xref: /openbmc/qemu/target/i386/cpu.c (revision 8b80bd28)
1 /*
2  *  i386 CPUID, CPU class, definitions, models
3  *
4  *  Copyright (c) 2003 Fabrice Bellard
5  *
6  * This library is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Lesser General Public
8  * License as published by the Free Software Foundation; either
9  * version 2.1 of the License, or (at your option) any later version.
10  *
11  * This library is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
14  * Lesser General Public License for more details.
15  *
16  * You should have received a copy of the GNU Lesser General Public
17  * License along with this library; if not, see <http://www.gnu.org/licenses/>.
18  */
19 
20 #include "qemu/osdep.h"
21 #include "qemu/units.h"
22 #include "qemu/cutils.h"
23 #include "qemu/qemu-print.h"
24 #include "cpu.h"
25 #include "tcg/helper-tcg.h"
26 #include "sysemu/reset.h"
27 #include "sysemu/hvf.h"
28 #include "kvm/kvm_i386.h"
29 #include "sev_i386.h"
30 #include "qapi/qapi-visit-machine.h"
31 #include "qapi/qmp/qerror.h"
32 #include "qapi/qapi-commands-machine-target.h"
33 #include "standard-headers/asm-x86/kvm_para.h"
34 #include "hw/qdev-properties.h"
35 #include "hw/i386/topology.h"
36 #ifndef CONFIG_USER_ONLY
37 #include "exec/address-spaces.h"
38 #include "hw/boards.h"
39 #endif
40 
41 #include "disas/capstone.h"
42 #include "cpu-internal.h"
43 
44 /* Helpers for building CPUID[2] descriptors: */
45 
46 struct CPUID2CacheDescriptorInfo {
47     enum CacheType type;
48     int level;
49     int size;
50     int line_size;
51     int associativity;
52 };
53 
54 /*
55  * Known CPUID 2 cache descriptors.
56  * From Intel SDM Volume 2A, CPUID instruction
57  */
58 struct CPUID2CacheDescriptorInfo cpuid2_cache_descriptors[] = {
59     [0x06] = { .level = 1, .type = INSTRUCTION_CACHE, .size =   8 * KiB,
60                .associativity = 4,  .line_size = 32, },
61     [0x08] = { .level = 1, .type = INSTRUCTION_CACHE, .size =  16 * KiB,
62                .associativity = 4,  .line_size = 32, },
63     [0x09] = { .level = 1, .type = INSTRUCTION_CACHE, .size =  32 * KiB,
64                .associativity = 4,  .line_size = 64, },
65     [0x0A] = { .level = 1, .type = DATA_CACHE,        .size =   8 * KiB,
66                .associativity = 2,  .line_size = 32, },
67     [0x0C] = { .level = 1, .type = DATA_CACHE,        .size =  16 * KiB,
68                .associativity = 4,  .line_size = 32, },
69     [0x0D] = { .level = 1, .type = DATA_CACHE,        .size =  16 * KiB,
70                .associativity = 4,  .line_size = 64, },
71     [0x0E] = { .level = 1, .type = DATA_CACHE,        .size =  24 * KiB,
72                .associativity = 6,  .line_size = 64, },
73     [0x1D] = { .level = 2, .type = UNIFIED_CACHE,     .size = 128 * KiB,
74                .associativity = 2,  .line_size = 64, },
75     [0x21] = { .level = 2, .type = UNIFIED_CACHE,     .size = 256 * KiB,
76                .associativity = 8,  .line_size = 64, },
77     /* lines per sector is not supported cpuid2_cache_descriptor(),
78     * so descriptors 0x22, 0x23 are not included
79     */
80     [0x24] = { .level = 2, .type = UNIFIED_CACHE,     .size =   1 * MiB,
81                .associativity = 16, .line_size = 64, },
82     /* lines per sector is not supported cpuid2_cache_descriptor(),
83     * so descriptors 0x25, 0x20 are not included
84     */
85     [0x2C] = { .level = 1, .type = DATA_CACHE,        .size =  32 * KiB,
86                .associativity = 8,  .line_size = 64, },
87     [0x30] = { .level = 1, .type = INSTRUCTION_CACHE, .size =  32 * KiB,
88                .associativity = 8,  .line_size = 64, },
89     [0x41] = { .level = 2, .type = UNIFIED_CACHE,     .size = 128 * KiB,
90                .associativity = 4,  .line_size = 32, },
91     [0x42] = { .level = 2, .type = UNIFIED_CACHE,     .size = 256 * KiB,
92                .associativity = 4,  .line_size = 32, },
93     [0x43] = { .level = 2, .type = UNIFIED_CACHE,     .size = 512 * KiB,
94                .associativity = 4,  .line_size = 32, },
95     [0x44] = { .level = 2, .type = UNIFIED_CACHE,     .size =   1 * MiB,
96                .associativity = 4,  .line_size = 32, },
97     [0x45] = { .level = 2, .type = UNIFIED_CACHE,     .size =   2 * MiB,
98                .associativity = 4,  .line_size = 32, },
99     [0x46] = { .level = 3, .type = UNIFIED_CACHE,     .size =   4 * MiB,
100                .associativity = 4,  .line_size = 64, },
101     [0x47] = { .level = 3, .type = UNIFIED_CACHE,     .size =   8 * MiB,
102                .associativity = 8,  .line_size = 64, },
103     [0x48] = { .level = 2, .type = UNIFIED_CACHE,     .size =   3 * MiB,
104                .associativity = 12, .line_size = 64, },
105     /* Descriptor 0x49 depends on CPU family/model, so it is not included */
106     [0x4A] = { .level = 3, .type = UNIFIED_CACHE,     .size =   6 * MiB,
107                .associativity = 12, .line_size = 64, },
108     [0x4B] = { .level = 3, .type = UNIFIED_CACHE,     .size =   8 * MiB,
109                .associativity = 16, .line_size = 64, },
110     [0x4C] = { .level = 3, .type = UNIFIED_CACHE,     .size =  12 * MiB,
111                .associativity = 12, .line_size = 64, },
112     [0x4D] = { .level = 3, .type = UNIFIED_CACHE,     .size =  16 * MiB,
113                .associativity = 16, .line_size = 64, },
114     [0x4E] = { .level = 2, .type = UNIFIED_CACHE,     .size =   6 * MiB,
115                .associativity = 24, .line_size = 64, },
116     [0x60] = { .level = 1, .type = DATA_CACHE,        .size =  16 * KiB,
117                .associativity = 8,  .line_size = 64, },
118     [0x66] = { .level = 1, .type = DATA_CACHE,        .size =   8 * KiB,
119                .associativity = 4,  .line_size = 64, },
120     [0x67] = { .level = 1, .type = DATA_CACHE,        .size =  16 * KiB,
121                .associativity = 4,  .line_size = 64, },
122     [0x68] = { .level = 1, .type = DATA_CACHE,        .size =  32 * KiB,
123                .associativity = 4,  .line_size = 64, },
124     [0x78] = { .level = 2, .type = UNIFIED_CACHE,     .size =   1 * MiB,
125                .associativity = 4,  .line_size = 64, },
126     /* lines per sector is not supported cpuid2_cache_descriptor(),
127     * so descriptors 0x79, 0x7A, 0x7B, 0x7C are not included.
128     */
129     [0x7D] = { .level = 2, .type = UNIFIED_CACHE,     .size =   2 * MiB,
130                .associativity = 8,  .line_size = 64, },
131     [0x7F] = { .level = 2, .type = UNIFIED_CACHE,     .size = 512 * KiB,
132                .associativity = 2,  .line_size = 64, },
133     [0x80] = { .level = 2, .type = UNIFIED_CACHE,     .size = 512 * KiB,
134                .associativity = 8,  .line_size = 64, },
135     [0x82] = { .level = 2, .type = UNIFIED_CACHE,     .size = 256 * KiB,
136                .associativity = 8,  .line_size = 32, },
137     [0x83] = { .level = 2, .type = UNIFIED_CACHE,     .size = 512 * KiB,
138                .associativity = 8,  .line_size = 32, },
139     [0x84] = { .level = 2, .type = UNIFIED_CACHE,     .size =   1 * MiB,
140                .associativity = 8,  .line_size = 32, },
141     [0x85] = { .level = 2, .type = UNIFIED_CACHE,     .size =   2 * MiB,
142                .associativity = 8,  .line_size = 32, },
143     [0x86] = { .level = 2, .type = UNIFIED_CACHE,     .size = 512 * KiB,
144                .associativity = 4,  .line_size = 64, },
145     [0x87] = { .level = 2, .type = UNIFIED_CACHE,     .size =   1 * MiB,
146                .associativity = 8,  .line_size = 64, },
147     [0xD0] = { .level = 3, .type = UNIFIED_CACHE,     .size = 512 * KiB,
148                .associativity = 4,  .line_size = 64, },
149     [0xD1] = { .level = 3, .type = UNIFIED_CACHE,     .size =   1 * MiB,
150                .associativity = 4,  .line_size = 64, },
151     [0xD2] = { .level = 3, .type = UNIFIED_CACHE,     .size =   2 * MiB,
152                .associativity = 4,  .line_size = 64, },
153     [0xD6] = { .level = 3, .type = UNIFIED_CACHE,     .size =   1 * MiB,
154                .associativity = 8,  .line_size = 64, },
155     [0xD7] = { .level = 3, .type = UNIFIED_CACHE,     .size =   2 * MiB,
156                .associativity = 8,  .line_size = 64, },
157     [0xD8] = { .level = 3, .type = UNIFIED_CACHE,     .size =   4 * MiB,
158                .associativity = 8,  .line_size = 64, },
159     [0xDC] = { .level = 3, .type = UNIFIED_CACHE,     .size = 1.5 * MiB,
160                .associativity = 12, .line_size = 64, },
161     [0xDD] = { .level = 3, .type = UNIFIED_CACHE,     .size =   3 * MiB,
162                .associativity = 12, .line_size = 64, },
163     [0xDE] = { .level = 3, .type = UNIFIED_CACHE,     .size =   6 * MiB,
164                .associativity = 12, .line_size = 64, },
165     [0xE2] = { .level = 3, .type = UNIFIED_CACHE,     .size =   2 * MiB,
166                .associativity = 16, .line_size = 64, },
167     [0xE3] = { .level = 3, .type = UNIFIED_CACHE,     .size =   4 * MiB,
168                .associativity = 16, .line_size = 64, },
169     [0xE4] = { .level = 3, .type = UNIFIED_CACHE,     .size =   8 * MiB,
170                .associativity = 16, .line_size = 64, },
171     [0xEA] = { .level = 3, .type = UNIFIED_CACHE,     .size =  12 * MiB,
172                .associativity = 24, .line_size = 64, },
173     [0xEB] = { .level = 3, .type = UNIFIED_CACHE,     .size =  18 * MiB,
174                .associativity = 24, .line_size = 64, },
175     [0xEC] = { .level = 3, .type = UNIFIED_CACHE,     .size =  24 * MiB,
176                .associativity = 24, .line_size = 64, },
177 };
178 
179 /*
180  * "CPUID leaf 2 does not report cache descriptor information,
181  * use CPUID leaf 4 to query cache parameters"
182  */
183 #define CACHE_DESCRIPTOR_UNAVAILABLE 0xFF
184 
185 /*
186  * Return a CPUID 2 cache descriptor for a given cache.
187  * If no known descriptor is found, return CACHE_DESCRIPTOR_UNAVAILABLE
188  */
189 static uint8_t cpuid2_cache_descriptor(CPUCacheInfo *cache)
190 {
191     int i;
192 
193     assert(cache->size > 0);
194     assert(cache->level > 0);
195     assert(cache->line_size > 0);
196     assert(cache->associativity > 0);
197     for (i = 0; i < ARRAY_SIZE(cpuid2_cache_descriptors); i++) {
198         struct CPUID2CacheDescriptorInfo *d = &cpuid2_cache_descriptors[i];
199         if (d->level == cache->level && d->type == cache->type &&
200             d->size == cache->size && d->line_size == cache->line_size &&
201             d->associativity == cache->associativity) {
202                 return i;
203             }
204     }
205 
206     return CACHE_DESCRIPTOR_UNAVAILABLE;
207 }
208 
209 /* CPUID Leaf 4 constants: */
210 
211 /* EAX: */
212 #define CACHE_TYPE_D    1
213 #define CACHE_TYPE_I    2
214 #define CACHE_TYPE_UNIFIED   3
215 
216 #define CACHE_LEVEL(l)        (l << 5)
217 
218 #define CACHE_SELF_INIT_LEVEL (1 << 8)
219 
220 /* EDX: */
221 #define CACHE_NO_INVD_SHARING   (1 << 0)
222 #define CACHE_INCLUSIVE       (1 << 1)
223 #define CACHE_COMPLEX_IDX     (1 << 2)
224 
225 /* Encode CacheType for CPUID[4].EAX */
226 #define CACHE_TYPE(t) (((t) == DATA_CACHE) ? CACHE_TYPE_D : \
227                        ((t) == INSTRUCTION_CACHE) ? CACHE_TYPE_I : \
228                        ((t) == UNIFIED_CACHE) ? CACHE_TYPE_UNIFIED : \
229                        0 /* Invalid value */)
230 
231 
232 /* Encode cache info for CPUID[4] */
233 static void encode_cache_cpuid4(CPUCacheInfo *cache,
234                                 int num_apic_ids, int num_cores,
235                                 uint32_t *eax, uint32_t *ebx,
236                                 uint32_t *ecx, uint32_t *edx)
237 {
238     assert(cache->size == cache->line_size * cache->associativity *
239                           cache->partitions * cache->sets);
240 
241     assert(num_apic_ids > 0);
242     *eax = CACHE_TYPE(cache->type) |
243            CACHE_LEVEL(cache->level) |
244            (cache->self_init ? CACHE_SELF_INIT_LEVEL : 0) |
245            ((num_cores - 1) << 26) |
246            ((num_apic_ids - 1) << 14);
247 
248     assert(cache->line_size > 0);
249     assert(cache->partitions > 0);
250     assert(cache->associativity > 0);
251     /* We don't implement fully-associative caches */
252     assert(cache->associativity < cache->sets);
253     *ebx = (cache->line_size - 1) |
254            ((cache->partitions - 1) << 12) |
255            ((cache->associativity - 1) << 22);
256 
257     assert(cache->sets > 0);
258     *ecx = cache->sets - 1;
259 
260     *edx = (cache->no_invd_sharing ? CACHE_NO_INVD_SHARING : 0) |
261            (cache->inclusive ? CACHE_INCLUSIVE : 0) |
262            (cache->complex_indexing ? CACHE_COMPLEX_IDX : 0);
263 }
264 
265 /* Encode cache info for CPUID[0x80000005].ECX or CPUID[0x80000005].EDX */
266 static uint32_t encode_cache_cpuid80000005(CPUCacheInfo *cache)
267 {
268     assert(cache->size % 1024 == 0);
269     assert(cache->lines_per_tag > 0);
270     assert(cache->associativity > 0);
271     assert(cache->line_size > 0);
272     return ((cache->size / 1024) << 24) | (cache->associativity << 16) |
273            (cache->lines_per_tag << 8) | (cache->line_size);
274 }
275 
276 #define ASSOC_FULL 0xFF
277 
278 /* AMD associativity encoding used on CPUID Leaf 0x80000006: */
279 #define AMD_ENC_ASSOC(a) (a <=   1 ? a   : \
280                           a ==   2 ? 0x2 : \
281                           a ==   4 ? 0x4 : \
282                           a ==   8 ? 0x6 : \
283                           a ==  16 ? 0x8 : \
284                           a ==  32 ? 0xA : \
285                           a ==  48 ? 0xB : \
286                           a ==  64 ? 0xC : \
287                           a ==  96 ? 0xD : \
288                           a == 128 ? 0xE : \
289                           a == ASSOC_FULL ? 0xF : \
290                           0 /* invalid value */)
291 
292 /*
293  * Encode cache info for CPUID[0x80000006].ECX and CPUID[0x80000006].EDX
294  * @l3 can be NULL.
295  */
296 static void encode_cache_cpuid80000006(CPUCacheInfo *l2,
297                                        CPUCacheInfo *l3,
298                                        uint32_t *ecx, uint32_t *edx)
299 {
300     assert(l2->size % 1024 == 0);
301     assert(l2->associativity > 0);
302     assert(l2->lines_per_tag > 0);
303     assert(l2->line_size > 0);
304     *ecx = ((l2->size / 1024) << 16) |
305            (AMD_ENC_ASSOC(l2->associativity) << 12) |
306            (l2->lines_per_tag << 8) | (l2->line_size);
307 
308     if (l3) {
309         assert(l3->size % (512 * 1024) == 0);
310         assert(l3->associativity > 0);
311         assert(l3->lines_per_tag > 0);
312         assert(l3->line_size > 0);
313         *edx = ((l3->size / (512 * 1024)) << 18) |
314                (AMD_ENC_ASSOC(l3->associativity) << 12) |
315                (l3->lines_per_tag << 8) | (l3->line_size);
316     } else {
317         *edx = 0;
318     }
319 }
320 
321 /* Encode cache info for CPUID[8000001D] */
322 static void encode_cache_cpuid8000001d(CPUCacheInfo *cache,
323                                        X86CPUTopoInfo *topo_info,
324                                        uint32_t *eax, uint32_t *ebx,
325                                        uint32_t *ecx, uint32_t *edx)
326 {
327     uint32_t l3_threads;
328     assert(cache->size == cache->line_size * cache->associativity *
329                           cache->partitions * cache->sets);
330 
331     *eax = CACHE_TYPE(cache->type) | CACHE_LEVEL(cache->level) |
332                (cache->self_init ? CACHE_SELF_INIT_LEVEL : 0);
333 
334     /* L3 is shared among multiple cores */
335     if (cache->level == 3) {
336         l3_threads = topo_info->cores_per_die * topo_info->threads_per_core;
337         *eax |= (l3_threads - 1) << 14;
338     } else {
339         *eax |= ((topo_info->threads_per_core - 1) << 14);
340     }
341 
342     assert(cache->line_size > 0);
343     assert(cache->partitions > 0);
344     assert(cache->associativity > 0);
345     /* We don't implement fully-associative caches */
346     assert(cache->associativity < cache->sets);
347     *ebx = (cache->line_size - 1) |
348            ((cache->partitions - 1) << 12) |
349            ((cache->associativity - 1) << 22);
350 
351     assert(cache->sets > 0);
352     *ecx = cache->sets - 1;
353 
354     *edx = (cache->no_invd_sharing ? CACHE_NO_INVD_SHARING : 0) |
355            (cache->inclusive ? CACHE_INCLUSIVE : 0) |
356            (cache->complex_indexing ? CACHE_COMPLEX_IDX : 0);
357 }
358 
359 /* Encode cache info for CPUID[8000001E] */
360 static void encode_topo_cpuid8000001e(X86CPU *cpu, X86CPUTopoInfo *topo_info,
361                                       uint32_t *eax, uint32_t *ebx,
362                                       uint32_t *ecx, uint32_t *edx)
363 {
364     X86CPUTopoIDs topo_ids;
365 
366     x86_topo_ids_from_apicid(cpu->apic_id, topo_info, &topo_ids);
367 
368     *eax = cpu->apic_id;
369 
370     /*
371      * CPUID_Fn8000001E_EBX [Core Identifiers] (CoreId)
372      * Read-only. Reset: 0000_XXXXh.
373      * See Core::X86::Cpuid::ExtApicId.
374      * Core::X86::Cpuid::CoreId_lthree[1:0]_core[3:0]_thread[1:0];
375      * Bits Description
376      * 31:16 Reserved.
377      * 15:8 ThreadsPerCore: threads per core. Read-only. Reset: XXh.
378      *      The number of threads per core is ThreadsPerCore+1.
379      *  7:0 CoreId: core ID. Read-only. Reset: XXh.
380      *
381      *  NOTE: CoreId is already part of apic_id. Just use it. We can
382      *  use all the 8 bits to represent the core_id here.
383      */
384     *ebx = ((topo_info->threads_per_core - 1) << 8) | (topo_ids.core_id & 0xFF);
385 
386     /*
387      * CPUID_Fn8000001E_ECX [Node Identifiers] (NodeId)
388      * Read-only. Reset: 0000_0XXXh.
389      * Core::X86::Cpuid::NodeId_lthree[1:0]_core[3:0]_thread[1:0];
390      * Bits Description
391      * 31:11 Reserved.
392      * 10:8 NodesPerProcessor: Node per processor. Read-only. Reset: XXXb.
393      *      ValidValues:
394      *      Value Description
395      *      000b  1 node per processor.
396      *      001b  2 nodes per processor.
397      *      010b Reserved.
398      *      011b 4 nodes per processor.
399      *      111b-100b Reserved.
400      *  7:0 NodeId: Node ID. Read-only. Reset: XXh.
401      *
402      * NOTE: Hardware reserves 3 bits for number of nodes per processor.
403      * But users can create more nodes than the actual hardware can
404      * support. To genaralize we can use all the upper 8 bits for nodes.
405      * NodeId is combination of node and socket_id which is already decoded
406      * in apic_id. Just use it by shifting.
407      */
408     *ecx = ((topo_info->dies_per_pkg - 1) << 8) |
409            ((cpu->apic_id >> apicid_die_offset(topo_info)) & 0xFF);
410 
411     *edx = 0;
412 }
413 
414 /*
415  * Definitions of the hardcoded cache entries we expose:
416  * These are legacy cache values. If there is a need to change any
417  * of these values please use builtin_x86_defs
418  */
419 
420 /* L1 data cache: */
421 static CPUCacheInfo legacy_l1d_cache = {
422     .type = DATA_CACHE,
423     .level = 1,
424     .size = 32 * KiB,
425     .self_init = 1,
426     .line_size = 64,
427     .associativity = 8,
428     .sets = 64,
429     .partitions = 1,
430     .no_invd_sharing = true,
431 };
432 
433 /*FIXME: CPUID leaf 0x80000005 is inconsistent with leaves 2 & 4 */
434 static CPUCacheInfo legacy_l1d_cache_amd = {
435     .type = DATA_CACHE,
436     .level = 1,
437     .size = 64 * KiB,
438     .self_init = 1,
439     .line_size = 64,
440     .associativity = 2,
441     .sets = 512,
442     .partitions = 1,
443     .lines_per_tag = 1,
444     .no_invd_sharing = true,
445 };
446 
447 /* L1 instruction cache: */
448 static CPUCacheInfo legacy_l1i_cache = {
449     .type = INSTRUCTION_CACHE,
450     .level = 1,
451     .size = 32 * KiB,
452     .self_init = 1,
453     .line_size = 64,
454     .associativity = 8,
455     .sets = 64,
456     .partitions = 1,
457     .no_invd_sharing = true,
458 };
459 
460 /*FIXME: CPUID leaf 0x80000005 is inconsistent with leaves 2 & 4 */
461 static CPUCacheInfo legacy_l1i_cache_amd = {
462     .type = INSTRUCTION_CACHE,
463     .level = 1,
464     .size = 64 * KiB,
465     .self_init = 1,
466     .line_size = 64,
467     .associativity = 2,
468     .sets = 512,
469     .partitions = 1,
470     .lines_per_tag = 1,
471     .no_invd_sharing = true,
472 };
473 
474 /* Level 2 unified cache: */
475 static CPUCacheInfo legacy_l2_cache = {
476     .type = UNIFIED_CACHE,
477     .level = 2,
478     .size = 4 * MiB,
479     .self_init = 1,
480     .line_size = 64,
481     .associativity = 16,
482     .sets = 4096,
483     .partitions = 1,
484     .no_invd_sharing = true,
485 };
486 
487 /*FIXME: CPUID leaf 2 descriptor is inconsistent with CPUID leaf 4 */
488 static CPUCacheInfo legacy_l2_cache_cpuid2 = {
489     .type = UNIFIED_CACHE,
490     .level = 2,
491     .size = 2 * MiB,
492     .line_size = 64,
493     .associativity = 8,
494 };
495 
496 
497 /*FIXME: CPUID leaf 0x80000006 is inconsistent with leaves 2 & 4 */
498 static CPUCacheInfo legacy_l2_cache_amd = {
499     .type = UNIFIED_CACHE,
500     .level = 2,
501     .size = 512 * KiB,
502     .line_size = 64,
503     .lines_per_tag = 1,
504     .associativity = 16,
505     .sets = 512,
506     .partitions = 1,
507 };
508 
509 /* Level 3 unified cache: */
510 static CPUCacheInfo legacy_l3_cache = {
511     .type = UNIFIED_CACHE,
512     .level = 3,
513     .size = 16 * MiB,
514     .line_size = 64,
515     .associativity = 16,
516     .sets = 16384,
517     .partitions = 1,
518     .lines_per_tag = 1,
519     .self_init = true,
520     .inclusive = true,
521     .complex_indexing = true,
522 };
523 
524 /* TLB definitions: */
525 
526 #define L1_DTLB_2M_ASSOC       1
527 #define L1_DTLB_2M_ENTRIES   255
528 #define L1_DTLB_4K_ASSOC       1
529 #define L1_DTLB_4K_ENTRIES   255
530 
531 #define L1_ITLB_2M_ASSOC       1
532 #define L1_ITLB_2M_ENTRIES   255
533 #define L1_ITLB_4K_ASSOC       1
534 #define L1_ITLB_4K_ENTRIES   255
535 
536 #define L2_DTLB_2M_ASSOC       0 /* disabled */
537 #define L2_DTLB_2M_ENTRIES     0 /* disabled */
538 #define L2_DTLB_4K_ASSOC       4
539 #define L2_DTLB_4K_ENTRIES   512
540 
541 #define L2_ITLB_2M_ASSOC       0 /* disabled */
542 #define L2_ITLB_2M_ENTRIES     0 /* disabled */
543 #define L2_ITLB_4K_ASSOC       4
544 #define L2_ITLB_4K_ENTRIES   512
545 
546 /* CPUID Leaf 0x14 constants: */
547 #define INTEL_PT_MAX_SUBLEAF     0x1
548 /*
549  * bit[00]: IA32_RTIT_CTL.CR3 filter can be set to 1 and IA32_RTIT_CR3_MATCH
550  *          MSR can be accessed;
551  * bit[01]: Support Configurable PSB and Cycle-Accurate Mode;
552  * bit[02]: Support IP Filtering, TraceStop filtering, and preservation
553  *          of Intel PT MSRs across warm reset;
554  * bit[03]: Support MTC timing packet and suppression of COFI-based packets;
555  */
556 #define INTEL_PT_MINIMAL_EBX     0xf
557 /*
558  * bit[00]: Tracing can be enabled with IA32_RTIT_CTL.ToPA = 1 and
559  *          IA32_RTIT_OUTPUT_BASE and IA32_RTIT_OUTPUT_MASK_PTRS MSRs can be
560  *          accessed;
561  * bit[01]: ToPA tables can hold any number of output entries, up to the
562  *          maximum allowed by the MaskOrTableOffset field of
563  *          IA32_RTIT_OUTPUT_MASK_PTRS;
564  * bit[02]: Support Single-Range Output scheme;
565  */
566 #define INTEL_PT_MINIMAL_ECX     0x7
567 /* generated packets which contain IP payloads have LIP values */
568 #define INTEL_PT_IP_LIP          (1 << 31)
569 #define INTEL_PT_ADDR_RANGES_NUM 0x2 /* Number of configurable address ranges */
570 #define INTEL_PT_ADDR_RANGES_NUM_MASK 0x3
571 #define INTEL_PT_MTC_BITMAP      (0x0249 << 16) /* Support ART(0,3,6,9) */
572 #define INTEL_PT_CYCLE_BITMAP    0x1fff         /* Support 0,2^(0~11) */
573 #define INTEL_PT_PSB_BITMAP      (0x003f << 16) /* Support 2K,4K,8K,16K,32K,64K */
574 
575 void x86_cpu_vendor_words2str(char *dst, uint32_t vendor1,
576                               uint32_t vendor2, uint32_t vendor3)
577 {
578     int i;
579     for (i = 0; i < 4; i++) {
580         dst[i] = vendor1 >> (8 * i);
581         dst[i + 4] = vendor2 >> (8 * i);
582         dst[i + 8] = vendor3 >> (8 * i);
583     }
584     dst[CPUID_VENDOR_SZ] = '\0';
585 }
586 
587 #define I486_FEATURES (CPUID_FP87 | CPUID_VME | CPUID_PSE)
588 #define PENTIUM_FEATURES (I486_FEATURES | CPUID_DE | CPUID_TSC | \
589           CPUID_MSR | CPUID_MCE | CPUID_CX8 | CPUID_MMX | CPUID_APIC)
590 #define PENTIUM2_FEATURES (PENTIUM_FEATURES | CPUID_PAE | CPUID_SEP | \
591           CPUID_MTRR | CPUID_PGE | CPUID_MCA | CPUID_CMOV | CPUID_PAT | \
592           CPUID_PSE36 | CPUID_FXSR)
593 #define PENTIUM3_FEATURES (PENTIUM2_FEATURES | CPUID_SSE)
594 #define PPRO_FEATURES (CPUID_FP87 | CPUID_DE | CPUID_PSE | CPUID_TSC | \
595           CPUID_MSR | CPUID_MCE | CPUID_CX8 | CPUID_PGE | CPUID_CMOV | \
596           CPUID_PAT | CPUID_FXSR | CPUID_MMX | CPUID_SSE | CPUID_SSE2 | \
597           CPUID_PAE | CPUID_SEP | CPUID_APIC)
598 
599 #define TCG_FEATURES (CPUID_FP87 | CPUID_PSE | CPUID_TSC | CPUID_MSR | \
600           CPUID_PAE | CPUID_MCE | CPUID_CX8 | CPUID_APIC | CPUID_SEP | \
601           CPUID_MTRR | CPUID_PGE | CPUID_MCA | CPUID_CMOV | CPUID_PAT | \
602           CPUID_PSE36 | CPUID_CLFLUSH | CPUID_ACPI | CPUID_MMX | \
603           CPUID_FXSR | CPUID_SSE | CPUID_SSE2 | CPUID_SS | CPUID_DE)
604           /* partly implemented:
605           CPUID_MTRR, CPUID_MCA, CPUID_CLFLUSH (needed for Win64) */
606           /* missing:
607           CPUID_VME, CPUID_DTS, CPUID_SS, CPUID_HT, CPUID_TM, CPUID_PBE */
608 #define TCG_EXT_FEATURES (CPUID_EXT_SSE3 | CPUID_EXT_PCLMULQDQ | \
609           CPUID_EXT_MONITOR | CPUID_EXT_SSSE3 | CPUID_EXT_CX16 | \
610           CPUID_EXT_SSE41 | CPUID_EXT_SSE42 | CPUID_EXT_POPCNT | \
611           CPUID_EXT_XSAVE | /* CPUID_EXT_OSXSAVE is dynamic */   \
612           CPUID_EXT_MOVBE | CPUID_EXT_AES | CPUID_EXT_HYPERVISOR | \
613           CPUID_EXT_RDRAND)
614           /* missing:
615           CPUID_EXT_DTES64, CPUID_EXT_DSCPL, CPUID_EXT_VMX, CPUID_EXT_SMX,
616           CPUID_EXT_EST, CPUID_EXT_TM2, CPUID_EXT_CID, CPUID_EXT_FMA,
617           CPUID_EXT_XTPR, CPUID_EXT_PDCM, CPUID_EXT_PCID, CPUID_EXT_DCA,
618           CPUID_EXT_X2APIC, CPUID_EXT_TSC_DEADLINE_TIMER, CPUID_EXT_AVX,
619           CPUID_EXT_F16C */
620 
621 #ifdef TARGET_X86_64
622 #define TCG_EXT2_X86_64_FEATURES (CPUID_EXT2_SYSCALL | CPUID_EXT2_LM)
623 #else
624 #define TCG_EXT2_X86_64_FEATURES 0
625 #endif
626 
627 #define TCG_EXT2_FEATURES ((TCG_FEATURES & CPUID_EXT2_AMD_ALIASES) | \
628           CPUID_EXT2_NX | CPUID_EXT2_MMXEXT | CPUID_EXT2_RDTSCP | \
629           CPUID_EXT2_3DNOW | CPUID_EXT2_3DNOWEXT | CPUID_EXT2_PDPE1GB | \
630           TCG_EXT2_X86_64_FEATURES)
631 #define TCG_EXT3_FEATURES (CPUID_EXT3_LAHF_LM | CPUID_EXT3_SVM | \
632           CPUID_EXT3_CR8LEG | CPUID_EXT3_ABM | CPUID_EXT3_SSE4A)
633 #define TCG_EXT4_FEATURES 0
634 #define TCG_SVM_FEATURES CPUID_SVM_NPT
635 #define TCG_KVM_FEATURES 0
636 #define TCG_7_0_EBX_FEATURES (CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_SMAP | \
637           CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ADX | \
638           CPUID_7_0_EBX_PCOMMIT | CPUID_7_0_EBX_CLFLUSHOPT |            \
639           CPUID_7_0_EBX_CLWB | CPUID_7_0_EBX_MPX | CPUID_7_0_EBX_FSGSBASE | \
640           CPUID_7_0_EBX_ERMS)
641           /* missing:
642           CPUID_7_0_EBX_HLE, CPUID_7_0_EBX_AVX2,
643           CPUID_7_0_EBX_INVPCID, CPUID_7_0_EBX_RTM,
644           CPUID_7_0_EBX_RDSEED */
645 #define TCG_7_0_ECX_FEATURES (CPUID_7_0_ECX_PKU | \
646           /* CPUID_7_0_ECX_OSPKE is dynamic */ \
647           CPUID_7_0_ECX_LA57 | CPUID_7_0_ECX_PKS)
648 #define TCG_7_0_EDX_FEATURES 0
649 #define TCG_7_1_EAX_FEATURES 0
650 #define TCG_APM_FEATURES 0
651 #define TCG_6_EAX_FEATURES CPUID_6_EAX_ARAT
652 #define TCG_XSAVE_FEATURES (CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XGETBV1)
653           /* missing:
654           CPUID_XSAVE_XSAVEC, CPUID_XSAVE_XSAVES */
655 #define TCG_14_0_ECX_FEATURES 0
656 
657 FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
658     [FEAT_1_EDX] = {
659         .type = CPUID_FEATURE_WORD,
660         .feat_names = {
661             "fpu", "vme", "de", "pse",
662             "tsc", "msr", "pae", "mce",
663             "cx8", "apic", NULL, "sep",
664             "mtrr", "pge", "mca", "cmov",
665             "pat", "pse36", "pn" /* Intel psn */, "clflush" /* Intel clfsh */,
666             NULL, "ds" /* Intel dts */, "acpi", "mmx",
667             "fxsr", "sse", "sse2", "ss",
668             "ht" /* Intel htt */, "tm", "ia64", "pbe",
669         },
670         .cpuid = {.eax = 1, .reg = R_EDX, },
671         .tcg_features = TCG_FEATURES,
672     },
673     [FEAT_1_ECX] = {
674         .type = CPUID_FEATURE_WORD,
675         .feat_names = {
676             "pni" /* Intel,AMD sse3 */, "pclmulqdq", "dtes64", "monitor",
677             "ds-cpl", "vmx", "smx", "est",
678             "tm2", "ssse3", "cid", NULL,
679             "fma", "cx16", "xtpr", "pdcm",
680             NULL, "pcid", "dca", "sse4.1",
681             "sse4.2", "x2apic", "movbe", "popcnt",
682             "tsc-deadline", "aes", "xsave", NULL /* osxsave */,
683             "avx", "f16c", "rdrand", "hypervisor",
684         },
685         .cpuid = { .eax = 1, .reg = R_ECX, },
686         .tcg_features = TCG_EXT_FEATURES,
687     },
688     /* Feature names that are already defined on feature_name[] but
689      * are set on CPUID[8000_0001].EDX on AMD CPUs don't have their
690      * names on feat_names below. They are copied automatically
691      * to features[FEAT_8000_0001_EDX] if and only if CPU vendor is AMD.
