_VPINDEX, 0),
7130     DEFINE_PROP_BIT64("hv-runtime", X86CPU, hyperv_features,
7131                       HYPERV_FEAT_RUNTIME, 0),
7132     DEFINE_PROP_BIT64("hv-synic", X86CPU, hyperv_features,
7133                       HYPERV_FEAT_SYNIC, 0),
7134     DEFINE_PROP_BIT64("hv-stimer", X86CPU, hyperv_features,
7135                       HYPERV_FEAT_STIMER, 0),
7136     DEFINE_PROP_BIT64("hv-frequencies", X86CPU, hyperv_features,
7137                       HYPERV_FEAT_FREQUENCIES, 0),
7138     DEFINE_PROP_BIT64("hv-reenlightenment", X86CPU, hyperv_features,
7139                       HYPERV_FEAT_REENLIGHTENMENT, 0),
7140     DEFINE_PROP_BIT64("hv-tlbflush", X86CPU, hyperv_features,
7141                       HYPERV_FEAT_TLBFLUSH, 0),
7142     DEFINE_PROP_BIT64("hv-evmcs", X86CPU, hyperv_features,
7143                       HYPERV_FEAT_EVMCS, 0),
7144     DEFINE_PROP_BIT64("hv-ipi", X86CPU, hyperv_features,
7145                       HYPERV_FEAT_IPI, 0),
7146     DEFINE_PROP_BIT64("hv-stimer-direct", X86CPU, hyperv_features,
7147                       HYPERV_FEAT_STIMER_DIRECT, 0),
7148     DEFINE_PROP_BIT64("hv-avic", X86CPU, hyperv_features,
7149                       HYPERV_FEAT_AVIC, 0),
7150     DEFINE_PROP_BIT64("hv-emsr-bitmap", X86CPU, hyperv_features,
7151                       HYPERV_FEAT_MSR_BITMAP, 0),
7152     DEFINE_PROP_BIT64("hv-xmm-input", X86CPU, hyperv_features,
7153                       HYPERV_FEAT_XMM_INPUT, 0),
7154     DEFINE_PROP_BIT64("hv-tlbflush-ext", X86CPU, hyperv_features,
7155                       HYPERV_FEAT_TLBFLUSH_EXT, 0),
7156     DEFINE_PROP_BIT64("hv-tlbflush-direct", X86CPU, hyperv_features,
7157                       HYPERV_FEAT_TLBFLUSH_DIRECT, 0),
7158     DEFINE_PROP_ON_OFF_AUTO("hv-no-nonarch-coresharing", X86CPU,
7159                             hyperv_no_nonarch_cs, ON_OFF_AUTO_OFF),
7160     DEFINE_PROP_BIT64("hv-syndbg", X86CPU, hyperv_features,
7161                       HYPERV_FEAT_SYNDBG, 0),
7162     DEFINE_PROP_BOOL("hv-passthrough", X86CPU, hyperv_passthrough, false),
7163     DEFINE_PROP_BOOL("hv-enforce-cpuid", X86CPU, hyperv_enforce_cpuid, false),
7164 
7165     /* WS2008R2 identify by default */
7166     DEFINE_PROP_UINT32("hv-version-id-build", X86CPU, hyperv_ver_id_build,
7167                        0x3839),
7168     DEFINE_PROP_UINT16("hv-version-id-major", X86CPU, hyperv_ver_id_major,
7169                        0x000A),
7170     DEFINE_PROP_UINT16("hv-version-id-minor", X86CPU, hyperv_ver_id_minor,
7171                        0x0000),
7172     DEFINE_PROP_UINT32("hv-version-id-spack", X86CPU, hyperv_ver_id_sp, 0),
7173     DEFINE_PROP_UINT8("hv-version-id-sbranch", X86CPU, hyperv_ver_id_sb, 0),
7174     DEFINE_PROP_UINT32("hv-version-id-snumber", X86CPU, hyperv_ver_id_sn, 0),
7175 
7176     DEFINE_PROP_BOOL("check", X86CPU, check_cpuid, true),
