xref: /openbmc/qemu/target/i386/cpu.c (revision 8c6631e66e323bc92e0ea5d235e7059b30fb86ee)
1 /*
2  *  i386 CPUID, CPU class, definitions, models
3  *
4  *  Copyright (c) 2003 Fabrice Bellard
5  *
6  * This library is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Lesser General Public
8  * License as published by the Free Software Foundation; either
9  * version 2.1 of the License, or (at your option) any later version.
10  *
11  * This library is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
14  * Lesser General Public License for more details.
15  *
16  * You should have received a copy of the GNU Lesser General Public
17  * License along with this library; if not, see <http://www.gnu.org/licenses/>.
18  */
19 
20 #include "qemu/osdep.h"
21 #include "qemu/units.h"
22 #include "qemu/cutils.h"
23 #include "qemu/qemu-print.h"
24 #include "qemu/hw-version.h"
25 #include "cpu.h"
26 #include "tcg/helper-tcg.h"
27 #include "sysemu/reset.h"
28 #include "sysemu/hvf.h"
29 #include "kvm/kvm_i386.h"
30 #include "sev.h"
31 #include "qapi/error.h"
32 #include "qapi/qapi-visit-machine.h"
33 #include "qapi/qmp/qerror.h"
34 #include "qapi/qapi-commands-machine-target.h"
35 #include "standard-headers/asm-x86/kvm_para.h"
36 #include "hw/qdev-properties.h"
37 #include "hw/i386/topology.h"
38 #ifndef CONFIG_USER_ONLY
39 #include "exec/address-spaces.h"
40 #include "hw/boards.h"
41 #include "hw/i386/sgx-epc.h"
42 #endif
43 
44 #include "disas/capstone.h"
45 #include "cpu-internal.h"
46 
47 /* Helpers for building CPUID[2] descriptors: */
48 
49 struct CPUID2CacheDescriptorInfo {
50     enum CacheType type;
51     int level;
52     int size;
53     int line_size;
54     int associativity;
55 };
56 
57 /*
58  * Known CPUID 2 cache descriptors.
59  * From Intel SDM Volume 2A, CPUID instruction
60  */
61 struct CPUID2CacheDescriptorInfo cpuid2_cache_descriptors[] = {
62     [0x06] = { .level = 1, .type = INSTRUCTION_CACHE, .size =   8 * KiB,
63                .associativity = 4,  .line_size = 32, },
64     [0x08] = { .level = 1, .type = INSTRUCTION_CACHE, .size =  16 * KiB,
65                .associativity = 4,  .line_size = 32, },
66     [0x09] = { .level = 1, .type = INSTRUCTION_CACHE, .size =  32 * KiB,
67                .associativity = 4,  .line_size = 64, },
68     [0x0A] = { .level = 1, .type = DATA_CACHE,        .size =   8 * KiB,
69                .associativity = 2,  .line_size = 32, },
70     [0x0C] = { .level = 1, .type = DATA_CACHE,        .size =  16 * KiB,
71                .associativity = 4,  .line_size = 32, },
72     [0x0D] = { .level = 1, .type = DATA_CACHE,        .size =  16 * KiB,
73                .associativity = 4,  .line_size = 64, },
74     [0x0E] = { .level = 1, .type = DATA_CACHE,        .size =  24 * KiB,
75                .associativity = 6,  .line_size = 64, },
76     [0x1D] = { .level = 2, .type = UNIFIED_CACHE,     .size = 128 * KiB,
77                .associativity = 2,  .line_size = 64, },
78     [0x21] = { .level = 2, .type = UNIFIED_CACHE,     .size = 256 * KiB,
79                .associativity = 8,  .line_size = 64, },
80     /* lines per sector is not supported cpuid2_cache_descriptor(),
81     * so descriptors 0x22, 0x23 are not included
82     */
83     [0x24] = { .level = 2, .type = UNIFIED_CACHE,     .size =   1 * MiB,
84                .associativity = 16, .line_size = 64, },
85     /* lines per sector is not supported cpuid2_cache_descriptor(),
86     * so descriptors 0x25, 0x20 are not included
87     */
88     [0x2C] = { .level = 1, .type = DATA_CACHE,        .size =  32 * KiB,
89                .associativity = 8,  .line_size = 64, },
90     [0x30] = { .level = 1, .type = INSTRUCTION_CACHE, .size =  32 * KiB,
91                .associativity = 8,  .line_size = 64, },
92     [0x41] = { .level = 2, .type = UNIFIED_CACHE,     .size = 128 * KiB,
93                .associativity = 4,  .line_size = 32, },
94     [0x42] = { .level = 2, .type = UNIFIED_CACHE,     .size = 256 * KiB,
95                .associativity = 4,  .line_size = 32, },
96     [0x43] = { .level = 2, .type = UNIFIED_CACHE,     .size = 512 * KiB,
97                .associativity = 4,  .line_size = 32, },
98     [0x44] = { .level = 2, .type = UNIFIED_CACHE,     .size =   1 * MiB,
99                .associativity = 4,  .line_size = 32, },
100     [0x45] = { .level = 2, .type = UNIFIED_CACHE,     .size =   2 * MiB,
101                .associativity = 4,  .line_size = 32, },
102     [0x46] = { .level = 3, .type = UNIFIED_CACHE,     .size =   4 * MiB,
103                .associativity = 4,  .line_size = 64, },
104     [0x47] = { .level = 3, .type = UNIFIED_CACHE,     .size =   8 * MiB,
105                .associativity = 8,  .line_size = 64, },
106     [0x48] = { .level = 2, .type = UNIFIED_CACHE,     .size =   3 * MiB,
107                .associativity = 12, .line_size = 64, },
108     /* Descriptor 0x49 depends on CPU family/model, so it is not included */
109     [0x4A] = { .level = 3, .type = UNIFIED_CACHE,     .size =   6 * MiB,
110                .associativity = 12, .line_size = 64, },
111     [0x4B] = { .level = 3, .type = UNIFIED_CACHE,     .size =   8 * MiB,
112                .associativity = 16, .line_size = 64, },
113     [0x4C] = { .level = 3, .type = UNIFIED_CACHE,     .size =  12 * MiB,
114                .associativity = 12, .line_size = 64, },
115     [0x4D] = { .level = 3, .type = UNIFIED_CACHE,     .size =  16 * MiB,
116                .associativity = 16, .line_size = 64, },
117     [0x4E] = { .level = 2, .type = UNIFIED_CACHE,     .size =   6 * MiB,
118                .associativity = 24, .line_size = 64, },
119     [0x60] = { .level = 1, .type = DATA_CACHE,        .size =  16 * KiB,
120                .associativity = 8,  .line_size = 64, },
121     [0x66] = { .level = 1, .type = DATA_CACHE,        .size =   8 * KiB,
122                .associativity = 4,  .line_size = 64, },
123     [0x67] = { .level = 1, .type = DATA_CACHE,        .size =  16 * KiB,
124                .associativity = 4,  .line_size = 64, },
125     [0x68] = { .level = 1, .type = DATA_CACHE,        .size =  32 * KiB,
126                .associativity = 4,  .line_size = 64, },
127     [0x78] = { .level = 2, .type = UNIFIED_CACHE,     .size =   1 * MiB,
128                .associativity = 4,  .line_size = 64, },
129     /* lines per sector is not supported cpuid2_cache_descriptor(),
130     * so descriptors 0x79, 0x7A, 0x7B, 0x7C are not included.