692      */
693     [FEAT_8000_0001_EDX] = {
694         .type = CPUID_FEATURE_WORD,
695         .feat_names = {
696             NULL /* fpu */, NULL /* vme */, NULL /* de */, NULL /* pse */,
697             NULL /* tsc */, NULL /* msr */, NULL /* pae */, NULL /* mce */,
698             NULL /* cx8 */, NULL /* apic */, NULL, "syscall",
699             NULL /* mtrr */, NULL /* pge */, NULL /* mca */, NULL /* cmov */,
700             NULL /* pat */, NULL /* pse36 */, NULL, NULL /* Linux mp */,
701             "nx", NULL, "mmxext", NULL /* mmx */,
702             NULL /* fxsr */, "fxsr-opt", "pdpe1gb", "rdtscp",
703             NULL, "lm", "3dnowext", "3dnow",
704         },
705         .cpuid = { .eax = 0x80000001, .reg = R_EDX, },
706         .tcg_features = TCG_EXT2_FEATURES,
707     },
708     [FEAT_8000_0001_ECX] = {
709         .type = CPUID_FEATURE_WORD,
710         .feat_names = {
711             "lahf-lm", "cmp-legacy", "svm", "extapic",
712             "cr8legacy", "abm", "sse4a", "misalignsse",
713             "3dnowprefetch", "osvw", "ibs", "xop",
714             "skinit", "wdt", NULL, "lwp",
715             "fma4", "tce", NULL, "nodeid-msr",
716             NULL, "tbm", "topoext", "perfctr-core",
717             "perfctr-nb", NULL, NULL, NULL,
718             NULL, NULL, NULL, NULL,
719         },
720         .cpuid = { .eax = 0x80000001, .reg = R_ECX, },
721         .tcg_features = TCG_EXT3_FEATURES,
722         /*
723          * TOPOEXT is always allowed but can't be enabled blindly by
724          * "-cpu host", as it requires consistent cache topology info
725          * to be provided so it doesn't confuse guests.
726          */
727         .no_autoenable_flags = CPUID_EXT3_TOPOEXT,
728     },
729     [FEAT_C000_0001_EDX] = {
730         .type = CPUID_FEATURE_WORD,
731         .feat_names = {
732             NULL, NULL, "xstore", "xstore-en",
733             NULL, NULL, "xcrypt", "xcrypt-en",
734             "ace2", "ace2-en", "phe", "phe-en",
735             "pmm", "pmm-en", NULL, NULL,
736             NULL, NULL, NULL, NULL,
737             NULL, NULL, NULL, NULL,
738             NULL, NULL, NULL, NULL,
739             NULL, NULL, NULL, NULL,
740         },
741         .cpuid = { .eax = 0xC0000001, .reg = R_EDX, },
742         .tcg_features = TCG_EXT4_FEATURES,
743     },
744     [FEAT_KVM] = {
745         .type = CPUID_FEATURE_WORD,
746         .feat_names = {
747             "kvmclock", "kvm-nopiodelay", "kvm-mmu", "kvmclock",
748             "kvm-asyncpf", "kvm-steal-time", "kvm-pv-eoi", "kvm-pv-unhalt",
749             NULL, "kvm-pv-tlb-flush", NULL, "kvm-pv-ipi",
750             "kvm-poll-control", "kvm-pv-sched-yield", "kvm-asyncpf-int", "kvm-msi-ext-dest-id",
751             NULL, NULL, NULL, NULL,
752             NULL, NULL, NULL, NULL,
753             "kvmclock-stable-bit", NULL, NULL, NULL,
754             NULL, NULL, NULL, NULL,
755         },
756         .cpuid = { .eax = KVM_CPUID_FEATURES, .reg = R_EAX, },
757         .tcg_features = TCG_KVM_FEATURES,
758     },
759     [FEAT_KVM_HINTS] = {
760         .type = CPUID_FEATURE_WORD,
761         .feat_names = {
762             "kvm-hint-dedicated", NULL, NULL, NULL,
763             NULL, NULL, NULL, NULL,
764             NULL, NULL, NULL, NULL,
765             NULL, NULL, NULL, NULL,
766             NULL, NULL, NULL, NULL,
767             NULL, NULL, NULL, NULL,
768             NULL, NULL, NULL, NULL,
769             NULL, NULL, NULL, NULL,
770         },
771         .cpuid = { .eax = KVM_CPUID_FEATURES, .reg = R_EDX, },
772         .tcg_features = TCG_KVM_FEATURES,
773         /*
774          * KVM hints aren't auto-enabled by -cpu host, they need to be
775          * explicitly enabled in the command-line.
776          */
777         .no_autoenable_flags = ~0U,
778     },
779     /*
780      * .feat_names are commented out for Hyper-V enlightenments because we
781      * don't want to have two different ways for enabling them on QEMU command
782      * line. Some features (e.g. "hyperv_time", "hyperv_vapic", ...) require
783      * enabling several feature bits simultaneously, exposing these bits
784      * individually may just confuse guests.
785      */
786     [FEAT_HYPERV_EAX] = {
787         .type = CPUID_FEATURE_WORD,
788         .feat_names = {
789             NULL /* hv_msr_vp_runtime_access */, NULL /* hv_msr_time_refcount_access */,
790             NULL /* hv_msr_synic_access */, NULL /* hv_msr_stimer_access */,
791             NULL /* hv_msr_apic_access */, NULL /* hv_msr_hypercall_access */,
792             NULL /* hv_vpindex_access */, NULL /* hv_msr_reset_access */,
793             NULL /* hv_msr_stats_access */, NULL /* hv_reftsc_access */,
794             NULL /* hv_msr_idle_access */, NULL /* hv_msr_frequency_access */,
795             NULL /* hv_msr_debug_access */, NULL /* hv_msr_reenlightenment_access */,
796             NULL, NULL,
797             NULL, NULL, NULL, NULL,
798             NULL, NULL, NULL, NULL,
799             NULL, NULL, NULL, NULL,
800             NULL, NULL, NULL, NULL,
801         },
802         .cpuid = { .eax = 0x40000003, .reg = R_EAX, },
803     },
804     [FEAT_HYPERV_EBX] = {
805         .type = CPUID_FEATURE_WORD,
806         .feat_names = {
807             NULL /* hv_create_partitions */, NULL /* hv_access_partition_id */,
808             NULL /* hv_access_memory_pool */, NULL /* hv_adjust_message_buffers */,
809             NULL /* hv_post_messages */, NULL /* hv_signal_events */,
810             NULL /* hv_create_port */, NULL /* hv_connect_port */,
811             NULL /* hv_access_stats */, NULL, NULL, NULL /* hv_debugging */,
812             NULL /* hv_cpu_power_management */, NULL /* hv_configure_profiler */,
813             NULL, NULL,
814             NULL, NULL, NULL, NULL,
815             NULL, NULL, NULL, NULL,
816             NULL, NULL, NULL, NULL,
817             NULL, NULL, NULL, NULL,
818         },
819         .cpuid = { .eax = 0x40000003, .reg = R_EBX, },
820     },
821     [FEAT_HYPERV_EDX] = {
822         .type = CPUID_FEATURE_WORD,
823         .feat_names = {
824             NULL /* hv_mwait */, NULL /* hv_guest_debugging */,
825             NULL /* hv_perf_monitor */, NULL /* hv_cpu_dynamic_part */,
826             NULL /* hv_hypercall_params_xmm */, NULL /* hv_guest_idle_state */,
827             NULL, NULL,
828             NULL, NULL, NULL /* hv_guest_crash_msr */, NULL,
829             NULL, NULL, NULL, NULL,
830             NULL, NULL, NULL, NULL,
831             NULL, NULL, NULL, NULL,
832             NULL, NULL, NULL, NULL,
833             NULL, NULL, NULL, NULL,
834         },
835         .cpuid = { .eax = 0x40000003, .reg = R_EDX, },
836     },
837     [FEAT_HV_RECOMM_EAX] = {
838         .type = CPUID_FEATURE_WORD,
839         .feat_names = {
840             NULL /* hv_recommend_pv_as_switch */,
841             NULL /* hv_recommend_pv_tlbflush_local */,
842             NULL /* hv_recommend_pv_tlbflush_remote */,
843             NULL /* hv_recommend_msr_apic_access */,
844             NULL /* hv_recommend_msr_reset */,
845             NULL /* hv_recommend_relaxed_timing */,
846             NULL /* hv_recommend_dma_remapping */,
847             NULL /* hv_recommend_int_remapping */,
848             NULL /* hv_recommend_x2apic_msrs */,
849             NULL /* hv_recommend_autoeoi_deprecation */,
850             NULL /* hv_recommend_pv_ipi */,
851             NULL /* hv_recommend_ex_hypercalls */,
852             NULL /* hv_hypervisor_is_nested */,
853             NULL /* hv_recommend_int_mbec */,
854             NULL /* hv_recommend_evmcs */,
855             NULL,
856             NULL, NULL, NULL, NULL,
857             NULL, NULL, NULL, NULL,
858             NULL, NULL, NULL, NULL,
859             NULL, NULL, NULL, NULL,
860         },
861         .cpuid = { .eax = 0x40000004, .reg = R_EAX, },
862     },
863     [FEAT_HV_NESTED_EAX] = {
864         .type = CPUID_FEATURE_WORD,
865         .cpuid = { .eax = 0x4000000A, .reg = R_EAX, },
866     },
867     [FEAT_SVM] = {
868         .type = CPUID_FEATURE_WORD,
869         .feat_names = {
870             "npt", "lbrv", "svm-lock", "nrip-save",
871             "tsc-scale", "vmcb-clean",  "flushbyasid", "decodeassists",
872             NULL, NULL, "pause-filter", NULL,
873             "pfthreshold", "avic", NULL, "v-vmsave-vmload",
874             "vgif", NULL, NULL, NULL,
875             NULL, NULL, NULL, NULL,
876             NULL, NULL, NULL, NULL,
877             "svme-addr-chk", NULL, NULL, NULL,
878         },
879         .cpuid = { .eax = 0x8000000A, .reg = R_EDX, },
880         .tcg_features = TCG_SVM_FEATURES,
881     },
882     [FEAT_7_0_EBX] = {
883         .type = CPUID_FEATURE_WORD,
884         .feat_names = {
885             "fsgsbase", "tsc-adjust", NULL, "bmi1",
886             "hle", "avx2", NULL, "smep",
887             "bmi2", "erms", "invpcid", "rtm",
888             NULL, NULL, "mpx", NULL,
889             "avx512f", "avx512dq", "rdseed", "adx",
890             "smap", "avx512ifma", "pcommit", "clflushopt",
891             "clwb", "intel-pt", "avx512pf", "avx512er",
892             "avx512cd", "sha-ni", "avx512bw", "avx512vl",
893         },
894         .cpuid = {
895             .eax = 7,
896             .needs_ecx = true, .ecx = 0,
897             .reg = R_EBX,
898         },
899         .tcg_features = TCG_7_0_EBX_FEATURES,
900     },
901     [FEAT_7_0_ECX] = {
902         .type = CPUID_FEATURE_WORD,
903         .feat_names = {
904             NULL, "avx512vbmi", "umip", "pku",
905             NULL /* ospke */, "waitpkg", "avx512vbmi2", NULL,
906             "gfni", "vaes", "vpclmulqdq", "avx512vnni",
907             "avx512bitalg", NULL, "avx512-vpopcntdq", NULL,
908             "la57", NULL, NULL, NULL,
909             NULL, NULL, "rdpid", NULL,
910             "bus-lock-detect", "cldemote", NULL, "movdiri",
911             "movdir64b", NULL, NULL, "pks",
912         },
913         .cpuid = {
914             .eax = 7,
915             .needs_ecx = true, .ecx = 0,
916             .reg = R_ECX,
917         },
918         .tcg_features = TCG_7_0_ECX_FEATURES,
919     },
920     [FEAT_7_0_EDX] = {
921         .type = CPUID_FEATURE_WORD,
922         .feat_names = {
923             NULL, NULL, "avx512-4vnniw", "avx512-4fmaps",
924             "fsrm", NULL, NULL, NULL,
925             "avx512-vp2intersect", NULL, "md-clear", NULL,
926             NULL, NULL, "serialize", NULL,
927             "tsx-ldtrk", NULL, NULL /* pconfig */, NULL,
928             NULL, NULL, NULL, "avx512-fp16",
929             NULL, NULL, "spec-ctrl", "stibp",
930             NULL, "arch-capabilities", "core-capability", "ssbd",
931         },
932         .cpuid = {
933             .eax = 7,
934             .needs_ecx = true, .ecx = 0,
935             .reg = R_EDX,
936         },
937         .tcg_features = TCG_7_0_EDX_FEATURES,
938     },
939     [FEAT_7_1_EAX] = {
940         .type = CPUID_FEATURE_WORD,
941         .feat_names = {
942             NULL, NULL, NULL, NULL,
943             NULL, "avx512-bf16", NULL, NULL,
944             NULL, NULL, NULL, NULL,
945             NULL, NULL, NULL, NULL,
946             NULL, NULL, NULL, NULL,
947             NULL, NULL, NULL, NULL,
948             NULL, NULL, NULL, NULL,
949             NULL, NULL, NULL, NULL,
950         },
951         .cpuid = {
952             .eax = 7,
953             .needs_ecx = true, .ecx = 1,
954             .reg = R_EAX,
955         },
956         .tcg_features = TCG_7_1_EAX_FEATURES,
957     },
958     [FEAT_8000_0007_EDX] = {
959         .type = CPUID_FEATURE_WORD,
960         .feat_names = {
961             NULL, NULL, NULL, NULL,
962             NULL, NULL, NULL, NULL,
963             "invtsc", NULL, NULL, NULL,
964             NULL, NULL, NULL, NULL,
965             NULL, NULL, NULL, NULL,
966             NULL, NULL, NULL, NULL,
967             NULL, NULL, NULL, NULL,
968             NULL, NULL, NULL, NULL,
969         },
970         .cpuid = { .eax = 0x80000007, .reg = R_EDX, },
971         .tcg_features = TCG_APM_FEATURES,
972         .unmigratable_flags = CPUID_APM_INVTSC,
973     },
974     [FEAT_8000_0008_EBX] = {
975         .type = CPUID_FEATURE_WORD,
976         .feat_names = {
977             "clzero", NULL, "xsaveerptr", NULL,
978             NULL, NULL, NULL, NULL,
979             NULL, "wbnoinvd", NULL, NULL,
980             "ibpb", NULL, "ibrs", "amd-stibp",
981             NULL, NULL, NULL, NULL,
982             NULL, NULL, NULL, NULL,
983             "amd-ssbd", "virt-ssbd", "amd-no-ssb", NULL,
984             NULL, NULL, NULL, NULL,
985         },
986         .cpuid = { .eax = 0x80000008, .reg = R_EBX, },
987         .tcg_features = 0,
988         .unmigratable_flags = 0,
989     },
990     [FEAT_XSAVE] = {
991         .type = CPUID_FEATURE_WORD,
992         .feat_names = {
993             "xsaveopt", "xsavec", "xgetbv1", "xsaves",
994             NULL, NULL, NULL, NULL,
995             NULL, NULL, NULL, NULL,
996             NULL, NULL, NULL, NULL,
997             NULL, NULL, NULL, NULL,
998             NULL, NULL, NULL, NULL,
999             NULL, NULL, NULL, NULL,
1000             NULL, NULL, NULL, NULL,
1001         },
1002         .cpuid = {
1003             .eax = 0xd,
1004             .needs_ecx = true, .ecx = 1,
1005             .reg = R_EAX,
1006         },
1007         .tcg_features = TCG_XSAVE_FEATURES,
1008     },
1009     [FEAT_6_EAX] = {
1010         .type = CPUID_FEATURE_WORD,
1011         .feat_names = {
1012             NULL, NULL, "arat", NULL,
1013             NULL, NULL, NULL, NULL,
1014             NULL, NULL, NULL, NULL,
1015             NULL, NULL, NULL, NULL,
1016             NULL, NULL, NULL, NULL,
1017             NULL, NULL, NULL, NULL,
1018             NULL, NULL, NULL, NULL,
1019             NULL, NULL, NULL, NULL,
1020         },
1021         .cpuid = { .eax = 6, .reg = R_EAX, },
1022         .tcg_features = TCG_6_EAX_FEATURES,
1023     },
1024     [FEAT_XSAVE_COMP_LO] = {
1025         .type = CPUID_FEATURE_WORD,
1026         .cpuid = {
1027             .eax = 0xD,
1028             .needs_ecx = true, .ecx = 0,
1029             .reg = R_EAX,
1030         },
1031         .tcg_features = ~0U,
1032         .migratable_flags = XSTATE_FP_MASK | XSTATE_SSE_MASK |
1033             XSTATE_YMM_MASK | XSTATE_BNDREGS_MASK | XSTATE_BNDCSR_MASK |
1034             XSTATE_OPMASK_MASK | XSTATE_ZMM_Hi256_MASK | XSTATE_Hi16_ZMM_MASK |
1035             XSTATE_PKRU_MASK,
1036     },
1037     [FEAT_XSAVE_COMP_HI] = {
1038         .type = CPUID_FEATURE_WORD,
1039         .cpuid = {
1040             .eax = 0xD,
1041             .needs_ecx = true, .ecx = 0,
1042             .reg = R_EDX,
1043         },
1044         .tcg_features = ~0U,
1045     },
1046     /*Below are MSR exposed features*/
1047     [FEAT_ARCH_CAPABILITIES] = {
1048         .type = MSR_FEATURE_WORD,
1049         .feat_names = {
1050             "rdctl-no", "ibrs-all", "rsba", "skip-l1dfl-vmentry",
1051             "ssb-no", "mds-no", "pschange-mc-no", "tsx-ctrl",
1052             "taa-no", NULL, NULL, NULL,
1053             NULL, NULL, NULL, NULL,
1054             NULL, NULL, NULL, NULL,
1055             NULL, NULL, NULL, NULL,
1056             NULL, NULL, NULL, NULL,
1057             NULL, NULL, NULL, NULL,
1058         },
1059         .msr = {
1060             .index = MSR_IA32_ARCH_CAPABILITIES,
1061         },
1062     },
1063     [FEAT_CORE_CAPABILITY] = {
1064         .type = MSR_FEATURE_WORD,
1065         .feat_names = {
1066             NULL, NULL, NULL, NULL,
1067             NULL, "split-lock-detect", NULL, NULL,
1068             NULL, NULL, NULL, NULL,
1069             NULL, NULL, NULL, NULL,
1070             NULL, NULL, NULL, NULL,
1071             NULL, NULL, NULL, NULL,
1072             NULL, NULL, NULL, NULL,
1073             NULL, NULL, NULL, NULL,
1074         },
1075         .msr = {
1076             .index = MSR_IA32_CORE_CAPABILITY,
1077         },
1078     },
1079     [FEAT_PERF_CAPABILITIES] = {
1080         .type = MSR_FEATURE_WORD,
1081         .feat_names = {
1082             NULL, NULL, NULL, NULL,
1083             NULL, NULL, NULL, NULL,
1084             NULL, NULL, NULL, NULL,
1085             NULL, "full-width-write", NULL, NULL,
1086             NULL, NULL, NULL, NULL,
1087             NULL, NULL, NULL, NULL,
1088             NULL, NULL, NULL, NULL,
1089             NULL, NULL, NULL, NULL,
1090         },
1091         .msr = {
1092             .index = MSR_IA32_PERF_CAPABILITIES,
1093         },
1094     },
1095 
1096     [FEAT_VMX_PROCBASED_CTLS] = {
1097         .type = MSR_FEATURE_WORD,
1098         .feat_names = {
1099             NULL, NULL, "vmx-vintr-pending", "vmx-tsc-offset",
1100             NULL, NULL, NULL, "vmx-hlt-exit",
1101             NULL, "vmx-invlpg-exit", "vmx-mwait-exit", "vmx-rdpmc-exit",
1102             "vmx-rdtsc-exit", NULL, NULL, "vmx-cr3-load-noexit",
1103             "vmx-cr3-store-noexit", NULL, NULL, "vmx-cr8-load-exit",
1104             "vmx-cr8-store-exit", "vmx-flexpriority", "vmx-vnmi-pending", "vmx-movdr-exit",
1105             "vmx-io-exit", "vmx-io-bitmap", NULL, "vmx-mtf",
1106             "vmx-msr-bitmap", "vmx-monitor-exit", "vmx-pause-exit", "vmx-secondary-ctls",
1107         },
1108         .msr = {
1109             .index = MSR_IA32_VMX_TRUE_PROCBASED_CTLS,
1110         }
1111     },
1112 
1113     [FEAT_VMX_SECONDARY_CTLS] = {
1114         .type = MSR_FEATURE_WORD,
1115         .feat_names = {
1116             "vmx-apicv-xapic", "vmx-ept", "vmx-desc-exit", "vmx-rdtscp-exit",
1117             "vmx-apicv-x2apic", "vmx-vpid", "vmx-wbinvd-exit", "vmx-unrestricted-guest",
1118             "vmx-apicv-register", "vmx-apicv-vid", "vmx-ple", "vmx-rdrand-exit",
1119             "vmx-invpcid-exit", "vmx-vmfunc", "vmx-shadow-vmcs", "vmx-encls-exit",
1120             "vmx-rdseed-exit", "vmx-pml", NULL, NULL,
1121             "vmx-xsaves", NULL, NULL, NULL,
1122             NULL, NULL, NULL, NULL,
1123             NULL, NULL, NULL, NULL,
1124         },
1125         .msr = {
1126             .index = MSR_IA32_VMX_PROCBASED_CTLS2,
1127         }
1128     },
1129 
1130     [FEAT_VMX_PINBASED_CTLS] = {
1131         .type = MSR_FEATURE_WORD,
1132         .feat_names = {
1133             "vmx-intr-exit", NULL, NULL, "vmx-nmi-exit",
1134             NULL, "vmx-vnmi", "vmx-preemption-timer", "vmx-posted-intr",
1135             NULL, NULL, NULL, NULL,
1136             NULL, NULL, NULL, NULL,
1137             NULL, NULL, NULL, NULL,
1138             NULL, NULL, NULL, NULL,
1139             NULL, NULL, NULL, NULL,
1140             NULL, NULL, NULL, NULL,
1141         },
1142         .msr = {
1143             .index = MSR_IA32_VMX_TRUE_PINBASED_CTLS,
1144         }
1145     },
1146 
1147     [FEAT_VMX_EXIT_CTLS] = {
1148         .type = MSR_FEATURE_WORD,
1149         /*
1150          * VMX_VM_EXIT_HOST_ADDR_SPACE_SIZE is copied from
1151          * the LM CPUID bit.
1152          */
1153         .feat_names = {
1154             NULL, NULL, "vmx-exit-nosave-debugctl", NULL,
1155             NULL, NULL, NULL, NULL,
1156             NULL, NULL /* vmx-exit-host-addr-space-size */, NULL, NULL,
1157             "vmx-exit-load-perf-global-ctrl", NULL, NULL, "vmx-exit-ack-intr",
1158             NULL, NULL, "vmx-exit-save-pat", "vmx-exit-load-pat",
1159             "vmx-exit-save-efer", "vmx-exit-load-efer",
1160                 "vmx-exit-save-preemption-timer", "vmx-exit-clear-bndcfgs",
1161             NULL, "vmx-exit-clear-rtit-ctl", NULL, NULL,
1162             NULL, "vmx-exit-load-pkrs", NULL, NULL,
1163         },
1164         .msr = {
1165             .index = MSR_IA32_VMX_TRUE_EXIT_CTLS,
1166         }
1167     },
1168 
1169     [FEAT_VMX_ENTRY_CTLS] = {
1170         .type = MSR_FEATURE_WORD,
1171         .feat_names = {
1172             NULL, NULL, "vmx-entry-noload-debugctl", NULL,
1173             NULL, NULL, NULL, NULL,
1174             NULL, "vmx-entry-ia32e-mode", NULL, NULL,
1175             NULL, "vmx-entry-load-perf-global-ctrl", "vmx-entry-load-pat", "vmx-entry-load-efer",
1176             "vmx-entry-load-bndcfgs", NULL, "vmx-entry-load-rtit-ctl", NULL,
1177             NULL, NULL, "vmx-entry-load-pkrs", NULL,
1178             NULL, NULL, NULL, NULL,
1179             NULL, NULL, NULL, NULL,
1180         },
1181         .msr = {
1182             .index = MSR_IA32_VMX_TRUE_ENTRY_CTLS,
1183         }
1184     },
1185 
1186     [FEAT_VMX_MISC] = {
1187         .type = MSR_FEATURE_WORD,
1188         .feat_names = {
1189             NULL, NULL, NULL, NULL,
1190             NULL, "vmx-store-lma", "vmx-activity-hlt", "vmx-activity-shutdown",
1191             "vmx-activity-wait-sipi", NULL, NULL, NULL,
1192             NULL, NULL, NULL, NULL,
1193             NULL, NULL, NULL, NULL,
1194             NULL, NULL, NULL, NULL,
1195             NULL, NULL, NULL, NULL,
1196             NULL, "vmx-vmwrite-vmexit-fields", "vmx-zero-len-inject", NULL,
1197         },
1198         .msr = {
1199             .index = MSR_IA32_VMX_MISC,
1200         }
1201     },
1202 
1203     [FEAT_VMX_EPT_VPID_CAPS] = {
1204         .type = MSR_FEATURE_WORD,
1205         .feat_names = {
1206             "vmx-ept-execonly", NULL, NULL, NULL,
1207             NULL, NULL, "vmx-page-walk-4", "vmx-page-walk-5",
1208             NULL, NULL, NULL, NULL,
1209             NULL, NULL, NULL, NULL,
1210             "vmx-ept-2mb", "vmx-ept-1gb", NULL, NULL,
1211             "vmx-invept", "vmx-eptad", "vmx-ept-advanced-exitinfo", NULL,
1212             NULL, "vmx-invept-single-context", "vmx-invept-all-context", NULL,
1213             NULL, NULL, NULL, NULL,
1214             "vmx-invvpid", NULL, NULL, NULL,
1215             NULL, NULL, NULL, NULL,
1216             "vmx-invvpid-single-addr", "vmx-invept-single-context",
1217                 "vmx-invvpid-all-context", "vmx-invept-single-context-noglobals",
1218             NULL, NULL, NULL, NULL,
1219             NULL, NULL, NULL, NULL,
1220             NULL, NULL, NULL, NULL,
1221             NULL, NULL, NULL, NULL,
1222             NULL, NULL, NULL, NULL,
1223         },
1224         .msr = {
1225             .index = MSR_IA32_VMX_EPT_VPID_CAP,
1226         }
1227     },
1228 
1229     [FEAT_VMX_BASIC] = {
1230         .type = MSR_FEATURE_WORD,
1231         .feat_names = {
1232             [54] = "vmx-ins-outs",
1233             [55] = "vmx-true-ctls",
1234         },
1235         .msr = {
1236             .index = MSR_IA32_VMX_BASIC,
1237         },
1238         /* Just to be safe - we don't support setting the MSEG version field.  */
1239         .no_autoenable_flags = MSR_VMX_BASIC_DUAL_MONITOR,
1240     },
1241 
1242     [FEAT_VMX_VMFUNC] = {
1243         .type = MSR_FEATURE_WORD,
1244         .feat_names = {
1245             [0] = "vmx-eptp-switching",
1246         },
1247         .msr = {
1248             .index = MSR_IA32_VMX_VMFUNC,
1249         }
1250     },
1251 
1252     [FEAT_14_0_ECX] = {
1253         .type = CPUID_FEATURE_WORD,
1254         .feat_names = {
1255             NULL, NULL, NULL, NULL,
1256             NULL, NULL, NULL, NULL,
1257             NULL, NULL, NULL, NULL,
1258             NULL, NULL, NULL, NULL,
1259             NULL, NULL, NULL, NULL,
1260             NULL, NULL, NULL, NULL,
1261             NULL, NULL, NULL, NULL,
1262             NULL, NULL, NULL, "intel-pt-lip",
1263         },
1264         .cpuid = {
1265             .eax = 0x14,
1266             .needs_ecx = true, .ecx = 0,
1267             .reg = R_ECX,
1268         },
1269         .tcg_features = TCG_14_0_ECX_FEATURES,
1270      },
1271 
1272 };
1273 
1274 typedef struct FeatureMask {
1275     FeatureWord index;
1276     uint64_t mask;
1277 } FeatureMask;
1278 
1279 typedef struct FeatureDep {
1280     FeatureMask from, to;
1281 } FeatureDep;
1282 
1283 static FeatureDep feature_dependencies[] = {
1284     {
1285         .from = { FEAT_7_0_EDX,             CPUID_7_0_EDX_ARCH_CAPABILITIES },
1286         .to = { FEAT_ARCH_CAPABILITIES,     ~0ull },
1287     },
1288     {
1289         .from = { FEAT_7_0_EDX,             CPUID_7_0_EDX_CORE_CAPABILITY },
1290         .to = { FEAT_CORE_CAPABILITY,       ~0ull },
1291     },
1292     {
1293         .from = { FEAT_1_ECX,             CPUID_EXT_PDCM },
1294         .to = { FEAT_PERF_CAPABILITIES,       ~0ull },
1295     },
1296     {
1297         .from = { FEAT_1_ECX,               CPUID_EXT_VMX },
1298         .to = { FEAT_VMX_PROCBASED_CTLS,    ~0ull },
1299     },
1300     {
1301         .from = { FEAT_1_ECX,               CPUID_EXT_VMX },
1302         .to = { FEAT_VMX_PINBASED_CTLS,     ~0ull },
1303     },
1304     {
1305         .from = { FEAT_1_ECX,               CPUID_EXT_VMX },
1306         .to = { FEAT_VMX_EXIT_CTLS,         ~0ull },
1307     },
1308     {
1309         .from = { FEAT_1_ECX,               CPUID_EXT_VMX },
1310         .to = { FEAT_VMX_ENTRY_CTLS,        ~0ull },
1311     },
1312     {
1313         .from = { FEAT_1_ECX,               CPUID_EXT_VMX },
1314         .to = { FEAT_VMX_MISC,              ~0ull },
1315     },
1316     {
1317         .from = { FEAT_1_ECX,               CPUID_EXT_VMX },
1318         .to = { FEAT_VMX_BASIC,             ~0ull },
1319     },
1320     {
1321         .from = { FEAT_8000_0001_EDX,       CPUID_EXT2_LM },
1322         .to = { FEAT_VMX_ENTRY_CTLS,        VMX_VM_ENTRY_IA32E_MODE },
1323     },
1324     {
1325         .from = { FEAT_VMX_PROCBASED_CTLS,  VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS },
1326         .to = { FEAT_VMX_SECONDARY_CTLS,    ~0ull },
1327     },
1328     {
1329         .from = { FEAT_XSAVE,               CPUID_XSAVE_XSAVES },
1330         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_XSAVES },
1331     },
1332     {
1333         .from = { FEAT_1_ECX,               CPUID_EXT_RDRAND },
1334         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_RDRAND_EXITING },
1335     },
1336     {
1337         .from = { FEAT_7_0_EBX,             CPUID_7_0_EBX_INVPCID },
1338         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_ENABLE_INVPCID },
1339     },
1340     {
1341         .from = { FEAT_7_0_EBX,             CPUID_7_0_EBX_RDSEED },
1342         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_RDSEED_EXITING },
1343     },
1344     {
1345         .from = { FEAT_7_0_EBX,             CPUID_7_0_EBX_INTEL_PT },
1346         .to = { FEAT_14_0_ECX,              ~0ull },
1347     },
1348     {
1349         .from = { FEAT_8000_0001_EDX,       CPUID_EXT2_RDTSCP },
1350         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_RDTSCP },
1351     },
1352     {
1353         .from = { FEAT_VMX_SECONDARY_CTLS,  VMX_SECONDARY_EXEC_ENABLE_EPT },
1354         .to = { FEAT_VMX_EPT_VPID_CAPS,     0xffffffffull },
1355     },
1356     {
1357         .from = { FEAT_VMX_SECONDARY_CTLS,  VMX_SECONDARY_EXEC_ENABLE_EPT },
1358         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST },
1359     },
1360     {
1361         .from = { FEAT_VMX_SECONDARY_CTLS,  VMX_SECONDARY_EXEC_ENABLE_VPID },
1362         .to = { FEAT_VMX_EPT_VPID_CAPS,     0xffffffffull << 32 },
1363     },
1364     {
1365         .from = { FEAT_VMX_SECONDARY_CTLS,  VMX_SECONDARY_EXEC_ENABLE_VMFUNC },
1366         .to = { FEAT_VMX_VMFUNC,            ~0ull },
1367     },
1368     {
1369         .from = { FEAT_8000_0001_ECX,       CPUID_EXT3_SVM },
1370         .to = { FEAT_SVM,                   ~0ull },
1371     },
1372 };
1373 
1374 typedef struct X86RegisterInfo32 {
1375     /* Name of register */
1376     const char *name;
1377     /* QAPI enum value register */
1378     X86CPURegister32 qapi_enum;
1379 } X86RegisterInfo32;
1380 
1381 #define REGISTER(reg) \
1382     [R_##reg] = { .name = #reg, .qapi_enum = X86_CPU_REGISTER32_##reg }
1383 static const X86RegisterInfo32 x86_reg_info_32[CPU_NB_REGS32] = {
1384     REGISTER(EAX),
1385     REGISTER(ECX),
1386     REGISTER(EDX),
1387     REGISTER(EBX),
1388     REGISTER(ESP),
1389     REGISTER(EBP),
1390     REGISTER(ESI),
1391     REGISTER(EDI),
1392 };
1393 #undef REGISTER
1394 
1395 typedef struct ExtSaveArea {
1396     uint32_t feature, bits;
1397     uint32_t offset, size;
1398 } ExtSaveArea;
1399 
1400 static const ExtSaveArea x86_ext_save_areas[] = {
1401     [XSTATE_FP_BIT] = {
1402         /* x87 FP state component is always enabled if XSAVE is supported */
1403         .feature = FEAT_1_ECX, .bits = CPUID_EXT_XSAVE,
1404         /* x87 state is in the legacy region of the XSAVE area */
1405         .offset = 0,
1406         .size = sizeof(X86LegacyXSaveArea) + sizeof(X86XSaveHeader),
1407     },
1408     [XSTATE_SSE_BIT] = {
1409         /* SSE state component is always enabled if XSAVE is supported */
1410         .feature = FEAT_1_ECX, .bits = CPUID_EXT_XSAVE,
1411         /* SSE state is in the legacy region of the XSAVE area */
1412         .offset = 0,
1413         .size = sizeof(X86LegacyXSaveArea) + sizeof(X86XSaveHeader),
1414     },
1415     [XSTATE_YMM_BIT] =
1416           { .feature = FEAT_1_ECX, .bits = CPUID_EXT_AVX,
1417             .offset = offsetof(X86XSaveArea, avx_state),
1418             .size = sizeof(XSaveAVX) },
1419     [XSTATE_BNDREGS_BIT] =
1420           { .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_MPX,
1421             .offset = offsetof(X86XSaveArea, bndreg_state),
1422             .size = sizeof(XSaveBNDREG)  },
1423     [XSTATE_BNDCSR_BIT] =
1424           { .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_MPX,
1425             .offset = offsetof(X86XSaveArea, bndcsr_state),
1426             .size = sizeof(XSaveBNDCSR)  },
1427     [XSTATE_OPMASK_BIT] =
1428           { .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_AVX512F,
1429             .offset = offsetof(X86XSaveArea, opmask_state),
1430             .size = sizeof(XSaveOpmask) },
1431     [XSTATE_ZMM_Hi256_BIT] =
1432           { .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_AVX512F,
1433             .offset = offsetof(X86XSaveArea, zmm_hi256_state),
1434             .size = sizeof(XSaveZMM_Hi256) },
1435     [XSTATE_Hi16_ZMM_BIT] =
1436           { .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_AVX512F,
1437             .offset = offsetof(X86XSaveArea, hi16_zmm_state),
1438             .size = sizeof(XSaveHi16_ZMM) },
1439     [XSTATE_PKRU_BIT] =
1440           { .feature = FEAT_7_0_ECX, .bits = CPUID_7_0_ECX_PKU,
1441             .offset = offsetof(X86XSaveArea, pkru_state),
1442             .size = sizeof(XSavePKRU) },
1443 };
1444 
1445 static uint32_t xsave_area_size(uint64_t mask)
1446 {
1447     int i;
1448     uint64_t ret = 0;
1449 
1450     for (i = 0; i < ARRAY_SIZE(x86_ext_save_areas); i++) {
1451         const ExtSaveArea *esa = &x86_ext_save_areas[i];
1452         if ((mask >> i) & 1) {
1453             ret = MAX(ret, esa->offset + esa->size);
1454         }
1455     }
1456     return ret;
1457 }
1458 
1459 static inline bool accel_uses_host_cpuid(void)
1460 {
1461     return kvm_enabled() || hvf_enabled();
1462 }
1463 
1464 static inline uint64_t x86_cpu_xsave_components(X86CPU *cpu)
1465 {
1466     return ((uint64_t)cpu->env.features[FEAT_XSAVE_COMP_HI]) << 32 |
1467            cpu->env.features[FEAT_XSAVE_COMP_LO];
1468 }
1469 
1470 /* Return name of 32-bit register, from a R_* constant */
1471 static const char *get_register_name_32(unsigned int reg)
1472 {
1473     if (reg >= CPU_NB_REGS32) {
1474         return NULL;
1475     }
1476     return x86_reg_info_32[reg].name;
1477 }
1478 
1479 /*
1480  * Returns the set of feature flags that are supported and migratable by
1481  * QEMU, for a given FeatureWord.
