xref: /openbmc/qemu/target/i386/cpu.c (revision 73ec0ead)
1 /*
2  *  i386 CPUID, CPU class, definitions, models
3  *
4  *  Copyright (c) 2003 Fabrice Bellard
5  *
6  * This library is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Lesser General Public
8  * License as published by the Free Software Foundation; either
9  * version 2.1 of the License, or (at your option) any later version.
10  *
11  * This library is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
14  * Lesser General Public License for more details.
15  *
16  * You should have received a copy of the GNU Lesser General Public
17  * License along with this library; if not, see <http://www.gnu.org/licenses/>.
18  */
19 
20 #include "qemu/osdep.h"
21 #include "qemu/units.h"
22 #include "qemu/cutils.h"
23 #include "qemu/qemu-print.h"
24 #include "qemu/hw-version.h"
25 #include "cpu.h"
26 #include "tcg/helper-tcg.h"
27 #include "sysemu/reset.h"
28 #include "sysemu/hvf.h"
29 #include "kvm/kvm_i386.h"
30 #include "sev.h"
31 #include "qapi/error.h"
32 #include "qapi/qapi-visit-machine.h"
33 #include "qapi/qmp/qerror.h"
34 #include "qapi/qapi-commands-machine-target.h"
35 #include "standard-headers/asm-x86/kvm_para.h"
36 #include "hw/qdev-properties.h"
37 #include "hw/i386/topology.h"
38 #ifndef CONFIG_USER_ONLY
39 #include "exec/address-spaces.h"
40 #include "hw/boards.h"
41 #include "hw/i386/sgx-epc.h"
42 #endif
43 
44 #include "disas/capstone.h"
45 #include "cpu-internal.h"
46 
47 /* Helpers for building CPUID[2] descriptors: */
48 
49 struct CPUID2CacheDescriptorInfo {
50     enum CacheType type;
51     int level;
52     int size;
53     int line_size;
54     int associativity;
55 };
56 
57 /*
58  * Known CPUID 2 cache descriptors.
59  * From Intel SDM Volume 2A, CPUID instruction
60  */
61 struct CPUID2CacheDescriptorInfo cpuid2_cache_descriptors[] = {
62     [0x06] = { .level = 1, .type = INSTRUCTION_CACHE, .size =   8 * KiB,
63                .associativity = 4,  .line_size = 32, },
64     [0x08] = { .level = 1, .type = INSTRUCTION_CACHE, .size =  16 * KiB,
65                .associativity = 4,  .line_size = 32, },
66     [0x09] = { .level = 1, .type = INSTRUCTION_CACHE, .size =  32 * KiB,
67                .associativity = 4,  .line_size = 64, },
68     [0x0A] = { .level = 1, .type = DATA_CACHE,        .size =   8 * KiB,
69                .associativity = 2,  .line_size = 32, },
70     [0x0C] = { .level = 1, .type = DATA_CACHE,        .size =  16 * KiB,
71                .associativity = 4,  .line_size = 32, },
72     [0x0D] = { .level = 1, .type = DATA_CACHE,        .size =  16 * KiB,
73                .associativity = 4,  .line_size = 64, },
74     [0x0E] = { .level = 1, .type = DATA_CACHE,        .size =  24 * KiB,
75                .associativity = 6,  .line_size = 64, },
76     [0x1D] = { .level = 2, .type = UNIFIED_CACHE,     .size = 128 * KiB,
77                .associativity = 2,  .line_size = 64, },
78     [0x21] = { .level = 2, .type = UNIFIED_CACHE,     .size = 256 * KiB,
79                .associativity = 8,  .line_size = 64, },
80     /* lines per sector is not supported cpuid2_cache_descriptor(),
81     * so descriptors 0x22, 0x23 are not included
82     */
83     [0x24] = { .level = 2, .type = UNIFIED_CACHE,     .size =   1 * MiB,
84                .associativity = 16, .line_size = 64, },
85     /* lines per sector is not supported cpuid2_cache_descriptor(),
86     * so descriptors 0x25, 0x20 are not included
87     */
88     [0x2C] = { .level = 1, .type = DATA_CACHE,        .size =  32 * KiB,
89                .associativity = 8,  .line_size = 64, },
90     [0x30] = { .level = 1, .type = INSTRUCTION_CACHE, .size =  32 * KiB,
91                .associativity = 8,  .line_size = 64, },
92     [0x41] = { .level = 2, .type = UNIFIED_CACHE,     .size = 128 * KiB,
93                .associativity = 4,  .line_size = 32, },
94     [0x42] = { .level = 2, .type = UNIFIED_CACHE,     .size = 256 * KiB,
95                .associativity = 4,  .line_size = 32, },
96     [0x43] = { .level = 2, .type = UNIFIED_CACHE,     .size = 512 * KiB,
97                .associativity = 4,  .line_size = 32, },
98     [0x44] = { .level = 2, .type = UNIFIED_CACHE,     .size =   1 * MiB,
99                .associativity = 4,  .line_size = 32, },
100     [0x45] = { .level = 2, .type = UNIFIED_CACHE,     .size =   2 * MiB,
101                .associativity = 4,  .line_size = 32, },
102     [0x46] = { .level = 3, .type = UNIFIED_CACHE,     .size =   4 * MiB,
103                .associativity = 4,  .line_size = 64, },
104     [0x47] = { .level = 3, .type = UNIFIED_CACHE,     .size =   8 * MiB,
105                .associativity = 8,  .line_size = 64, },
106     [0x48] = { .level = 2, .type = UNIFIED_CACHE,     .size =   3 * MiB,
107                .associativity = 12, .line_size = 64, },
108     /* Descriptor 0x49 depends on CPU family/model, so it is not included */
109     [0x4A] = { .level = 3, .type = UNIFIED_CACHE,     .size =   6 * MiB,
110                .associativity = 12, .line_size = 64, },
111     [0x4B] = { .level = 3, .type = UNIFIED_CACHE,     .size =   8 * MiB,
112                .associativity = 16, .line_size = 64, },
113     [0x4C] = { .level = 3, .type = UNIFIED_CACHE,     .size =  12 * MiB,
114                .associativity = 12, .line_size = 64, },
115     [0x4D] = { .level = 3, .type = UNIFIED_CACHE,     .size =  16 * MiB,
116                .associativity = 16, .line_size = 64, },
117     [0x4E] = { .level = 2, .type = UNIFIED_CACHE,     .size =   6 * MiB,
118                .associativity = 24, .line_size = 64, },
119     [0x60] = { .level = 1, .type = DATA_CACHE,        .size =  16 * KiB,
120                .associativity = 8,  .line_size = 64, },
121     [0x66] = { .level = 1, .type = DATA_CACHE,        .size =   8 * KiB,
122                .associativity = 4,  .line_size = 64, },
123     [0x67] = { .level = 1, .type = DATA_CACHE,        .size =  16 * KiB,
124                .associativity = 4,  .line_size = 64, },
125     [0x68] = { .level = 1, .type = DATA_CACHE,        .size =  32 * KiB,
126                .associativity = 4,  .line_size = 64, },
127     [0x78] = { .level = 2, .type = UNIFIED_CACHE,     .size =   1 * MiB,
128                .associativity = 4,  .line_size = 64, },
129     /* lines per sector is not supported cpuid2_cache_descriptor(),
130     * so descriptors 0x79, 0x7A, 0x7B, 0x7C are not included.
131     */
132     [0x7D] = { .level = 2, .type = UNIFIED_CACHE,     .size =   2 * MiB,
133                .associativity = 8,  .line_size = 64, },
134     [0x7F] = { .level = 2, .type = UNIFIED_CACHE,     .size = 512 * KiB,
135                .associativity = 2,  .line_size = 64, },
136     [0x80] = { .level = 2, .type = UNIFIED_CACHE,     .size = 512 * KiB,
137                .associativity = 8,  .line_size = 64, },
138     [0x82] = { .level = 2, .type = UNIFIED_CACHE,     .size = 256 * KiB,
139                .associativity = 8,  .line_size = 32, },
140     [0x83] = { .level = 2, .type = UNIFIED_CACHE,     .size = 512 * KiB,
141                .associativity = 8,  .line_size = 32, },
142     [0x84] = { .level = 2, .type = UNIFIED_CACHE,     .size =   1 * MiB,
143                .associativity = 8,  .line_size = 32, },
144     [0x85] = { .level = 2, .type = UNIFIED_CACHE,     .size =   2 * MiB,
145                .associativity = 8,  .line_size = 32, },
146     [0x86] = { .level = 2, .type = UNIFIED_CACHE,     .size = 512 * KiB,
147                .associativity = 4,  .line_size = 64, },
148     [0x87] = { .level = 2, .type = UNIFIED_CACHE,     .size =   1 * MiB,
149                .associativity = 8,  .line_size = 64, },
150     [0xD0] = { .level = 3, .type = UNIFIED_CACHE,     .size = 512 * KiB,
151                .associativity = 4,  .line_size = 64, },
152     [0xD1] = { .level = 3, .type = UNIFIED_CACHE,     .size =   1 * MiB,
153                .associativity = 4,  .line_size = 64, },
154     [0xD2] = { .level = 3, .type = UNIFIED_CACHE,     .size =   2 * MiB,
155                .associativity = 4,  .line_size = 64, },
156     [0xD6] = { .level = 3, .type = UNIFIED_CACHE,     .size =   1 * MiB,
157                .associativity = 8,  .line_size = 64, },
158     [0xD7] = { .level = 3, .type = UNIFIED_CACHE,     .size =   2 * MiB,
159                .associativity = 8,  .line_size = 64, },
160     [0xD8] = { .level = 3, .type = UNIFIED_CACHE,     .size =   4 * MiB,
161                .associativity = 8,  .line_size = 64, },
162     [0xDC] = { .level = 3, .type = UNIFIED_CACHE,     .size = 1.5 * MiB,
163                .associativity = 12, .line_size = 64, },
164     [0xDD] = { .level = 3, .type = UNIFIED_CACHE,     .size =   3 * MiB,
165                .associativity = 12, .line_size = 64, },
166     [0xDE] = { .level = 3, .type = UNIFIED_CACHE,     .size =   6 * MiB,
167                .associativity = 12, .line_size = 64, },
168     [0xE2] = { .level = 3, .type = UNIFIED_CACHE,     .size =   2 * MiB,
169                .associativity = 16, .line_size = 64, },
170     [0xE3] = { .level = 3, .type = UNIFIED_CACHE,     .size =   4 * MiB,
171                .associativity = 16, .line_size = 64, },
172     [0xE4] = { .level = 3, .type = UNIFIED_CACHE,     .size =   8 * MiB,
173                .associativity = 16, .line_size = 64, },
174     [0xEA] = { .level = 3, .type = UNIFIED_CACHE,     .size =  12 * MiB,
175                .associativity = 24, .line_size = 64, },
176     [0xEB] = { .level = 3, .type = UNIFIED_CACHE,     .size =  18 * MiB,
177                .associativity = 24, .line_size = 64, },
178     [0xEC] = { .level = 3, .type = UNIFIED_CACHE,     .size =  24 * MiB,
179                .associativity = 24, .line_size = 64, },
180 };
181 
182 /*
183  * "CPUID leaf 2 does not report cache descriptor information,
184  * use CPUID leaf 4 to query cache parameters"
185  */
186 #define CACHE_DESCRIPTOR_UNAVAILABLE 0xFF
187 
188 /*
189  * Return a CPUID 2 cache descriptor for a given cache.
190  * If no known descriptor is found, return CACHE_DESCRIPTOR_UNAVAILABLE
191  */
192 static uint8_t cpuid2_cache_descriptor(CPUCacheInfo *cache)
193 {
194     int i;
195 
196     assert(cache->size > 0);
197     assert(cache->level > 0);
198     assert(cache->line_size > 0);
199     assert(cache->associativity > 0);
200     for (i = 0; i < ARRAY_SIZE(cpuid2_cache_descriptors); i++) {
201         struct CPUID2CacheDescriptorInfo *d = &cpuid2_cache_descriptors[i];
202         if (d->level == cache->level && d->type == cache->type &&
203             d->size == cache->size && d->line_size == cache->line_size &&
204             d->associativity == cache->associativity) {
205                 return i;
206             }
207     }
208 
209     return CACHE_DESCRIPTOR_UNAVAILABLE;
210 }
211 
212 /* CPUID Leaf 4 constants: */
213 
214 /* EAX: */
215 #define CACHE_TYPE_D    1
216 #define CACHE_TYPE_I    2
217 #define CACHE_TYPE_UNIFIED   3
218 
219 #define CACHE_LEVEL(l)        (l << 5)
220 
221 #define CACHE_SELF_INIT_LEVEL (1 << 8)
222 
223 /* EDX: */
224 #define CACHE_NO_INVD_SHARING   (1 << 0)
225 #define CACHE_INCLUSIVE       (1 << 1)
226 #define CACHE_COMPLEX_IDX     (1 << 2)
227 
228 /* Encode CacheType for CPUID[4].EAX */
229 #define CACHE_TYPE(t) (((t) == DATA_CACHE) ? CACHE_TYPE_D : \
230                        ((t) == INSTRUCTION_CACHE) ? CACHE_TYPE_I : \
231                        ((t) == UNIFIED_CACHE) ? CACHE_TYPE_UNIFIED : \
232                        0 /* Invalid value */)
233 
234 
235 /* Encode cache info for CPUID[4] */
236 static void encode_cache_cpuid4(CPUCacheInfo *cache,
237                                 int num_apic_ids, int num_cores,
238                                 uint32_t *eax, uint32_t *ebx,
239                                 uint32_t *ecx, uint32_t *edx)
240 {
241     assert(cache->size == cache->line_size * cache->associativity *
242                           cache->partitions * cache->sets);
243 
244     assert(num_apic_ids > 0);
245     *eax = CACHE_TYPE(cache->type) |
246            CACHE_LEVEL(cache->level) |
247            (cache->self_init ? CACHE_SELF_INIT_LEVEL : 0) |
248            ((num_cores - 1) << 26) |
249            ((num_apic_ids - 1) << 14);
250 
251     assert(cache->line_size > 0);
252     assert(cache->partitions > 0);
253     assert(cache->associativity > 0);
254     /* We don't implement fully-associative caches */
255     assert(cache->associativity < cache->sets);
256     *ebx = (cache->line_size - 1) |
257            ((cache->partitions - 1) << 12) |
258            ((cache->associativity - 1) << 22);
259 
260     assert(cache->sets > 0);
261     *ecx = cache->sets - 1;
262 
263     *edx = (cache->no_invd_sharing ? CACHE_NO_INVD_SHARING : 0) |
264            (cache->inclusive ? CACHE_INCLUSIVE : 0) |
265            (cache->complex_indexing ? CACHE_COMPLEX_IDX : 0);
266 }
267 
268 /* Encode cache info for CPUID[0x80000005].ECX or CPUID[0x80000005].EDX */
269 static uint32_t encode_cache_cpuid80000005(CPUCacheInfo *cache)
270 {
271     assert(cache->size % 1024 == 0);
272     assert(cache->lines_per_tag > 0);
273     assert(cache->associativity > 0);
274     assert(cache->line_size > 0);
275     return ((cache->size / 1024) << 24) | (cache->associativity << 16) |
276            (cache->lines_per_tag << 8) | (cache->line_size);
277 }
278 
279 #define ASSOC_FULL 0xFF
280 
281 /* AMD associativity encoding used on CPUID Leaf 0x80000006: */
282 #define AMD_ENC_ASSOC(a) (a <=   1 ? a   : \
283                           a ==   2 ? 0x2 : \
284                           a ==   4 ? 0x4 : \
285                           a ==   8 ? 0x6 : \
286                           a ==  16 ? 0x8 : \
287                           a ==  32 ? 0xA : \
288                           a ==  48 ? 0xB : \
289                           a ==  64 ? 0xC : \
290                           a ==  96 ? 0xD : \
291                           a == 128 ? 0xE : \
292                           a == ASSOC_FULL ? 0xF : \
293                           0 /* invalid value */)
294 
295 /*
296  * Encode cache info for CPUID[0x80000006].ECX and CPUID[0x80000006].EDX
297  * @l3 can be NULL.
298  */
299 static void encode_cache_cpuid80000006(CPUCacheInfo *l2,
300                                        CPUCacheInfo *l3,
301                                        uint32_t *ecx, uint32_t *edx)
302 {
303     assert(l2->size % 1024 == 0);
304     assert(l2->associativity > 0);
305     assert(l2->lines_per_tag > 0);
306     assert(l2->line_size > 0);
307     *ecx = ((l2->size / 1024) << 16) |
308            (AMD_ENC_ASSOC(l2->associativity) << 12) |
309            (l2->lines_per_tag << 8) | (l2->line_size);
310 
311     if (l3) {
312         assert(l3->size % (512 * 1024) == 0);
313         assert(l3->associativity > 0);
314         assert(l3->lines_per_tag > 0);
315         assert(l3->line_size > 0);
316         *edx = ((l3->size / (512 * 1024)) << 18) |
317                (AMD_ENC_ASSOC(l3->associativity) << 12) |
318                (l3->lines_per_tag << 8) | (l3->line_size);
319     } else {
320         *edx = 0;
321     }
322 }
323 
324 /* Encode cache info for CPUID[8000001D] */
325 static void encode_cache_cpuid8000001d(CPUCacheInfo *cache,
326                                        X86CPUTopoInfo *topo_info,
327                                        uint32_t *eax, uint32_t *ebx,
328                                        uint32_t *ecx, uint32_t *edx)
329 {
330     uint32_t l3_threads;
331     assert(cache->size == cache->line_size * cache->associativity *
332                           cache->partitions * cache->sets);
333 
334     *eax = CACHE_TYPE(cache->type) | CACHE_LEVEL(cache->level) |
335                (cache->self_init ? CACHE_SELF_INIT_LEVEL : 0);
336 
337     /* L3 is shared among multiple cores */
338     if (cache->level == 3) {
339         l3_threads = topo_info->cores_per_die * topo_info->threads_per_core;
340         *eax |= (l3_threads - 1) << 14;
341     } else {
342         *eax |= ((topo_info->threads_per_core - 1) << 14);
343     }
344 
345     assert(cache->line_size > 0);
346     assert(cache->partitions > 0);
347     assert(cache->associativity > 0);
348     /* We don't implement fully-associative caches */
349     assert(cache->associativity < cache->sets);
350     *ebx = (cache->line_size - 1) |
351            ((cache->partitions - 1) << 12) |
352            ((cache->associativity - 1) << 22);
353 
354     assert(cache->sets > 0);
355     *ecx = cache->sets - 1;
356 
357     *edx = (cache->no_invd_sharing ? CACHE_NO_INVD_SHARING : 0) |
358            (cache->inclusive ? CACHE_INCLUSIVE : 0) |
359            (cache->complex_indexing ? CACHE_COMPLEX_IDX : 0);
360 }
361 
362 /* Encode cache info for CPUID[8000001E] */
363 static void encode_topo_cpuid8000001e(X86CPU *cpu, X86CPUTopoInfo *topo_info,
364                                       uint32_t *eax, uint32_t *ebx,
365                                       uint32_t *ecx, uint32_t *edx)
366 {
367     X86CPUTopoIDs topo_ids;
368 
369     x86_topo_ids_from_apicid(cpu->apic_id, topo_info, &topo_ids);
370 
371     *eax = cpu->apic_id;
372 
373     /*
374      * CPUID_Fn8000001E_EBX [Core Identifiers] (CoreId)
375      * Read-only. Reset: 0000_XXXXh.
376      * See Core::X86::Cpuid::ExtApicId.
377      * Core::X86::Cpuid::CoreId_lthree[1:0]_core[3:0]_thread[1:0];
378      * Bits Description
379      * 31:16 Reserved.
380      * 15:8 ThreadsPerCore: threads per core. Read-only. Reset: XXh.
381      *      The number of threads per core is ThreadsPerCore+1.
382      *  7:0 CoreId: core ID. Read-only. Reset: XXh.
383      *
384      *  NOTE: CoreId is already part of apic_id. Just use it. We can
385      *  use all the 8 bits to represent the core_id here.
386      */
387     *ebx = ((topo_info->threads_per_core - 1) << 8) | (topo_ids.core_id & 0xFF);
388 
389     /*
390      * CPUID_Fn8000001E_ECX [Node Identifiers] (NodeId)
391      * Read-only. Reset: 0000_0XXXh.
392      * Core::X86::Cpuid::NodeId_lthree[1:0]_core[3:0]_thread[1:0];
393      * Bits Description
394      * 31:11 Reserved.
395      * 10:8 NodesPerProcessor: Node per processor. Read-only. Reset: XXXb.
396      *      ValidValues:
397      *      Value Description
398      *      000b  1 node per processor.
399      *      001b  2 nodes per processor.
400      *      010b Reserved.
401      *      011b 4 nodes per processor.
402      *      111b-100b Reserved.
403      *  7:0 NodeId: Node ID. Read-only. Reset: XXh.
404      *
405      * NOTE: Hardware reserves 3 bits for number of nodes per processor.
406      * But users can create more nodes than the actual hardware can
407      * support. To genaralize we can use all the upper 8 bits for nodes.
408      * NodeId is combination of node and socket_id which is already decoded
409      * in apic_id. Just use it by shifting.
410      */
411     *ecx = ((topo_info->dies_per_pkg - 1) << 8) |
412            ((cpu->apic_id >> apicid_die_offset(topo_info)) & 0xFF);
413 
414     *edx = 0;
415 }
416 
417 /*
418  * Definitions of the hardcoded cache entries we expose:
419  * These are legacy cache values. If there is a need to change any
420  * of these values please use builtin_x86_defs
421  */
422 
423 /* L1 data cache: */
424 static CPUCacheInfo legacy_l1d_cache = {
425     .type = DATA_CACHE,
426     .level = 1,
427     .size = 32 * KiB,
428     .self_init = 1,
429     .line_size = 64,
430     .associativity = 8,
431     .sets = 64,
432     .partitions = 1,
433     .no_invd_sharing = true,
434 };
435 
436 /*FIXME: CPUID leaf 0x80000005 is inconsistent with leaves 2 & 4 */
437 static CPUCacheInfo legacy_l1d_cache_amd = {
438     .type = DATA_CACHE,
439     .level = 1,
440     .size = 64 * KiB,
441     .self_init = 1,
442     .line_size = 64,
443     .associativity = 2,
444     .sets = 512,
445     .partitions = 1,
446     .lines_per_tag = 1,
447     .no_invd_sharing = true,
448 };
449 
450 /* L1 instruction cache: */
451 static CPUCacheInfo legacy_l1i_cache = {
452     .type = INSTRUCTION_CACHE,
453     .level = 1,
454     .size = 32 * KiB,
455     .self_init = 1,
456     .line_size = 64,
457     .associativity = 8,
458     .sets = 64,
459     .partitions = 1,
460     .no_invd_sharing = true,
461 };
462 
463 /*FIXME: CPUID leaf 0x80000005 is inconsistent with leaves 2 & 4 */
464 static CPUCacheInfo legacy_l1i_cache_amd = {
465     .type = INSTRUCTION_CACHE,
466     .level = 1,
467     .size = 64 * KiB,
468     .self_init = 1,
469     .line_size = 64,
470     .associativity = 2,
471     .sets = 512,
472     .partitions = 1,
473     .lines_per_tag = 1,
474     .no_invd_sharing = true,
475 };
476 
477 /* Level 2 unified cache: */
478 static CPUCacheInfo legacy_l2_cache = {
479     .type = UNIFIED_CACHE,
480     .level = 2,
481     .size = 4 * MiB,
482     .self_init = 1,
483     .line_size = 64,
484     .associativity = 16,
485     .sets = 4096,
486     .partitions = 1,
487     .no_invd_sharing = true,
488 };
489 
490 /*FIXME: CPUID leaf 2 descriptor is inconsistent with CPUID leaf 4 */
491 static CPUCacheInfo legacy_l2_cache_cpuid2 = {
492     .type = UNIFIED_CACHE,
493     .level = 2,
494     .size = 2 * MiB,
495     .line_size = 64,
496     .associativity = 8,
497 };
498 
499 
500 /*FIXME: CPUID leaf 0x80000006 is inconsistent with leaves 2 & 4 */
501 static CPUCacheInfo legacy_l2_cache_amd = {
502     .type = UNIFIED_CACHE,
503     .level = 2,
504     .size = 512 * KiB,
505     .line_size = 64,
506     .lines_per_tag = 1,
507     .associativity = 16,
508     .sets = 512,
509     .partitions = 1,
510 };
511 
512 /* Level 3 unified cache: */
513 static CPUCacheInfo legacy_l3_cache = {
514     .type = UNIFIED_CACHE,
515     .level = 3,
516     .size = 16 * MiB,
517     .line_size = 64,
518     .associativity = 16,
519     .sets = 16384,
520     .partitions = 1,
521     .lines_per_tag = 1,
522     .self_init = true,
523     .inclusive = true,
524     .complex_indexing = true,
525 };
526 
527 /* TLB definitions: */
528 
529 #define L1_DTLB_2M_ASSOC       1
530 #define L1_DTLB_2M_ENTRIES   255
531 #define L1_DTLB_4K_ASSOC       1
532 #define L1_DTLB_4K_ENTRIES   255
533 
534 #define L1_ITLB_2M_ASSOC       1
535 #define L1_ITLB_2M_ENTRIES   255
536 #define L1_ITLB_4K_ASSOC       1
537 #define L1_ITLB_4K_ENTRIES   255
538 
539 #define L2_DTLB_2M_ASSOC       0 /* disabled */
540 #define L2_DTLB_2M_ENTRIES     0 /* disabled */
541 #define L2_DTLB_4K_ASSOC       4
542 #define L2_DTLB_4K_ENTRIES   512
543 
544 #define L2_ITLB_2M_ASSOC       0 /* disabled */
545 #define L2_ITLB_2M_ENTRIES     0 /* disabled */
546 #define L2_ITLB_4K_ASSOC       4
547 #define L2_ITLB_4K_ENTRIES   512
548 
549 /* CPUID Leaf 0x14 constants: */
550 #define INTEL_PT_MAX_SUBLEAF     0x1
551 /*
552  * bit[00]: IA32_RTIT_CTL.CR3 filter can be set to 1 and IA32_RTIT_CR3_MATCH
553  *          MSR can be accessed;
554  * bit[01]: Support Configurable PSB and Cycle-Accurate Mode;
555  * bit[02]: Support IP Filtering, TraceStop filtering, and preservation
556  *          of Intel PT MSRs across warm reset;
557  * bit[03]: Support MTC timing packet and suppression of COFI-based packets;
558  */
559 #define INTEL_PT_MINIMAL_EBX     0xf
560 /*
561  * bit[00]: Tracing can be enabled with IA32_RTIT_CTL.ToPA = 1 and
562  *          IA32_RTIT_OUTPUT_BASE and IA32_RTIT_OUTPUT_MASK_PTRS MSRs can be
563  *          accessed;
564  * bit[01]: ToPA tables can hold any number of output entries, up to the
565  *          maximum allowed by the MaskOrTableOffset field of
566  *          IA32_RTIT_OUTPUT_MASK_PTRS;
567  * bit[02]: Support Single-Range Output scheme;
568  */
569 #define INTEL_PT_MINIMAL_ECX     0x7
570 /* generated packets which contain IP payloads have LIP values */
571 #define INTEL_PT_IP_LIP          (1 << 31)
572 #define INTEL_PT_ADDR_RANGES_NUM 0x2 /* Number of configurable address ranges */
573 #define INTEL_PT_ADDR_RANGES_NUM_MASK 0x3
574 #define INTEL_PT_MTC_BITMAP      (0x0249 << 16) /* Support ART(0,3,6,9) */
575 #define INTEL_PT_CYCLE_BITMAP    0x1fff         /* Support 0,2^(0~11) */
576 #define INTEL_PT_PSB_BITMAP      (0x003f << 16) /* Support 2K,4K,8K,16K,32K,64K */
577 
578 /* CPUID Leaf 0x1D constants: */
579 #define INTEL_AMX_TILE_MAX_SUBLEAF     0x1
580 #define INTEL_AMX_TOTAL_TILE_BYTES     0x2000
581 #define INTEL_AMX_BYTES_PER_TILE       0x400
582 #define INTEL_AMX_BYTES_PER_ROW        0x40
583 #define INTEL_AMX_TILE_MAX_NAMES       0x8
584 #define INTEL_AMX_TILE_MAX_ROWS        0x10
585 
586 /* CPUID Leaf 0x1E constants: */
587 #define INTEL_AMX_TMUL_MAX_K           0x10
588 #define INTEL_AMX_TMUL_MAX_N           0x40
589 
590 void x86_cpu_vendor_words2str(char *dst, uint32_t vendor1,
591                               uint32_t vendor2, uint32_t vendor3)
592 {
593     int i;
594     for (i = 0; i < 4; i++) {
595         dst[i] = vendor1 >> (8 * i);
596         dst[i + 4] = vendor2 >> (8 * i);
597         dst[i + 8] = vendor3 >> (8 * i);
598     }
599     dst[CPUID_VENDOR_SZ] = '\0';
600 }
601 
602 #define I486_FEATURES (CPUID_FP87 | CPUID_VME | CPUID_PSE)
603 #define PENTIUM_FEATURES (I486_FEATURES | CPUID_DE | CPUID_TSC | \
604           CPUID_MSR | CPUID_MCE | CPUID_CX8 | CPUID_MMX | CPUID_APIC)
605 #define PENTIUM2_FEATURES (PENTIUM_FEATURES | CPUID_PAE | CPUID_SEP | \
606           CPUID_MTRR | CPUID_PGE | CPUID_MCA | CPUID_CMOV | CPUID_PAT | \
607           CPUID_PSE36 | CPUID_FXSR)
608 #define PENTIUM3_FEATURES (PENTIUM2_FEATURES | CPUID_SSE)
609 #define PPRO_FEATURES (CPUID_FP87 | CPUID_DE | CPUID_PSE | CPUID_TSC | \
610           CPUID_MSR | CPUID_MCE | CPUID_CX8 | CPUID_PGE | CPUID_CMOV | \
611           CPUID_PAT | CPUID_FXSR | CPUID_MMX | CPUID_SSE | CPUID_SSE2 | \
612           CPUID_PAE | CPUID_SEP | CPUID_APIC)
613 
614 #define TCG_FEATURES (CPUID_FP87 | CPUID_PSE | CPUID_TSC | CPUID_MSR | \
615           CPUID_PAE | CPUID_MCE | CPUID_CX8 | CPUID_APIC | CPUID_SEP | \
616           CPUID_MTRR | CPUID_PGE | CPUID_MCA | CPUID_CMOV | CPUID_PAT | \
617           CPUID_PSE36 | CPUID_CLFLUSH | CPUID_ACPI | CPUID_MMX | \
618           CPUID_FXSR | CPUID_SSE | CPUID_SSE2 | CPUID_SS | CPUID_DE)
619           /* partly implemented:
620           CPUID_MTRR, CPUID_MCA, CPUID_CLFLUSH (needed for Win64) */
621           /* missing:
622           CPUID_VME, CPUID_DTS, CPUID_SS, CPUID_HT, CPUID_TM, CPUID_PBE */
623 #define TCG_EXT_FEATURES (CPUID_EXT_SSE3 | CPUID_EXT_PCLMULQDQ | \
624           CPUID_EXT_MONITOR | CPUID_EXT_SSSE3 | CPUID_EXT_CX16 | \
625           CPUID_EXT_SSE41 | CPUID_EXT_SSE42 | CPUID_EXT_POPCNT | \
626           CPUID_EXT_XSAVE | /* CPUID_EXT_OSXSAVE is dynamic */   \
627           CPUID_EXT_MOVBE | CPUID_EXT_AES | CPUID_EXT_HYPERVISOR | \
628           CPUID_EXT_RDRAND | CPUID_EXT_AVX | CPUID_EXT_F16C | \
629           CPUID_EXT_FMA)
630           /* missing:
631           CPUID_EXT_DTES64, CPUID_EXT_DSCPL, CPUID_EXT_VMX, CPUID_EXT_SMX,
632           CPUID_EXT_EST, CPUID_EXT_TM2, CPUID_EXT_CID,
633           CPUID_EXT_XTPR, CPUID_EXT_PDCM, CPUID_EXT_PCID, CPUID_EXT_DCA,
634           CPUID_EXT_X2APIC, CPUID_EXT_TSC_DEADLINE_TIMER */
635 
636 #ifdef TARGET_X86_64
637 #define TCG_EXT2_X86_64_FEATURES (CPUID_EXT2_SYSCALL | CPUID_EXT2_LM)
638 #else
639 #define TCG_EXT2_X86_64_FEATURES 0
640 #endif
641 
642 #define TCG_EXT2_FEATURES ((TCG_FEATURES & CPUID_EXT2_AMD_ALIASES) | \
643           CPUID_EXT2_NX | CPUID_EXT2_MMXEXT | CPUID_EXT2_RDTSCP | \
644           CPUID_EXT2_3DNOW | CPUID_EXT2_3DNOWEXT | CPUID_EXT2_PDPE1GB | \
645           TCG_EXT2_X86_64_FEATURES)
646 #define TCG_EXT3_FEATURES (CPUID_EXT3_LAHF_LM | CPUID_EXT3_SVM | \
647           CPUID_EXT3_CR8LEG | CPUID_EXT3_ABM | CPUID_EXT3_SSE4A)
648 #define TCG_EXT4_FEATURES 0
649 #define TCG_SVM_FEATURES (CPUID_SVM_NPT | CPUID_SVM_VGIF | \
650           CPUID_SVM_SVME_ADDR_CHK)
651 #define TCG_KVM_FEATURES 0
652 #define TCG_7_0_EBX_FEATURES (CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_SMAP | \
653           CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ADX | \
654           CPUID_7_0_EBX_PCOMMIT | CPUID_7_0_EBX_CLFLUSHOPT |            \
655           CPUID_7_0_EBX_CLWB | CPUID_7_0_EBX_MPX | CPUID_7_0_EBX_FSGSBASE | \
656           CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_AVX2)
657           /* missing:
658           CPUID_7_0_EBX_HLE
659           CPUID_7_0_EBX_INVPCID, CPUID_7_0_EBX_RTM,
660           CPUID_7_0_EBX_RDSEED */
661 #define TCG_7_0_ECX_FEATURES (CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_PKU | \
662           /* CPUID_7_0_ECX_OSPKE is dynamic */ \
663           CPUID_7_0_ECX_LA57 | CPUID_7_0_ECX_PKS | CPUID_7_0_ECX_VAES)
664 #define TCG_7_0_EDX_FEATURES CPUID_7_0_EDX_FSRM
665 #define TCG_7_1_EAX_FEATURES (CPUID_7_1_EAX_FZRM | CPUID_7_1_EAX_FSRS | \
666           CPUID_7_1_EAX_FSRC)
667 #define TCG_APM_FEATURES 0
668 #define TCG_6_EAX_FEATURES CPUID_6_EAX_ARAT
669 #define TCG_XSAVE_FEATURES (CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XGETBV1)
670           /* missing:
671           CPUID_XSAVE_XSAVEC, CPUID_XSAVE_XSAVES */
672 #define TCG_14_0_ECX_FEATURES 0
673 #define TCG_SGX_12_0_EAX_FEATURES 0
674 #define TCG_SGX_12_0_EBX_FEATURES 0
675 #define TCG_SGX_12_1_EAX_FEATURES 0
676 
677 FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
678     [FEAT_1_EDX] = {
679         .type = CPUID_FEATURE_WORD,
680         .feat_names = {
681             "fpu", "vme", "de", "pse",
682             "tsc", "msr", "pae", "mce",
683             "cx8", "apic", NULL, "sep",
684             "mtrr", "pge", "mca", "cmov",
685             "pat", "pse36", "pn" /* Intel psn */, "clflush" /* Intel clfsh */,
686             NULL, "ds" /* Intel dts */, "acpi", "mmx",
687             "fxsr", "sse", "sse2", "ss",
688             "ht" /* Intel htt */, "tm", "ia64", "pbe",
689         },
690         .cpuid = {.eax = 1, .reg = R_EDX, },
691         .tcg_features = TCG_FEATURES,
692     },
693     [FEAT_1_ECX] = {
694         .type = CPUID_FEATURE_WORD,
695         .feat_names = {
696             "pni" /* Intel,AMD sse3 */, "pclmulqdq", "dtes64", "monitor",
697             "ds-cpl", "vmx", "smx", "est",
698             "tm2", "ssse3", "cid", NULL,
699             "fma", "cx16", "xtpr", "pdcm",
700             NULL, "pcid", "dca", "sse4.1",
701             "sse4.2", "x2apic", "movbe", "popcnt",
702             "tsc-deadline", "aes", "xsave", NULL /* osxsave */,
703             "avx", "f16c", "rdrand", "hypervisor",
704         },
705         .cpuid = { .eax = 1, .reg = R_ECX, },
706         .tcg_features = TCG_EXT_FEATURES,
707     },
708     /* Feature names that are already defined on feature_name[] but
709      * are set on CPUID[8000_0001].EDX on AMD CPUs don't have their
710      * names on feat_names below. They are copied automatically
711      * to features[FEAT_8000_0001_EDX] if and only if CPU vendor is AMD.
712      */
713     [FEAT_8000_0001_EDX] = {
714         .type = CPUID_FEATURE_WORD,
715         .feat_names = {
716             NULL /* fpu */, NULL /* vme */, NULL /* de */, NULL /* pse */,
717             NULL /* tsc */, NULL /* msr */, NULL /* pae */, NULL /* mce */,
718             NULL /* cx8 */, NULL /* apic */, NULL, "syscall",
719             NULL /* mtrr */, NULL /* pge */, NULL /* mca */, NULL /* cmov */,
720             NULL /* pat */, NULL /* pse36 */, NULL, NULL /* Linux mp */,
721             "nx", NULL, "mmxext", NULL /* mmx */,
722             NULL /* fxsr */, "fxsr-opt", "pdpe1gb", "rdtscp",
723             NULL, "lm", "3dnowext", "3dnow",
724         },
725         .cpuid = { .eax = 0x80000001, .reg = R_EDX, },
726         .tcg_features = TCG_EXT2_FEATURES,
727     },
728     [FEAT_8000_0001_ECX] = {
729         .type = CPUID_FEATURE_WORD,
730         .feat_names = {
731             "lahf-lm", "cmp-legacy", "svm", "extapic",
732             "cr8legacy", "abm", "sse4a", "misalignsse",
733             "3dnowprefetch", "osvw", "ibs", "xop",
734             "skinit", "wdt", NULL, "lwp",
735             "fma4", "tce", NULL, "nodeid-msr",
736             NULL, "tbm", "topoext", "perfctr-core",
737             "perfctr-nb", NULL, NULL, NULL,
738             NULL, NULL, NULL, NULL,
739         },
740         .cpuid = { .eax = 0x80000001, .reg = R_ECX, },
741         .tcg_features = TCG_EXT3_FEATURES,
742         /*
743          * TOPOEXT is always allowed but can't be enabled blindly by
744          * "-cpu host", as it requires consistent cache topology info
745          * to be provided so it doesn't confuse guests.