131     */
132     [0x7D] = { .level = 2, .type = UNIFIED_CACHE,     .size =   2 * MiB,
133                .associativity = 8,  .line_size = 64, },
134     [0x7F] = { .level = 2, .type = UNIFIED_CACHE,     .size = 512 * KiB,
135                .associativity = 2,  .line_size = 64, },
136     [0x80] = { .level = 2, .type = UNIFIED_CACHE,     .size = 512 * KiB,
137                .associativity = 8,  .line_size = 64, },
138     [0x82] = { .level = 2, .type = UNIFIED_CACHE,     .size = 256 * KiB,
139                .associativity = 8,  .line_size = 32, },
140     [0x83] = { .level = 2, .type = UNIFIED_CACHE,     .size = 512 * KiB,
141                .associativity = 8,  .line_size = 32, },
142     [0x84] = { .level = 2, .type = UNIFIED_CACHE,     .size =   1 * MiB,
143                .associativity = 8,  .line_size = 32, },
144     [0x85] = { .level = 2, .type = UNIFIED_CACHE,     .size =   2 * MiB,
145                .associativity = 8,  .line_size = 32, },
146     [0x86] = { .level = 2, .type = UNIFIED_CACHE,     .size = 512 * KiB,
147                .associativity = 4,  .line_size = 64, },
148     [0x87] = { .level = 2, .type = UNIFIED_CACHE,     .size =   1 * MiB,
149                .associativity = 8,  .line_size = 64, },
150     [0xD0] = { .level = 3, .type = UNIFIED_CACHE,     .size = 512 * KiB,
151                .associativity = 4,  .line_size = 64, },
152     [0xD1] = { .level = 3, .type = UNIFIED_CACHE,     .size =   1 * MiB,
153                .associativity = 4,  .line_size = 64, },
154     [0xD2] = { .level = 3, .type = UNIFIED_CACHE,     .size =   2 * MiB,
155                .associativity = 4,  .line_size = 64, },
156     [0xD6] = { .level = 3, .type = UNIFIED_CACHE,     .size =   1 * MiB,
157                .associativity = 8,  .line_size = 64, },
158     [0xD7] = { .level = 3, .type = UNIFIED_CACHE,     .size =   2 * MiB,
159                .associativity = 8,  .line_size = 64, },
160     [0xD8] = { .level = 3, .type = UNIFIED_CACHE,     .size =   4 * MiB,
161                .associativity = 8,  .line_size = 64, },
162     [0xDC] = { .level = 3, .type = UNIFIED_CACHE,     .size = 1.5 * MiB,
163                .associativity = 12, .line_size = 64, },
164     [0xDD] = { .level = 3, .type = UNIFIED_CACHE,     .size =   3 * MiB,
165                .associativity = 12, .line_size = 64, },
166     [0xDE] = { .level = 3, .type = UNIFIED_CACHE,     .size =   6 * MiB,
167                .associativity = 12, .line_size = 64, },
168     [0xE2] = { .level = 3, .type = UNIFIED_CACHE,     .size =   2 * MiB,
169                .associativity = 16, .line_size = 64, },
170     [0xE3] = { .level = 3, .type = UNIFIED_CACHE,     .size =   4 * MiB,
171                .associativity = 16, .line_size = 64, },
172     [0xE4] = { .level = 3, .type = UNIFIED_CACHE,     .size =   8 * MiB,
173                .associativity = 16, .line_size = 64, },
174     [0xEA] = { .level = 3, .type = UNIFIED_CACHE,     .size =  12 * MiB,
175                .associativity = 24, .line_size = 64, },
176     [0xEB] = { .level = 3, .type = UNIFIED_CACHE,     .size =  18 * MiB,
177                .associativity = 24, .line_size = 64, },
178     [0xEC] = { .level = 3, .type = UNIFIED_CACHE,     .size =  24 * MiB,
179                .associativity = 24, .line_size = 64, },
180 };
181 
182 /*
183  * "CPUID leaf 2 does not report cache descriptor information,
184  * use CPUID leaf 4 to query cache parameters"
185  */
186 #define CACHE_DESCRIPTOR_UNAVAILABLE 0xFF
187 
188 /*
189  * Return a CPUID 2 cache descriptor for a given cache.
190  * If no known descriptor is found, return CACHE_DESCRIPTOR_UNAVAILABLE
191  */
192 static uint8_t cpuid2_cache_descriptor(CPUCacheInfo *cache)
193 {
194     int i;
195 
196     assert(cache->size > 0);
197     assert(cache->level > 0);
198     assert(cache->line_size > 0);
199     assert(cache->associativity > 0);
200     for (i = 0; i < ARRAY_SIZE(cpuid2_cache_descriptors); i++) {
201         struct CPUID2CacheDescriptorInfo *d = &cpuid2_cache_descriptors[i];
202         if (d->level == cache->level && d->type == cache->type &&
203             d->size == cache->size && d->line_size == cache->line_size &&
204             d->associativity == cache->associativity) {
205                 return i;
206             }
207     }
208 
209     return CACHE_DESCRIPTOR_UNAVAILABLE;
210 }
211 
212 /* CPUID Leaf 4 constants: */
213 
214 /* EAX: */
215 #define CACHE_TYPE_D    1
216 #define CACHE_TYPE_I    2
217 #define CACHE_TYPE_UNIFIED   3
218 
219 #define CACHE_LEVEL(l)        (l << 5)
220 
221 #define CACHE_SELF_INIT_LEVEL (1 << 8)
222 
223 /* EDX: */
224 #define CACHE_NO_INVD_SHARING   (1 << 0)
225 #define CACHE_INCLUSIVE       (1 << 1)
226 #define CACHE_COMPLEX_IDX     (1 << 2)
227 
228 /* Encode CacheType for CPUID[4].EAX */
229 #define CACHE_TYPE(t) (((t) == DATA_CACHE) ? CACHE_TYPE_D : \
230                        ((t) == INSTRUCTION_CACHE) ? CACHE_TYPE_I : \
231                        ((t) == UNIFIED_CACHE) ? CACHE_TYPE_UNIFIED : \
232                        0 /* Invalid value */)
233 
234 
235 /* Encode cache info for CPUID[4] */
236 static void encode_cache_cpuid4(CPUCacheInfo *cache,
237                                 int num_apic_ids, int num_cores,
238                                 uint32_t *eax, uint32_t *ebx,
239                                 uint32_t *ecx, uint32_t *edx)
240 {
241     assert(cache->size == cache->line_size * cache->associativity *
242                           cache->partitions * cache->sets);
243 
244     assert(num_apic_ids > 0);
245     *eax = CACHE_TYPE(cache->type) |
246            CACHE_LEVEL(cache->level) |
247            (cache->self_init ? CACHE_SELF_INIT_LEVEL : 0) |
248            ((num_cores - 1) << 26) |
249            ((num_apic_ids - 1) << 14);
250 
251     assert(cache->line_size > 0);
252     assert(cache->partitions > 0);
253     assert(cache->associativity > 0);
254     /* We don't implement fully-associative caches */
255     assert(cache->associativity < cache->sets);
256     *ebx = (cache->line_size - 1) |
257            ((cache->partitions - 1) << 12) |
258            ((cache->associativity - 1) << 22);
259 
260     assert(cache->sets > 0);
261     *ecx = cache->sets - 1;
262 
263     *edx = (cache->no_invd_sharing ? CACHE_NO_INVD_SHARING : 0) |
264            (cache->inclusive ? CACHE_INCLUSIVE : 0) |
265            (cache->complex_indexing ? CACHE_COMPLEX_IDX : 0);
266 }
267 
268 /* Encode cache info for CPUID[0x80000005].ECX or CPUID[0x80000005].EDX */
269 static uint32_t encode_cache_cpuid80000005(CPUCacheInfo *cache)
270 {
271     assert(cache->size % 1024 == 0);
272     assert(cache->lines_per_tag > 0);
273     assert(cache->associativity > 0);
274     assert(cache->line_size > 0);
275     return ((cache->size / 1024) << 24) | (cache->associativity << 16) |
276            (cache->lines_per_tag << 8) | (cache->line_size);
277 }
278 
279 #define ASSOC_FULL 0xFF
280 
281 /* AMD associativity encoding used on CPUID Leaf 0x80000006: */
282 #define AMD_ENC_ASSOC(a) (a <=   1 ? a   : \
283                           a ==   2 ? 0x2 : \
284                           a ==   4 ? 0x4 : \
285                           a ==   8 ? 0x6 : \
286                           a ==  16 ? 0x8 : \
287                           a ==  32 ? 0xA : \
288                           a ==  48 ? 0xB : \
289                           a ==  64 ? 0xC : \
290                           a ==  96 ? 0xD : \
291                           a == 128 ? 0xE : \
292                           a == ASSOC_FULL ? 0xF : \
293                           0 /* invalid value */)
294 
295 /*
296  * Encode cache info for CPUID[0x80000006].ECX and CPUID[0x80000006].EDX
297  * @l3 can be NULL.
298  */
299 static void encode_cache_cpuid80000006(CPUCacheInfo *l2,
300                                        CPUCacheInfo *l3,
301                                        uint32_t *ecx, uint32_t *edx)
302 {
303     assert(l2->size % 1024 == 0);
304     assert(l2->associativity > 0);
305     assert(l2->lines_per_tag > 0);
306     assert(l2->line_size > 0);
307     *ecx = ((l2->size / 1024) << 16) |
308            (AMD_ENC_ASSOC(l2->associativity) << 12) |
309            (l2->lines_per_tag << 8) | (l2->line_size);
310 
311     if (l3) {
312         assert(l3->size % (512 * 1024) == 0);
313         assert(l3->associativity > 0);
314         assert(l3->lines_per_tag > 0);
315         assert(l3->line_size > 0);
316         *edx = ((l3->size / (512 * 1024)) << 18) |
317                (AMD_ENC_ASSOC(l3->associativity) << 12) |
318                (l3->lines_per_tag << 8) | (l3->line_size);
319     } else {
320         *edx = 0;
321     }
322 }
323 
324 /* Encode cache info for CPUID[8000001D] */
325 static void encode_cache_cpuid8000001d(CPUCacheInfo *cache,
326                                        X86CPUTopoInfo *topo_info,
327                                        uint32_t *eax, uint32_t *ebx,
328                                        uint32_t *ecx, uint32_t *edx)
329 {
330     uint32_t l3_threads;
331     assert(cache->size == cache->line_size * cache->associativity *
332                           cache->partitions * cache->sets);
333 
334     *eax = CACHE_TYPE(cache->type) | CACHE_LEVEL(cache->level) |
335                (cache->self_init ? CACHE_SELF_INIT_LEVEL : 0);
336 
337     /* L3 is shared among multiple cores */
338     if (cache->level == 3) {
339         l3_threads = topo_info->cores_per_die * topo_info->threads_per_core;
340         *eax |= (l3_threads - 1) << 14;
341     } else {
342         *eax |= ((topo_info->threads_per_core - 1) << 14);
343     }
344 
345     assert(cache->line_size > 0);
346     assert(cache->partitions > 0);
347     assert(cache->associativity > 0);
348     /* We don't implement fully-associative caches */
349     assert(cache->associativity < cache->sets);
350     *ebx = (cache->line_size - 1) |
351            ((cache->partitions - 1) << 12) |
352            ((cache->associativity - 1) << 22);
353 
354     assert(cache->sets > 0);
355     *ecx = cache->sets - 1;
356 
357     *edx = (cache->no_invd_sharing ? CACHE_NO_INVD_SHARING : 0) |
358            (cache->inclusive ? CACHE_INCLUSIVE : 0) |
359            (cache->complex_indexing ? CACHE_COMPLEX_IDX : 0);
360 }
361 
362 /* Encode cache info for CPUID[8000001E] */
363 static void encode_topo_cpuid8000001e(X86CPU *cpu, X86CPUTopoInfo *topo_info,
364                                       uint32_t *eax, uint32_t *ebx,
365                                       uint32_t *ecx, uint32_t *edx)
366 {
367     X86CPUTopoIDs topo_ids;
368 
369     x86_topo_ids_from_apicid(cpu->apic_id, topo_info, &topo_ids);
370 
371     *eax = cpu->apic_id;
372 
373     /*
374      * CPUID_Fn8000001E_EBX [Core Identifiers] (CoreId)
375      * Read-only. Reset: 0000_XXXXh.