1482  */
1483 static uint64_t x86_cpu_get_migratable_flags(FeatureWord w)
1484 {
1485     FeatureWordInfo *wi = &feature_word_info[w];
1486     uint64_t r = 0;
1487     int i;
1488 
1489     for (i = 0; i < 64; i++) {
1490         uint64_t f = 1ULL << i;
1491 
1492         /* If the feature name is known, it is implicitly considered migratable,
1493          * unless it is explicitly set in unmigratable_flags */
1494         if ((wi->migratable_flags & f) ||
1495             (wi->feat_names[i] && !(wi->unmigratable_flags & f))) {
1496             r |= f;
1497         }
1498     }
1499     return r;
1500 }
1501 
1502 void host_cpuid(uint32_t function, uint32_t count,
1503                 uint32_t *eax, uint32_t *ebx, uint32_t *ecx, uint32_t *edx)
1504 {
1505     uint32_t vec[4];
1506 
1507 #ifdef __x86_64__
1508     asm volatile("cpuid"
1509                  : "=a"(vec[0]), "=b"(vec[1]),
1510                    "=c"(vec[2]), "=d"(vec[3])
1511                  : "0"(function), "c"(count) : "cc");
1512 #elif defined(__i386__)
1513     asm volatile("pusha \n\t"
1514                  "cpuid \n\t"
1515                  "mov %%eax, 0(%2) \n\t"
1516                  "mov %%ebx, 4(%2) \n\t"
1517                  "mov %%ecx, 8(%2) \n\t"
1518                  "mov %%edx, 12(%2) \n\t"
1519                  "popa"
1520                  : : "a"(function), "c"(count), "S"(vec)
1521                  : "memory", "cc");
1522 #else
1523     abort();
1524 #endif
1525 
1526     if (eax)
1527         *eax = vec[0];
1528     if (ebx)
1529         *ebx = vec[1];
1530     if (ecx)
1531         *ecx = vec[2];
1532     if (edx)
1533         *edx = vec[3];
1534 }
1535 
1536 /* CPU class name definitions: */
1537 
1538 /* Return type name for a given CPU model name
1539  * Caller is responsible for freeing the returned string.
1540  */
1541 static char *x86_cpu_type_name(const char *model_name)
1542 {
1543     return g_strdup_printf(X86_CPU_TYPE_NAME("%s"), model_name);
1544 }
1545 
1546 static ObjectClass *x86_cpu_class_by_name(const char *cpu_model)
1547 {
1548     g_autofree char *typename = x86_cpu_type_name(cpu_model);
1549     return object_class_by_name(typename);
1550 }
1551 
1552 static char *x86_cpu_class_get_model_name(X86CPUClass *cc)
1553 {
1554     const char *class_name = object_class_get_name(OBJECT_CLASS(cc));
1555     assert(g_str_has_suffix(class_name, X86_CPU_TYPE_SUFFIX));
1556     return g_strndup(class_name,
1557                      strlen(class_name) - strlen(X86_CPU_TYPE_SUFFIX));
1558 }
1559 
1560 typedef struct X86CPUVersionDefinition {
1561     X86CPUVersion version;
1562     const char *alias;
1563     const char *note;
1564     PropValue *props;
1565 } X86CPUVersionDefinition;
1566 
1567 /* Base definition for a CPU model */
1568 typedef struct X86CPUDefinition {
1569     const char *name;
1570     uint32_t level;
1571     uint32_t xlevel;
1572     /* vendor is zero-terminated, 12 character ASCII string */
1573     char vendor[CPUID_VENDOR_SZ + 1];
1574     int family;
1575     int model;
1576     int stepping;
1577     FeatureWordArray features;
1578     const char *model_id;
1579     CPUCaches *cache_info;
1580     /*
1581      * Definitions for alternative versions of CPU model.
1582      * List is terminated by item with version == 0.
1583      * If NULL, version 1 will be registered automatically.
1584      */
1585     const X86CPUVersionDefinition *versions;
1586     const char *deprecation_note;
1587 } X86CPUDefinition;
1588 
1589 /* Reference to a specific CPU model version */
1590 struct X86CPUModel {
1591     /* Base CPU definition */
1592     X86CPUDefinition *cpudef;
1593     /* CPU model version */
1594     X86CPUVersion version;
1595     const char *note;
1596     /*
1597      * If true, this is an alias CPU model.
1598      * This matters only for "-cpu help" and query-cpu-definitions
1599      */
1600     bool is_alias;
1601 };
1602 
1603 /* Get full model name for CPU version */
1604 static char *x86_cpu_versioned_model_name(X86CPUDefinition *cpudef,
1605                                           X86CPUVersion version)
1606 {
1607     assert(version > 0);
1608     return g_strdup_printf("%s-v%d", cpudef->name, (int)version);
1609 }
1610 
1611 static const X86CPUVersionDefinition *x86_cpu_def_get_versions(X86CPUDefinition *def)
1612 {
1613     /* When X86CPUDefinition::versions is NULL, we register only v1 */
1614     static const X86CPUVersionDefinition default_version_list[] = {
1615         { 1 },
1616         { /* end of list */ }
1617     };
1618 
1619     return def->versions ?: default_version_list;
1620 }
1621 
1622 static CPUCaches epyc_cache_info = {
1623     .l1d_cache = &(CPUCacheInfo) {
1624         .type = DATA_CACHE,
1625         .level = 1,
1626         .size = 32 * KiB,
1627         .line_size = 64,
1628         .associativity = 8,
1629         .partitions = 1,
1630         .sets = 64,
1631         .lines_per_tag = 1,
1632         .self_init = 1,
1633         .no_invd_sharing = true,
1634     },
1635     .l1i_cache = &(CPUCacheInfo) {
1636         .type = INSTRUCTION_CACHE,
1637         .level = 1,
1638         .size = 64 * KiB,
1639         .line_size = 64,
1640         .associativity = 4,
1641         .partitions = 1,
1642         .sets = 256,
1643         .lines_per_tag = 1,
1644         .self_init = 1,
1645         .no_invd_sharing = true,
1646     },
1647     .l2_cache = &(CPUCacheInfo) {
1648         .type = UNIFIED_CACHE,
1649         .level = 2,
1650         .size = 512 * KiB,
1651         .line_size = 64,
1652         .associativity = 8,
1653         .partitions = 1,
1654         .sets = 1024,
1655         .lines_per_tag = 1,
1656     },
1657     .l3_cache = &(CPUCacheInfo) {
1658         .type = UNIFIED_CACHE,
1659         .level = 3,
1660         .size = 8 * MiB,
1661         .line_size = 64,
1662         .associativity = 16,
1663         .partitions = 1,
1664         .sets = 8192,
1665         .lines_per_tag = 1,
1666         .self_init = true,
1667         .inclusive = true,
1668         .complex_indexing = true,
1669     },
1670 };
1671 
1672 static CPUCaches epyc_rome_cache_info = {
1673     .l1d_cache = &(CPUCacheInfo) {
1674         .type = DATA_CACHE,
1675         .level = 1,
1676         .size = 32 * KiB,
1677         .line_size = 64,
1678         .associativity = 8,
1679         .partitions = 1,
1680         .sets = 64,
1681         .lines_per_tag = 1,
1682         .self_init = 1,
1683         .no_invd_sharing = true,
1684     },
1685     .l1i_cache = &(CPUCacheInfo) {
1686         .type = INSTRUCTION_CACHE,
1687         .level = 1,
1688         .size = 32 * KiB,
1689         .line_size = 64,
1690         .associativity = 8,
1691         .partitions = 1,
1692         .sets = 64,
1693         .lines_per_tag = 1,
1694         .self_init = 1,
1695         .no_invd_sharing = true,
1696     },
1697     .l2_cache = &(CPUCacheInfo) {
1698         .type = UNIFIED_CACHE,
1699         .level = 2,
1700         .size = 512 * KiB,
1701         .line_size = 64,
1702         .associativity = 8,
1703         .partitions = 1,
1704         .sets = 1024,
1705         .lines_per_tag = 1,
1706     },
1707     .l3_cache = &(CPUCacheInfo) {
1708         .type = UNIFIED_CACHE,
1709         .level = 3,
1710         .size = 16 * MiB,
1711         .line_size = 64,
1712         .associativity = 16,
1713         .partitions = 1,
1714         .sets = 16384,
1715         .lines_per_tag = 1,
1716         .self_init = true,
1717         .inclusive = true,
1718         .complex_indexing = true,
1719     },
1720 };
1721 
1722 static CPUCaches epyc_milan_cache_info = {
1723     .l1d_cache = &(CPUCacheInfo) {
1724         .type = DATA_CACHE,
1725         .level = 1,
1726         .size = 32 * KiB,
1727         .line_size = 64,
1728         .associativity = 8,
1729         .partitions = 1,
1730         .sets = 64,
1731         .lines_per_tag = 1,
1732         .self_init = 1,
1733         .no_invd_sharing = true,
1734     },
1735     .l1i_cache = &(CPUCacheInfo) {
1736         .type = INSTRUCTION_CACHE,
1737         .level = 1,
1738         .size = 32 * KiB,
1739         .line_size = 64,
1740         .associativity = 8,
1741         .partitions = 1,
1742         .sets = 64,
1743         .lines_per_tag = 1,
1744         .self_init = 1,
1745         .no_invd_sharing = true,
1746     },
1747     .l2_cache = &(CPUCacheInfo) {
1748         .type = UNIFIED_CACHE,
1749         .level = 2,
1750         .size = 512 * KiB,
1751         .line_size = 64,
1752         .associativity = 8,
1753         .partitions = 1,
1754         .sets = 1024,
1755         .lines_per_tag = 1,
1756     },
1757     .l3_cache = &(CPUCacheInfo) {
1758         .type = UNIFIED_CACHE,
1759         .level = 3,
1760         .size = 32 * MiB,
1761         .line_size = 64,
1762         .associativity = 16,
1763         .partitions = 1,
1764         .sets = 32768,
1765         .lines_per_tag = 1,
1766         .self_init = true,
1767         .inclusive = true,
1768         .complex_indexing = true,
1769     },
1770 };
1771 
1772 /* The following VMX features are not supported by KVM and are left out in the
1773  * CPU definitions:
1774  *
1775  *  Dual-monitor support (all processors)
1776  *  Entry to SMM
1777  *  Deactivate dual-monitor treatment
1778  *  Number of CR3-target values
1779  *  Shutdown activity state
1780  *  Wait-for-SIPI activity state
1781  *  PAUSE-loop exiting (Westmere and newer)
1782  *  EPT-violation #VE (Broadwell and newer)
1783  *  Inject event with insn length=0 (Skylake and newer)
1784  *  Conceal non-root operation from PT
1785  *  Conceal VM exits from PT
1786  *  Conceal VM entries from PT
1787  *  Enable ENCLS exiting
1788  *  Mode-based execute control (XS/XU)
1789  s  TSC scaling (Skylake Server and newer)
1790  *  GPA translation for PT (IceLake and newer)
1791  *  User wait and pause
1792  *  ENCLV exiting
1793  *  Load IA32_RTIT_CTL
1794  *  Clear IA32_RTIT_CTL
1795  *  Advanced VM-exit information for EPT violations
1796  *  Sub-page write permissions
1797  *  PT in VMX operation
1798  */
1799 
1800 static X86CPUDefinition builtin_x86_defs[] = {
1801     {
1802         .name = "qemu64",
1803         .level = 0xd,
1804         .vendor = CPUID_VENDOR_AMD,
1805         .family = 6,
1806         .model = 6,
1807         .stepping = 3,
1808         .features[FEAT_1_EDX] =
1809             PPRO_FEATURES |
1810             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA |
1811             CPUID_PSE36,
1812         .features[FEAT_1_ECX] =
1813             CPUID_EXT_SSE3 | CPUID_EXT_CX16,
1814         .features[FEAT_8000_0001_EDX] =
1815             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX,
1816         .features[FEAT_8000_0001_ECX] =
1817             CPUID_EXT3_LAHF_LM | CPUID_EXT3_SVM,
1818         .xlevel = 0x8000000A,
1819         .model_id = "QEMU Virtual CPU version " QEMU_HW_VERSION,
1820     },
1821     {
1822         .name = "phenom",
1823         .level = 5,
1824         .vendor = CPUID_VENDOR_AMD,
1825         .family = 16,
1826         .model = 2,
1827         .stepping = 3,
1828         /* Missing: CPUID_HT */
1829         .features[FEAT_1_EDX] =
1830             PPRO_FEATURES |
1831             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA |
1832             CPUID_PSE36 | CPUID_VME,
1833         .features[FEAT_1_ECX] =
1834             CPUID_EXT_SSE3 | CPUID_EXT_MONITOR | CPUID_EXT_CX16 |
1835             CPUID_EXT_POPCNT,
1836         .features[FEAT_8000_0001_EDX] =
1837             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX |
1838             CPUID_EXT2_3DNOW | CPUID_EXT2_3DNOWEXT | CPUID_EXT2_MMXEXT |
1839             CPUID_EXT2_FFXSR | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP,
1840         /* Missing: CPUID_EXT3_CMP_LEG, CPUID_EXT3_EXTAPIC,
1841                     CPUID_EXT3_CR8LEG,
1842                     CPUID_EXT3_MISALIGNSSE, CPUID_EXT3_3DNOWPREFETCH,
1843                     CPUID_EXT3_OSVW, CPUID_EXT3_IBS */
1844         .features[FEAT_8000_0001_ECX] =
1845             CPUID_EXT3_LAHF_LM | CPUID_EXT3_SVM |
1846             CPUID_EXT3_ABM | CPUID_EXT3_SSE4A,
1847         /* Missing: CPUID_SVM_LBRV */
1848         .features[FEAT_SVM] =
1849             CPUID_SVM_NPT,
1850         .xlevel = 0x8000001A,
1851         .model_id = "AMD Phenom(tm) 9550 Quad-Core Processor"
1852     },
1853     {
1854         .name = "core2duo",
1855         .level = 10,
1856         .vendor = CPUID_VENDOR_INTEL,
1857         .family = 6,
1858         .model = 15,
1859         .stepping = 11,
1860         /* Missing: CPUID_DTS, CPUID_HT, CPUID_TM, CPUID_PBE */
1861         .features[FEAT_1_EDX] =
1862             PPRO_FEATURES |
1863             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA |
1864             CPUID_PSE36 | CPUID_VME | CPUID_ACPI | CPUID_SS,
1865         /* Missing: CPUID_EXT_DTES64, CPUID_EXT_DSCPL, CPUID_EXT_EST,
1866          * CPUID_EXT_TM2, CPUID_EXT_XTPR, CPUID_EXT_PDCM, CPUID_EXT_VMX */
1867         .features[FEAT_1_ECX] =
1868             CPUID_EXT_SSE3 | CPUID_EXT_MONITOR | CPUID_EXT_SSSE3 |
1869             CPUID_EXT_CX16,
1870         .features[FEAT_8000_0001_EDX] =
1871             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX,
1872         .features[FEAT_8000_0001_ECX] =
1873             CPUID_EXT3_LAHF_LM,
1874         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS,
1875         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE,
1876         .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT,
1877         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
1878         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
1879              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS,
1880         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
1881              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
1882              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
1883              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
1884              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
1885              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
1886              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
1887              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
1888              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
1889              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
1890         .features[FEAT_VMX_SECONDARY_CTLS] =
1891              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES,
1892         .xlevel = 0x80000008,
1893         .model_id = "Intel(R) Core(TM)2 Duo CPU     T7700  @ 2.40GHz",
1894     },
1895     {
1896         .name = "kvm64",
1897         .level = 0xd,
1898         .vendor = CPUID_VENDOR_INTEL,
1899         .family = 15,
1900         .model = 6,
1901         .stepping = 1,
1902         /* Missing: CPUID_HT */
1903         .features[FEAT_1_EDX] =
1904             PPRO_FEATURES | CPUID_VME |
1905             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA |
1906             CPUID_PSE36,
1907         /* Missing: CPUID_EXT_POPCNT, CPUID_EXT_MONITOR */
1908         .features[FEAT_1_ECX] =
1909             CPUID_EXT_SSE3 | CPUID_EXT_CX16,
1910         /* Missing: CPUID_EXT2_PDPE1GB, CPUID_EXT2_RDTSCP */
1911         .features[FEAT_8000_0001_EDX] =
1912             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX,
1913         /* Missing: CPUID_EXT3_LAHF_LM, CPUID_EXT3_CMP_LEG, CPUID_EXT3_EXTAPIC,
1914                     CPUID_EXT3_CR8LEG, CPUID_EXT3_ABM, CPUID_EXT3_SSE4A,
1915                     CPUID_EXT3_MISALIGNSSE, CPUID_EXT3_3DNOWPREFETCH,
1916                     CPUID_EXT3_OSVW, CPUID_EXT3_IBS, CPUID_EXT3_SVM */
1917         .features[FEAT_8000_0001_ECX] =
1918             0,
1919         /* VMX features from Cedar Mill/Prescott */
1920         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE,
1921         .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT,
1922         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
1923         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
1924              VMX_PIN_BASED_NMI_EXITING,
1925         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
1926              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
1927              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
1928              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
1929              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
1930              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
1931              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
1932              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING,
1933         .xlevel = 0x80000008,
1934         .model_id = "Common KVM processor"
1935     },
1936     {
1937         .name = "qemu32",
1938         .level = 4,
1939         .vendor = CPUID_VENDOR_INTEL,
1940         .family = 6,
1941         .model = 6,
1942         .stepping = 3,
1943         .features[FEAT_1_EDX] =
1944             PPRO_FEATURES,
1945         .features[FEAT_1_ECX] =
1946             CPUID_EXT_SSE3,
1947         .xlevel = 0x80000004,
1948         .model_id = "QEMU Virtual CPU version " QEMU_HW_VERSION,
1949     },
1950     {
1951         .name = "kvm32",
1952         .level = 5,
1953         .vendor = CPUID_VENDOR_INTEL,
1954         .family = 15,
1955         .model = 6,
1956         .stepping = 1,
1957         .features[FEAT_1_EDX] =
1958             PPRO_FEATURES | CPUID_VME |
1959             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA | CPUID_PSE36,
1960         .features[FEAT_1_ECX] =
1961             CPUID_EXT_SSE3,
1962         .features[FEAT_8000_0001_ECX] =
1963             0,
1964         /* VMX features from Yonah */
1965         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE,
1966         .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT,
1967         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
1968         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
1969              VMX_PIN_BASED_NMI_EXITING,
1970         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
1971              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
1972              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
1973              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
1974              VMX_CPU_BASED_MOV_DR_EXITING | VMX_CPU_BASED_UNCOND_IO_EXITING |
1975              VMX_CPU_BASED_USE_IO_BITMAPS | VMX_CPU_BASED_MONITOR_EXITING |
1976              VMX_CPU_BASED_PAUSE_EXITING | VMX_CPU_BASED_USE_MSR_BITMAPS,
1977         .xlevel = 0x80000008,
1978         .model_id = "Common 32-bit KVM processor"
1979     },
1980     {
1981         .name = "coreduo",
1982         .level = 10,
1983         .vendor = CPUID_VENDOR_INTEL,
1984         .family = 6,
1985         .model = 14,
1986         .stepping = 8,
1987         /* Missing: CPUID_DTS, CPUID_HT, CPUID_TM, CPUID_PBE */
1988         .features[FEAT_1_EDX] =
1989             PPRO_FEATURES | CPUID_VME |
1990             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA | CPUID_ACPI |
1991             CPUID_SS,
1992         /* Missing: CPUID_EXT_EST, CPUID_EXT_TM2 , CPUID_EXT_XTPR,
1993          * CPUID_EXT_PDCM, CPUID_EXT_VMX */
1994         .features[FEAT_1_ECX] =
1995             CPUID_EXT_SSE3 | CPUID_EXT_MONITOR,
1996         .features[FEAT_8000_0001_EDX] =
1997             CPUID_EXT2_NX,
1998         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE,
1999         .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT,
2000         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
2001         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2002              VMX_PIN_BASED_NMI_EXITING,
2003         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2004              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2005              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2006              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2007              VMX_CPU_BASED_MOV_DR_EXITING | VMX_CPU_BASED_UNCOND_IO_EXITING |
2008              VMX_CPU_BASED_USE_IO_BITMAPS | VMX_CPU_BASED_MONITOR_EXITING |
2009              VMX_CPU_BASED_PAUSE_EXITING | VMX_CPU_BASED_USE_MSR_BITMAPS,
2010         .xlevel = 0x80000008,
2011         .model_id = "Genuine Intel(R) CPU           T2600  @ 2.16GHz",
2012     },
2013     {
2014         .name = "486",
2015         .level = 1,
2016         .vendor = CPUID_VENDOR_INTEL,
2017         .family = 4,
2018         .model = 8,
2019         .stepping = 0,
2020         .features[FEAT_1_EDX] =
2021             I486_FEATURES,
2022         .xlevel = 0,
2023         .model_id = "",
2024     },
2025     {
2026         .name = "pentium",
2027         .level = 1,
2028         .vendor = CPUID_VENDOR_INTEL,
2029         .family = 5,
2030         .model = 4,
2031         .stepping = 3,
2032         .features[FEAT_1_EDX] =
2033             PENTIUM_FEATURES,
2034         .xlevel = 0,
2035         .model_id = "",
2036     },
2037     {
2038         .name = "pentium2",
2039         .level = 2,
2040         .vendor = CPUID_VENDOR_INTEL,
2041         .family = 6,
2042         .model = 5,
2043         .stepping = 2,
2044         .features[FEAT_1_EDX] =
2045             PENTIUM2_FEATURES,
2046         .xlevel = 0,
2047         .model_id = "",
2048     },
2049     {
2050         .name = "pentium3",
2051         .level = 3,
2052         .vendor = CPUID_VENDOR_INTEL,
2053         .family = 6,
2054         .model = 7,
2055         .stepping = 3,
2056         .features[FEAT_1_EDX] =
2057             PENTIUM3_FEATURES,
2058         .xlevel = 0,
2059         .model_id = "",
2060     },
2061     {
2062         .name = "athlon",
2063         .level = 2,
2064         .vendor = CPUID_VENDOR_AMD,
2065         .family = 6,
2066         .model = 2,
2067         .stepping = 3,
2068         .features[FEAT_1_EDX] =
2069             PPRO_FEATURES | CPUID_PSE36 | CPUID_VME | CPUID_MTRR |
2070             CPUID_MCA,
2071         .features[FEAT_8000_0001_EDX] =
2072             CPUID_EXT2_MMXEXT | CPUID_EXT2_3DNOW | CPUID_EXT2_3DNOWEXT,
2073         .xlevel = 0x80000008,
2074         .model_id = "QEMU Virtual CPU version " QEMU_HW_VERSION,
2075     },
2076     {
2077         .name = "n270",
2078         .level = 10,
2079         .vendor = CPUID_VENDOR_INTEL,
2080         .family = 6,
2081         .model = 28,
2082         .stepping = 2,
2083         /* Missing: CPUID_DTS, CPUID_HT, CPUID_TM, CPUID_PBE */
2084         .features[FEAT_1_EDX] =
2085             PPRO_FEATURES |
2086             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA | CPUID_VME |
2087             CPUID_ACPI | CPUID_SS,
2088             /* Some CPUs got no CPUID_SEP */
2089         /* Missing: CPUID_EXT_DSCPL, CPUID_EXT_EST, CPUID_EXT_TM2,
2090          * CPUID_EXT_XTPR */
2091         .features[FEAT_1_ECX] =
2092             CPUID_EXT_SSE3 | CPUID_EXT_MONITOR | CPUID_EXT_SSSE3 |
2093             CPUID_EXT_MOVBE,
2094         .features[FEAT_8000_0001_EDX] =
2095             CPUID_EXT2_NX,
2096         .features[FEAT_8000_0001_ECX] =
2097             CPUID_EXT3_LAHF_LM,
2098         .xlevel = 0x80000008,
2099         .model_id = "Intel(R) Atom(TM) CPU N270   @ 1.60GHz",
2100     },
2101     {
2102         .name = "Conroe",
2103         .level = 10,
2104         .vendor = CPUID_VENDOR_INTEL,
2105         .family = 6,
2106         .model = 15,
2107         .stepping = 3,
2108         .features[FEAT_1_EDX] =
2109             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2110             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2111             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2112             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2113             CPUID_DE | CPUID_FP87,
2114         .features[FEAT_1_ECX] =
2115             CPUID_EXT_SSSE3 | CPUID_EXT_SSE3,
2116         .features[FEAT_8000_0001_EDX] =
2117             CPUID_EXT2_LM | CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
2118         .features[FEAT_8000_0001_ECX] =
2119             CPUID_EXT3_LAHF_LM,
2120         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS,
2121         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE,
2122         .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT,
2123         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
2124         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2125              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS,
2126         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2127              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2128              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2129              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2130              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2131              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2132              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2133              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2134              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2135              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2136         .features[FEAT_VMX_SECONDARY_CTLS] =
2137              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES,
2138         .xlevel = 0x80000008,
2139         .model_id = "Intel Celeron_4x0 (Conroe/Merom Class Core 2)",
2140     },
2141     {
2142         .name = "Penryn",
2143         .level = 10,
2144         .vendor = CPUID_VENDOR_INTEL,
2145         .family = 6,
2146         .model = 23,
2147         .stepping = 3,
2148         .features[FEAT_1_EDX] =
2149             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2150             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2151             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2152             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2153             CPUID_DE | CPUID_FP87,
2154         .features[FEAT_1_ECX] =
2155             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
2156             CPUID_EXT_SSE3,
2157         .features[FEAT_8000_0001_EDX] =
2158             CPUID_EXT2_LM | CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
2159         .features[FEAT_8000_0001_ECX] =
2160             CPUID_EXT3_LAHF_LM,
2161         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS,
2162         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2163              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL,
2164         .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT |
2165              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL,
2166         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
2167         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2168              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS,
2169         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2170              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2171              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2172              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2173              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2174              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2175              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2176              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2177              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2178              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2179         .features[FEAT_VMX_SECONDARY_CTLS] =
2180              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2181              VMX_SECONDARY_EXEC_WBINVD_EXITING,
2182         .xlevel = 0x80000008,
2183         .model_id = "Intel Core 2 Duo P9xxx (Penryn Class Core 2)",
2184     },
2185     {
2186         .name = "Nehalem",
2187         .level = 11,
2188         .vendor = CPUID_VENDOR_INTEL,
2189         .family = 6,
2190         .model = 26,
2191         .stepping = 3,
2192         .features[FEAT_1_EDX] =
2193             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2194             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2195             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2196             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2197             CPUID_DE | CPUID_FP87,
2198         .features[FEAT_1_ECX] =
2199             CPUID_EXT_POPCNT | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
2200             CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | CPUID_EXT_SSE3,
2201         .features[FEAT_8000_0001_EDX] =
2202             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX,
2203         .features[FEAT_8000_0001_ECX] =
2204             CPUID_EXT3_LAHF_LM,
2205         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2206              MSR_VMX_BASIC_TRUE_CTLS,
2207         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2208              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2209              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2210         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2211              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2212              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2213              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2214              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2215              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2216              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS,
2217         .features[FEAT_VMX_EXIT_CTLS] =
2218              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2219              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2220              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2221              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2222              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2223         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
2224         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2225              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2226              VMX_PIN_BASED_VMX_PREEMPTION_TIMER,
2227         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2228              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2229              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2230              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2231              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2232              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2233              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2234              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2235              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2236              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2237              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2238              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2239         .features[FEAT_VMX_SECONDARY_CTLS] =
2240              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2241              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2242              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2243              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
2244              VMX_SECONDARY_EXEC_ENABLE_VPID,
2245         .xlevel = 0x80000008,
2246         .model_id = "Intel Core i7 9xx (Nehalem Class Core i7)",
2247         .versions = (X86CPUVersionDefinition[]) {
2248             { .version = 1 },
2249             {
2250                 .version = 2,
2251                 .alias = "Nehalem-IBRS",
2252                 .props = (PropValue[]) {
2253                     { "spec-ctrl", "on" },
2254                     { "model-id",
2255                       "Intel Core i7 9xx (Nehalem Core i7, IBRS update)" },
2256                     { /* end of list */ }
2257                 }
2258             },
2259             { /* end of list */ }
2260         }
2261     },
2262     {
2263         .name = "Westmere",
2264         .level = 11,
2265         .vendor = CPUID_VENDOR_INTEL,
2266         .family = 6,
2267         .model = 44,
2268         .stepping = 1,
2269         .features[FEAT_1_EDX] =
2270             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2271             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2272             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2273             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2274             CPUID_DE | CPUID_FP87,
2275         .features[FEAT_1_ECX] =
2276             CPUID_EXT_AES | CPUID_EXT_POPCNT | CPUID_EXT_SSE42 |
2277             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
2278             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3,
2279         .features[FEAT_8000_0001_EDX] =
2280             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX,
2281         .features[FEAT_8000_0001_ECX] =
2282             CPUID_EXT3_LAHF_LM,
2283         .features[FEAT_6_EAX] =
2284             CPUID_6_EAX_ARAT,
2285         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2286              MSR_VMX_BASIC_TRUE_CTLS,
2287         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2288              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2289              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2290         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2291              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2292              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2293              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2294              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2295              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2296              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS,
2297         .features[FEAT_VMX_EXIT_CTLS] =
2298              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2299              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2300              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2301              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2302              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2303         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
2304              MSR_VMX_MISC_STORE_LMA,
2305         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2306              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2307              VMX_PIN_BASED_VMX_PREEMPTION_TIMER,
2308         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2309              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2310              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2311              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2312              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2313              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2314              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2315              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2316              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2317              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2318              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2319              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2320         .features[FEAT_VMX_SECONDARY_CTLS] =
2321              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2322              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2323              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2324              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
2325              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST,
2326         .xlevel = 0x80000008,
2327         .model_id = "Westmere E56xx/L56xx/X56xx (Nehalem-C)",
2328         .versions = (X86CPUVersionDefinition[]) {
2329             { .version = 1 },
2330             {
2331                 .version = 2,
2332                 .alias = "Westmere-IBRS",
2333                 .props = (PropValue[]) {
2334                     { "spec-ctrl", "on" },
2335                     { "model-id",
2336                       "Westmere E56xx/L56xx/X56xx (IBRS update)" },
2337                     { /* end of list */ }
2338                 }
2339             },
2340             { /* end of list */ }
2341         }
2342     },
2343     {
2344         .name = "SandyBridge",
2345         .level = 0xd,
2346         .vendor = CPUID_VENDOR_INTEL,
2347         .family = 6,
2348         .model = 42,
2349         .stepping = 1,
2350         .features[FEAT_1_EDX] =
2351             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2352             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2353             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2354             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2355             CPUID_DE | CPUID_FP87,
2356         .features[FEAT_1_ECX] =
2357             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
2358             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_POPCNT |
2359             CPUID_EXT_X2APIC | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
2360             CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | CPUID_EXT_PCLMULQDQ |
2361             CPUID_EXT_SSE3,
2362         .features[FEAT_8000_0001_EDX] =
2363             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
2364             CPUID_EXT2_SYSCALL,
2365         .features[FEAT_8000_0001_ECX] =
2366             CPUID_EXT3_LAHF_LM,
2367         .features[FEAT_XSAVE] =
2368             CPUID_XSAVE_XSAVEOPT,
2369         .features[FEAT_6_EAX] =
2370             CPUID_6_EAX_ARAT,
2371         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2372              MSR_VMX_BASIC_TRUE_CTLS,
2373         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2374              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2375              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2376         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2377              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2378              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2379              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2380              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2381              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2382              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS,
2383         .features[FEAT_VMX_EXIT_CTLS] =
2384              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2385              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2386              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2387              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2388              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2389         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
2390              MSR_VMX_MISC_STORE_LMA,
2391         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2392              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2393              VMX_PIN_BASED_VMX_PREEMPTION_TIMER,
2394         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2395              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2396              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2397              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2398              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2399              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2400              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2401              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2402              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2403              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2404              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2405              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2406         .features[FEAT_VMX_SECONDARY_CTLS] =
2407              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2408              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2409              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2410              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
2411              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST,
2412         .xlevel = 0x80000008,
2413         .model_id = "Intel Xeon E312xx (Sandy Bridge)",
2414         .versions = (X86CPUVersionDefinition[]) {
2415             { .version = 1 },
2416             {
2417                 .version = 2,
2418                 .alias = "SandyBridge-IBRS",
2419                 .props = (PropValue[]) {
2420                     { "spec-ctrl", "on" },
2421                     { "model-id",
2422                       "Intel Xeon E312xx (Sandy Bridge, IBRS update)" },
2423                     { /* end of list */ }
2424                 }
2425             },
2426             { /* end of list */ }
2427         }
2428     },
2429     {
2430         .name = "IvyBridge",
2431         .level = 0xd,
2432         .vendor = CPUID_VENDOR_INTEL,
2433         .family = 6,
2434         .model = 58,
2435         .stepping = 9,
2436         .features[FEAT_1_EDX] =
2437             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2438             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2439             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2440             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2441             CPUID_DE | CPUID_FP87,
2442         .features[FEAT_1_ECX] =
2443             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
2444             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_POPCNT |
2445             CPUID_EXT_X2APIC | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
2446             CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | CPUID_EXT_PCLMULQDQ |
2447             CPUID_EXT_SSE3 | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
2448         .features[FEAT_7_0_EBX] =
2449             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_SMEP |
2450             CPUID_7_0_EBX_ERMS,
2451         .features[FEAT_8000_0001_EDX] =
2452             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
2453             CPUID_EXT2_SYSCALL,
2454         .features[FEAT_8000_0001_ECX] =
2455             CPUID_EXT3_LAHF_LM,
2456         .features[FEAT_XSAVE] =
2457             CPUID_XSAVE_XSAVEOPT,
2458         .features[FEAT_6_EAX] =
2459             CPUID_6_EAX_ARAT,
2460         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2461              MSR_VMX_BASIC_TRUE_CTLS,
2462         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2463              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2464              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2465         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2466              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2467              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2468              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2469              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2470              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2471              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS,
2472         .features[FEAT_VMX_EXIT_CTLS] =
2473              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2474              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2475              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2476              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2477              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2478         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
2479              MSR_VMX_MISC_STORE_LMA,
2480         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2481              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2482              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
2483         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2484              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2485              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2486              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2487              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2488              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2489              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2490              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2491              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2492              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2493              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2494              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2495         .features[FEAT_VMX_SECONDARY_CTLS] =
2496              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2497              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2498              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2499              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
2500              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
2501              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
2502              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
2503              VMX_SECONDARY_EXEC_RDRAND_EXITING,
2504         .xlevel = 0x80000008,
2505         .model_id = "Intel Xeon E3-12xx v2 (Ivy Bridge)",
2506         .versions = (X86CPUVersionDefinition[]) {
2507             { .version = 1 },
2508             {
2509                 .version = 2,
2510                 .alias = "IvyBridge-IBRS",
2511                 .props = (PropValue[]) {
2512                     { "spec-ctrl", "on" },
2513                     { "model-id",
2514                       "Intel Xeon E3-12xx v2 (Ivy Bridge, IBRS)" },
2515                     { /* end of list */ }
2516                 }
2517             },
2518             { /* end of list */ }
2519         }
2520     },
2521     {
2522         .name = "Haswell",
2523         .level = 0xd,
2524         .vendor = CPUID_VENDOR_INTEL,
2525         .family = 6,
2526         .model = 60,
2527         .stepping = 4,
2528         .features[FEAT_1_EDX] =
2529             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2530             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2531             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2532             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2533             CPUID_DE | CPUID_FP87,
2534         .features[FEAT_1_ECX] =
2535             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
2536             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
2537             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
2538             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
2539             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
2540             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
2541         .features[FEAT_8000_0001_EDX] =
2542             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
2543             CPUID_EXT2_SYSCALL,
2544         .features[FEAT_8000_0001_ECX] =
2545             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM,
2546         .features[FEAT_7_0_EBX] =
2547             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
2548             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
2549             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
2550             CPUID_7_0_EBX_RTM,
2551         .features[FEAT_XSAVE] =
2552             CPUID_XSAVE_XSAVEOPT,
2553         .features[FEAT_6_EAX] =
2554             CPUID_6_EAX_ARAT,
2555         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2556              MSR_VMX_BASIC_TRUE_CTLS,
2557         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2558              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2559              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2560         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2561              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2562              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2563              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2564              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2565              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2566              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
2567         .features[FEAT_VMX_EXIT_CTLS] =
2568              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2569              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2570              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2571              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2572              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2573         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
2574              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
2575         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2576              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2577              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
2578         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2579              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2580              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2581              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2582              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2583              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2584              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2585              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2586              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2587              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2588              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2589              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2590         .features[FEAT_VMX_SECONDARY_CTLS] =
2591              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2592              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2593              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2594              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
2595              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
2596              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
2597              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
2598              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
2599              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS,
2600         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
2601         .xlevel = 0x80000008,
2602         .model_id = "Intel Core Processor (Haswell)",
2603         .versions = (X86CPUVersionDefinition[]) {
2604             { .version = 1 },
2605             {
2606                 .version = 2,
2607                 .alias = "Haswell-noTSX",
2608                 .props = (PropValue[]) {
2609                     { "hle", "off" },
2610                     { "rtm", "off" },
2611                     { "stepping", "1" },
2612                     { "model-id", "Intel Core Processor (Haswell, no TSX)", },
2613                     { /* end of list */ }
2614                 },
2615             },
2616             {
2617                 .version = 3,
2618                 .alias = "Haswell-IBRS",
2619                 .props = (PropValue[]) {
2620                     /* Restore TSX features removed by -v2 above */
2621                     { "hle", "on" },
2622                     { "rtm", "on" },
2623                     /*
2624                      * Haswell and Haswell-IBRS had stepping=4 in
2625                      * QEMU 4.0 and older
2626                      */
2627                     { "stepping", "4" },
2628                     { "spec-ctrl", "on" },
2629                     { "model-id",
2630                       "Intel Core Processor (Haswell, IBRS)" },
2631                     { /* end of list */ }
2632                 }
2633             },
2634             {
2635                 .version = 4,
2636                 .alias = "Haswell-noTSX-IBRS",
2637                 .props = (PropValue[]) {
2638                     { "hle", "off" },
2639                     { "rtm", "off" },
2640                     /* spec-ctrl was already enabled by -v3 above */
2641                     { "stepping", "1" },
2642                     { "model-id",
2643                       "Intel Core Processor (Haswell, no TSX, IBRS)" },
2644                     { /* end of list */ }
2645                 }
2646             },
2647             { /* end of list */ }
2648         }
2649     },
2650     {
2651         .name = "Broadwell",
2652         .level = 0xd,
2653         .vendor = CPUID_VENDOR_INTEL,
2654         .family = 6,
2655         .model = 61,
2656         .stepping = 2,
2657         .features[FEAT_1_EDX] =
2658             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2659             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2660             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2661             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2662             CPUID_DE | CPUID_FP87,
2663         .features[FEAT_1_ECX] =
2664             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
2665             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
2666             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
2667             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
2668             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
2669             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
2670         .features[FEAT_8000_0001_EDX] =
2671             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
2672             CPUID_EXT2_SYSCALL,
2673         .features[FEAT_8000_0001_ECX] =
2674             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
2675         .features[FEAT_7_0_EBX] =
2676             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
2677             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
2678             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
2679             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
2680             CPUID_7_0_EBX_SMAP,
2681         .features[FEAT_XSAVE] =
2682             CPUID_XSAVE_XSAVEOPT,
2683         .features[FEAT_6_EAX] =
2684             CPUID_6_EAX_ARAT,
2685         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2686              MSR_VMX_BASIC_TRUE_CTLS,
2687         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2688              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2689              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2690         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2691              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2692              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2693              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2694              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2695              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2696              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
2697         .features[FEAT_VMX_EXIT_CTLS] =
2698              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2699              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2700              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2701              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2702              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2703         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
2704              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
2705         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2706              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2707              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
2708         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2709              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2710              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2711              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2712              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2713              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2714              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2715              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2716              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2717              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2718              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2719              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2720         .features[FEAT_VMX_SECONDARY_CTLS] =
2721              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2722              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2723              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2724              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
2725              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
2726              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
2727              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
2728              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
2729              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
2730              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
2731         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
2732         .xlevel = 0x80000008,
2733         .model_id = "Intel Core Processor (Broadwell)",
2734         .versions = (X86CPUVersionDefinition[]) {
2735             { .version = 1 },
2736             {
2737                 .version = 2,
2738                 .alias = "Broadwell-noTSX",
2739                 .props = (PropValue[]) {
2740                     { "hle", "off" },
2741                     { "rtm", "off" },
2742                     { "model-id", "Intel Core Processor (Broadwell, no TSX)", },
2743                     { /* end of list */ }
2744                 },
2745             },
2746             {
2747                 .version = 3,
2748                 .alias = "Broadwell-IBRS",
2749                 .props = (PropValue[]) {
2750                     /* Restore TSX features removed by -v2 above */
2751                     { "hle", "on" },
2752                     { "rtm", "on" },
2753                     { "spec-ctrl", "on" },
2754                     { "model-id",
2755                       "Intel Core Processor (Broadwell, IBRS)" },
2756                     { /* end of list */ }
2757                 }
2758             },
2759             {
2760                 .version = 4,
2761                 .alias = "Broadwell-noTSX-IBRS",
2762                 .props = (PropValue[]) {
2763                     { "hle", "off" },
2764                     { "rtm", "off" },
2765                     /* spec-ctrl was already enabled by -v3 above */
2766                     { "model-id",
2767                       "Intel Core Processor (Broadwell, no TSX, IBRS)" },
2768                     { /* end of list */ }
2769                 }
2770             },
2771             { /* end of list */ }
2772         }
2773     },
2774     {
2775         .name = "Skylake-Client",
2776         .level = 0xd,
2777         .vendor = CPUID_VENDOR_INTEL,
2778         .family = 6,
2779         .model = 94,
2780         .stepping = 3,
2781         .features[FEAT_1_EDX] =
2782             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2783             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2784             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2785             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2786             CPUID_DE | CPUID_FP87,
2787         .features[FEAT_1_ECX] =
2788             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
2789             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
2790             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
2791             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
2792             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
2793             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
2794         .features[FEAT_8000_0001_EDX] =
2795             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
2796             CPUID_EXT2_SYSCALL,
2797         .features[FEAT_8000_0001_ECX] =
2798             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
2799         .features[FEAT_7_0_EBX] =
2800             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
2801             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
2802             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
2803             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
2804             CPUID_7_0_EBX_SMAP,
2805         /* Missing: XSAVES (not supported by some Linux versions,
2806          * including v4.1 to v4.12).