746          */
747         .no_autoenable_flags = CPUID_EXT3_TOPOEXT,
748     },
749     [FEAT_C000_0001_EDX] = {
750         .type = CPUID_FEATURE_WORD,
751         .feat_names = {
752             NULL, NULL, "xstore", "xstore-en",
753             NULL, NULL, "xcrypt", "xcrypt-en",
754             "ace2", "ace2-en", "phe", "phe-en",
755             "pmm", "pmm-en", NULL, NULL,
756             NULL, NULL, NULL, NULL,
757             NULL, NULL, NULL, NULL,
758             NULL, NULL, NULL, NULL,
759             NULL, NULL, NULL, NULL,
760         },
761         .cpuid = { .eax = 0xC0000001, .reg = R_EDX, },
762         .tcg_features = TCG_EXT4_FEATURES,
763     },
764     [FEAT_KVM] = {
765         .type = CPUID_FEATURE_WORD,
766         .feat_names = {
767             "kvmclock", "kvm-nopiodelay", "kvm-mmu", "kvmclock",
768             "kvm-asyncpf", "kvm-steal-time", "kvm-pv-eoi", "kvm-pv-unhalt",
769             NULL, "kvm-pv-tlb-flush", NULL, "kvm-pv-ipi",
770             "kvm-poll-control", "kvm-pv-sched-yield", "kvm-asyncpf-int", "kvm-msi-ext-dest-id",
771             NULL, NULL, NULL, NULL,
772             NULL, NULL, NULL, NULL,
773             "kvmclock-stable-bit", NULL, NULL, NULL,
774             NULL, NULL, NULL, NULL,
775         },
776         .cpuid = { .eax = KVM_CPUID_FEATURES, .reg = R_EAX, },
777         .tcg_features = TCG_KVM_FEATURES,
778     },
779     [FEAT_KVM_HINTS] = {
780         .type = CPUID_FEATURE_WORD,
781         .feat_names = {
782             "kvm-hint-dedicated", NULL, NULL, NULL,
783             NULL, NULL, NULL, NULL,
784             NULL, NULL, NULL, NULL,
785             NULL, NULL, NULL, NULL,
786             NULL, NULL, NULL, NULL,
787             NULL, NULL, NULL, NULL,
788             NULL, NULL, NULL, NULL,
789             NULL, NULL, NULL, NULL,
790         },
791         .cpuid = { .eax = KVM_CPUID_FEATURES, .reg = R_EDX, },
792         .tcg_features = TCG_KVM_FEATURES,
793         /*
794          * KVM hints aren't auto-enabled by -cpu host, they need to be
795          * explicitly enabled in the command-line.
796          */
797         .no_autoenable_flags = ~0U,
798     },
799     [FEAT_SVM] = {
800         .type = CPUID_FEATURE_WORD,
801         .feat_names = {
802             "npt", "lbrv", "svm-lock", "nrip-save",
803             "tsc-scale", "vmcb-clean",  "flushbyasid", "decodeassists",
804             NULL, NULL, "pause-filter", NULL,
805             "pfthreshold", "avic", NULL, "v-vmsave-vmload",
806             "vgif", NULL, NULL, NULL,
807             NULL, NULL, NULL, NULL,
808             NULL, NULL, NULL, NULL,
809             "svme-addr-chk", NULL, NULL, NULL,
810         },
811         .cpuid = { .eax = 0x8000000A, .reg = R_EDX, },
812         .tcg_features = TCG_SVM_FEATURES,
813     },
814     [FEAT_7_0_EBX] = {
815         .type = CPUID_FEATURE_WORD,
816         .feat_names = {
817             "fsgsbase", "tsc-adjust", "sgx", "bmi1",
818             "hle", "avx2", NULL, "smep",
819             "bmi2", "erms", "invpcid", "rtm",
820             NULL, NULL, "mpx", NULL,
821             "avx512f", "avx512dq", "rdseed", "adx",
822             "smap", "avx512ifma", "pcommit", "clflushopt",
823             "clwb", "intel-pt", "avx512pf", "avx512er",
824             "avx512cd", "sha-ni", "avx512bw", "avx512vl",
825         },
826         .cpuid = {
827             .eax = 7,
828             .needs_ecx = true, .ecx = 0,
829             .reg = R_EBX,
830         },
831         .tcg_features = TCG_7_0_EBX_FEATURES,
832     },
833     [FEAT_7_0_ECX] = {
834         .type = CPUID_FEATURE_WORD,
835         .feat_names = {
836             NULL, "avx512vbmi", "umip", "pku",
837             NULL /* ospke */, "waitpkg", "avx512vbmi2", NULL,
838             "gfni", "vaes", "vpclmulqdq", "avx512vnni",
839             "avx512bitalg", NULL, "avx512-vpopcntdq", NULL,
840             "la57", NULL, NULL, NULL,
841             NULL, NULL, "rdpid", NULL,
842             "bus-lock-detect", "cldemote", NULL, "movdiri",
843             "movdir64b", NULL, "sgxlc", "pks",
844         },
845         .cpuid = {
846             .eax = 7,
847             .needs_ecx = true, .ecx = 0,
848             .reg = R_ECX,
849         },
850         .tcg_features = TCG_7_0_ECX_FEATURES,
851     },
852     [FEAT_7_0_EDX] = {
853         .type = CPUID_FEATURE_WORD,
854         .feat_names = {
855             NULL, NULL, "avx512-4vnniw", "avx512-4fmaps",
856             "fsrm", NULL, NULL, NULL,
857             "avx512-vp2intersect", NULL, "md-clear", NULL,
858             NULL, NULL, "serialize", NULL,
859             "tsx-ldtrk", NULL, NULL /* pconfig */, "arch-lbr",
860             NULL, NULL, "amx-bf16", "avx512-fp16",
861             "amx-tile", "amx-int8", "spec-ctrl", "stibp",
862             NULL, "arch-capabilities", "core-capability", "ssbd",
863         },
864         .cpuid = {
865             .eax = 7,
866             .needs_ecx = true, .ecx = 0,
867             .reg = R_EDX,
868         },
869         .tcg_features = TCG_7_0_EDX_FEATURES,
870     },
871     [FEAT_7_1_EAX] = {
872         .type = CPUID_FEATURE_WORD,
873         .feat_names = {
874             NULL, NULL, NULL, NULL,
875             "avx-vnni", "avx512-bf16", NULL, NULL,
876             NULL, NULL, "fzrm", "fsrs",
877             "fsrc", NULL, NULL, NULL,
878             NULL, NULL, NULL, NULL,
879             NULL, NULL, NULL, NULL,
880             NULL, NULL, NULL, NULL,
881             NULL, NULL, NULL, NULL,
882         },
883         .cpuid = {
884             .eax = 7,
885             .needs_ecx = true, .ecx = 1,
886             .reg = R_EAX,
887         },
888         .tcg_features = TCG_7_1_EAX_FEATURES,
889     },
890     [FEAT_8000_0007_EDX] = {
891         .type = CPUID_FEATURE_WORD,
892         .feat_names = {
893             NULL, NULL, NULL, NULL,
894             NULL, NULL, NULL, NULL,
895             "invtsc", NULL, NULL, NULL,
896             NULL, NULL, NULL, NULL,
897             NULL, NULL, NULL, NULL,
898             NULL, NULL, NULL, NULL,
899             NULL, NULL, NULL, NULL,
900             NULL, NULL, NULL, NULL,
901         },
902         .cpuid = { .eax = 0x80000007, .reg = R_EDX, },
903         .tcg_features = TCG_APM_FEATURES,
904         .unmigratable_flags = CPUID_APM_INVTSC,
905     },
906     [FEAT_8000_0008_EBX] = {
907         .type = CPUID_FEATURE_WORD,
908         .feat_names = {
909             "clzero", NULL, "xsaveerptr", NULL,
910             NULL, NULL, NULL, NULL,
911             NULL, "wbnoinvd", NULL, NULL,
912             "ibpb", NULL, "ibrs", "amd-stibp",
913             NULL, NULL, NULL, NULL,
914             NULL, NULL, NULL, NULL,
915             "amd-ssbd", "virt-ssbd", "amd-no-ssb", NULL,
916             NULL, NULL, NULL, NULL,
917         },
918         .cpuid = { .eax = 0x80000008, .reg = R_EBX, },
919         .tcg_features = 0,
920         .unmigratable_flags = 0,
921     },
922     [FEAT_XSAVE] = {
923         .type = CPUID_FEATURE_WORD,
924         .feat_names = {
925             "xsaveopt", "xsavec", "xgetbv1", "xsaves",
926             "xfd", NULL, NULL, NULL,
927             NULL, NULL, NULL, NULL,
928             NULL, NULL, NULL, NULL,
929             NULL, NULL, NULL, NULL,
930             NULL, NULL, NULL, NULL,
931             NULL, NULL, NULL, NULL,
932             NULL, NULL, NULL, NULL,
933         },
934         .cpuid = {
935             .eax = 0xd,
936             .needs_ecx = true, .ecx = 1,
937             .reg = R_EAX,
938         },
939         .tcg_features = TCG_XSAVE_FEATURES,
940     },
941     [FEAT_XSAVE_XSS_LO] = {
942         .type = CPUID_FEATURE_WORD,
943         .feat_names = {
944             NULL, NULL, NULL, NULL,
945             NULL, NULL, NULL, NULL,
946             NULL, NULL, NULL, NULL,
947             NULL, NULL, NULL, NULL,
948             NULL, NULL, NULL, NULL,
949             NULL, NULL, NULL, NULL,
950             NULL, NULL, NULL, NULL,
951             NULL, NULL, NULL, NULL,
952         },
953         .cpuid = {
954             .eax = 0xD,
955             .needs_ecx = true,
956             .ecx = 1,
957             .reg = R_ECX,
958         },
959     },
960     [FEAT_XSAVE_XSS_HI] = {
961         .type = CPUID_FEATURE_WORD,
962         .cpuid = {
963             .eax = 0xD,
964             .needs_ecx = true,
965             .ecx = 1,
966             .reg = R_EDX
967         },
968     },
969     [FEAT_6_EAX] = {
970         .type = CPUID_FEATURE_WORD,
971         .feat_names = {
972             NULL, NULL, "arat", NULL,
973             NULL, NULL, NULL, NULL,
974             NULL, NULL, NULL, NULL,
975             NULL, NULL, NULL, NULL,
976             NULL, NULL, NULL, NULL,
977             NULL, NULL, NULL, NULL,
978             NULL, NULL, NULL, NULL,
979             NULL, NULL, NULL, NULL,
980         },
981         .cpuid = { .eax = 6, .reg = R_EAX, },
982         .tcg_features = TCG_6_EAX_FEATURES,
983     },
984     [FEAT_XSAVE_XCR0_LO] = {
985         .type = CPUID_FEATURE_WORD,
986         .cpuid = {
987             .eax = 0xD,
988             .needs_ecx = true, .ecx = 0,
989             .reg = R_EAX,
990         },
991         .tcg_features = ~0U,
992         .migratable_flags = XSTATE_FP_MASK | XSTATE_SSE_MASK |
993             XSTATE_YMM_MASK | XSTATE_BNDREGS_MASK | XSTATE_BNDCSR_MASK |
994             XSTATE_OPMASK_MASK | XSTATE_ZMM_Hi256_MASK | XSTATE_Hi16_ZMM_MASK |
995             XSTATE_PKRU_MASK,
996     },
997     [FEAT_XSAVE_XCR0_HI] = {
998         .type = CPUID_FEATURE_WORD,
999         .cpuid = {
1000             .eax = 0xD,
1001             .needs_ecx = true, .ecx = 0,
1002             .reg = R_EDX,
1003         },
1004         .tcg_features = ~0U,
1005     },
1006     /*Below are MSR exposed features*/
1007     [FEAT_ARCH_CAPABILITIES] = {
1008         .type = MSR_FEATURE_WORD,
1009         .feat_names = {
1010             "rdctl-no", "ibrs-all", "rsba", "skip-l1dfl-vmentry",
1011             "ssb-no", "mds-no", "pschange-mc-no", "tsx-ctrl",
1012             "taa-no", NULL, NULL, NULL,
1013             NULL, NULL, NULL, NULL,
1014             NULL, NULL, NULL, NULL,
1015             NULL, NULL, NULL, NULL,
1016             NULL, NULL, NULL, NULL,
1017             NULL, NULL, NULL, NULL,
1018         },
1019         .msr = {
1020             .index = MSR_IA32_ARCH_CAPABILITIES,
1021         },
1022     },
1023     [FEAT_CORE_CAPABILITY] = {
1024         .type = MSR_FEATURE_WORD,
1025         .feat_names = {
1026             NULL, NULL, NULL, NULL,
1027             NULL, "split-lock-detect", NULL, NULL,
1028             NULL, NULL, NULL, NULL,
1029             NULL, NULL, NULL, NULL,
1030             NULL, NULL, NULL, NULL,
1031             NULL, NULL, NULL, NULL,
1032             NULL, NULL, NULL, NULL,
1033             NULL, NULL, NULL, NULL,
1034         },
1035         .msr = {
1036             .index = MSR_IA32_CORE_CAPABILITY,
1037         },
1038     },
1039     [FEAT_PERF_CAPABILITIES] = {
1040         .type = MSR_FEATURE_WORD,
1041         .feat_names = {
1042             NULL, NULL, NULL, NULL,
1043             NULL, NULL, NULL, NULL,
1044             NULL, NULL, NULL, NULL,
1045             NULL, "full-width-write", NULL, NULL,
1046             NULL, NULL, NULL, NULL,
1047             NULL, NULL, NULL, NULL,
1048             NULL, NULL, NULL, NULL,
1049             NULL, NULL, NULL, NULL,
1050         },
1051         .msr = {
1052             .index = MSR_IA32_PERF_CAPABILITIES,
1053         },
1054     },
1055 
1056     [FEAT_VMX_PROCBASED_CTLS] = {
1057         .type = MSR_FEATURE_WORD,
1058         .feat_names = {
1059             NULL, NULL, "vmx-vintr-pending", "vmx-tsc-offset",
1060             NULL, NULL, NULL, "vmx-hlt-exit",
1061             NULL, "vmx-invlpg-exit", "vmx-mwait-exit", "vmx-rdpmc-exit",
1062             "vmx-rdtsc-exit", NULL, NULL, "vmx-cr3-load-noexit",
1063             "vmx-cr3-store-noexit", NULL, NULL, "vmx-cr8-load-exit",
1064             "vmx-cr8-store-exit", "vmx-flexpriority", "vmx-vnmi-pending", "vmx-movdr-exit",
1065             "vmx-io-exit", "vmx-io-bitmap", NULL, "vmx-mtf",
1066             "vmx-msr-bitmap", "vmx-monitor-exit", "vmx-pause-exit", "vmx-secondary-ctls",
1067         },
1068         .msr = {
1069             .index = MSR_IA32_VMX_TRUE_PROCBASED_CTLS,
1070         }
1071     },
1072 
1073     [FEAT_VMX_SECONDARY_CTLS] = {
1074         .type = MSR_FEATURE_WORD,
1075         .feat_names = {
1076             "vmx-apicv-xapic", "vmx-ept", "vmx-desc-exit", "vmx-rdtscp-exit",
1077             "vmx-apicv-x2apic", "vmx-vpid", "vmx-wbinvd-exit", "vmx-unrestricted-guest",
1078             "vmx-apicv-register", "vmx-apicv-vid", "vmx-ple", "vmx-rdrand-exit",
1079             "vmx-invpcid-exit", "vmx-vmfunc", "vmx-shadow-vmcs", "vmx-encls-exit",
1080             "vmx-rdseed-exit", "vmx-pml", NULL, NULL,
1081             "vmx-xsaves", NULL, NULL, NULL,
1082             NULL, "vmx-tsc-scaling", NULL, NULL,
1083             NULL, NULL, NULL, NULL,
1084         },
1085         .msr = {
1086             .index = MSR_IA32_VMX_PROCBASED_CTLS2,
1087         }
1088     },
1089 
1090     [FEAT_VMX_PINBASED_CTLS] = {
1091         .type = MSR_FEATURE_WORD,
1092         .feat_names = {
1093             "vmx-intr-exit", NULL, NULL, "vmx-nmi-exit",
1094             NULL, "vmx-vnmi", "vmx-preemption-timer", "vmx-posted-intr",
1095             NULL, NULL, NULL, NULL,
1096             NULL, NULL, NULL, NULL,
1097             NULL, NULL, NULL, NULL,
1098             NULL, NULL, NULL, NULL,
1099             NULL, NULL, NULL, NULL,
1100             NULL, NULL, NULL, NULL,
1101         },
1102         .msr = {
1103             .index = MSR_IA32_VMX_TRUE_PINBASED_CTLS,
1104         }
1105     },
1106 
1107     [FEAT_VMX_EXIT_CTLS] = {
1108         .type = MSR_FEATURE_WORD,
1109         /*
1110          * VMX_VM_EXIT_HOST_ADDR_SPACE_SIZE is copied from
1111          * the LM CPUID bit.
1112          */
1113         .feat_names = {
1114             NULL, NULL, "vmx-exit-nosave-debugctl", NULL,
1115             NULL, NULL, NULL, NULL,
1116             NULL, NULL /* vmx-exit-host-addr-space-size */, NULL, NULL,
1117             "vmx-exit-load-perf-global-ctrl", NULL, NULL, "vmx-exit-ack-intr",
1118             NULL, NULL, "vmx-exit-save-pat", "vmx-exit-load-pat",
1119             "vmx-exit-save-efer", "vmx-exit-load-efer",
1120                 "vmx-exit-save-preemption-timer", "vmx-exit-clear-bndcfgs",
1121             NULL, "vmx-exit-clear-rtit-ctl", NULL, NULL,
1122             NULL, "vmx-exit-load-pkrs", NULL, NULL,
1123         },
1124         .msr = {
1125             .index = MSR_IA32_VMX_TRUE_EXIT_CTLS,
1126         }
1127     },
1128 
1129     [FEAT_VMX_ENTRY_CTLS] = {
1130         .type = MSR_FEATURE_WORD,
1131         .feat_names = {
1132             NULL, NULL, "vmx-entry-noload-debugctl", NULL,
1133             NULL, NULL, NULL, NULL,
1134             NULL, "vmx-entry-ia32e-mode", NULL, NULL,
1135             NULL, "vmx-entry-load-perf-global-ctrl", "vmx-entry-load-pat", "vmx-entry-load-efer",
1136             "vmx-entry-load-bndcfgs", NULL, "vmx-entry-load-rtit-ctl", NULL,
1137             NULL, NULL, "vmx-entry-load-pkrs", NULL,
1138             NULL, NULL, NULL, NULL,
1139             NULL, NULL, NULL, NULL,
1140         },
1141         .msr = {
1142             .index = MSR_IA32_VMX_TRUE_ENTRY_CTLS,
1143         }
1144     },
1145 
1146     [FEAT_VMX_MISC] = {
1147         .type = MSR_FEATURE_WORD,
1148         .feat_names = {
1149             NULL, NULL, NULL, NULL,
1150             NULL, "vmx-store-lma", "vmx-activity-hlt", "vmx-activity-shutdown",
1151             "vmx-activity-wait-sipi", NULL, NULL, NULL,
1152             NULL, NULL, NULL, NULL,
1153             NULL, NULL, NULL, NULL,
1154             NULL, NULL, NULL, NULL,
1155             NULL, NULL, NULL, NULL,
1156             NULL, "vmx-vmwrite-vmexit-fields", "vmx-zero-len-inject", NULL,
1157         },
1158         .msr = {
1159             .index = MSR_IA32_VMX_MISC,
1160         }
1161     },
1162 
1163     [FEAT_VMX_EPT_VPID_CAPS] = {
1164         .type = MSR_FEATURE_WORD,
1165         .feat_names = {
1166             "vmx-ept-execonly", NULL, NULL, NULL,
1167             NULL, NULL, "vmx-page-walk-4", "vmx-page-walk-5",
1168             NULL, NULL, NULL, NULL,
1169             NULL, NULL, NULL, NULL,
1170             "vmx-ept-2mb", "vmx-ept-1gb", NULL, NULL,
1171             "vmx-invept", "vmx-eptad", "vmx-ept-advanced-exitinfo", NULL,
1172             NULL, "vmx-invept-single-context", "vmx-invept-all-context", NULL,
1173             NULL, NULL, NULL, NULL,
1174             "vmx-invvpid", NULL, NULL, NULL,
1175             NULL, NULL, NULL, NULL,
1176             "vmx-invvpid-single-addr", "vmx-invept-single-context",
1177                 "vmx-invvpid-all-context", "vmx-invept-single-context-noglobals",
1178             NULL, NULL, NULL, NULL,
1179             NULL, NULL, NULL, NULL,
1180             NULL, NULL, NULL, NULL,
1181             NULL, NULL, NULL, NULL,
1182             NULL, NULL, NULL, NULL,
1183         },
1184         .msr = {
1185             .index = MSR_IA32_VMX_EPT_VPID_CAP,
1186         }
1187     },
1188 
1189     [FEAT_VMX_BASIC] = {
1190         .type = MSR_FEATURE_WORD,
1191         .feat_names = {
1192             [54] = "vmx-ins-outs",
1193             [55] = "vmx-true-ctls",
1194         },
1195         .msr = {
1196             .index = MSR_IA32_VMX_BASIC,
1197         },
1198         /* Just to be safe - we don't support setting the MSEG version field.  */
1199         .no_autoenable_flags = MSR_VMX_BASIC_DUAL_MONITOR,
1200     },
1201 
1202     [FEAT_VMX_VMFUNC] = {
1203         .type = MSR_FEATURE_WORD,
1204         .feat_names = {
1205             [0] = "vmx-eptp-switching",
1206         },
1207         .msr = {
1208             .index = MSR_IA32_VMX_VMFUNC,
1209         }
1210     },
1211 
1212     [FEAT_14_0_ECX] = {
1213         .type = CPUID_FEATURE_WORD,
1214         .feat_names = {
1215             NULL, NULL, NULL, NULL,
1216             NULL, NULL, NULL, NULL,
1217             NULL, NULL, NULL, NULL,
1218             NULL, NULL, NULL, NULL,
1219             NULL, NULL, NULL, NULL,
1220             NULL, NULL, NULL, NULL,
1221             NULL, NULL, NULL, NULL,
1222             NULL, NULL, NULL, "intel-pt-lip",
1223         },
1224         .cpuid = {
1225             .eax = 0x14,
1226             .needs_ecx = true, .ecx = 0,
1227             .reg = R_ECX,
1228         },
1229         .tcg_features = TCG_14_0_ECX_FEATURES,
1230      },
1231 
1232     [FEAT_SGX_12_0_EAX] = {
1233         .type = CPUID_FEATURE_WORD,
1234         .feat_names = {
1235             "sgx1", "sgx2", NULL, NULL,
1236             NULL, NULL, NULL, NULL,
1237             NULL, NULL, NULL, "sgx-edeccssa",
1238             NULL, NULL, NULL, NULL,
1239             NULL, NULL, NULL, NULL,
1240             NULL, NULL, NULL, NULL,
1241             NULL, NULL, NULL, NULL,
1242             NULL, NULL, NULL, NULL,
1243         },
1244         .cpuid = {
1245             .eax = 0x12,
1246             .needs_ecx = true, .ecx = 0,
1247             .reg = R_EAX,
1248         },
1249         .tcg_features = TCG_SGX_12_0_EAX_FEATURES,
1250     },
1251 
1252     [FEAT_SGX_12_0_EBX] = {
1253         .type = CPUID_FEATURE_WORD,
1254         .feat_names = {
1255             "sgx-exinfo" , NULL, NULL, NULL,
1256             NULL, NULL, NULL, NULL,
1257             NULL, NULL, NULL, NULL,
1258             NULL, NULL, NULL, NULL,
1259             NULL, NULL, NULL, NULL,
1260             NULL, NULL, NULL, NULL,
1261             NULL, NULL, NULL, NULL,
1262             NULL, NULL, NULL, NULL,
1263         },
1264         .cpuid = {
1265             .eax = 0x12,
1266             .needs_ecx = true, .ecx = 0,
1267             .reg = R_EBX,
1268         },
1269         .tcg_features = TCG_SGX_12_0_EBX_FEATURES,
1270     },
1271 
1272     [FEAT_SGX_12_1_EAX] = {
1273         .type = CPUID_FEATURE_WORD,
1274         .feat_names = {
1275             NULL, "sgx-debug", "sgx-mode64", NULL,
1276             "sgx-provisionkey", "sgx-tokenkey", NULL, "sgx-kss",
1277             NULL, NULL, "sgx-aex-notify", NULL,
1278             NULL, NULL, NULL, NULL,
1279             NULL, NULL, NULL, NULL,
1280             NULL, NULL, NULL, NULL,
1281             NULL, NULL, NULL, NULL,
1282             NULL, NULL, NULL, NULL,
1283         },
1284         .cpuid = {
1285             .eax = 0x12,
1286             .needs_ecx = true, .ecx = 1,
1287             .reg = R_EAX,
1288         },
1289         .tcg_features = TCG_SGX_12_1_EAX_FEATURES,
1290     },
1291 };
1292 
1293 typedef struct FeatureMask {
1294     FeatureWord index;
1295     uint64_t mask;
1296 } FeatureMask;
1297 
1298 typedef struct FeatureDep {
1299     FeatureMask from, to;
1300 } FeatureDep;
1301 
1302 static FeatureDep feature_dependencies[] = {
1303     {
1304         .from = { FEAT_7_0_EDX,             CPUID_7_0_EDX_ARCH_CAPABILITIES },
1305         .to = { FEAT_ARCH_CAPABILITIES,     ~0ull },
1306     },
1307     {
1308         .from = { FEAT_7_0_EDX,             CPUID_7_0_EDX_CORE_CAPABILITY },
1309         .to = { FEAT_CORE_CAPABILITY,       ~0ull },
1310     },
1311     {
1312         .from = { FEAT_1_ECX,             CPUID_EXT_PDCM },
1313         .to = { FEAT_PERF_CAPABILITIES,       ~0ull },
1314     },
1315     {
1316         .from = { FEAT_1_ECX,               CPUID_EXT_VMX },
1317         .to = { FEAT_VMX_PROCBASED_CTLS,    ~0ull },
1318     },
1319     {
1320         .from = { FEAT_1_ECX,               CPUID_EXT_VMX },
1321         .to = { FEAT_VMX_PINBASED_CTLS,     ~0ull },
1322     },
1323     {
1324         .from = { FEAT_1_ECX,               CPUID_EXT_VMX },
1325         .to = { FEAT_VMX_EXIT_CTLS,         ~0ull },
1326     },
1327     {
1328         .from = { FEAT_1_ECX,               CPUID_EXT_VMX },
1329         .to = { FEAT_VMX_ENTRY_CTLS,        ~0ull },
1330     },
1331     {
1332         .from = { FEAT_1_ECX,               CPUID_EXT_VMX },
1333         .to = { FEAT_VMX_MISC,              ~0ull },
1334     },
1335     {
1336         .from = { FEAT_1_ECX,               CPUID_EXT_VMX },
1337         .to = { FEAT_VMX_BASIC,             ~0ull },
1338     },
1339     {
1340         .from = { FEAT_8000_0001_EDX,       CPUID_EXT2_LM },
1341         .to = { FEAT_VMX_ENTRY_CTLS,        VMX_VM_ENTRY_IA32E_MODE },
1342     },
1343     {
1344         .from = { FEAT_VMX_PROCBASED_CTLS,  VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS },
1345         .to = { FEAT_VMX_SECONDARY_CTLS,    ~0ull },
1346     },
1347     {
1348         .from = { FEAT_XSAVE,               CPUID_XSAVE_XSAVES },
1349         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_XSAVES },
1350     },
1351     {
1352         .from = { FEAT_1_ECX,               CPUID_EXT_RDRAND },
1353         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_RDRAND_EXITING },
1354     },
1355     {
1356         .from = { FEAT_7_0_EBX,             CPUID_7_0_EBX_INVPCID },
1357         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_ENABLE_INVPCID },
1358     },
1359     {
1360         .from = { FEAT_7_0_EBX,             CPUID_7_0_EBX_MPX },
1361         .to = { FEAT_VMX_EXIT_CTLS,         VMX_VM_EXIT_CLEAR_BNDCFGS },
1362     },
1363     {
1364         .from = { FEAT_7_0_EBX,             CPUID_7_0_EBX_MPX },
1365         .to = { FEAT_VMX_ENTRY_CTLS,        VMX_VM_ENTRY_LOAD_BNDCFGS },
1366     },
1367     {
1368         .from = { FEAT_7_0_EBX,             CPUID_7_0_EBX_RDSEED },
1369         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_RDSEED_EXITING },
1370     },
1371     {
1372         .from = { FEAT_7_0_EBX,             CPUID_7_0_EBX_INTEL_PT },
1373         .to = { FEAT_14_0_ECX,              ~0ull },
1374     },
1375     {
1376         .from = { FEAT_8000_0001_EDX,       CPUID_EXT2_RDTSCP },
1377         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_RDTSCP },
1378     },
1379     {
1380         .from = { FEAT_VMX_SECONDARY_CTLS,  VMX_SECONDARY_EXEC_ENABLE_EPT },
1381         .to = { FEAT_VMX_EPT_VPID_CAPS,     0xffffffffull },
1382     },
1383     {
1384         .from = { FEAT_VMX_SECONDARY_CTLS,  VMX_SECONDARY_EXEC_ENABLE_EPT },
1385         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST },
1386     },
1387     {
1388         .from = { FEAT_VMX_SECONDARY_CTLS,  VMX_SECONDARY_EXEC_ENABLE_VPID },
1389         .to = { FEAT_VMX_EPT_VPID_CAPS,     0xffffffffull << 32 },
1390     },
1391     {
1392         .from = { FEAT_VMX_SECONDARY_CTLS,  VMX_SECONDARY_EXEC_ENABLE_VMFUNC },
1393         .to = { FEAT_VMX_VMFUNC,            ~0ull },
1394     },
1395     {
1396         .from = { FEAT_8000_0001_ECX,       CPUID_EXT3_SVM },
1397         .to = { FEAT_SVM,                   ~0ull },
1398     },
1399 };
1400 
1401 typedef struct X86RegisterInfo32 {
1402     /* Name of register */
1403     const char *name;
1404     /* QAPI enum value register */
1405     X86CPURegister32 qapi_enum;
1406 } X86RegisterInfo32;
1407 
1408 #define REGISTER(reg) \
1409     [R_##reg] = { .name = #reg, .qapi_enum = X86_CPU_REGISTER32_##reg }
1410 static const X86RegisterInfo32 x86_reg_info_32[CPU_NB_REGS32] = {
1411     REGISTER(EAX),
1412     REGISTER(ECX),
1413     REGISTER(EDX),
1414     REGISTER(EBX),
1415     REGISTER(ESP),
1416     REGISTER(EBP),
1417     REGISTER(ESI),
1418     REGISTER(EDI),
1419 };
1420 #undef REGISTER
1421 
1422 /* CPUID feature bits available in XSS */
1423 #define CPUID_XSTATE_XSS_MASK    (XSTATE_ARCH_LBR_MASK)
1424 
1425 ExtSaveArea x86_ext_save_areas[XSAVE_STATE_AREA_COUNT] = {
1426     [XSTATE_FP_BIT] = {
1427         /* x87 FP state component is always enabled if XSAVE is supported */
1428         .feature = FEAT_1_ECX, .bits = CPUID_EXT_XSAVE,
1429         .size = sizeof(X86LegacyXSaveArea) + sizeof(X86XSaveHeader),
1430     },
1431     [XSTATE_SSE_BIT] = {
1432         /* SSE state component is always enabled if XSAVE is supported */
1433         .feature = FEAT_1_ECX, .bits = CPUID_EXT_XSAVE,
1434         .size = sizeof(X86LegacyXSaveArea) + sizeof(X86XSaveHeader),
1435     },
1436     [XSTATE_YMM_BIT] =
1437           { .feature = FEAT_1_ECX, .bits = CPUID_EXT_AVX,
1438             .size = sizeof(XSaveAVX) },
1439     [XSTATE_BNDREGS_BIT] =
1440           { .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_MPX,
1441             .size = sizeof(XSaveBNDREG)  },
1442     [XSTATE_BNDCSR_BIT] =
1443           { .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_MPX,
1444             .size = sizeof(XSaveBNDCSR)  },
1445     [XSTATE_OPMASK_BIT] =
1446           { .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_AVX512F,
1447             .size = sizeof(XSaveOpmask) },
1448     [XSTATE_ZMM_Hi256_BIT] =
1449           { .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_AVX512F,
1450             .size = sizeof(XSaveZMM_Hi256) },
1451     [XSTATE_Hi16_ZMM_BIT] =
1452           { .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_AVX512F,
1453             .size = sizeof(XSaveHi16_ZMM) },
1454     [XSTATE_PKRU_BIT] =
1455           { .feature = FEAT_7_0_ECX, .bits = CPUID_7_0_ECX_PKU,
1456             .size = sizeof(XSavePKRU) },
1457     [XSTATE_ARCH_LBR_BIT] = {
1458             .feature = FEAT_7_0_EDX, .bits = CPUID_7_0_EDX_ARCH_LBR,
1459             .offset = 0 /*supervisor mode component, offset = 0 */,
1460             .size = sizeof(XSavesArchLBR) },
1461     [XSTATE_XTILE_CFG_BIT] = {
1462         .feature = FEAT_7_0_EDX, .bits = CPUID_7_0_EDX_AMX_TILE,
1463         .size = sizeof(XSaveXTILECFG),
1464     },
1465     [XSTATE_XTILE_DATA_BIT] = {
1466         .feature = FEAT_7_0_EDX, .bits = CPUID_7_0_EDX_AMX_TILE,
1467         .size = sizeof(XSaveXTILEDATA)
1468     },
1469 };
1470 
1471 uint32_t xsave_area_size(uint64_t mask, bool compacted)
1472 {
1473     uint64_t ret = x86_ext_save_areas[0].size;
1474     const ExtSaveArea *esa;
1475     uint32_t offset = 0;
1476     int i;
1477 
1478     for (i = 2; i < ARRAY_SIZE(x86_ext_save_areas); i++) {
1479         esa = &x86_ext_save_areas[i];
1480         if ((mask >> i) & 1) {
1481             offset = compacted ? ret : esa->offset;
1482             ret = MAX(ret, offset + esa->size);
1483         }
1484     }
1485     return ret;
1486 }
1487 
1488 static inline bool accel_uses_host_cpuid(void)
1489 {
1490     return kvm_enabled() || hvf_enabled();
1491 }
1492 
1493 static inline uint64_t x86_cpu_xsave_xcr0_components(X86CPU *cpu)
1494 {
1495     return ((uint64_t)cpu->env.features[FEAT_XSAVE_XCR0_HI]) << 32 |
1496            cpu->env.features[FEAT_XSAVE_XCR0_LO];
1497 }
1498 
1499 /* Return name of 32-bit register, from a R_* constant */
1500 static const char *get_register_name_32(unsigned int reg)
1501 {
1502     if (reg >= CPU_NB_REGS32) {
1503         return NULL;
1504     }
1505     return x86_reg_info_32[reg].name;
1506 }
1507 
1508 static inline uint64_t x86_cpu_xsave_xss_components(X86CPU *cpu)
1509 {
1510     return ((uint64_t)cpu->env.features[FEAT_XSAVE_XSS_HI]) << 32 |
1511            cpu->env.features[FEAT_XSAVE_XSS_LO];
1512 }
1513 
1514 /*
1515  * Returns the set of feature flags that are supported and migratable by
1516  * QEMU, for a given FeatureWord.
1517  */
1518 static uint64_t x86_cpu_get_migratable_flags(FeatureWord w)
1519 {
1520     FeatureWordInfo *wi = &feature_word_info[w];
1521     uint64_t r = 0;
1522     int i;
1523 
1524     for (i = 0; i < 64; i++) {
1525         uint64_t f = 1ULL << i;
1526 
1527         /* If the feature name is known, it is implicitly considered migratable,
1528          * unless it is explicitly set in unmigratable_flags */
1529         if ((wi->migratable_flags & f) ||
1530             (wi->feat_names[i] && !(wi->unmigratable_flags & f))) {
1531             r |= f;
1532         }
1533     }
1534     return r;
1535 }
1536 
1537 void host_cpuid(uint32_t function, uint32_t count,
1538                 uint32_t *eax, uint32_t *ebx, uint32_t *ecx, uint32_t *edx)
1539 {
1540     uint32_t vec[4];
1541 
1542 #ifdef __x86_64__
1543     asm volatile("cpuid"
1544                  : "=a"(vec[0]), "=b"(vec[1]),
1545                    "=c"(vec[2]), "=d"(vec[3])
1546                  : "0"(function), "c"(count) : "cc");
1547 #elif defined(__i386__)
1548     asm volatile("pusha \n\t"
1549                  "cpuid \n\t"
1550                  "mov %%eax, 0(%2) \n\t"
1551                  "mov %%ebx, 4(%2) \n\t"
1552                  "mov %%ecx, 8(%2) \n\t"
1553                  "mov %%edx, 12(%2) \n\t"
1554                  "popa"
1555                  : : "a"(function), "c"(count), "S"(vec)
1556                  : "memory", "cc");
1557 #else
1558     abort();
1559 #endif
1560 
1561     if (eax)
1562         *eax = vec[0];
1563     if (ebx)
1564         *ebx = vec[1];
1565     if (ecx)
1566         *ecx = vec[2];
1567     if (edx)
1568         *edx = vec[3];
1569 }
1570 
1571 /* CPU class name definitions: */
1572 
1573 /* Return type name for a given CPU model name
1574  * Caller is responsible for freeing the returned string.
1575  */
1576 static char *x86_cpu_type_name(const char *model_name)
1577 {
1578     return g_strdup_printf(X86_CPU_TYPE_NAME("%s"), model_name);
1579 }
1580 
1581 static ObjectClass *x86_cpu_class_by_name(const char *cpu_model)
1582 {
1583     g_autofree char *typename = x86_cpu_type_name(cpu_model);
1584     return object_class_by_name(typename);
1585 }
1586 
1587 static char *x86_cpu_class_get_model_name(X86CPUClass *cc)
1588 {
1589     const char *class_name = object_class_get_name(OBJECT_CLASS(cc));
1590     assert(g_str_has_suffix(class_name, X86_CPU_TYPE_SUFFIX));
1591     return g_strndup(class_name,
1592                      strlen(class_name) - strlen(X86_CPU_TYPE_SUFFIX));
1593 }
1594 
1595 typedef struct X86CPUVersionDefinition {
1596     X86CPUVersion version;
1597     const char *alias;
1598     const char *note;
1599     PropValue *props;
1600 } X86CPUVersionDefinition;
1601 
1602 /* Base definition for a CPU model */
1603 typedef struct X86CPUDefinition {
1604     const char *name;
1605     uint32_t level;
1606     uint32_t xlevel;
1607     /* vendor is zero-terminated, 12 character ASCII string */
1608     char vendor[CPUID_VENDOR_SZ + 1];
1609     int family;
1610     int model;
1611     int stepping;
1612     FeatureWordArray features;
1613     const char *model_id;
1614     const CPUCaches *const cache_info;
1615     /*
1616      * Definitions for alternative versions of CPU model.