7177     DEFINE_PROP_BOOL("enforce", X86CPU, enforce_cpuid, false),
7178     DEFINE_PROP_BOOL("x-force-features", X86CPU, force_features, false),
7179     DEFINE_PROP_BOOL("kvm", X86CPU, expose_kvm, true),
7180     DEFINE_PROP_UINT32("phys-bits", X86CPU, phys_bits, 0),
7181     DEFINE_PROP_BOOL("host-phys-bits", X86CPU, host_phys_bits, false),
7182     DEFINE_PROP_UINT8("host-phys-bits-limit", X86CPU, host_phys_bits_limit, 0),
7183     DEFINE_PROP_BOOL("fill-mtrr-mask", X86CPU, fill_mtrr_mask, true),
7184     DEFINE_PROP_UINT32("level-func7", X86CPU, env.cpuid_level_func7,
7185                        UINT32_MAX),
7186     DEFINE_PROP_UINT32("level", X86CPU, env.cpuid_level, UINT32_MAX),
7187     DEFINE_PROP_UINT32("xlevel", X86CPU, env.cpuid_xlevel, UINT32_MAX),
7188     DEFINE_PROP_UINT32("xlevel2", X86CPU, env.cpuid_xlevel2, UINT32_MAX),
7189     DEFINE_PROP_UINT32("min-level", X86CPU, env.cpuid_min_level, 0),
7190     DEFINE_PROP_UINT32("min-xlevel", X86CPU, env.cpuid_min_xlevel, 0),
7191     DEFINE_PROP_UINT32("min-xlevel2", X86CPU, env.cpuid_min_xlevel2, 0),
7192     DEFINE_PROP_UINT64("ucode-rev", X86CPU, ucode_rev, 0),
7193     DEFINE_PROP_BOOL("full-cpuid-auto-level", X86CPU, full_cpuid_auto_level, true),
7194     DEFINE_PROP_STRING("hv-vendor-id", X86CPU, hyperv_vendor),
7195     DEFINE_PROP_BOOL("cpuid-0xb", X86CPU, enable_cpuid_0xb, true),
7196     DEFINE_PROP_BOOL("x-vendor-cpuid-only", X86CPU, vendor_cpuid_only, true),
7197     DEFINE_PROP_BOOL("lmce", X86CPU, enable_lmce, false),
7198     DEFINE_PROP_BOOL("l3-cache", X86CPU, enable_l3_cache, true),
7199     DEFINE_PROP_BOOL("kvm-no-smi-migration", X86CPU, kvm_no_smi_migration,
7200                      false),
7201     DEFINE_PROP_BOOL("kvm-pv-enforce-cpuid", X86CPU, kvm_pv_enforce_cpuid,
7202                      false),
7203     DEFINE_PROP_BOOL("vmware-cpuid-freq", X86CPU, vmware_cpuid_freq, true),
7204     DEFINE_PROP_BOOL("tcg-cpuid", X86CPU, expose_tcg, true),
7205     DEFINE_PROP_BOOL("x-migrate-smi-count", X86CPU, migrate_smi_count,
7206                      true),
7207     /*
7208      * lecacy_cache defaults to true unless the CPU model provides its
7209      * own cache information (see x86_cpu_load_def()).
7210      */
7211     DEFINE_PROP_BOOL("legacy-cache", X86CPU, legacy_cache, true),
7212     DEFINE_PROP_BOOL("xen-vapic", X86CPU, xen_vapic, false),
7213 
7214     /*
7215      * From "Requirements for Implementing the Microsoft
7216      * Hypervisor Interface":
7217      * https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/reference/tlfs
7218      *
7219      * "Starting with Windows Server 2012 and Windows 8, if
7220      * CPUID.40000005.EAX contains a value of -1, Windows assumes that
7221      * the hypervisor imposes no specific limit to the number of VPs.