2807          * KVM doesn't yet expose any XSAVES state save component,
2808          * and the only one defined in Skylake (processor tracing)
2809          * probably will block migration anyway.
2810          */
2811         .features[FEAT_XSAVE] =
2812             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
2813             CPUID_XSAVE_XGETBV1,
2814         .features[FEAT_6_EAX] =
2815             CPUID_6_EAX_ARAT,
2816         /* Missing: Mode-based execute control (XS/XU), processor tracing, TSC scaling */
2817         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2818              MSR_VMX_BASIC_TRUE_CTLS,
2819         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2820              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2821              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2822         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2823              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2824              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2825              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2826              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2827              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2828              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
2829         .features[FEAT_VMX_EXIT_CTLS] =
2830              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2831              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2832              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2833              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2834              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2835         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
2836              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
2837         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2838              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2839              VMX_PIN_BASED_VMX_PREEMPTION_TIMER,
2840         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2841              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2842              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2843              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2844              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2845              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2846              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2847              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2848              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2849              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2850              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2851              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2852         .features[FEAT_VMX_SECONDARY_CTLS] =
2853              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2854              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2855              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2856              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
2857              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
2858              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
2859              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
2860         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
2861         .xlevel = 0x80000008,
2862         .model_id = "Intel Core Processor (Skylake)",
2863         .versions = (X86CPUVersionDefinition[]) {
2864             { .version = 1 },
2865             {
2866                 .version = 2,
2867                 .alias = "Skylake-Client-IBRS",
2868                 .props = (PropValue[]) {
2869                     { "spec-ctrl", "on" },
2870                     { "model-id",
2871                       "Intel Core Processor (Skylake, IBRS)" },
2872                     { /* end of list */ }
2873                 }
2874             },
2875             {
2876                 .version = 3,
2877                 .alias = "Skylake-Client-noTSX-IBRS",
2878                 .props = (PropValue[]) {
2879                     { "hle", "off" },
2880                     { "rtm", "off" },
2881                     { "model-id",
2882                       "Intel Core Processor (Skylake, IBRS, no TSX)" },
2883                     { /* end of list */ }
2884                 }
2885             },
2886             { /* end of list */ }
2887         }
2888     },
2889     {
2890         .name = "Skylake-Server",
2891         .level = 0xd,
2892         .vendor = CPUID_VENDOR_INTEL,
2893         .family = 6,
2894         .model = 85,
2895         .stepping = 4,
2896         .features[FEAT_1_EDX] =
2897             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2898             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2899             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2900             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2901             CPUID_DE | CPUID_FP87,
2902         .features[FEAT_1_ECX] =
2903             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
2904             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
2905             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
2906             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
2907             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
2908             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
2909         .features[FEAT_8000_0001_EDX] =
2910             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
2911             CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
2912         .features[FEAT_8000_0001_ECX] =
2913             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
2914         .features[FEAT_7_0_EBX] =
2915             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
2916             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
2917             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
2918             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
2919             CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLWB |
2920             CPUID_7_0_EBX_AVX512F | CPUID_7_0_EBX_AVX512DQ |
2921             CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512CD |
2922             CPUID_7_0_EBX_AVX512VL | CPUID_7_0_EBX_CLFLUSHOPT,
2923         .features[FEAT_7_0_ECX] =
2924             CPUID_7_0_ECX_PKU,
2925         /* Missing: XSAVES (not supported by some Linux versions,
2926          * including v4.1 to v4.12).
2927          * KVM doesn't yet expose any XSAVES state save component,
2928          * and the only one defined in Skylake (processor tracing)
2929          * probably will block migration anyway.
2930          */
2931         .features[FEAT_XSAVE] =
2932             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
2933             CPUID_XSAVE_XGETBV1,
2934         .features[FEAT_6_EAX] =
2935             CPUID_6_EAX_ARAT,
2936         /* Missing: Mode-based execute control (XS/XU), processor tracing, TSC scaling */
2937         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2938              MSR_VMX_BASIC_TRUE_CTLS,
2939         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2940              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2941              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2942         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2943              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2944              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2945              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2946              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2947              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2948              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
2949         .features[FEAT_VMX_EXIT_CTLS] =
2950              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2951              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2952              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2953              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2954              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2955         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
2956              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
2957         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2958              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2959              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
2960         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2961              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2962              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2963              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2964              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2965              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2966              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2967              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2968              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2969              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2970              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2971              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2972         .features[FEAT_VMX_SECONDARY_CTLS] =
2973              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2974              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2975              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2976              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
2977              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
2978              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
2979              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
2980              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
2981              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
2982              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
2983         .xlevel = 0x80000008,
2984         .model_id = "Intel Xeon Processor (Skylake)",
2985         .versions = (X86CPUVersionDefinition[]) {
2986             { .version = 1 },
2987             {
2988                 .version = 2,
2989                 .alias = "Skylake-Server-IBRS",
2990                 .props = (PropValue[]) {
2991                     /* clflushopt was not added to Skylake-Server-IBRS */
2992                     /* TODO: add -v3 including clflushopt */
2993                     { "clflushopt", "off" },
2994                     { "spec-ctrl", "on" },
2995                     { "model-id",
2996                       "Intel Xeon Processor (Skylake, IBRS)" },
2997                     { /* end of list */ }
2998                 }
2999             },
3000             {
3001                 .version = 3,
3002                 .alias = "Skylake-Server-noTSX-IBRS",
3003                 .props = (PropValue[]) {
3004                     { "hle", "off" },
3005                     { "rtm", "off" },
3006                     { "model-id",
3007                       "Intel Xeon Processor (Skylake, IBRS, no TSX)" },
3008                     { /* end of list */ }
3009                 }
3010             },
3011             {
3012                 .version = 4,
3013                 .props = (PropValue[]) {
3014                     { "vmx-eptp-switching", "on" },
3015                     { /* end of list */ }
3016                 }
3017             },
3018             { /* end of list */ }
3019         }
3020     },
3021     {
3022         .name = "Cascadelake-Server",
3023         .level = 0xd,
3024         .vendor = CPUID_VENDOR_INTEL,
3025         .family = 6,
3026         .model = 85,
3027         .stepping = 6,
3028         .features[FEAT_1_EDX] =
3029             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3030             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3031             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3032             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3033             CPUID_DE | CPUID_FP87,
3034         .features[FEAT_1_ECX] =
3035             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
3036             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
3037             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
3038             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
3039             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
3040             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
3041         .features[FEAT_8000_0001_EDX] =
3042             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
3043             CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
3044         .features[FEAT_8000_0001_ECX] =
3045             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
3046         .features[FEAT_7_0_EBX] =
3047             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
3048             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
3049             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
3050             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
3051             CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLWB |
3052             CPUID_7_0_EBX_AVX512F | CPUID_7_0_EBX_AVX512DQ |
3053             CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512CD |
3054             CPUID_7_0_EBX_AVX512VL | CPUID_7_0_EBX_CLFLUSHOPT,
3055         .features[FEAT_7_0_ECX] =
3056             CPUID_7_0_ECX_PKU |
3057             CPUID_7_0_ECX_AVX512VNNI,
3058         .features[FEAT_7_0_EDX] =
3059             CPUID_7_0_EDX_SPEC_CTRL | CPUID_7_0_EDX_SPEC_CTRL_SSBD,
3060         /* Missing: XSAVES (not supported by some Linux versions,
3061                 * including v4.1 to v4.12).
3062                 * KVM doesn't yet expose any XSAVES state save component,
3063                 * and the only one defined in Skylake (processor tracing)
3064                 * probably will block migration anyway.
3065                 */
3066         .features[FEAT_XSAVE] =
3067             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
3068             CPUID_XSAVE_XGETBV1,
3069         .features[FEAT_6_EAX] =
3070             CPUID_6_EAX_ARAT,
3071         /* Missing: Mode-based execute control (XS/XU), processor tracing, TSC scaling */
3072         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
3073              MSR_VMX_BASIC_TRUE_CTLS,
3074         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
3075              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
3076              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
3077         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
3078              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
3079              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
3080              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3081              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3082              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3083              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
3084         .features[FEAT_VMX_EXIT_CTLS] =
3085              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3086              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3087              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
3088              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3089              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3090         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
3091              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
3092         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
3093              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
3094              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
3095         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3096              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3097              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3098              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3099              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3100              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3101              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3102              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3103              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3104              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3105              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3106              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3107         .features[FEAT_VMX_SECONDARY_CTLS] =
3108              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3109              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3110              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3111              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3112              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3113              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
3114              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
3115              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3116              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
3117              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
3118         .xlevel = 0x80000008,
3119         .model_id = "Intel Xeon Processor (Cascadelake)",
3120         .versions = (X86CPUVersionDefinition[]) {
3121             { .version = 1 },
3122             { .version = 2,
3123               .note = "ARCH_CAPABILITIES",
3124               .props = (PropValue[]) {
3125                   { "arch-capabilities", "on" },
3126                   { "rdctl-no", "on" },
3127                   { "ibrs-all", "on" },
3128                   { "skip-l1dfl-vmentry", "on" },
3129                   { "mds-no", "on" },
3130                   { /* end of list */ }
3131               },
3132             },
3133             { .version = 3,
3134               .alias = "Cascadelake-Server-noTSX",
3135               .note = "ARCH_CAPABILITIES, no TSX",
3136               .props = (PropValue[]) {
3137                   { "hle", "off" },
3138                   { "rtm", "off" },
3139                   { /* end of list */ }
3140               },
3141             },
3142             { .version = 4,
3143               .note = "ARCH_CAPABILITIES, no TSX",
3144               .props = (PropValue[]) {
3145                   { "vmx-eptp-switching", "on" },
3146                   { /* end of list */ }
3147               },
3148             },
3149             { /* end of list */ }
3150         }
3151     },
3152     {
3153         .name = "Cooperlake",
3154         .level = 0xd,
3155         .vendor = CPUID_VENDOR_INTEL,
3156         .family = 6,
3157         .model = 85,
3158         .stepping = 10,
3159         .features[FEAT_1_EDX] =
3160             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3161             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3162             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3163             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3164             CPUID_DE | CPUID_FP87,
3165         .features[FEAT_1_ECX] =
3166             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
3167             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
3168             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
3169             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
3170             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
3171             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
3172         .features[FEAT_8000_0001_EDX] =
3173             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
3174             CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
3175         .features[FEAT_8000_0001_ECX] =
3176             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
3177         .features[FEAT_7_0_EBX] =
3178             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
3179             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
3180             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
3181             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
3182             CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLWB |
3183             CPUID_7_0_EBX_AVX512F | CPUID_7_0_EBX_AVX512DQ |
3184             CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512CD |
3185             CPUID_7_0_EBX_AVX512VL | CPUID_7_0_EBX_CLFLUSHOPT,
3186         .features[FEAT_7_0_ECX] =
3187             CPUID_7_0_ECX_PKU |
3188             CPUID_7_0_ECX_AVX512VNNI,
3189         .features[FEAT_7_0_EDX] =
3190             CPUID_7_0_EDX_SPEC_CTRL | CPUID_7_0_EDX_STIBP |
3191             CPUID_7_0_EDX_SPEC_CTRL_SSBD | CPUID_7_0_EDX_ARCH_CAPABILITIES,
3192         .features[FEAT_ARCH_CAPABILITIES] =
3193             MSR_ARCH_CAP_RDCL_NO | MSR_ARCH_CAP_IBRS_ALL |
3194             MSR_ARCH_CAP_SKIP_L1DFL_VMENTRY | MSR_ARCH_CAP_MDS_NO |
3195             MSR_ARCH_CAP_PSCHANGE_MC_NO | MSR_ARCH_CAP_TAA_NO,
3196         .features[FEAT_7_1_EAX] =
3197             CPUID_7_1_EAX_AVX512_BF16,
3198         /*
3199          * Missing: XSAVES (not supported by some Linux versions,
3200          * including v4.1 to v4.12).
3201          * KVM doesn't yet expose any XSAVES state save component,
3202          * and the only one defined in Skylake (processor tracing)
3203          * probably will block migration anyway.
3204          */
3205         .features[FEAT_XSAVE] =
3206             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
3207             CPUID_XSAVE_XGETBV1,
3208         .features[FEAT_6_EAX] =
3209             CPUID_6_EAX_ARAT,
3210         /* Missing: Mode-based execute control (XS/XU), processor tracing, TSC scaling */
3211         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
3212              MSR_VMX_BASIC_TRUE_CTLS,
3213         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
3214              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
3215              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
3216         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
3217              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
3218              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
3219              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3220              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3221              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3222              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
3223         .features[FEAT_VMX_EXIT_CTLS] =
3224              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3225              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3226              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
3227              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3228              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3229         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
3230              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
3231         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
3232              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
3233              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
3234         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3235              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3236              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3237              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3238              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3239              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3240              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3241              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3242              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3243              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3244              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3245              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3246         .features[FEAT_VMX_SECONDARY_CTLS] =
3247              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3248              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3249              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3250              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3251              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3252              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
3253              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
3254              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3255              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
3256              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
3257         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
3258         .xlevel = 0x80000008,
3259         .model_id = "Intel Xeon Processor (Cooperlake)",
3260     },
3261     {
3262         .name = "Icelake-Client",
3263         .level = 0xd,
3264         .vendor = CPUID_VENDOR_INTEL,
3265         .family = 6,
3266         .model = 126,
3267         .stepping = 0,
3268         .features[FEAT_1_EDX] =
3269             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3270             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3271             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3272             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3273             CPUID_DE | CPUID_FP87,
3274         .features[FEAT_1_ECX] =
3275             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
3276             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
3277             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
3278             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
3279             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
3280             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
3281         .features[FEAT_8000_0001_EDX] =
3282             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
3283             CPUID_EXT2_SYSCALL,
3284         .features[FEAT_8000_0001_ECX] =
3285             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
3286         .features[FEAT_8000_0008_EBX] =
3287             CPUID_8000_0008_EBX_WBNOINVD,
3288         .features[FEAT_7_0_EBX] =
3289             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
3290             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
3291             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
3292             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
3293             CPUID_7_0_EBX_SMAP,
3294         .features[FEAT_7_0_ECX] =
3295             CPUID_7_0_ECX_AVX512_VBMI | CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_PKU |
3296             CPUID_7_0_ECX_AVX512_VBMI2 | CPUID_7_0_ECX_GFNI |
3297             CPUID_7_0_ECX_VAES | CPUID_7_0_ECX_VPCLMULQDQ |
3298             CPUID_7_0_ECX_AVX512VNNI | CPUID_7_0_ECX_AVX512BITALG |
3299             CPUID_7_0_ECX_AVX512_VPOPCNTDQ,
3300         .features[FEAT_7_0_EDX] =
3301             CPUID_7_0_EDX_SPEC_CTRL | CPUID_7_0_EDX_SPEC_CTRL_SSBD,
3302         /* Missing: XSAVES (not supported by some Linux versions,
3303                 * including v4.1 to v4.12).
3304                 * KVM doesn't yet expose any XSAVES state save component,
3305                 * and the only one defined in Skylake (processor tracing)
3306                 * probably will block migration anyway.
3307                 */
3308         .features[FEAT_XSAVE] =
3309             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
3310             CPUID_XSAVE_XGETBV1,
3311         .features[FEAT_6_EAX] =
3312             CPUID_6_EAX_ARAT,
3313         /* Missing: Mode-based execute control (XS/XU), processor tracing, TSC scaling */
3314         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
3315              MSR_VMX_BASIC_TRUE_CTLS,
3316         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
3317              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
3318              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
3319         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
3320              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
3321              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
3322              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3323              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3324              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3325              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
3326         .features[FEAT_VMX_EXIT_CTLS] =
3327              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3328              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3329              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
3330              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3331              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3332         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
3333              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
3334         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
3335              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
3336              VMX_PIN_BASED_VMX_PREEMPTION_TIMER,
3337         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3338              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3339              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3340              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3341              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3342              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3343              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3344              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3345              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3346              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3347              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3348              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3349         .features[FEAT_VMX_SECONDARY_CTLS] =
3350              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3351              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3352              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3353              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3354              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3355              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
3356              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
3357         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
3358         .xlevel = 0x80000008,
3359         .model_id = "Intel Core Processor (Icelake)",
3360         .versions = (X86CPUVersionDefinition[]) {
3361             {
3362                 .version = 1,
3363                 .note = "deprecated"
3364             },
3365             {
3366                 .version = 2,
3367                 .note = "no TSX, deprecated",
3368                 .alias = "Icelake-Client-noTSX",
3369                 .props = (PropValue[]) {
3370                     { "hle", "off" },
3371                     { "rtm", "off" },
3372                     { /* end of list */ }
3373                 },
3374             },
3375             { /* end of list */ }
3376         },
3377         .deprecation_note = "use Icelake-Server instead"
3378     },
3379     {
3380         .name = "Icelake-Server",
3381         .level = 0xd,
3382         .vendor = CPUID_VENDOR_INTEL,
3383         .family = 6,
3384         .model = 134,
3385         .stepping = 0,
3386         .features[FEAT_1_EDX] =
3387             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3388             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3389             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3390             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3391             CPUID_DE | CPUID_FP87,
3392         .features[FEAT_1_ECX] =
3393             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
3394             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
3395             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
3396             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
3397             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
3398             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
3399         .features[FEAT_8000_0001_EDX] =
3400             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
3401             CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
3402         .features[FEAT_8000_0001_ECX] =
3403             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
3404         .features[FEAT_8000_0008_EBX] =
3405             CPUID_8000_0008_EBX_WBNOINVD,
3406         .features[FEAT_7_0_EBX] =
3407             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
3408             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
3409             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
3410             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
3411             CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLWB |
3412             CPUID_7_0_EBX_AVX512F | CPUID_7_0_EBX_AVX512DQ |
3413             CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512CD |
3414             CPUID_7_0_EBX_AVX512VL | CPUID_7_0_EBX_CLFLUSHOPT,
3415         .features[FEAT_7_0_ECX] =
3416             CPUID_7_0_ECX_AVX512_VBMI | CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_PKU |
3417             CPUID_7_0_ECX_AVX512_VBMI2 | CPUID_7_0_ECX_GFNI |
3418             CPUID_7_0_ECX_VAES | CPUID_7_0_ECX_VPCLMULQDQ |
3419             CPUID_7_0_ECX_AVX512VNNI | CPUID_7_0_ECX_AVX512BITALG |
3420             CPUID_7_0_ECX_AVX512_VPOPCNTDQ | CPUID_7_0_ECX_LA57,
3421         .features[FEAT_7_0_EDX] =
3422             CPUID_7_0_EDX_SPEC_CTRL | CPUID_7_0_EDX_SPEC_CTRL_SSBD,
3423         /* Missing: XSAVES (not supported by some Linux versions,
3424                 * including v4.1 to v4.12).
3425                 * KVM doesn't yet expose any XSAVES state save component,
3426                 * and the only one defined in Skylake (processor tracing)
3427                 * probably will block migration anyway.
3428                 */
3429         .features[FEAT_XSAVE] =
3430             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
3431             CPUID_XSAVE_XGETBV1,
3432         .features[FEAT_6_EAX] =
3433             CPUID_6_EAX_ARAT,
3434         /* Missing: Mode-based execute control (XS/XU), processor tracing, TSC scaling */
3435         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
3436              MSR_VMX_BASIC_TRUE_CTLS,
3437         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
3438              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
3439              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
3440         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
3441              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
3442              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
3443              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3444              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3445              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3446              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
3447         .features[FEAT_VMX_EXIT_CTLS] =
3448              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3449              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3450              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
3451              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3452              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3453         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
3454              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
3455         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
3456              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
3457              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
3458         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3459              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3460              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3461              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3462              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3463              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3464              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3465              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3466              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3467              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3468              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3469              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3470         .features[FEAT_VMX_SECONDARY_CTLS] =
3471              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3472              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3473              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3474              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3475              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3476              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
3477              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
3478              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3479              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS,
3480         .xlevel = 0x80000008,
3481         .model_id = "Intel Xeon Processor (Icelake)",
3482         .versions = (X86CPUVersionDefinition[]) {
3483             { .version = 1 },
3484             {
3485                 .version = 2,
3486                 .note = "no TSX",
3487                 .alias = "Icelake-Server-noTSX",
3488                 .props = (PropValue[]) {
3489                     { "hle", "off" },
3490                     { "rtm", "off" },
3491                     { /* end of list */ }
3492                 },
3493             },
3494             {
3495                 .version = 3,
3496                 .props = (PropValue[]) {
3497                     { "arch-capabilities", "on" },
3498                     { "rdctl-no", "on" },
3499                     { "ibrs-all", "on" },
3500                     { "skip-l1dfl-vmentry", "on" },
3501                     { "mds-no", "on" },
3502                     { "pschange-mc-no", "on" },
3503                     { "taa-no", "on" },
3504                     { /* end of list */ }
3505                 },
3506             },
3507             {
3508                 .version = 4,
3509                 .props = (PropValue[]) {
3510                     { "sha-ni", "on" },
3511                     { "avx512ifma", "on" },
3512                     { "rdpid", "on" },
3513                     { "fsrm", "on" },
3514                     { "vmx-rdseed-exit", "on" },
3515                     { "vmx-pml", "on" },
3516                     { "vmx-eptp-switching", "on" },
3517                     { "model", "106" },
3518                     { /* end of list */ }
3519                 },
3520             },
3521             { /* end of list */ }
3522         }
3523     },
3524     {
3525         .name = "Denverton",
3526         .level = 21,
3527         .vendor = CPUID_VENDOR_INTEL,
3528         .family = 6,
3529         .model = 95,
3530         .stepping = 1,
3531         .features[FEAT_1_EDX] =
3532             CPUID_FP87 | CPUID_VME | CPUID_DE | CPUID_PSE | CPUID_TSC |
3533             CPUID_MSR | CPUID_PAE | CPUID_MCE | CPUID_CX8 | CPUID_APIC |
3534             CPUID_SEP | CPUID_MTRR | CPUID_PGE | CPUID_MCA | CPUID_CMOV |
3535             CPUID_PAT | CPUID_PSE36 | CPUID_CLFLUSH | CPUID_MMX | CPUID_FXSR |
3536             CPUID_SSE | CPUID_SSE2,
3537         .features[FEAT_1_ECX] =
3538             CPUID_EXT_SSE3 | CPUID_EXT_PCLMULQDQ | CPUID_EXT_MONITOR |
3539             CPUID_EXT_SSSE3 | CPUID_EXT_CX16 | CPUID_EXT_SSE41 |
3540             CPUID_EXT_SSE42 | CPUID_EXT_X2APIC | CPUID_EXT_MOVBE |
3541             CPUID_EXT_POPCNT | CPUID_EXT_TSC_DEADLINE_TIMER |
3542             CPUID_EXT_AES | CPUID_EXT_XSAVE | CPUID_EXT_RDRAND,
3543         .features[FEAT_8000_0001_EDX] =
3544             CPUID_EXT2_SYSCALL | CPUID_EXT2_NX | CPUID_EXT2_PDPE1GB |
3545             CPUID_EXT2_RDTSCP | CPUID_EXT2_LM,
3546         .features[FEAT_8000_0001_ECX] =
3547             CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
3548         .features[FEAT_7_0_EBX] =
3549             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_ERMS |
3550             CPUID_7_0_EBX_MPX | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_SMAP |
3551             CPUID_7_0_EBX_CLFLUSHOPT | CPUID_7_0_EBX_SHA_NI,
3552         .features[FEAT_7_0_EDX] =
3553             CPUID_7_0_EDX_SPEC_CTRL | CPUID_7_0_EDX_ARCH_CAPABILITIES |
3554             CPUID_7_0_EDX_SPEC_CTRL_SSBD,
3555         /*
3556          * Missing: XSAVES (not supported by some Linux versions,
3557          * including v4.1 to v4.12).
3558          * KVM doesn't yet expose any XSAVES state save component,
3559          * and the only one defined in Skylake (processor tracing)
3560          * probably will block migration anyway.