1617      * List is terminated by item with version == 0.
1618      * If NULL, version 1 will be registered automatically.
1619      */
1620     const X86CPUVersionDefinition *versions;
1621     const char *deprecation_note;
1622 } X86CPUDefinition;
1623 
1624 /* Reference to a specific CPU model version */
1625 struct X86CPUModel {
1626     /* Base CPU definition */
1627     const X86CPUDefinition *cpudef;
1628     /* CPU model version */
1629     X86CPUVersion version;
1630     const char *note;
1631     /*
1632      * If true, this is an alias CPU model.
1633      * This matters only for "-cpu help" and query-cpu-definitions
1634      */
1635     bool is_alias;
1636 };
1637 
1638 /* Get full model name for CPU version */
1639 static char *x86_cpu_versioned_model_name(const X86CPUDefinition *cpudef,
1640                                           X86CPUVersion version)
1641 {
1642     assert(version > 0);
1643     return g_strdup_printf("%s-v%d", cpudef->name, (int)version);
1644 }
1645 
1646 static const X86CPUVersionDefinition *
1647 x86_cpu_def_get_versions(const X86CPUDefinition *def)
1648 {
1649     /* When X86CPUDefinition::versions is NULL, we register only v1 */
1650     static const X86CPUVersionDefinition default_version_list[] = {
1651         { 1 },
1652         { /* end of list */ }
1653     };
1654 
1655     return def->versions ?: default_version_list;
1656 }
1657 
1658 static const CPUCaches epyc_cache_info = {
1659     .l1d_cache = &(CPUCacheInfo) {
1660         .type = DATA_CACHE,
1661         .level = 1,
1662         .size = 32 * KiB,
1663         .line_size = 64,
1664         .associativity = 8,
1665         .partitions = 1,
1666         .sets = 64,
1667         .lines_per_tag = 1,
1668         .self_init = 1,
1669         .no_invd_sharing = true,
1670     },
1671     .l1i_cache = &(CPUCacheInfo) {
1672         .type = INSTRUCTION_CACHE,
1673         .level = 1,
1674         .size = 64 * KiB,
1675         .line_size = 64,
1676         .associativity = 4,
1677         .partitions = 1,
1678         .sets = 256,
1679         .lines_per_tag = 1,
1680         .self_init = 1,
1681         .no_invd_sharing = true,
1682     },
1683     .l2_cache = &(CPUCacheInfo) {
1684         .type = UNIFIED_CACHE,
1685         .level = 2,
1686         .size = 512 * KiB,
1687         .line_size = 64,
1688         .associativity = 8,
1689         .partitions = 1,
1690         .sets = 1024,
1691         .lines_per_tag = 1,
1692     },
1693     .l3_cache = &(CPUCacheInfo) {
1694         .type = UNIFIED_CACHE,
1695         .level = 3,
1696         .size = 8 * MiB,
1697         .line_size = 64,
1698         .associativity = 16,
1699         .partitions = 1,
1700         .sets = 8192,
1701         .lines_per_tag = 1,
1702         .self_init = true,
1703         .inclusive = true,
1704         .complex_indexing = true,
1705     },
1706 };
1707 
1708 static const CPUCaches epyc_rome_cache_info = {
1709     .l1d_cache = &(CPUCacheInfo) {
1710         .type = DATA_CACHE,
1711         .level = 1,
1712         .size = 32 * KiB,
1713         .line_size = 64,
1714         .associativity = 8,
1715         .partitions = 1,
1716         .sets = 64,
1717         .lines_per_tag = 1,
1718         .self_init = 1,
1719         .no_invd_sharing = true,
1720     },
1721     .l1i_cache = &(CPUCacheInfo) {
1722         .type = INSTRUCTION_CACHE,
1723         .level = 1,
1724         .size = 32 * KiB,
1725         .line_size = 64,
1726         .associativity = 8,
1727         .partitions = 1,
1728         .sets = 64,
1729         .lines_per_tag = 1,
1730         .self_init = 1,
1731         .no_invd_sharing = true,
1732     },
1733     .l2_cache = &(CPUCacheInfo) {
1734         .type = UNIFIED_CACHE,
1735         .level = 2,
1736         .size = 512 * KiB,
1737         .line_size = 64,
1738         .associativity = 8,
1739         .partitions = 1,
1740         .sets = 1024,
1741         .lines_per_tag = 1,
1742     },
1743     .l3_cache = &(CPUCacheInfo) {
1744         .type = UNIFIED_CACHE,
1745         .level = 3,
1746         .size = 16 * MiB,
1747         .line_size = 64,
1748         .associativity = 16,
1749         .partitions = 1,
1750         .sets = 16384,
1751         .lines_per_tag = 1,
1752         .self_init = true,
1753         .inclusive = true,
1754         .complex_indexing = true,
1755     },
1756 };
1757 
1758 static const CPUCaches epyc_milan_cache_info = {
1759     .l1d_cache = &(CPUCacheInfo) {
1760         .type = DATA_CACHE,
1761         .level = 1,
1762         .size = 32 * KiB,
1763         .line_size = 64,
1764         .associativity = 8,
1765         .partitions = 1,
1766         .sets = 64,
1767         .lines_per_tag = 1,
1768         .self_init = 1,
1769         .no_invd_sharing = true,
1770     },
1771     .l1i_cache = &(CPUCacheInfo) {
1772         .type = INSTRUCTION_CACHE,
1773         .level = 1,
1774         .size = 32 * KiB,
1775         .line_size = 64,
1776         .associativity = 8,
1777         .partitions = 1,
1778         .sets = 64,
1779         .lines_per_tag = 1,
1780         .self_init = 1,
1781         .no_invd_sharing = true,
1782     },
1783     .l2_cache = &(CPUCacheInfo) {
1784         .type = UNIFIED_CACHE,
1785         .level = 2,
1786         .size = 512 * KiB,
1787         .line_size = 64,
1788         .associativity = 8,
1789         .partitions = 1,
1790         .sets = 1024,
1791         .lines_per_tag = 1,
1792     },
1793     .l3_cache = &(CPUCacheInfo) {
1794         .type = UNIFIED_CACHE,
1795         .level = 3,
1796         .size = 32 * MiB,
1797         .line_size = 64,
1798         .associativity = 16,
1799         .partitions = 1,
1800         .sets = 32768,
1801         .lines_per_tag = 1,
1802         .self_init = true,
1803         .inclusive = true,
1804         .complex_indexing = true,
1805     },
1806 };
1807 
1808 /* The following VMX features are not supported by KVM and are left out in the
1809  * CPU definitions:
1810  *
1811  *  Dual-monitor support (all processors)
1812  *  Entry to SMM
1813  *  Deactivate dual-monitor treatment
1814  *  Number of CR3-target values
1815  *  Shutdown activity state
1816  *  Wait-for-SIPI activity state
1817  *  PAUSE-loop exiting (Westmere and newer)
1818  *  EPT-violation #VE (Broadwell and newer)
1819  *  Inject event with insn length=0 (Skylake and newer)
1820  *  Conceal non-root operation from PT
1821  *  Conceal VM exits from PT
1822  *  Conceal VM entries from PT
1823  *  Enable ENCLS exiting
1824  *  Mode-based execute control (XS/XU)
1825  s  TSC scaling (Skylake Server and newer)
1826  *  GPA translation for PT (IceLake and newer)
1827  *  User wait and pause
1828  *  ENCLV exiting
1829  *  Load IA32_RTIT_CTL
1830  *  Clear IA32_RTIT_CTL
1831  *  Advanced VM-exit information for EPT violations
1832  *  Sub-page write permissions
1833  *  PT in VMX operation
1834  */
1835 
1836 static const X86CPUDefinition builtin_x86_defs[] = {
1837     {
1838         .name = "qemu64",
1839         .level = 0xd,
1840         .vendor = CPUID_VENDOR_AMD,
1841         .family = 15,
1842         .model = 107,
1843         .stepping = 1,
1844         .features[FEAT_1_EDX] =
1845             PPRO_FEATURES |
1846             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA |
1847             CPUID_PSE36,
1848         .features[FEAT_1_ECX] =
1849             CPUID_EXT_SSE3 | CPUID_EXT_CX16,
1850         .features[FEAT_8000_0001_EDX] =
1851             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX,
1852         .features[FEAT_8000_0001_ECX] =
1853             CPUID_EXT3_LAHF_LM | CPUID_EXT3_SVM,
1854         .xlevel = 0x8000000A,
1855         .model_id = "QEMU Virtual CPU version " QEMU_HW_VERSION,
1856     },
1857     {
1858         .name = "phenom",
1859         .level = 5,
1860         .vendor = CPUID_VENDOR_AMD,
1861         .family = 16,
1862         .model = 2,
1863         .stepping = 3,
1864         /* Missing: CPUID_HT */
1865         .features[FEAT_1_EDX] =
1866             PPRO_FEATURES |
1867             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA |
1868             CPUID_PSE36 | CPUID_VME,
1869         .features[FEAT_1_ECX] =
1870             CPUID_EXT_SSE3 | CPUID_EXT_MONITOR | CPUID_EXT_CX16 |
1871             CPUID_EXT_POPCNT,
1872         .features[FEAT_8000_0001_EDX] =
1873             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX |
1874             CPUID_EXT2_3DNOW | CPUID_EXT2_3DNOWEXT | CPUID_EXT2_MMXEXT |
1875             CPUID_EXT2_FFXSR | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP,
1876         /* Missing: CPUID_EXT3_CMP_LEG, CPUID_EXT3_EXTAPIC,
1877                     CPUID_EXT3_CR8LEG,
1878                     CPUID_EXT3_MISALIGNSSE, CPUID_EXT3_3DNOWPREFETCH,
1879                     CPUID_EXT3_OSVW, CPUID_EXT3_IBS */
1880         .features[FEAT_8000_0001_ECX] =
1881             CPUID_EXT3_LAHF_LM | CPUID_EXT3_SVM |
1882             CPUID_EXT3_ABM | CPUID_EXT3_SSE4A,
1883         /* Missing: CPUID_SVM_LBRV */
1884         .features[FEAT_SVM] =
1885             CPUID_SVM_NPT,
1886         .xlevel = 0x8000001A,
1887         .model_id = "AMD Phenom(tm) 9550 Quad-Core Processor"
1888     },
1889     {
1890         .name = "core2duo",
1891         .level = 10,
1892         .vendor = CPUID_VENDOR_INTEL,
1893         .family = 6,
1894         .model = 15,
1895         .stepping = 11,
1896         /* Missing: CPUID_DTS, CPUID_HT, CPUID_TM, CPUID_PBE */
1897         .features[FEAT_1_EDX] =
1898             PPRO_FEATURES |
1899             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA |
1900             CPUID_PSE36 | CPUID_VME | CPUID_ACPI | CPUID_SS,
1901         /* Missing: CPUID_EXT_DTES64, CPUID_EXT_DSCPL, CPUID_EXT_EST,
1902          * CPUID_EXT_TM2, CPUID_EXT_XTPR, CPUID_EXT_PDCM, CPUID_EXT_VMX */
1903         .features[FEAT_1_ECX] =
1904             CPUID_EXT_SSE3 | CPUID_EXT_MONITOR | CPUID_EXT_SSSE3 |
1905             CPUID_EXT_CX16,
1906         .features[FEAT_8000_0001_EDX] =
1907             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX,
1908         .features[FEAT_8000_0001_ECX] =
1909             CPUID_EXT3_LAHF_LM,
1910         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS,
1911         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE,
1912         .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT,
1913         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
1914         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
1915              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS,
1916         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
1917              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
1918              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
1919              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
1920              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
1921              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
1922              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
1923              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
1924              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
1925              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
1926         .features[FEAT_VMX_SECONDARY_CTLS] =
1927              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES,
1928         .xlevel = 0x80000008,
1929         .model_id = "Intel(R) Core(TM)2 Duo CPU     T7700  @ 2.40GHz",
1930     },
1931     {
1932         .name = "kvm64",
1933         .level = 0xd,
1934         .vendor = CPUID_VENDOR_INTEL,
1935         .family = 15,
1936         .model = 6,
1937         .stepping = 1,
1938         /* Missing: CPUID_HT */
1939         .features[FEAT_1_EDX] =
1940             PPRO_FEATURES | CPUID_VME |
1941             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA |
1942             CPUID_PSE36,
1943         /* Missing: CPUID_EXT_POPCNT, CPUID_EXT_MONITOR */
1944         .features[FEAT_1_ECX] =
1945             CPUID_EXT_SSE3 | CPUID_EXT_CX16,
1946         /* Missing: CPUID_EXT2_PDPE1GB, CPUID_EXT2_RDTSCP */
1947         .features[FEAT_8000_0001_EDX] =
1948             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX,
1949         /* Missing: CPUID_EXT3_LAHF_LM, CPUID_EXT3_CMP_LEG, CPUID_EXT3_EXTAPIC,
1950                     CPUID_EXT3_CR8LEG, CPUID_EXT3_ABM, CPUID_EXT3_SSE4A,
1951                     CPUID_EXT3_MISALIGNSSE, CPUID_EXT3_3DNOWPREFETCH,
1952                     CPUID_EXT3_OSVW, CPUID_EXT3_IBS, CPUID_EXT3_SVM */
1953         .features[FEAT_8000_0001_ECX] =
1954             0,
1955         /* VMX features from Cedar Mill/Prescott */
1956         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE,
1957         .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT,
1958         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
1959         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
1960              VMX_PIN_BASED_NMI_EXITING,
1961         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
1962              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
1963              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
1964              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
1965              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
1966              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
1967              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
1968              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING,
1969         .xlevel = 0x80000008,
1970         .model_id = "Common KVM processor"
1971     },
1972     {
1973         .name = "qemu32",
1974         .level = 4,
1975         .vendor = CPUID_VENDOR_INTEL,
1976         .family = 6,
1977         .model = 6,
1978         .stepping = 3,
1979         .features[FEAT_1_EDX] =
1980             PPRO_FEATURES,
1981         .features[FEAT_1_ECX] =
1982             CPUID_EXT_SSE3,
1983         .xlevel = 0x80000004,
1984         .model_id = "QEMU Virtual CPU version " QEMU_HW_VERSION,
1985     },
1986     {
1987         .name = "kvm32",
1988         .level = 5,
1989         .vendor = CPUID_VENDOR_INTEL,
1990         .family = 15,
1991         .model = 6,
1992         .stepping = 1,
1993         .features[FEAT_1_EDX] =
1994             PPRO_FEATURES | CPUID_VME |
1995             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA | CPUID_PSE36,
1996         .features[FEAT_1_ECX] =
1997             CPUID_EXT_SSE3,
1998         .features[FEAT_8000_0001_ECX] =
1999             0,
2000         /* VMX features from Yonah */
2001         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE,
2002         .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT,
2003         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
2004         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2005              VMX_PIN_BASED_NMI_EXITING,
2006         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2007              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2008              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2009              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2010              VMX_CPU_BASED_MOV_DR_EXITING | VMX_CPU_BASED_UNCOND_IO_EXITING |
2011              VMX_CPU_BASED_USE_IO_BITMAPS | VMX_CPU_BASED_MONITOR_EXITING |
2012              VMX_CPU_BASED_PAUSE_EXITING | VMX_CPU_BASED_USE_MSR_BITMAPS,
2013         .xlevel = 0x80000008,
2014         .model_id = "Common 32-bit KVM processor"
2015     },
2016     {
2017         .name = "coreduo",
2018         .level = 10,
2019         .vendor = CPUID_VENDOR_INTEL,
2020         .family = 6,
2021         .model = 14,
2022         .stepping = 8,
2023         /* Missing: CPUID_DTS, CPUID_HT, CPUID_TM, CPUID_PBE */
2024         .features[FEAT_1_EDX] =
2025             PPRO_FEATURES | CPUID_VME |
2026             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA | CPUID_ACPI |
2027             CPUID_SS,
2028         /* Missing: CPUID_EXT_EST, CPUID_EXT_TM2 , CPUID_EXT_XTPR,
2029          * CPUID_EXT_PDCM, CPUID_EXT_VMX */
2030         .features[FEAT_1_ECX] =
2031             CPUID_EXT_SSE3 | CPUID_EXT_MONITOR,
2032         .features[FEAT_8000_0001_EDX] =
2033             CPUID_EXT2_NX,
2034         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE,
2035         .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT,
2036         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
2037         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2038              VMX_PIN_BASED_NMI_EXITING,
2039         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2040              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2041              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2042              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2043              VMX_CPU_BASED_MOV_DR_EXITING | VMX_CPU_BASED_UNCOND_IO_EXITING |
2044              VMX_CPU_BASED_USE_IO_BITMAPS | VMX_CPU_BASED_MONITOR_EXITING |
2045              VMX_CPU_BASED_PAUSE_EXITING | VMX_CPU_BASED_USE_MSR_BITMAPS,
2046         .xlevel = 0x80000008,
2047         .model_id = "Genuine Intel(R) CPU           T2600  @ 2.16GHz",
2048     },
2049     {
2050         .name = "486",
2051         .level = 1,
2052         .vendor = CPUID_VENDOR_INTEL,
2053         .family = 4,
2054         .model = 8,
2055         .stepping = 0,
2056         .features[FEAT_1_EDX] =
2057             I486_FEATURES,
2058         .xlevel = 0,
2059         .model_id = "",
2060     },
2061     {
2062         .name = "pentium",
2063         .level = 1,
2064         .vendor = CPUID_VENDOR_INTEL,
2065         .family = 5,
2066         .model = 4,
2067         .stepping = 3,
2068         .features[FEAT_1_EDX] =
2069             PENTIUM_FEATURES,
2070         .xlevel = 0,
2071         .model_id = "",
2072     },
2073     {
2074         .name = "pentium2",
2075         .level = 2,
2076         .vendor = CPUID_VENDOR_INTEL,
2077         .family = 6,
2078         .model = 5,
2079         .stepping = 2,
2080         .features[FEAT_1_EDX] =
2081             PENTIUM2_FEATURES,
2082         .xlevel = 0,
2083         .model_id = "",
2084     },
2085     {
2086         .name = "pentium3",
2087         .level = 3,
2088         .vendor = CPUID_VENDOR_INTEL,
2089         .family = 6,
2090         .model = 7,
2091         .stepping = 3,
2092         .features[FEAT_1_EDX] =
2093             PENTIUM3_FEATURES,
2094         .xlevel = 0,
2095         .model_id = "",
2096     },
2097     {
2098         .name = "athlon",
2099         .level = 2,
2100         .vendor = CPUID_VENDOR_AMD,
2101         .family = 6,
2102         .model = 2,
2103         .stepping = 3,
2104         .features[FEAT_1_EDX] =
2105             PPRO_FEATURES | CPUID_PSE36 | CPUID_VME | CPUID_MTRR |
2106             CPUID_MCA,
2107         .features[FEAT_8000_0001_EDX] =
2108             CPUID_EXT2_MMXEXT | CPUID_EXT2_3DNOW | CPUID_EXT2_3DNOWEXT,
2109         .xlevel = 0x80000008,
2110         .model_id = "QEMU Virtual CPU version " QEMU_HW_VERSION,
2111     },
2112     {
2113         .name = "n270",
2114         .level = 10,
2115         .vendor = CPUID_VENDOR_INTEL,
2116         .family = 6,
2117         .model = 28,
2118         .stepping = 2,
2119         /* Missing: CPUID_DTS, CPUID_HT, CPUID_TM, CPUID_PBE */
2120         .features[FEAT_1_EDX] =
2121             PPRO_FEATURES |
2122             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA | CPUID_VME |
2123             CPUID_ACPI | CPUID_SS,
2124             /* Some CPUs got no CPUID_SEP */
2125         /* Missing: CPUID_EXT_DSCPL, CPUID_EXT_EST, CPUID_EXT_TM2,
2126          * CPUID_EXT_XTPR */
2127         .features[FEAT_1_ECX] =
2128             CPUID_EXT_SSE3 | CPUID_EXT_MONITOR | CPUID_EXT_SSSE3 |
2129             CPUID_EXT_MOVBE,
2130         .features[FEAT_8000_0001_EDX] =
2131             CPUID_EXT2_NX,
2132         .features[FEAT_8000_0001_ECX] =
2133             CPUID_EXT3_LAHF_LM,
2134         .xlevel = 0x80000008,
2135         .model_id = "Intel(R) Atom(TM) CPU N270   @ 1.60GHz",
2136     },
2137     {
2138         .name = "Conroe",
2139         .level = 10,
2140         .vendor = CPUID_VENDOR_INTEL,
2141         .family = 6,
2142         .model = 15,
2143         .stepping = 3,
2144         .features[FEAT_1_EDX] =
2145             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2146             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2147             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2148             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2149             CPUID_DE | CPUID_FP87,
2150         .features[FEAT_1_ECX] =
2151             CPUID_EXT_SSSE3 | CPUID_EXT_SSE3,
2152         .features[FEAT_8000_0001_EDX] =
2153             CPUID_EXT2_LM | CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
2154         .features[FEAT_8000_0001_ECX] =
2155             CPUID_EXT3_LAHF_LM,
2156         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS,
2157         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE,
2158         .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT,
2159         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
2160         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2161              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS,
2162         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2163              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2164              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2165              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2166              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2167              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2168              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2169              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2170              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2171              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2172         .features[FEAT_VMX_SECONDARY_CTLS] =
2173              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES,
2174         .xlevel = 0x80000008,
2175         .model_id = "Intel Celeron_4x0 (Conroe/Merom Class Core 2)",
2176     },
2177     {
2178         .name = "Penryn",
2179         .level = 10,
2180         .vendor = CPUID_VENDOR_INTEL,
2181         .family = 6,
2182         .model = 23,
2183         .stepping = 3,
2184         .features[FEAT_1_EDX] =
2185             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2186             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2187             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2188             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2189             CPUID_DE | CPUID_FP87,
2190         .features[FEAT_1_ECX] =
2191             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
2192             CPUID_EXT_SSE3,
2193         .features[FEAT_8000_0001_EDX] =
2194             CPUID_EXT2_LM | CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
2195         .features[FEAT_8000_0001_ECX] =
2196             CPUID_EXT3_LAHF_LM,
2197         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS,
2198         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2199              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL,
2200         .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT |
2201              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL,
2202         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
2203         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2204              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS,
2205         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2206              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2207              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2208              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2209              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2210              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2211              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2212              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2213              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2214              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2215         .features[FEAT_VMX_SECONDARY_CTLS] =
2216              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2217              VMX_SECONDARY_EXEC_WBINVD_EXITING,
2218         .xlevel = 0x80000008,
2219         .model_id = "Intel Core 2 Duo P9xxx (Penryn Class Core 2)",
2220     },
2221     {
2222         .name = "Nehalem",
2223         .level = 11,
2224         .vendor = CPUID_VENDOR_INTEL,
2225         .family = 6,
2226         .model = 26,
2227         .stepping = 3,
2228         .features[FEAT_1_EDX] =
2229             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2230             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2231             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2232             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2233             CPUID_DE | CPUID_FP87,
2234         .features[FEAT_1_ECX] =
2235             CPUID_EXT_POPCNT | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
2236             CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | CPUID_EXT_SSE3,
2237         .features[FEAT_8000_0001_EDX] =
2238             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX,
2239         .features[FEAT_8000_0001_ECX] =
2240             CPUID_EXT3_LAHF_LM,
2241         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2242              MSR_VMX_BASIC_TRUE_CTLS,
2243         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2244              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2245              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2246         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2247              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2248              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2249              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2250              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2251              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2252              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS,
2253         .features[FEAT_VMX_EXIT_CTLS] =
2254              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2255              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2256              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2257              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2258              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2259         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
2260         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2261              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2262              VMX_PIN_BASED_VMX_PREEMPTION_TIMER,
2263         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2264              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2265              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2266              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2267              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2268              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2269              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2270              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2271              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2272              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2273              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2274              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2275         .features[FEAT_VMX_SECONDARY_CTLS] =
2276              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2277              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2278              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2279              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
2280              VMX_SECONDARY_EXEC_ENABLE_VPID,
2281         .xlevel = 0x80000008,
2282         .model_id = "Intel Core i7 9xx (Nehalem Class Core i7)",
2283         .versions = (X86CPUVersionDefinition[]) {
2284             { .version = 1 },
2285             {
2286                 .version = 2,
2287                 .alias = "Nehalem-IBRS",
2288                 .props = (PropValue[]) {
2289                     { "spec-ctrl", "on" },
2290                     { "model-id",
2291                       "Intel Core i7 9xx (Nehalem Core i7, IBRS update)" },
2292                     { /* end of list */ }
2293                 }
2294             },
2295             { /* end of list */ }
2296         }
2297     },
2298     {
2299         .name = "Westmere",
2300         .level = 11,
2301         .vendor = CPUID_VENDOR_INTEL,
2302         .family = 6,
2303         .model = 44,
2304         .stepping = 1,
2305         .features[FEAT_1_EDX] =
2306             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2307             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2308             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2309             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2310             CPUID_DE | CPUID_FP87,
2311         .features[FEAT_1_ECX] =
2312             CPUID_EXT_AES | CPUID_EXT_POPCNT | CPUID_EXT_SSE42 |
2313             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
2314             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3,
2315         .features[FEAT_8000_0001_EDX] =
2316             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX,
2317         .features[FEAT_8000_0001_ECX] =
2318             CPUID_EXT3_LAHF_LM,
2319         .features[FEAT_6_EAX] =
2320             CPUID_6_EAX_ARAT,
2321         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2322              MSR_VMX_BASIC_TRUE_CTLS,
2323         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2324              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2325              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2326         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2327              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2328              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2329              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2330              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2331              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2332              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS,
2333         .features[FEAT_VMX_EXIT_CTLS] =
2334              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2335              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2336              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2337              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2338              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2339         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
2340              MSR_VMX_MISC_STORE_LMA,
2341         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2342              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2343              VMX_PIN_BASED_VMX_PREEMPTION_TIMER,
2344         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2345              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2346              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2347              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2348              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2349              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2350              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2351              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2352              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2353              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2354              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2355              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2356         .features[FEAT_VMX_SECONDARY_CTLS] =
2357              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2358              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2359              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2360              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
2361              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST,
2362         .xlevel = 0x80000008,
2363         .model_id = "Westmere E56xx/L56xx/X56xx (Nehalem-C)",
2364         .versions = (X86CPUVersionDefinition[]) {
2365             { .version = 1 },
2366             {
2367                 .version = 2,
2368                 .alias = "Westmere-IBRS",
2369                 .props = (PropValue[]) {
2370                     { "spec-ctrl", "on" },
2371                     { "model-id",
2372                       "Westmere E56xx/L56xx/X56xx (IBRS update)" },
2373                     { /* end of list */ }
2374                 }
2375             },
2376             { /* end of list */ }
2377         }
2378     },
2379     {
2380         .name = "SandyBridge",
2381         .level = 0xd,
2382         .vendor = CPUID_VENDOR_INTEL,
2383         .family = 6,
2384         .model = 42,
2385         .stepping = 1,
2386         .features[FEAT_1_EDX] =
2387             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2388             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2389             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2390             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2391             CPUID_DE | CPUID_FP87,
2392         .features[FEAT_1_ECX] =
2393             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
2394             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_POPCNT |
2395             CPUID_EXT_X2APIC | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
2396             CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | CPUID_EXT_PCLMULQDQ |
2397             CPUID_EXT_SSE3,
2398         .features[FEAT_8000_0001_EDX] =
2399             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
2400             CPUID_EXT2_SYSCALL,
2401         .features[FEAT_8000_0001_ECX] =
2402             CPUID_EXT3_LAHF_LM,
2403         .features[FEAT_XSAVE] =
2404             CPUID_XSAVE_XSAVEOPT,
2405         .features[FEAT_6_EAX] =
2406             CPUID_6_EAX_ARAT,
2407         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2408              MSR_VMX_BASIC_TRUE_CTLS,
2409         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2410              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2411              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2412         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2413              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2414              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2415              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2416              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2417              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2418              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS,
2419         .features[FEAT_VMX_EXIT_CTLS] =
2420              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2421              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2422              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2423              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2424              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2425         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
2426              MSR_VMX_MISC_STORE_LMA,
2427         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2428              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2429              VMX_PIN_BASED_VMX_PREEMPTION_TIMER,
2430         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2431              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2432              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2433              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2434              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2435              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2436              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2437              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2438              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2439              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2440              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2441              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2442         .features[FEAT_VMX_SECONDARY_CTLS] =
2443              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2444              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2445              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2446              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
2447              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST,
2448         .xlevel = 0x80000008,
2449         .model_id = "Intel Xeon E312xx (Sandy Bridge)",
2450         .versions = (X86CPUVersionDefinition[]) {
2451             { .version = 1 },
2452             {
2453                 .version = 2,
2454                 .alias = "SandyBridge-IBRS",
2455                 .props = (PropValue[]) {
2456                     { "spec-ctrl", "on" },
2457                     { "model-id",
2458                       "Intel Xeon E312xx (Sandy Bridge, IBRS update)" },
2459                     { /* end of list */ }
2460                 }
2461             },
2462             { /* end of list */ }
2463         }
2464     },
2465     {
2466         .name = "IvyBridge",
2467         .level = 0xd,
2468         .vendor = CPUID_VENDOR_INTEL,
2469         .family = 6,
2470         .model = 58,
2471         .stepping = 9,
2472         .features[FEAT_1_EDX] =
2473             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2474             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2475             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2476             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2477             CPUID_DE | CPUID_FP87,
2478         .features[FEAT_1_ECX] =
2479             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
2480             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_POPCNT |
2481             CPUID_EXT_X2APIC | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
2482             CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | CPUID_EXT_PCLMULQDQ |
2483             CPUID_EXT_SSE3 | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
2484         .features[FEAT_7_0_EBX] =
2485             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_SMEP |
2486             CPUID_7_0_EBX_ERMS,
2487         .features[FEAT_8000_0001_EDX] =
2488             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
2489             CPUID_EXT2_SYSCALL,
2490         .features[FEAT_8000_0001_ECX] =
2491             CPUID_EXT3_LAHF_LM,
2492         .features[FEAT_XSAVE] =
2493             CPUID_XSAVE_XSAVEOPT,
2494         .features[FEAT_6_EAX] =
2495             CPUID_6_EAX_ARAT,
2496         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2497              MSR_VMX_BASIC_TRUE_CTLS,
2498         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2499              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2500              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2501         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2502              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2503              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2504              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2505              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2506              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2507              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS,
2508         .features[FEAT_VMX_EXIT_CTLS] =
2509              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2510              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2511              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2512              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2513              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2514         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
2515              MSR_VMX_MISC_STORE_LMA,
2516         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2517              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2518              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
2519         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2520              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2521              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2522              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2523              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2524              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2525              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2526              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2527              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2528              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2529              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2530              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2531         .features[FEAT_VMX_SECONDARY_CTLS] =
2532              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2533              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2534              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2535              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
2536              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
2537              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
2538              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
2539              VMX_SECONDARY_EXEC_RDRAND_EXITING,
2540         .xlevel = 0x80000008,
2541         .model_id = "Intel Xeon E3-12xx v2 (Ivy Bridge)",
2542         .versions = (X86CPUVersionDefinition[]) {
2543             { .version = 1 },
2544             {
2545                 .version = 2,
2546                 .alias = "IvyBridge-IBRS",
2547                 .props = (PropValue[]) {
2548                     { "spec-ctrl", "on" },
2549                     { "model-id",
2550                       "Intel Xeon E3-12xx v2 (Ivy Bridge, IBRS)" },
2551                     { /* end of list */ }
2552                 }
2553             },
2554             { /* end of list */ }
2555         }
2556     },
2557     {
2558         .name = "Haswell",
2559         .level = 0xd,
2560         .vendor = CPUID_VENDOR_INTEL,
2561         .family = 6,
2562         .model = 60,
2563         .stepping = 4,
2564         .features[FEAT_1_EDX] =
2565             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2566             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2567             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2568             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2569             CPUID_DE | CPUID_FP87,
2570         .features[FEAT_1_ECX] =
2571             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
2572             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
2573             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
2574             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
2575             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
2576             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
2577         .features[FEAT_8000_0001_EDX] =
2578             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
2579             CPUID_EXT2_SYSCALL,
2580         .features[FEAT_8000_0001_ECX] =
2581             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM,
2582         .features[FEAT_7_0_EBX] =
2583             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
2584             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
2585             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
2586             CPUID_7_0_EBX_RTM,
2587         .features[FEAT_XSAVE] =
2588             CPUID_XSAVE_XSAVEOPT,
2589         .features[FEAT_6_EAX] =
2590             CPUID_6_EAX_ARAT,
2591         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2592              MSR_VMX_BASIC_TRUE_CTLS,
2593         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2594              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2595              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2596         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2597              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2598              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2599              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2600              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2601              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2602              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
2603         .features[FEAT_VMX_EXIT_CTLS] =
2604              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2605              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2606              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2607              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2608              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2609         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
2610              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
2611         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2612              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2613              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
2614         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2615              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2616              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2617              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2618              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2619              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2620              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2621              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2622              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2623              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2624              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2625              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2626         .features[FEAT_VMX_SECONDARY_CTLS] =
2627              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2628              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2629              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2630              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
2631              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
2632              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
2633              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
2634              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
2635              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS,
2636         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
2637         .xlevel = 0x80000008,
2638         .model_id = "Intel Core Processor (Haswell)",
2639         .versions = (X86CPUVersionDefinition[]) {
2640             { .version = 1 },
2641             {
2642                 .version = 2,
2643                 .alias = "Haswell-noTSX",
2644                 .props = (PropValue[]) {
2645                     { "hle", "off" },
2646                     { "rtm", "off" },
2647                     { "stepping", "1" },
2648                     { "model-id", "Intel Core Processor (Haswell, no TSX)", },
2649                     { /* end of list */ }
2650                 },
2651             },
2652             {
2653                 .version = 3,
2654                 .alias = "Haswell-IBRS",
2655                 .props = (PropValue[]) {
2656                     /* Restore TSX features removed by -v2 above */
2657                     { "hle", "on" },
2658                     { "rtm", "on" },
2659                     /*
2660                      * Haswell and Haswell-IBRS had stepping=4 in
2661                      * QEMU 4.0 and older
2662                      */
2663                     { "stepping", "4" },
2664                     { "spec-ctrl", "on" },
2665                     { "model-id",
2666                       "Intel Core Processor (Haswell, IBRS)" },
2667                     { /* end of list */ }
2668                 }
2669             },
2670             {
2671                 .version = 4,
2672                 .alias = "Haswell-noTSX-IBRS",
2673                 .props = (PropValue[]) {
2674                     { "hle", "off" },
2675                     { "rtm", "off" },
2676                     /* spec-ctrl was already enabled by -v3 above */
2677                     { "stepping", "1" },
2678                     { "model-id",
2679                       "Intel Core Processor (Haswell, no TSX, IBRS)" },
2680                     { /* end of list */ }
2681                 }
2682             },
2683             { /* end of list */ }
2684         }
2685     },
2686     {
2687         .name = "Broadwell",
2688         .level = 0xd,
2689         .vendor = CPUID_VENDOR_INTEL,
2690         .family = 6,
2691         .model = 61,
2692         .stepping = 2,
2693         .features[FEAT_1_EDX] =
2694             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2695             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2696             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2697             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2698             CPUID_DE | CPUID_FP87,
2699         .features[FEAT_1_ECX] =
2700             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
2701             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
2702             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
2703             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
2704             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
2705             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
2706         .features[FEAT_8000_0001_EDX] =
2707             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
2708             CPUID_EXT2_SYSCALL,
2709         .features[FEAT_8000_0001_ECX] =
2710             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
2711         .features[FEAT_7_0_EBX] =
2712             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
2713             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
2714             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
2715             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
2716             CPUID_7_0_EBX_SMAP,
2717         .features[FEAT_XSAVE] =