376      * See Core::X86::Cpuid::ExtApicId.
377      * Core::X86::Cpuid::CoreId_lthree[1:0]_core[3:0]_thread[1:0];
378      * Bits Description
379      * 31:16 Reserved.
380      * 15:8 ThreadsPerCore: threads per core. Read-only. Reset: XXh.
381      *      The number of threads per core is ThreadsPerCore+1.
382      *  7:0 CoreId: core ID. Read-only. Reset: XXh.
383      *
384      *  NOTE: CoreId is already part of apic_id. Just use it. We can
385      *  use all the 8 bits to represent the core_id here.
386      */
387     *ebx = ((topo_info->threads_per_core - 1) << 8) | (topo_ids.core_id & 0xFF);
388 
389     /*
390      * CPUID_Fn8000001E_ECX [Node Identifiers] (NodeId)
391      * Read-only. Reset: 0000_0XXXh.
392      * Core::X86::Cpuid::NodeId_lthree[1:0]_core[3:0]_thread[1:0];
393      * Bits Description
394      * 31:11 Reserved.
395      * 10:8 NodesPerProcessor: Node per processor. Read-only. Reset: XXXb.
396      *      ValidValues:
397      *      Value Description
398      *      000b  1 node per processor.
399      *      001b  2 nodes per processor.
400      *      010b Reserved.
401      *      011b 4 nodes per processor.
402      *      111b-100b Reserved.
403      *  7:0 NodeId: Node ID. Read-only. Reset: XXh.
404      *
405      * NOTE: Hardware reserves 3 bits for number of nodes per processor.
406      * But users can create more nodes than the actual hardware can
407      * support. To genaralize we can use all the upper 8 bits for nodes.
408      * NodeId is combination of node and socket_id which is already decoded
409      * in apic_id. Just use it by shifting.
410      */
411     *ecx = ((topo_info->dies_per_pkg - 1) << 8) |
412            ((cpu->apic_id >> apicid_die_offset(topo_info)) & 0xFF);
413 
414     *edx = 0;
415 }
416 
417 /*
418  * Definitions of the hardcoded cache entries we expose:
419  * These are legacy cache values. If there is a need to change any
420  * of these values please use builtin_x86_defs
421  */
422 
423 /* L1 data cache: */
424 static CPUCacheInfo legacy_l1d_cache = {
425     .type = DATA_CACHE,
426     .level = 1,
427     .size = 32 * KiB,
428     .self_init = 1,
429     .line_size = 64,
430     .associativity = 8,
431     .sets = 64,
432     .partitions = 1,
433     .no_invd_sharing = true,
434 };
435 
436 /*FIXME: CPUID leaf 0x80000005 is inconsistent with leaves 2 & 4 */
437 static CPUCacheInfo legacy_l1d_cache_amd = {
438     .type = DATA_CACHE,
439     .level = 1,
440     .size = 64 * KiB,
441     .self_init = 1,
442     .line_size = 64,
443     .associativity = 2,
444     .sets = 512,
445     .partitions = 1,
446     .lines_per_tag = 1,
447     .no_invd_sharing = true,
448 };
449 
450 /* L1 instruction cache: */
451 static CPUCacheInfo legacy_l1i_cache = {
452     .type = INSTRUCTION_CACHE,
453     .level = 1,
454     .size = 32 * KiB,
455     .self_init = 1,
456     .line_size = 64,
457     .associativity = 8,
458     .sets = 64,
459     .partitions = 1,
460     .no_invd_sharing = true,
461 };
462 
463 /*FIXME: CPUID leaf 0x80000005 is inconsistent with leaves 2 & 4 */
464 static CPUCacheInfo legacy_l1i_cache_amd = {
465     .type = INSTRUCTION_CACHE,
466     .level = 1,
467     .size = 64 * KiB,
468     .self_init = 1,
469     .line_size = 64,
470     .associativity = 2,
471     .sets = 512,
472     .partitions = 1,
473     .lines_per_tag = 1,
474     .no_invd_sharing = true,
475 };
476 
477 /* Level 2 unified cache: */
478 static CPUCacheInfo legacy_l2_cache = {
479     .type = UNIFIED_CACHE,
480     .level = 2,
481     .size = 4 * MiB,
482     .self_init = 1,
483     .line_size = 64,
484     .associativity = 16,
485     .sets = 4096,
486     .partitions = 1,
487     .no_invd_sharing = true,
488 };
489 
490 /*FIXME: CPUID leaf 2 descriptor is inconsistent with CPUID leaf 4 */
491 static CPUCacheInfo legacy_l2_cache_cpuid2 = {
492     .type = UNIFIED_CACHE,
493     .level = 2,
494     .size = 2 * MiB,
495     .line_size = 64,
496     .associativity = 8,
497 };
498 
499 
500 /*FIXME: CPUID leaf 0x80000006 is inconsistent with leaves 2 & 4 */
501 static CPUCacheInfo legacy_l2_cache_amd = {
502     .type = UNIFIED_CACHE,
503     .level = 2,
504     .size = 512 * KiB,
505     .line_size = 64,
506     .lines_per_tag = 1,
507     .associativity = 16,
508     .sets = 512,
509     .partitions = 1,
510 };
511 
512 /* Level 3 unified cache: */
513 static CPUCacheInfo legacy_l3_cache = {
514     .type = UNIFIED_CACHE,
515     .level = 3,
516     .size = 16 * MiB,
517     .line_size = 64,
518     .associativity = 16,
519     .sets = 16384,
520     .partitions = 1,
521     .lines_per_tag = 1,
522     .self_init = true,
523     .inclusive = true,
524     .complex_indexing = true,
525 };
526 
527 /* TLB definitions: */
528 
529 #define L1_DTLB_2M_ASSOC       1
530 #define L1_DTLB_2M_ENTRIES   255
531 #define L1_DTLB_4K_ASSOC       1
532 #define L1_DTLB_4K_ENTRIES   255
533 
534 #define L1_ITLB_2M_ASSOC       1
535 #define L1_ITLB_2M_ENTRIES   255
536 #define L1_ITLB_4K_ASSOC       1
537 #define L1_ITLB_4K_ENTRIES   255
538 
539 #define L2_DTLB_2M_ASSOC       0 /* disabled */
540 #define L2_DTLB_2M_ENTRIES     0 /* disabled */
541 #define L2_DTLB_4K_ASSOC       4
542 #define L2_DTLB_4K_ENTRIES   512
543 
544 #define L2_ITLB_2M_ASSOC       0 /* disabled */
545 #define L2_ITLB_2M_ENTRIES     0 /* disabled */
546 #define L2_ITLB_4K_ASSOC       4
547 #define L2_ITLB_4K_ENTRIES   512
548 
549 /* CPUID Leaf 0x14 constants: */
550 #define INTEL_PT_MAX_SUBLEAF     0x1
551 /*
552  * bit[00]: IA32_RTIT_CTL.CR3 filter can be set to 1 and IA32_RTIT_CR3_MATCH
553  *          MSR can be accessed;
554  * bit[01]: Support Configurable PSB and Cycle-Accurate Mode;
555  * bit[02]: Support IP Filtering, TraceStop filtering, and preservation
556  *          of Intel PT MSRs across warm reset;
557  * bit[03]: Support MTC timing packet and suppression of COFI-based packets;
558  */
559 #define INTEL_PT_MINIMAL_EBX     0xf
560 /*
561  * bit[00]: Tracing can be enabled with IA32_RTIT_CTL.ToPA = 1 and
562  *          IA32_RTIT_OUTPUT_BASE and IA32_RTIT_OUTPUT_MASK_PTRS MSRs can be
563  *          accessed;
564  * bit[01]: ToPA tables can hold any number of output entries, up to the
565  *          maximum allowed by the MaskOrTableOffset field of
566  *          IA32_RTIT_OUTPUT_MASK_PTRS;
567  * bit[02]: Support Single-Range Output scheme;
568  */
569 #define INTEL_PT_MINIMAL_ECX     0x7
570 /* generated packets which contain IP payloads have LIP values */
571 #define INTEL_PT_IP_LIP          (1 << 31)
572 #define INTEL_PT_ADDR_RANGES_NUM 0x2 /* Number of configurable address ranges */
573 #define INTEL_PT_ADDR_RANGES_NUM_MASK 0x3
574 #define INTEL_PT_MTC_BITMAP      (0x0249 << 16) /* Support ART(0,3,6,9) */