3561          */
3562         .features[FEAT_XSAVE] =
3563             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC | CPUID_XSAVE_XGETBV1,
3564         .features[FEAT_6_EAX] =
3565             CPUID_6_EAX_ARAT,
3566         .features[FEAT_ARCH_CAPABILITIES] =
3567             MSR_ARCH_CAP_RDCL_NO | MSR_ARCH_CAP_SKIP_L1DFL_VMENTRY,
3568         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
3569              MSR_VMX_BASIC_TRUE_CTLS,
3570         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
3571              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
3572              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
3573         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
3574              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
3575              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
3576              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3577              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3578              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3579              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
3580         .features[FEAT_VMX_EXIT_CTLS] =
3581              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3582              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3583              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
3584              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3585              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3586         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
3587              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
3588         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
3589              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
3590              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
3591         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3592              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3593              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3594              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3595              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3596              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3597              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3598              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3599              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3600              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3601              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3602              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3603         .features[FEAT_VMX_SECONDARY_CTLS] =
3604              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3605              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3606              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3607              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3608              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3609              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
3610              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
3611              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3612              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
3613              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
3614         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
3615         .xlevel = 0x80000008,
3616         .model_id = "Intel Atom Processor (Denverton)",
3617         .versions = (X86CPUVersionDefinition[]) {
3618             { .version = 1 },
3619             {
3620                 .version = 2,
3621                 .note = "no MPX, no MONITOR",
3622                 .props = (PropValue[]) {
3623                     { "monitor", "off" },
3624                     { "mpx", "off" },
3625                     { /* end of list */ },
3626                 },
3627             },
3628             { /* end of list */ },
3629         },
3630     },
3631     {
3632         .name = "Snowridge",
3633         .level = 27,
3634         .vendor = CPUID_VENDOR_INTEL,
3635         .family = 6,
3636         .model = 134,
3637         .stepping = 1,
3638         .features[FEAT_1_EDX] =
3639             /* missing: CPUID_PN CPUID_IA64 */
3640             /* missing: CPUID_DTS, CPUID_HT, CPUID_TM, CPUID_PBE */
3641             CPUID_FP87 | CPUID_VME | CPUID_DE | CPUID_PSE |
3642             CPUID_TSC | CPUID_MSR | CPUID_PAE | CPUID_MCE |
3643             CPUID_CX8 | CPUID_APIC | CPUID_SEP |
3644             CPUID_MTRR | CPUID_PGE | CPUID_MCA | CPUID_CMOV |
3645             CPUID_PAT | CPUID_PSE36 | CPUID_CLFLUSH |
3646             CPUID_MMX |
3647             CPUID_FXSR | CPUID_SSE | CPUID_SSE2,
3648         .features[FEAT_1_ECX] =
3649             CPUID_EXT_SSE3 | CPUID_EXT_PCLMULQDQ | CPUID_EXT_MONITOR |
3650             CPUID_EXT_SSSE3 |
3651             CPUID_EXT_CX16 |
3652             CPUID_EXT_SSE41 |
3653             CPUID_EXT_SSE42 | CPUID_EXT_X2APIC | CPUID_EXT_MOVBE |
3654             CPUID_EXT_POPCNT |
3655             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_AES | CPUID_EXT_XSAVE |
3656             CPUID_EXT_RDRAND,
3657         .features[FEAT_8000_0001_EDX] =
3658             CPUID_EXT2_SYSCALL |
3659             CPUID_EXT2_NX |
3660             CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
3661             CPUID_EXT2_LM,
3662         .features[FEAT_8000_0001_ECX] =
3663             CPUID_EXT3_LAHF_LM |
3664             CPUID_EXT3_3DNOWPREFETCH,
3665         .features[FEAT_7_0_EBX] =
3666             CPUID_7_0_EBX_FSGSBASE |
3667             CPUID_7_0_EBX_SMEP |
3668             CPUID_7_0_EBX_ERMS |
3669             CPUID_7_0_EBX_MPX |  /* missing bits 13, 15 */
3670             CPUID_7_0_EBX_RDSEED |
3671             CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLFLUSHOPT |
3672             CPUID_7_0_EBX_CLWB |
3673             CPUID_7_0_EBX_SHA_NI,
3674         .features[FEAT_7_0_ECX] =
3675             CPUID_7_0_ECX_UMIP |
3676             /* missing bit 5 */
3677             CPUID_7_0_ECX_GFNI |
3678             CPUID_7_0_ECX_MOVDIRI | CPUID_7_0_ECX_CLDEMOTE |
3679             CPUID_7_0_ECX_MOVDIR64B,
3680         .features[FEAT_7_0_EDX] =
3681             CPUID_7_0_EDX_SPEC_CTRL |
3682             CPUID_7_0_EDX_ARCH_CAPABILITIES | CPUID_7_0_EDX_SPEC_CTRL_SSBD |
3683             CPUID_7_0_EDX_CORE_CAPABILITY,
3684         .features[FEAT_CORE_CAPABILITY] =
3685             MSR_CORE_CAP_SPLIT_LOCK_DETECT,
3686         /*
3687          * Missing: XSAVES (not supported by some Linux versions,
3688          * including v4.1 to v4.12).
3689          * KVM doesn't yet expose any XSAVES state save component,
3690          * and the only one defined in Skylake (processor tracing)
3691          * probably will block migration anyway.
3692          */
3693         .features[FEAT_XSAVE] =
3694             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
3695             CPUID_XSAVE_XGETBV1,
3696         .features[FEAT_6_EAX] =
3697             CPUID_6_EAX_ARAT,
3698         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
3699              MSR_VMX_BASIC_TRUE_CTLS,
3700         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
3701              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
3702              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
3703         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
3704              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
3705              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
3706              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3707              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3708              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3709              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
3710         .features[FEAT_VMX_EXIT_CTLS] =
3711              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3712              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3713              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
3714              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3715              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3716         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
3717              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
3718         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
3719              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
3720              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
3721         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3722              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3723              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3724              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3725              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3726              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3727              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3728              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3729              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3730              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3731              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3732              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3733         .features[FEAT_VMX_SECONDARY_CTLS] =
3734              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3735              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3736              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3737              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3738              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3739              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
3740              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
3741              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3742              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
3743              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
3744         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
3745         .xlevel = 0x80000008,
3746         .model_id = "Intel Atom Processor (SnowRidge)",
3747         .versions = (X86CPUVersionDefinition[]) {
3748             { .version = 1 },
3749             {
3750                 .version = 2,
3751                 .props = (PropValue[]) {
3752                     { "mpx", "off" },
3753                     { "model-id", "Intel Atom Processor (Snowridge, no MPX)" },
3754                     { /* end of list */ },
3755                 },
3756             },
3757             { /* end of list */ },
3758         },
3759     },
3760     {
3761         .name = "KnightsMill",
3762         .level = 0xd,
3763         .vendor = CPUID_VENDOR_INTEL,
3764         .family = 6,
3765         .model = 133,
3766         .stepping = 0,
3767         .features[FEAT_1_EDX] =
3768             CPUID_VME | CPUID_SS | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR |
3769             CPUID_MMX | CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV |
3770             CPUID_MCA | CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC |
3771             CPUID_CX8 | CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC |
3772             CPUID_PSE | CPUID_DE | CPUID_FP87,
3773         .features[FEAT_1_ECX] =
3774             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
3775             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
3776             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
3777             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
3778             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
3779             CPUID_EXT_F16C | CPUID_EXT_RDRAND,
3780         .features[FEAT_8000_0001_EDX] =
3781             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
3782             CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
3783         .features[FEAT_8000_0001_ECX] =
3784             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
3785         .features[FEAT_7_0_EBX] =
3786             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_AVX2 |
3787             CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS |
3788             CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_AVX512F |
3789             CPUID_7_0_EBX_AVX512CD | CPUID_7_0_EBX_AVX512PF |
3790             CPUID_7_0_EBX_AVX512ER,
3791         .features[FEAT_7_0_ECX] =
3792             CPUID_7_0_ECX_AVX512_VPOPCNTDQ,
3793         .features[FEAT_7_0_EDX] =
3794             CPUID_7_0_EDX_AVX512_4VNNIW | CPUID_7_0_EDX_AVX512_4FMAPS,
3795         .features[FEAT_XSAVE] =
3796             CPUID_XSAVE_XSAVEOPT,
3797         .features[FEAT_6_EAX] =
3798             CPUID_6_EAX_ARAT,
3799         .xlevel = 0x80000008,
3800         .model_id = "Intel Xeon Phi Processor (Knights Mill)",
3801     },
3802     {
3803         .name = "Opteron_G1",
3804         .level = 5,
3805         .vendor = CPUID_VENDOR_AMD,
3806         .family = 15,
3807         .model = 6,
3808         .stepping = 1,
3809         .features[FEAT_1_EDX] =
3810             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3811             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3812             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3813             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3814             CPUID_DE | CPUID_FP87,
3815         .features[FEAT_1_ECX] =
3816             CPUID_EXT_SSE3,
3817         .features[FEAT_8000_0001_EDX] =
3818             CPUID_EXT2_LM | CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
3819         .xlevel = 0x80000008,
3820         .model_id = "AMD Opteron 240 (Gen 1 Class Opteron)",
3821     },
3822     {
3823         .name = "Opteron_G2",
3824         .level = 5,
3825         .vendor = CPUID_VENDOR_AMD,
3826         .family = 15,
3827         .model = 6,
3828         .stepping = 1,
3829         .features[FEAT_1_EDX] =
3830             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3831             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3832             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3833             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3834             CPUID_DE | CPUID_FP87,
3835         .features[FEAT_1_ECX] =
3836             CPUID_EXT_CX16 | CPUID_EXT_SSE3,
3837         .features[FEAT_8000_0001_EDX] =
3838             CPUID_EXT2_LM | CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
3839         .features[FEAT_8000_0001_ECX] =
3840             CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM,
3841         .xlevel = 0x80000008,
3842         .model_id = "AMD Opteron 22xx (Gen 2 Class Opteron)",
3843     },
3844     {
3845         .name = "Opteron_G3",
3846         .level = 5,
3847         .vendor = CPUID_VENDOR_AMD,
3848         .family = 16,
3849         .model = 2,
3850         .stepping = 3,
3851         .features[FEAT_1_EDX] =
3852             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3853             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3854             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3855             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3856             CPUID_DE | CPUID_FP87,
3857         .features[FEAT_1_ECX] =
3858             CPUID_EXT_POPCNT | CPUID_EXT_CX16 | CPUID_EXT_MONITOR |
3859             CPUID_EXT_SSE3,
3860         .features[FEAT_8000_0001_EDX] =
3861             CPUID_EXT2_LM | CPUID_EXT2_NX | CPUID_EXT2_SYSCALL |
3862             CPUID_EXT2_RDTSCP,
3863         .features[FEAT_8000_0001_ECX] =
3864             CPUID_EXT3_MISALIGNSSE | CPUID_EXT3_SSE4A |
3865             CPUID_EXT3_ABM | CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM,
3866         .xlevel = 0x80000008,
3867         .model_id = "AMD Opteron 23xx (Gen 3 Class Opteron)",
3868     },
3869     {
3870         .name = "Opteron_G4",
3871         .level = 0xd,
3872         .vendor = CPUID_VENDOR_AMD,
3873         .family = 21,
3874         .model = 1,
3875         .stepping = 2,
3876         .features[FEAT_1_EDX] =
3877             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3878             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3879             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3880             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3881             CPUID_DE | CPUID_FP87,
3882         .features[FEAT_1_ECX] =
3883             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
3884             CPUID_EXT_POPCNT | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
3885             CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | CPUID_EXT_PCLMULQDQ |
3886             CPUID_EXT_SSE3,
3887         .features[FEAT_8000_0001_EDX] =
3888             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_NX |
3889             CPUID_EXT2_SYSCALL | CPUID_EXT2_RDTSCP,
3890         .features[FEAT_8000_0001_ECX] =
3891             CPUID_EXT3_FMA4 | CPUID_EXT3_XOP |
3892             CPUID_EXT3_3DNOWPREFETCH | CPUID_EXT3_MISALIGNSSE |
3893             CPUID_EXT3_SSE4A | CPUID_EXT3_ABM | CPUID_EXT3_SVM |
3894             CPUID_EXT3_LAHF_LM,
3895         .features[FEAT_SVM] =
3896             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE,
3897         /* no xsaveopt! */
3898         .xlevel = 0x8000001A,
3899         .model_id = "AMD Opteron 62xx class CPU",
3900     },
3901     {
3902         .name = "Opteron_G5",
3903         .level = 0xd,
3904         .vendor = CPUID_VENDOR_AMD,
3905         .family = 21,
3906         .model = 2,
3907         .stepping = 0,
3908         .features[FEAT_1_EDX] =
3909             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3910             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3911             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3912             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3913             CPUID_DE | CPUID_FP87,
3914         .features[FEAT_1_ECX] =
3915             CPUID_EXT_F16C | CPUID_EXT_AVX | CPUID_EXT_XSAVE |
3916             CPUID_EXT_AES | CPUID_EXT_POPCNT | CPUID_EXT_SSE42 |
3917             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_FMA |
3918             CPUID_EXT_SSSE3 | CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3,
3919         .features[FEAT_8000_0001_EDX] =
3920             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_NX |
3921             CPUID_EXT2_SYSCALL | CPUID_EXT2_RDTSCP,
3922         .features[FEAT_8000_0001_ECX] =
3923             CPUID_EXT3_TBM | CPUID_EXT3_FMA4 | CPUID_EXT3_XOP |
3924             CPUID_EXT3_3DNOWPREFETCH | CPUID_EXT3_MISALIGNSSE |
3925             CPUID_EXT3_SSE4A | CPUID_EXT3_ABM | CPUID_EXT3_SVM |
3926             CPUID_EXT3_LAHF_LM,
3927         .features[FEAT_SVM] =
3928             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE,
3929         /* no xsaveopt! */
3930         .xlevel = 0x8000001A,
3931         .model_id = "AMD Opteron 63xx class CPU",
3932     },
3933     {
3934         .name = "EPYC",
3935         .level = 0xd,
3936         .vendor = CPUID_VENDOR_AMD,
3937         .family = 23,
3938         .model = 1,
3939         .stepping = 2,
3940         .features[FEAT_1_EDX] =
3941             CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | CPUID_CLFLUSH |
3942             CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | CPUID_PGE |
3943             CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | CPUID_MCE |
3944             CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | CPUID_DE |
3945             CPUID_VME | CPUID_FP87,
3946         .features[FEAT_1_ECX] =
3947             CPUID_EXT_RDRAND | CPUID_EXT_F16C | CPUID_EXT_AVX |
3948             CPUID_EXT_XSAVE | CPUID_EXT_AES |  CPUID_EXT_POPCNT |
3949             CPUID_EXT_MOVBE | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
3950             CPUID_EXT_CX16 | CPUID_EXT_FMA | CPUID_EXT_SSSE3 |
3951             CPUID_EXT_MONITOR | CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3,
3952         .features[FEAT_8000_0001_EDX] =
3953             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_PDPE1GB |
3954             CPUID_EXT2_FFXSR | CPUID_EXT2_MMXEXT | CPUID_EXT2_NX |
3955             CPUID_EXT2_SYSCALL,
3956         .features[FEAT_8000_0001_ECX] =
3957             CPUID_EXT3_OSVW | CPUID_EXT3_3DNOWPREFETCH |
3958             CPUID_EXT3_MISALIGNSSE | CPUID_EXT3_SSE4A | CPUID_EXT3_ABM |
3959             CPUID_EXT3_CR8LEG | CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM |
3960             CPUID_EXT3_TOPOEXT,
3961         .features[FEAT_7_0_EBX] =
3962             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_AVX2 |
3963             CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_RDSEED |
3964             CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLFLUSHOPT |
3965             CPUID_7_0_EBX_SHA_NI,
3966         .features[FEAT_XSAVE] =
3967             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
3968             CPUID_XSAVE_XGETBV1,
3969         .features[FEAT_6_EAX] =
3970             CPUID_6_EAX_ARAT,
3971         .features[FEAT_SVM] =
3972             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE,
3973         .xlevel = 0x8000001E,
3974         .model_id = "AMD EPYC Processor",
3975         .cache_info = &epyc_cache_info,
3976         .versions = (X86CPUVersionDefinition[]) {
3977             { .version = 1 },
3978             {
3979                 .version = 2,
3980                 .alias = "EPYC-IBPB",
3981                 .props = (PropValue[]) {
3982                     { "ibpb", "on" },
3983                     { "model-id",
3984                       "AMD EPYC Processor (with IBPB)" },
3985                     { /* end of list */ }
3986                 }
3987             },
3988             {
3989                 .version = 3,
3990                 .props = (PropValue[]) {
3991                     { "ibpb", "on" },
3992                     { "perfctr-core", "on" },
3993                     { "clzero", "on" },
3994                     { "xsaveerptr", "on" },
3995                     { "xsaves", "on" },
3996                     { "model-id",
3997                       "AMD EPYC Processor" },
3998                     { /* end of list */ }
3999                 }
4000             },
4001             { /* end of list */ }
4002         }
4003     },
4004     {
4005         .name = "Dhyana",
4006         .level = 0xd,
4007         .vendor = CPUID_VENDOR_HYGON,
4008         .family = 24,
4009         .model = 0,
4010         .stepping = 1,
4011         .features[FEAT_1_EDX] =
4012             CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | CPUID_CLFLUSH |
4013             CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | CPUID_PGE |
4014             CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | CPUID_MCE |
4015             CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | CPUID_DE |
4016             CPUID_VME | CPUID_FP87,
4017         .features[FEAT_1_ECX] =
4018             CPUID_EXT_RDRAND | CPUID_EXT_F16C | CPUID_EXT_AVX |
4019             CPUID_EXT_XSAVE | CPUID_EXT_POPCNT |
4020             CPUID_EXT_MOVBE | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
4021             CPUID_EXT_CX16 | CPUID_EXT_FMA | CPUID_EXT_SSSE3 |
4022             CPUID_EXT_MONITOR | CPUID_EXT_SSE3,
4023         .features[FEAT_8000_0001_EDX] =
4024             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_PDPE1GB |
4025             CPUID_EXT2_FFXSR | CPUID_EXT2_MMXEXT | CPUID_EXT2_NX |
4026             CPUID_EXT2_SYSCALL,
4027         .features[FEAT_8000_0001_ECX] =
4028             CPUID_EXT3_OSVW | CPUID_EXT3_3DNOWPREFETCH |
4029             CPUID_EXT3_MISALIGNSSE | CPUID_EXT3_SSE4A | CPUID_EXT3_ABM |
4030             CPUID_EXT3_CR8LEG | CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM |
4031             CPUID_EXT3_TOPOEXT,
4032         .features[FEAT_8000_0008_EBX] =
4033             CPUID_8000_0008_EBX_IBPB,
4034         .features[FEAT_7_0_EBX] =
4035             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_AVX2 |
4036             CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_RDSEED |
4037             CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLFLUSHOPT,
4038         /*
4039          * Missing: XSAVES (not supported by some Linux versions,
4040          * including v4.1 to v4.12).
4041          * KVM doesn't yet expose any XSAVES state save component.
4042          */
4043         .features[FEAT_XSAVE] =
4044             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
4045             CPUID_XSAVE_XGETBV1,
4046         .features[FEAT_6_EAX] =
4047             CPUID_6_EAX_ARAT,
4048         .features[FEAT_SVM] =
4049             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE,
4050         .xlevel = 0x8000001E,
4051         .model_id = "Hygon Dhyana Processor",
4052         .cache_info = &epyc_cache_info,
4053     },
4054     {
4055         .name = "EPYC-Rome",
4056         .level = 0xd,
4057         .vendor = CPUID_VENDOR_AMD,
4058         .family = 23,
4059         .model = 49,
4060         .stepping = 0,
4061         .features[FEAT_1_EDX] =
4062             CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | CPUID_CLFLUSH |
4063             CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | CPUID_PGE |
4064             CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | CPUID_MCE |
4065             CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | CPUID_DE |
4066             CPUID_VME | CPUID_FP87,
4067         .features[FEAT_1_ECX] =
4068             CPUID_EXT_RDRAND | CPUID_EXT_F16C | CPUID_EXT_AVX |
4069             CPUID_EXT_XSAVE | CPUID_EXT_AES |  CPUID_EXT_POPCNT |
4070             CPUID_EXT_MOVBE | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
4071             CPUID_EXT_CX16 | CPUID_EXT_FMA | CPUID_EXT_SSSE3 |
4072             CPUID_EXT_MONITOR | CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3,
4073         .features[FEAT_8000_0001_EDX] =
4074             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_PDPE1GB |
4075             CPUID_EXT2_FFXSR | CPUID_EXT2_MMXEXT | CPUID_EXT2_NX |
4076             CPUID_EXT2_SYSCALL,
4077         .features[FEAT_8000_0001_ECX] =
4078             CPUID_EXT3_OSVW | CPUID_EXT3_3DNOWPREFETCH |
4079             CPUID_EXT3_MISALIGNSSE | CPUID_EXT3_SSE4A | CPUID_EXT3_ABM |
4080             CPUID_EXT3_CR8LEG | CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM |
4081             CPUID_EXT3_TOPOEXT | CPUID_EXT3_PERFCORE,
4082         .features[FEAT_8000_0008_EBX] =
4083             CPUID_8000_0008_EBX_CLZERO | CPUID_8000_0008_EBX_XSAVEERPTR |
4084             CPUID_8000_0008_EBX_WBNOINVD | CPUID_8000_0008_EBX_IBPB |
4085             CPUID_8000_0008_EBX_STIBP,
4086         .features[FEAT_7_0_EBX] =
4087             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_AVX2 |
4088             CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_RDSEED |
4089             CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLFLUSHOPT |
4090             CPUID_7_0_EBX_SHA_NI | CPUID_7_0_EBX_CLWB,
4091         .features[FEAT_7_0_ECX] =
4092             CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_RDPID,
4093         .features[FEAT_XSAVE] =
4094             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
4095             CPUID_XSAVE_XGETBV1 | CPUID_XSAVE_XSAVES,
4096         .features[FEAT_6_EAX] =
4097             CPUID_6_EAX_ARAT,
4098         .features[FEAT_SVM] =
4099             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE,
4100         .xlevel = 0x8000001E,
4101         .model_id = "AMD EPYC-Rome Processor",
4102         .cache_info = &epyc_rome_cache_info,
4103         .versions = (X86CPUVersionDefinition[]) {
4104             { .version = 1 },
4105             {
4106                 .version = 2,
4107                 .props = (PropValue[]) {
4108                     { "ibrs", "on" },
4109                     { "amd-ssbd", "on" },
4110                     { /* end of list */ }
4111                 }
4112             },
4113             { /* end of list */ }
4114         }
4115     },
4116     {
4117         .name = "EPYC-Milan",
4118         .level = 0xd,
4119         .vendor = CPUID_VENDOR_AMD,
4120         .family = 25,
4121         .model = 1,
4122         .stepping = 1,
4123         .features[FEAT_1_EDX] =
4124             CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | CPUID_CLFLUSH |
4125             CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | CPUID_PGE |
4126             CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | CPUID_MCE |
4127             CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | CPUID_DE |
4128             CPUID_VME | CPUID_FP87,
4129         .features[FEAT_1_ECX] =
4130             CPUID_EXT_RDRAND | CPUID_EXT_F16C | CPUID_EXT_AVX |
4131             CPUID_EXT_XSAVE | CPUID_EXT_AES |  CPUID_EXT_POPCNT |
4132             CPUID_EXT_MOVBE | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
4133             CPUID_EXT_CX16 | CPUID_EXT_FMA | CPUID_EXT_SSSE3 |
4134             CPUID_EXT_MONITOR | CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
4135             CPUID_EXT_PCID,
4136         .features[FEAT_8000_0001_EDX] =
4137             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_PDPE1GB |
4138             CPUID_EXT2_FFXSR | CPUID_EXT2_MMXEXT | CPUID_EXT2_NX |
4139             CPUID_EXT2_SYSCALL,
4140         .features[FEAT_8000_0001_ECX] =
4141             CPUID_EXT3_OSVW | CPUID_EXT3_3DNOWPREFETCH |
4142             CPUID_EXT3_MISALIGNSSE | CPUID_EXT3_SSE4A | CPUID_EXT3_ABM |
4143             CPUID_EXT3_CR8LEG | CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM |
4144             CPUID_EXT3_TOPOEXT | CPUID_EXT3_PERFCORE,
4145         .features[FEAT_8000_0008_EBX] =
4146             CPUID_8000_0008_EBX_CLZERO | CPUID_8000_0008_EBX_XSAVEERPTR |
4147             CPUID_8000_0008_EBX_WBNOINVD | CPUID_8000_0008_EBX_IBPB |
4148             CPUID_8000_0008_EBX_IBRS | CPUID_8000_0008_EBX_STIBP |
4149             CPUID_8000_0008_EBX_AMD_SSBD,
4150         .features[FEAT_7_0_EBX] =
4151             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_AVX2 |
4152             CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_RDSEED |
4153             CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLFLUSHOPT |
4154             CPUID_7_0_EBX_SHA_NI | CPUID_7_0_EBX_CLWB | CPUID_7_0_EBX_ERMS |
4155             CPUID_7_0_EBX_INVPCID,
4156         .features[FEAT_7_0_ECX] =
4157             CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_RDPID | CPUID_7_0_ECX_PKU,
4158         .features[FEAT_7_0_EDX] =
4159             CPUID_7_0_EDX_FSRM,
4160         .features[FEAT_XSAVE] =
4161             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
4162             CPUID_XSAVE_XGETBV1 | CPUID_XSAVE_XSAVES,
4163         .features[FEAT_6_EAX] =
4164             CPUID_6_EAX_ARAT,
4165         .features[FEAT_SVM] =
4166             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE | CPUID_SVM_SVME_ADDR_CHK,
4167         .xlevel = 0x8000001E,
4168         .model_id = "AMD EPYC-Milan Processor",
4169         .cache_info = &epyc_milan_cache_info,
4170     },
4171 };
4172 
4173 /*
4174  * We resolve CPU model aliases using -v1 when using "-machine
4175  * none", but this is just for compatibility while libvirt isn't
4176  * adapted to resolve CPU model versions before creating VMs.
4177  * See "Runnability guarantee of CPU models" at
4178  * docs/system/deprecated.rst.
4179  */
4180 X86CPUVersion default_cpu_version = 1;
4181 
4182 void x86_cpu_set_default_version(X86CPUVersion version)
4183 {
4184     /* Translating CPU_VERSION_AUTO to CPU_VERSION_AUTO doesn't make sense */
4185     assert(version != CPU_VERSION_AUTO);
4186     default_cpu_version = version;
4187 }
4188 
4189 static X86CPUVersion x86_cpu_model_last_version(const X86CPUModel *model)
4190 {
4191     int v = 0;
4192     const X86CPUVersionDefinition *vdef =
4193         x86_cpu_def_get_versions(model->cpudef);
4194     while (vdef->version) {
4195         v = vdef->version;
4196         vdef++;
4197     }
4198     return v;
4199 }
4200 
4201 /* Return the actual version being used for a specific CPU model */
4202 static X86CPUVersion x86_cpu_model_resolve_version(const X86CPUModel *model)
4203 {
4204     X86CPUVersion v = model->version;
4205     if (v == CPU_VERSION_AUTO) {
4206         v = default_cpu_version;
4207     }
4208     if (v == CPU_VERSION_LATEST) {
4209         return x86_cpu_model_last_version(model);
4210     }
4211     return v;
4212 }
4213 
4214 static Property max_x86_cpu_properties[] = {
4215     DEFINE_PROP_BOOL("migratable", X86CPU, migratable, true),
4216     DEFINE_PROP_BOOL("host-cache-info", X86CPU, cache_info_passthrough, false),
4217     DEFINE_PROP_END_OF_LIST()
4218 };
4219 
4220 static void max_x86_cpu_class_init(ObjectClass *oc, void *data)
4221 {
4222     DeviceClass *dc = DEVICE_CLASS(oc);
4223     X86CPUClass *xcc = X86_CPU_CLASS(oc);
4224 
4225     xcc->ordering = 9;
4226 
4227     xcc->model_description =
4228         "Enables all features supported by the accelerator in the current host";
4229 
4230     device_class_set_props(dc, max_x86_cpu_properties);
4231 }
4232 
4233 static void max_x86_cpu_initfn(Object *obj)
4234 {
4235     X86CPU *cpu = X86_CPU(obj);
4236 
4237     /* We can't fill the features array here because we don't know yet if
4238      * "migratable" is true or false.
4239      */
4240     cpu->max_features = true;
4241     object_property_set_bool(OBJECT(cpu), "pmu", true, &error_abort);
4242 
4243     /*
4244      * these defaults are used for TCG and all other accelerators
4245      * besides KVM and HVF, which overwrite these values
4246      */
4247     object_property_set_str(OBJECT(cpu), "vendor", CPUID_VENDOR_AMD,
4248                             &error_abort);
4249     object_property_set_int(OBJECT(cpu), "family", 6, &error_abort);
4250     object_property_set_int(OBJECT(cpu), "model", 6, &error_abort);
4251     object_property_set_int(OBJECT(cpu), "stepping", 3, &error_abort);
4252     object_property_set_str(OBJECT(cpu), "model-id",
4253                             "QEMU TCG CPU version " QEMU_HW_VERSION,
4254                             &error_abort);
4255 }
4256 
4257 static const TypeInfo max_x86_cpu_type_info = {
4258     .name = X86_CPU_TYPE_NAME("max"),
4259     .parent = TYPE_X86_CPU,
4260     .instance_init = max_x86_cpu_initfn,
4261     .class_init = max_x86_cpu_class_init,
4262 };
4263 
4264 static char *feature_word_description(FeatureWordInfo *f, uint32_t bit)
4265 {
4266     assert(f->type == CPUID_FEATURE_WORD || f->type == MSR_FEATURE_WORD);
4267 
4268     switch (f->type) {
4269     case CPUID_FEATURE_WORD:
4270         {
4271             const char *reg = get_register_name_32(f->cpuid.reg);
4272             assert(reg);
4273             return g_strdup_printf("CPUID.%02XH:%s",
4274                                    f->cpuid.eax, reg);
4275         }
4276     case MSR_FEATURE_WORD:
4277         return g_strdup_printf("MSR(%02XH)",
4278                                f->msr.index);
4279     }
4280 
4281     return NULL;
4282 }
4283 
4284 static bool x86_cpu_have_filtered_features(X86CPU *cpu)
4285 {
4286     FeatureWord w;
4287 
4288     for (w = 0; w < FEATURE_WORDS; w++) {
4289         if (cpu->filtered_features[w]) {
4290             return true;
4291         }
4292     }
4293 
4294     return false;
4295 }
4296 
4297 static void mark_unavailable_features(X86CPU *cpu, FeatureWord w, uint64_t mask,
4298                                       const char *verbose_prefix)
4299 {
4300     CPUX86State *env = &cpu->env;
4301     FeatureWordInfo *f = &feature_word_info[w];
4302     int i;
4303 
4304     if (!cpu->force_features) {
4305         env->features[w] &= ~mask;
4306     }
4307     cpu->filtered_features[w] |= mask;
4308 
4309     if (!verbose_prefix) {
4310         return;
4311     }
4312 
4313     for (i = 0; i < 64; ++i) {
4314         if ((1ULL << i) & mask) {
4315             g_autofree char *feat_word_str = feature_word_description(f, i);
4316             warn_report("%s: %s%s%s [bit %d]",
4317                         verbose_prefix,
4318                         feat_word_str,
4319                         f->feat_names[i] ? "." : "",
4320                         f->feat_names[i] ? f->feat_names[i] : "", i);
4321         }
4322     }
4323 }
4324 
4325 static void x86_cpuid_version_get_family(Object *obj, Visitor *v,
4326                                          const char *name, void *opaque,
4327                                          Error **errp)
4328 {
4329     X86CPU *cpu = X86_CPU(obj);
4330     CPUX86State *env = &cpu->env;
4331     int64_t value;
4332 
4333     value = (env->cpuid_version >> 8) & 0xf;
4334     if (value == 0xf) {
4335         value += (env->cpuid_version >> 20) & 0xff;
4336     }
4337     visit_type_int(v, name, &value, errp);
4338 }
4339 
4340 static void x86_cpuid_version_set_family(Object *obj, Visitor *v,
4341                                          const char *name, void *opaque,
4342                                          Error **errp)
4343 {
4344     X86CPU *cpu = X86_CPU(obj);
4345     CPUX86State *env = &cpu->env;
4346     const int64_t min = 0;
4347     const int64_t max = 0xff + 0xf;
4348     int64_t value;
4349 
4350     if (!visit_type_int(v, name, &value, errp)) {
4351         return;
4352     }
4353     if (value < min || value > max) {
4354         error_setg(errp, QERR_PROPERTY_VALUE_OUT_OF_RANGE, "",
4355                    name ? name : "null", value, min, max);
4356         return;
4357     }
4358 
4359     env->cpuid_version &= ~0xff00f00;
4360     if (value > 0x0f) {
4361         env->cpuid_version |= 0xf00 | ((value - 0x0f) << 20);
4362     } else {
4363         env->cpuid_version |= value << 8;
4364     }
4365 }
4366 
4367 static void x86_cpuid_version_get_model(Object *obj, Visitor *v,
4368                                         const char *name, void *opaque,
4369                                         Error **errp)
4370 {
4371     X86CPU *cpu = X86_CPU(obj);
4372     CPUX86State *env = &cpu->env;
4373     int64_t value;
4374 
4375     value = (env->cpuid_version >> 4) & 0xf;
4376     value |= ((env->cpuid_version >> 16) & 0xf) << 4;
4377     visit_type_int(v, name, &value, errp);
4378 }
4379 
4380 static void x86_cpuid_version_set_model(Object *obj, Visitor *v,
4381                                         const char *name, void *opaque,
4382                                         Error **errp)
4383 {
4384     X86CPU *cpu = X86_CPU(obj);
4385     CPUX86State *env = &cpu->env;
4386     const int64_t min = 0;
4387     const int64_t max = 0xff;
4388     int64_t value;
4389 
4390     if (!visit_type_int(v, name, &value, errp)) {
4391         return;
4392     }
4393     if (value < min || value > max) {
4394         error_setg(errp, QERR_PROPERTY_VALUE_OUT_OF_RANGE, "",
4395                    name ? name : "null", value, min, max);
4396         return;
4397     }
4398 
4399     env->cpuid_version &= ~0xf00f0;
4400     env->cpuid_version |= ((value & 0xf) << 4) | ((value >> 4) << 16);
4401 }
4402 
4403 static void x86_cpuid_version_get_stepping(Object *obj, Visitor *v,
4404                                            const char *name, void *opaque,
4405                                            Error **errp)
4406 {
4407     X86CPU *cpu = X86_CPU(obj);
4408     CPUX86State *env = &cpu->env;
4409     int64_t value;
4410 
4411     value = env->cpuid_version & 0xf;
4412     visit_type_int(v, name, &value, errp);
4413 }
4414 
4415 static void x86_cpuid_version_set_stepping(Object *obj, Visitor *v,
4416                                            const char *name, void *opaque,
4417                                            Error **errp)
4418 {
4419     X86CPU *cpu = X86_CPU(obj);
4420     CPUX86State *env = &cpu->env;
4421     const int64_t min = 0;
4422     const int64_t max = 0xf;
4423     int64_t value;
4424 
4425     if (!visit_type_int(v, name, &value, errp)) {
4426         return;
4427     }
4428     if (value < min || value > max) {
4429         error_setg(errp, QERR_PROPERTY_VALUE_OUT_OF_RANGE, "",
4430                    name ? name : "null", value, min, max);
4431         return;
4432     }
4433 
4434     env->cpuid_version &= ~0xf;
4435     env->cpuid_version |= value & 0xf;
4436 }
4437 
4438 static char *x86_cpuid_get_vendor(Object *obj, Error **errp)
4439 {
4440     X86CPU *cpu = X86_CPU(obj);
4441     CPUX86State *env = &cpu->env;
4442     char *value;
4443 
4444     value = g_malloc(CPUID_VENDOR_SZ + 1);
4445     x86_cpu_vendor_words2str(value, env->cpuid_vendor1, env->cpuid_vendor2,
4446                              env->cpuid_vendor3);
4447     return value;
4448 }
4449 
4450 static void x86_cpuid_set_vendor(Object *obj, const char *value,
4451                                  Error **errp)
4452 {
4453     X86CPU *cpu = X86_CPU(obj);
4454     CPUX86State *env = &cpu->env;
4455     int i;
4456 
4457     if (strlen(value) != CPUID_VENDOR_SZ) {
4458         error_setg(errp, QERR_PROPERTY_VALUE_BAD, "", "vendor", value);
4459         return;
4460     }
4461 
4462     env->cpuid_vendor1 = 0;
4463     env->cpuid_vendor2 = 0;
4464     env->cpuid_vendor3 = 0;
4465     for (i = 0; i < 4; i++) {
4466         env->cpuid_vendor1 |= ((uint8_t)value[i    ]) << (8 * i);
4467         env->cpuid_vendor2 |= ((uint8_t)value[i + 4]) << (8 * i);
4468         env->cpuid_vendor3 |= ((uint8_t)value[i + 8]) << (8 * i);
4469     }
4470 }
4471 
4472 static char *x86_cpuid_get_model_id(Object *obj, Error **errp)
4473 {
4474     X86CPU *cpu = X86_CPU(obj);
4475     CPUX86State *env = &cpu->env;
4476     char *value;
4477     int i;
4478 
4479     value = g_malloc(48 + 1);
4480     for (i = 0; i < 48; i++) {
4481         value[i] = env->cpuid_model[i >> 2] >> (8 * (i & 3));
4482     }
4483     value[48] = '\0';
4484     return value;
4485 }
4486 
4487 static void x86_cpuid_set_model_id(Object *obj, const char *model_id,
4488                                    Error **errp)
4489 {
4490     X86CPU *cpu = X86_CPU(obj);
4491     CPUX86State *env = &cpu->env;
4492     int c, len, i;
4493 
4494     if (model_id == NULL) {
4495         model_id = "";
4496     }
4497     len = strlen(model_id);
4498     memset(env->cpuid_model, 0, 48);
4499     for (i = 0; i < 48; i++) {
4500         if (i >= len) {
4501             c = '\0';
4502         } else {
4503             c = (uint8_t)model_id[i];
4504         }
4505         env->cpuid_model[i >> 2] |= c << (8 * (i & 3));
4506     }
4507 }
4508 
4509 static void x86_cpuid_get_tsc_freq(Object *obj, Visitor *v, const char *name,
4510                                    void *opaque, Error **errp)
4511 {
4512     X86CPU *cpu = X86_CPU(obj);
4513     int64_t value;
4514 
4515     value = cpu->env.tsc_khz * 1000;
4516     visit_type_int(v, name, &value, errp);
4517 }
4518 
4519 static void x86_cpuid_set_tsc_freq(Object *obj, Visitor *v, const char *name,
4520                                    void *opaque, Error **errp)
4521 {
4522     X86CPU *cpu = X86_CPU(obj);
4523     const int64_t min = 0;
4524     const int64_t max = INT64_MAX;
4525     int64_t value;
4526 
4527     if (!visit_type_int(v, name, &value, errp)) {
4528         return;
4529     }
4530     if (value < min || value > max) {
4531         error_setg(errp, QERR_PROPERTY_VALUE_OUT_OF_RANGE, "",
4532                    name ? name : "null", value, min, max);
4533         return;
4534     }
4535 
4536     cpu->env.tsc_khz = cpu->env.user_tsc_khz = value / 1000;
4537 }
4538 
4539 /* Generic getter for "feature-words" and "filtered-features" properties */
4540 static void x86_cpu_get_feature_words(Object *obj, Visitor *v,
4541                                       const char *name, void *opaque,
4542                                       Error **errp)
4543 {
4544     uint64_t *array = (uint64_t *)opaque;
4545     FeatureWord w;
4546     X86CPUFeatureWordInfo word_infos[FEATURE_WORDS] = { };
4547     X86CPUFeatureWordInfoList list_entries[FEATURE_WORDS] = { };
4548     X86CPUFeatureWordInfoList *list = NULL;
4549 
4550     for (w = 0; w < FEATURE_WORDS; w++) {
4551         FeatureWordInfo *wi = &feature_word_info[w];
4552         /*
4553                 * We didn't have MSR features when "feature-words" was
4554                 *  introduced. Therefore skipped other type entries.