2718             CPUID_XSAVE_XSAVEOPT,
2719         .features[FEAT_6_EAX] =
2720             CPUID_6_EAX_ARAT,
2721         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2722              MSR_VMX_BASIC_TRUE_CTLS,
2723         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2724              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2725              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2726         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2727              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2728              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2729              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2730              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2731              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2732              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
2733         .features[FEAT_VMX_EXIT_CTLS] =
2734              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2735              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2736              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2737              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2738              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2739         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
2740              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
2741         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2742              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2743              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
2744         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2745              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2746              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2747              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2748              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2749              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2750              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2751              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2752              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2753              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2754              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2755              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2756         .features[FEAT_VMX_SECONDARY_CTLS] =
2757              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2758              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2759              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2760              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
2761              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
2762              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
2763              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
2764              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
2765              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
2766              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
2767         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
2768         .xlevel = 0x80000008,
2769         .model_id = "Intel Core Processor (Broadwell)",
2770         .versions = (X86CPUVersionDefinition[]) {
2771             { .version = 1 },
2772             {
2773                 .version = 2,
2774                 .alias = "Broadwell-noTSX",
2775                 .props = (PropValue[]) {
2776                     { "hle", "off" },
2777                     { "rtm", "off" },
2778                     { "model-id", "Intel Core Processor (Broadwell, no TSX)", },
2779                     { /* end of list */ }
2780                 },
2781             },
2782             {
2783                 .version = 3,
2784                 .alias = "Broadwell-IBRS",
2785                 .props = (PropValue[]) {
2786                     /* Restore TSX features removed by -v2 above */
2787                     { "hle", "on" },
2788                     { "rtm", "on" },
2789                     { "spec-ctrl", "on" },
2790                     { "model-id",
2791                       "Intel Core Processor (Broadwell, IBRS)" },
2792                     { /* end of list */ }
2793                 }
2794             },
2795             {
2796                 .version = 4,
2797                 .alias = "Broadwell-noTSX-IBRS",
2798                 .props = (PropValue[]) {
2799                     { "hle", "off" },
2800                     { "rtm", "off" },
2801                     /* spec-ctrl was already enabled by -v3 above */
2802                     { "model-id",
2803                       "Intel Core Processor (Broadwell, no TSX, IBRS)" },
2804                     { /* end of list */ }
2805                 }
2806             },
2807             { /* end of list */ }
2808         }
2809     },
2810     {
2811         .name = "Skylake-Client",
2812         .level = 0xd,
2813         .vendor = CPUID_VENDOR_INTEL,
2814         .family = 6,
2815         .model = 94,
2816         .stepping = 3,
2817         .features[FEAT_1_EDX] =
2818             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2819             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2820             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2821             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2822             CPUID_DE | CPUID_FP87,
2823         .features[FEAT_1_ECX] =
2824             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
2825             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
2826             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
2827             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
2828             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
2829             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
2830         .features[FEAT_8000_0001_EDX] =
2831             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
2832             CPUID_EXT2_SYSCALL,
2833         .features[FEAT_8000_0001_ECX] =
2834             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
2835         .features[FEAT_7_0_EBX] =
2836             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
2837             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
2838             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
2839             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
2840             CPUID_7_0_EBX_SMAP,
2841         /* XSAVES is added in version 4 */
2842         .features[FEAT_XSAVE] =
2843             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
2844             CPUID_XSAVE_XGETBV1,
2845         .features[FEAT_6_EAX] =
2846             CPUID_6_EAX_ARAT,
2847         /* Missing: Mode-based execute control (XS/XU), processor tracing, TSC scaling */
2848         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2849              MSR_VMX_BASIC_TRUE_CTLS,
2850         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2851              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2852              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2853         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2854              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2855              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2856              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2857              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2858              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2859              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
2860         .features[FEAT_VMX_EXIT_CTLS] =
2861              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2862              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2863              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2864              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2865              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2866         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
2867              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
2868         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2869              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2870              VMX_PIN_BASED_VMX_PREEMPTION_TIMER,
2871         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2872              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2873              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2874              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2875              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2876              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2877              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2878              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2879              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2880              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2881              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2882              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2883         .features[FEAT_VMX_SECONDARY_CTLS] =
2884              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2885              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2886              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2887              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
2888              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
2889              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
2890              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
2891         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
2892         .xlevel = 0x80000008,
2893         .model_id = "Intel Core Processor (Skylake)",
2894         .versions = (X86CPUVersionDefinition[]) {
2895             { .version = 1 },
2896             {
2897                 .version = 2,
2898                 .alias = "Skylake-Client-IBRS",
2899                 .props = (PropValue[]) {
2900                     { "spec-ctrl", "on" },
2901                     { "model-id",
2902                       "Intel Core Processor (Skylake, IBRS)" },
2903                     { /* end of list */ }
2904                 }
2905             },
2906             {
2907                 .version = 3,
2908                 .alias = "Skylake-Client-noTSX-IBRS",
2909                 .props = (PropValue[]) {
2910                     { "hle", "off" },
2911                     { "rtm", "off" },
2912                     { "model-id",
2913                       "Intel Core Processor (Skylake, IBRS, no TSX)" },
2914                     { /* end of list */ }
2915                 }
2916             },
2917             {
2918                 .version = 4,
2919                 .note = "IBRS, XSAVES, no TSX",
2920                 .props = (PropValue[]) {
2921                     { "xsaves", "on" },
2922                     { "vmx-xsaves", "on" },
2923                     { /* end of list */ }
2924                 }
2925             },
2926             { /* end of list */ }
2927         }
2928     },
2929     {
2930         .name = "Skylake-Server",
2931         .level = 0xd,
2932         .vendor = CPUID_VENDOR_INTEL,
2933         .family = 6,
2934         .model = 85,
2935         .stepping = 4,
2936         .features[FEAT_1_EDX] =
2937             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2938             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2939             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2940             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2941             CPUID_DE | CPUID_FP87,
2942         .features[FEAT_1_ECX] =
2943             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
2944             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
2945             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
2946             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
2947             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
2948             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
2949         .features[FEAT_8000_0001_EDX] =
2950             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
2951             CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
2952         .features[FEAT_8000_0001_ECX] =
2953             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
2954         .features[FEAT_7_0_EBX] =
2955             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
2956             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
2957             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
2958             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
2959             CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLWB |
2960             CPUID_7_0_EBX_AVX512F | CPUID_7_0_EBX_AVX512DQ |
2961             CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512CD |
2962             CPUID_7_0_EBX_AVX512VL | CPUID_7_0_EBX_CLFLUSHOPT,
2963         .features[FEAT_7_0_ECX] =
2964             CPUID_7_0_ECX_PKU,
2965         /* XSAVES is added in version 5 */
2966         .features[FEAT_XSAVE] =
2967             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
2968             CPUID_XSAVE_XGETBV1,
2969         .features[FEAT_6_EAX] =
2970             CPUID_6_EAX_ARAT,
2971         /* Missing: Mode-based execute control (XS/XU), processor tracing, TSC scaling */
2972         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2973              MSR_VMX_BASIC_TRUE_CTLS,
2974         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2975              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2976              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2977         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2978              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2979              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2980              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2981              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2982              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2983              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
2984         .features[FEAT_VMX_EXIT_CTLS] =
2985              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2986              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2987              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2988              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2989              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2990         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
2991              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
2992         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2993              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2994              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
2995         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2996              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2997              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2998              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2999              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3000              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3001              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3002              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3003              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3004              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3005              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3006              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3007         .features[FEAT_VMX_SECONDARY_CTLS] =
3008              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3009              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3010              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3011              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3012              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3013              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
3014              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
3015              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3016              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
3017              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
3018         .xlevel = 0x80000008,
3019         .model_id = "Intel Xeon Processor (Skylake)",
3020         .versions = (X86CPUVersionDefinition[]) {
3021             { .version = 1 },
3022             {
3023                 .version = 2,
3024                 .alias = "Skylake-Server-IBRS",
3025                 .props = (PropValue[]) {
3026                     /* clflushopt was not added to Skylake-Server-IBRS */
3027                     /* TODO: add -v3 including clflushopt */
3028                     { "clflushopt", "off" },
3029                     { "spec-ctrl", "on" },
3030                     { "model-id",
3031                       "Intel Xeon Processor (Skylake, IBRS)" },
3032                     { /* end of list */ }
3033                 }
3034             },
3035             {
3036                 .version = 3,
3037                 .alias = "Skylake-Server-noTSX-IBRS",
3038                 .props = (PropValue[]) {
3039                     { "hle", "off" },
3040                     { "rtm", "off" },
3041                     { "model-id",
3042                       "Intel Xeon Processor (Skylake, IBRS, no TSX)" },
3043                     { /* end of list */ }
3044                 }
3045             },
3046             {
3047                 .version = 4,
3048                 .props = (PropValue[]) {
3049                     { "vmx-eptp-switching", "on" },
3050                     { /* end of list */ }
3051                 }
3052             },
3053             {
3054                 .version = 5,
3055                 .note = "IBRS, XSAVES, EPT switching, no TSX",
3056                 .props = (PropValue[]) {
3057                     { "xsaves", "on" },
3058                     { "vmx-xsaves", "on" },
3059                     { /* end of list */ }
3060                 }
3061             },
3062             { /* end of list */ }
3063         }
3064     },
3065     {
3066         .name = "Cascadelake-Server",
3067         .level = 0xd,
3068         .vendor = CPUID_VENDOR_INTEL,
3069         .family = 6,
3070         .model = 85,
3071         .stepping = 6,
3072         .features[FEAT_1_EDX] =
3073             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3074             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3075             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3076             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3077             CPUID_DE | CPUID_FP87,
3078         .features[FEAT_1_ECX] =
3079             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
3080             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
3081             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
3082             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
3083             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
3084             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
3085         .features[FEAT_8000_0001_EDX] =
3086             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
3087             CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
3088         .features[FEAT_8000_0001_ECX] =
3089             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
3090         .features[FEAT_7_0_EBX] =
3091             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
3092             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
3093             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
3094             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
3095             CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLWB |
3096             CPUID_7_0_EBX_AVX512F | CPUID_7_0_EBX_AVX512DQ |
3097             CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512CD |
3098             CPUID_7_0_EBX_AVX512VL | CPUID_7_0_EBX_CLFLUSHOPT,
3099         .features[FEAT_7_0_ECX] =
3100             CPUID_7_0_ECX_PKU |
3101             CPUID_7_0_ECX_AVX512VNNI,
3102         .features[FEAT_7_0_EDX] =
3103             CPUID_7_0_EDX_SPEC_CTRL | CPUID_7_0_EDX_SPEC_CTRL_SSBD,
3104         /* XSAVES is added in version 5 */
3105         .features[FEAT_XSAVE] =
3106             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
3107             CPUID_XSAVE_XGETBV1,
3108         .features[FEAT_6_EAX] =
3109             CPUID_6_EAX_ARAT,
3110         /* Missing: Mode-based execute control (XS/XU), processor tracing, TSC scaling */
3111         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
3112              MSR_VMX_BASIC_TRUE_CTLS,
3113         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
3114              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
3115              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
3116         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
3117              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
3118              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
3119              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3120              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3121              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3122              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
3123         .features[FEAT_VMX_EXIT_CTLS] =
3124              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3125              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3126              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
3127              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3128              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3129         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
3130              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
3131         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
3132              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
3133              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
3134         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3135              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3136              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3137              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3138              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3139              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3140              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3141              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3142              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3143              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3144              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3145              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3146         .features[FEAT_VMX_SECONDARY_CTLS] =
3147              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3148              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3149              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3150              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3151              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3152              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
3153              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
3154              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3155              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
3156              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
3157         .xlevel = 0x80000008,
3158         .model_id = "Intel Xeon Processor (Cascadelake)",
3159         .versions = (X86CPUVersionDefinition[]) {
3160             { .version = 1 },
3161             { .version = 2,
3162               .note = "ARCH_CAPABILITIES",
3163               .props = (PropValue[]) {
3164                   { "arch-capabilities", "on" },
3165                   { "rdctl-no", "on" },
3166                   { "ibrs-all", "on" },
3167                   { "skip-l1dfl-vmentry", "on" },
3168                   { "mds-no", "on" },
3169                   { /* end of list */ }
3170               },
3171             },
3172             { .version = 3,
3173               .alias = "Cascadelake-Server-noTSX",
3174               .note = "ARCH_CAPABILITIES, no TSX",
3175               .props = (PropValue[]) {
3176                   { "hle", "off" },
3177                   { "rtm", "off" },
3178                   { /* end of list */ }
3179               },
3180             },
3181             { .version = 4,
3182               .note = "ARCH_CAPABILITIES, no TSX",
3183               .props = (PropValue[]) {
3184                   { "vmx-eptp-switching", "on" },
3185                   { /* end of list */ }
3186               },
3187             },
3188             { .version = 5,
3189               .note = "ARCH_CAPABILITIES, EPT switching, XSAVES, no TSX",
3190               .props = (PropValue[]) {
3191                   { "xsaves", "on" },
3192                   { "vmx-xsaves", "on" },
3193                   { /* end of list */ }
3194               },
3195             },
3196             { /* end of list */ }
3197         }
3198     },
3199     {
3200         .name = "Cooperlake",
3201         .level = 0xd,
3202         .vendor = CPUID_VENDOR_INTEL,
3203         .family = 6,
3204         .model = 85,
3205         .stepping = 10,
3206         .features[FEAT_1_EDX] =
3207             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3208             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3209             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3210             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3211             CPUID_DE | CPUID_FP87,
3212         .features[FEAT_1_ECX] =
3213             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
3214             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
3215             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
3216             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
3217             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
3218             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
3219         .features[FEAT_8000_0001_EDX] =
3220             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
3221             CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
3222         .features[FEAT_8000_0001_ECX] =
3223             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
3224         .features[FEAT_7_0_EBX] =
3225             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
3226             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
3227             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
3228             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
3229             CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLWB |
3230             CPUID_7_0_EBX_AVX512F | CPUID_7_0_EBX_AVX512DQ |
3231             CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512CD |
3232             CPUID_7_0_EBX_AVX512VL | CPUID_7_0_EBX_CLFLUSHOPT,
3233         .features[FEAT_7_0_ECX] =
3234             CPUID_7_0_ECX_PKU |
3235             CPUID_7_0_ECX_AVX512VNNI,
3236         .features[FEAT_7_0_EDX] =
3237             CPUID_7_0_EDX_SPEC_CTRL | CPUID_7_0_EDX_STIBP |
3238             CPUID_7_0_EDX_SPEC_CTRL_SSBD | CPUID_7_0_EDX_ARCH_CAPABILITIES,
3239         .features[FEAT_ARCH_CAPABILITIES] =
3240             MSR_ARCH_CAP_RDCL_NO | MSR_ARCH_CAP_IBRS_ALL |
3241             MSR_ARCH_CAP_SKIP_L1DFL_VMENTRY | MSR_ARCH_CAP_MDS_NO |
3242             MSR_ARCH_CAP_PSCHANGE_MC_NO | MSR_ARCH_CAP_TAA_NO,
3243         .features[FEAT_7_1_EAX] =
3244             CPUID_7_1_EAX_AVX512_BF16,
3245         /* XSAVES is added in version 2 */
3246         .features[FEAT_XSAVE] =
3247             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
3248             CPUID_XSAVE_XGETBV1,
3249         .features[FEAT_6_EAX] =
3250             CPUID_6_EAX_ARAT,
3251         /* Missing: Mode-based execute control (XS/XU), processor tracing, TSC scaling */
3252         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
3253              MSR_VMX_BASIC_TRUE_CTLS,
3254         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
3255              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
3256              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
3257         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
3258              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
3259              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
3260              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3261              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3262              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3263              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
3264         .features[FEAT_VMX_EXIT_CTLS] =
3265              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3266              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3267              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
3268              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3269              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3270         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
3271              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
3272         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
3273              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
3274              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
3275         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3276              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3277              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3278              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3279              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3280              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3281              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3282              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3283              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3284              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3285              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3286              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3287         .features[FEAT_VMX_SECONDARY_CTLS] =
3288              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3289              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3290              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3291              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3292              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3293              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
3294              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
3295              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3296              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
3297              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
3298         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
3299         .xlevel = 0x80000008,
3300         .model_id = "Intel Xeon Processor (Cooperlake)",
3301         .versions = (X86CPUVersionDefinition[]) {
3302             { .version = 1 },
3303             { .version = 2,
3304               .note = "XSAVES",
3305               .props = (PropValue[]) {
3306                   { "xsaves", "on" },
3307                   { "vmx-xsaves", "on" },
3308                   { /* end of list */ }
3309               },
3310             },
3311             { /* end of list */ }
3312         }
3313     },
3314     {
3315         .name = "Icelake-Server",
3316         .level = 0xd,
3317         .vendor = CPUID_VENDOR_INTEL,
3318         .family = 6,
3319         .model = 134,
3320         .stepping = 0,
3321         .features[FEAT_1_EDX] =
3322             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3323             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3324             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3325             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3326             CPUID_DE | CPUID_FP87,
3327         .features[FEAT_1_ECX] =
3328             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
3329             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
3330             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
3331             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
3332             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
3333             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
3334         .features[FEAT_8000_0001_EDX] =
3335             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
3336             CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
3337         .features[FEAT_8000_0001_ECX] =
3338             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
3339         .features[FEAT_8000_0008_EBX] =
3340             CPUID_8000_0008_EBX_WBNOINVD,
3341         .features[FEAT_7_0_EBX] =
3342             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
3343             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
3344             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
3345             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
3346             CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLWB |
3347             CPUID_7_0_EBX_AVX512F | CPUID_7_0_EBX_AVX512DQ |
3348             CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512CD |
3349             CPUID_7_0_EBX_AVX512VL | CPUID_7_0_EBX_CLFLUSHOPT,
3350         .features[FEAT_7_0_ECX] =
3351             CPUID_7_0_ECX_AVX512_VBMI | CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_PKU |
3352             CPUID_7_0_ECX_AVX512_VBMI2 | CPUID_7_0_ECX_GFNI |
3353             CPUID_7_0_ECX_VAES | CPUID_7_0_ECX_VPCLMULQDQ |
3354             CPUID_7_0_ECX_AVX512VNNI | CPUID_7_0_ECX_AVX512BITALG |
3355             CPUID_7_0_ECX_AVX512_VPOPCNTDQ | CPUID_7_0_ECX_LA57,
3356         .features[FEAT_7_0_EDX] =
3357             CPUID_7_0_EDX_SPEC_CTRL | CPUID_7_0_EDX_SPEC_CTRL_SSBD,
3358         /* XSAVES is added in version 5 */
3359         .features[FEAT_XSAVE] =
3360             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
3361             CPUID_XSAVE_XGETBV1,
3362         .features[FEAT_6_EAX] =
3363             CPUID_6_EAX_ARAT,
3364         /* Missing: Mode-based execute control (XS/XU), processor tracing, TSC scaling */
3365         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
3366              MSR_VMX_BASIC_TRUE_CTLS,
3367         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
3368              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
3369              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
3370         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
3371              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
3372              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
3373              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3374              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3375              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3376              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
3377         .features[FEAT_VMX_EXIT_CTLS] =
3378              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3379              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3380              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
3381              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3382              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3383         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
3384              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
3385         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
3386              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
3387              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
3388         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3389              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3390              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3391              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3392              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3393              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3394              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3395              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3396              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3397              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3398              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3399              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3400         .features[FEAT_VMX_SECONDARY_CTLS] =
3401              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3402              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3403              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3404              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3405              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3406              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
3407              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
3408              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3409              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS,
3410         .xlevel = 0x80000008,
3411         .model_id = "Intel Xeon Processor (Icelake)",
3412         .versions = (X86CPUVersionDefinition[]) {
3413             { .version = 1 },
3414             {
3415                 .version = 2,
3416                 .note = "no TSX",
3417                 .alias = "Icelake-Server-noTSX",
3418                 .props = (PropValue[]) {
3419                     { "hle", "off" },
3420                     { "rtm", "off" },
3421                     { /* end of list */ }
3422                 },
3423             },
3424             {
3425                 .version = 3,
3426                 .props = (PropValue[]) {
3427                     { "arch-capabilities", "on" },
3428                     { "rdctl-no", "on" },
3429                     { "ibrs-all", "on" },
3430                     { "skip-l1dfl-vmentry", "on" },
3431                     { "mds-no", "on" },
3432                     { "pschange-mc-no", "on" },
3433                     { "taa-no", "on" },
3434                     { /* end of list */ }
3435                 },
3436             },
3437             {
3438                 .version = 4,
3439                 .props = (PropValue[]) {
3440                     { "sha-ni", "on" },
3441                     { "avx512ifma", "on" },
3442                     { "rdpid", "on" },
3443                     { "fsrm", "on" },
3444                     { "vmx-rdseed-exit", "on" },
3445                     { "vmx-pml", "on" },
3446                     { "vmx-eptp-switching", "on" },
3447                     { "model", "106" },
3448                     { /* end of list */ }
3449                 },
3450             },
3451             {
3452                 .version = 5,
3453                 .note = "XSAVES",
3454                 .props = (PropValue[]) {
3455                     { "xsaves", "on" },
3456                     { "vmx-xsaves", "on" },
3457                     { /* end of list */ }
3458                 },
3459             },
3460             {
3461                 .version = 6,
3462                 .note = "5-level EPT",
3463                 .props = (PropValue[]) {
3464                     { "vmx-page-walk-5", "on" },
3465                     { /* end of list */ }
3466                 },
3467             },
3468             { /* end of list */ }
3469         }
3470     },
3471     {
3472         .name = "SapphireRapids",
3473         .level = 0x20,
3474         .vendor = CPUID_VENDOR_INTEL,
3475         .family = 6,
3476         .model = 143,
3477         .stepping = 4,
3478         /*
3479          * please keep the ascending order so that we can have a clear view of
3480          * bit position of each feature.
3481          */
3482         .features[FEAT_1_EDX] =
3483             CPUID_FP87 | CPUID_VME | CPUID_DE | CPUID_PSE | CPUID_TSC |
3484             CPUID_MSR | CPUID_PAE | CPUID_MCE | CPUID_CX8 | CPUID_APIC |
3485             CPUID_SEP | CPUID_MTRR | CPUID_PGE | CPUID_MCA | CPUID_CMOV |
3486             CPUID_PAT | CPUID_PSE36 | CPUID_CLFLUSH | CPUID_MMX | CPUID_FXSR |
3487             CPUID_SSE | CPUID_SSE2,
3488         .features[FEAT_1_ECX] =
3489             CPUID_EXT_SSE3 | CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSSE3 |
3490             CPUID_EXT_FMA | CPUID_EXT_CX16 | CPUID_EXT_PCID | CPUID_EXT_SSE41 |
3491             CPUID_EXT_SSE42 | CPUID_EXT_X2APIC | CPUID_EXT_MOVBE |
3492             CPUID_EXT_POPCNT | CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_AES |
3493             CPUID_EXT_XSAVE | CPUID_EXT_AVX | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
3494         .features[FEAT_8000_0001_EDX] =
3495             CPUID_EXT2_SYSCALL | CPUID_EXT2_NX | CPUID_EXT2_PDPE1GB |
3496             CPUID_EXT2_RDTSCP | CPUID_EXT2_LM,
3497         .features[FEAT_8000_0001_ECX] =
3498             CPUID_EXT3_LAHF_LM | CPUID_EXT3_ABM | CPUID_EXT3_3DNOWPREFETCH,
3499         .features[FEAT_8000_0008_EBX] =
3500             CPUID_8000_0008_EBX_WBNOINVD,
3501         .features[FEAT_7_0_EBX] =
3502             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_HLE |
3503             CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 |
3504             CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID | CPUID_7_0_EBX_RTM |
3505             CPUID_7_0_EBX_AVX512F | CPUID_7_0_EBX_AVX512DQ |
3506             CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_SMAP |
3507             CPUID_7_0_EBX_AVX512IFMA | CPUID_7_0_EBX_CLFLUSHOPT |
3508             CPUID_7_0_EBX_CLWB | CPUID_7_0_EBX_AVX512CD | CPUID_7_0_EBX_SHA_NI |
3509             CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512VL,
3510         .features[FEAT_7_0_ECX] =
3511             CPUID_7_0_ECX_AVX512_VBMI | CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_PKU |
3512             CPUID_7_0_ECX_AVX512_VBMI2 | CPUID_7_0_ECX_GFNI |
3513             CPUID_7_0_ECX_VAES | CPUID_7_0_ECX_VPCLMULQDQ |
3514             CPUID_7_0_ECX_AVX512VNNI | CPUID_7_0_ECX_AVX512BITALG |
3515             CPUID_7_0_ECX_AVX512_VPOPCNTDQ | CPUID_7_0_ECX_LA57 |
3516             CPUID_7_0_ECX_RDPID | CPUID_7_0_ECX_BUS_LOCK_DETECT,
3517         .features[FEAT_7_0_EDX] =
3518             CPUID_7_0_EDX_FSRM | CPUID_7_0_EDX_SERIALIZE |
3519             CPUID_7_0_EDX_TSX_LDTRK | CPUID_7_0_EDX_AMX_BF16 |
3520             CPUID_7_0_EDX_AVX512_FP16 | CPUID_7_0_EDX_AMX_TILE |
3521             CPUID_7_0_EDX_AMX_INT8 | CPUID_7_0_EDX_SPEC_CTRL |
3522             CPUID_7_0_EDX_ARCH_CAPABILITIES | CPUID_7_0_EDX_SPEC_CTRL_SSBD,
3523         .features[FEAT_ARCH_CAPABILITIES] =
3524             MSR_ARCH_CAP_RDCL_NO | MSR_ARCH_CAP_IBRS_ALL |
3525             MSR_ARCH_CAP_SKIP_L1DFL_VMENTRY | MSR_ARCH_CAP_MDS_NO |
3526             MSR_ARCH_CAP_PSCHANGE_MC_NO | MSR_ARCH_CAP_TAA_NO,
3527         .features[FEAT_XSAVE] =
3528             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
3529             CPUID_XSAVE_XGETBV1 | CPUID_XSAVE_XSAVES | CPUID_D_1_EAX_XFD,
3530         .features[FEAT_6_EAX] =
3531             CPUID_6_EAX_ARAT,
3532         .features[FEAT_7_1_EAX] =
3533             CPUID_7_1_EAX_AVX_VNNI | CPUID_7_1_EAX_AVX512_BF16 |
3534             CPUID_7_1_EAX_FZRM | CPUID_7_1_EAX_FSRS | CPUID_7_1_EAX_FSRC,
3535         .features[FEAT_VMX_BASIC] =
3536             MSR_VMX_BASIC_INS_OUTS | MSR_VMX_BASIC_TRUE_CTLS,
3537         .features[FEAT_VMX_ENTRY_CTLS] =
3538             VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_IA32E_MODE |
3539             VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL |
3540             VMX_VM_ENTRY_LOAD_IA32_PAT | VMX_VM_ENTRY_LOAD_IA32_EFER,
3541         .features[FEAT_VMX_EPT_VPID_CAPS] =
3542             MSR_VMX_EPT_EXECONLY |
3543             MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_PAGE_WALK_LENGTH_5 |
3544             MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB | MSR_VMX_EPT_1GB |
3545             MSR_VMX_EPT_INVEPT | MSR_VMX_EPT_AD_BITS |
3546             MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3547             MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3548             MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT |
3549             MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3550             MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS,
3551         .features[FEAT_VMX_EXIT_CTLS] =
3552             VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3553             VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3554             VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_IA32_PAT |
3555             VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3556             VMX_VM_EXIT_LOAD_IA32_EFER | VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3557         .features[FEAT_VMX_MISC] =
3558             MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_ACTIVITY_HLT |
3559             MSR_VMX_MISC_VMWRITE_VMEXIT,
3560         .features[FEAT_VMX_PINBASED_CTLS] =
3561             VMX_PIN_BASED_EXT_INTR_MASK | VMX_PIN_BASED_NMI_EXITING |
3562             VMX_PIN_BASED_VIRTUAL_NMIS | VMX_PIN_BASED_VMX_PREEMPTION_TIMER |
3563             VMX_PIN_BASED_POSTED_INTR,
3564         .features[FEAT_VMX_PROCBASED_CTLS] =
3565             VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3566             VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3567             VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3568             VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3569             VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3570             VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3571             VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_VIRTUAL_NMI_PENDING |
3572             VMX_CPU_BASED_MOV_DR_EXITING | VMX_CPU_BASED_UNCOND_IO_EXITING |
3573             VMX_CPU_BASED_USE_IO_BITMAPS | VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3574             VMX_CPU_BASED_USE_MSR_BITMAPS | VMX_CPU_BASED_MONITOR_EXITING |
3575             VMX_CPU_BASED_PAUSE_EXITING |
3576             VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3577         .features[FEAT_VMX_SECONDARY_CTLS] =
3578             VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3579             VMX_SECONDARY_EXEC_ENABLE_EPT | VMX_SECONDARY_EXEC_DESC |
3580             VMX_SECONDARY_EXEC_RDTSCP |
3581             VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3582             VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_WBINVD_EXITING |
3583             VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3584             VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
3585             VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
3586             VMX_SECONDARY_EXEC_RDRAND_EXITING |
3587             VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3588             VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
3589             VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML |
3590             VMX_SECONDARY_EXEC_XSAVES,
3591         .features[FEAT_VMX_VMFUNC] =
3592             MSR_VMX_VMFUNC_EPT_SWITCHING,
3593         .xlevel = 0x80000008,
3594         .model_id = "Intel Xeon Processor (SapphireRapids)",
3595         .versions = (X86CPUVersionDefinition[]) {
3596             { .version = 1 },
3597             { /* end of list */ },
3598         },
3599     },
3600     {
3601         .name = "Denverton",
3602         .level = 21,
3603         .vendor = CPUID_VENDOR_INTEL,
3604         .family = 6,
3605         .model = 95,
3606         .stepping = 1,
3607         .features[FEAT_1_EDX] =
3608             CPUID_FP87 | CPUID_VME | CPUID_DE | CPUID_PSE | CPUID_TSC |
3609             CPUID_MSR | CPUID_PAE | CPUID_MCE | CPUID_CX8 | CPUID_APIC |
3610             CPUID_SEP | CPUID_MTRR | CPUID_PGE | CPUID_MCA | CPUID_CMOV |
3611             CPUID_PAT | CPUID_PSE36 | CPUID_CLFLUSH | CPUID_MMX | CPUID_FXSR |
3612             CPUID_SSE | CPUID_SSE2,
3613         .features[FEAT_1_ECX] =
3614             CPUID_EXT_SSE3 | CPUID_EXT_PCLMULQDQ | CPUID_EXT_MONITOR |
3615             CPUID_EXT_SSSE3 | CPUID_EXT_CX16 | CPUID_EXT_SSE41 |
3616             CPUID_EXT_SSE42 | CPUID_EXT_X2APIC | CPUID_EXT_MOVBE |
3617             CPUID_EXT_POPCNT | CPUID_EXT_TSC_DEADLINE_TIMER |
3618             CPUID_EXT_AES | CPUID_EXT_XSAVE | CPUID_EXT_RDRAND,
3619         .features[FEAT_8000_0001_EDX] =
3620             CPUID_EXT2_SYSCALL | CPUID_EXT2_NX | CPUID_EXT2_PDPE1GB |
3621             CPUID_EXT2_RDTSCP | CPUID_EXT2_LM,
3622         .features[FEAT_8000_0001_ECX] =
3623             CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
3624         .features[FEAT_7_0_EBX] =
3625             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_ERMS |
3626             CPUID_7_0_EBX_MPX | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_SMAP |
3627             CPUID_7_0_EBX_CLFLUSHOPT | CPUID_7_0_EBX_SHA_NI,
3628         .features[FEAT_7_0_EDX] =
3629             CPUID_7_0_EDX_SPEC_CTRL | CPUID_7_0_EDX_ARCH_CAPABILITIES |
3630             CPUID_7_0_EDX_SPEC_CTRL_SSBD,
3631         /* XSAVES is added in version 3 */
3632         .features[FEAT_XSAVE] =
3633             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC | CPUID_XSAVE_XGETBV1,
3634         .features[FEAT_6_EAX] =
3635             CPUID_6_EAX_ARAT,
3636         .features[FEAT_ARCH_CAPABILITIES] =
3637             MSR_ARCH_CAP_RDCL_NO | MSR_ARCH_CAP_SKIP_L1DFL_VMENTRY,
3638         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
3639              MSR_VMX_BASIC_TRUE_CTLS,
3640         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
3641              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
3642              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
3643         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
3644              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
3645              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