7222      * In this case, Windows Server 2012 guest VMs may use more than
7223      * 64 VPs, up to the maximum supported number of processors applicable
7224      * to the specific Windows version being used."
7225      */
7226     DEFINE_PROP_INT32("x-hv-max-vps", X86CPU, hv_max_vps, -1),
7227     DEFINE_PROP_BOOL("x-hv-synic-kvm-only", X86CPU, hyperv_synic_kvm_only,
7228                      false),
7229     DEFINE_PROP_BOOL("x-intel-pt-auto-level", X86CPU, intel_pt_auto_level,
7230                      true),
7231     DEFINE_PROP_END_OF_LIST()
7232 };
7233 
7234 #ifndef CONFIG_USER_ONLY
7235 #include "hw/core/sysemu-cpu-ops.h"
7236 
7237 static const struct SysemuCPUOps i386_sysemu_ops = {
7238     .get_memory_mapping = x86_cpu_get_memory_mapping,
7239     .get_paging_enabled = x86_cpu_get_paging_enabled,
7240     .get_phys_page_attrs_debug = x86_cpu_get_phys_page_attrs_debug,
7241     .asidx_from_attrs = x86_asidx_from_attrs,
7242     .get_crash_info = x86_cpu_get_crash_info,
7243     .write_elf32_note = x86_cpu_write_elf32_note,
7244     .write_elf64_note = x86_cpu_write_elf64_note,
7245     .write_elf32_qemunote = x86_cpu_write_elf32_qemunote,
7246     .write_elf64_qemunote = x86_cpu_write_elf64_qemunote,
7247     .legacy_vmsd = &vmstate_x86_cpu,
7248 };
7249 #endif
7250 
7251 static void x86_cpu_common_class_init(ObjectClass *oc, void *data)
7252 {
7253     X86CPUClass *xcc = X86_CPU_CLASS(oc);
7254     CPUClass *cc = CPU_CLASS(oc);
7255     DeviceClass *dc = DEVICE_CLASS(oc);
7256     ResettableClass *rc = RESETTABLE_CLASS(oc);
7257     FeatureWord w;
7258 
7259     device_class_set_parent_realize(dc, x86_cpu_realizefn,
7260                                     &xcc->parent_realize);
7261     device_class_set_parent_unrealize(dc, x86_cpu_unrealizefn,
7262                                       &xcc->parent_unrealize);
7263     device_class_set_props(dc, x86_cpu_properties);
7264 
7265     resettable_class_set_parent_phases(rc, NULL, x86_cpu_reset_hold, NULL,
7266                                        &xcc->parent_phases);
7267     cc->reset_dump_flags = CPU_DUMP_FPU | CPU_DUMP_CCOP;
7268 
7269     cc->class_by_name = x86_cpu_class_by_name;
7270     cc->parse_features = x86_cpu_parse_featurestr;
7271     cc->has_work = x86_cpu_has_work;
7272     cc->dump_state = x86_cpu_dump_state;
7273     cc->set_pc = x86_cpu_set_pc;
7274     cc->get_pc = x86_cpu_get_pc;
7275     cc->gdb_read_register = x86_cpu_gdb_read_register;
7276     cc->gdb_write_register = x86_cpu_gdb_write_register;
7277     cc->get_arch_id = x86_cpu_get_arch_id;
7278 
7279 #ifndef CONFIG_USER_ONLY
7280     cc->sysemu_ops = &i386_sysemu_ops;
7281 #endif /* !CONFIG_USER_ONLY */
7282 
7283     cc->gdb_arch_name = x86_gdb_arch_name;
7284 #ifdef TARGET_X86_64
7285     cc->gdb_core_xml_file = "i386-64bit.xml";
7286     cc->gdb_num_core_regs = 66;
7287 #else
7288     cc->gdb_core_xml_file = "i386-32bit.xml";
7289     cc->gdb_num_core_regs = 50;
7290 #endif
7291     cc->disas_set_info = x86_disas_set_info;
7292 
7293     dc->user_creatable = true;
7294 
7295     object_class_property_add(oc, "family", "int",
7296                               x86_cpuid_version_get_family,
7297                               x86_cpuid_version_set_family, NULL, NULL);
7298     object_class_property_add(oc, "model", "int",