4555                 */
4556         if (wi->type != CPUID_FEATURE_WORD) {
4557             continue;
4558         }
4559         X86CPUFeatureWordInfo *qwi = &word_infos[w];
4560         qwi->cpuid_input_eax = wi->cpuid.eax;
4561         qwi->has_cpuid_input_ecx = wi->cpuid.needs_ecx;
4562         qwi->cpuid_input_ecx = wi->cpuid.ecx;
4563         qwi->cpuid_register = x86_reg_info_32[wi->cpuid.reg].qapi_enum;
4564         qwi->features = array[w];
4565 
4566         /* List will be in reverse order, but order shouldn't matter */
4567         list_entries[w].next = list;
4568         list_entries[w].value = &word_infos[w];
4569         list = &list_entries[w];
4570     }
4571 
4572     visit_type_X86CPUFeatureWordInfoList(v, "feature-words", &list, errp);
4573 }
4574 
4575 /* Convert all '_' in a feature string option name to '-', to make feature
4576  * name conform to QOM property naming rule, which uses '-' instead of '_'.
4577  */
4578 static inline void feat2prop(char *s)
4579 {
4580     while ((s = strchr(s, '_'))) {
4581         *s = '-';
4582     }
4583 }
4584 
4585 /* Return the feature property name for a feature flag bit */
4586 static const char *x86_cpu_feature_name(FeatureWord w, int bitnr)
4587 {
4588     const char *name;
4589     /* XSAVE components are automatically enabled by other features,
4590      * so return the original feature name instead
4591      */
4592     if (w == FEAT_XSAVE_COMP_LO || w == FEAT_XSAVE_COMP_HI) {
4593         int comp = (w == FEAT_XSAVE_COMP_HI) ? bitnr + 32 : bitnr;
4594 
4595         if (comp < ARRAY_SIZE(x86_ext_save_areas) &&
4596             x86_ext_save_areas[comp].bits) {
4597             w = x86_ext_save_areas[comp].feature;
4598             bitnr = ctz32(x86_ext_save_areas[comp].bits);
4599         }
4600     }
4601 
4602     assert(bitnr < 64);
4603     assert(w < FEATURE_WORDS);
4604     name = feature_word_info[w].feat_names[bitnr];
4605     assert(bitnr < 32 || !(name && feature_word_info[w].type == CPUID_FEATURE_WORD));
4606     return name;
4607 }
4608 
4609 /* Compatibily hack to maintain legacy +-feat semantic,
4610  * where +-feat overwrites any feature set by
4611  * feat=on|feat even if the later is parsed after +-feat
4612  * (i.e. "-x2apic,x2apic=on" will result in x2apic disabled)
4613  */
4614 static GList *plus_features, *minus_features;
4615 
4616 static gint compare_string(gconstpointer a, gconstpointer b)
4617 {
4618     return g_strcmp0(a, b);
4619 }
4620 
4621 /* Parse "+feature,-feature,feature=foo" CPU feature string
4622  */
4623 static void x86_cpu_parse_featurestr(const char *typename, char *features,
4624                                      Error **errp)
4625 {
4626     char *featurestr; /* Single 'key=value" string being parsed */
4627     static bool cpu_globals_initialized;
4628     bool ambiguous = false;
4629 
4630     if (cpu_globals_initialized) {
4631         return;
4632     }
4633     cpu_globals_initialized = true;
4634 
4635     if (!features) {
4636         return;
4637     }
4638 
4639     for (featurestr = strtok(features, ",");
4640          featurestr;
4641          featurestr = strtok(NULL, ",")) {
4642         const char *name;
4643         const char *val = NULL;
4644         char *eq = NULL;
4645         char num[32];
4646         GlobalProperty *prop;
4647 
4648         /* Compatibility syntax: */
4649         if (featurestr[0] == '+') {
4650             plus_features = g_list_append(plus_features,
4651                                           g_strdup(featurestr + 1));
4652             continue;
4653         } else if (featurestr[0] == '-') {
4654             minus_features = g_list_append(minus_features,
4655                                            g_strdup(featurestr + 1));
4656             continue;
4657         }
4658 
4659         eq = strchr(featurestr, '=');
4660         if (eq) {
4661             *eq++ = 0;
4662             val = eq;
4663         } else {
4664             val = "on";
4665         }
4666 
4667         feat2prop(featurestr);
4668         name = featurestr;
4669 
4670         if (g_list_find_custom(plus_features, name, compare_string)) {
4671             warn_report("Ambiguous CPU model string. "
4672                         "Don't mix both \"+%s\" and \"%s=%s\"",
4673                         name, name, val);
4674             ambiguous = true;
4675         }
4676         if (g_list_find_custom(minus_features, name, compare_string)) {
4677             warn_report("Ambiguous CPU model string. "
4678                         "Don't mix both \"-%s\" and \"%s=%s\"",
4679                         name, name, val);
4680             ambiguous = true;
4681         }
4682 
4683         /* Special case: */
4684         if (!strcmp(name, "tsc-freq")) {
4685             int ret;
4686             uint64_t tsc_freq;
4687 
4688             ret = qemu_strtosz_metric(val, NULL, &tsc_freq);
4689             if (ret < 0 || tsc_freq > INT64_MAX) {
4690                 error_setg(errp, "bad numerical value %s", val);
4691                 return;
4692             }
4693             snprintf(num, sizeof(num), "%" PRId64, tsc_freq);
4694             val = num;
4695             name = "tsc-frequency";
4696         }
4697 
4698         prop = g_new0(typeof(*prop), 1);
4699         prop->driver = typename;
4700         prop->property = g_strdup(name);
4701         prop->value = g_strdup(val);
4702         qdev_prop_register_global(prop);
4703     }
4704 
4705     if (ambiguous) {
4706         warn_report("Compatibility of ambiguous CPU model "
4707                     "strings won't be kept on future QEMU versions");
4708     }
4709 }
4710 
4711 static void x86_cpu_filter_features(X86CPU *cpu, bool verbose);
4712 
4713 /* Build a list with the name of all features on a feature word array */
4714 static void x86_cpu_list_feature_names(FeatureWordArray features,
4715                                        strList **list)
4716 {
4717     strList **tail = list;
4718     FeatureWord w;
4719 
4720     for (w = 0; w < FEATURE_WORDS; w++) {
4721         uint64_t filtered = features[w];
4722         int i;
4723         for (i = 0; i < 64; i++) {
4724             if (filtered & (1ULL << i)) {
4725                 QAPI_LIST_APPEND(tail, g_strdup(x86_cpu_feature_name(w, i)));
4726             }
4727         }
4728     }
4729 }
4730 
4731 static void x86_cpu_get_unavailable_features(Object *obj, Visitor *v,
4732                                              const char *name, void *opaque,
4733                                              Error **errp)
4734 {
4735     X86CPU *xc = X86_CPU(obj);
4736     strList *result = NULL;
4737 
4738     x86_cpu_list_feature_names(xc->filtered_features, &result);
4739     visit_type_strList(v, "unavailable-features", &result, errp);
4740 }
4741 
4742 /* Check for missing features that may prevent the CPU class from
4743  * running using the current machine and accelerator.
4744  */
4745 static void x86_cpu_class_check_missing_features(X86CPUClass *xcc,
4746                                                  strList **list)
4747 {
4748     strList **tail = list;
4749     X86CPU *xc;
4750     Error *err = NULL;
4751 
4752     if (xcc->host_cpuid_required && !accel_uses_host_cpuid()) {
4753         QAPI_LIST_APPEND(tail, g_strdup("kvm"));
4754         return;
4755     }
4756 
4757     xc = X86_CPU(object_new_with_class(OBJECT_CLASS(xcc)));
4758 
4759     x86_cpu_expand_features(xc, &err);
4760     if (err) {
4761         /* Errors at x86_cpu_expand_features should never happen,
4762          * but in case it does, just report the model as not
4763          * runnable at all using the "type" property.
4764          */
4765         QAPI_LIST_APPEND(tail, g_strdup("type"));
4766         error_free(err);
4767     }
4768 
4769     x86_cpu_filter_features(xc, false);
4770 
4771     x86_cpu_list_feature_names(xc->filtered_features, tail);
4772 
4773     object_unref(OBJECT(xc));
4774 }
4775 
4776 /* Print all cpuid feature names in featureset
4777  */
4778 static void listflags(GList *features)
4779 {
4780     size_t len = 0;
4781     GList *tmp;
4782 
4783     for (tmp = features; tmp; tmp = tmp->next) {
4784         const char *name = tmp->data;
4785         if ((len + strlen(name) + 1) >= 75) {
4786             qemu_printf("\n");
4787             len = 0;
4788         }
4789         qemu_printf("%s%s", len == 0 ? "  " : " ", name);
4790         len += strlen(name) + 1;
4791     }
4792     qemu_printf("\n");
4793 }
4794 
4795 /* Sort alphabetically by type name, respecting X86CPUClass::ordering. */
4796 static gint x86_cpu_list_compare(gconstpointer a, gconstpointer b)
4797 {
4798     ObjectClass *class_a = (ObjectClass *)a;
4799     ObjectClass *class_b = (ObjectClass *)b;
4800     X86CPUClass *cc_a = X86_CPU_CLASS(class_a);
4801     X86CPUClass *cc_b = X86_CPU_CLASS(class_b);
4802     int ret;
4803 
4804     if (cc_a->ordering != cc_b->ordering) {
4805         ret = cc_a->ordering - cc_b->ordering;
4806     } else {
4807         g_autofree char *name_a = x86_cpu_class_get_model_name(cc_a);
4808         g_autofree char *name_b = x86_cpu_class_get_model_name(cc_b);
4809         ret = strcmp(name_a, name_b);
4810     }
4811     return ret;
4812 }
4813 
4814 static GSList *get_sorted_cpu_model_list(void)
4815 {
4816     GSList *list = object_class_get_list(TYPE_X86_CPU, false);
4817     list = g_slist_sort(list, x86_cpu_list_compare);
4818     return list;
4819 }
4820 
4821 static char *x86_cpu_class_get_model_id(X86CPUClass *xc)
4822 {
4823     Object *obj = object_new_with_class(OBJECT_CLASS(xc));
4824     char *r = object_property_get_str(obj, "model-id", &error_abort);
4825     object_unref(obj);
4826     return r;
4827 }
4828 
4829 static char *x86_cpu_class_get_alias_of(X86CPUClass *cc)
4830 {
4831     X86CPUVersion version;
4832 
4833     if (!cc->model || !cc->model->is_alias) {
4834         return NULL;
4835     }
4836     version = x86_cpu_model_resolve_version(cc->model);
4837     if (version <= 0) {
4838         return NULL;
4839     }
4840     return x86_cpu_versioned_model_name(cc->model->cpudef, version);
4841 }
4842 
4843 static void x86_cpu_list_entry(gpointer data, gpointer user_data)
4844 {
4845     ObjectClass *oc = data;
4846     X86CPUClass *cc = X86_CPU_CLASS(oc);
4847     g_autofree char *name = x86_cpu_class_get_model_name(cc);
4848     g_autofree char *desc = g_strdup(cc->model_description);
4849     g_autofree char *alias_of = x86_cpu_class_get_alias_of(cc);
4850     g_autofree char *model_id = x86_cpu_class_get_model_id(cc);
4851 
4852     if (!desc && alias_of) {
4853         if (cc->model && cc->model->version == CPU_VERSION_AUTO) {
4854             desc = g_strdup("(alias configured by machine type)");
4855         } else {
4856             desc = g_strdup_printf("(alias of %s)", alias_of);
4857         }
4858     }
4859     if (!desc && cc->model && cc->model->note) {
4860         desc = g_strdup_printf("%s [%s]", model_id, cc->model->note);
4861     }
4862     if (!desc) {
4863         desc = g_strdup_printf("%s", model_id);
4864     }
4865 
4866     qemu_printf("x86 %-20s  %-58s\n", name, desc);
4867 }
4868 
4869 /* list available CPU models and flags */
4870 void x86_cpu_list(void)
4871 {
4872     int i, j;
4873     GSList *list;
4874     GList *names = NULL;
4875 
4876     qemu_printf("Available CPUs:\n");
4877     list = get_sorted_cpu_model_list();
4878     g_slist_foreach(list, x86_cpu_list_entry, NULL);
4879     g_slist_free(list);
4880 
4881     names = NULL;
4882     for (i = 0; i < ARRAY_SIZE(feature_word_info); i++) {
4883         FeatureWordInfo *fw = &feature_word_info[i];
4884         for (j = 0; j < 64; j++) {
4885             if (fw->feat_names[j]) {
4886                 names = g_list_append(names, (gpointer)fw->feat_names[j]);
4887             }
4888         }
4889     }
4890 
4891     names = g_list_sort(names, (GCompareFunc)strcmp);
4892 
4893     qemu_printf("\nRecognized CPUID flags:\n");
4894     listflags(names);
4895     qemu_printf("\n");
4896     g_list_free(names);
4897 }
4898 
4899 static void x86_cpu_definition_entry(gpointer data, gpointer user_data)
4900 {
4901     ObjectClass *oc = data;
4902     X86CPUClass *cc = X86_CPU_CLASS(oc);
4903     CpuDefinitionInfoList **cpu_list = user_data;
4904     CpuDefinitionInfo *info;
4905 
4906     info = g_malloc0(sizeof(*info));
4907     info->name = x86_cpu_class_get_model_name(cc);
4908     x86_cpu_class_check_missing_features(cc, &info->unavailable_features);
4909     info->has_unavailable_features = true;
4910     info->q_typename = g_strdup(object_class_get_name(oc));
4911     info->migration_safe = cc->migration_safe;
4912     info->has_migration_safe = true;
4913     info->q_static = cc->static_model;
4914     if (cc->model && cc->model->cpudef->deprecation_note) {
4915         info->deprecated = true;
4916     } else {
4917         info->deprecated = false;
4918     }
4919     /*
4920      * Old machine types won't report aliases, so that alias translation
4921      * doesn't break compatibility with previous QEMU versions.
4922      */
4923     if (default_cpu_version != CPU_VERSION_LEGACY) {
4924         info->alias_of = x86_cpu_class_get_alias_of(cc);
4925         info->has_alias_of = !!info->alias_of;
4926     }
4927 
4928     QAPI_LIST_PREPEND(*cpu_list, info);
4929 }
4930 
4931 CpuDefinitionInfoList *qmp_query_cpu_definitions(Error **errp)
4932 {
4933     CpuDefinitionInfoList *cpu_list = NULL;
4934     GSList *list = get_sorted_cpu_model_list();
4935     g_slist_foreach(list, x86_cpu_definition_entry, &cpu_list);
4936     g_slist_free(list);
4937     return cpu_list;
4938 }
4939 
4940 static uint64_t x86_cpu_get_supported_feature_word(FeatureWord w,
4941                                                    bool migratable_only)
4942 {
4943     FeatureWordInfo *wi = &feature_word_info[w];
4944     uint64_t r = 0;
4945 
4946     if (kvm_enabled()) {
4947         switch (wi->type) {
4948         case CPUID_FEATURE_WORD:
4949             r = kvm_arch_get_supported_cpuid(kvm_state, wi->cpuid.eax,
4950                                                         wi->cpuid.ecx,
4951                                                         wi->cpuid.reg);
4952             break;
4953         case MSR_FEATURE_WORD:
4954             r = kvm_arch_get_supported_msr_feature(kvm_state,
4955                         wi->msr.index);
4956             break;
4957         }
4958     } else if (hvf_enabled()) {
4959         if (wi->type != CPUID_FEATURE_WORD) {
4960             return 0;
4961         }
4962         r = hvf_get_supported_cpuid(wi->cpuid.eax,
4963                                     wi->cpuid.ecx,
4964                                     wi->cpuid.reg);
4965     } else if (tcg_enabled()) {
4966         r = wi->tcg_features;
4967     } else {
4968         return ~0;
4969     }
4970 #ifndef TARGET_X86_64
4971     if (w == FEAT_8000_0001_EDX) {
4972         r &= ~CPUID_EXT2_LM;
4973     }
4974 #endif
4975     if (migratable_only) {
4976         r &= x86_cpu_get_migratable_flags(w);
4977     }
4978     return r;
4979 }
4980 
4981 void x86_cpu_apply_props(X86CPU *cpu, PropValue *props)
4982 {
4983     PropValue *pv;
4984     for (pv = props; pv->prop; pv++) {
4985         if (!pv->value) {
4986             continue;
4987         }
4988         object_property_parse(OBJECT(cpu), pv->prop, pv->value,
4989                               &error_abort);
4990     }
4991 }
4992 
4993 /* Apply properties for the CPU model version specified in model */
4994 static void x86_cpu_apply_version_props(X86CPU *cpu, X86CPUModel *model)
4995 {
4996     const X86CPUVersionDefinition *vdef;
4997     X86CPUVersion version = x86_cpu_model_resolve_version(model);
4998 
4999     if (version == CPU_VERSION_LEGACY) {
5000         return;
5001     }
5002 
5003     for (vdef = x86_cpu_def_get_versions(model->cpudef); vdef->version; vdef++) {
5004         PropValue *p;
5005 
5006         for (p = vdef->props; p && p->prop; p++) {
5007             object_property_parse(OBJECT(cpu), p->prop, p->value,
5008                                   &error_abort);
5009         }
5010 
5011         if (vdef->version == version) {
5012             break;
5013         }
5014     }
5015 
5016     /*
5017      * If we reached the end of the list, version number was invalid
5018      */
5019     assert(vdef->version == version);
5020 }
5021 
5022 /* Load data from X86CPUDefinition into a X86CPU object
5023  */
5024 static void x86_cpu_load_model(X86CPU *cpu, X86CPUModel *model)
5025 {
5026     X86CPUDefinition *def = model->cpudef;
5027     CPUX86State *env = &cpu->env;
5028     FeatureWord w;
5029 
5030     /*NOTE: any property set by this function should be returned by
5031      * x86_cpu_static_props(), so static expansion of
5032      * query-cpu-model-expansion is always complete.
5033      */
5034 
5035     /* CPU models only set _minimum_ values for level/xlevel: */
5036     object_property_set_uint(OBJECT(cpu), "min-level", def->level,
5037                              &error_abort);
5038     object_property_set_uint(OBJECT(cpu), "min-xlevel", def->xlevel,
5039                              &error_abort);
5040 
5041     object_property_set_int(OBJECT(cpu), "family", def->family, &error_abort);
5042     object_property_set_int(OBJECT(cpu), "model", def->model, &error_abort);
5043     object_property_set_int(OBJECT(cpu), "stepping", def->stepping,
5044                             &error_abort);
5045     object_property_set_str(OBJECT(cpu), "model-id", def->model_id,
5046                             &error_abort);
5047     for (w = 0; w < FEATURE_WORDS; w++) {
5048         env->features[w] = def->features[w];
5049     }
5050 
5051     /* legacy-cache defaults to 'off' if CPU model provides cache info */
5052     cpu->legacy_cache = !def->cache_info;
5053 
5054     env->features[FEAT_1_ECX] |= CPUID_EXT_HYPERVISOR;
5055 
5056     /* sysenter isn't supported in compatibility mode on AMD,
5057      * syscall isn't supported in compatibility mode on Intel.
5058      * Normally we advertise the actual CPU vendor, but you can
5059      * override this using the 'vendor' property if you want to use
5060      * KVM's sysenter/syscall emulation in compatibility mode and
5061      * when doing cross vendor migration
5062      */
5063 
5064     /*
5065      * vendor property is set here but then overloaded with the
5066      * host cpu vendor for KVM and HVF.
5067      */
5068     object_property_set_str(OBJECT(cpu), "vendor", def->vendor, &error_abort);
5069 
5070     x86_cpu_apply_version_props(cpu, model);
5071 
5072     /*
5073      * Properties in versioned CPU model are not user specified features.
5074      * We can simply clear env->user_features here since it will be filled later
5075      * in x86_cpu_expand_features() based on plus_features and minus_features.
5076      */
5077     memset(&env->user_features, 0, sizeof(env->user_features));
5078 }
5079 
5080 static gchar *x86_gdb_arch_name(CPUState *cs)
5081 {
5082 #ifdef TARGET_X86_64
5083     return g_strdup("i386:x86-64");
5084 #else
5085     return g_strdup("i386");
5086 #endif
5087 }
5088 
5089 static void x86_cpu_cpudef_class_init(ObjectClass *oc, void *data)
5090 {
5091     X86CPUModel *model = data;
5092     X86CPUClass *xcc = X86_CPU_CLASS(oc);
5093     CPUClass *cc = CPU_CLASS(oc);
5094 
5095     xcc->model = model;
5096     xcc->migration_safe = true;
5097     cc->deprecation_note = model->cpudef->deprecation_note;
5098 }
5099 
5100 static void x86_register_cpu_model_type(const char *name, X86CPUModel *model)
5101 {
5102     g_autofree char *typename = x86_cpu_type_name(name);
5103     TypeInfo ti = {
5104         .name = typename,
5105         .parent = TYPE_X86_CPU,
5106         .class_init = x86_cpu_cpudef_class_init,
5107         .class_data = model,
5108     };
5109 
5110     type_register(&ti);
5111 }
5112 
5113 static void x86_register_cpudef_types(X86CPUDefinition *def)
5114 {
5115     X86CPUModel *m;
5116     const X86CPUVersionDefinition *vdef;
5117 
5118     /* AMD aliases are handled at runtime based on CPUID vendor, so
5119      * they shouldn't be set on the CPU model table.
5120      */
5121     assert(!(def->features[FEAT_8000_0001_EDX] & CPUID_EXT2_AMD_ALIASES));
5122     /* catch mistakes instead of silently truncating model_id when too long */
5123     assert(def->model_id && strlen(def->model_id) <= 48);
5124 
5125     /* Unversioned model: */
5126     m = g_new0(X86CPUModel, 1);
5127     m->cpudef = def;
5128     m->version = CPU_VERSION_AUTO;
5129     m->is_alias = true;
5130     x86_register_cpu_model_type(def->name, m);
5131 
5132     /* Versioned models: */
5133 
5134     for (vdef = x86_cpu_def_get_versions(def); vdef->version; vdef++) {
5135         X86CPUModel *m = g_new0(X86CPUModel, 1);
5136         g_autofree char *name =
5137             x86_cpu_versioned_model_name(def, vdef->version);
5138         m->cpudef = def;
5139         m->version = vdef->version;
5140         m->note = vdef->note;
5141         x86_register_cpu_model_type(name, m);
5142 
5143         if (vdef->alias) {
5144             X86CPUModel *am = g_new0(X86CPUModel, 1);
5145             am->cpudef = def;
5146             am->version = vdef->version;
5147             am->is_alias = true;
5148             x86_register_cpu_model_type(vdef->alias, am);
5149         }
5150     }
5151 
5152 }
5153 
5154 void cpu_x86_cpuid(CPUX86State *env, uint32_t index, uint32_t count,
5155                    uint32_t *eax, uint32_t *ebx,
5156                    uint32_t *ecx, uint32_t *edx)
5157 {
5158     X86CPU *cpu = env_archcpu(env);
5159     CPUState *cs = env_cpu(env);
5160     uint32_t die_offset;
5161     uint32_t limit;
5162     uint32_t signature[3];
5163     X86CPUTopoInfo topo_info;
5164 
5165     topo_info.dies_per_pkg = env->nr_dies;
5166     topo_info.cores_per_die = cs->nr_cores;
5167     topo_info.threads_per_core = cs->nr_threads;
5168 
5169     /* Calculate & apply limits for different index ranges */
5170     if (index >= 0xC0000000) {
5171         limit = env->cpuid_xlevel2;
5172     } else if (index >= 0x80000000) {
5173         limit = env->cpuid_xlevel;
5174     } else if (index >= 0x40000000) {
5175         limit = 0x40000001;
5176     } else {
5177         limit = env->cpuid_level;
5178     }
5179 
5180     if (index > limit) {
5181         /* Intel documentation states that invalid EAX input will
5182          * return the same information as EAX=cpuid_level
5183          * (Intel SDM Vol. 2A - Instruction Set Reference - CPUID)
5184          */
5185         index = env->cpuid_level;
5186     }
5187 
5188     switch(index) {
5189     case 0:
5190         *eax = env->cpuid_level;
5191         *ebx = env->cpuid_vendor1;
5192         *edx = env->cpuid_vendor2;
5193         *ecx = env->cpuid_vendor3;
5194         break;
5195     case 1:
5196         *eax = env->cpuid_version;
5197         *ebx = (cpu->apic_id << 24) |
5198                8 << 8; /* CLFLUSH size in quad words, Linux wants it. */
5199         *ecx = env->features[FEAT_1_ECX];
5200         if ((*ecx & CPUID_EXT_XSAVE) && (env->cr[4] & CR4_OSXSAVE_MASK)) {
5201             *ecx |= CPUID_EXT_OSXSAVE;
5202         }
5203         *edx = env->features[FEAT_1_EDX];
5204         if (cs->nr_cores * cs->nr_threads > 1) {
5205             *ebx |= (cs->nr_cores * cs->nr_threads) << 16;
5206             *edx |= CPUID_HT;
5207         }
5208         if (!cpu->enable_pmu) {
5209             *ecx &= ~CPUID_EXT_PDCM;
5210         }
5211         break;
5212     case 2:
5213         /* cache info: needed for Pentium Pro compatibility */
5214         if (cpu->cache_info_passthrough) {
5215             host_cpuid(index, 0, eax, ebx, ecx, edx);
5216             break;
5217         }
5218         *eax = 1; /* Number of CPUID[EAX=2] calls required */
5219         *ebx = 0;
5220         if (!cpu->enable_l3_cache) {
5221             *ecx = 0;
5222         } else {
5223             *ecx = cpuid2_cache_descriptor(env->cache_info_cpuid2.l3_cache);
5224         }
5225         *edx = (cpuid2_cache_descriptor(env->cache_info_cpuid2.l1d_cache) << 16) |
5226                (cpuid2_cache_descriptor(env->cache_info_cpuid2.l1i_cache) <<  8) |
5227                (cpuid2_cache_descriptor(env->cache_info_cpuid2.l2_cache));
5228         break;
5229     case 4:
5230         /* cache info: needed for Core compatibility */
5231         if (cpu->cache_info_passthrough) {
5232             host_cpuid(index, count, eax, ebx, ecx, edx);
5233             /* QEMU gives out its own APIC IDs, never pass down bits 31..26.  */
5234             *eax &= ~0xFC000000;
5235             if ((*eax & 31) && cs->nr_cores > 1) {
5236                 *eax |= (cs->nr_cores - 1) << 26;
5237             }
5238         } else {
5239             *eax = 0;
5240             switch (count) {
5241             case 0: /* L1 dcache info */
5242                 encode_cache_cpuid4(env->cache_info_cpuid4.l1d_cache,
5243                                     1, cs->nr_cores,
5244                                     eax, ebx, ecx, edx);
5245                 break;
5246             case 1: /* L1 icache info */
5247                 encode_cache_cpuid4(env->cache_info_cpuid4.l1i_cache,
5248                                     1, cs->nr_cores,
5249                                     eax, ebx, ecx, edx);
5250                 break;
5251             case 2: /* L2 cache info */
5252                 encode_cache_cpuid4(env->cache_info_cpuid4.l2_cache,
5253                                     cs->nr_threads, cs->nr_cores,
5254                                     eax, ebx, ecx, edx);
5255                 break;
5256             case 3: /* L3 cache info */
5257                 die_offset = apicid_die_offset(&topo_info);
5258                 if (cpu->enable_l3_cache) {
5259                     encode_cache_cpuid4(env->cache_info_cpuid4.l3_cache,
5260                                         (1 << die_offset), cs->nr_cores,
5261                                         eax, ebx, ecx, edx);
5262                     break;
5263                 }
5264                 /* fall through */
5265             default: /* end of info */
5266                 *eax = *ebx = *ecx = *edx = 0;
5267                 break;
5268             }
5269         }
5270         break;
5271     case 5:
5272         /* MONITOR/MWAIT Leaf */
5273         *eax = cpu->mwait.eax; /* Smallest monitor-line size in bytes */
5274         *ebx = cpu->mwait.ebx; /* Largest monitor-line size in bytes */
5275         *ecx = cpu->mwait.ecx; /* flags */
5276         *edx = cpu->mwait.edx; /* mwait substates */
5277         break;
5278     case 6:
5279         /* Thermal and Power Leaf */
5280         *eax = env->features[FEAT_6_EAX];
5281         *ebx = 0;
5282         *ecx = 0;
5283         *edx = 0;
5284         break;
5285     case 7:
5286         /* Structured Extended Feature Flags Enumeration Leaf */
5287         if (count == 0) {
5288             /* Maximum ECX value for sub-leaves */
5289             *eax = env->cpuid_level_func7;
5290             *ebx = env->features[FEAT_7_0_EBX]; /* Feature flags */
5291             *ecx = env->features[FEAT_7_0_ECX]; /* Feature flags */
5292             if ((*ecx & CPUID_7_0_ECX_PKU) && env->cr[4] & CR4_PKE_MASK) {
5293                 *ecx |= CPUID_7_0_ECX_OSPKE;
5294             }
5295             *edx = env->features[FEAT_7_0_EDX]; /* Feature flags */
5296         } else if (count == 1) {
5297             *eax = env->features[FEAT_7_1_EAX];
5298             *ebx = 0;
5299             *ecx = 0;
5300             *edx = 0;
5301         } else {
5302             *eax = 0;
5303             *ebx = 0;
5304             *ecx = 0;
5305             *edx = 0;
5306         }
5307         break;
5308     case 9:
5309         /* Direct Cache Access Information Leaf */
5310         *eax = 0; /* Bits 0-31 in DCA_CAP MSR */
5311         *ebx = 0;
5312         *ecx = 0;
5313         *edx = 0;
5314         break;
5315     case 0xA:
5316         /* Architectural Performance Monitoring Leaf */
5317         if (kvm_enabled() && cpu->enable_pmu) {
5318             KVMState *s = cs->kvm_state;
5319 
5320             *eax = kvm_arch_get_supported_cpuid(s, 0xA, count, R_EAX);
5321             *ebx = kvm_arch_get_supported_cpuid(s, 0xA, count, R_EBX);
5322             *ecx = kvm_arch_get_supported_cpuid(s, 0xA, count, R_ECX);
5323             *edx = kvm_arch_get_supported_cpuid(s, 0xA, count, R_EDX);
5324         } else if (hvf_enabled() && cpu->enable_pmu) {
5325             *eax = hvf_get_supported_cpuid(0xA, count, R_EAX);
5326             *ebx = hvf_get_supported_cpuid(0xA, count, R_EBX);
5327             *ecx = hvf_get_supported_cpuid(0xA, count, R_ECX);
5328             *edx = hvf_get_supported_cpuid(0xA, count, R_EDX);
5329         } else {
5330             *eax = 0;
5331             *ebx = 0;
5332             *ecx = 0;
5333             *edx = 0;
5334         }
5335         break;
5336     case 0xB:
5337         /* Extended Topology Enumeration Leaf */
5338         if (!cpu->enable_cpuid_0xb) {
5339                 *eax = *ebx = *ecx = *edx = 0;
5340                 break;
5341         }
5342 
5343         *ecx = count & 0xff;
5344         *edx = cpu->apic_id;
5345 
5346         switch (count) {
5347         case 0:
5348             *eax = apicid_core_offset(&topo_info);
5349             *ebx = cs->nr_threads;
5350             *ecx |= CPUID_TOPOLOGY_LEVEL_SMT;
5351             break;
5352         case 1:
5353             *eax = apicid_pkg_offset(&topo_info);
5354             *ebx = cs->nr_cores * cs->nr_threads;
5355             *ecx |= CPUID_TOPOLOGY_LEVEL_CORE;
5356             break;
5357         default:
5358             *eax = 0;
5359             *ebx = 0;
5360             *ecx |= CPUID_TOPOLOGY_LEVEL_INVALID;
5361         }
5362 
5363         assert(!(*eax & ~0x1f));
5364         *ebx &= 0xffff; /* The count doesn't need to be reliable. */
5365         break;
5366     case 0x1F:
5367         /* V2 Extended Topology Enumeration Leaf */
5368         if (env->nr_dies < 2) {
5369             *eax = *ebx = *ecx = *edx = 0;
5370             break;
5371         }
5372 
5373         *ecx = count & 0xff;
5374         *edx = cpu->apic_id;
5375         switch (count) {
5376         case 0:
5377             *eax = apicid_core_offset(&topo_info);
5378             *ebx = cs->nr_threads;
5379             *ecx |= CPUID_TOPOLOGY_LEVEL_SMT;
5380             break;
5381         case 1:
5382             *eax = apicid_die_offset(&topo_info);
5383             *ebx = cs->nr_cores * cs->nr_threads;
5384             *ecx |= CPUID_TOPOLOGY_LEVEL_CORE;
5385             break;
5386         case 2:
5387             *eax = apicid_pkg_offset(&topo_info);
5388             *ebx = env->nr_dies * cs->nr_cores * cs->nr_threads;
5389             *ecx |= CPUID_TOPOLOGY_LEVEL_DIE;
5390             break;
5391         default:
5392             *eax = 0;
5393             *ebx = 0;
5394             *ecx |= CPUID_TOPOLOGY_LEVEL_INVALID;
5395         }
5396         assert(!(*eax & ~0x1f));
5397         *ebx &= 0xffff; /* The count doesn't need to be reliable. */
5398         break;
5399     case 0xD: {
5400         /* Processor Extended State */
5401         *eax = 0;
5402         *ebx = 0;
5403         *ecx = 0;
5404         *edx = 0;
5405         if (!(env->features[FEAT_1_ECX] & CPUID_EXT_XSAVE)) {
5406             break;
5407         }
5408 
5409         if (count == 0) {
5410             *ecx = xsave_area_size(x86_cpu_xsave_components(cpu));
5411             *eax = env->features[FEAT_XSAVE_COMP_LO];
5412             *edx = env->features[FEAT_XSAVE_COMP_HI];
5413             /*
5414              * The initial value of xcr0 and ebx == 0, On host without kvm
5415              * commit 412a3c41(e.g., CentOS 6), the ebx's value always == 0
5416              * even through guest update xcr0, this will crash some legacy guest
5417              * (e.g., CentOS 6), So set ebx == ecx to workaroud it.