3646              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3647              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3648              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3649              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
3650         .features[FEAT_VMX_EXIT_CTLS] =
3651              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3652              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3653              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
3654              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3655              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3656         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
3657              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
3658         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
3659              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
3660              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
3661         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3662              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3663              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3664              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3665              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3666              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3667              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3668              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3669              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3670              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3671              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3672              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3673         .features[FEAT_VMX_SECONDARY_CTLS] =
3674              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3675              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3676              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3677              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3678              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3679              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
3680              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
3681              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3682              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
3683              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
3684         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
3685         .xlevel = 0x80000008,
3686         .model_id = "Intel Atom Processor (Denverton)",
3687         .versions = (X86CPUVersionDefinition[]) {
3688             { .version = 1 },
3689             {
3690                 .version = 2,
3691                 .note = "no MPX, no MONITOR",
3692                 .props = (PropValue[]) {
3693                     { "monitor", "off" },
3694                     { "mpx", "off" },
3695                     { /* end of list */ },
3696                 },
3697             },
3698             {
3699                 .version = 3,
3700                 .note = "XSAVES, no MPX, no MONITOR",
3701                 .props = (PropValue[]) {
3702                     { "xsaves", "on" },
3703                     { "vmx-xsaves", "on" },
3704                     { /* end of list */ },
3705                 },
3706             },
3707             { /* end of list */ },
3708         },
3709     },
3710     {
3711         .name = "Snowridge",
3712         .level = 27,
3713         .vendor = CPUID_VENDOR_INTEL,
3714         .family = 6,
3715         .model = 134,
3716         .stepping = 1,
3717         .features[FEAT_1_EDX] =
3718             /* missing: CPUID_PN CPUID_IA64 */
3719             /* missing: CPUID_DTS, CPUID_HT, CPUID_TM, CPUID_PBE */
3720             CPUID_FP87 | CPUID_VME | CPUID_DE | CPUID_PSE |
3721             CPUID_TSC | CPUID_MSR | CPUID_PAE | CPUID_MCE |
3722             CPUID_CX8 | CPUID_APIC | CPUID_SEP |
3723             CPUID_MTRR | CPUID_PGE | CPUID_MCA | CPUID_CMOV |
3724             CPUID_PAT | CPUID_PSE36 | CPUID_CLFLUSH |
3725             CPUID_MMX |
3726             CPUID_FXSR | CPUID_SSE | CPUID_SSE2,
3727         .features[FEAT_1_ECX] =
3728             CPUID_EXT_SSE3 | CPUID_EXT_PCLMULQDQ | CPUID_EXT_MONITOR |
3729             CPUID_EXT_SSSE3 |
3730             CPUID_EXT_CX16 |
3731             CPUID_EXT_SSE41 |
3732             CPUID_EXT_SSE42 | CPUID_EXT_X2APIC | CPUID_EXT_MOVBE |
3733             CPUID_EXT_POPCNT |
3734             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_AES | CPUID_EXT_XSAVE |
3735             CPUID_EXT_RDRAND,
3736         .features[FEAT_8000_0001_EDX] =
3737             CPUID_EXT2_SYSCALL |
3738             CPUID_EXT2_NX |
3739             CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
3740             CPUID_EXT2_LM,
3741         .features[FEAT_8000_0001_ECX] =
3742             CPUID_EXT3_LAHF_LM |
3743             CPUID_EXT3_3DNOWPREFETCH,
3744         .features[FEAT_7_0_EBX] =
3745             CPUID_7_0_EBX_FSGSBASE |
3746             CPUID_7_0_EBX_SMEP |
3747             CPUID_7_0_EBX_ERMS |
3748             CPUID_7_0_EBX_MPX |  /* missing bits 13, 15 */
3749             CPUID_7_0_EBX_RDSEED |
3750             CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLFLUSHOPT |
3751             CPUID_7_0_EBX_CLWB |
3752             CPUID_7_0_EBX_SHA_NI,
3753         .features[FEAT_7_0_ECX] =
3754             CPUID_7_0_ECX_UMIP |
3755             /* missing bit 5 */
3756             CPUID_7_0_ECX_GFNI |
3757             CPUID_7_0_ECX_MOVDIRI | CPUID_7_0_ECX_CLDEMOTE |
3758             CPUID_7_0_ECX_MOVDIR64B,
3759         .features[FEAT_7_0_EDX] =
3760             CPUID_7_0_EDX_SPEC_CTRL |
3761             CPUID_7_0_EDX_ARCH_CAPABILITIES | CPUID_7_0_EDX_SPEC_CTRL_SSBD |
3762             CPUID_7_0_EDX_CORE_CAPABILITY,
3763         .features[FEAT_CORE_CAPABILITY] =
3764             MSR_CORE_CAP_SPLIT_LOCK_DETECT,
3765         /* XSAVES is added in version 3 */
3766         .features[FEAT_XSAVE] =
3767             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
3768             CPUID_XSAVE_XGETBV1,
3769         .features[FEAT_6_EAX] =
3770             CPUID_6_EAX_ARAT,
3771         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
3772              MSR_VMX_BASIC_TRUE_CTLS,
3773         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
3774              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
3775              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
3776         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
3777              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
3778              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
3779              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3780              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3781              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3782              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
3783         .features[FEAT_VMX_EXIT_CTLS] =
3784              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3785              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3786              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
3787              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3788              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3789         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
3790              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
3791         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
3792              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
3793              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
3794         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3795              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3796              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3797              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3798              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3799              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3800              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3801              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3802              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3803              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3804              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3805              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3806         .features[FEAT_VMX_SECONDARY_CTLS] =
3807              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3808              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3809              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3810              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3811              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3812              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
3813              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
3814              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3815              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
3816              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
3817         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
3818         .xlevel = 0x80000008,
3819         .model_id = "Intel Atom Processor (SnowRidge)",
3820         .versions = (X86CPUVersionDefinition[]) {
3821             { .version = 1 },
3822             {
3823                 .version = 2,
3824                 .props = (PropValue[]) {
3825                     { "mpx", "off" },
3826                     { "model-id", "Intel Atom Processor (Snowridge, no MPX)" },
3827                     { /* end of list */ },
3828                 },
3829             },
3830             {
3831                 .version = 3,
3832                 .note = "XSAVES, no MPX",
3833                 .props = (PropValue[]) {
3834                     { "xsaves", "on" },
3835                     { "vmx-xsaves", "on" },
3836                     { /* end of list */ },
3837                 },
3838             },
3839             {
3840                 .version = 4,
3841                 .note = "no split lock detect, no core-capability",
3842                 .props = (PropValue[]) {
3843                     { "split-lock-detect", "off" },
3844                     { "core-capability", "off" },
3845                     { /* end of list */ },
3846                 },
3847             },
3848             { /* end of list */ },
3849         },
3850     },
3851     {
3852         .name = "KnightsMill",
3853         .level = 0xd,
3854         .vendor = CPUID_VENDOR_INTEL,
3855         .family = 6,
3856         .model = 133,
3857         .stepping = 0,
3858         .features[FEAT_1_EDX] =
3859             CPUID_VME | CPUID_SS | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR |
3860             CPUID_MMX | CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV |
3861             CPUID_MCA | CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC |
3862             CPUID_CX8 | CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC |
3863             CPUID_PSE | CPUID_DE | CPUID_FP87,
3864         .features[FEAT_1_ECX] =
3865             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
3866             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
3867             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
3868             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
3869             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
3870             CPUID_EXT_F16C | CPUID_EXT_RDRAND,
3871         .features[FEAT_8000_0001_EDX] =
3872             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
3873             CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
3874         .features[FEAT_8000_0001_ECX] =
3875             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
3876         .features[FEAT_7_0_EBX] =
3877             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_AVX2 |
3878             CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS |
3879             CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_AVX512F |
3880             CPUID_7_0_EBX_AVX512CD | CPUID_7_0_EBX_AVX512PF |
3881             CPUID_7_0_EBX_AVX512ER,
3882         .features[FEAT_7_0_ECX] =
3883             CPUID_7_0_ECX_AVX512_VPOPCNTDQ,
3884         .features[FEAT_7_0_EDX] =
3885             CPUID_7_0_EDX_AVX512_4VNNIW | CPUID_7_0_EDX_AVX512_4FMAPS,
3886         .features[FEAT_XSAVE] =
3887             CPUID_XSAVE_XSAVEOPT,
3888         .features[FEAT_6_EAX] =
3889             CPUID_6_EAX_ARAT,
3890         .xlevel = 0x80000008,
3891         .model_id = "Intel Xeon Phi Processor (Knights Mill)",
3892     },
3893     {
3894         .name = "Opteron_G1",
3895         .level = 5,
3896         .vendor = CPUID_VENDOR_AMD,
3897         .family = 15,
3898         .model = 6,
3899         .stepping = 1,
3900         .features[FEAT_1_EDX] =
3901             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3902             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3903             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3904             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3905             CPUID_DE | CPUID_FP87,
3906         .features[FEAT_1_ECX] =
3907             CPUID_EXT_SSE3,
3908         .features[FEAT_8000_0001_EDX] =
3909             CPUID_EXT2_LM | CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
3910         .xlevel = 0x80000008,
3911         .model_id = "AMD Opteron 240 (Gen 1 Class Opteron)",
3912     },
3913     {
3914         .name = "Opteron_G2",
3915         .level = 5,
3916         .vendor = CPUID_VENDOR_AMD,
3917         .family = 15,
3918         .model = 6,
3919         .stepping = 1,
3920         .features[FEAT_1_EDX] =
3921             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3922             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3923             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3924             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3925             CPUID_DE | CPUID_FP87,
3926         .features[FEAT_1_ECX] =
3927             CPUID_EXT_CX16 | CPUID_EXT_SSE3,
3928         .features[FEAT_8000_0001_EDX] =
3929             CPUID_EXT2_LM | CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
3930         .features[FEAT_8000_0001_ECX] =
3931             CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM,
3932         .xlevel = 0x80000008,
3933         .model_id = "AMD Opteron 22xx (Gen 2 Class Opteron)",
3934     },
3935     {
3936         .name = "Opteron_G3",
3937         .level = 5,
3938         .vendor = CPUID_VENDOR_AMD,
3939         .family = 16,
3940         .model = 2,
3941         .stepping = 3,
3942         .features[FEAT_1_EDX] =
3943             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3944             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3945             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3946             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3947             CPUID_DE | CPUID_FP87,
3948         .features[FEAT_1_ECX] =
3949             CPUID_EXT_POPCNT | CPUID_EXT_CX16 | CPUID_EXT_MONITOR |
3950             CPUID_EXT_SSE3,
3951         .features[FEAT_8000_0001_EDX] =
3952             CPUID_EXT2_LM | CPUID_EXT2_NX | CPUID_EXT2_SYSCALL |
3953             CPUID_EXT2_RDTSCP,
3954         .features[FEAT_8000_0001_ECX] =
3955             CPUID_EXT3_MISALIGNSSE | CPUID_EXT3_SSE4A |
3956             CPUID_EXT3_ABM | CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM,
3957         .xlevel = 0x80000008,
3958         .model_id = "AMD Opteron 23xx (Gen 3 Class Opteron)",
3959     },
3960     {
3961         .name = "Opteron_G4",
3962         .level = 0xd,
3963         .vendor = CPUID_VENDOR_AMD,
3964         .family = 21,
3965         .model = 1,
3966         .stepping = 2,
3967         .features[FEAT_1_EDX] =
3968             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3969             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3970             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3971             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3972             CPUID_DE | CPUID_FP87,
3973         .features[FEAT_1_ECX] =
3974             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
3975             CPUID_EXT_POPCNT | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
3976             CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | CPUID_EXT_PCLMULQDQ |
3977             CPUID_EXT_SSE3,
3978         .features[FEAT_8000_0001_EDX] =
3979             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_NX |
3980             CPUID_EXT2_SYSCALL | CPUID_EXT2_RDTSCP,
3981         .features[FEAT_8000_0001_ECX] =
3982             CPUID_EXT3_FMA4 | CPUID_EXT3_XOP |
3983             CPUID_EXT3_3DNOWPREFETCH | CPUID_EXT3_MISALIGNSSE |
3984             CPUID_EXT3_SSE4A | CPUID_EXT3_ABM | CPUID_EXT3_SVM |
3985             CPUID_EXT3_LAHF_LM,
3986         .features[FEAT_SVM] =
3987             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE,
3988         /* no xsaveopt! */
3989         .xlevel = 0x8000001A,
3990         .model_id = "AMD Opteron 62xx class CPU",
3991     },
3992     {
3993         .name = "Opteron_G5",
3994         .level = 0xd,
3995         .vendor = CPUID_VENDOR_AMD,
3996         .family = 21,
3997         .model = 2,
3998         .stepping = 0,
3999         .features[FEAT_1_EDX] =
4000             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
4001             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
4002             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
4003             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
4004             CPUID_DE | CPUID_FP87,
4005         .features[FEAT_1_ECX] =
4006             CPUID_EXT_F16C | CPUID_EXT_AVX | CPUID_EXT_XSAVE |
4007             CPUID_EXT_AES | CPUID_EXT_POPCNT | CPUID_EXT_SSE42 |
4008             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_FMA |
4009             CPUID_EXT_SSSE3 | CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3,
4010         .features[FEAT_8000_0001_EDX] =
4011             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_NX |
4012             CPUID_EXT2_SYSCALL | CPUID_EXT2_RDTSCP,
4013         .features[FEAT_8000_0001_ECX] =
4014             CPUID_EXT3_TBM | CPUID_EXT3_FMA4 | CPUID_EXT3_XOP |
4015             CPUID_EXT3_3DNOWPREFETCH | CPUID_EXT3_MISALIGNSSE |
4016             CPUID_EXT3_SSE4A | CPUID_EXT3_ABM | CPUID_EXT3_SVM |
4017             CPUID_EXT3_LAHF_LM,
4018         .features[FEAT_SVM] =
4019             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE,
4020         /* no xsaveopt! */
4021         .xlevel = 0x8000001A,
4022         .model_id = "AMD Opteron 63xx class CPU",
4023     },
4024     {
4025         .name = "EPYC",
4026         .level = 0xd,
4027         .vendor = CPUID_VENDOR_AMD,
4028         .family = 23,
4029         .model = 1,
4030         .stepping = 2,
4031         .features[FEAT_1_EDX] =
4032             CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | CPUID_CLFLUSH |
4033             CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | CPUID_PGE |
4034             CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | CPUID_MCE |
4035             CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | CPUID_DE |
4036             CPUID_VME | CPUID_FP87,
4037         .features[FEAT_1_ECX] =
4038             CPUID_EXT_RDRAND | CPUID_EXT_F16C | CPUID_EXT_AVX |
4039             CPUID_EXT_XSAVE | CPUID_EXT_AES |  CPUID_EXT_POPCNT |
4040             CPUID_EXT_MOVBE | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
4041             CPUID_EXT_CX16 | CPUID_EXT_FMA | CPUID_EXT_SSSE3 |
4042             CPUID_EXT_MONITOR | CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3,
4043         .features[FEAT_8000_0001_EDX] =
4044             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_PDPE1GB |
4045             CPUID_EXT2_FFXSR | CPUID_EXT2_MMXEXT | CPUID_EXT2_NX |
4046             CPUID_EXT2_SYSCALL,
4047         .features[FEAT_8000_0001_ECX] =
4048             CPUID_EXT3_OSVW | CPUID_EXT3_3DNOWPREFETCH |
4049             CPUID_EXT3_MISALIGNSSE | CPUID_EXT3_SSE4A | CPUID_EXT3_ABM |
4050             CPUID_EXT3_CR8LEG | CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM |
4051             CPUID_EXT3_TOPOEXT,
4052         .features[FEAT_7_0_EBX] =
4053             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_AVX2 |
4054             CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_RDSEED |
4055             CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLFLUSHOPT |
4056             CPUID_7_0_EBX_SHA_NI,
4057         .features[FEAT_XSAVE] =
4058             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
4059             CPUID_XSAVE_XGETBV1,
4060         .features[FEAT_6_EAX] =
4061             CPUID_6_EAX_ARAT,
4062         .features[FEAT_SVM] =
4063             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE,
4064         .xlevel = 0x8000001E,
4065         .model_id = "AMD EPYC Processor",
4066         .cache_info = &epyc_cache_info,
4067         .versions = (X86CPUVersionDefinition[]) {
4068             { .version = 1 },
4069             {
4070                 .version = 2,
4071                 .alias = "EPYC-IBPB",
4072                 .props = (PropValue[]) {
4073                     { "ibpb", "on" },
4074                     { "model-id",
4075                       "AMD EPYC Processor (with IBPB)" },
4076                     { /* end of list */ }
4077                 }
4078             },
4079             {
4080                 .version = 3,
4081                 .props = (PropValue[]) {
4082                     { "ibpb", "on" },
4083                     { "perfctr-core", "on" },
4084                     { "clzero", "on" },
4085                     { "xsaveerptr", "on" },
4086                     { "xsaves", "on" },
4087                     { "model-id",
4088                       "AMD EPYC Processor" },
4089                     { /* end of list */ }
4090                 }
4091             },
4092             { /* end of list */ }
4093         }
4094     },
4095     {
4096         .name = "Dhyana",
4097         .level = 0xd,
4098         .vendor = CPUID_VENDOR_HYGON,
4099         .family = 24,
4100         .model = 0,
4101         .stepping = 1,
4102         .features[FEAT_1_EDX] =
4103             CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | CPUID_CLFLUSH |
4104             CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | CPUID_PGE |
4105             CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | CPUID_MCE |
4106             CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | CPUID_DE |
4107             CPUID_VME | CPUID_FP87,
4108         .features[FEAT_1_ECX] =
4109             CPUID_EXT_RDRAND | CPUID_EXT_F16C | CPUID_EXT_AVX |
4110             CPUID_EXT_XSAVE | CPUID_EXT_POPCNT |
4111             CPUID_EXT_MOVBE | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
4112             CPUID_EXT_CX16 | CPUID_EXT_FMA | CPUID_EXT_SSSE3 |
4113             CPUID_EXT_MONITOR | CPUID_EXT_SSE3,
4114         .features[FEAT_8000_0001_EDX] =
4115             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_PDPE1GB |
4116             CPUID_EXT2_FFXSR | CPUID_EXT2_MMXEXT | CPUID_EXT2_NX |
4117             CPUID_EXT2_SYSCALL,
4118         .features[FEAT_8000_0001_ECX] =
4119             CPUID_EXT3_OSVW | CPUID_EXT3_3DNOWPREFETCH |
4120             CPUID_EXT3_MISALIGNSSE | CPUID_EXT3_SSE4A | CPUID_EXT3_ABM |
4121             CPUID_EXT3_CR8LEG | CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM |
4122             CPUID_EXT3_TOPOEXT,
4123         .features[FEAT_8000_0008_EBX] =
4124             CPUID_8000_0008_EBX_IBPB,
4125         .features[FEAT_7_0_EBX] =
4126             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_AVX2 |
4127             CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_RDSEED |
4128             CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLFLUSHOPT,
4129         /* XSAVES is added in version 2 */
4130         .features[FEAT_XSAVE] =
4131             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
4132             CPUID_XSAVE_XGETBV1,
4133         .features[FEAT_6_EAX] =
4134             CPUID_6_EAX_ARAT,
4135         .features[FEAT_SVM] =
4136             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE,
4137         .xlevel = 0x8000001E,
4138         .model_id = "Hygon Dhyana Processor",
4139         .cache_info = &epyc_cache_info,
4140         .versions = (X86CPUVersionDefinition[]) {
4141             { .version = 1 },
4142             { .version = 2,
4143               .note = "XSAVES",
4144               .props = (PropValue[]) {
4145                   { "xsaves", "on" },
4146                   { /* end of list */ }
4147               },
4148             },
4149             { /* end of list */ }
4150         }
4151     },
4152     {
4153         .name = "EPYC-Rome",
4154         .level = 0xd,
4155         .vendor = CPUID_VENDOR_AMD,
4156         .family = 23,
4157         .model = 49,
4158         .stepping = 0,
4159         .features[FEAT_1_EDX] =
4160             CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | CPUID_CLFLUSH |
4161             CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | CPUID_PGE |
4162             CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | CPUID_MCE |
4163             CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | CPUID_DE |
4164             CPUID_VME | CPUID_FP87,
4165         .features[FEAT_1_ECX] =
4166             CPUID_EXT_RDRAND | CPUID_EXT_F16C | CPUID_EXT_AVX |
4167             CPUID_EXT_XSAVE | CPUID_EXT_AES |  CPUID_EXT_POPCNT |
4168             CPUID_EXT_MOVBE | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
4169             CPUID_EXT_CX16 | CPUID_EXT_FMA | CPUID_EXT_SSSE3 |
4170             CPUID_EXT_MONITOR | CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3,
4171         .features[FEAT_8000_0001_EDX] =
4172             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_PDPE1GB |
4173             CPUID_EXT2_FFXSR | CPUID_EXT2_MMXEXT | CPUID_EXT2_NX |
4174             CPUID_EXT2_SYSCALL,
4175         .features[FEAT_8000_0001_ECX] =
4176             CPUID_EXT3_OSVW | CPUID_EXT3_3DNOWPREFETCH |
4177             CPUID_EXT3_MISALIGNSSE | CPUID_EXT3_SSE4A | CPUID_EXT3_ABM |
4178             CPUID_EXT3_CR8LEG | CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM |
4179             CPUID_EXT3_TOPOEXT | CPUID_EXT3_PERFCORE,
4180         .features[FEAT_8000_0008_EBX] =
4181             CPUID_8000_0008_EBX_CLZERO | CPUID_8000_0008_EBX_XSAVEERPTR |
4182             CPUID_8000_0008_EBX_WBNOINVD | CPUID_8000_0008_EBX_IBPB |
4183             CPUID_8000_0008_EBX_STIBP,
4184         .features[FEAT_7_0_EBX] =
4185             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_AVX2 |
4186             CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_RDSEED |
4187             CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLFLUSHOPT |
4188             CPUID_7_0_EBX_SHA_NI | CPUID_7_0_EBX_CLWB,
4189         .features[FEAT_7_0_ECX] =
4190             CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_RDPID,
4191         .features[FEAT_XSAVE] =
4192             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
4193             CPUID_XSAVE_XGETBV1 | CPUID_XSAVE_XSAVES,
4194         .features[FEAT_6_EAX] =
4195             CPUID_6_EAX_ARAT,
4196         .features[FEAT_SVM] =
4197             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE,
4198         .xlevel = 0x8000001E,
4199         .model_id = "AMD EPYC-Rome Processor",
4200         .cache_info = &epyc_rome_cache_info,
4201         .versions = (X86CPUVersionDefinition[]) {
4202             { .version = 1 },
4203             {
4204                 .version = 2,
4205                 .props = (PropValue[]) {
4206                     { "ibrs", "on" },
4207                     { "amd-ssbd", "on" },
4208                     { /* end of list */ }
4209                 }
4210             },
4211             { /* end of list */ }
4212         }
4213     },
4214     {
4215         .name = "EPYC-Milan",
4216         .level = 0xd,
4217         .vendor = CPUID_VENDOR_AMD,
4218         .family = 25,
4219         .model = 1,
4220         .stepping = 1,
4221         .features[FEAT_1_EDX] =
4222             CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | CPUID_CLFLUSH |
4223             CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | CPUID_PGE |
4224             CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | CPUID_MCE |
4225             CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | CPUID_DE |
4226             CPUID_VME | CPUID_FP87,
4227         .features[FEAT_1_ECX] =
4228             CPUID_EXT_RDRAND | CPUID_EXT_F16C | CPUID_EXT_AVX |
4229             CPUID_EXT_XSAVE | CPUID_EXT_AES |  CPUID_EXT_POPCNT |
4230             CPUID_EXT_MOVBE | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
4231             CPUID_EXT_CX16 | CPUID_EXT_FMA | CPUID_EXT_SSSE3 |
4232             CPUID_EXT_MONITOR | CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
4233             CPUID_EXT_PCID,
4234         .features[FEAT_8000_0001_EDX] =
4235             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_PDPE1GB |
4236             CPUID_EXT2_FFXSR | CPUID_EXT2_MMXEXT | CPUID_EXT2_NX |
4237             CPUID_EXT2_SYSCALL,
4238         .features[FEAT_8000_0001_ECX] =
4239             CPUID_EXT3_OSVW | CPUID_EXT3_3DNOWPREFETCH |
4240             CPUID_EXT3_MISALIGNSSE | CPUID_EXT3_SSE4A | CPUID_EXT3_ABM |
4241             CPUID_EXT3_CR8LEG | CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM |
4242             CPUID_EXT3_TOPOEXT | CPUID_EXT3_PERFCORE,
4243         .features[FEAT_8000_0008_EBX] =
4244             CPUID_8000_0008_EBX_CLZERO | CPUID_8000_0008_EBX_XSAVEERPTR |
4245             CPUID_8000_0008_EBX_WBNOINVD | CPUID_8000_0008_EBX_IBPB |
4246             CPUID_8000_0008_EBX_IBRS | CPUID_8000_0008_EBX_STIBP |
4247             CPUID_8000_0008_EBX_AMD_SSBD,
4248         .features[FEAT_7_0_EBX] =
4249             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_AVX2 |
4250             CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_RDSEED |
4251             CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLFLUSHOPT |
4252             CPUID_7_0_EBX_SHA_NI | CPUID_7_0_EBX_CLWB | CPUID_7_0_EBX_ERMS |
4253             CPUID_7_0_EBX_INVPCID,
4254         .features[FEAT_7_0_ECX] =
4255             CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_RDPID | CPUID_7_0_ECX_PKU,
4256         .features[FEAT_7_0_EDX] =
4257             CPUID_7_0_EDX_FSRM,
4258         .features[FEAT_XSAVE] =
4259             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
4260             CPUID_XSAVE_XGETBV1 | CPUID_XSAVE_XSAVES,
4261         .features[FEAT_6_EAX] =
4262             CPUID_6_EAX_ARAT,
4263         .features[FEAT_SVM] =
4264             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE | CPUID_SVM_SVME_ADDR_CHK,
4265         .xlevel = 0x8000001E,
4266         .model_id = "AMD EPYC-Milan Processor",
4267         .cache_info = &epyc_milan_cache_info,
4268     },
4269 };
4270 
4271 /*
4272  * We resolve CPU model aliases using -v1 when using "-machine
4273  * none", but this is just for compatibility while libvirt isn't
4274  * adapted to resolve CPU model versions before creating VMs.
4275  * See "Runnability guarantee of CPU models" at
4276  * docs/about/deprecated.rst.
4277  */
4278 X86CPUVersion default_cpu_version = 1;
4279 
4280 void x86_cpu_set_default_version(X86CPUVersion version)
4281 {
4282     /* Translating CPU_VERSION_AUTO to CPU_VERSION_AUTO doesn't make sense */
4283     assert(version != CPU_VERSION_AUTO);
4284     default_cpu_version = version;
4285 }
4286 
4287 static X86CPUVersion x86_cpu_model_last_version(const X86CPUModel *model)
4288 {
4289     int v = 0;
4290     const X86CPUVersionDefinition *vdef =
4291         x86_cpu_def_get_versions(model->cpudef);
4292     while (vdef->version) {
4293         v = vdef->version;
4294         vdef++;
4295     }
4296     return v;
4297 }
4298 
4299 /* Return the actual version being used for a specific CPU model */
4300 static X86CPUVersion x86_cpu_model_resolve_version(const X86CPUModel *model)
4301 {
4302     X86CPUVersion v = model->version;
4303     if (v == CPU_VERSION_AUTO) {
4304         v = default_cpu_version;
4305     }
4306     if (v == CPU_VERSION_LATEST) {
4307         return x86_cpu_model_last_version(model);
4308     }
4309     return v;
4310 }
4311 
4312 static Property max_x86_cpu_properties[] = {
4313     DEFINE_PROP_BOOL("migratable", X86CPU, migratable, true),
4314     DEFINE_PROP_BOOL("host-cache-info", X86CPU, cache_info_passthrough, false),
4315     DEFINE_PROP_END_OF_LIST()
4316 };
4317 
4318 static void max_x86_cpu_class_init(ObjectClass *oc, void *data)
4319 {
4320     DeviceClass *dc = DEVICE_CLASS(oc);
4321     X86CPUClass *xcc = X86_CPU_CLASS(oc);
4322 
4323     xcc->ordering = 9;
4324 
4325     xcc->model_description =
4326         "Enables all features supported by the accelerator in the current host";
4327 
4328     device_class_set_props(dc, max_x86_cpu_properties);
4329 }
4330 
4331 static void max_x86_cpu_initfn(Object *obj)
4332 {
4333     X86CPU *cpu = X86_CPU(obj);
4334 
4335     /* We can't fill the features array here because we don't know yet if
4336      * "migratable" is true or false.
4337      */
4338     cpu->max_features = true;
4339     object_property_set_bool(OBJECT(cpu), "pmu", true, &error_abort);
4340 
4341     /*
4342      * these defaults are used for TCG and all other accelerators
4343      * besides KVM and HVF, which overwrite these values
4344      */
4345     object_property_set_str(OBJECT(cpu), "vendor", CPUID_VENDOR_AMD,
4346                             &error_abort);
4347 #ifdef TARGET_X86_64
4348     object_property_set_int(OBJECT(cpu), "family", 15, &error_abort);
4349     object_property_set_int(OBJECT(cpu), "model", 107, &error_abort);
4350     object_property_set_int(OBJECT(cpu), "stepping", 1, &error_abort);
4351 #else
4352     object_property_set_int(OBJECT(cpu), "family", 6, &error_abort);
4353     object_property_set_int(OBJECT(cpu), "model", 6, &error_abort);
4354     object_property_set_int(OBJECT(cpu), "stepping", 3, &error_abort);
4355 #endif
4356     object_property_set_str(OBJECT(cpu), "model-id",
4357                             "QEMU TCG CPU version " QEMU_HW_VERSION,
4358                             &error_abort);
4359 }
4360 
4361 static const TypeInfo max_x86_cpu_type_info = {
4362     .name = X86_CPU_TYPE_NAME("max"),
4363     .parent = TYPE_X86_CPU,
4364     .instance_init = max_x86_cpu_initfn,
4365     .class_init = max_x86_cpu_class_init,
4366 };
4367 
4368 static char *feature_word_description(FeatureWordInfo *f, uint32_t bit)
4369 {
4370     assert(f->type == CPUID_FEATURE_WORD || f->type == MSR_FEATURE_WORD);
4371 
4372     switch (f->type) {
4373     case CPUID_FEATURE_WORD:
4374         {
4375             const char *reg = get_register_name_32(f->cpuid.reg);
4376             assert(reg);
4377             return g_strdup_printf("CPUID.%02XH:%s",
4378                                    f->cpuid.eax, reg);
4379         }
4380     case MSR_FEATURE_WORD:
4381         return g_strdup_printf("MSR(%02XH)",
4382                                f->msr.index);
4383     }
4384 
4385     return NULL;
4386 }
4387 
4388 static bool x86_cpu_have_filtered_features(X86CPU *cpu)
4389 {
4390     FeatureWord w;
4391 
4392     for (w = 0; w < FEATURE_WORDS; w++) {
4393         if (cpu->filtered_features[w]) {
4394             return true;
4395         }
4396     }
4397 
4398     return false;
4399 }
4400 
4401 static void mark_unavailable_features(X86CPU *cpu, FeatureWord w, uint64_t mask,
4402                                       const char *verbose_prefix)
4403 {
4404     CPUX86State *env = &cpu->env;
4405     FeatureWordInfo *f = &feature_word_info[w];
4406     int i;
4407 
4408     if (!cpu->force_features) {
4409         env->features[w] &= ~mask;
4410     }
4411     cpu->filtered_features[w] |= mask;
4412 
4413     if (!verbose_prefix) {
4414         return;
4415     }
4416 
4417     for (i = 0; i < 64; ++i) {
4418         if ((1ULL << i) & mask) {
4419             g_autofree char *feat_word_str = feature_word_description(f, i);
4420             warn_report("%s: %s%s%s [bit %d]",
4421                         verbose_prefix,
4422                         feat_word_str,
4423                         f->feat_names[i] ? "." : "",
4424                         f->feat_names[i] ? f->feat_names[i] : "", i);
4425         }
4426     }
4427 }
4428 
4429 static void x86_cpuid_version_get_family(Object *obj, Visitor *v,
4430                                          const char *name, void *opaque,
4431                                          Error **errp)
4432 {
4433     X86CPU *cpu = X86_CPU(obj);
4434     CPUX86State *env = &cpu->env;
4435     int64_t value;
4436 
4437     value = (env->cpuid_version >> 8) & 0xf;
4438     if (value == 0xf) {
4439         value += (env->cpuid_version >> 20) & 0xff;
4440     }
4441     visit_type_int(v, name, &value, errp);
4442 }
4443 
4444 static void x86_cpuid_version_set_family(Object *obj, Visitor *v,
4445                                          const char *name, void *opaque,
4446                                          Error **errp)
4447 {
4448     X86CPU *cpu = X86_CPU(obj);
4449     CPUX86State *env = &cpu->env;
4450     const int64_t min = 0;
4451     const int64_t max = 0xff + 0xf;
4452     int64_t value;
4453 
4454     if (!visit_type_int(v, name, &value, errp)) {
4455         return;
4456     }
4457     if (value < min || value > max) {
4458         error_setg(errp, QERR_PROPERTY_VALUE_OUT_OF_RANGE, "",
4459                    name ? name : "null", value, min, max);
4460         return;
4461     }
4462 
4463     env->cpuid_version &= ~0xff00f00;
4464     if (value > 0x0f) {
4465         env->cpuid_version |= 0xf00 | ((value - 0x0f) << 20);
4466     } else {
4467         env->cpuid_version |= value << 8;
4468     }
4469 }
4470 
4471 static void x86_cpuid_version_get_model(Object *obj, Visitor *v,
4472                                         const char *name, void *opaque,
4473                                         Error **errp)
4474 {
4475     X86CPU *cpu = X86_CPU(obj);
4476     CPUX86State *env = &cpu->env;
4477     int64_t value;
4478 
4479     value = (env->cpuid_version >> 4) & 0xf;
4480     value |= ((env->cpuid_version >> 16) & 0xf) << 4;
4481     visit_type_int(v, name, &value, errp);
4482 }
4483 
4484 static void x86_cpuid_version_set_model(Object *obj, Visitor *v,
4485                                         const char *name, void *opaque,
4486                                         Error **errp)
4487 {
4488     X86CPU *cpu = X86_CPU(obj);
4489     CPUX86State *env = &cpu->env;
4490     const int64_t min = 0;
4491     const int64_t max = 0xff;
4492     int64_t value;
4493 
4494     if (!visit_type_int(v, name, &value, errp)) {
4495         return;
4496     }
4497     if (value < min || value > max) {
4498         error_setg(errp, QERR_PROPERTY_VALUE_OUT_OF_RANGE, "",
4499                    name ? name : "null", value, min, max);
4500         return;
4501     }
4502 
4503     env->cpuid_version &= ~0xf00f0;
4504     env->cpuid_version |= ((value & 0xf) << 4) | ((value >> 4) << 16);
4505 }
4506 
4507 static void x86_cpuid_version_get_stepping(Object *obj, Visitor *v,
4508                                            const char *name, void *opaque,
4509                                            Error **errp)
4510 {
4511     X86CPU *cpu = X86_CPU(obj);
4512     CPUX86State *env = &cpu->env;
4513     int64_t value;
4514 
4515     value = env->cpuid_version & 0xf;
4516     visit_type_int(v, name, &value, errp);
4517 }
4518 
4519 static void x86_cpuid_version_set_stepping(Object *obj, Visitor *v,
4520                                            const char *name, void *opaque,
4521                                            Error **errp)
4522 {
4523     X86CPU *cpu = X86_CPU(obj);
4524     CPUX86State *env = &cpu->env;
4525     const int64_t min = 0;
4526     const int64_t max = 0xf;
4527     int64_t value;
4528 
4529     if (!visit_type_int(v, name, &value, errp)) {
4530         return;
4531     }
4532     if (value < min || value > max) {
4533         error_setg(errp, QERR_PROPERTY_VALUE_OUT_OF_RANGE, "",
4534                    name ? name : "null", value, min, max);
4535         return;
4536     }
4537 
4538     env->cpuid_version &= ~0xf;
4539     env->cpuid_version |= value & 0xf;
4540 }
4541 
4542 static char *x86_cpuid_get_vendor(Object *obj, Error **errp)
4543 {
4544     X86CPU *cpu = X86_CPU(obj);
4545     CPUX86State *env = &cpu->env;
4546     char *value;
4547 
4548     value = g_malloc(CPUID_VENDOR_SZ + 1);
4549     x86_cpu_vendor_words2str(value, env->cpuid_vendor1, env->cpuid_vendor2,
4550                              env->cpuid_vendor3);
4551     return value;
4552 }
4553 
4554 static void x86_cpuid_set_vendor(Object *obj, const char *value,
4555                                  Error **errp)
4556 {
4557     X86CPU *cpu = X86_CPU(obj);
4558     CPUX86State *env = &cpu->env;
4559     int i;
4560 
4561     if (strlen(value) != CPUID_VENDOR_SZ) {
4562         error_setg(errp, QERR_PROPERTY_VALUE_BAD, "", "vendor", value);
4563         return;
4564     }
4565 
4566     env->cpuid_vendor1 = 0;
4567     env->cpuid_vendor2 = 0;
4568     env->cpuid_vendor3 = 0;
4569     for (i = 0; i < 4; i++) {
4570         env->cpuid_vendor1 |= ((uint8_t)value[i    ]) << (8 * i);
4571         env->cpuid_vendor2 |= ((uint8_t)value[i + 4]) << (8 * i);
4572         env->cpuid_vendor3 |= ((uint8_t)value[i + 8]) << (8 * i);
4573     }
4574 }
4575 
4576 static char *x86_cpuid_get_model_id(Object *obj, Error **errp)
4577 {
4578     X86CPU *cpu = X86_CPU(obj);
4579     CPUX86State *env = &cpu->env;
4580     char *value;
4581     int i;
4582 
4583     value = g_malloc(48 + 1);
4584     for (i = 0; i < 48; i++) {
4585         value[i] = env->cpuid_model[i >> 2] >> (8 * (i & 3));
4586     }
4587     value[48] = '\0';
4588     return value;
4589 }
4590 
4591 static void x86_cpuid_set_model_id(Object *obj, const char *model_id,
4592                                    Error **errp)
4593 {
4594     X86CPU *cpu = X86_CPU(obj);
4595     CPUX86State *env = &cpu->env;
4596     int c, len, i;
4597 
4598     if (model_id == NULL) {
4599         model_id = "";
4600     }
4601     len = strlen(model_id);
4602     memset(env->cpuid_model, 0, 48);
4603     for (i = 0; i < 48; i++) {
4604         if (i >= len) {
4605             c = '\0';
4606         } else {
4607             c = (uint8_t)model_id[i];
4608         }
4609         env->cpuid_model[i >> 2] |= c << (8 * (i & 3));
4610     }
4611 }
4612 
4613 static void x86_cpuid_get_tsc_freq(Object *obj, Visitor *v, const char *name,
4614                                    void *opaque, Error **errp)
4615 {
4616     X86CPU *cpu = X86_CPU(obj);
4617     int64_t value;
4618 
4619     value = cpu->env.tsc_khz * 1000;
4620     visit_type_int(v, name, &value, errp);
4621 }
4622 
4623 static void x86_cpuid_set_tsc_freq(Object *obj, Visitor *v, const char *name,
4624                                    void *opaque, Error **errp)
4625 {
4626     X86CPU *cpu = X86_CPU(obj);
4627     const int64_t min = 0;
4628     const int64_t max = INT64_MAX;
4629     int64_t value;
4630 
4631     if (!visit_type_int(v, name, &value, errp)) {
4632         return;
4633     }
4634     if (value < min || value > max) {
4635         error_setg(errp, QERR_PROPERTY_VALUE_OUT_OF_RANGE, "",
4636                    name ? name : "null", value, min, max);
4637         return;
4638     }
4639 
4640     cpu->env.tsc_khz = cpu->env.user_tsc_khz = value / 1000;
4641 }
4642 
4643 /* Generic getter for "feature-words" and "filtered-features" properties */
4644 static void x86_cpu_get_feature_words(Object *obj, Visitor *v,
4645                                       const char *name, void *opaque,
4646                                       Error **errp)
4647 {
4648     uint64_t *array = (uint64_t *)opaque;
4649     FeatureWord w;
4650     X86CPUFeatureWordInfo word_infos[FEATURE_WORDS] = { };
4651     X86CPUFeatureWordInfoList list_entries[FEATURE_WORDS] = { };
4652     X86CPUFeatureWordInfoList *list = NULL;
4653 
4654     for (w = 0; w < FEATURE_WORDS; w++) {
4655         FeatureWordInfo *wi = &feature_word_info[w];
4656         /*
4657                 * We didn't have MSR features when "feature-words" was
4658                 *  introduced. Therefore skipped other type entries.
4659                 */
4660         if (wi->type != CPUID_FEATURE_WORD) {
4661             continue;
4662         }
4663         X86CPUFeatureWordInfo *qwi = &word_infos[w];
4664         qwi->cpuid_input_eax = wi->cpuid.eax;
4665         qwi->has_cpuid_input_ecx = wi->cpuid.needs_ecx;
4666         qwi->cpuid_input_ecx = wi->cpuid.ecx;
4667         qwi->cpuid_register = x86_reg_info_32[wi->cpuid.reg].qapi_enum;
4668         qwi->features = array[w];
4669 
4670         /* List will be in reverse order, but order shouldn't matter */
4671         list_entries[w].next = list;
4672         list_entries[w].value = &word_infos[w];
4673         list = &list_entries[w];
4674     }
4675 
4676     visit_type_X86CPUFeatureWordInfoList(v, "feature-words", &list, errp);
4677 }
4678 
4679 /* Convert all '_' in a feature string option name to '-', to make feature
4680  * name conform to QOM property naming rule, which uses '-' instead of '_'.
4681  */
4682 static inline void feat2prop(char *s)
4683 {
4684     while ((s = strchr(s, '_'))) {
4685         *s = '-';
4686     }
4687 }
4688 
4689 /* Return the feature property name for a feature flag bit */
4690 static const char *x86_cpu_feature_name(FeatureWord w, int bitnr)
4691 {
4692     const char *name;
4693     /* XSAVE components are automatically enabled by other features,
4694      * so return the original feature name instead
4695      */
4696     if (w == FEAT_XSAVE_XCR0_LO || w == FEAT_XSAVE_XCR0_HI) {
4697         int comp = (w == FEAT_XSAVE_XCR0_HI) ? bitnr + 32 : bitnr;
4698 
4699         if (comp < ARRAY_SIZE(x86_ext_save_areas) &&
4700             x86_ext_save_areas[comp].bits) {
4701             w = x86_ext_save_areas[comp].feature;
4702             bitnr = ctz32(x86_ext_save_areas[comp].bits);
4703         }
4704     }
4705 
4706     assert(bitnr < 64);
4707     assert(w < FEATURE_WORDS);
4708     name = feature_word_info[w].feat_names[bitnr];
4709     assert(bitnr < 32 || !(name && feature_word_info[w].type == CPUID_FEATURE_WORD));
4710     return name;
4711 }
4712 
4713 /* Compatibily hack to maintain legacy +-feat semantic,
4714  * where +-feat overwrites any feature set by
4715  * feat=on|feat even if the later is parsed after +-feat
4716  * (i.e. "-x2apic,x2apic=on" will result in x2apic disabled)
4717  */
4718 static GList *plus_features, *minus_features;
4719 
4720 static gint compare_string(gconstpointer a, gconstpointer b)
4721 {
4722     return g_strcmp0(a, b);
4723 }
4724 
4725 /* Parse "+feature,-feature,feature=foo" CPU feature string
4726  */
4727 static void x86_cpu_parse_featurestr(const char *typename, char *features,
4728                                      Error **errp)
4729 {
4730     char *featurestr; /* Single 'key=value" string being parsed */
4731     static bool cpu_globals_initialized;
4732     bool ambiguous = false;
4733 
4734     if (cpu_globals_initialized) {
4735         return;
4736     }
4737     cpu_globals_initialized = true;
4738 
4739     if (!features) {
4740         return;
4741     }
4742 
4743     for (featurestr = strtok(features, ",");
4744          featurestr;
4745          featurestr = strtok(NULL, ",")) {
4746         const char *name;
4747         const char *val = NULL;
4748         char *eq = NULL;
4749         char num[32];
4750         GlobalProperty *prop;
4751 
4752         /* Compatibility syntax: */
4753         if (featurestr[0] == '+') {
4754             plus_features = g_list_append(plus_features,
4755                                           g_strdup(featurestr + 1));
4756             continue;
4757         } else if (featurestr[0] == '-') {
4758             minus_features = g_list_append(minus_features,
4759                                            g_strdup(featurestr + 1));
4760             continue;
4761         }
4762 
4763         eq = strchr(featurestr, '=');
4764         if (eq) {
4765             *eq++ = 0;
4766             val = eq;
4767         } else {
4768             val = "on";
4769         }
4770 
4771         feat2prop(featurestr);
4772         name = featurestr;
4773 
4774         if (g_list_find_custom(plus_features, name, compare_string)) {
4775             warn_report("Ambiguous CPU model string. "
4776                         "Don't mix both \"+%s\" and \"%s=%s\"",
4777                         name, name, val);
4778             ambiguous = true;
4779         }
4780         if (g_list_find_custom(minus_features, name, compare_string)) {
4781             warn_report("Ambiguous CPU model string. "
4782                         "Don't mix both \"-%s\" and \"%s=%s\"",
4783                         name, name, val);
4784             ambiguous = true;
4785         }
4786 
4787         /* Special case: */
4788         if (!strcmp(name, "tsc-freq")) {
4789             int ret;
4790             uint64_t tsc_freq;
4791 
4792             ret = qemu_strtosz_metric(val, NULL, &tsc_freq);
4793             if (ret < 0 || tsc_freq > INT64_MAX) {
4794                 error_setg(errp, "bad numerical value %s", val);
4795                 return;
4796             }
4797             snprintf(num, sizeof(num), "%" PRId64, tsc_freq);
4798             val = num;
4799             name = "tsc-frequency";
4800         }
4801 
4802         prop = g_new0(typeof(*prop), 1);
4803         prop->driver = typename;
4804         prop->property = g_strdup(name);
4805         prop->value = g_strdup(val);
4806         qdev_prop_register_global(prop);
4807     }
4808 
4809     if (ambiguous) {
4810         warn_report("Compatibility of ambiguous CPU model "
4811                     "strings won't be kept on future QEMU versions");
4812     }
4813 }
4814 
4815 static void x86_cpu_filter_features(X86CPU *cpu, bool verbose);
4816 
4817 /* Build a list with the name of all features on a feature word array */
4818 static void x86_cpu_list_feature_names(FeatureWordArray features,
4819                                        strList **list)
4820 {
4821     strList **tail = list;
4822     FeatureWord w;
4823 
4824     for (w = 0; w < FEATURE_WORDS; w++) {
4825         uint64_t filtered = features[w];
4826         int i;
4827         for (i = 0; i < 64; i++) {
4828             if (filtered & (1ULL << i)) {
4829                 QAPI_LIST_APPEND(tail, g_strdup(x86_cpu_feature_name(w, i)));
4830             }
4831         }
4832     }
4833 }
4834 
4835 static void x86_cpu_get_unavailable_features(Object *obj, Visitor *v,
4836                                              const char *name, void *opaque,
4837                                              Error **errp)
4838 {
4839     X86CPU *xc = X86_CPU(obj);
4840     strList *result = NULL;
4841 
4842     x86_cpu_list_feature_names(xc->filtered_features, &result);
4843     visit_type_strList(v, "unavailable-features", &result, errp);
4844 }
4845 
4846 /* Check for missing features that may prevent the CPU class from
4847  * running using the current machine and accelerator.