575 #define INTEL_PT_CYCLE_BITMAP    0x1fff         /* Support 0,2^(0~11) */
576 #define INTEL_PT_PSB_BITMAP      (0x003f << 16) /* Support 2K,4K,8K,16K,32K,64K */
577 
578 /* CPUID Leaf 0x1D constants: */
579 #define INTEL_AMX_TILE_MAX_SUBLEAF     0x1
580 #define INTEL_AMX_TOTAL_TILE_BYTES     0x2000
581 #define INTEL_AMX_BYTES_PER_TILE       0x400
582 #define INTEL_AMX_BYTES_PER_ROW        0x40
583 #define INTEL_AMX_TILE_MAX_NAMES       0x8
584 #define INTEL_AMX_TILE_MAX_ROWS        0x10
585 
586 /* CPUID Leaf 0x1E constants: */
587 #define INTEL_AMX_TMUL_MAX_K           0x10
588 #define INTEL_AMX_TMUL_MAX_N           0x40
589 
590 void x86_cpu_vendor_words2str(char *dst, uint32_t vendor1,
591                               uint32_t vendor2, uint32_t vendor3)
592 {
593     int i;
594     for (i = 0; i < 4; i++) {
595         dst[i] = vendor1 >> (8 * i);
596         dst[i + 4] = vendor2 >> (8 * i);
597         dst[i + 8] = vendor3 >> (8 * i);
598     }
599     dst[CPUID_VENDOR_SZ] = '\0';
600 }
601 
602 #define I486_FEATURES (CPUID_FP87 | CPUID_VME | CPUID_PSE)
603 #define PENTIUM_FEATURES (I486_FEATURES | CPUID_DE | CPUID_TSC | \
604           CPUID_MSR | CPUID_MCE | CPUID_CX8 | CPUID_MMX | CPUID_APIC)
605 #define PENTIUM2_FEATURES (PENTIUM_FEATURES | CPUID_PAE | CPUID_SEP | \
606           CPUID_MTRR | CPUID_PGE | CPUID_MCA | CPUID_CMOV | CPUID_PAT | \
607           CPUID_PSE36 | CPUID_FXSR)
608 #define PENTIUM3_FEATURES (PENTIUM2_FEATURES | CPUID_SSE)
609 #define PPRO_FEATURES (CPUID_FP87 | CPUID_DE | CPUID_PSE | CPUID_TSC | \
610           CPUID_MSR | CPUID_MCE | CPUID_CX8 | CPUID_PGE | CPUID_CMOV | \
611           CPUID_PAT | CPUID_FXSR | CPUID_MMX | CPUID_SSE | CPUID_SSE2 | \
612           CPUID_PAE | CPUID_SEP | CPUID_APIC)
613 
614 #define TCG_FEATURES (CPUID_FP87 | CPUID_PSE | CPUID_TSC | CPUID_MSR | \
615           CPUID_PAE | CPUID_MCE | CPUID_CX8 | CPUID_APIC | CPUID_SEP | \
616           CPUID_MTRR | CPUID_PGE | CPUID_MCA | CPUID_CMOV | CPUID_PAT | \
617           CPUID_PSE36 | CPUID_CLFLUSH | CPUID_ACPI | CPUID_MMX | \
618           CPUID_FXSR | CPUID_SSE | CPUID_SSE2 | CPUID_SS | CPUID_DE)
619           /* partly implemented:
620           CPUID_MTRR, CPUID_MCA, CPUID_CLFLUSH (needed for Win64) */
621           /* missing:
622           CPUID_VME, CPUID_DTS, CPUID_SS, CPUID_HT, CPUID_TM, CPUID_PBE */
623 #define TCG_EXT_FEATURES (CPUID_EXT_SSE3 | CPUID_EXT_PCLMULQDQ | \
624           CPUID_EXT_MONITOR | CPUID_EXT_SSSE3 | CPUID_EXT_CX16 | \
625           CPUID_EXT_SSE41 | CPUID_EXT_SSE42 | CPUID_EXT_POPCNT | \
626           CPUID_EXT_XSAVE | /* CPUID_EXT_OSXSAVE is dynamic */   \
627           CPUID_EXT_MOVBE | CPUID_EXT_AES | CPUID_EXT_HYPERVISOR | \
628           CPUID_EXT_RDRAND | CPUID_EXT_AVX | CPUID_EXT_F16C | \
629           CPUID_EXT_FMA)
630           /* missing:
631           CPUID_EXT_DTES64, CPUID_EXT_DSCPL, CPUID_EXT_VMX, CPUID_EXT_SMX,
632           CPUID_EXT_EST, CPUID_EXT_TM2, CPUID_EXT_CID,
633           CPUID_EXT_XTPR, CPUID_EXT_PDCM, CPUID_EXT_PCID, CPUID_EXT_DCA,
634           CPUID_EXT_X2APIC, CPUID_EXT_TSC_DEADLINE_TIMER */
635 
636 #ifdef TARGET_X86_64
637 #define TCG_EXT2_X86_64_FEATURES (CPUID_EXT2_SYSCALL | CPUID_EXT2_LM)
638 #else
639 #define TCG_EXT2_X86_64_FEATURES 0
640 #endif
641 
642 #define TCG_EXT2_FEATURES ((TCG_FEATURES & CPUID_EXT2_AMD_ALIASES) | \
643           CPUID_EXT2_NX | CPUID_EXT2_MMXEXT | CPUID_EXT2_RDTSCP | \
644           CPUID_EXT2_3DNOW | CPUID_EXT2_3DNOWEXT | CPUID_EXT2_PDPE1GB | \
645           TCG_EXT2_X86_64_FEATURES)
646 #define TCG_EXT3_FEATURES (CPUID_EXT3_LAHF_LM | CPUID_EXT3_SVM | \
647           CPUID_EXT3_CR8LEG | CPUID_EXT3_ABM | CPUID_EXT3_SSE4A)
648 #define TCG_EXT4_FEATURES 0
649 #define TCG_SVM_FEATURES (CPUID_SVM_NPT | CPUID_SVM_VGIF | \
650           CPUID_SVM_SVME_ADDR_CHK)
651 #define TCG_KVM_FEATURES 0
652 #define TCG_7_0_EBX_FEATURES (CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_SMAP | \
653           CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ADX | \
654           CPUID_7_0_EBX_PCOMMIT | CPUID_7_0_EBX_CLFLUSHOPT |            \
655           CPUID_7_0_EBX_CLWB | CPUID_7_0_EBX_MPX | CPUID_7_0_EBX_FSGSBASE | \
656           CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_AVX2)
657           /* missing:
658           CPUID_7_0_EBX_HLE
659           CPUID_7_0_EBX_INVPCID, CPUID_7_0_EBX_RTM,
660           CPUID_7_0_EBX_RDSEED */
661 #define TCG_7_0_ECX_FEATURES (CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_PKU | \
662           /* CPUID_7_0_ECX_OSPKE is dynamic */ \
663           CPUID_7_0_ECX_LA57 | CPUID_7_0_ECX_PKS | CPUID_7_0_ECX_VAES)
664 #define TCG_7_0_EDX_FEATURES 0
665 #define TCG_7_1_EAX_FEATURES 0
666 #define TCG_APM_FEATURES 0
667 #define TCG_6_EAX_FEATURES CPUID_6_EAX_ARAT
668 #define TCG_XSAVE_FEATURES (CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XGETBV1)
669           /* missing:
670           CPUID_XSAVE_XSAVEC, CPUID_XSAVE_XSAVES */
671 #define TCG_14_0_ECX_FEATURES 0
672 #define TCG_SGX_12_0_EAX_FEATURES 0
673 #define TCG_SGX_12_0_EBX_FEATURES 0
674 #define TCG_SGX_12_1_EAX_FEATURES 0
675 
676 FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
677     [FEAT_1_EDX] = {
678         .type = CPUID_FEATURE_WORD,
679         .feat_names = {
680             "fpu", "vme", "de", "pse",
681             "tsc", "msr", "pae", "mce",
682             "cx8", "apic", NULL, "sep",
683             "mtrr", "pge", "mca", "cmov",
684             "pat", "pse36", "pn" /* Intel psn */, "clflush" /* Intel clfsh */,
685             NULL, "ds" /* Intel dts */, "acpi", "mmx",
686             "fxsr", "sse", "sse2", "ss",
687             "ht" /* Intel htt */, "tm", "ia64", "pbe",
688         },
689         .cpuid = {.eax = 1, .reg = R_EDX, },
690         .tcg_features = TCG_FEATURES,
691     },
692     [FEAT_1_ECX] = {
693         .type = CPUID_FEATURE_WORD,
694         .feat_names = {
695             "pni" /* Intel,AMD sse3 */, "pclmulqdq", "dtes64", "monitor",
696             "ds-cpl", "vmx", "smx", "est",
697             "tm2", "ssse3", "cid", NULL,
698             "fma", "cx16", "xtpr", "pdcm",
699             NULL, "pcid", "dca", "sse4.1",
700             "sse4.2", "x2apic", "movbe", "popcnt",
701             "tsc-deadline", "aes", "xsave", NULL /* osxsave */,
702             "avx", "f16c", "rdrand", "hypervisor",
703         },
704         .cpuid = { .eax = 1, .reg = R_ECX, },
705         .tcg_features = TCG_EXT_FEATURES,
706     },
707     /* Feature names that are already defined on feature_name[] but
708      * are set on CPUID[8000_0001].EDX on AMD CPUs don't have their
709      * names on feat_names below. They are copied automatically
710      * to features[FEAT_8000_0001_EDX] if and only if CPU vendor is AMD.