5418              */
5419             *ebx = kvm_enabled() ? *ecx : xsave_area_size(env->xcr0);
5420         } else if (count == 1) {
5421             *eax = env->features[FEAT_XSAVE];
5422         } else if (count < ARRAY_SIZE(x86_ext_save_areas)) {
5423             if ((x86_cpu_xsave_components(cpu) >> count) & 1) {
5424                 const ExtSaveArea *esa = &x86_ext_save_areas[count];
5425                 *eax = esa->size;
5426                 *ebx = esa->offset;
5427             }
5428         }
5429         break;
5430     }
5431     case 0x14: {
5432         /* Intel Processor Trace Enumeration */
5433         *eax = 0;
5434         *ebx = 0;
5435         *ecx = 0;
5436         *edx = 0;
5437         if (!(env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_INTEL_PT) ||
5438             !kvm_enabled()) {
5439             break;
5440         }
5441 
5442         if (count == 0) {
5443             *eax = INTEL_PT_MAX_SUBLEAF;
5444             *ebx = INTEL_PT_MINIMAL_EBX;
5445             *ecx = INTEL_PT_MINIMAL_ECX;
5446             if (env->features[FEAT_14_0_ECX] & CPUID_14_0_ECX_LIP) {
5447                 *ecx |= CPUID_14_0_ECX_LIP;
5448             }
5449         } else if (count == 1) {
5450             *eax = INTEL_PT_MTC_BITMAP | INTEL_PT_ADDR_RANGES_NUM;
5451             *ebx = INTEL_PT_PSB_BITMAP | INTEL_PT_CYCLE_BITMAP;
5452         }
5453         break;
5454     }
5455     case 0x40000000:
5456         /*
5457          * CPUID code in kvm_arch_init_vcpu() ignores stuff
5458          * set here, but we restrict to TCG none the less.
5459          */
5460         if (tcg_enabled() && cpu->expose_tcg) {
5461             memcpy(signature, "TCGTCGTCGTCG", 12);
5462             *eax = 0x40000001;
5463             *ebx = signature[0];
5464             *ecx = signature[1];
5465             *edx = signature[2];
5466         } else {
5467             *eax = 0;
5468             *ebx = 0;
5469             *ecx = 0;
5470             *edx = 0;
5471         }
5472         break;
5473     case 0x40000001:
5474         *eax = 0;
5475         *ebx = 0;
5476         *ecx = 0;
5477         *edx = 0;
5478         break;
5479     case 0x80000000:
5480         *eax = env->cpuid_xlevel;
5481         *ebx = env->cpuid_vendor1;
5482         *edx = env->cpuid_vendor2;
5483         *ecx = env->cpuid_vendor3;
5484         break;
5485     case 0x80000001:
5486         *eax = env->cpuid_version;
5487         *ebx = 0;
5488         *ecx = env->features[FEAT_8000_0001_ECX];
5489         *edx = env->features[FEAT_8000_0001_EDX];
5490 
5491         /* The Linux kernel checks for the CMPLegacy bit and
5492          * discards multiple thread information if it is set.
5493          * So don't set it here for Intel to make Linux guests happy.
5494          */
5495         if (cs->nr_cores * cs->nr_threads > 1) {
5496             if (env->cpuid_vendor1 != CPUID_VENDOR_INTEL_1 ||
5497                 env->cpuid_vendor2 != CPUID_VENDOR_INTEL_2 ||
5498                 env->cpuid_vendor3 != CPUID_VENDOR_INTEL_3) {
5499                 *ecx |= 1 << 1;    /* CmpLegacy bit */
5500             }
5501         }
5502         break;
5503     case 0x80000002:
5504     case 0x80000003:
5505     case 0x80000004:
5506         *eax = env->cpuid_model[(index - 0x80000002) * 4 + 0];
5507         *ebx = env->cpuid_model[(index - 0x80000002) * 4 + 1];
5508         *ecx = env->cpuid_model[(index - 0x80000002) * 4 + 2];
5509         *edx = env->cpuid_model[(index - 0x80000002) * 4 + 3];
5510         break;
5511     case 0x80000005:
5512         /* cache info (L1 cache) */
5513         if (cpu->cache_info_passthrough) {
5514             host_cpuid(index, 0, eax, ebx, ecx, edx);
5515             break;
5516         }
5517         *eax = (L1_DTLB_2M_ASSOC << 24) | (L1_DTLB_2M_ENTRIES << 16) |
5518                (L1_ITLB_2M_ASSOC <<  8) | (L1_ITLB_2M_ENTRIES);
5519         *ebx = (L1_DTLB_4K_ASSOC << 24) | (L1_DTLB_4K_ENTRIES << 16) |
5520                (L1_ITLB_4K_ASSOC <<  8) | (L1_ITLB_4K_ENTRIES);
5521         *ecx = encode_cache_cpuid80000005(env->cache_info_amd.l1d_cache);
5522         *edx = encode_cache_cpuid80000005(env->cache_info_amd.l1i_cache);
5523         break;
5524     case 0x80000006:
5525         /* cache info (L2 cache) */
5526         if (cpu->cache_info_passthrough) {
5527             host_cpuid(index, 0, eax, ebx, ecx, edx);
5528             break;
5529         }
5530         *eax = (AMD_ENC_ASSOC(L2_DTLB_2M_ASSOC) << 28) |
5531                (L2_DTLB_2M_ENTRIES << 16) |
5532                (AMD_ENC_ASSOC(L2_ITLB_2M_ASSOC) << 12) |
5533                (L2_ITLB_2M_ENTRIES);
5534         *ebx = (AMD_ENC_ASSOC(L2_DTLB_4K_ASSOC) << 28) |
5535                (L2_DTLB_4K_ENTRIES << 16) |
5536                (AMD_ENC_ASSOC(L2_ITLB_4K_ASSOC) << 12) |
5537                (L2_ITLB_4K_ENTRIES);
5538         encode_cache_cpuid80000006(env->cache_info_amd.l2_cache,
5539                                    cpu->enable_l3_cache ?
5540                                    env->cache_info_amd.l3_cache : NULL,
5541                                    ecx, edx);
5542         break;
5543     case 0x80000007:
5544         *eax = 0;
5545         *ebx = 0;
5546         *ecx = 0;
5547         *edx = env->features[FEAT_8000_0007_EDX];
5548         break;
5549     case 0x80000008:
5550         /* virtual & phys address size in low 2 bytes. */
5551         if (env->features[FEAT_8000_0001_EDX] & CPUID_EXT2_LM) {
5552             /* 64 bit processor */
5553             *eax = cpu->phys_bits; /* configurable physical bits */
5554             if  (env->features[FEAT_7_0_ECX] & CPUID_7_0_ECX_LA57) {
5555                 *eax |= 0x00003900; /* 57 bits virtual */
5556             } else {
5557                 *eax |= 0x00003000; /* 48 bits virtual */
5558             }
5559         } else {
5560             *eax = cpu->phys_bits;
5561         }
5562         *ebx = env->features[FEAT_8000_0008_EBX];
5563         if (cs->nr_cores * cs->nr_threads > 1) {
5564             /*
5565              * Bits 15:12 is "The number of bits in the initial
5566              * Core::X86::Apic::ApicId[ApicId] value that indicate
5567              * thread ID within a package".
5568              * Bits 7:0 is "The number of threads in the package is NC+1"
5569              */
5570             *ecx = (apicid_pkg_offset(&topo_info) << 12) |
5571                    ((cs->nr_cores * cs->nr_threads) - 1);
5572         } else {
5573             *ecx = 0;
5574         }
5575         *edx = 0;
5576         break;
5577     case 0x8000000A:
5578         if (env->features[FEAT_8000_0001_ECX] & CPUID_EXT3_SVM) {
5579             *eax = 0x00000001; /* SVM Revision */
5580             *ebx = 0x00000010; /* nr of ASIDs */
5581             *ecx = 0;
5582             *edx = env->features[FEAT_SVM]; /* optional features */
5583         } else {
5584             *eax = 0;
5585             *ebx = 0;
5586             *ecx = 0;
5587             *edx = 0;
5588         }
5589         break;
5590     case 0x8000001D:
5591         *eax = 0;
5592         if (cpu->cache_info_passthrough) {
5593             host_cpuid(index, count, eax, ebx, ecx, edx);
5594             break;
5595         }
5596         switch (count) {
5597         case 0: /* L1 dcache info */
5598             encode_cache_cpuid8000001d(env->cache_info_amd.l1d_cache,
5599                                        &topo_info, eax, ebx, ecx, edx);
5600             break;
5601         case 1: /* L1 icache info */
5602             encode_cache_cpuid8000001d(env->cache_info_amd.l1i_cache,
5603                                        &topo_info, eax, ebx, ecx, edx);
5604             break;
5605         case 2: /* L2 cache info */
5606             encode_cache_cpuid8000001d(env->cache_info_amd.l2_cache,
5607                                        &topo_info, eax, ebx, ecx, edx);
5608             break;
5609         case 3: /* L3 cache info */
5610             encode_cache_cpuid8000001d(env->cache_info_amd.l3_cache,
5611                                        &topo_info, eax, ebx, ecx, edx);
5612             break;
5613         default: /* end of info */
5614             *eax = *ebx = *ecx = *edx = 0;
5615             break;
5616         }
5617         break;
5618     case 0x8000001E:
5619         if (cpu->core_id <= 255) {
5620             encode_topo_cpuid8000001e(cpu, &topo_info, eax, ebx, ecx, edx);
5621         } else {
5622             *eax = 0;
5623             *ebx = 0;
5624             *ecx = 0;
5625             *edx = 0;
5626         }
5627         break;
5628     case 0xC0000000:
5629         *eax = env->cpuid_xlevel2;
5630         *ebx = 0;
5631         *ecx = 0;
5632         *edx = 0;
5633         break;
5634     case 0xC0000001:
5635         /* Support for VIA CPU's CPUID instruction */
5636         *eax = env->cpuid_version;
5637         *ebx = 0;
5638         *ecx = 0;
5639         *edx = env->features[FEAT_C000_0001_EDX];
5640         break;
5641     case 0xC0000002:
5642     case 0xC0000003:
5643     case 0xC0000004:
5644         /* Reserved for the future, and now filled with zero */
5645         *eax = 0;
5646         *ebx = 0;
5647         *ecx = 0;
5648         *edx = 0;
5649         break;
5650     case 0x8000001F:
5651         *eax = sev_enabled() ? 0x2 : 0;
5652         *eax |= sev_es_enabled() ? 0x8 : 0;
5653         *ebx = sev_get_cbit_position();
5654         *ebx |= sev_get_reduced_phys_bits() << 6;
5655         *ecx = 0;
5656         *edx = 0;
5657         break;
5658     default:
5659         /* reserved values: zero */
5660         *eax = 0;
5661         *ebx = 0;
5662         *ecx = 0;
5663         *edx = 0;
5664         break;
5665     }
5666 }
5667 
5668 static void x86_cpu_reset(DeviceState *dev)
5669 {
5670     CPUState *s = CPU(dev);
5671     X86CPU *cpu = X86_CPU(s);
5672     X86CPUClass *xcc = X86_CPU_GET_CLASS(cpu);
5673     CPUX86State *env = &cpu->env;
5674     target_ulong cr4;
5675     uint64_t xcr0;
5676     int i;
5677 
5678     xcc->parent_reset(dev);
5679 
5680     memset(env, 0, offsetof(CPUX86State, end_reset_fields));
5681 
5682     env->old_exception = -1;
5683 
5684     /* init to reset state */
5685 
5686     env->hflags2 |= HF2_GIF_MASK;
5687     env->hflags &= ~HF_GUEST_MASK;
5688 
5689     cpu_x86_update_cr0(env, 0x60000010);
5690     env->a20_mask = ~0x0;
5691     env->smbase = 0x30000;
5692     env->msr_smi_count = 0;
5693 
5694     env->idt.limit = 0xffff;
5695     env->gdt.limit = 0xffff;
5696     env->ldt.limit = 0xffff;
5697     env->ldt.flags = DESC_P_MASK | (2 << DESC_TYPE_SHIFT);
5698     env->tr.limit = 0xffff;
5699     env->tr.flags = DESC_P_MASK | (11 << DESC_TYPE_SHIFT);
5700 
5701     cpu_x86_load_seg_cache(env, R_CS, 0xf000, 0xffff0000, 0xffff,
5702                            DESC_P_MASK | DESC_S_MASK | DESC_CS_MASK |
5703                            DESC_R_MASK | DESC_A_MASK);
5704     cpu_x86_load_seg_cache(env, R_DS, 0, 0, 0xffff,
5705                            DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
5706                            DESC_A_MASK);
5707     cpu_x86_load_seg_cache(env, R_ES, 0, 0, 0xffff,
5708                            DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
5709                            DESC_A_MASK);
5710     cpu_x86_load_seg_cache(env, R_SS, 0, 0, 0xffff,
5711                            DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
5712                            DESC_A_MASK);
5713     cpu_x86_load_seg_cache(env, R_FS, 0, 0, 0xffff,
5714                            DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
5715                            DESC_A_MASK);
5716     cpu_x86_load_seg_cache(env, R_GS, 0, 0, 0xffff,
5717                            DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
5718                            DESC_A_MASK);
5719 
5720     env->eip = 0xfff0;
5721     env->regs[R_EDX] = env->cpuid_version;
5722 
5723     env->eflags = 0x2;
5724 
5725     /* FPU init */
5726     for (i = 0; i < 8; i++) {
5727         env->fptags[i] = 1;
5728     }
5729     cpu_set_fpuc(env, 0x37f);
5730 
5731     env->mxcsr = 0x1f80;
5732     /* All units are in INIT state.  */
5733     env->xstate_bv = 0;
5734 
5735     env->pat = 0x0007040600070406ULL;
5736     env->msr_ia32_misc_enable = MSR_IA32_MISC_ENABLE_DEFAULT;
5737     if (env->features[FEAT_1_ECX] & CPUID_EXT_MONITOR) {
5738         env->msr_ia32_misc_enable |= MSR_IA32_MISC_ENABLE_MWAIT;
5739     }
5740 
5741     memset(env->dr, 0, sizeof(env->dr));
5742     env->dr[6] = DR6_FIXED_1;
5743     env->dr[7] = DR7_FIXED_1;
5744     cpu_breakpoint_remove_all(s, BP_CPU);
5745     cpu_watchpoint_remove_all(s, BP_CPU);
5746 
5747     cr4 = 0;
5748     xcr0 = XSTATE_FP_MASK;
5749 
5750 #ifdef CONFIG_USER_ONLY
5751     /* Enable all the features for user-mode.  */
5752     if (env->features[FEAT_1_EDX] & CPUID_SSE) {
5753         xcr0 |= XSTATE_SSE_MASK;
5754     }
5755     for (i = 2; i < ARRAY_SIZE(x86_ext_save_areas); i++) {
5756         const ExtSaveArea *esa = &x86_ext_save_areas[i];
5757         if (env->features[esa->feature] & esa->bits) {
5758             xcr0 |= 1ull << i;
5759         }
5760     }
5761 
5762     if (env->features[FEAT_1_ECX] & CPUID_EXT_XSAVE) {
5763         cr4 |= CR4_OSFXSR_MASK | CR4_OSXSAVE_MASK;
5764     }
5765     if (env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_FSGSBASE) {
5766         cr4 |= CR4_FSGSBASE_MASK;
5767     }
5768 #endif
5769 
5770     env->xcr0 = xcr0;
5771     cpu_x86_update_cr4(env, cr4);
5772 
5773     /*
5774      * SDM 11.11.5 requires:
5775      *  - IA32_MTRR_DEF_TYPE MSR.E = 0
5776      *  - IA32_MTRR_PHYSMASKn.V = 0
5777      * All other bits are undefined.  For simplification, zero it all.
5778      */
5779     env->mtrr_deftype = 0;
5780     memset(env->mtrr_var, 0, sizeof(env->mtrr_var));
5781     memset(env->mtrr_fixed, 0, sizeof(env->mtrr_fixed));
5782 
5783     env->interrupt_injected = -1;
5784     env->exception_nr = -1;
5785     env->exception_pending = 0;
5786     env->exception_injected = 0;
5787     env->exception_has_payload = false;
5788     env->exception_payload = 0;
5789     env->nmi_injected = false;
5790 #if !defined(CONFIG_USER_ONLY)
5791     /* We hard-wire the BSP to the first CPU. */
5792     apic_designate_bsp(cpu->apic_state, s->cpu_index == 0);
5793 
5794     s->halted = !cpu_is_bsp(cpu);
5795 
5796     if (kvm_enabled()) {
5797         kvm_arch_reset_vcpu(cpu);
5798     }
5799 #endif
5800 }
5801 
5802 static void mce_init(X86CPU *cpu)
5803 {
5804     CPUX86State *cenv = &cpu->env;
5805     unsigned int bank;
5806 
5807     if (((cenv->cpuid_version >> 8) & 0xf) >= 6
5808         && (cenv->features[FEAT_1_EDX] & (CPUID_MCE | CPUID_MCA)) ==
5809             (CPUID_MCE | CPUID_MCA)) {
5810         cenv->mcg_cap = MCE_CAP_DEF | MCE_BANKS_DEF |
5811                         (cpu->enable_lmce ? MCG_LMCE_P : 0);
5812         cenv->mcg_ctl = ~(uint64_t)0;
5813         for (bank = 0; bank < MCE_BANKS_DEF; bank++) {
5814             cenv->mce_banks[bank * 4] = ~(uint64_t)0;
5815         }
5816     }
5817 }
5818 
5819 static void x86_cpu_adjust_level(X86CPU *cpu, uint32_t *min, uint32_t value)
5820 {
5821     if (*min < value) {
5822         *min = value;
5823     }
5824 }
5825 
5826 /* Increase cpuid_min_{level,xlevel,xlevel2} automatically, if appropriate */
5827 static void x86_cpu_adjust_feat_level(X86CPU *cpu, FeatureWord w)
5828 {
5829     CPUX86State *env = &cpu->env;
5830     FeatureWordInfo *fi = &feature_word_info[w];
5831     uint32_t eax = fi->cpuid.eax;
5832     uint32_t region = eax & 0xF0000000;
5833 
5834     assert(feature_word_info[w].type == CPUID_FEATURE_WORD);
5835     if (!env->features[w]) {
5836         return;
5837     }
5838 
5839     switch (region) {
5840     case 0x00000000:
5841         x86_cpu_adjust_level(cpu, &env->cpuid_min_level, eax);
5842     break;
5843     case 0x80000000:
5844         x86_cpu_adjust_level(cpu, &env->cpuid_min_xlevel, eax);
5845     break;
5846     case 0xC0000000:
5847         x86_cpu_adjust_level(cpu, &env->cpuid_min_xlevel2, eax);
5848     break;
5849     }
5850 
5851     if (eax == 7) {
5852         x86_cpu_adjust_level(cpu, &env->cpuid_min_level_func7,
5853                              fi->cpuid.ecx);
5854     }
5855 }
5856 
5857 /* Calculate XSAVE components based on the configured CPU feature flags */
5858 static void x86_cpu_enable_xsave_components(X86CPU *cpu)
5859 {
5860     CPUX86State *env = &cpu->env;
5861     int i;
5862     uint64_t mask;
5863 
5864     if (!(env->features[FEAT_1_ECX] & CPUID_EXT_XSAVE)) {
5865         env->features[FEAT_XSAVE_COMP_LO] = 0;
5866         env->features[FEAT_XSAVE_COMP_HI] = 0;
5867         return;
5868     }
5869 
5870     mask = 0;
5871     for (i = 0; i < ARRAY_SIZE(x86_ext_save_areas); i++) {
5872         const ExtSaveArea *esa = &x86_ext_save_areas[i];
5873         if (env->features[esa->feature] & esa->bits) {
5874             mask |= (1ULL << i);
5875         }
5876     }
5877 
5878     env->features[FEAT_XSAVE_COMP_LO] = mask;
5879     env->features[FEAT_XSAVE_COMP_HI] = mask >> 32;
5880 }
5881 
5882 /***** Steps involved on loading and filtering CPUID data
5883  *
5884  * When initializing and realizing a CPU object, the steps
5885  * involved in setting up CPUID data are:
5886  *
5887  * 1) Loading CPU model definition (X86CPUDefinition). This is
5888  *    implemented by x86_cpu_load_model() and should be completely
5889  *    transparent, as it is done automatically by instance_init.
5890  *    No code should need to look at X86CPUDefinition structs
5891  *    outside instance_init.
5892  *
5893  * 2) CPU expansion. This is done by realize before CPUID
5894  *    filtering, and will make sure host/accelerator data is
5895  *    loaded for CPU models that depend on host capabilities
5896  *    (e.g. "host"). Done by x86_cpu_expand_features().
5897  *
5898  * 3) CPUID filtering. This initializes extra data related to
5899  *    CPUID, and checks if the host supports all capabilities
5900  *    required by the CPU. Runnability of a CPU model is
5901  *    determined at this step. Done by x86_cpu_filter_features().
5902  *
5903  * Some operations don't require all steps to be performed.
5904  * More precisely:
5905  *
5906  * - CPU instance creation (instance_init) will run only CPU
5907  *   model loading. CPU expansion can't run at instance_init-time
5908  *   because host/accelerator data may be not available yet.
5909  * - CPU realization will perform both CPU model expansion and CPUID
5910  *   filtering, and return an error in case one of them fails.
5911  * - query-cpu-definitions needs to run all 3 steps. It needs
5912  *   to run CPUID filtering, as the 'unavailable-features'
5913  *   field is set based on the filtering results.
5914  * - The query-cpu-model-expansion QMP command only needs to run
5915  *   CPU model loading and CPU expansion. It should not filter
5916  *   any CPUID data based on host capabilities.
5917  */
5918 
5919 /* Expand CPU configuration data, based on configured features
5920  * and host/accelerator capabilities when appropriate.
5921  */
5922 void x86_cpu_expand_features(X86CPU *cpu, Error **errp)
5923 {
5924     CPUX86State *env = &cpu->env;
5925     FeatureWord w;
5926     int i;
5927     GList *l;
5928 
5929     for (l = plus_features; l; l = l->next) {
5930         const char *prop = l->data;
5931         if (!object_property_set_bool(OBJECT(cpu), prop, true, errp)) {
5932             return;
5933         }
5934     }
5935 
5936     for (l = minus_features; l; l = l->next) {
5937         const char *prop = l->data;
5938         if (!object_property_set_bool(OBJECT(cpu), prop, false, errp)) {
5939             return;
5940         }
5941     }
5942 
5943     /*TODO: Now cpu->max_features doesn't overwrite features
5944      * set using QOM properties, and we can convert
5945      * plus_features & minus_features to global properties
5946      * inside x86_cpu_parse_featurestr() too.
5947      */
5948     if (cpu->max_features) {
5949         for (w = 0; w < FEATURE_WORDS; w++) {
5950             /* Override only features that weren't set explicitly
5951              * by the user.
5952              */
5953             env->features[w] |=
5954                 x86_cpu_get_supported_feature_word(w, cpu->migratable) &
5955                 ~env->user_features[w] &
5956                 ~feature_word_info[w].no_autoenable_flags;
5957         }
5958     }
5959 
5960     for (i = 0; i < ARRAY_SIZE(feature_dependencies); i++) {
5961         FeatureDep *d = &feature_dependencies[i];
5962         if (!(env->features[d->from.index] & d->from.mask)) {
5963             uint64_t unavailable_features = env->features[d->to.index] & d->to.mask;
5964 
5965             /* Not an error unless the dependent feature was added explicitly.  */
5966             mark_unavailable_features(cpu, d->to.index,
5967                                       unavailable_features & env->user_features[d->to.index],
5968                                       "This feature depends on other features that were not requested");
5969 
5970             env->features[d->to.index] &= ~unavailable_features;
5971         }
5972     }
5973 
5974     if (!kvm_enabled() || !cpu->expose_kvm) {
5975         env->features[FEAT_KVM] = 0;
5976     }
5977 
5978     x86_cpu_enable_xsave_components(cpu);
5979 
5980     /* CPUID[EAX=7,ECX=0].EBX always increased level automatically: */
5981     x86_cpu_adjust_feat_level(cpu, FEAT_7_0_EBX);
5982     if (cpu->full_cpuid_auto_level) {
5983         x86_cpu_adjust_feat_level(cpu, FEAT_1_EDX);
5984         x86_cpu_adjust_feat_level(cpu, FEAT_1_ECX);
5985         x86_cpu_adjust_feat_level(cpu, FEAT_6_EAX);
5986         x86_cpu_adjust_feat_level(cpu, FEAT_7_0_ECX);
5987         x86_cpu_adjust_feat_level(cpu, FEAT_7_1_EAX);
5988         x86_cpu_adjust_feat_level(cpu, FEAT_8000_0001_EDX);
5989         x86_cpu_adjust_feat_level(cpu, FEAT_8000_0001_ECX);
5990         x86_cpu_adjust_feat_level(cpu, FEAT_8000_0007_EDX);
5991         x86_cpu_adjust_feat_level(cpu, FEAT_8000_0008_EBX);
5992         x86_cpu_adjust_feat_level(cpu, FEAT_C000_0001_EDX);
5993         x86_cpu_adjust_feat_level(cpu, FEAT_SVM);
5994         x86_cpu_adjust_feat_level(cpu, FEAT_XSAVE);
5995 
5996         /* Intel Processor Trace requires CPUID[0x14] */
5997         if ((env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_INTEL_PT)) {
5998             if (cpu->intel_pt_auto_level) {
5999                 x86_cpu_adjust_level(cpu, &cpu->env.cpuid_min_level, 0x14);
6000             } else if (cpu->env.cpuid_min_level < 0x14) {
6001                 mark_unavailable_features(cpu, FEAT_7_0_EBX,
6002                     CPUID_7_0_EBX_INTEL_PT,
6003                     "Intel PT need CPUID leaf 0x14, please set by \"-cpu ...,intel-pt=on,min-level=0x14\"");
6004             }
6005         }
6006 
6007         /* CPU topology with multi-dies support requires CPUID[0x1F] */
6008         if (env->nr_dies > 1) {
6009             x86_cpu_adjust_level(cpu, &env->cpuid_min_level, 0x1F);
6010         }
6011 
6012         /* SVM requires CPUID[0x8000000A] */
6013         if (env->features[FEAT_8000_0001_ECX] & CPUID_EXT3_SVM) {
6014             x86_cpu_adjust_level(cpu, &env->cpuid_min_xlevel, 0x8000000A);
6015         }
6016 
6017         /* SEV requires CPUID[0x8000001F] */
6018         if (sev_enabled()) {
6019             x86_cpu_adjust_level(cpu, &env->cpuid_min_xlevel, 0x8000001F);
6020         }
6021     }
6022 
6023     /* Set cpuid_*level* based on cpuid_min_*level, if not explicitly set */
6024     if (env->cpuid_level_func7 == UINT32_MAX) {
6025         env->cpuid_level_func7 = env->cpuid_min_level_func7;
6026     }
6027     if (env->cpuid_level == UINT32_MAX) {
6028         env->cpuid_level = env->cpuid_min_level;
6029     }
6030     if (env->cpuid_xlevel == UINT32_MAX) {
6031         env->cpuid_xlevel = env->cpuid_min_xlevel;
6032     }
6033     if (env->cpuid_xlevel2 == UINT32_MAX) {
6034         env->cpuid_xlevel2 = env->cpuid_min_xlevel2;
6035     }
6036 }
6037 
6038 /*
6039  * Finishes initialization of CPUID data, filters CPU feature
6040  * words based on host availability of each feature.
6041  *
6042  * Returns: 0 if all flags are supported by the host, non-zero otherwise.
6043  */
6044 static void x86_cpu_filter_features(X86CPU *cpu, bool verbose)
6045 {
6046     CPUX86State *env = &cpu->env;
6047     FeatureWord w;
6048     const char *prefix = NULL;
6049 
6050     if (verbose) {
6051         prefix = accel_uses_host_cpuid()
6052                  ? "host doesn't support requested feature"
6053                  : "TCG doesn't support requested feature";
6054     }
6055 
6056     for (w = 0; w < FEATURE_WORDS; w++) {
6057         uint64_t host_feat =
6058             x86_cpu_get_supported_feature_word(w, false);
6059         uint64_t requested_features = env->features[w];
6060         uint64_t unavailable_features = requested_features & ~host_feat;
6061         mark_unavailable_features(cpu, w, unavailable_features, prefix);
6062     }
6063 
6064     if ((env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_INTEL_PT) &&
6065         kvm_enabled()) {
6066         KVMState *s = CPU(cpu)->kvm_state;
6067         uint32_t eax_0 = kvm_arch_get_supported_cpuid(s, 0x14, 0, R_EAX);
6068         uint32_t ebx_0 = kvm_arch_get_supported_cpuid(s, 0x14, 0, R_EBX);
6069         uint32_t ecx_0 = kvm_arch_get_supported_cpuid(s, 0x14, 0, R_ECX);
6070         uint32_t eax_1 = kvm_arch_get_supported_cpuid(s, 0x14, 1, R_EAX);
6071         uint32_t ebx_1 = kvm_arch_get_supported_cpuid(s, 0x14, 1, R_EBX);
6072 
6073         if (!eax_0 ||
6074            ((ebx_0 & INTEL_PT_MINIMAL_EBX) != INTEL_PT_MINIMAL_EBX) ||
6075            ((ecx_0 & INTEL_PT_MINIMAL_ECX) != INTEL_PT_MINIMAL_ECX) ||
6076            ((eax_1 & INTEL_PT_MTC_BITMAP) != INTEL_PT_MTC_BITMAP) ||
6077            ((eax_1 & INTEL_PT_ADDR_RANGES_NUM_MASK) <
6078                                            INTEL_PT_ADDR_RANGES_NUM) ||
6079            ((ebx_1 & (INTEL_PT_PSB_BITMAP | INTEL_PT_CYCLE_BITMAP)) !=
6080                 (INTEL_PT_PSB_BITMAP | INTEL_PT_CYCLE_BITMAP)) ||
6081            ((ecx_0 & CPUID_14_0_ECX_LIP) !=
6082                 (env->features[FEAT_14_0_ECX] & CPUID_14_0_ECX_LIP))) {
6083             /*
6084              * Processor Trace capabilities aren't configurable, so if the
6085              * host can't emulate the capabilities we report on
6086              * cpu_x86_cpuid(), intel-pt can't be enabled on the current host.
6087              */
6088             mark_unavailable_features(cpu, FEAT_7_0_EBX, CPUID_7_0_EBX_INTEL_PT, prefix);
6089         }
6090     }
6091 }
6092 
6093 static void x86_cpu_hyperv_realize(X86CPU *cpu)
6094 {
6095     size_t len;
6096 
6097     /* Hyper-V vendor id */
6098     if (!cpu->hyperv_vendor) {
6099         memcpy(cpu->hyperv_vendor_id, "Microsoft Hv", 12);
6100     } else {
6101         len = strlen(cpu->hyperv_vendor);
6102 
6103         if (len > 12) {
6104             warn_report("hv-vendor-id truncated to 12 characters");
6105             len = 12;
6106         }
6107         memset(cpu->hyperv_vendor_id, 0, 12);
6108         memcpy(cpu->hyperv_vendor_id, cpu->hyperv_vendor, len);
6109     }
6110 
6111     /* 'Hv#1' interface identification*/
6112     cpu->hyperv_interface_id[0] = 0x31237648;
6113     cpu->hyperv_interface_id[1] = 0;
6114     cpu->hyperv_interface_id[2] = 0;
6115     cpu->hyperv_interface_id[3] = 0;
6116 
6117     /* Hypervisor system identity */
6118     cpu->hyperv_version_id[0] = 0x00001bbc;
6119     cpu->hyperv_version_id[1] = 0x00060001;
6120 
6121     /* Hypervisor implementation limits */
6122     cpu->hyperv_limits[0] = 64;
6123     cpu->hyperv_limits[1] = 0;
6124     cpu->hyperv_limits[2] = 0;
6125 }
6126 
6127 static void x86_cpu_realizefn(DeviceState *dev, Error **errp)
6128 {
6129     CPUState *cs = CPU(dev);
6130     X86CPU *cpu = X86_CPU(dev);
6131     X86CPUClass *xcc = X86_CPU_GET_CLASS(dev);
6132     CPUX86State *env = &cpu->env;
6133     Error *local_err = NULL;
6134     static bool ht_warned;
6135 
6136     /* Process Hyper-V enlightenments */
6137     x86_cpu_hyperv_realize(cpu);
6138 
6139     cpu_exec_realizefn(cs, &local_err);
6140     if (local_err != NULL) {
6141         error_propagate(errp, local_err);
6142         return;
6143     }
6144 
6145     if (xcc->host_cpuid_required && !accel_uses_host_cpuid()) {
6146         g_autofree char *name = x86_cpu_class_get_model_name(xcc);
6147         error_setg(&local_err, "CPU model '%s' requires KVM or HVF", name);
6148         goto out;
6149     }
6150 
6151     if (cpu->ucode_rev == 0) {
6152         /* The default is the same as KVM's.  */
6153         if (IS_AMD_CPU(env)) {
6154             cpu->ucode_rev = 0x01000065;
6155         } else {
6156             cpu->ucode_rev = 0x100000000ULL;
6157         }
6158     }
6159 
6160     /* mwait extended info: needed for Core compatibility */
6161     /* We always wake on interrupt even if host does not have the capability */
6162     cpu->mwait.ecx |= CPUID_MWAIT_EMX | CPUID_MWAIT_IBE;
6163 
6164     if (cpu->apic_id == UNASSIGNED_APIC_ID) {
6165         error_setg(errp, "apic-id property was not initialized properly");
6166         return;
6167     }
6168 
6169     x86_cpu_expand_features(cpu, &local_err);
6170     if (local_err) {
6171         goto out;
6172     }
6173 
6174     x86_cpu_filter_features(cpu, cpu->check_cpuid || cpu->enforce_cpuid);
6175 
6176     if (cpu->enforce_cpuid && x86_cpu_have_filtered_features(cpu)) {
6177         error_setg(&local_err,
6178                    accel_uses_host_cpuid() ?