4848  */
4849 static void x86_cpu_class_check_missing_features(X86CPUClass *xcc,
4850                                                  strList **list)
4851 {
4852     strList **tail = list;
4853     X86CPU *xc;
4854     Error *err = NULL;
4855 
4856     if (xcc->host_cpuid_required && !accel_uses_host_cpuid()) {
4857         QAPI_LIST_APPEND(tail, g_strdup("kvm"));
4858         return;
4859     }
4860 
4861     xc = X86_CPU(object_new_with_class(OBJECT_CLASS(xcc)));
4862 
4863     x86_cpu_expand_features(xc, &err);
4864     if (err) {
4865         /* Errors at x86_cpu_expand_features should never happen,
4866          * but in case it does, just report the model as not
4867          * runnable at all using the "type" property.
4868          */
4869         QAPI_LIST_APPEND(tail, g_strdup("type"));
4870         error_free(err);
4871     }
4872 
4873     x86_cpu_filter_features(xc, false);
4874 
4875     x86_cpu_list_feature_names(xc->filtered_features, tail);
4876 
4877     object_unref(OBJECT(xc));
4878 }
4879 
4880 /* Print all cpuid feature names in featureset
4881  */
4882 static void listflags(GList *features)
4883 {
4884     size_t len = 0;
4885     GList *tmp;
4886 
4887     for (tmp = features; tmp; tmp = tmp->next) {
4888         const char *name = tmp->data;
4889         if ((len + strlen(name) + 1) >= 75) {
4890             qemu_printf("\n");
4891             len = 0;
4892         }
4893         qemu_printf("%s%s", len == 0 ? "  " : " ", name);
4894         len += strlen(name) + 1;
4895     }
4896     qemu_printf("\n");
4897 }
4898 
4899 /* Sort alphabetically by type name, respecting X86CPUClass::ordering. */
4900 static gint x86_cpu_list_compare(gconstpointer a, gconstpointer b)
4901 {
4902     ObjectClass *class_a = (ObjectClass *)a;
4903     ObjectClass *class_b = (ObjectClass *)b;
4904     X86CPUClass *cc_a = X86_CPU_CLASS(class_a);
4905     X86CPUClass *cc_b = X86_CPU_CLASS(class_b);
4906     int ret;
4907 
4908     if (cc_a->ordering != cc_b->ordering) {
4909         ret = cc_a->ordering - cc_b->ordering;
4910     } else {
4911         g_autofree char *name_a = x86_cpu_class_get_model_name(cc_a);
4912         g_autofree char *name_b = x86_cpu_class_get_model_name(cc_b);
4913         ret = strcmp(name_a, name_b);
4914     }
4915     return ret;
4916 }
4917 
4918 static GSList *get_sorted_cpu_model_list(void)
4919 {
4920     GSList *list = object_class_get_list(TYPE_X86_CPU, false);
4921     list = g_slist_sort(list, x86_cpu_list_compare);
4922     return list;
4923 }
4924 
4925 static char *x86_cpu_class_get_model_id(X86CPUClass *xc)
4926 {
4927     Object *obj = object_new_with_class(OBJECT_CLASS(xc));
4928     char *r = object_property_get_str(obj, "model-id", &error_abort);
4929     object_unref(obj);
4930     return r;
4931 }
4932 
4933 static char *x86_cpu_class_get_alias_of(X86CPUClass *cc)
4934 {
4935     X86CPUVersion version;
4936 
4937     if (!cc->model || !cc->model->is_alias) {
4938         return NULL;
4939     }
4940     version = x86_cpu_model_resolve_version(cc->model);
4941     if (version <= 0) {
4942         return NULL;
4943     }
4944     return x86_cpu_versioned_model_name(cc->model->cpudef, version);
4945 }
4946 
4947 static void x86_cpu_list_entry(gpointer data, gpointer user_data)
4948 {
4949     ObjectClass *oc = data;
4950     X86CPUClass *cc = X86_CPU_CLASS(oc);
4951     g_autofree char *name = x86_cpu_class_get_model_name(cc);
4952     g_autofree char *desc = g_strdup(cc->model_description);
4953     g_autofree char *alias_of = x86_cpu_class_get_alias_of(cc);
4954     g_autofree char *model_id = x86_cpu_class_get_model_id(cc);
4955 
4956     if (!desc && alias_of) {
4957         if (cc->model && cc->model->version == CPU_VERSION_AUTO) {
4958             desc = g_strdup("(alias configured by machine type)");
4959         } else {
4960             desc = g_strdup_printf("(alias of %s)", alias_of);
4961         }
4962     }
4963     if (!desc && cc->model && cc->model->note) {
4964         desc = g_strdup_printf("%s [%s]", model_id, cc->model->note);
4965     }
4966     if (!desc) {
4967         desc = g_strdup_printf("%s", model_id);
4968     }
4969 
4970     if (cc->model && cc->model->cpudef->deprecation_note) {
4971         g_autofree char *olddesc = desc;
4972         desc = g_strdup_printf("%s (deprecated)", olddesc);
4973     }
4974 
4975     qemu_printf("x86 %-20s  %s\n", name, desc);
4976 }
4977 
4978 /* list available CPU models and flags */
4979 void x86_cpu_list(void)
4980 {
4981     int i, j;
4982     GSList *list;
4983     GList *names = NULL;
4984 
4985     qemu_printf("Available CPUs:\n");
4986     list = get_sorted_cpu_model_list();
4987     g_slist_foreach(list, x86_cpu_list_entry, NULL);
4988     g_slist_free(list);
4989 
4990     names = NULL;
4991     for (i = 0; i < ARRAY_SIZE(feature_word_info); i++) {
4992         FeatureWordInfo *fw = &feature_word_info[i];
4993         for (j = 0; j < 64; j++) {
4994             if (fw->feat_names[j]) {
4995                 names = g_list_append(names, (gpointer)fw->feat_names[j]);
4996             }
4997         }
4998     }
4999 
5000     names = g_list_sort(names, (GCompareFunc)strcmp);
5001 
5002     qemu_printf("\nRecognized CPUID flags:\n");
5003     listflags(names);
5004     qemu_printf("\n");
5005     g_list_free(names);
5006 }
5007 
5008 static void x86_cpu_definition_entry(gpointer data, gpointer user_data)
5009 {
5010     ObjectClass *oc = data;
5011     X86CPUClass *cc = X86_CPU_CLASS(oc);
5012     CpuDefinitionInfoList **cpu_list = user_data;
5013     CpuDefinitionInfo *info;
5014 
5015     info = g_malloc0(sizeof(*info));
5016     info->name = x86_cpu_class_get_model_name(cc);
5017     x86_cpu_class_check_missing_features(cc, &info->unavailable_features);
5018     info->has_unavailable_features = true;
5019     info->q_typename = g_strdup(object_class_get_name(oc));
5020     info->migration_safe = cc->migration_safe;
5021     info->has_migration_safe = true;
5022     info->q_static = cc->static_model;
5023     if (cc->model && cc->model->cpudef->deprecation_note) {
5024         info->deprecated = true;
5025     } else {
5026         info->deprecated = false;
5027     }
5028     /*
5029      * Old machine types won't report aliases, so that alias translation
5030      * doesn't break compatibility with previous QEMU versions.
5031      */
5032     if (default_cpu_version != CPU_VERSION_LEGACY) {
5033         info->alias_of = x86_cpu_class_get_alias_of(cc);
5034     }
5035 
5036     QAPI_LIST_PREPEND(*cpu_list, info);
5037 }
5038 
5039 CpuDefinitionInfoList *qmp_query_cpu_definitions(Error **errp)
5040 {
5041     CpuDefinitionInfoList *cpu_list = NULL;
5042     GSList *list = get_sorted_cpu_model_list();
5043     g_slist_foreach(list, x86_cpu_definition_entry, &cpu_list);
5044     g_slist_free(list);
5045     return cpu_list;
5046 }
5047 
5048 uint64_t x86_cpu_get_supported_feature_word(FeatureWord w,
5049                                             bool migratable_only)
5050 {
5051     FeatureWordInfo *wi = &feature_word_info[w];
5052     uint64_t r = 0;
5053 
5054     if (kvm_enabled()) {
5055         switch (wi->type) {
5056         case CPUID_FEATURE_WORD:
5057             r = kvm_arch_get_supported_cpuid(kvm_state, wi->cpuid.eax,
5058                                                         wi->cpuid.ecx,
5059                                                         wi->cpuid.reg);
5060             break;
5061         case MSR_FEATURE_WORD:
5062             r = kvm_arch_get_supported_msr_feature(kvm_state,
5063                         wi->msr.index);
5064             break;
5065         }
5066     } else if (hvf_enabled()) {
5067         if (wi->type != CPUID_FEATURE_WORD) {
5068             return 0;
5069         }
5070         r = hvf_get_supported_cpuid(wi->cpuid.eax,
5071                                     wi->cpuid.ecx,
5072                                     wi->cpuid.reg);
5073     } else if (tcg_enabled()) {
5074         r = wi->tcg_features;
5075     } else {
5076         return ~0;
5077     }
5078 #ifndef TARGET_X86_64
5079     if (w == FEAT_8000_0001_EDX) {
5080         r &= ~CPUID_EXT2_LM;
5081     }
5082 #endif
5083     if (migratable_only) {
5084         r &= x86_cpu_get_migratable_flags(w);
5085     }
5086     return r;
5087 }
5088 
5089 static void x86_cpu_get_supported_cpuid(uint32_t func, uint32_t index,
5090                                         uint32_t *eax, uint32_t *ebx,
5091                                         uint32_t *ecx, uint32_t *edx)
5092 {
5093     if (kvm_enabled()) {
5094         *eax = kvm_arch_get_supported_cpuid(kvm_state, func, index, R_EAX);
5095         *ebx = kvm_arch_get_supported_cpuid(kvm_state, func, index, R_EBX);
5096         *ecx = kvm_arch_get_supported_cpuid(kvm_state, func, index, R_ECX);
5097         *edx = kvm_arch_get_supported_cpuid(kvm_state, func, index, R_EDX);
5098     } else if (hvf_enabled()) {
5099         *eax = hvf_get_supported_cpuid(func, index, R_EAX);
5100         *ebx = hvf_get_supported_cpuid(func, index, R_EBX);
5101         *ecx = hvf_get_supported_cpuid(func, index, R_ECX);
5102         *edx = hvf_get_supported_cpuid(func, index, R_EDX);
5103     } else {
5104         *eax = 0;
5105         *ebx = 0;
5106         *ecx = 0;
5107         *edx = 0;
5108     }
5109 }
5110 
5111 static void x86_cpu_get_cache_cpuid(uint32_t func, uint32_t index,
5112                                     uint32_t *eax, uint32_t *ebx,
5113                                     uint32_t *ecx, uint32_t *edx)
5114 {
5115     uint32_t level, unused;
5116 
5117     /* Only return valid host leaves.  */
5118     switch (func) {
5119     case 2:
5120     case 4:
5121         host_cpuid(0, 0, &level, &unused, &unused, &unused);
5122         break;
5123     case 0x80000005:
5124     case 0x80000006:
5125     case 0x8000001d:
5126         host_cpuid(0x80000000, 0, &level, &unused, &unused, &unused);
5127         break;
5128     default:
5129         return;
5130     }
5131 
5132     if (func > level) {
5133         *eax = 0;
5134         *ebx = 0;
5135         *ecx = 0;
5136         *edx = 0;
5137     } else {
5138         host_cpuid(func, index, eax, ebx, ecx, edx);
5139     }
5140 }
5141 
5142 /*
5143  * Only for builtin_x86_defs models initialized with x86_register_cpudef_types.
5144  */
5145 void x86_cpu_apply_props(X86CPU *cpu, PropValue *props)
5146 {
5147     PropValue *pv;
5148     for (pv = props; pv->prop; pv++) {
5149         if (!pv->value) {
5150             continue;
5151         }
5152         object_property_parse(OBJECT(cpu), pv->prop, pv->value,
5153                               &error_abort);
5154     }
5155 }
5156 
5157 /*
5158  * Apply properties for the CPU model version specified in model.
5159  * Only for builtin_x86_defs models initialized with x86_register_cpudef_types.
5160  */
5161 
5162 static void x86_cpu_apply_version_props(X86CPU *cpu, X86CPUModel *model)
5163 {
5164     const X86CPUVersionDefinition *vdef;
5165     X86CPUVersion version = x86_cpu_model_resolve_version(model);
5166 
5167     if (version == CPU_VERSION_LEGACY) {
5168         return;
5169     }
5170 
5171     for (vdef = x86_cpu_def_get_versions(model->cpudef); vdef->version; vdef++) {
5172         PropValue *p;
5173 
5174         for (p = vdef->props; p && p->prop; p++) {
5175             object_property_parse(OBJECT(cpu), p->prop, p->value,
5176                                   &error_abort);
5177         }
5178 
5179         if (vdef->version == version) {
5180             break;
5181         }
5182     }
5183 
5184     /*
5185      * If we reached the end of the list, version number was invalid
5186      */
5187     assert(vdef->version == version);
5188 }
5189 
5190 /*
5191  * Load data from X86CPUDefinition into a X86CPU object.
5192  * Only for builtin_x86_defs models initialized with x86_register_cpudef_types.
5193  */
5194 static void x86_cpu_load_model(X86CPU *cpu, X86CPUModel *model)
5195 {
5196     const X86CPUDefinition *def = model->cpudef;
5197     CPUX86State *env = &cpu->env;
5198     FeatureWord w;
5199 
5200     /*NOTE: any property set by this function should be returned by
5201      * x86_cpu_static_props(), so static expansion of
5202      * query-cpu-model-expansion is always complete.
5203      */
5204 
5205     /* CPU models only set _minimum_ values for level/xlevel: */
5206     object_property_set_uint(OBJECT(cpu), "min-level", def->level,
5207                              &error_abort);
5208     object_property_set_uint(OBJECT(cpu), "min-xlevel", def->xlevel,
5209                              &error_abort);
5210 
5211     object_property_set_int(OBJECT(cpu), "family", def->family, &error_abort);
5212     object_property_set_int(OBJECT(cpu), "model", def->model, &error_abort);
5213     object_property_set_int(OBJECT(cpu), "stepping", def->stepping,
5214                             &error_abort);
5215     object_property_set_str(OBJECT(cpu), "model-id", def->model_id,
5216                             &error_abort);
5217     for (w = 0; w < FEATURE_WORDS; w++) {
5218         env->features[w] = def->features[w];
5219     }
5220 
5221     /* legacy-cache defaults to 'off' if CPU model provides cache info */
5222     cpu->legacy_cache = !def->cache_info;
5223 
5224     env->features[FEAT_1_ECX] |= CPUID_EXT_HYPERVISOR;
5225 
5226     /* sysenter isn't supported in compatibility mode on AMD,
5227      * syscall isn't supported in compatibility mode on Intel.
5228      * Normally we advertise the actual CPU vendor, but you can
5229      * override this using the 'vendor' property if you want to use
5230      * KVM's sysenter/syscall emulation in compatibility mode and
5231      * when doing cross vendor migration
5232      */
5233 
5234     /*
5235      * vendor property is set here but then overloaded with the
5236      * host cpu vendor for KVM and HVF.
5237      */
5238     object_property_set_str(OBJECT(cpu), "vendor", def->vendor, &error_abort);
5239 
5240     x86_cpu_apply_version_props(cpu, model);
5241 
5242     /*
5243      * Properties in versioned CPU model are not user specified features.
5244      * We can simply clear env->user_features here since it will be filled later
5245      * in x86_cpu_expand_features() based on plus_features and minus_features.
5246      */
5247     memset(&env->user_features, 0, sizeof(env->user_features));
5248 }
5249 
5250 static gchar *x86_gdb_arch_name(CPUState *cs)
5251 {
5252 #ifdef TARGET_X86_64
5253     return g_strdup("i386:x86-64");
5254 #else
5255     return g_strdup("i386");
5256 #endif
5257 }
5258 
5259 static void x86_cpu_cpudef_class_init(ObjectClass *oc, void *data)
5260 {
5261     X86CPUModel *model = data;
5262     X86CPUClass *xcc = X86_CPU_CLASS(oc);
5263     CPUClass *cc = CPU_CLASS(oc);
5264 
5265     xcc->model = model;
5266     xcc->migration_safe = true;
5267     cc->deprecation_note = model->cpudef->deprecation_note;
5268 }
5269 
5270 static void x86_register_cpu_model_type(const char *name, X86CPUModel *model)
5271 {
5272     g_autofree char *typename = x86_cpu_type_name(name);
5273     TypeInfo ti = {
5274         .name = typename,
5275         .parent = TYPE_X86_CPU,
5276         .class_init = x86_cpu_cpudef_class_init,
5277         .class_data = model,
5278     };
5279 
5280     type_register(&ti);
5281 }
5282 
5283 
5284 /*
5285  * register builtin_x86_defs;
5286  * "max", "base" and subclasses ("host") are not registered here.
5287  * See x86_cpu_register_types for all model registrations.
5288  */
5289 static void x86_register_cpudef_types(const X86CPUDefinition *def)
5290 {
5291     X86CPUModel *m;
5292     const X86CPUVersionDefinition *vdef;
5293 
5294     /* AMD aliases are handled at runtime based on CPUID vendor, so
5295      * they shouldn't be set on the CPU model table.
5296      */
5297     assert(!(def->features[FEAT_8000_0001_EDX] & CPUID_EXT2_AMD_ALIASES));
5298     /* catch mistakes instead of silently truncating model_id when too long */
5299     assert(def->model_id && strlen(def->model_id) <= 48);
5300 
5301     /* Unversioned model: */
5302     m = g_new0(X86CPUModel, 1);
5303     m->cpudef = def;
5304     m->version = CPU_VERSION_AUTO;
5305     m->is_alias = true;
5306     x86_register_cpu_model_type(def->name, m);
5307 
5308     /* Versioned models: */
5309 
5310     for (vdef = x86_cpu_def_get_versions(def); vdef->version; vdef++) {
5311         X86CPUModel *m = g_new0(X86CPUModel, 1);
5312         g_autofree char *name =
5313             x86_cpu_versioned_model_name(def, vdef->version);
5314         m->cpudef = def;
5315         m->version = vdef->version;
5316         m->note = vdef->note;
5317         x86_register_cpu_model_type(name, m);
5318 
5319         if (vdef->alias) {
5320             X86CPUModel *am = g_new0(X86CPUModel, 1);
5321             am->cpudef = def;
5322             am->version = vdef->version;
5323             am->is_alias = true;
5324             x86_register_cpu_model_type(vdef->alias, am);
5325         }
5326     }
5327 
5328 }
5329 
5330 uint32_t cpu_x86_virtual_addr_width(CPUX86State *env)
5331 {
5332     if  (env->features[FEAT_7_0_ECX] & CPUID_7_0_ECX_LA57) {
5333         return 57; /* 57 bits virtual */
5334     } else {
5335         return 48; /* 48 bits virtual */
5336     }
5337 }
5338 
5339 void cpu_x86_cpuid(CPUX86State *env, uint32_t index, uint32_t count,
5340                    uint32_t *eax, uint32_t *ebx,
5341                    uint32_t *ecx, uint32_t *edx)
5342 {
5343     X86CPU *cpu = env_archcpu(env);
5344     CPUState *cs = env_cpu(env);
5345     uint32_t die_offset;
5346     uint32_t limit;
5347     uint32_t signature[3];
5348     X86CPUTopoInfo topo_info;
5349 
5350     topo_info.dies_per_pkg = env->nr_dies;
5351     topo_info.cores_per_die = cs->nr_cores;
5352     topo_info.threads_per_core = cs->nr_threads;
5353 
5354     /* Calculate & apply limits for different index ranges */
5355     if (index >= 0xC0000000) {
5356         limit = env->cpuid_xlevel2;
5357     } else if (index >= 0x80000000) {
5358         limit = env->cpuid_xlevel;
5359     } else if (index >= 0x40000000) {
5360         limit = 0x40000001;
5361     } else {
5362         limit = env->cpuid_level;
5363     }
5364 
5365     if (index > limit) {
5366         /* Intel documentation states that invalid EAX input will
5367          * return the same information as EAX=cpuid_level
5368          * (Intel SDM Vol. 2A - Instruction Set Reference - CPUID)
5369          */
5370         index = env->cpuid_level;
5371     }
5372 
5373     switch(index) {
5374     case 0:
5375         *eax = env->cpuid_level;
5376         *ebx = env->cpuid_vendor1;
5377         *edx = env->cpuid_vendor2;
5378         *ecx = env->cpuid_vendor3;
5379         break;
5380     case 1:
5381         *eax = env->cpuid_version;
5382         *ebx = (cpu->apic_id << 24) |
5383                8 << 8; /* CLFLUSH size in quad words, Linux wants it. */
5384         *ecx = env->features[FEAT_1_ECX];
5385         if ((*ecx & CPUID_EXT_XSAVE) && (env->cr[4] & CR4_OSXSAVE_MASK)) {
5386             *ecx |= CPUID_EXT_OSXSAVE;
5387         }
5388         *edx = env->features[FEAT_1_EDX];
5389         if (cs->nr_cores * cs->nr_threads > 1) {
5390             *ebx |= (cs->nr_cores * cs->nr_threads) << 16;
5391             *edx |= CPUID_HT;
5392         }
5393         if (!cpu->enable_pmu) {
5394             *ecx &= ~CPUID_EXT_PDCM;
5395         }
5396         break;
5397     case 2:
5398         /* cache info: needed for Pentium Pro compatibility */
5399         if (cpu->cache_info_passthrough) {
5400             x86_cpu_get_cache_cpuid(index, 0, eax, ebx, ecx, edx);
5401             break;
5402         } else if (cpu->vendor_cpuid_only && IS_AMD_CPU(env)) {
5403             *eax = *ebx = *ecx = *edx = 0;
5404             break;
5405         }
5406         *eax = 1; /* Number of CPUID[EAX=2] calls required */
5407         *ebx = 0;
5408         if (!cpu->enable_l3_cache) {
5409             *ecx = 0;
5410         } else {
5411             *ecx = cpuid2_cache_descriptor(env->cache_info_cpuid2.l3_cache);
5412         }
5413         *edx = (cpuid2_cache_descriptor(env->cache_info_cpuid2.l1d_cache) << 16) |
5414                (cpuid2_cache_descriptor(env->cache_info_cpuid2.l1i_cache) <<  8) |
5415                (cpuid2_cache_descriptor(env->cache_info_cpuid2.l2_cache));
5416         break;
5417     case 4:
5418         /* cache info: needed for Core compatibility */
5419         if (cpu->cache_info_passthrough) {
5420             x86_cpu_get_cache_cpuid(index, count, eax, ebx, ecx, edx);
5421             /*
5422              * QEMU has its own number of cores/logical cpus,
5423              * set 24..14, 31..26 bit to configured values
5424              */
5425             if (*eax & 31) {
5426                 int host_vcpus_per_cache = 1 + ((*eax & 0x3FFC000) >> 14);
5427                 int vcpus_per_socket = env->nr_dies * cs->nr_cores *
5428                                        cs->nr_threads;
5429                 if (cs->nr_cores > 1) {
5430                     *eax &= ~0xFC000000;
5431                     *eax |= (pow2ceil(cs->nr_cores) - 1) << 26;
5432                 }
5433                 if (host_vcpus_per_cache > vcpus_per_socket) {
5434                     *eax &= ~0x3FFC000;
5435                     *eax |= (pow2ceil(vcpus_per_socket) - 1) << 14;
5436                 }
5437             }
5438         } else if (cpu->vendor_cpuid_only && IS_AMD_CPU(env)) {
5439             *eax = *ebx = *ecx = *edx = 0;
5440         } else {
5441             *eax = 0;
5442             switch (count) {
5443             case 0: /* L1 dcache info */
5444                 encode_cache_cpuid4(env->cache_info_cpuid4.l1d_cache,
5445                                     1, cs->nr_cores,
5446                                     eax, ebx, ecx, edx);
5447                 break;
5448             case 1: /* L1 icache info */
5449                 encode_cache_cpuid4(env->cache_info_cpuid4.l1i_cache,
5450                                     1, cs->nr_cores,
5451                                     eax, ebx, ecx, edx);
5452                 break;
5453             case 2: /* L2 cache info */
5454                 encode_cache_cpuid4(env->cache_info_cpuid4.l2_cache,
5455                                     cs->nr_threads, cs->nr_cores,
5456                                     eax, ebx, ecx, edx);
5457                 break;
5458             case 3: /* L3 cache info */
5459                 die_offset = apicid_die_offset(&topo_info);
5460                 if (cpu->enable_l3_cache) {
5461                     encode_cache_cpuid4(env->cache_info_cpuid4.l3_cache,
5462                                         (1 << die_offset), cs->nr_cores,
5463                                         eax, ebx, ecx, edx);
5464                     break;
5465                 }
5466                 /* fall through */
5467             default: /* end of info */
5468                 *eax = *ebx = *ecx = *edx = 0;
5469                 break;
5470             }
5471         }
5472         break;
5473     case 5:
5474         /* MONITOR/MWAIT Leaf */
5475         *eax = cpu->mwait.eax; /* Smallest monitor-line size in bytes */
5476         *ebx = cpu->mwait.ebx; /* Largest monitor-line size in bytes */
5477         *ecx = cpu->mwait.ecx; /* flags */
5478         *edx = cpu->mwait.edx; /* mwait substates */
5479         break;
5480     case 6:
5481         /* Thermal and Power Leaf */
5482         *eax = env->features[FEAT_6_EAX];
5483         *ebx = 0;
5484         *ecx = 0;
5485         *edx = 0;
5486         break;
5487     case 7:
5488         /* Structured Extended Feature Flags Enumeration Leaf */
5489         if (count == 0) {
5490             /* Maximum ECX value for sub-leaves */
5491             *eax = env->cpuid_level_func7;
5492             *ebx = env->features[FEAT_7_0_EBX]; /* Feature flags */
5493             *ecx = env->features[FEAT_7_0_ECX]; /* Feature flags */
5494             if ((*ecx & CPUID_7_0_ECX_PKU) && env->cr[4] & CR4_PKE_MASK) {
5495                 *ecx |= CPUID_7_0_ECX_OSPKE;
5496             }
5497             *edx = env->features[FEAT_7_0_EDX]; /* Feature flags */
5498 
5499             /*
5500              * SGX cannot be emulated in software.  If hardware does not
5501              * support enabling SGX and/or SGX flexible launch control,
5502              * then we need to update the VM's CPUID values accordingly.
5503              */
5504             if ((*ebx & CPUID_7_0_EBX_SGX) &&
5505                 (!kvm_enabled() ||
5506                  !(kvm_arch_get_supported_cpuid(cs->kvm_state, 0x7, 0, R_EBX) &
5507                     CPUID_7_0_EBX_SGX))) {
5508                 *ebx &= ~CPUID_7_0_EBX_SGX;
5509             }
5510 
5511             if ((*ecx & CPUID_7_0_ECX_SGX_LC) &&
5512                 (!(*ebx & CPUID_7_0_EBX_SGX) || !kvm_enabled() ||
5513                  !(kvm_arch_get_supported_cpuid(cs->kvm_state, 0x7, 0, R_ECX) &
5514                     CPUID_7_0_ECX_SGX_LC))) {
5515                 *ecx &= ~CPUID_7_0_ECX_SGX_LC;
5516             }
5517         } else if (count == 1) {
5518             *eax = env->features[FEAT_7_1_EAX];
5519             *ebx = 0;
5520             *ecx = 0;
5521             *edx = 0;
5522         } else {
5523             *eax = 0;
5524             *ebx = 0;
5525             *ecx = 0;
5526             *edx = 0;
5527         }
5528         break;
5529     case 9:
5530         /* Direct Cache Access Information Leaf */
5531         *eax = 0; /* Bits 0-31 in DCA_CAP MSR */
5532         *ebx = 0;
5533         *ecx = 0;
5534         *edx = 0;
5535         break;
5536     case 0xA:
5537         /* Architectural Performance Monitoring Leaf */
5538         if (accel_uses_host_cpuid() && cpu->enable_pmu) {
5539             x86_cpu_get_supported_cpuid(0xA, count, eax, ebx, ecx, edx);
5540         } else {
5541             *eax = 0;
5542             *ebx = 0;
5543             *ecx = 0;
5544             *edx = 0;
5545         }
5546         break;
5547     case 0xB:
5548         /* Extended Topology Enumeration Leaf */
5549         if (!cpu->enable_cpuid_0xb) {
5550                 *eax = *ebx = *ecx = *edx = 0;
5551                 break;
5552         }
5553 
5554         *ecx = count & 0xff;
5555         *edx = cpu->apic_id;
5556 
5557         switch (count) {
5558         case 0:
5559             *eax = apicid_core_offset(&topo_info);
5560             *ebx = cs->nr_threads;
5561             *ecx |= CPUID_TOPOLOGY_LEVEL_SMT;
5562             break;
5563         case 1:
5564             *eax = apicid_pkg_offset(&topo_info);
5565             *ebx = cs->nr_cores * cs->nr_threads;
5566             *ecx |= CPUID_TOPOLOGY_LEVEL_CORE;
5567             break;
5568         default:
5569             *eax = 0;
5570             *ebx = 0;
5571             *ecx |= CPUID_TOPOLOGY_LEVEL_INVALID;
5572         }
5573 
5574         assert(!(*eax & ~0x1f));
5575         *ebx &= 0xffff; /* The count doesn't need to be reliable. */
5576         break;
5577     case 0x1C:
5578         if (accel_uses_host_cpuid() && cpu->enable_pmu &&
5579             (env->features[FEAT_7_0_EDX] & CPUID_7_0_EDX_ARCH_LBR)) {
5580             x86_cpu_get_supported_cpuid(0x1C, 0, eax, ebx, ecx, edx);
5581             *edx = 0;
5582         }
5583         break;
5584     case 0x1F:
5585         /* V2 Extended Topology Enumeration Leaf */
5586         if (env->nr_dies < 2) {
5587             *eax = *ebx = *ecx = *edx = 0;
5588             break;
5589         }
5590 
5591         *ecx = count & 0xff;
5592         *edx = cpu->apic_id;
5593         switch (count) {
5594         case 0:
5595             *eax = apicid_core_offset(&topo_info);
5596             *ebx = cs->nr_threads;
5597             *ecx |= CPUID_TOPOLOGY_LEVEL_SMT;
5598             break;
5599         case 1:
5600             *eax = apicid_die_offset(&topo_info);
5601             *ebx = cs->nr_cores * cs->nr_threads;
5602             *ecx |= CPUID_TOPOLOGY_LEVEL_CORE;
5603             break;
5604         case 2:
5605             *eax = apicid_pkg_offset(&topo_info);
5606             *ebx = env->nr_dies * cs->nr_cores * cs->nr_threads;
5607             *ecx |= CPUID_TOPOLOGY_LEVEL_DIE;
5608             break;
5609         default:
5610             *eax = 0;
5611             *ebx = 0;
5612             *ecx |= CPUID_TOPOLOGY_LEVEL_INVALID;
5613         }
5614         assert(!(*eax & ~0x1f));
5615         *ebx &= 0xffff; /* The count doesn't need to be reliable. */
5616         break;
5617     case 0xD: {
5618         /* Processor Extended State */
5619         *eax = 0;
5620         *ebx = 0;
5621         *ecx = 0;
5622         *edx = 0;
5623         if (!(env->features[FEAT_1_ECX] & CPUID_EXT_XSAVE)) {
5624             break;
5625         }
5626 
5627         if (count == 0) {
5628             *ecx = xsave_area_size(x86_cpu_xsave_xcr0_components(cpu), false);
5629             *eax = env->features[FEAT_XSAVE_XCR0_LO];
5630             *edx = env->features[FEAT_XSAVE_XCR0_HI];
5631             /*
5632              * The initial value of xcr0 and ebx == 0, On host without kvm
5633              * commit 412a3c41(e.g., CentOS 6), the ebx's value always == 0
5634              * even through guest update xcr0, this will crash some legacy guest
5635              * (e.g., CentOS 6), So set ebx == ecx to workaroud it.
5636              */
5637             *ebx = kvm_enabled() ? *ecx : xsave_area_size(env->xcr0, false);
5638         } else if (count == 1) {
5639             uint64_t xstate = x86_cpu_xsave_xcr0_components(cpu) |
5640                               x86_cpu_xsave_xss_components(cpu);
5641 
5642             *eax = env->features[FEAT_XSAVE];
5643             *ebx = xsave_area_size(xstate, true);
5644             *ecx = env->features[FEAT_XSAVE_XSS_LO];
5645             *edx = env->features[FEAT_XSAVE_XSS_HI];
5646             if (kvm_enabled() && cpu->enable_pmu &&
5647                 (env->features[FEAT_7_0_EDX] & CPUID_7_0_EDX_ARCH_LBR) &&
5648                 (*eax & CPUID_XSAVE_XSAVES)) {
5649                 *ecx |= XSTATE_ARCH_LBR_MASK;
5650             } else {
5651                 *ecx &= ~XSTATE_ARCH_LBR_MASK;
5652             }
5653         } else if (count == 0xf &&
5654                    accel_uses_host_cpuid() && cpu->enable_pmu &&
5655                    (env->features[FEAT_7_0_EDX] & CPUID_7_0_EDX_ARCH_LBR)) {
5656             x86_cpu_get_supported_cpuid(0xD, count, eax, ebx, ecx, edx);
5657         } else if (count < ARRAY_SIZE(x86_ext_save_areas)) {
5658             const ExtSaveArea *esa = &x86_ext_save_areas[count];
5659 
5660             if (x86_cpu_xsave_xcr0_components(cpu) & (1ULL << count)) {
5661                 *eax = esa->size;
5662                 *ebx = esa->offset;
5663                 *ecx = esa->ecx &
5664                        (ESA_FEATURE_ALIGN64_MASK | ESA_FEATURE_XFD_MASK);
5665             } else if (x86_cpu_xsave_xss_components(cpu) & (1ULL << count)) {
5666                 *eax = esa->size;
5667                 *ebx = 0;
5668                 *ecx = 1;
5669             }
5670         }
5671         break;
5672     }
5673     case 0x12:
5674 #ifndef CONFIG_USER_ONLY
5675         if (!kvm_enabled() ||
5676             !(env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_SGX)) {
5677             *eax = *ebx = *ecx = *edx = 0;
5678             break;
5679         }
5680 
5681         /*
5682          * SGX sub-leafs CPUID.0x12.{0x2..N} enumerate EPC sections.  Retrieve
5683          * the EPC properties, e.g. confidentiality and integrity, from the
5684          * host's first EPC section, i.e. assume there is one EPC section or
5685          * that all EPC sections have the same security properties.
5686          */
5687         if (count > 1) {
5688             uint64_t epc_addr, epc_size;
5689 
5690             if (sgx_epc_get_section(count - 2, &epc_addr, &epc_size)) {
5691                 *eax = *ebx = *ecx = *edx = 0;
5692                 break;
5693             }
5694             host_cpuid(index, 2, eax, ebx, ecx, edx);
5695             *eax = (uint32_t)(epc_addr & 0xfffff000) | 0x1;
5696             *ebx = (uint32_t)(epc_addr >> 32);
5697             *ecx = (uint32_t)(epc_size & 0xfffff000) | (*ecx & 0xf);
5698             *edx = (uint32_t)(epc_size >> 32);
5699             break;
5700         }
5701 
5702         /*
5703          * SGX sub-leafs CPUID.0x12.{0x0,0x1} are heavily dependent on hardware
5704          * and KVM, i.e. QEMU cannot emulate features to override what KVM
5705          * supports.  Features can be further restricted by userspace, but not
5706          * made more permissive.
5707          */
5708         x86_cpu_get_supported_cpuid(0x12, count, eax, ebx, ecx, edx);
5709 
5710         if (count == 0) {
5711             *eax &= env->features[FEAT_SGX_12_0_EAX];
5712             *ebx &= env->features[FEAT_SGX_12_0_EBX];
5713         } else {
5714             *eax &= env->features[FEAT_SGX_12_1_EAX];
5715             *ebx &= 0; /* ebx reserve */
5716             *ecx &= env->features[FEAT_XSAVE_XSS_LO];
5717             *edx &= env->features[FEAT_XSAVE_XSS_HI];
5718 
5719             /* FP and SSE are always allowed regardless of XSAVE/XCR0. */
5720             *ecx |= XSTATE_FP_MASK | XSTATE_SSE_MASK;
5721 
5722             /* Access to PROVISIONKEY requires additional credentials. */
5723             if ((*eax & (1U << 4)) &&
5724                 !kvm_enable_sgx_provisioning(cs->kvm_state)) {
5725                 *eax &= ~(1U << 4);
5726             }
5727         }
5728 #endif
5729         break;
5730     case 0x14: {
5731         /* Intel Processor Trace Enumeration */
5732         *eax = 0;
5733         *ebx = 0;
5734         *ecx = 0;
5735         *edx = 0;
5736         if (!(env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_INTEL_PT) ||
5737             !kvm_enabled()) {
5738             break;
5739         }
5740 
5741         if (count == 0) {
5742             *eax = INTEL_PT_MAX_SUBLEAF;
5743             *ebx = INTEL_PT_MINIMAL_EBX;
5744             *ecx = INTEL_PT_MINIMAL_ECX;
5745             if (env->features[FEAT_14_0_ECX] & CPUID_14_0_ECX_LIP) {
5746                 *ecx |= CPUID_14_0_ECX_LIP;
5747             }
5748         } else if (count == 1) {
5749             *eax = INTEL_PT_MTC_BITMAP | INTEL_PT_ADDR_RANGES_NUM;
5750             *ebx = INTEL_PT_PSB_BITMAP | INTEL_PT_CYCLE_BITMAP;
5751         }
5752         break;
5753     }
5754     case 0x1D: {
5755         /* AMX TILE, for now hardcoded for Sapphire Rapids*/
5756         *eax = 0;
5757         *ebx = 0;
5758         *ecx = 0;
5759         *edx = 0;
5760         if (!(env->features[FEAT_7_0_EDX] & CPUID_7_0_EDX_AMX_TILE)) {
5761             break;
5762         }
5763 
5764         if (count == 0) {
5765             /* Highest numbered palette subleaf */
5766             *eax = INTEL_AMX_TILE_MAX_SUBLEAF;
5767         } else if (count == 1) {
5768             *eax = INTEL_AMX_TOTAL_TILE_BYTES |
5769                    (INTEL_AMX_BYTES_PER_TILE << 16);
5770             *ebx = INTEL_AMX_BYTES_PER_ROW | (INTEL_AMX_TILE_MAX_NAMES << 16);
5771             *ecx = INTEL_AMX_TILE_MAX_ROWS;
5772         }
5773         break;
5774     }
5775     case 0x1E: {
5776         /* AMX TMUL, for now hardcoded for Sapphire Rapids */
5777         *eax = 0;
5778         *ebx = 0;
5779         *ecx = 0;
5780         *edx = 0;
5781         if (!(env->features[FEAT_7_0_EDX] & CPUID_7_0_EDX_AMX_TILE)) {
5782             break;
5783         }
5784 
5785         if (count == 0) {
5786             /* Highest numbered palette subleaf */
5787             *ebx = INTEL_AMX_TMUL_MAX_K | (INTEL_AMX_TMUL_MAX_N << 8);
5788         }
5789         break;
5790     }
5791     case 0x40000000:
5792         /*
5793          * CPUID code in kvm_arch_init_vcpu() ignores stuff
5794          * set here, but we restrict to TCG none the less.