711      */
712     [FEAT_8000_0001_EDX] = {
713         .type = CPUID_FEATURE_WORD,
714         .feat_names = {
715             NULL /* fpu */, NULL /* vme */, NULL /* de */, NULL /* pse */,
716             NULL /* tsc */, NULL /* msr */, NULL /* pae */, NULL /* mce */,
717             NULL /* cx8 */, NULL /* apic */, NULL, "syscall",
718             NULL /* mtrr */, NULL /* pge */, NULL /* mca */, NULL /* cmov */,
719             NULL /* pat */, NULL /* pse36 */, NULL, NULL /* Linux mp */,
720             "nx", NULL, "mmxext", NULL /* mmx */,
721             NULL /* fxsr */, "fxsr-opt", "pdpe1gb", "rdtscp",
722             NULL, "lm", "3dnowext", "3dnow",
723         },
724         .cpuid = { .eax = 0x80000001, .reg = R_EDX, },
725         .tcg_features = TCG_EXT2_FEATURES,
726     },
727     [FEAT_8000_0001_ECX] = {
728         .type = CPUID_FEATURE_WORD,
729         .feat_names = {
730             "lahf-lm", "cmp-legacy", "svm", "extapic",
731             "cr8legacy", "abm", "sse4a", "misalignsse",
732             "3dnowprefetch", "osvw", "ibs", "xop",
733             "skinit", "wdt", NULL, "lwp",
734             "fma4", "tce", NULL, "nodeid-msr",
735             NULL, "tbm", "topoext", "perfctr-core",
736             "perfctr-nb", NULL, NULL, NULL,
737             NULL, NULL, NULL, NULL,
738         },
739         .cpuid = { .eax = 0x80000001, .reg = R_ECX, },
740         .tcg_features = TCG_EXT3_FEATURES,
741         /*
742          * TOPOEXT is always allowed but can't be enabled blindly by
743          * "-cpu host", as it requires consistent cache topology info
744          * to be provided so it doesn't confuse guests.
745          */
746         .no_autoenable_flags = CPUID_EXT3_TOPOEXT,
747     },
748     [FEAT_C000_0001_EDX] = {
749         .type = CPUID_FEATURE_WORD,
750         .feat_names = {
751             NULL, NULL, "xstore", "xstore-en",
752             NULL, NULL, "xcrypt", "xcrypt-en",
753             "ace2", "ace2-en", "phe", "phe-en",
754             "pmm", "pmm-en", NULL, NULL,
755             NULL, NULL, NULL, NULL,
756             NULL, NULL, NULL, NULL,
757             NULL, NULL, NULL, NULL,
758             NULL, NULL, NULL, NULL,
759         },
760         .cpuid = { .eax = 0xC0000001, .reg = R_EDX, },
761         .tcg_features = TCG_EXT4_FEATURES,
762     },
763     [FEAT_KVM] = {
764         .type = CPUID_FEATURE_WORD,
765         .feat_names = {
766             "kvmclock", "kvm-nopiodelay", "kvm-mmu", "kvmclock",
767             "kvm-asyncpf", "kvm-steal-time", "kvm-pv-eoi", "kvm-pv-unhalt",
768             NULL, "kvm-pv-tlb-flush", NULL, "kvm-pv-ipi",
769             "kvm-poll-control", "kvm-pv-sched-yield", "kvm-asyncpf-int", "kvm-msi-ext-dest-id",
770             NULL, NULL, NULL, NULL,
771             NULL, NULL, NULL, NULL,
772             "kvmclock-stable-bit", NULL, NULL, NULL,
773             NULL, NULL, NULL, NULL,
774         },
775         .cpuid = { .eax = KVM_CPUID_FEATURES, .reg = R_EAX, },
776         .tcg_features = TCG_KVM_FEATURES,
777     },
778     [FEAT_KVM_HINTS] = {
779         .type = CPUID_FEATURE_WORD,
780         .feat_names = {
781             "kvm-hint-dedicated", NULL, NULL, NULL,
782             NULL, NULL, NULL, NULL,
783             NULL, NULL, NULL, NULL,
784             NULL, NULL, NULL, NULL,
785             NULL, NULL, NULL, NULL,
786             NULL, NULL, NULL, NULL,
787             NULL, NULL, NULL, NULL,
788             NULL, NULL, NULL, NULL,
789         },
790         .cpuid = { .eax = KVM_CPUID_FEATURES, .reg = R_EDX, },
791         .tcg_features = TCG_KVM_FEATURES,
792         /*
793          * KVM hints aren't auto-enabled by -cpu host, they need to be
794          * explicitly enabled in the command-line.
795          */
796         .no_autoenable_flags = ~0U,
797     },
798     [FEAT_SVM] = {
799         .type = CPUID_FEATURE_WORD,
800         .feat_names = {
801             "npt", "lbrv", "svm-lock", "nrip-save",
802             "tsc-scale", "vmcb-clean",  "flushbyasid", "decodeassists",
803             NULL, NULL, "pause-filter", NULL,
804             "pfthreshold", "avic", NULL, "v-vmsave-vmload",
805             "vgif", NULL, NULL, NULL,
806             NULL, NULL, NULL, NULL,
807             NULL, NULL, NULL, NULL,
808             "svme-addr-chk", NULL, NULL, NULL,
809         },
810         .cpuid = { .eax = 0x8000000A, .reg = R_EDX, },
811         .tcg_features = TCG_SVM_FEATURES,
812     },
813     [FEAT_7_0_EBX] = {
814         .type = CPUID_FEATURE_WORD,
815         .feat_names = {
816             "fsgsbase", "tsc-adjust", "sgx", "bmi1",
817             "hle", "avx2", NULL, "smep",
818             "bmi2", "erms", "invpcid", "rtm",
819             NULL, NULL, "mpx", NULL,
820             "avx512f", "avx512dq", "rdseed", "adx",
821             "smap", "avx512ifma", "pcommit", "clflushopt",
822             "clwb", "intel-pt", "avx512pf", "avx512er",
823             "avx512cd", "sha-ni", "avx512bw", "avx512vl",
824         },
825         .cpuid = {
826             .eax = 7,
827             .needs_ecx = true, .ecx = 0,
828             .reg = R_EBX,
829         },
830         .tcg_features = TCG_7_0_EBX_FEATURES,
831     },
832     [FEAT_7_0_ECX] = {
833         .type = CPUID_FEATURE_WORD,
834         .feat_names = {
835             NULL, "avx512vbmi", "umip", "pku",
836             NULL /* ospke */, "waitpkg", "avx512vbmi2", NULL,
837             "gfni", "vaes", "vpclmulqdq", "avx512vnni",
838             "avx512bitalg", NULL, "avx512-vpopcntdq", NULL,
839             "la57", NULL, NULL, NULL,
840             NULL, NULL, "rdpid", NULL,
841             "bus-lock-detect", "cldemote", NULL, "movdiri",
842             "movdir64b", NULL, "sgxlc", "pks",
843         },
844         .cpuid = {
845             .eax = 7,
846             .needs_ecx = true, .ecx = 0,
847             .reg = R_ECX,
848         },
849         .tcg_features = TCG_7_0_ECX_FEATURES,
850     },
851     [FEAT_7_0_EDX] = {
852         .type = CPUID_FEATURE_WORD,
853         .feat_names = {
854             NULL, NULL, "avx512-4vnniw", "avx512-4fmaps",
855             "fsrm", NULL, NULL, NULL,
856             "avx512-vp2intersect", NULL, "md-clear", NULL,
857             NULL, NULL, "serialize", NULL,
858             "tsx-ldtrk", NULL, NULL /* pconfig */, "arch-lbr",
859             NULL, NULL, "amx-bf16", "avx512-fp16",
860             "amx-tile", "amx-int8", "spec-ctrl", "stibp",
861             NULL, "arch-capabilities", "core-capability", "ssbd",
862         },
863         .cpuid = {
864             .eax = 7,
865             .needs_ecx = true, .ecx = 0,
866             .reg = R_EDX,
867         },
868         .tcg_features = TCG_7_0_EDX_FEATURES,
869     },
870     [FEAT_7_1_EAX] = {
871         .type = CPUID_FEATURE_WORD,
872         .feat_names = {
873             NULL, NULL, NULL, NULL,
874             "avx-vnni", "avx512-bf16", NULL, NULL,
875             NULL, NULL, NULL, NULL,
876             NULL, NULL, NULL, NULL,
877             NULL, NULL, NULL, NULL,
878             NULL, NULL, NULL, NULL,
879             NULL, NULL, NULL, NULL,
880             NULL, NULL, NULL, NULL,
881         },
882         .cpuid = {
883             .eax = 7,
884             .needs_ecx = true, .ecx = 1,
885             .reg = R_EAX,
886         },
887         .tcg_features = TCG_7_1_EAX_FEATURES,
888     },
889     [FEAT_8000_0007_EDX] = {
890         .type = CPUID_FEATURE_WORD,
891         .feat_names = {
892             NULL, NULL, NULL, NULL,
893             NULL, NULL, NULL, NULL,
894             "invtsc", NULL, NULL, NULL,
895             NULL, NULL, NULL, NULL,
896             NULL, NULL, NULL, NULL,
897             NULL, NULL, NULL, NULL,
898             NULL, NULL, NULL, NULL,
899             NULL, NULL, NULL, NULL,
900         },