7299                               x86_cpuid_version_get_model,
7300                               x86_cpuid_version_set_model, NULL, NULL);
7301     object_class_property_add(oc, "stepping", "int",
7302                               x86_cpuid_version_get_stepping,
7303                               x86_cpuid_version_set_stepping, NULL, NULL);
7304     object_class_property_add_str(oc, "vendor",
7305                                   x86_cpuid_get_vendor,
7306                                   x86_cpuid_set_vendor);
7307     object_class_property_add_str(oc, "model-id",
7308                                   x86_cpuid_get_model_id,
7309                                   x86_cpuid_set_model_id);
7310     object_class_property_add(oc, "tsc-frequency", "int",
7311                               x86_cpuid_get_tsc_freq,
7312                               x86_cpuid_set_tsc_freq, NULL, NULL);
7313     /*
7314      * The "unavailable-features" property has the same semantics as
7315      * CpuDefinitionInfo.unavailable-features on the "query-cpu-definitions"
7316      * QMP command: they list the features that would have prevented the
7317      * CPU from running if the "enforce" flag was set.
7318      */
7319     object_class_property_add(oc, "unavailable-features", "strList",
7320                               x86_cpu_get_unavailable_features,
7321                               NULL, NULL, NULL);
7322 
7323 #if !defined(CONFIG_USER_ONLY)
7324     object_class_property_add(oc, "crash-information", "GuestPanicInformation",
7325                               x86_cpu_get_crash_info_qom, NULL, NULL, NULL);
7326 #endif
7327 
7328     for (w = 0; w < FEATURE_WORDS; w++) {
7329         int bitnr;
7330         for (bitnr = 0; bitnr < 64; bitnr++) {
7331             x86_cpu_register_feature_bit_props(xcc, w, bitnr);
7332         }
7333     }
7334 }
7335 
7336 static const TypeInfo x86_cpu_type_info = {
7337     .name = TYPE_X86_CPU,
7338     .parent = TYPE_CPU,
7339     .instance_size = sizeof(X86CPU),
7340     .instance_init = x86_cpu_initfn,
7341     .instance_post_init = x86_cpu_post_initfn,
7342 
7343     .abstract = true,
7344     .class_size = sizeof(X86CPUClass),
7345     .class_init = x86_cpu_common_class_init,
7346 };
7347 
7348 /* "base" CPU model, used by query-cpu-model-expansion */
7349 static void x86_cpu_base_class_init(ObjectClass *oc, void *data)
7350 {
7351     X86CPUClass *xcc = X86_CPU_CLASS(oc);
7352 
7353     xcc->static_model = true;
7354     xcc->migration_safe = true;
7355     xcc->model_description = "base CPU model type with no features enabled";
7356     xcc->ordering = 8;
7357 }
7358 
7359 static const TypeInfo x86_base_cpu_type_info = {
7360         .name = X86_CPU_TYPE_NAME("base"),
7361         .parent = TYPE_X86_CPU,
7362         .class_init = x86_cpu_base_class_init,
7363 };
7364 
7365 static void x86_cpu_register_types(void)
7366 {
7367     int i;
7368 
7369     type_register_static(&x86_cpu_type_info);
7370     for (i = 0; i < ARRAY_SIZE(builtin_x86_defs); i++) {
7371         x86_register_cpudef_types(&builtin_x86_defs[i]);
7372     }
7373     type_register_static(&max_x86_cpu_type_info);
7374     type_register_static(&x86_base_cpu_type_info);
7375 }
7376 
7377 type_init(x86_cpu_register_types)
7378