5795          */
5796         if (tcg_enabled() && cpu->expose_tcg) {
5797             memcpy(signature, "TCGTCGTCGTCG", 12);
5798             *eax = 0x40000001;
5799             *ebx = signature[0];
5800             *ecx = signature[1];
5801             *edx = signature[2];
5802         } else {
5803             *eax = 0;
5804             *ebx = 0;
5805             *ecx = 0;
5806             *edx = 0;
5807         }
5808         break;
5809     case 0x40000001:
5810         *eax = 0;
5811         *ebx = 0;
5812         *ecx = 0;
5813         *edx = 0;
5814         break;
5815     case 0x80000000:
5816         *eax = env->cpuid_xlevel;
5817         *ebx = env->cpuid_vendor1;
5818         *edx = env->cpuid_vendor2;
5819         *ecx = env->cpuid_vendor3;
5820         break;
5821     case 0x80000001:
5822         *eax = env->cpuid_version;
5823         *ebx = 0;
5824         *ecx = env->features[FEAT_8000_0001_ECX];
5825         *edx = env->features[FEAT_8000_0001_EDX];
5826 
5827         /* The Linux kernel checks for the CMPLegacy bit and
5828          * discards multiple thread information if it is set.
5829          * So don't set it here for Intel to make Linux guests happy.
5830          */
5831         if (cs->nr_cores * cs->nr_threads > 1) {
5832             if (env->cpuid_vendor1 != CPUID_VENDOR_INTEL_1 ||
5833                 env->cpuid_vendor2 != CPUID_VENDOR_INTEL_2 ||
5834                 env->cpuid_vendor3 != CPUID_VENDOR_INTEL_3) {
5835                 *ecx |= 1 << 1;    /* CmpLegacy bit */
5836             }
5837         }
5838         break;
5839     case 0x80000002:
5840     case 0x80000003:
5841     case 0x80000004:
5842         *eax = env->cpuid_model[(index - 0x80000002) * 4 + 0];
5843         *ebx = env->cpuid_model[(index - 0x80000002) * 4 + 1];
5844         *ecx = env->cpuid_model[(index - 0x80000002) * 4 + 2];
5845         *edx = env->cpuid_model[(index - 0x80000002) * 4 + 3];
5846         break;
5847     case 0x80000005:
5848         /* cache info (L1 cache) */
5849         if (cpu->cache_info_passthrough) {
5850             x86_cpu_get_cache_cpuid(index, 0, eax, ebx, ecx, edx);
5851             break;
5852         }
5853         *eax = (L1_DTLB_2M_ASSOC << 24) | (L1_DTLB_2M_ENTRIES << 16) |
5854                (L1_ITLB_2M_ASSOC <<  8) | (L1_ITLB_2M_ENTRIES);
5855         *ebx = (L1_DTLB_4K_ASSOC << 24) | (L1_DTLB_4K_ENTRIES << 16) |
5856                (L1_ITLB_4K_ASSOC <<  8) | (L1_ITLB_4K_ENTRIES);
5857         *ecx = encode_cache_cpuid80000005(env->cache_info_amd.l1d_cache);
5858         *edx = encode_cache_cpuid80000005(env->cache_info_amd.l1i_cache);
5859         break;
5860     case 0x80000006:
5861         /* cache info (L2 cache) */
5862         if (cpu->cache_info_passthrough) {
5863             x86_cpu_get_cache_cpuid(index, 0, eax, ebx, ecx, edx);
5864             break;
5865         }
5866         *eax = (AMD_ENC_ASSOC(L2_DTLB_2M_ASSOC) << 28) |
5867                (L2_DTLB_2M_ENTRIES << 16) |
5868                (AMD_ENC_ASSOC(L2_ITLB_2M_ASSOC) << 12) |
5869                (L2_ITLB_2M_ENTRIES);
5870         *ebx = (AMD_ENC_ASSOC(L2_DTLB_4K_ASSOC) << 28) |
5871                (L2_DTLB_4K_ENTRIES << 16) |
5872                (AMD_ENC_ASSOC(L2_ITLB_4K_ASSOC) << 12) |
5873                (L2_ITLB_4K_ENTRIES);
5874         encode_cache_cpuid80000006(env->cache_info_amd.l2_cache,
5875                                    cpu->enable_l3_cache ?
5876                                    env->cache_info_amd.l3_cache : NULL,
5877                                    ecx, edx);
5878         break;
5879     case 0x80000007:
5880         *eax = 0;
5881         *ebx = 0;
5882         *ecx = 0;
5883         *edx = env->features[FEAT_8000_0007_EDX];
5884         break;
5885     case 0x80000008:
5886         /* virtual & phys address size in low 2 bytes. */
5887         *eax = cpu->phys_bits;
5888         if (env->features[FEAT_8000_0001_EDX] & CPUID_EXT2_LM) {
5889             /* 64 bit processor */
5890              *eax |= (cpu_x86_virtual_addr_width(env) << 8);
5891         }
5892         *ebx = env->features[FEAT_8000_0008_EBX];
5893         if (cs->nr_cores * cs->nr_threads > 1) {
5894             /*
5895              * Bits 15:12 is "The number of bits in the initial
5896              * Core::X86::Apic::ApicId[ApicId] value that indicate
5897              * thread ID within a package".
5898              * Bits 7:0 is "The number of threads in the package is NC+1"
5899              */
5900             *ecx = (apicid_pkg_offset(&topo_info) << 12) |
5901                    ((cs->nr_cores * cs->nr_threads) - 1);
5902         } else {
5903             *ecx = 0;
5904         }
5905         *edx = 0;
5906         break;
5907     case 0x8000000A:
5908         if (env->features[FEAT_8000_0001_ECX] & CPUID_EXT3_SVM) {
5909             *eax = 0x00000001; /* SVM Revision */
5910             *ebx = 0x00000010; /* nr of ASIDs */
5911             *ecx = 0;
5912             *edx = env->features[FEAT_SVM]; /* optional features */
5913         } else {
5914             *eax = 0;
5915             *ebx = 0;
5916             *ecx = 0;
5917             *edx = 0;
5918         }
5919         break;
5920     case 0x8000001D:
5921         *eax = 0;
5922         if (cpu->cache_info_passthrough) {
5923             x86_cpu_get_cache_cpuid(index, count, eax, ebx, ecx, edx);
5924             break;
5925         }
5926         switch (count) {
5927         case 0: /* L1 dcache info */
5928             encode_cache_cpuid8000001d(env->cache_info_amd.l1d_cache,
5929                                        &topo_info, eax, ebx, ecx, edx);
5930             break;
5931         case 1: /* L1 icache info */
5932             encode_cache_cpuid8000001d(env->cache_info_amd.l1i_cache,
5933                                        &topo_info, eax, ebx, ecx, edx);
5934             break;
5935         case 2: /* L2 cache info */
5936             encode_cache_cpuid8000001d(env->cache_info_amd.l2_cache,
5937                                        &topo_info, eax, ebx, ecx, edx);
5938             break;
5939         case 3: /* L3 cache info */
5940             encode_cache_cpuid8000001d(env->cache_info_amd.l3_cache,
5941                                        &topo_info, eax, ebx, ecx, edx);
5942             break;
5943         default: /* end of info */
5944             *eax = *ebx = *ecx = *edx = 0;
5945             break;
5946         }
5947         break;
5948     case 0x8000001E:
5949         if (cpu->core_id <= 255) {
5950             encode_topo_cpuid8000001e(cpu, &topo_info, eax, ebx, ecx, edx);
5951         } else {
5952             *eax = 0;
5953             *ebx = 0;
5954             *ecx = 0;
5955             *edx = 0;
5956         }
5957         break;
5958     case 0xC0000000:
5959         *eax = env->cpuid_xlevel2;
5960         *ebx = 0;
5961         *ecx = 0;
5962         *edx = 0;
5963         break;
5964     case 0xC0000001:
5965         /* Support for VIA CPU's CPUID instruction */
5966         *eax = env->cpuid_version;
5967         *ebx = 0;
5968         *ecx = 0;
5969         *edx = env->features[FEAT_C000_0001_EDX];
5970         break;
5971     case 0xC0000002:
5972     case 0xC0000003:
5973     case 0xC0000004:
5974         /* Reserved for the future, and now filled with zero */
5975         *eax = 0;
5976         *ebx = 0;
5977         *ecx = 0;
5978         *edx = 0;
5979         break;
5980     case 0x8000001F:
5981         *eax = *ebx = *ecx = *edx = 0;
5982         if (sev_enabled()) {
5983             *eax = 0x2;
5984             *eax |= sev_es_enabled() ? 0x8 : 0;
5985             *ebx = sev_get_cbit_position();
5986             *ebx |= sev_get_reduced_phys_bits() << 6;
5987         }
5988         break;
5989     default:
5990         /* reserved values: zero */
5991         *eax = 0;
5992         *ebx = 0;
5993         *ecx = 0;
5994         *edx = 0;
5995         break;
5996     }
5997 }
5998 
5999 static void x86_cpu_set_sgxlepubkeyhash(CPUX86State *env)
6000 {
6001 #ifndef CONFIG_USER_ONLY
6002     /* Those default values are defined in Skylake HW */
6003     env->msr_ia32_sgxlepubkeyhash[0] = 0xa6053e051270b7acULL;
6004     env->msr_ia32_sgxlepubkeyhash[1] = 0x6cfbe8ba8b3b413dULL;
6005     env->msr_ia32_sgxlepubkeyhash[2] = 0xc4916d99f2b3735dULL;
6006     env->msr_ia32_sgxlepubkeyhash[3] = 0xd4f8c05909f9bb3bULL;
6007 #endif
6008 }
6009 
6010 static void x86_cpu_reset_hold(Object *obj)
6011 {
6012     CPUState *s = CPU(obj);
6013     X86CPU *cpu = X86_CPU(s);
6014     X86CPUClass *xcc = X86_CPU_GET_CLASS(cpu);
6015     CPUX86State *env = &cpu->env;
6016     target_ulong cr4;
6017     uint64_t xcr0;
6018     int i;
6019 
6020     if (xcc->parent_phases.hold) {
6021         xcc->parent_phases.hold(obj);
6022     }
6023 
6024     memset(env, 0, offsetof(CPUX86State, end_reset_fields));
6025 
6026     env->old_exception = -1;
6027 
6028     /* init to reset state */
6029     env->int_ctl = 0;
6030     env->hflags2 |= HF2_GIF_MASK;
6031     env->hflags2 |= HF2_VGIF_MASK;
6032     env->hflags &= ~HF_GUEST_MASK;
6033 
6034     cpu_x86_update_cr0(env, 0x60000010);
6035     env->a20_mask = ~0x0;
6036     env->smbase = 0x30000;
6037     env->msr_smi_count = 0;
6038 
6039     env->idt.limit = 0xffff;
6040     env->gdt.limit = 0xffff;
6041     env->ldt.limit = 0xffff;
6042     env->ldt.flags = DESC_P_MASK | (2 << DESC_TYPE_SHIFT);
6043     env->tr.limit = 0xffff;
6044     env->tr.flags = DESC_P_MASK | (11 << DESC_TYPE_SHIFT);
6045 
6046     cpu_x86_load_seg_cache(env, R_CS, 0xf000, 0xffff0000, 0xffff,
6047                            DESC_P_MASK | DESC_S_MASK | DESC_CS_MASK |
6048                            DESC_R_MASK | DESC_A_MASK);
6049     cpu_x86_load_seg_cache(env, R_DS, 0, 0, 0xffff,
6050                            DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
6051                            DESC_A_MASK);
6052     cpu_x86_load_seg_cache(env, R_ES, 0, 0, 0xffff,
6053                            DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
6054                            DESC_A_MASK);
6055     cpu_x86_load_seg_cache(env, R_SS, 0, 0, 0xffff,
6056                            DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
6057                            DESC_A_MASK);
6058     cpu_x86_load_seg_cache(env, R_FS, 0, 0, 0xffff,
6059                            DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
6060                            DESC_A_MASK);
6061     cpu_x86_load_seg_cache(env, R_GS, 0, 0, 0xffff,
6062                            DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
6063                            DESC_A_MASK);
6064 
6065     env->eip = 0xfff0;
6066     env->regs[R_EDX] = env->cpuid_version;
6067 
6068     env->eflags = 0x2;
6069 
6070     /* FPU init */
6071     for (i = 0; i < 8; i++) {
6072         env->fptags[i] = 1;
6073     }
6074     cpu_set_fpuc(env, 0x37f);
6075 
6076     env->mxcsr = 0x1f80;
6077     /* All units are in INIT state.  */
6078     env->xstate_bv = 0;
6079 
6080     env->pat = 0x0007040600070406ULL;
6081 
6082     if (kvm_enabled()) {
6083         /*
6084          * KVM handles TSC = 0 specially and thinks we are hot-plugging
6085          * a new CPU, use 1 instead to force a reset.
6086          */
6087         if (env->tsc != 0) {
6088             env->tsc = 1;
6089         }
6090     } else {
6091         env->tsc = 0;
6092     }
6093 
6094     env->msr_ia32_misc_enable = MSR_IA32_MISC_ENABLE_DEFAULT;
6095     if (env->features[FEAT_1_ECX] & CPUID_EXT_MONITOR) {
6096         env->msr_ia32_misc_enable |= MSR_IA32_MISC_ENABLE_MWAIT;
6097     }
6098 
6099     memset(env->dr, 0, sizeof(env->dr));
6100     env->dr[6] = DR6_FIXED_1;
6101     env->dr[7] = DR7_FIXED_1;
6102     cpu_breakpoint_remove_all(s, BP_CPU);
6103     cpu_watchpoint_remove_all(s, BP_CPU);
6104 
6105     cr4 = 0;
6106     xcr0 = XSTATE_FP_MASK;
6107 
6108 #ifdef CONFIG_USER_ONLY
6109     /* Enable all the features for user-mode.  */
6110     if (env->features[FEAT_1_EDX] & CPUID_SSE) {
6111         xcr0 |= XSTATE_SSE_MASK;
6112     }
6113     for (i = 2; i < ARRAY_SIZE(x86_ext_save_areas); i++) {
6114         const ExtSaveArea *esa = &x86_ext_save_areas[i];
6115         if (!((1 << i) & CPUID_XSTATE_XCR0_MASK)) {
6116             continue;
6117         }
6118         if (env->features[esa->feature] & esa->bits) {
6119             xcr0 |= 1ull << i;
6120         }
6121     }
6122 
6123     if (env->features[FEAT_1_ECX] & CPUID_EXT_XSAVE) {
6124         cr4 |= CR4_OSFXSR_MASK | CR4_OSXSAVE_MASK;
6125     }
6126     if (env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_FSGSBASE) {
6127         cr4 |= CR4_FSGSBASE_MASK;
6128     }
6129 #endif
6130 
6131     env->xcr0 = xcr0;
6132     cpu_x86_update_cr4(env, cr4);
6133 
6134     /*
6135      * SDM 11.11.5 requires:
6136      *  - IA32_MTRR_DEF_TYPE MSR.E = 0
6137      *  - IA32_MTRR_PHYSMASKn.V = 0
6138      * All other bits are undefined.  For simplification, zero it all.
6139      */
6140     env->mtrr_deftype = 0;
6141     memset(env->mtrr_var, 0, sizeof(env->mtrr_var));
6142     memset(env->mtrr_fixed, 0, sizeof(env->mtrr_fixed));
6143 
6144     env->interrupt_injected = -1;
6145     env->exception_nr = -1;
6146     env->exception_pending = 0;
6147     env->exception_injected = 0;
6148     env->exception_has_payload = false;
6149     env->exception_payload = 0;
6150     env->nmi_injected = false;
6151     env->triple_fault_pending = false;
6152 #if !defined(CONFIG_USER_ONLY)
6153     /* We hard-wire the BSP to the first CPU. */
6154     apic_designate_bsp(cpu->apic_state, s->cpu_index == 0);
6155 
6156     s->halted = !cpu_is_bsp(cpu);
6157 
6158     if (kvm_enabled()) {
6159         kvm_arch_reset_vcpu(cpu);
6160     }
6161 
6162     x86_cpu_set_sgxlepubkeyhash(env);
6163 
6164     env->amd_tsc_scale_msr =  MSR_AMD64_TSC_RATIO_DEFAULT;
6165 
6166 #endif
6167 }
6168 
6169 void x86_cpu_after_reset(X86CPU *cpu)
6170 {
6171 #ifndef CONFIG_USER_ONLY
6172     if (kvm_enabled()) {
6173         kvm_arch_after_reset_vcpu(cpu);
6174     }
6175 
6176     if (cpu->apic_state) {
6177         device_cold_reset(cpu->apic_state);
6178     }
6179 #endif
6180 }
6181 
6182 static void mce_init(X86CPU *cpu)
6183 {
6184     CPUX86State *cenv = &cpu->env;
6185     unsigned int bank;
6186 
6187     if (((cenv->cpuid_version >> 8) & 0xf) >= 6
6188         && (cenv->features[FEAT_1_EDX] & (CPUID_MCE | CPUID_MCA)) ==
6189             (CPUID_MCE | CPUID_MCA)) {
6190         cenv->mcg_cap = MCE_CAP_DEF | MCE_BANKS_DEF |
6191                         (cpu->enable_lmce ? MCG_LMCE_P : 0);
6192         cenv->mcg_ctl = ~(uint64_t)0;
6193         for (bank = 0; bank < MCE_BANKS_DEF; bank++) {
6194             cenv->mce_banks[bank * 4] = ~(uint64_t)0;
6195         }
6196     }
6197 }
6198 
6199 static void x86_cpu_adjust_level(X86CPU *cpu, uint32_t *min, uint32_t value)
6200 {
6201     if (*min < value) {
6202         *min = value;
6203     }
6204 }
6205 
6206 /* Increase cpuid_min_{level,xlevel,xlevel2} automatically, if appropriate */
6207 static void x86_cpu_adjust_feat_level(X86CPU *cpu, FeatureWord w)
6208 {
6209     CPUX86State *env = &cpu->env;
6210     FeatureWordInfo *fi = &feature_word_info[w];
6211     uint32_t eax = fi->cpuid.eax;
6212     uint32_t region = eax & 0xF0000000;
6213 
6214     assert(feature_word_info[w].type == CPUID_FEATURE_WORD);
6215     if (!env->features[w]) {
6216         return;
6217     }
6218 
6219     switch (region) {
6220     case 0x00000000:
6221         x86_cpu_adjust_level(cpu, &env->cpuid_min_level, eax);
6222     break;
6223     case 0x80000000:
6224         x86_cpu_adjust_level(cpu, &env->cpuid_min_xlevel, eax);
6225     break;
6226     case 0xC0000000:
6227         x86_cpu_adjust_level(cpu, &env->cpuid_min_xlevel2, eax);
6228     break;
6229     }
6230 
6231     if (eax == 7) {
6232         x86_cpu_adjust_level(cpu, &env->cpuid_min_level_func7,
6233                              fi->cpuid.ecx);
6234     }
6235 }
6236 
6237 /* Calculate XSAVE components based on the configured CPU feature flags */
6238 static void x86_cpu_enable_xsave_components(X86CPU *cpu)
6239 {
6240     CPUX86State *env = &cpu->env;
6241     int i;
6242     uint64_t mask;
6243     static bool request_perm;
6244 
6245     if (!(env->features[FEAT_1_ECX] & CPUID_EXT_XSAVE)) {
6246         env->features[FEAT_XSAVE_XCR0_LO] = 0;
6247         env->features[FEAT_XSAVE_XCR0_HI] = 0;
6248         return;
6249     }
6250 
6251     mask = 0;
6252     for (i = 0; i < ARRAY_SIZE(x86_ext_save_areas); i++) {
6253         const ExtSaveArea *esa = &x86_ext_save_areas[i];
6254         if (env->features[esa->feature] & esa->bits) {
6255             mask |= (1ULL << i);
6256         }
6257     }
6258 
6259     /* Only request permission for first vcpu */
6260     if (kvm_enabled() && !request_perm) {
6261         kvm_request_xsave_components(cpu, mask);
6262         request_perm = true;
6263     }
6264 
6265     env->features[FEAT_XSAVE_XCR0_LO] = mask & CPUID_XSTATE_XCR0_MASK;
6266     env->features[FEAT_XSAVE_XCR0_HI] = mask >> 32;
6267     env->features[FEAT_XSAVE_XSS_LO] = mask & CPUID_XSTATE_XSS_MASK;
6268     env->features[FEAT_XSAVE_XSS_HI] = mask >> 32;
6269 }
6270 
6271 /***** Steps involved on loading and filtering CPUID data
6272  *
6273  * When initializing and realizing a CPU object, the steps
6274  * involved in setting up CPUID data are:
6275  *
6276  * 1) Loading CPU model definition (X86CPUDefinition). This is
6277  *    implemented by x86_cpu_load_model() and should be completely
6278  *    transparent, as it is done automatically by instance_init.
6279  *    No code should need to look at X86CPUDefinition structs
6280  *    outside instance_init.
6281  *
6282  * 2) CPU expansion. This is done by realize before CPUID
6283  *    filtering, and will make sure host/accelerator data is
6284  *    loaded for CPU models that depend on host capabilities
6285  *    (e.g. "host"). Done by x86_cpu_expand_features().
6286  *
6287  * 3) CPUID filtering. This initializes extra data related to
6288  *    CPUID, and checks if the host supports all capabilities
6289  *    required by the CPU. Runnability of a CPU model is
6290  *    determined at this step. Done by x86_cpu_filter_features().
6291  *
6292  * Some operations don't require all steps to be performed.
6293  * More precisely:
6294  *
6295  * - CPU instance creation (instance_init) will run only CPU
6296  *   model loading. CPU expansion can't run at instance_init-time
6297  *   because host/accelerator data may be not available yet.
6298  * - CPU realization will perform both CPU model expansion and CPUID
6299  *   filtering, and return an error in case one of them fails.
6300  * - query-cpu-definitions needs to run all 3 steps. It needs
6301  *   to run CPUID filtering, as the 'unavailable-features'
6302  *   field is set based on the filtering results.
6303  * - The query-cpu-model-expansion QMP command only needs to run
6304  *   CPU model loading and CPU expansion. It should not filter
6305  *   any CPUID data based on host capabilities.
6306  */
6307 
6308 /* Expand CPU configuration data, based on configured features
6309  * and host/accelerator capabilities when appropriate.
6310  */
6311 void x86_cpu_expand_features(X86CPU *cpu, Error **errp)
6312 {
6313     CPUX86State *env = &cpu->env;
6314     FeatureWord w;
6315     int i;
6316     GList *l;
6317 
6318     for (l = plus_features; l; l = l->next) {
6319         const char *prop = l->data;
6320         if (!object_property_set_bool(OBJECT(cpu), prop, true, errp)) {
6321             return;
6322         }
6323     }
6324 
6325     for (l = minus_features; l; l = l->next) {
6326         const char *prop = l->data;
6327         if (!object_property_set_bool(OBJECT(cpu), prop, false, errp)) {
6328             return;
6329         }
6330     }
6331 
6332     /*TODO: Now cpu->max_features doesn't overwrite features
6333      * set using QOM properties, and we can convert
6334      * plus_features & minus_features to global properties
6335      * inside x86_cpu_parse_featurestr() too.
6336      */
6337     if (cpu->max_features) {
6338         for (w = 0; w < FEATURE_WORDS; w++) {
6339             /* Override only features that weren't set explicitly
6340              * by the user.
6341              */
6342             env->features[w] |=
6343                 x86_cpu_get_supported_feature_word(w, cpu->migratable) &
6344                 ~env->user_features[w] &
6345                 ~feature_word_info[w].no_autoenable_flags;
6346         }
6347     }
6348 
6349     for (i = 0; i < ARRAY_SIZE(feature_dependencies); i++) {
6350         FeatureDep *d = &feature_dependencies[i];
6351         if (!(env->features[d->from.index] & d->from.mask)) {
6352             uint64_t unavailable_features = env->features[d->to.index] & d->to.mask;
6353 
6354             /* Not an error unless the dependent feature was added explicitly.  */
6355             mark_unavailable_features(cpu, d->to.index,
6356                                       unavailable_features & env->user_features[d->to.index],
6357                                       "This feature depends on other features that were not requested");
6358 
6359             env->features[d->to.index] &= ~unavailable_features;
6360         }
6361     }
6362 
6363     if (!kvm_enabled() || !cpu->expose_kvm) {
6364         env->features[FEAT_KVM] = 0;
6365     }
6366 
6367     x86_cpu_enable_xsave_components(cpu);
6368 
6369     /* CPUID[EAX=7,ECX=0].EBX always increased level automatically: */
6370     x86_cpu_adjust_feat_level(cpu, FEAT_7_0_EBX);
6371     if (cpu->full_cpuid_auto_level) {
6372         x86_cpu_adjust_feat_level(cpu, FEAT_1_EDX);
6373         x86_cpu_adjust_feat_level(cpu, FEAT_1_ECX);
6374         x86_cpu_adjust_feat_level(cpu, FEAT_6_EAX);
6375         x86_cpu_adjust_feat_level(cpu, FEAT_7_0_ECX);
6376         x86_cpu_adjust_feat_level(cpu, FEAT_7_1_EAX);
6377         x86_cpu_adjust_feat_level(cpu, FEAT_8000_0001_EDX);
6378         x86_cpu_adjust_feat_level(cpu, FEAT_8000_0001_ECX);
6379         x86_cpu_adjust_feat_level(cpu, FEAT_8000_0007_EDX);
6380         x86_cpu_adjust_feat_level(cpu, FEAT_8000_0008_EBX);
6381         x86_cpu_adjust_feat_level(cpu, FEAT_C000_0001_EDX);
6382         x86_cpu_adjust_feat_level(cpu, FEAT_SVM);
6383         x86_cpu_adjust_feat_level(cpu, FEAT_XSAVE);
6384 
6385         /* Intel Processor Trace requires CPUID[0x14] */
6386         if ((env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_INTEL_PT)) {
6387             if (cpu->intel_pt_auto_level) {
6388                 x86_cpu_adjust_level(cpu, &cpu->env.cpuid_min_level, 0x14);
6389             } else if (cpu->env.cpuid_min_level < 0x14) {
6390                 mark_unavailable_features(cpu, FEAT_7_0_EBX,
6391                     CPUID_7_0_EBX_INTEL_PT,
6392                     "Intel PT need CPUID leaf 0x14, please set by \"-cpu ...,intel-pt=on,min-level=0x14\"");
6393             }
6394         }
6395 
6396         /*
6397          * Intel CPU topology with multi-dies support requires CPUID[0x1F].
6398          * For AMD Rome/Milan, cpuid level is 0x10, and guest OS should detect
6399          * extended toplogy by leaf 0xB. Only adjust it for Intel CPU, unless
6400          * cpu->vendor_cpuid_only has been unset for compatibility with older
6401          * machine types.
6402          */
6403         if ((env->nr_dies > 1) &&
6404             (IS_INTEL_CPU(env) || !cpu->vendor_cpuid_only)) {
6405             x86_cpu_adjust_level(cpu, &env->cpuid_min_level, 0x1F);
6406         }
6407 
6408         /* SVM requires CPUID[0x8000000A] */
6409         if (env->features[FEAT_8000_0001_ECX] & CPUID_EXT3_SVM) {
6410             x86_cpu_adjust_level(cpu, &env->cpuid_min_xlevel, 0x8000000A);
6411         }
6412 
6413         /* SEV requires CPUID[0x8000001F] */
6414         if (sev_enabled()) {
6415             x86_cpu_adjust_level(cpu, &env->cpuid_min_xlevel, 0x8000001F);
6416         }
6417 
6418         /* SGX requires CPUID[0x12] for EPC enumeration */
6419         if (env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_SGX) {
6420             x86_cpu_adjust_level(cpu, &env->cpuid_min_level, 0x12);
6421         }
6422     }
6423 
6424     /* Set cpuid_*level* based on cpuid_min_*level, if not explicitly set */
6425     if (env->cpuid_level_func7 == UINT32_MAX) {
6426         env->cpuid_level_func7 = env->cpuid_min_level_func7;
6427     }
6428     if (env->cpuid_level == UINT32_MAX) {
6429         env->cpuid_level = env->cpuid_min_level;
6430     }
6431     if (env->cpuid_xlevel == UINT32_MAX) {
6432         env->cpuid_xlevel = env->cpuid_min_xlevel;
6433     }
6434     if (env->cpuid_xlevel2 == UINT32_MAX) {
6435         env->cpuid_xlevel2 = env->cpuid_min_xlevel2;
6436     }
6437 
6438     if (kvm_enabled()) {
6439         kvm_hyperv_expand_features(cpu, errp);
6440     }
6441 }
6442 
6443 /*
6444  * Finishes initialization of CPUID data, filters CPU feature
6445  * words based on host availability of each feature.
6446  *
6447  * Returns: 0 if all flags are supported by the host, non-zero otherwise.
6448  */
6449 static void x86_cpu_filter_features(X86CPU *cpu, bool verbose)
6450 {
6451     CPUX86State *env = &cpu->env;
6452     FeatureWord w;
6453     const char *prefix = NULL;
6454 
6455     if (verbose) {
6456         prefix = accel_uses_host_cpuid()
6457                  ? "host doesn't support requested feature"
6458                  : "TCG doesn't support requested feature";
6459     }
6460 
6461     for (w = 0; w < FEATURE_WORDS; w++) {
6462         uint64_t host_feat =
6463             x86_cpu_get_supported_feature_word(w, false);
6464         uint64_t requested_features = env->features[w];
6465         uint64_t unavailable_features = requested_features & ~host_feat;
6466         mark_unavailable_features(cpu, w, unavailable_features, prefix);
6467     }
6468 
6469     if ((env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_INTEL_PT) &&
6470         kvm_enabled()) {
6471         KVMState *s = CPU(cpu)->kvm_state;
6472         uint32_t eax_0 = kvm_arch_get_supported_cpuid(s, 0x14, 0, R_EAX);
6473         uint32_t ebx_0 = kvm_arch_get_supported_cpuid(s, 0x14, 0, R_EBX);
6474         uint32_t ecx_0 = kvm_arch_get_supported_cpuid(s, 0x14, 0, R_ECX);
6475         uint32_t eax_1 = kvm_arch_get_supported_cpuid(s, 0x14, 1, R_EAX);
6476         uint32_t ebx_1 = kvm_arch_get_supported_cpuid(s, 0x14, 1, R_EBX);
6477 
6478         if (!eax_0 ||
6479            ((ebx_0 & INTEL_PT_MINIMAL_EBX) != INTEL_PT_MINIMAL_EBX) ||
6480            ((ecx_0 & INTEL_PT_MINIMAL_ECX) != INTEL_PT_MINIMAL_ECX) ||
6481            ((eax_1 & INTEL_PT_MTC_BITMAP) != INTEL_PT_MTC_BITMAP) ||
6482            ((eax_1 & INTEL_PT_ADDR_RANGES_NUM_MASK) <
6483                                            INTEL_PT_ADDR_RANGES_NUM) ||
6484            ((ebx_1 & (INTEL_PT_PSB_BITMAP | INTEL_PT_CYCLE_BITMAP)) !=
6485                 (INTEL_PT_PSB_BITMAP | INTEL_PT_CYCLE_BITMAP)) ||
6486            ((ecx_0 & CPUID_14_0_ECX_LIP) !=
6487                 (env->features[FEAT_14_0_ECX] & CPUID_14_0_ECX_LIP))) {
6488             /*
6489              * Processor Trace capabilities aren't configurable, so if the
6490              * host can't emulate the capabilities we report on
6491              * cpu_x86_cpuid(), intel-pt can't be enabled on the current host.
6492              */
6493             mark_unavailable_features(cpu, FEAT_7_0_EBX, CPUID_7_0_EBX_INTEL_PT, prefix);
6494         }
6495     }
6496 }
6497 
6498 static void x86_cpu_hyperv_realize(X86CPU *cpu)
6499 {
6500     size_t len;
6501 
6502     /* Hyper-V vendor id */
6503     if (!cpu->hyperv_vendor) {
6504         object_property_set_str(OBJECT(cpu), "hv-vendor-id", "Microsoft Hv",
6505                                 &error_abort);
6506     }
6507     len = strlen(cpu->hyperv_vendor);
6508     if (len > 12) {
6509         warn_report("hv-vendor-id truncated to 12 characters");
6510         len = 12;
6511     }
6512     memset(cpu->hyperv_vendor_id, 0, 12);
6513     memcpy(cpu->hyperv_vendor_id, cpu->hyperv_vendor, len);
6514 
6515     /* 'Hv#1' interface identification*/
6516     cpu->hyperv_interface_id[0] = 0x31237648;
6517     cpu->hyperv_interface_id[1] = 0;
6518     cpu->hyperv_interface_id[2] = 0;
6519     cpu->hyperv_interface_id[3] = 0;
6520 
6521     /* Hypervisor implementation limits */
6522     cpu->hyperv_limits[0] = 64;
6523     cpu->hyperv_limits[1] = 0;
6524     cpu->hyperv_limits[2] = 0;
6525 }
6526 
6527 static void x86_cpu_realizefn(DeviceState *dev, Error **errp)
6528 {
6529     CPUState *cs = CPU(dev);
6530     X86CPU *cpu = X86_CPU(dev);
6531     X86CPUClass *xcc = X86_CPU_GET_CLASS(dev);
6532     CPUX86State *env = &cpu->env;
6533     Error *local_err = NULL;
6534     static bool ht_warned;
6535     unsigned requested_lbr_fmt;
6536 
6537     if (cpu->apic_id == UNASSIGNED_APIC_ID) {
6538         error_setg(errp, "apic-id property was not initialized properly");
6539         return;
6540     }
6541 
6542     /*
6543      * Process Hyper-V enlightenments.
6544      * Note: this currently has to happen before the expansion of CPU features.
6545      */
6546     x86_cpu_hyperv_realize(cpu);
6547 
6548     x86_cpu_expand_features(cpu, &local_err);
6549     if (local_err) {
6550         goto out;
6551     }
6552 
6553     /*
6554      * Override env->features[FEAT_PERF_CAPABILITIES].LBR_FMT
6555      * with user-provided setting.
6556      */
6557     if (cpu->lbr_fmt != ~PERF_CAP_LBR_FMT) {
6558         if ((cpu->lbr_fmt & PERF_CAP_LBR_FMT) != cpu->lbr_fmt) {
6559             error_setg(errp, "invalid lbr-fmt");
6560             return;
6561         }
6562         env->features[FEAT_PERF_CAPABILITIES] &= ~PERF_CAP_LBR_FMT;
6563         env->features[FEAT_PERF_CAPABILITIES] |= cpu->lbr_fmt;
6564     }
6565 
6566     /*
6567      * vPMU LBR is supported when 1) KVM is enabled 2) Option pmu=on and
6568      * 3)vPMU LBR format matches that of host setting.
6569      */
6570     requested_lbr_fmt =
6571         env->features[FEAT_PERF_CAPABILITIES] & PERF_CAP_LBR_FMT;
6572     if (requested_lbr_fmt && kvm_enabled()) {
6573         uint64_t host_perf_cap =
6574             x86_cpu_get_supported_feature_word(FEAT_PERF_CAPABILITIES, false);
6575         unsigned host_lbr_fmt = host_perf_cap & PERF_CAP_LBR_FMT;
6576 
6577         if (!cpu->enable_pmu) {
6578             error_setg(errp, "vPMU: LBR is unsupported without pmu=on");
6579             return;
6580         }
6581         if (requested_lbr_fmt != host_lbr_fmt) {
6582             error_setg(errp, "vPMU: the lbr-fmt value (0x%x) does not match "
6583                         "the host value (0x%x).",
6584                         requested_lbr_fmt, host_lbr_fmt);
6585             return;
6586         }
6587     }
6588 
6589     x86_cpu_filter_features(cpu, cpu->check_cpuid || cpu->enforce_cpuid);
6590 
6591     if (cpu->enforce_cpuid && x86_cpu_have_filtered_features(cpu)) {
6592         error_setg(&local_err,
6593                    accel_uses_host_cpuid() ?
6594                        "Host doesn't support requested features" :
6595                        "TCG doesn't support requested features");
6596         goto out;
6597     }
6598 
6599     /* On AMD CPUs, some CPUID[8000_0001].EDX bits must match the bits on
6600      * CPUID[1].EDX.
6601      */
6602     if (IS_AMD_CPU(env)) {
6603         env->features[FEAT_8000_0001_EDX] &= ~CPUID_EXT2_AMD_ALIASES;
6604         env->features[FEAT_8000_0001_EDX] |= (env->features[FEAT_1_EDX]
6605            & CPUID_EXT2_AMD_ALIASES);
6606     }
6607 
6608     x86_cpu_set_sgxlepubkeyhash(env);
6609 
6610     /*
6611      * note: the call to the framework needs to happen after feature expansion,
6612      * but before the checks/modifications to ucode_rev, mwait, phys_bits.
6613      * These may be set by the accel-specific code,
6614      * and the results are subsequently checked / assumed in this function.
6615      */
6616     cpu_exec_realizefn(cs, &local_err);
6617     if (local_err != NULL) {
6618         error_propagate(errp, local_err);
6619         return;
6620     }
6621 
6622     if (xcc->host_cpuid_required && !accel_uses_host_cpuid()) {
6623         g_autofree char *name = x86_cpu_class_get_model_name(xcc);
6624         error_setg(&local_err, "CPU model '%s' requires KVM or HVF", name);
6625         goto out;
6626     }
6627 
6628     if (cpu->ucode_rev == 0) {
6629         /*
6630          * The default is the same as KVM's. Note that this check
6631          * needs to happen after the evenual setting of ucode_rev in
6632          * accel-specific code in cpu_exec_realizefn.