901         .cpuid = { .eax = 0x80000007, .reg = R_EDX, },
902         .tcg_features = TCG_APM_FEATURES,
903         .unmigratable_flags = CPUID_APM_INVTSC,
904     },
905     [FEAT_8000_0008_EBX] = {
906         .type = CPUID_FEATURE_WORD,
907         .feat_names = {
908             "clzero", NULL, "xsaveerptr", NULL,
909             NULL, NULL, NULL, NULL,
910             NULL, "wbnoinvd", NULL, NULL,
911             "ibpb", NULL, "ibrs", "amd-stibp",
912             NULL, NULL, NULL, NULL,
913             NULL, NULL, NULL, NULL,
914             "amd-ssbd", "virt-ssbd", "amd-no-ssb", NULL,
915             NULL, NULL, NULL, NULL,
916         },
917         .cpuid = { .eax = 0x80000008, .reg = R_EBX, },
918         .tcg_features = 0,
919         .unmigratable_flags = 0,
920     },
921     [FEAT_XSAVE] = {
922         .type = CPUID_FEATURE_WORD,
923         .feat_names = {
924             "xsaveopt", "xsavec", "xgetbv1", "xsaves",
925             "xfd", NULL, NULL, NULL,
926             NULL, NULL, NULL, NULL,
927             NULL, NULL, NULL, NULL,
928             NULL, NULL, NULL, NULL,
929             NULL, NULL, NULL, NULL,
930             NULL, NULL, NULL, NULL,
931             NULL, NULL, NULL, NULL,
932         },
933         .cpuid = {
934             .eax = 0xd,
935             .needs_ecx = true, .ecx = 1,
936             .reg = R_EAX,
937         },
938         .tcg_features = TCG_XSAVE_FEATURES,
939     },
940     [FEAT_XSAVE_XSS_LO] = {
941         .type = CPUID_FEATURE_WORD,
942         .feat_names = {
943             NULL, NULL, NULL, NULL,
944             NULL, NULL, NULL, NULL,
945             NULL, NULL, NULL, NULL,
946             NULL, NULL, NULL, NULL,
947             NULL, NULL, NULL, NULL,
948             NULL, NULL, NULL, NULL,
949             NULL, NULL, NULL, NULL,
950             NULL, NULL, NULL, NULL,
951         },
952         .cpuid = {
953             .eax = 0xD,
954             .needs_ecx = true,
955             .ecx = 1,
956             .reg = R_ECX,
957         },
958     },
959     [FEAT_XSAVE_XSS_HI] = {
960         .type = CPUID_FEATURE_WORD,
961         .cpuid = {
962             .eax = 0xD,
963             .needs_ecx = true,
964             .ecx = 1,
965             .reg = R_EDX
966         },
967     },
968     [FEAT_6_EAX] = {
969         .type = CPUID_FEATURE_WORD,
970         .feat_names = {
971             NULL, NULL, "arat", NULL,
972             NULL, NULL, NULL, NULL,
973             NULL, NULL, NULL, NULL,
974             NULL, NULL, NULL, NULL,
975             NULL, NULL, NULL, NULL,
976             NULL, NULL, NULL, NULL,
977             NULL, NULL, NULL, NULL,
978             NULL, NULL, NULL, NULL,
979         },
980         .cpuid = { .eax = 6, .reg = R_EAX, },
981         .tcg_features = TCG_6_EAX_FEATURES,
982     },
983     [FEAT_XSAVE_XCR0_LO] = {
984         .type = CPUID_FEATURE_WORD,
985         .cpuid = {
986             .eax = 0xD,
987             .needs_ecx = true, .ecx = 0,
988             .reg = R_EAX,
989         },
990         .tcg_features = ~0U,
991         .migratable_flags = XSTATE_FP_MASK | XSTATE_SSE_MASK |
992             XSTATE_YMM_MASK | XSTATE_BNDREGS_MASK | XSTATE_BNDCSR_MASK |
993             XSTATE_OPMASK_MASK | XSTATE_ZMM_Hi256_MASK | XSTATE_Hi16_ZMM_MASK |
994             XSTATE_PKRU_MASK,
995     },
996     [FEAT_XSAVE_XCR0_HI] = {
997         .type = CPUID_FEATURE_WORD,
998         .cpuid = {
999             .eax = 0xD,
1000             .needs_ecx = true, .ecx = 0,
1001             .reg = R_EDX,
1002         },
1003         .tcg_features = ~0U,
1004     },
1005     /*Below are MSR exposed features*/
1006     [FEAT_ARCH_CAPABILITIES] = {
1007         .type = MSR_FEATURE_WORD,
1008         .feat_names = {
1009             "rdctl-no", "ibrs-all", "rsba", "skip-l1dfl-vmentry",
1010             "ssb-no", "mds-no", "pschange-mc-no", "tsx-ctrl",
1011             "taa-no", NULL, NULL, NULL,
1012             NULL, NULL, NULL, NULL,
1013             NULL, NULL, NULL, NULL,
1014             NULL, NULL, NULL, NULL,
1015             NULL, NULL, NULL, NULL,
1016             NULL, NULL, NULL, NULL,
1017         },
1018         .msr = {
1019             .index = MSR_IA32_ARCH_CAPABILITIES,
1020         },
1021     },
1022     [FEAT_CORE_CAPABILITY] = {
1023         .type = MSR_FEATURE_WORD,
1024         .feat_names = {
1025             NULL, NULL, NULL, NULL,
1026             NULL, "split-lock-detect", NULL, NULL,
1027             NULL, NULL, NULL, NULL,
1028             NULL, NULL, NULL, NULL,
1029             NULL, NULL, NULL, NULL,
1030             NULL, NULL, NULL, NULL,
1031             NULL, NULL, NULL, NULL,
1032             NULL, NULL, NULL, NULL,
1033         },
1034         .msr = {
1035             .index = MSR_IA32_CORE_CAPABILITY,
1036         },
1037     },
1038     [FEAT_PERF_CAPABILITIES] = {
1039         .type = MSR_FEATURE_WORD,
1040         .feat_names = {
1041             NULL, NULL, NULL, NULL,
1042             NULL, NULL, NULL, NULL,
1043             NULL, NULL, NULL, NULL,
1044             NULL, "full-width-write", NULL, NULL,
1045             NULL, NULL, NULL, NULL,
1046             NULL, NULL, NULL, NULL,
1047             NULL, NULL, NULL, NULL,
1048             NULL, NULL, NULL, NULL,
1049         },
1050         .msr = {
1051             .index = MSR_IA32_PERF_CAPABILITIES,
1052         },
1053     },
1054 
1055     [FEAT_VMX_PROCBASED_CTLS] = {
1056         .type = MSR_FEATURE_WORD,
1057         .feat_names = {
1058             NULL, NULL, "vmx-vintr-pending", "vmx-tsc-offset",
1059             NULL, NULL, NULL, "vmx-hlt-exit",
1060             NULL, "vmx-invlpg-exit", "vmx-mwait-exit", "vmx-rdpmc-exit",
1061             "vmx-rdtsc-exit", NULL, NULL, "vmx-cr3-load-noexit",
1062             "vmx-cr3-store-noexit", NULL, NULL, "vmx-cr8-load-exit",
1063             "vmx-cr8-store-exit", "vmx-flexpriority", "vmx-vnmi-pending", "vmx-movdr-exit",
1064             "vmx-io-exit", "vmx-io-bitmap", NULL, "vmx-mtf",
1065             "vmx-msr-bitmap", "vmx-monitor-exit", "vmx-pause-exit", "vmx-secondary-ctls",
1066         },
1067         .msr = {
1068             .index = MSR_IA32_VMX_TRUE_PROCBASED_CTLS,
1069         }
1070     },
1071 
1072     [FEAT_VMX_SECONDARY_CTLS] = {
1073         .type = MSR_FEATURE_WORD,
1074         .feat_names = {
1075             "vmx-apicv-xapic", "vmx-ept", "vmx-desc-exit", "vmx-rdtscp-exit",
1076             "vmx-apicv-x2apic", "vmx-vpid", "vmx-wbinvd-exit", "vmx-unrestricted-guest",
1077             "vmx-apicv-register", "vmx-apicv-vid", "vmx-ple", "vmx-rdrand-exit",
1078             "vmx-invpcid-exit", "vmx-vmfunc", "vmx-shadow-vmcs", "vmx-encls-exit",
1079             "vmx-rdseed-exit", "vmx-pml", NULL, NULL,
1080             "vmx-xsaves", NULL, NULL, NULL,
1081             NULL, "vmx-tsc-scaling", NULL, NULL,
1082             NULL, NULL, NULL, NULL,
1083         },
1084         .msr = {
1085             .index = MSR_IA32_VMX_PROCBASED_CTLS2,
1086         }
1087     },
1088 
1089     [FEAT_VMX_PINBASED_CTLS] = {
1090         .type = MSR_FEATURE_WORD,
1091         .feat_names = {
1092             "vmx-intr-exit", NULL, NULL, "vmx-nmi-exit",
1093             NULL, "vmx-vnmi", "vmx-preemption-timer", "vmx-posted-intr",
1094             NULL, NULL, NULL, NULL,
1095             NULL, NULL, NULL, NULL,
1096             NULL, NULL, NULL, NULL,
1097             NULL, NULL, NULL, NULL,
1098             NULL, NULL, NULL, NULL,
1099             NULL, NULL, NULL, NULL,
1100         },
1101         .msr = {
1102             .index = MSR_IA32_VMX_TRUE_PINBASED_CTLS,
1103         }
1104     },
1105 
1106     [FEAT_VMX_EXIT_CTLS] = {
1107         .type = MSR_FEATURE_WORD,
1108         /*
1109          * VMX_VM_EXIT_HOST_ADDR_SPACE_SIZE is copied from
1110          * the LM CPUID bit.