6179                        "Host doesn't support requested features" :
6180                        "TCG doesn't support requested features");
6181         goto out;
6182     }
6183 
6184     /* On AMD CPUs, some CPUID[8000_0001].EDX bits must match the bits on
6185      * CPUID[1].EDX.
6186      */
6187     if (IS_AMD_CPU(env)) {
6188         env->features[FEAT_8000_0001_EDX] &= ~CPUID_EXT2_AMD_ALIASES;
6189         env->features[FEAT_8000_0001_EDX] |= (env->features[FEAT_1_EDX]
6190            & CPUID_EXT2_AMD_ALIASES);
6191     }
6192 
6193     /* For 64bit systems think about the number of physical bits to present.
6194      * ideally this should be the same as the host; anything other than matching
6195      * the host can cause incorrect guest behaviour.
6196      * QEMU used to pick the magic value of 40 bits that corresponds to
6197      * consumer AMD devices but nothing else.
6198      */
6199     if (env->features[FEAT_8000_0001_EDX] & CPUID_EXT2_LM) {
6200         if (cpu->phys_bits &&
6201             (cpu->phys_bits > TARGET_PHYS_ADDR_SPACE_BITS ||
6202             cpu->phys_bits < 32)) {
6203             error_setg(errp, "phys-bits should be between 32 and %u "
6204                              " (but is %u)",
6205                              TARGET_PHYS_ADDR_SPACE_BITS, cpu->phys_bits);
6206             return;
6207         }
6208         /*
6209          * 0 means it was not explicitly set by the user (or by machine
6210          * compat_props or by the host code in host-cpu.c).
6211          * In this case, the default is the value used by TCG (40).
6212          */
6213         if (cpu->phys_bits == 0) {
6214             cpu->phys_bits = TCG_PHYS_ADDR_BITS;
6215         }
6216     } else {
6217         /* For 32 bit systems don't use the user set value, but keep
6218          * phys_bits consistent with what we tell the guest.
6219          */
6220         if (cpu->phys_bits != 0) {
6221             error_setg(errp, "phys-bits is not user-configurable in 32 bit");
6222             return;
6223         }
6224 
6225         if (env->features[FEAT_1_EDX] & CPUID_PSE36) {
6226             cpu->phys_bits = 36;
6227         } else {
6228             cpu->phys_bits = 32;
6229         }
6230     }
6231 
6232     /* Cache information initialization */
6233     if (!cpu->legacy_cache) {
6234         if (!xcc->model || !xcc->model->cpudef->cache_info) {
6235             g_autofree char *name = x86_cpu_class_get_model_name(xcc);
6236             error_setg(errp,
6237                        "CPU model '%s' doesn't support legacy-cache=off", name);
6238             return;
6239         }
6240         env->cache_info_cpuid2 = env->cache_info_cpuid4 = env->cache_info_amd =
6241             *xcc->model->cpudef->cache_info;
6242     } else {
6243         /* Build legacy cache information */
6244         env->cache_info_cpuid2.l1d_cache = &legacy_l1d_cache;
6245         env->cache_info_cpuid2.l1i_cache = &legacy_l1i_cache;
6246         env->cache_info_cpuid2.l2_cache = &legacy_l2_cache_cpuid2;
6247         env->cache_info_cpuid2.l3_cache = &legacy_l3_cache;
6248 
6249         env->cache_info_cpuid4.l1d_cache = &legacy_l1d_cache;
6250         env->cache_info_cpuid4.l1i_cache = &legacy_l1i_cache;
6251         env->cache_info_cpuid4.l2_cache = &legacy_l2_cache;
6252         env->cache_info_cpuid4.l3_cache = &legacy_l3_cache;
6253 
6254         env->cache_info_amd.l1d_cache = &legacy_l1d_cache_amd;
6255         env->cache_info_amd.l1i_cache = &legacy_l1i_cache_amd;
6256         env->cache_info_amd.l2_cache = &legacy_l2_cache_amd;
6257         env->cache_info_amd.l3_cache = &legacy_l3_cache;
6258     }
6259 
6260 #ifndef CONFIG_USER_ONLY
6261     MachineState *ms = MACHINE(qdev_get_machine());
6262     qemu_register_reset(x86_cpu_machine_reset_cb, cpu);
6263 
6264     if (cpu->env.features[FEAT_1_EDX] & CPUID_APIC || ms->smp.cpus > 1) {
6265         x86_cpu_apic_create(cpu, &local_err);
6266         if (local_err != NULL) {
6267             goto out;
6268         }
6269     }
6270 #endif
6271 
6272     mce_init(cpu);
6273 
6274     qemu_init_vcpu(cs);
6275 
6276     /*
6277      * Most Intel and certain AMD CPUs support hyperthreading. Even though QEMU
6278      * fixes this issue by adjusting CPUID_0000_0001_EBX and CPUID_8000_0008_ECX
6279      * based on inputs (sockets,cores,threads), it is still better to give
6280      * users a warning.
6281      *
6282      * NOTE: the following code has to follow qemu_init_vcpu(). Otherwise
6283      * cs->nr_threads hasn't be populated yet and the checking is incorrect.
6284      */
6285     if (IS_AMD_CPU(env) &&
6286         !(env->features[FEAT_8000_0001_ECX] & CPUID_EXT3_TOPOEXT) &&
6287         cs->nr_threads > 1 && !ht_warned) {
6288             warn_report("This family of AMD CPU doesn't support "
6289                         "hyperthreading(%d)",
6290                         cs->nr_threads);
6291             error_printf("Please configure -smp options properly"
6292                          " or try enabling topoext feature.\n");
6293             ht_warned = true;
6294     }
6295 
6296 #ifndef CONFIG_USER_ONLY
6297     x86_cpu_apic_realize(cpu, &local_err);
6298     if (local_err != NULL) {
6299         goto out;
6300     }
6301 #endif /* !CONFIG_USER_ONLY */
6302     cpu_reset(cs);
6303 
6304     xcc->parent_realize(dev, &local_err);
6305 
6306 out:
6307     if (local_err != NULL) {
6308         error_propagate(errp, local_err);
6309         return;
6310     }
6311 }
6312 
6313 static void x86_cpu_unrealizefn(DeviceState *dev)
6314 {
6315     X86CPU *cpu = X86_CPU(dev);
6316     X86CPUClass *xcc = X86_CPU_GET_CLASS(dev);
6317 
6318 #ifndef CONFIG_USER_ONLY
6319     cpu_remove_sync(CPU(dev));
6320     qemu_unregister_reset(x86_cpu_machine_reset_cb, dev);
6321 #endif
6322 
6323     if (cpu->apic_state) {
6324         object_unparent(OBJECT(cpu->apic_state));
6325         cpu->apic_state = NULL;
6326     }
6327 
6328     xcc->parent_unrealize(dev);
6329 }
6330 
6331 typedef struct BitProperty {
6332     FeatureWord w;
6333     uint64_t mask;
6334 } BitProperty;
6335 
6336 static void x86_cpu_get_bit_prop(Object *obj, Visitor *v, const char *name,
6337                                  void *opaque, Error **errp)
6338 {
6339     X86CPU *cpu = X86_CPU(obj);
6340     BitProperty *fp = opaque;
6341     uint64_t f = cpu->env.features[fp->w];
6342     bool value = (f & fp->mask) == fp->mask;
6343     visit_type_bool(v, name, &value, errp);
6344 }
6345 
6346 static void x86_cpu_set_bit_prop(Object *obj, Visitor *v, const char *name,
6347                                  void *opaque, Error **errp)
6348 {
6349     DeviceState *dev = DEVICE(obj);
6350     X86CPU *cpu = X86_CPU(obj);
6351     BitProperty *fp = opaque;
6352     bool value;
6353 
6354     if (dev->realized) {
6355         qdev_prop_set_after_realize(dev, name, errp);
6356         return;
6357     }
6358 
6359     if (!visit_type_bool(v, name, &value, errp)) {
6360         return;
6361     }
6362 
6363     if (value) {
6364         cpu->env.features[fp->w] |= fp->mask;
6365     } else {
6366         cpu->env.features[fp->w] &= ~fp->mask;
6367     }
6368     cpu->env.user_features[fp->w] |= fp->mask;
6369 }
6370 
6371 /* Register a boolean property to get/set a single bit in a uint32_t field.
6372  *
6373  * The same property name can be registered multiple times to make it affect
6374  * multiple bits in the same FeatureWord. In that case, the getter will return
6375  * true only if all bits are set.
6376  */
6377 static void x86_cpu_register_bit_prop(X86CPUClass *xcc,
6378                                       const char *prop_name,
6379                                       FeatureWord w,
6380                                       int bitnr)
6381 {
6382     ObjectClass *oc = OBJECT_CLASS(xcc);
6383     BitProperty *fp;
6384     ObjectProperty *op;
6385     uint64_t mask = (1ULL << bitnr);
6386 
6387     op = object_class_property_find(oc, prop_name);
6388     if (op) {
6389         fp = op->opaque;
6390         assert(fp->w == w);
6391         fp->mask |= mask;
6392     } else {
6393         fp = g_new0(BitProperty, 1);
6394         fp->w = w;
6395         fp->mask = mask;
6396         object_class_property_add(oc, prop_name, "bool",
6397                                   x86_cpu_get_bit_prop,
6398                                   x86_cpu_set_bit_prop,
6399                                   NULL, fp);
6400     }
6401 }
6402 
6403 static void x86_cpu_register_feature_bit_props(X86CPUClass *xcc,
6404                                                FeatureWord w,
6405                                                int bitnr)
6406 {
6407     FeatureWordInfo *fi = &feature_word_info[w];
6408     const char *name = fi->feat_names[bitnr];
6409 
6410     if (!name) {
6411         return;
6412     }
6413 
6414     /* Property names should use "-" instead of "_".
6415      * Old names containing underscores are registered as aliases
6416      * using object_property_add_alias()
6417      */
6418     assert(!strchr(name, '_'));
6419     /* aliases don't use "|" delimiters anymore, they are registered
6420      * manually using object_property_add_alias() */
6421     assert(!strchr(name, '|'));
6422     x86_cpu_register_bit_prop(xcc, name, w, bitnr);
6423 }
6424 
6425 static void x86_cpu_initfn(Object *obj)
6426 {
6427     X86CPU *cpu = X86_CPU(obj);
6428     X86CPUClass *xcc = X86_CPU_GET_CLASS(obj);
6429     CPUX86State *env = &cpu->env;
6430 
6431     env->nr_dies = 1;
6432     cpu_set_cpustate_pointers(cpu);
6433 
6434     object_property_add(obj, "feature-words", "X86CPUFeatureWordInfo",
6435                         x86_cpu_get_feature_words,
6436                         NULL, NULL, (void *)env->features);
6437     object_property_add(obj, "filtered-features", "X86CPUFeatureWordInfo",
6438                         x86_cpu_get_feature_words,
6439                         NULL, NULL, (void *)cpu->filtered_features);
6440 
6441     object_property_add_alias(obj, "sse3", obj, "pni");
6442     object_property_add_alias(obj, "pclmuldq", obj, "pclmulqdq");
6443     object_property_add_alias(obj, "sse4-1", obj, "sse4.1");
6444     object_property_add_alias(obj, "sse4-2", obj, "sse4.2");
6445     object_property_add_alias(obj, "xd", obj, "nx");
6446     object_property_add_alias(obj, "ffxsr", obj, "fxsr-opt");
6447     object_property_add_alias(obj, "i64", obj, "lm");
6448 
6449     object_property_add_alias(obj, "ds_cpl", obj, "ds-cpl");
6450     object_property_add_alias(obj, "tsc_adjust", obj, "tsc-adjust");
6451     object_property_add_alias(obj, "fxsr_opt", obj, "fxsr-opt");
6452     object_property_add_alias(obj, "lahf_lm", obj, "lahf-lm");
6453     object_property_add_alias(obj, "cmp_legacy", obj, "cmp-legacy");
6454     object_property_add_alias(obj, "nodeid_msr", obj, "nodeid-msr");
6455     object_property_add_alias(obj, "perfctr_core", obj, "perfctr-core");
6456     object_property_add_alias(obj, "perfctr_nb", obj, "perfctr-nb");
6457     object_property_add_alias(obj, "kvm_nopiodelay", obj, "kvm-nopiodelay");
6458     object_property_add_alias(obj, "kvm_mmu", obj, "kvm-mmu");
6459     object_property_add_alias(obj, "kvm_asyncpf", obj, "kvm-asyncpf");
6460     object_property_add_alias(obj, "kvm_asyncpf_int", obj, "kvm-asyncpf-int");
6461     object_property_add_alias(obj, "kvm_steal_time", obj, "kvm-steal-time");
6462     object_property_add_alias(obj, "kvm_pv_eoi", obj, "kvm-pv-eoi");
6463     object_property_add_alias(obj, "kvm_pv_unhalt", obj, "kvm-pv-unhalt");
6464     object_property_add_alias(obj, "kvm_poll_control", obj, "kvm-poll-control");
6465     object_property_add_alias(obj, "svm_lock", obj, "svm-lock");
6466     object_property_add_alias(obj, "nrip_save", obj, "nrip-save");
6467     object_property_add_alias(obj, "tsc_scale", obj, "tsc-scale");
6468     object_property_add_alias(obj, "vmcb_clean", obj, "vmcb-clean");
6469     object_property_add_alias(obj, "pause_filter", obj, "pause-filter");
6470     object_property_add_alias(obj, "sse4_1", obj, "sse4.1");
6471     object_property_add_alias(obj, "sse4_2", obj, "sse4.2");
6472 
6473     if (xcc->model) {
6474         x86_cpu_load_model(cpu, xcc->model);
6475     }
6476 
6477     /* if required, do accelerator-specific cpu initializations */
6478     accel_cpu_instance_init(CPU(obj));
6479 }
6480 
6481 static int64_t x86_cpu_get_arch_id(CPUState *cs)
6482 {
6483     X86CPU *cpu = X86_CPU(cs);
6484 
6485     return cpu->apic_id;
6486 }
6487 
6488 static bool x86_cpu_get_paging_enabled(const CPUState *cs)
6489 {
6490     X86CPU *cpu = X86_CPU(cs);
6491 
6492     return cpu->env.cr[0] & CR0_PG_MASK;
6493 }
6494 
6495 static void x86_cpu_set_pc(CPUState *cs, vaddr value)
6496 {
6497     X86CPU *cpu = X86_CPU(cs);
6498 
6499     cpu->env.eip = value;
6500 }
6501 
6502 int x86_cpu_pending_interrupt(CPUState *cs, int interrupt_request)
6503 {
6504     X86CPU *cpu = X86_CPU(cs);
6505     CPUX86State *env = &cpu->env;
6506 
6507 #if !defined(CONFIG_USER_ONLY)
6508     if (interrupt_request & CPU_INTERRUPT_POLL) {
6509         return CPU_INTERRUPT_POLL;
6510     }
6511 #endif
6512     if (interrupt_request & CPU_INTERRUPT_SIPI) {
6513         return CPU_INTERRUPT_SIPI;
6514     }
6515 
6516     if (env->hflags2 & HF2_GIF_MASK) {
6517         if ((interrupt_request & CPU_INTERRUPT_SMI) &&
6518             !(env->hflags & HF_SMM_MASK)) {
6519             return CPU_INTERRUPT_SMI;
6520         } else if ((interrupt_request & CPU_INTERRUPT_NMI) &&
6521                    !(env->hflags2 & HF2_NMI_MASK)) {
6522             return CPU_INTERRUPT_NMI;
6523         } else if (interrupt_request & CPU_INTERRUPT_MCE) {
6524             return CPU_INTERRUPT_MCE;
6525         } else if ((interrupt_request & CPU_INTERRUPT_HARD) &&
6526                    (((env->hflags2 & HF2_VINTR_MASK) &&
6527                      (env->hflags2 & HF2_HIF_MASK)) ||
6528                     (!(env->hflags2 & HF2_VINTR_MASK) &&
6529                      (env->eflags & IF_MASK &&
6530                       !(env->hflags & HF_INHIBIT_IRQ_MASK))))) {
6531             return CPU_INTERRUPT_HARD;
6532 #if !defined(CONFIG_USER_ONLY)
6533         } else if ((interrupt_request & CPU_INTERRUPT_VIRQ) &&
6534                    (env->eflags & IF_MASK) &&
6535                    !(env->hflags & HF_INHIBIT_IRQ_MASK)) {
6536             return CPU_INTERRUPT_VIRQ;
6537 #endif
6538         }
6539     }
6540 
6541     return 0;
6542 }
6543 
6544 static bool x86_cpu_has_work(CPUState *cs)
6545 {
6546     return x86_cpu_pending_interrupt(cs, cs->interrupt_request) != 0;
6547 }
6548 
6549 static void x86_disas_set_info(CPUState *cs, disassemble_info *info)
6550 {
6551     X86CPU *cpu = X86_CPU(cs);
6552     CPUX86State *env = &cpu->env;
6553 
6554     info->mach = (env->hflags & HF_CS64_MASK ? bfd_mach_x86_64
6555                   : env->hflags & HF_CS32_MASK ? bfd_mach_i386_i386
6556                   : bfd_mach_i386_i8086);
6557     info->print_insn = print_insn_i386;
6558 
6559     info->cap_arch = CS_ARCH_X86;
6560     info->cap_mode = (env->hflags & HF_CS64_MASK ? CS_MODE_64
6561                       : env->hflags & HF_CS32_MASK ? CS_MODE_32
6562                       : CS_MODE_16);
6563     info->cap_insn_unit = 1;
6564     info->cap_insn_split = 8;
6565 }
6566 
6567 void x86_update_hflags(CPUX86State *env)
6568 {
6569    uint32_t hflags;
6570 #define HFLAG_COPY_MASK \
6571     ~( HF_CPL_MASK | HF_PE_MASK | HF_MP_MASK | HF_EM_MASK | \
6572        HF_TS_MASK | HF_TF_MASK | HF_VM_MASK | HF_IOPL_MASK | \
6573        HF_OSFXSR_MASK | HF_LMA_MASK | HF_CS32_MASK | \
6574        HF_SS32_MASK | HF_CS64_MASK | HF_ADDSEG_MASK)
6575 
6576     hflags = env->hflags & HFLAG_COPY_MASK;
6577     hflags |= (env->segs[R_SS].flags >> DESC_DPL_SHIFT) & HF_CPL_MASK;
6578     hflags |= (env->cr[0] & CR0_PE_MASK) << (HF_PE_SHIFT - CR0_PE_SHIFT);
6579     hflags |= (env->cr[0] << (HF_MP_SHIFT - CR0_MP_SHIFT)) &
6580                 (HF_MP_MASK | HF_EM_MASK | HF_TS_MASK);
6581     hflags |= (env->eflags & (HF_TF_MASK | HF_VM_MASK | HF_IOPL_MASK));
6582 
6583     if (env->cr[4] & CR4_OSFXSR_MASK) {
6584         hflags |= HF_OSFXSR_MASK;
6585     }
6586 
6587     if (env->efer & MSR_EFER_LMA) {
6588         hflags |= HF_LMA_MASK;
6589     }
6590 
6591     if ((hflags & HF_LMA_MASK) && (env->segs[R_CS].flags & DESC_L_MASK)) {
6592         hflags |= HF_CS32_MASK | HF_SS32_MASK | HF_CS64_MASK;
6593     } else {
6594         hflags |= (env->segs[R_CS].flags & DESC_B_MASK) >>
6595                     (DESC_B_SHIFT - HF_CS32_SHIFT);
6596         hflags |= (env->segs[R_SS].flags & DESC_B_MASK) >>
6597                     (DESC_B_SHIFT - HF_SS32_SHIFT);
6598         if (!(env->cr[0] & CR0_PE_MASK) || (env->eflags & VM_MASK) ||
6599             !(hflags & HF_CS32_MASK)) {
6600             hflags |= HF_ADDSEG_MASK;
6601         } else {
6602             hflags |= ((env->segs[R_DS].base | env->segs[R_ES].base |
6603                         env->segs[R_SS].base) != 0) << HF_ADDSEG_SHIFT;
6604         }
6605     }
6606     env->hflags = hflags;
6607 }
6608 
6609 static Property x86_cpu_properties[] = {
6610 #ifdef CONFIG_USER_ONLY
6611     /* apic_id = 0 by default for *-user, see commit 9886e834 */
6612     DEFINE_PROP_UINT32("apic-id", X86CPU, apic_id, 0),
6613     DEFINE_PROP_INT32("thread-id", X86CPU, thread_id, 0),
6614     DEFINE_PROP_INT32("core-id", X86CPU, core_id, 0),
6615     DEFINE_PROP_INT32("die-id", X86CPU, die_id, 0),
6616     DEFINE_PROP_INT32("socket-id", X86CPU, socket_id, 0),
6617 #else
6618     DEFINE_PROP_UINT32("apic-id", X86CPU, apic_id, UNASSIGNED_APIC_ID),
6619     DEFINE_PROP_INT32("thread-id", X86CPU, thread_id, -1),
6620     DEFINE_PROP_INT32("core-id", X86CPU, core_id, -1),
6621     DEFINE_PROP_INT32("die-id", X86CPU, die_id, -1),
6622     DEFINE_PROP_INT32("socket-id", X86CPU, socket_id, -1),
6623 #endif
6624     DEFINE_PROP_INT32("node-id", X86CPU, node_id, CPU_UNSET_NUMA_NODE_ID),
6625     DEFINE_PROP_BOOL("pmu", X86CPU, enable_pmu, false),
6626 
6627     DEFINE_PROP_UINT32("hv-spinlocks", X86CPU, hyperv_spinlock_attempts,
6628                        HYPERV_SPINLOCK_NEVER_NOTIFY),
6629     DEFINE_PROP_BIT64("hv-relaxed", X86CPU, hyperv_features,
6630                       HYPERV_FEAT_RELAXED, 0),
6631     DEFINE_PROP_BIT64("hv-vapic", X86CPU, hyperv_features,
6632                       HYPERV_FEAT_VAPIC, 0),
6633     DEFINE_PROP_BIT64("hv-time", X86CPU, hyperv_features,
6634                       HYPERV_FEAT_TIME, 0),
6635     DEFINE_PROP_BIT64("hv-crash", X86CPU, hyperv_features,
6636                       HYPERV_FEAT_CRASH, 0),
6637     DEFINE_PROP_BIT64("hv-reset", X86CPU, hyperv_features,
6638                       HYPERV_FEAT_RESET, 0),
6639     DEFINE_PROP_BIT64("hv-vpindex", X86CPU, hyperv_features,
6640                       HYPERV_FEAT_VPINDEX, 0),
6641     DEFINE_PROP_BIT64("hv-runtime", X86CPU, hyperv_features,
6642                       HYPERV_FEAT_RUNTIME, 0),
6643     DEFINE_PROP_BIT64("hv-synic", X86CPU, hyperv_features,
6644                       HYPERV_FEAT_SYNIC, 0),
6645     DEFINE_PROP_BIT64("hv-stimer", X86CPU, hyperv_features,
6646                       HYPERV_FEAT_STIMER, 0),
6647     DEFINE_PROP_BIT64("hv-frequencies", X86CPU, hyperv_features,
6648                       HYPERV_FEAT_FREQUENCIES, 0),
6649     DEFINE_PROP_BIT64("hv-reenlightenment", X86CPU, hyperv_features,
6650                       HYPERV_FEAT_REENLIGHTENMENT, 0),
6651     DEFINE_PROP_BIT64("hv-tlbflush", X86CPU, hyperv_features,
6652                       HYPERV_FEAT_TLBFLUSH, 0),
6653     DEFINE_PROP_BIT64("hv-evmcs", X86CPU, hyperv_features,
6654                       HYPERV_FEAT_EVMCS, 0),
6655     DEFINE_PROP_BIT64("hv-ipi", X86CPU, hyperv_features,
6656                       HYPERV_FEAT_IPI, 0),
6657     DEFINE_PROP_BIT64("hv-stimer-direct", X86CPU, hyperv_features,
6658                       HYPERV_FEAT_STIMER_DIRECT, 0),
6659     DEFINE_PROP_ON_OFF_AUTO("hv-no-nonarch-coresharing", X86CPU,
6660                             hyperv_no_nonarch_cs, ON_OFF_AUTO_OFF),
6661     DEFINE_PROP_BOOL("hv-passthrough", X86CPU, hyperv_passthrough, false),
6662 
6663     DEFINE_PROP_BOOL("check", X86CPU, check_cpuid, true),
6664     DEFINE_PROP_BOOL("enforce", X86CPU, enforce_cpuid, false),
6665     DEFINE_PROP_BOOL("x-force-features", X86CPU, force_features, false),
6666     DEFINE_PROP_BOOL("kvm", X86CPU, expose_kvm, true),
6667     DEFINE_PROP_UINT32("phys-bits", X86CPU, phys_bits, 0),
6668     DEFINE_PROP_BOOL("host-phys-bits", X86CPU, host_phys_bits, false),
6669     DEFINE_PROP_UINT8("host-phys-bits-limit", X86CPU, host_phys_bits_limit, 0),
6670     DEFINE_PROP_BOOL("fill-mtrr-mask", X86CPU, fill_mtrr_mask, true),
6671     DEFINE_PROP_UINT32("level-func7", X86CPU, env.cpuid_level_func7,
6672                        UINT32_MAX),
6673     DEFINE_PROP_UINT32("level", X86CPU, env.cpuid_level, UINT32_MAX),
6674     DEFINE_PROP_UINT32("xlevel", X86CPU, env.cpuid_xlevel, UINT32_MAX),
6675     DEFINE_PROP_UINT32("xlevel2", X86CPU, env.cpuid_xlevel2, UINT32_MAX),
6676     DEFINE_PROP_UINT32("min-level", X86CPU, env.cpuid_min_level, 0),
6677     DEFINE_PROP_UINT32("min-xlevel", X86CPU, env.cpuid_min_xlevel, 0),
6678     DEFINE_PROP_UINT32("min-xlevel2", X86CPU, env.cpuid_min_xlevel2, 0),
6679     DEFINE_PROP_UINT64("ucode-rev", X86CPU, ucode_rev, 0),
6680     DEFINE_PROP_BOOL("full-cpuid-auto-level", X86CPU, full_cpuid_auto_level, true),
6681     DEFINE_PROP_STRING("hv-vendor-id", X86CPU, hyperv_vendor),
6682     DEFINE_PROP_BOOL("cpuid-0xb", X86CPU, enable_cpuid_0xb, true),
6683     DEFINE_PROP_BOOL("lmce", X86CPU, enable_lmce, false),
6684     DEFINE_PROP_BOOL("l3-cache", X86CPU, enable_l3_cache, true),
6685     DEFINE_PROP_BOOL("kvm-no-smi-migration", X86CPU, kvm_no_smi_migration,
6686                      false),
6687     DEFINE_PROP_BOOL("vmware-cpuid-freq", X86CPU, vmware_cpuid_freq, true),
6688     DEFINE_PROP_BOOL("tcg-cpuid", X86CPU, expose_tcg, true),
6689     DEFINE_PROP_BOOL("x-migrate-smi-count", X86CPU, migrate_smi_count,
6690                      true),
6691     /*
6692      * lecacy_cache defaults to true unless the CPU model provides its
6693      * own cache information (see x86_cpu_load_def()).
6694      */
6695     DEFINE_PROP_BOOL("legacy-cache", X86CPU, legacy_cache, true),
6696 
6697     /*
6698      * From "Requirements for Implementing the Microsoft
6699      * Hypervisor Interface":
6700      * https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/reference/tlfs
6701      *
6702      * "Starting with Windows Server 2012 and Windows 8, if
6703      * CPUID.40000005.EAX contains a value of -1, Windows assumes that
6704      * the hypervisor imposes no specific limit to the number of VPs.
6705      * In this case, Windows Server 2012 guest VMs may use more than
6706      * 64 VPs, up to the maximum supported number of processors applicable
6707      * to the specific Windows version being used."
6708      */
6709     DEFINE_PROP_INT32("x-hv-max-vps", X86CPU, hv_max_vps, -1),
6710     DEFINE_PROP_BOOL("x-hv-synic-kvm-only", X86CPU, hyperv_synic_kvm_only,
6711                      false),
6712     DEFINE_PROP_BOOL("x-intel-pt-auto-level", X86CPU, intel_pt_auto_level,
6713                      true),
6714     DEFINE_PROP_END_OF_LIST()
6715 };
6716 
6717 #ifndef CONFIG_USER_ONLY
6718 #include "hw/core/sysemu-cpu-ops.h"
6719 
6720 static const struct SysemuCPUOps i386_sysemu_ops = {
6721 };
6722 #endif
6723 
6724 static void x86_cpu_common_class_init(ObjectClass *oc, void *data)
6725 {
6726     X86CPUClass *xcc = X86_CPU_CLASS(oc);
6727     CPUClass *cc = CPU_CLASS(oc);
6728     DeviceClass *dc = DEVICE_CLASS(oc);
6729     FeatureWord w;
6730 
6731     device_class_set_parent_realize(dc, x86_cpu_realizefn,
6732                                     &xcc->parent_realize);
6733     device_class_set_parent_unrealize(dc, x86_cpu_unrealizefn,
6734                                       &xcc->parent_unrealize);
6735     device_class_set_props(dc, x86_cpu_properties);
6736 
6737     device_class_set_parent_reset(dc, x86_cpu_reset, &xcc->parent_reset);
6738     cc->reset_dump_flags = CPU_DUMP_FPU | CPU_DUMP_CCOP;
6739 
6740     cc->class_by_name = x86_cpu_class_by_name;
6741     cc->parse_features = x86_cpu_parse_featurestr;
6742     cc->has_work = x86_cpu_has_work;
6743     cc->dump_state = x86_cpu_dump_state;
6744     cc->set_pc = x86_cpu_set_pc;
6745     cc->gdb_read_register = x86_cpu_gdb_read_register;
6746     cc->gdb_write_register = x86_cpu_gdb_write_register;
6747     cc->get_arch_id = x86_cpu_get_arch_id;
6748     cc->get_paging_enabled = x86_cpu_get_paging_enabled;
6749 
6750 #ifndef CONFIG_USER_ONLY
6751     cc->asidx_from_attrs = x86_asidx_from_attrs;
6752     cc->get_memory_mapping = x86_cpu_get_memory_mapping;
6753     cc->get_phys_page_attrs_debug = x86_cpu_get_phys_page_attrs_debug;
6754     cc->get_crash_info = x86_cpu_get_crash_info;
6755     cc->write_elf64_note = x86_cpu_write_elf64_note;
6756     cc->write_elf64_qemunote = x86_cpu_write_elf64_qemunote;
6757     cc->write_elf32_note = x86_cpu_write_elf32_note;
6758     cc->write_elf32_qemunote = x86_cpu_write_elf32_qemunote;
6759     cc->legacy_vmsd = &vmstate_x86_cpu;
6760     cc->sysemu_ops = &i386_sysemu_ops;
6761 #endif /* !CONFIG_USER_ONLY */
6762 
6763     cc->gdb_arch_name = x86_gdb_arch_name;
6764 #ifdef TARGET_X86_64
6765     cc->gdb_core_xml_file = "i386-64bit.xml";
6766     cc->gdb_num_core_regs = 66;
6767 #else
6768     cc->gdb_core_xml_file = "i386-32bit.xml";
6769     cc->gdb_num_core_regs = 50;
6770 #endif
6771     cc->disas_set_info = x86_disas_set_info;
6772 
6773     dc->user_creatable = true;
6774 
6775     object_class_property_add(oc, "family", "int",
6776                               x86_cpuid_version_get_family,
6777                               x86_cpuid_version_set_family, NULL, NULL);
6778     object_class_property_add(oc, "model", "int",
6779                               x86_cpuid_version_get_model,
6780                               x86_cpuid_version_set_model, NULL, NULL);
6781     object_class_property_add(oc, "stepping", "int",
6782                               x86_cpuid_version_get_stepping,
6783                               x86_cpuid_version_set_stepping, NULL, NULL);
6784     object_class_property_add_str(oc, "vendor",
6785                                   x86_cpuid_get_vendor,
6786                                   x86_cpuid_set_vendor);
6787     object_class_property_add_str(oc, "model-id",
6788                                   x86_cpuid_get_model_id,
6789                                   x86_cpuid_set_model_id);
6790     object_class_property_add(oc, "tsc-frequency", "int",
6791                               x86_cpuid_get_tsc_freq,
6792                               x86_cpuid_set_tsc_freq, NULL, NULL);
6793     /*
6794      * The "unavailable-features" property has the same semantics as
6795      * CpuDefinitionInfo.unavailable-features on the "query-cpu-definitions"
6796      * QMP command: they list the features that would have prevented the
6797      * CPU from running if the "enforce" flag was set.
6798      */
6799     object_class_property_add(oc, "unavailable-features", "strList",
6800                               x86_cpu_get_unavailable_features,
6801                               NULL, NULL, NULL);
6802 
6803 #if !defined(CONFIG_USER_ONLY)
6804     object_class_property_add(oc, "crash-information", "GuestPanicInformation",
6805                               x86_cpu_get_crash_info_qom, NULL, NULL, NULL);
6806 #endif
6807 
6808     for (w = 0; w < FEATURE_WORDS; w++) {
6809         int bitnr;
6810         for (bitnr = 0; bitnr < 64; bitnr++) {
6811             x86_cpu_register_feature_bit_props(xcc, w, bitnr);
6812         }
6813     }
6814 }
6815 
6816 static const TypeInfo x86_cpu_type_info = {
6817     .name = TYPE_X86_CPU,
6818     .parent = TYPE_CPU,
6819     .instance_size = sizeof(X86CPU),
6820     .instance_init = x86_cpu_initfn,
6821     .abstract = true,
6822     .class_size = sizeof(X86CPUClass),
6823     .class_init = x86_cpu_common_class_init,
6824 };
6825 
6826 
6827 /* "base" CPU model, used by query-cpu-model-expansion */
6828 static void x86_cpu_base_class_init(ObjectClass *oc, void *data)
6829 {
6830     X86CPUClass *xcc = X86_CPU_CLASS(oc);
6831 
6832     xcc->static_model = true;
6833     xcc->migration_safe = true;
6834     xcc->model_description = "base CPU model type with no features enabled";
6835     xcc->ordering = 8;
6836 }
6837 
6838 static const TypeInfo x86_base_cpu_type_info = {
6839         .name = X86_CPU_TYPE_NAME("base"),
6840         .parent = TYPE_X86_CPU,
6841         .class_init = x86_cpu_base_class_init,
6842 };
6843 
6844 static void x86_cpu_register_types(void)
6845 {
6846     int i;
6847 
6848     type_register_static(&x86_cpu_type_info);
6849     for (i = 0; i < ARRAY_SIZE(builtin_x86_defs); i++) {
6850         x86_register_cpudef_types(&builtin_x86_defs[i]);
6851     }
6852     type_register_static(&max_x86_cpu_type_info);
6853     type_register_static(&x86_base_cpu_type_info);
6854 }
6855 
6856 type_init(x86_cpu_register_types)
6857