6633          */
6634         if (IS_AMD_CPU(env)) {
6635             cpu->ucode_rev = 0x01000065;
6636         } else {
6637             cpu->ucode_rev = 0x100000000ULL;
6638         }
6639     }
6640 
6641     /*
6642      * mwait extended info: needed for Core compatibility
6643      * We always wake on interrupt even if host does not have the capability.
6644      *
6645      * requires the accel-specific code in cpu_exec_realizefn to
6646      * have already acquired the CPUID data into cpu->mwait.
6647      */
6648     cpu->mwait.ecx |= CPUID_MWAIT_EMX | CPUID_MWAIT_IBE;
6649 
6650     /* For 64bit systems think about the number of physical bits to present.
6651      * ideally this should be the same as the host; anything other than matching
6652      * the host can cause incorrect guest behaviour.
6653      * QEMU used to pick the magic value of 40 bits that corresponds to
6654      * consumer AMD devices but nothing else.
6655      *
6656      * Note that this code assumes features expansion has already been done
6657      * (as it checks for CPUID_EXT2_LM), and also assumes that potential
6658      * phys_bits adjustments to match the host have been already done in
6659      * accel-specific code in cpu_exec_realizefn.
6660      */
6661     if (env->features[FEAT_8000_0001_EDX] & CPUID_EXT2_LM) {
6662         if (cpu->phys_bits &&
6663             (cpu->phys_bits > TARGET_PHYS_ADDR_SPACE_BITS ||
6664             cpu->phys_bits < 32)) {
6665             error_setg(errp, "phys-bits should be between 32 and %u "
6666                              " (but is %u)",
6667                              TARGET_PHYS_ADDR_SPACE_BITS, cpu->phys_bits);
6668             return;
6669         }
6670         /*
6671          * 0 means it was not explicitly set by the user (or by machine
6672          * compat_props or by the host code in host-cpu.c).
6673          * In this case, the default is the value used by TCG (40).
6674          */
6675         if (cpu->phys_bits == 0) {
6676             cpu->phys_bits = TCG_PHYS_ADDR_BITS;
6677         }
6678     } else {
6679         /* For 32 bit systems don't use the user set value, but keep
6680          * phys_bits consistent with what we tell the guest.
6681          */
6682         if (cpu->phys_bits != 0) {
6683             error_setg(errp, "phys-bits is not user-configurable in 32 bit");
6684             return;
6685         }
6686 
6687         if (env->features[FEAT_1_EDX] & CPUID_PSE36) {
6688             cpu->phys_bits = 36;
6689         } else {
6690             cpu->phys_bits = 32;
6691         }
6692     }
6693 
6694     /* Cache information initialization */
6695     if (!cpu->legacy_cache) {
6696         if (!xcc->model || !xcc->model->cpudef->cache_info) {
6697             g_autofree char *name = x86_cpu_class_get_model_name(xcc);
6698             error_setg(errp,
6699                        "CPU model '%s' doesn't support legacy-cache=off", name);
6700             return;
6701         }
6702         env->cache_info_cpuid2 = env->cache_info_cpuid4 = env->cache_info_amd =
6703             *xcc->model->cpudef->cache_info;
6704     } else {
6705         /* Build legacy cache information */
6706         env->cache_info_cpuid2.l1d_cache = &legacy_l1d_cache;
6707         env->cache_info_cpuid2.l1i_cache = &legacy_l1i_cache;
6708         env->cache_info_cpuid2.l2_cache = &legacy_l2_cache_cpuid2;
6709         env->cache_info_cpuid2.l3_cache = &legacy_l3_cache;
6710 
6711         env->cache_info_cpuid4.l1d_cache = &legacy_l1d_cache;
6712         env->cache_info_cpuid4.l1i_cache = &legacy_l1i_cache;
6713         env->cache_info_cpuid4.l2_cache = &legacy_l2_cache;
6714         env->cache_info_cpuid4.l3_cache = &legacy_l3_cache;
6715 
6716         env->cache_info_amd.l1d_cache = &legacy_l1d_cache_amd;
6717         env->cache_info_amd.l1i_cache = &legacy_l1i_cache_amd;
6718         env->cache_info_amd.l2_cache = &legacy_l2_cache_amd;
6719         env->cache_info_amd.l3_cache = &legacy_l3_cache;
6720     }
6721 
6722 #ifndef CONFIG_USER_ONLY
6723     MachineState *ms = MACHINE(qdev_get_machine());
6724     qemu_register_reset(x86_cpu_machine_reset_cb, cpu);
6725 
6726     if (cpu->env.features[FEAT_1_EDX] & CPUID_APIC || ms->smp.cpus > 1) {
6727         x86_cpu_apic_create(cpu, &local_err);
6728         if (local_err != NULL) {
6729             goto out;
6730         }
6731     }
6732 #endif
6733 
6734     mce_init(cpu);
6735 
6736     qemu_init_vcpu(cs);
6737 
6738     /*
6739      * Most Intel and certain AMD CPUs support hyperthreading. Even though QEMU
6740      * fixes this issue by adjusting CPUID_0000_0001_EBX and CPUID_8000_0008_ECX
6741      * based on inputs (sockets,cores,threads), it is still better to give
6742      * users a warning.
6743      *
6744      * NOTE: the following code has to follow qemu_init_vcpu(). Otherwise
6745      * cs->nr_threads hasn't be populated yet and the checking is incorrect.
6746      */
6747     if (IS_AMD_CPU(env) &&
6748         !(env->features[FEAT_8000_0001_ECX] & CPUID_EXT3_TOPOEXT) &&
6749         cs->nr_threads > 1 && !ht_warned) {
6750             warn_report("This family of AMD CPU doesn't support "
6751                         "hyperthreading(%d)",
6752                         cs->nr_threads);
6753             error_printf("Please configure -smp options properly"
6754                          " or try enabling topoext feature.\n");
6755             ht_warned = true;
6756     }
6757 
6758 #ifndef CONFIG_USER_ONLY
6759     x86_cpu_apic_realize(cpu, &local_err);
6760     if (local_err != NULL) {
6761         goto out;
6762     }
6763 #endif /* !CONFIG_USER_ONLY */
6764     cpu_reset(cs);
6765 
6766     xcc->parent_realize(dev, &local_err);
6767 
6768 out:
6769     if (local_err != NULL) {
6770         error_propagate(errp, local_err);
6771         return;
6772     }
6773 }
6774 
6775 static void x86_cpu_unrealizefn(DeviceState *dev)
6776 {
6777     X86CPU *cpu = X86_CPU(dev);
6778     X86CPUClass *xcc = X86_CPU_GET_CLASS(dev);
6779 
6780 #ifndef CONFIG_USER_ONLY
6781     cpu_remove_sync(CPU(dev));
6782     qemu_unregister_reset(x86_cpu_machine_reset_cb, dev);
6783 #endif
6784 
6785     if (cpu->apic_state) {
6786         object_unparent(OBJECT(cpu->apic_state));
6787         cpu->apic_state = NULL;
6788     }
6789 
6790     xcc->parent_unrealize(dev);
6791 }
6792 
6793 typedef struct BitProperty {
6794     FeatureWord w;
6795     uint64_t mask;
6796 } BitProperty;
6797 
6798 static void x86_cpu_get_bit_prop(Object *obj, Visitor *v, const char *name,
6799                                  void *opaque, Error **errp)
6800 {
6801     X86CPU *cpu = X86_CPU(obj);
6802     BitProperty *fp = opaque;
6803     uint64_t f = cpu->env.features[fp->w];
6804     bool value = (f & fp->mask) == fp->mask;
6805     visit_type_bool(v, name, &value, errp);
6806 }
6807 
6808 static void x86_cpu_set_bit_prop(Object *obj, Visitor *v, const char *name,
6809                                  void *opaque, Error **errp)
6810 {
6811     DeviceState *dev = DEVICE(obj);
6812     X86CPU *cpu = X86_CPU(obj);
6813     BitProperty *fp = opaque;
6814     bool value;
6815 
6816     if (dev->realized) {
6817         qdev_prop_set_after_realize(dev, name, errp);
6818         return;
6819     }
6820 
6821     if (!visit_type_bool(v, name, &value, errp)) {
6822         return;
6823     }
6824 
6825     if (value) {
6826         cpu->env.features[fp->w] |= fp->mask;
6827     } else {
6828         cpu->env.features[fp->w] &= ~fp->mask;
6829     }
6830     cpu->env.user_features[fp->w] |= fp->mask;
6831 }
6832 
6833 /* Register a boolean property to get/set a single bit in a uint32_t field.
6834  *
6835  * The same property name can be registered multiple times to make it affect
6836  * multiple bits in the same FeatureWord. In that case, the getter will return
6837  * true only if all bits are set.
6838  */
6839 static void x86_cpu_register_bit_prop(X86CPUClass *xcc,
6840                                       const char *prop_name,
6841                                       FeatureWord w,
6842                                       int bitnr)
6843 {
6844     ObjectClass *oc = OBJECT_CLASS(xcc);
6845     BitProperty *fp;
6846     ObjectProperty *op;
6847     uint64_t mask = (1ULL << bitnr);
6848 
6849     op = object_class_property_find(oc, prop_name);
6850     if (op) {
6851         fp = op->opaque;
6852         assert(fp->w == w);
6853         fp->mask |= mask;
6854     } else {
6855         fp = g_new0(BitProperty, 1);
6856         fp->w = w;
6857         fp->mask = mask;
6858         object_class_property_add(oc, prop_name, "bool",
6859                                   x86_cpu_get_bit_prop,
6860                                   x86_cpu_set_bit_prop,
6861                                   NULL, fp);
6862     }
6863 }
6864 
6865 static void x86_cpu_register_feature_bit_props(X86CPUClass *xcc,
6866                                                FeatureWord w,
6867                                                int bitnr)
6868 {
6869     FeatureWordInfo *fi = &feature_word_info[w];
6870     const char *name = fi->feat_names[bitnr];
6871 
6872     if (!name) {
6873         return;
6874     }
6875 
6876     /* Property names should use "-" instead of "_".
6877      * Old names containing underscores are registered as aliases
6878      * using object_property_add_alias()
6879      */
6880     assert(!strchr(name, '_'));
6881     /* aliases don't use "|" delimiters anymore, they are registered
6882      * manually using object_property_add_alias() */
6883     assert(!strchr(name, '|'));
6884     x86_cpu_register_bit_prop(xcc, name, w, bitnr);
6885 }
6886 
6887 static void x86_cpu_post_initfn(Object *obj)
6888 {
6889     accel_cpu_instance_init(CPU(obj));
6890 }
6891 
6892 static void x86_cpu_initfn(Object *obj)
6893 {
6894     X86CPU *cpu = X86_CPU(obj);
6895     X86CPUClass *xcc = X86_CPU_GET_CLASS(obj);
6896     CPUX86State *env = &cpu->env;
6897 
6898     env->nr_dies = 1;
6899     cpu_set_cpustate_pointers(cpu);
6900 
6901     object_property_add(obj, "feature-words", "X86CPUFeatureWordInfo",
6902                         x86_cpu_get_feature_words,
6903                         NULL, NULL, (void *)env->features);
6904     object_property_add(obj, "filtered-features", "X86CPUFeatureWordInfo",
6905                         x86_cpu_get_feature_words,
6906                         NULL, NULL, (void *)cpu->filtered_features);
6907 
6908     object_property_add_alias(obj, "sse3", obj, "pni");
6909     object_property_add_alias(obj, "pclmuldq", obj, "pclmulqdq");
6910     object_property_add_alias(obj, "sse4-1", obj, "sse4.1");
6911     object_property_add_alias(obj, "sse4-2", obj, "sse4.2");
6912     object_property_add_alias(obj, "xd", obj, "nx");
6913     object_property_add_alias(obj, "ffxsr", obj, "fxsr-opt");
6914     object_property_add_alias(obj, "i64", obj, "lm");
6915 
6916     object_property_add_alias(obj, "ds_cpl", obj, "ds-cpl");
6917     object_property_add_alias(obj, "tsc_adjust", obj, "tsc-adjust");
6918     object_property_add_alias(obj, "fxsr_opt", obj, "fxsr-opt");
6919     object_property_add_alias(obj, "lahf_lm", obj, "lahf-lm");
6920     object_property_add_alias(obj, "cmp_legacy", obj, "cmp-legacy");
6921     object_property_add_alias(obj, "nodeid_msr", obj, "nodeid-msr");
6922     object_property_add_alias(obj, "perfctr_core", obj, "perfctr-core");
6923     object_property_add_alias(obj, "perfctr_nb", obj, "perfctr-nb");
6924     object_property_add_alias(obj, "kvm_nopiodelay", obj, "kvm-nopiodelay");
6925     object_property_add_alias(obj, "kvm_mmu", obj, "kvm-mmu");
6926     object_property_add_alias(obj, "kvm_asyncpf", obj, "kvm-asyncpf");
6927     object_property_add_alias(obj, "kvm_asyncpf_int", obj, "kvm-asyncpf-int");
6928     object_property_add_alias(obj, "kvm_steal_time", obj, "kvm-steal-time");
6929     object_property_add_alias(obj, "kvm_pv_eoi", obj, "kvm-pv-eoi");
6930     object_property_add_alias(obj, "kvm_pv_unhalt", obj, "kvm-pv-unhalt");
6931     object_property_add_alias(obj, "kvm_poll_control", obj, "kvm-poll-control");
6932     object_property_add_alias(obj, "svm_lock", obj, "svm-lock");
6933     object_property_add_alias(obj, "nrip_save", obj, "nrip-save");
6934     object_property_add_alias(obj, "tsc_scale", obj, "tsc-scale");
6935     object_property_add_alias(obj, "vmcb_clean", obj, "vmcb-clean");
6936     object_property_add_alias(obj, "pause_filter", obj, "pause-filter");
6937     object_property_add_alias(obj, "sse4_1", obj, "sse4.1");
6938     object_property_add_alias(obj, "sse4_2", obj, "sse4.2");
6939 
6940     object_property_add_alias(obj, "hv-apicv", obj, "hv-avic");
6941     cpu->lbr_fmt = ~PERF_CAP_LBR_FMT;
6942     object_property_add_alias(obj, "lbr_fmt", obj, "lbr-fmt");
6943 
6944     if (xcc->model) {
6945         x86_cpu_load_model(cpu, xcc->model);
6946     }
6947 }
6948 
6949 static int64_t x86_cpu_get_arch_id(CPUState *cs)
6950 {
6951     X86CPU *cpu = X86_CPU(cs);
6952 
6953     return cpu->apic_id;
6954 }
6955 
6956 #if !defined(CONFIG_USER_ONLY)
6957 static bool x86_cpu_get_paging_enabled(const CPUState *cs)
6958 {
6959     X86CPU *cpu = X86_CPU(cs);
6960 
6961     return cpu->env.cr[0] & CR0_PG_MASK;
6962 }
6963 #endif /* !CONFIG_USER_ONLY */
6964 
6965 static void x86_cpu_set_pc(CPUState *cs, vaddr value)
6966 {
6967     X86CPU *cpu = X86_CPU(cs);
6968 
6969     cpu->env.eip = value;
6970 }
6971 
6972 static vaddr x86_cpu_get_pc(CPUState *cs)
6973 {
6974     X86CPU *cpu = X86_CPU(cs);
6975 
6976     /* Match cpu_get_tb_cpu_state. */
6977     return cpu->env.eip + cpu->env.segs[R_CS].base;
6978 }
6979 
6980 int x86_cpu_pending_interrupt(CPUState *cs, int interrupt_request)
6981 {
6982     X86CPU *cpu = X86_CPU(cs);
6983     CPUX86State *env = &cpu->env;
6984 
6985 #if !defined(CONFIG_USER_ONLY)
6986     if (interrupt_request & CPU_INTERRUPT_POLL) {
6987         return CPU_INTERRUPT_POLL;
6988     }
6989 #endif
6990     if (interrupt_request & CPU_INTERRUPT_SIPI) {
6991         return CPU_INTERRUPT_SIPI;
6992     }
6993 
6994     if (env->hflags2 & HF2_GIF_MASK) {
6995         if ((interrupt_request & CPU_INTERRUPT_SMI) &&
6996             !(env->hflags & HF_SMM_MASK)) {
6997             return CPU_INTERRUPT_SMI;
6998         } else if ((interrupt_request & CPU_INTERRUPT_NMI) &&
6999                    !(env->hflags2 & HF2_NMI_MASK)) {
7000             return CPU_INTERRUPT_NMI;
7001         } else if (interrupt_request & CPU_INTERRUPT_MCE) {
7002             return CPU_INTERRUPT_MCE;
7003         } else if ((interrupt_request & CPU_INTERRUPT_HARD) &&
7004                    (((env->hflags2 & HF2_VINTR_MASK) &&
7005                      (env->hflags2 & HF2_HIF_MASK)) ||
7006                     (!(env->hflags2 & HF2_VINTR_MASK) &&
7007                      (env->eflags & IF_MASK &&
7008                       !(env->hflags & HF_INHIBIT_IRQ_MASK))))) {
7009             return CPU_INTERRUPT_HARD;
7010 #if !defined(CONFIG_USER_ONLY)
7011         } else if (env->hflags2 & HF2_VGIF_MASK) {
7012             if((interrupt_request & CPU_INTERRUPT_VIRQ) &&
7013                    (env->eflags & IF_MASK) &&
7014                    !(env->hflags & HF_INHIBIT_IRQ_MASK)) {
7015                         return CPU_INTERRUPT_VIRQ;
7016             }
7017 #endif
7018         }
7019     }
7020 
7021     return 0;
7022 }
7023 
7024 static bool x86_cpu_has_work(CPUState *cs)
7025 {
7026     return x86_cpu_pending_interrupt(cs, cs->interrupt_request) != 0;
7027 }
7028 
7029 static void x86_disas_set_info(CPUState *cs, disassemble_info *info)
7030 {
7031     X86CPU *cpu = X86_CPU(cs);
7032     CPUX86State *env = &cpu->env;
7033 
7034     info->mach = (env->hflags & HF_CS64_MASK ? bfd_mach_x86_64
7035                   : env->hflags & HF_CS32_MASK ? bfd_mach_i386_i386
7036                   : bfd_mach_i386_i8086);
7037 
7038     info->cap_arch = CS_ARCH_X86;
7039     info->cap_mode = (env->hflags & HF_CS64_MASK ? CS_MODE_64
7040                       : env->hflags & HF_CS32_MASK ? CS_MODE_32
7041                       : CS_MODE_16);
7042     info->cap_insn_unit = 1;
7043     info->cap_insn_split = 8;
7044 }
7045 
7046 void x86_update_hflags(CPUX86State *env)
7047 {
7048    uint32_t hflags;
7049 #define HFLAG_COPY_MASK \
7050     ~( HF_CPL_MASK | HF_PE_MASK | HF_MP_MASK | HF_EM_MASK | \
7051        HF_TS_MASK | HF_TF_MASK | HF_VM_MASK | HF_IOPL_MASK | \
7052        HF_OSFXSR_MASK | HF_LMA_MASK | HF_CS32_MASK | \
7053        HF_SS32_MASK | HF_CS64_MASK | HF_ADDSEG_MASK)
7054 
7055     hflags = env->hflags & HFLAG_COPY_MASK;
7056     hflags |= (env->segs[R_SS].flags >> DESC_DPL_SHIFT) & HF_CPL_MASK;
7057     hflags |= (env->cr[0] & CR0_PE_MASK) << (HF_PE_SHIFT - CR0_PE_SHIFT);
7058     hflags |= (env->cr[0] << (HF_MP_SHIFT - CR0_MP_SHIFT)) &
7059                 (HF_MP_MASK | HF_EM_MASK | HF_TS_MASK);
7060     hflags |= (env->eflags & (HF_TF_MASK | HF_VM_MASK | HF_IOPL_MASK));
7061 
7062     if (env->cr[4] & CR4_OSFXSR_MASK) {
7063         hflags |= HF_OSFXSR_MASK;
7064     }
7065 
7066     if (env->efer & MSR_EFER_LMA) {
7067         hflags |= HF_LMA_MASK;
7068     }
7069 
7070     if ((hflags & HF_LMA_MASK) && (env->segs[R_CS].flags & DESC_L_MASK)) {
7071         hflags |= HF_CS32_MASK | HF_SS32_MASK | HF_CS64_MASK;
7072     } else {
7073         hflags |= (env->segs[R_CS].flags & DESC_B_MASK) >>
7074                     (DESC_B_SHIFT - HF_CS32_SHIFT);
7075         hflags |= (env->segs[R_SS].flags & DESC_B_MASK) >>
7076                     (DESC_B_SHIFT - HF_SS32_SHIFT);
7077         if (!(env->cr[0] & CR0_PE_MASK) || (env->eflags & VM_MASK) ||
7078             !(hflags & HF_CS32_MASK)) {
7079             hflags |= HF_ADDSEG_MASK;
7080         } else {
7081             hflags |= ((env->segs[R_DS].base | env->segs[R_ES].base |
7082                         env->segs[R_SS].base) != 0) << HF_ADDSEG_SHIFT;
7083         }
7084     }
7085     env->hflags = hflags;
7086 }
7087 
7088 static Property x86_cpu_properties[] = {
7089 #ifdef CONFIG_USER_ONLY
7090     /* apic_id = 0 by default for *-user, see commit 9886e834 */
7091     DEFINE_PROP_UINT32("apic-id", X86CPU, apic_id, 0),
7092     DEFINE_PROP_INT32("thread-id", X86CPU, thread_id, 0),
7093     DEFINE_PROP_INT32("core-id", X86CPU, core_id, 0),
7094     DEFINE_PROP_INT32("die-id", X86CPU, die_id, 0),
7095     DEFINE_PROP_INT32("socket-id", X86CPU, socket_id, 0),
7096 #else
7097     DEFINE_PROP_UINT32("apic-id", X86CPU, apic_id, UNASSIGNED_APIC_ID),
7098     DEFINE_PROP_INT32("thread-id", X86CPU, thread_id, -1),
7099     DEFINE_PROP_INT32("core-id", X86CPU, core_id, -1),
7100     DEFINE_PROP_INT32("die-id", X86CPU, die_id, -1),
7101     DEFINE_PROP_INT32("socket-id", X86CPU, socket_id, -1),
7102 #endif
7103     DEFINE_PROP_INT32("node-id", X86CPU, node_id, CPU_UNSET_NUMA_NODE_ID),
7104     DEFINE_PROP_BOOL("pmu", X86CPU, enable_pmu, false),
7105     DEFINE_PROP_UINT64_CHECKMASK("lbr-fmt", X86CPU, lbr_fmt, PERF_CAP_LBR_FMT),
7106 
7107     DEFINE_PROP_UINT32("hv-spinlocks", X86CPU, hyperv_spinlock_attempts,
7108                        HYPERV_SPINLOCK_NEVER_NOTIFY),
7109     DEFINE_PROP_BIT64("hv-relaxed", X86CPU, hyperv_features,
7110                       HYPERV_FEAT_RELAXED, 0),
7111     DEFINE_PROP_BIT64("hv-vapic", X86CPU, hyperv_features,
7112                       HYPERV_FEAT_VAPIC, 0),
7113     DEFINE_PROP_BIT64("hv-time", X86CPU, hyperv_features,
7114                       HYPERV_FEAT_TIME, 0),
7115     DEFINE_PROP_BIT64("hv-crash", X86CPU, hyperv_features,
7116                       HYPERV_FEAT_CRASH, 0),
7117     DEFINE_PROP_BIT64("hv-reset", X86CPU, hyperv_features,
7118                       HYPERV_FEAT_RESET, 0),
7119     DEFINE_PROP_BIT64("hv-vpindex", X86CPU, hyperv_features,
7120                       HYPERV_FEAT_VPINDEX, 0),
7121     DEFINE_PROP_BIT64("hv-runtime", X86CPU, hyperv_features,
7122                       HYPERV_FEAT_RUNTIME, 0),
7123     DEFINE_PROP_BIT64("hv-synic", X86CPU, hyperv_features,
7124                       HYPERV_FEAT_SYNIC, 0),
7125     DEFINE_PROP_BIT64("hv-stimer", X86CPU, hyperv_features,
7126                       HYPERV_FEAT_STIMER, 0),
7127     DEFINE_PROP_BIT64("hv-frequencies", X86CPU, hyperv_features,
7128                       HYPERV_FEAT_FREQUENCIES, 0),
7129     DEFINE_PROP_BIT64("hv-reenlightenment", X86CPU, hyperv_features,
7130                       HYPERV_FEAT_REENLIGHTENMENT, 0),
7131     DEFINE_PROP_BIT64("hv-tlbflush", X86CPU, hyperv_features,
7132                       HYPERV_FEAT_TLBFLUSH, 0),
7133     DEFINE_PROP_BIT64("hv-evmcs", X86CPU, hyperv_features,
7134                       HYPERV_FEAT_EVMCS, 0),
7135     DEFINE_PROP_BIT64("hv-ipi", X86CPU, hyperv_features,
7136                       HYPERV_FEAT_IPI, 0),
7137     DEFINE_PROP_BIT64("hv-stimer-direct", X86CPU, hyperv_features,
7138                       HYPERV_FEAT_STIMER_DIRECT, 0),
7139     DEFINE_PROP_BIT64("hv-avic", X86CPU, hyperv_features,
7140                       HYPERV_FEAT_AVIC, 0),
7141     DEFINE_PROP_BIT64("hv-emsr-bitmap", X86CPU, hyperv_features,
7142                       HYPERV_FEAT_MSR_BITMAP, 0),
7143     DEFINE_PROP_BIT64("hv-xmm-input", X86CPU, hyperv_features,
7144                       HYPERV_FEAT_XMM_INPUT, 0),
7145     DEFINE_PROP_BIT64("hv-tlbflush-ext", X86CPU, hyperv_features,
7146                       HYPERV_FEAT_TLBFLUSH_EXT, 0),
7147     DEFINE_PROP_BIT64("hv-tlbflush-direct", X86CPU, hyperv_features,
7148                       HYPERV_FEAT_TLBFLUSH_DIRECT, 0),
7149     DEFINE_PROP_ON_OFF_AUTO("hv-no-nonarch-coresharing", X86CPU,
7150                             hyperv_no_nonarch_cs, ON_OFF_AUTO_OFF),
7151     DEFINE_PROP_BIT64("hv-syndbg", X86CPU, hyperv_features,
7152                       HYPERV_FEAT_SYNDBG, 0),
7153     DEFINE_PROP_BOOL("hv-passthrough", X86CPU, hyperv_passthrough, false),
7154     DEFINE_PROP_BOOL("hv-enforce-cpuid", X86CPU, hyperv_enforce_cpuid, false),
7155 
7156     /* WS2008R2 identify by default */
7157     DEFINE_PROP_UINT32("hv-version-id-build", X86CPU, hyperv_ver_id_build,
7158                        0x3839),
7159     DEFINE_PROP_UINT16("hv-version-id-major", X86CPU, hyperv_ver_id_major,
7160                        0x000A),
7161     DEFINE_PROP_UINT16("hv-version-id-minor", X86CPU, hyperv_ver_id_minor,
7162                        0x0000),
7163     DEFINE_PROP_UINT32("hv-version-id-spack", X86CPU, hyperv_ver_id_sp, 0),
7164     DEFINE_PROP_UINT8("hv-version-id-sbranch", X86CPU, hyperv_ver_id_sb, 0),
7165     DEFINE_PROP_UINT32("hv-version-id-snumber", X86CPU, hyperv_ver_id_sn, 0),
7166 
7167     DEFINE_PROP_BOOL("check", X86CPU, check_cpuid, true),
7168     DEFINE_PROP_BOOL("enforce", X86CPU, enforce_cpuid, false),
7169     DEFINE_PROP_BOOL("x-force-features", X86CPU, force_features, false),
7170     DEFINE_PROP_BOOL("kvm", X86CPU, expose_kvm, true),
7171     DEFINE_PROP_UINT32("phys-bits", X86CPU, phys_bits, 0),
7172     DEFINE_PROP_BOOL("host-phys-bits", X86CPU, host_phys_bits, false),
7173     DEFINE_PROP_UINT8("host-phys-bits-limit", X86CPU, host_phys_bits_limit, 0),
7174     DEFINE_PROP_BOOL("fill-mtrr-mask", X86CPU, fill_mtrr_mask, true),
7175     DEFINE_PROP_UINT32("level-func7", X86CPU, env.cpuid_level_func7,
7176                        UINT32_MAX),
7177     DEFINE_PROP_UINT32("level", X86CPU, env.cpuid_level, UINT32_MAX),
7178     DEFINE_PROP_UINT32("xlevel", X86CPU, env.cpuid_xlevel, UINT32_MAX),
7179     DEFINE_PROP_UINT32("xlevel2", X86CPU, env.cpuid_xlevel2, UINT32_MAX),
7180     DEFINE_PROP_UINT32("min-level", X86CPU, env.cpuid_min_level, 0),
7181     DEFINE_PROP_UINT32("min-xlevel", X86CPU, env.cpuid_min_xlevel, 0),
7182     DEFINE_PROP_UINT32("min-xlevel2", X86CPU, env.cpuid_min_xlevel2, 0),
7183     DEFINE_PROP_UINT64("ucode-rev", X86CPU, ucode_rev, 0),
7184     DEFINE_PROP_BOOL("full-cpuid-auto-level", X86CPU, full_cpuid_auto_level, true),
7185     DEFINE_PROP_STRING("hv-vendor-id", X86CPU, hyperv_vendor),
7186     DEFINE_PROP_BOOL("cpuid-0xb", X86CPU, enable_cpuid_0xb, true),
7187     DEFINE_PROP_BOOL("x-vendor-cpuid-only", X86CPU, vendor_cpuid_only, true),
7188     DEFINE_PROP_BOOL("lmce", X86CPU, enable_lmce, false),
7189     DEFINE_PROP_BOOL("l3-cache", X86CPU, enable_l3_cache, true),
7190     DEFINE_PROP_BOOL("kvm-no-smi-migration", X86CPU, kvm_no_smi_migration,
7191                      false),
7192     DEFINE_PROP_BOOL("kvm-pv-enforce-cpuid", X86CPU, kvm_pv_enforce_cpuid,
7193                      false),
7194     DEFINE_PROP_BOOL("vmware-cpuid-freq", X86CPU, vmware_cpuid_freq, true),
7195     DEFINE_PROP_BOOL("tcg-cpuid", X86CPU, expose_tcg, true),
7196     DEFINE_PROP_BOOL("x-migrate-smi-count", X86CPU, migrate_smi_count,
7197                      true),
7198     /*
7199      * lecacy_cache defaults to true unless the CPU model provides its
7200      * own cache information (see x86_cpu_load_def()).
7201      */
7202     DEFINE_PROP_BOOL("legacy-cache", X86CPU, legacy_cache, true),
7203 
7204     /*
7205      * From "Requirements for Implementing the Microsoft
7206      * Hypervisor Interface":
7207      * https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/reference/tlfs
7208      *
7209      * "Starting with Windows Server 2012 and Windows 8, if
7210      * CPUID.40000005.EAX contains a value of -1, Windows assumes that
7211      * the hypervisor imposes no specific limit to the number of VPs.
7212      * In this case, Windows Server 2012 guest VMs may use more than
7213      * 64 VPs, up to the maximum supported number of processors applicable
7214      * to the specific Windows version being used."
7215      */
7216     DEFINE_PROP_INT32("x-hv-max-vps", X86CPU, hv_max_vps, -1),
7217     DEFINE_PROP_BOOL("x-hv-synic-kvm-only", X86CPU, hyperv_synic_kvm_only,
7218                      false),
7219     DEFINE_PROP_BOOL("x-intel-pt-auto-level", X86CPU, intel_pt_auto_level,
7220                      true),
7221     DEFINE_PROP_END_OF_LIST()
7222 };
7223 
7224 #ifndef CONFIG_USER_ONLY
7225 #include "hw/core/sysemu-cpu-ops.h"
7226 
7227 static const struct SysemuCPUOps i386_sysemu_ops = {
7228     .get_memory_mapping = x86_cpu_get_memory_mapping,
7229     .get_paging_enabled = x86_cpu_get_paging_enabled,
7230     .get_phys_page_attrs_debug = x86_cpu_get_phys_page_attrs_debug,
7231     .asidx_from_attrs = x86_asidx_from_attrs,
7232     .get_crash_info = x86_cpu_get_crash_info,
7233     .write_elf32_note = x86_cpu_write_elf32_note,
7234     .write_elf64_note = x86_cpu_write_elf64_note,
7235     .write_elf32_qemunote = x86_cpu_write_elf32_qemunote,
7236     .write_elf64_qemunote = x86_cpu_write_elf64_qemunote,
7237     .legacy_vmsd = &vmstate_x86_cpu,
7238 };
7239 #endif
7240 
7241 static void x86_cpu_common_class_init(ObjectClass *oc, void *data)
7242 {
7243     X86CPUClass *xcc = X86_CPU_CLASS(oc);
7244     CPUClass *cc = CPU_CLASS(oc);
7245     DeviceClass *dc = DEVICE_CLASS(oc);
7246     ResettableClass *rc = RESETTABLE_CLASS(oc);
7247     FeatureWord w;
7248 
7249     device_class_set_parent_realize(dc, x86_cpu_realizefn,
7250                                     &xcc->parent_realize);
7251     device_class_set_parent_unrealize(dc, x86_cpu_unrealizefn,
7252                                       &xcc->parent_unrealize);
7253     device_class_set_props(dc, x86_cpu_properties);
7254 
7255     resettable_class_set_parent_phases(rc, NULL, x86_cpu_reset_hold, NULL,
7256                                        &xcc->parent_phases);
7257     cc->reset_dump_flags = CPU_DUMP_FPU | CPU_DUMP_CCOP;
7258 
7259     cc->class_by_name = x86_cpu_class_by_name;
7260     cc->parse_features = x86_cpu_parse_featurestr;
7261     cc->has_work = x86_cpu_has_work;
7262     cc->dump_state = x86_cpu_dump_state;
7263     cc->set_pc = x86_cpu_set_pc;
7264     cc->get_pc = x86_cpu_get_pc;
7265     cc->gdb_read_register = x86_cpu_gdb_read_register;
7266     cc->gdb_write_register = x86_cpu_gdb_write_register;
7267     cc->get_arch_id = x86_cpu_get_arch_id;
7268 
7269 #ifndef CONFIG_USER_ONLY
7270     cc->sysemu_ops = &i386_sysemu_ops;
7271 #endif /* !CONFIG_USER_ONLY */
7272 
7273     cc->gdb_arch_name = x86_gdb_arch_name;
7274 #ifdef TARGET_X86_64
7275     cc->gdb_core_xml_file = "i386-64bit.xml";
7276     cc->gdb_num_core_regs = 66;
7277 #else
7278     cc->gdb_core_xml_file = "i386-32bit.xml";
7279     cc->gdb_num_core_regs = 50;
7280 #endif
7281     cc->disas_set_info = x86_disas_set_info;
7282 
7283     dc->user_creatable = true;
7284 
7285     object_class_property_add(oc, "family", "int",
7286                               x86_cpuid_version_get_family,
7287                               x86_cpuid_version_set_family, NULL, NULL);
7288     object_class_property_add(oc, "model", "int",
7289                               x86_cpuid_version_get_model,
7290                               x86_cpuid_version_set_model, NULL, NULL);
7291     object_class_property_add(oc, "stepping", "int",
7292                               x86_cpuid_version_get_stepping,
7293                               x86_cpuid_version_set_stepping, NULL, NULL);
7294     object_class_property_add_str(oc, "vendor",
7295                                   x86_cpuid_get_vendor,
7296                                   x86_cpuid_set_vendor);
7297     object_class_property_add_str(oc, "model-id",
7298                                   x86_cpuid_get_model_id,
7299                                   x86_cpuid_set_model_id);
7300     object_class_property_add(oc, "tsc-frequency", "int",
7301                               x86_cpuid_get_tsc_freq,
7302                               x86_cpuid_set_tsc_freq, NULL, NULL);
7303     /*
7304      * The "unavailable-features" property has the same semantics as
7305      * CpuDefinitionInfo.unavailable-features on the "query-cpu-definitions"
7306      * QMP command: they list the features that would have prevented the
7307      * CPU from running if the "enforce" flag was set.
7308      */
7309     object_class_property_add(oc, "unavailable-features", "strList",
7310                               x86_cpu_get_unavailable_features,
7311                               NULL, NULL, NULL);
7312 
7313 #if !defined(CONFIG_USER_ONLY)
7314     object_class_property_add(oc, "crash-information", "GuestPanicInformation",
7315                               x86_cpu_get_crash_info_qom, NULL, NULL, NULL);
7316 #endif
7317 
7318     for (w = 0; w < FEATURE_WORDS; w++) {
7319         int bitnr;
7320         for (bitnr = 0; bitnr < 64; bitnr++) {
7321             x86_cpu_register_feature_bit_props(xcc, w, bitnr);
7322         }
7323     }
7324 }
7325 
7326 static const TypeInfo x86_cpu_type_info = {
7327     .name = TYPE_X86_CPU,
7328     .parent = TYPE_CPU,
7329     .instance_size = sizeof(X86CPU),
7330     .instance_init = x86_cpu_initfn,
7331     .instance_post_init = x86_cpu_post_initfn,
7332 
7333     .abstract = true,
7334     .class_size = sizeof(X86CPUClass),
7335     .class_init = x86_cpu_common_class_init,
7336 };
7337 
7338 /* "base" CPU model, used by query-cpu-model-expansion */
7339 static void x86_cpu_base_class_init(ObjectClass *oc, void *data)
7340 {
7341     X86CPUClass *xcc = X86_CPU_CLASS(oc);
7342 
7343     xcc->static_model = true;
7344     xcc->migration_safe = true;
7345     xcc->model_description = "base CPU model type with no features enabled";
7346     xcc->ordering = 8;
7347 }
7348 
7349 static const TypeInfo x86_base_cpu_type_info = {
7350         .name = X86_CPU_TYPE_NAME("base"),
7351         .parent = TYPE_X86_CPU,
7352         .class_init = x86_cpu_base_class_init,
7353 };
7354 
7355 static void x86_cpu_register_types(void)
7356 {
7357     int i;
7358 
7359     type_register_static(&x86_cpu_type_info);
7360     for (i = 0; i < ARRAY_SIZE(builtin_x86_defs); i++) {
7361         x86_register_cpudef_types(&builtin_x86_defs[i]);
7362     }
7363     type_register_static(&max_x86_cpu_type_info);
7364     type_register_static(&x86_base_cpu_type_info);
7365 }
7366 
7367 type_init(x86_cpu_register_types)
7368