1111          */
1112         .feat_names = {
1113             NULL, NULL, "vmx-exit-nosave-debugctl", NULL,
1114             NULL, NULL, NULL, NULL,
1115             NULL, NULL /* vmx-exit-host-addr-space-size */, NULL, NULL,
1116             "vmx-exit-load-perf-global-ctrl", NULL, NULL, "vmx-exit-ack-intr",
1117             NULL, NULL, "vmx-exit-save-pat", "vmx-exit-load-pat",
1118             "vmx-exit-save-efer", "vmx-exit-load-efer",
1119                 "vmx-exit-save-preemption-timer", "vmx-exit-clear-bndcfgs",
1120             NULL, "vmx-exit-clear-rtit-ctl", NULL, NULL,
1121             NULL, "vmx-exit-load-pkrs", NULL, NULL,
1122         },
1123         .msr = {
1124             .index = MSR_IA32_VMX_TRUE_EXIT_CTLS,
1125         }
1126     },
1127 
1128     [FEAT_VMX_ENTRY_CTLS] = {
1129         .type = MSR_FEATURE_WORD,
1130         .feat_names = {
1131             NULL, NULL, "vmx-entry-noload-debugctl", NULL,
1132             NULL, NULL, NULL, NULL,
1133             NULL, "vmx-entry-ia32e-mode", NULL, NULL,
1134             NULL, "vmx-entry-load-perf-global-ctrl", "vmx-entry-load-pat", "vmx-entry-load-efer",
1135             "vmx-entry-load-bndcfgs", NULL, "vmx-entry-load-rtit-ctl", NULL,
1136             NULL, NULL, "vmx-entry-load-pkrs", NULL,
1137             NULL, NULL, NULL, NULL,
1138             NULL, NULL, NULL, NULL,
1139         },
1140         .msr = {
1141             .index = MSR_IA32_VMX_TRUE_ENTRY_CTLS,
1142         }
1143     },
1144 
1145     [FEAT_VMX_MISC] = {
1146         .type = MSR_FEATURE_WORD,
1147         .feat_names = {
1148             NULL, NULL, NULL, NULL,
1149             NULL, "vmx-store-lma", "vmx-activity-hlt", "vmx-activity-shutdown",
1150             "vmx-activity-wait-sipi", NULL, NULL, NULL,
1151             NULL, NULL, NULL, NULL,
1152             NULL, NULL, NULL, NULL,
1153             NULL, NULL, NULL, NULL,
1154             NULL, NULL, NULL, NULL,
1155             NULL, "vmx-vmwrite-vmexit-fields", "vmx-zero-len-inject", NULL,
1156         },
1157         .msr = {
1158             .index = MSR_IA32_VMX_MISC,
1159         }
1160     },
1161 
1162     [FEAT_VMX_EPT_VPID_CAPS] = {
1163         .type = MSR_FEATURE_WORD,
1164         .feat_names = {
1165             "vmx-ept-execonly", NULL, NULL, NULL,
1166             NULL, NULL, "vmx-page-walk-4", "vmx-page-walk-5",
1167             NULL, NULL, NULL, NULL,
1168             NULL, NULL, NULL, NULL,
1169             "vmx-ept-2mb", "vmx-ept-1gb", NULL, NULL,
1170             "vmx-invept", "vmx-eptad", "vmx-ept-advanced-exitinfo", NULL,
1171             NULL, "vmx-invept-single-context", "vmx-invept-all-context", NULL,
1172             NULL, NULL, NULL, NULL,
1173             "vmx-invvpid", NULL, NULL, NULL,
1174             NULL, NULL, NULL, NULL,
1175             "vmx-invvpid-single-addr", "vmx-invept-single-context",
1176                 "vmx-invvpid-all-context", "vmx-invept-single-context-noglobals",
1177             NULL, NULL, NULL, NULL,
1178             NULL, NULL, NULL, NULL,
1179             NULL, NULL, NULL, NULL,
1180             NULL, NULL, NULL, NULL,
1181             NULL, NULL, NULL, NULL,
1182         },
1183         .msr = {
1184             .index = MSR_IA32_VMX_EPT_VPID_CAP,
1185         }
1186     },
1187 
1188     [FEAT_VMX_BASIC] = {
1189         .type = MSR_FEATURE_WORD,
1190         .feat_names = {
1191             [54] = "vmx-ins-outs",
1192             [55] = "vmx-true-ctls",
1193         },
1194         .msr = {
1195             .index = MSR_IA32_VMX_BASIC,
1196         },
1197         /* Just to be safe - we don't support setting the MSEG version field.  */
1198         .no_autoenable_flags = MSR_VMX_BASIC_DUAL_MONITOR,
1199     },
1200 
1201     [FEAT_VMX_VMFUNC] = {
1202         .type = MSR_FEATURE_WORD,
1203         .feat_names = {
1204             [0] = "vmx-eptp-switching",
1205         },
1206         .msr = {
1207             .index = MSR_IA32_VMX_VMFUNC,
1208         }
1209     },
1210 
1211     [FEAT_14_0_ECX] = {
1212         .type = CPUID_FEATURE_WORD,
1213         .feat_names = {
1214             NULL, NULL, NULL, NULL,
1215             NULL, NULL, NULL, NULL,
1216             NULL, NULL, NULL, NULL,
1217             NULL, NULL, NULL, NULL,
1218             NULL, NULL, NULL, NULL,
1219             NULL, NULL, NULL, NULL,
1220             NULL, NULL, NULL, NULL,
1221             NULL, NULL, NULL, "intel-pt-lip",
1222         },
1223         .cpuid = {
1224             .eax = 0x14,
1225             .needs_ecx = true, .ecx = 0,
1226             .reg = R_ECX,
1227         },
1228         .tcg_features = TCG_14_0_ECX_FEATURES,
1229      },
1230 
1231     [FEAT_SGX_12_0_EAX] = {
1232         .type = CPUID_FEATURE_WORD,
1233         .feat_names = {
1234             "sgx1", "sgx2", NULL, NULL,
1235             NULL, NULL, NULL, NULL,
1236             NULL, NULL, NULL, "sgx-edeccssa",
1237             NULL, NULL, NULL, NULL,
1238             NULL, NULL, NULL, NULL,
1239             NULL, NULL, NULL, NULL,
1240             NULL, NULL, NULL, NULL,
1241             NULL, NULL, NULL, NULL,
1242         },
1243         .cpuid = {
1244             .eax = 0x12,
1245             .needs_ecx = true, .ecx = 0,
1246             .reg = R_EAX,
1247         },
1248         .tcg_features = TCG_SGX_12_0_EAX_FEATURES,
1249     },
1250 
1251     [FEAT_SGX_12_0_EBX] = {
1252         .type = CPUID_FEATURE_WORD,
1253         .feat_names = {
1254             "sgx-exinfo" , NULL, NULL, NULL,
1255             NULL, NULL, NULL, NULL,
1256             NULL, NULL, NULL, NULL,
1257             NULL, NULL, NULL, NULL,
1258             NULL, NULL, NULL, NULL,
1259             NULL, NULL, NULL, NULL,
1260             NULL, NULL, NULL, NULL,
1261             NULL, NULL, NULL, NULL,
1262         },
1263         .cpuid = {
1264             .eax = 0x12,
1265             .needs_ecx = true, .ecx = 0,
1266             .reg = R_EBX,
1267         },
1268         .tcg_features = TCG_SGX_12_0_EBX_FEATURES,
1269     },
1270 
1271     [FEAT_SGX_12_1_EAX] = {
1272         .type = CPUID_FEATURE_WORD,
1273         .feat_names = {
1274             NULL, "sgx-debug", "sgx-mode64", NULL,
1275             "sgx-provisionkey", "sgx-tokenkey", NULL, "sgx-kss",
1276             NULL, NULL, "sgx-aex-notify", NULL,
1277             NULL, NULL, NULL, NULL,
1278             NULL, NULL, NULL, NULL,
1279             NULL, NULL, NULL, NULL,
1280             NULL, NULL, NULL, NULL,
1281             NULL, NULL, NULL, NULL,
1282         },
1283         .cpuid = {
1284             .eax = 0x12,
1285             .needs_ecx = true, .ecx = 1,
1286             .reg = R_EAX,
1287         },
1288         .tcg_features = TCG_SGX_12_1_EAX_FEATURES,
1289     },
1290 };
1291 
1292 typedef struct FeatureMask {
1293     FeatureWord index;
1294     uint64_t mask;
1295 } FeatureMask;
1296 
1297 typedef struct FeatureDep {
1298     FeatureMask from, to;
1299 } FeatureDep;
1300 
1301 static FeatureDep feature_dependencies[] = {
1302     {
1303         .from = { FEAT_7_0_EDX,             CPUID_7_0_EDX_ARCH_CAPABILITIES },
1304         .to = { FEAT_ARCH_CAPABILITIES,     ~0ull },
1305     },
1306     {
1307         .from = { FEAT_7_0_EDX,             CPUID_7_0_EDX_CORE_CAPABILITY },
1308         .to = { FEAT_CORE_CAPABILITY,       ~0ull },
1309     },
1310     {
1311         .from = { FEAT_1_ECX,             CPUID_EXT_PDCM },
1312         .to = { FEAT_PERF_CAPABILITIES,       ~0ull },
1313     },
1314     {
1315         .from = { FEAT_1_ECX,               CPUID_EXT_VMX },
1316         .to = { FEAT_VMX_PROCBASED_CTLS,    ~0ull },
1317     },
1318     {
1319         .from = { FEAT_1_ECX,               CPUID_EXT_VMX },
1320         .to = { FEAT_VMX_PINBASED_CTLS,     ~0ull },
1321     },
1322     {
1323         .from = { FEAT_1_ECX,               CPUID_EXT_VMX },
1324         .to = { FEAT_VMX_EXIT_CTLS,         ~0ull },
1325     },
1326     {
1327         .from = { FEAT_1_ECX,               CPUID_EXT_VMX },
1328         .to = { FEAT_VMX_ENTRY_CTLS,        ~0ull },
1329     },
1330     {
1331         .from = { FEAT_1_ECX,               CPUID_EXT_VMX },
1332         .to = { FEAT_VMX_MISC,              ~0ull },
1333     },
1334     {
1335         .from = { FEAT_1_ECX,               CPUID_EXT_VMX },
1336         .to = { FEAT_VMX_BASIC,             ~0ull },
1337     },
1338     {
1339         .from = { FEAT_8000_0001_EDX,       CPUID_EXT2_LM },
1340         .to = { FEAT_VMX_ENTRY_CTLS,        VMX_VM_ENTRY_IA32E_MODE },
1341     },
1342     {
1343         .from = { FEAT_VMX_PROCBASED_CTLS,  VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS },
1344         .to = { FEAT_VMX_SECONDARY_CTLS,    ~0ull },
1345     },
1346     {
1347         .from = { FEAT_XSAVE,               CPUID_XSAVE_XSAVES },
1348         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_XSAVES },
1349     },
1350     {
1351         .from = { FEAT_1_ECX,               CPUID_EXT_RDRAND },
1352         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_RDRAND_EXITING },
1353     },
1354     {
1355         .from = { FEAT_7_0_EBX,             CPUID_7_0_EBX_INVPCID },
1356         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_ENABLE_INVPCID },
1357     },
1358     {
1359         .from = { FEAT_7_0_EBX,             CPUID_7_0_EBX_MPX },
1360         .to = { FEAT_VMX_EXIT_CTLS,         VMX_VM_EXIT_CLEAR_BNDCFGS },
1361     },
1362     {
1363         .from = { FEAT_7_0_EBX,             CPUID_7_0_EBX_MPX },
1364         .to = { FEAT_VMX_ENTRY_CTLS,        VMX_VM_ENTRY_LOAD_BNDCFGS },
1365     },
1366     {
1367         .from = { FEAT_7_0_EBX,             CPUID_7_0_EBX_RDSEED },
1368         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_RDSEED_EXITING },
1369     },
1370     {
1371         .from = { FEAT_7_0_EBX,             CPUID_7_0_EBX_INTEL_PT },
1372         .to = { FEAT_14_0_ECX,              ~0ull },
1373     },
1374     {
1375         .from = { FEAT_8000_0001_EDX,       CPUID_EXT2_RDTSCP },
1376         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_RDTSCP },
1377     },
1378     {
1379         .from = { FEAT_VMX_SECONDARY_CTLS,  VMX_SECONDARY_EXEC_ENABLE_EPT },
1380         .to = { FEAT_VMX_EPT_VPID_CAPS,     0xffffffffull },
1381     },
1382     {
1383         .from = { FEAT_VMX_SECONDARY_CTLS,  VMX_SECONDARY_EXEC_ENABLE_EPT },
1384         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST },
1385     },
1386     {
1387         .from = { FEAT_VMX_SECONDARY_CTLS,  VMX_SECONDARY_EXEC_ENABLE_VPID },
1388         .to = { FEAT_VMX_EPT_VPID_CAPS,     0xffffffffull << 32 },
1389     },
1390     {
1391         .from = { FEAT_VMX_SECONDARY_CTLS,  VMX_SECONDARY_EXEC_ENABLE_VMFUNC },
1392         .to = { FEAT_VMX_VMFUNC,            ~0ull },
1393     },
1394     {
1395         .from = { FEAT_8000_0001_ECX,       CPUID_EXT3_SVM },
1396         .to = { FEAT_SVM,                   ~0ull },
1397     },
1398 };
1399 
1400 typedef struct X86RegisterInfo32 {
1401     /* Name of register */
1402     const char *name;
1403     /* QAPI enum value register */
1404     X86CPURegister32 qapi_enum;
1405 } X86RegisterInfo32;
1406 
1407 #define REGISTER(reg) \
1408     [R_##reg] = { .name = #reg, .qapi_enum = X86_CPU_REGISTER32_##reg }
1409 static const X86RegisterInfo32 x86_reg_info_32[CPU_NB_REGS32] = {
1410     REGISTER(EAX),
1411     REGISTER(ECX),
1412     REGISTER(EDX),
1413     REGISTER(EBX),
1414     REGISTER(ESP),
1415     REGISTER(EBP),
1416     REGISTER(ESI),
1417     REGISTER(EDI),
1418 };
1419 #undef REGISTER
1420 
1421 /* CPUID feature bits available in XSS */
1422 #define CPUID_XSTATE_XSS_MASK    (XSTATE_ARCH_LBR_MASK)
1423 
1424 ExtSaveArea x86_ext_save_areas[XSAVE_STATE_AREA_COUNT] = {
1425     [XSTATE_FP_BIT] = {
1426         /* x87 FP state component is always enabled if XSAVE is supported */
1427         .feature = FEAT_1_ECX, .bits = CPUID_EXT_XSAVE,
1428         .size = sizeof(X86LegacyXSaveArea) + sizeof(X86XSaveHeader),
1429     },
1430     [XSTATE_SSE_BIT] = {
1431         /* SSE state component is always enabled if XSAVE is supported */
1432         .feature = FEAT_1_ECX, .bits = CPUID_EXT_XSAVE,
1433         .size = sizeof(X86LegacyXSaveArea) + sizeof(X86XSaveHeader),
1434     },
1435     [XSTATE_YMM_BIT] =
1436           { .feature = FEAT_1_ECX, .bits = CPUID_EXT_AVX,
1437             .size = sizeof(XSaveAVX) },
1438     [XSTATE_BNDREGS_BIT] =
1439           { .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_MPX,
1440             .size = sizeof(XSaveBNDREG)  },
1441     [XSTATE_BNDCSR_BIT] =
1442           { .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_MPX,
1443             .size = sizeof(XSaveBNDCSR)  },
1444     [XSTATE_OPMASK_BIT] =
1445           { .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_AVX512F,
1446             .size = sizeof(XSaveOpmask) },
1447     [XSTATE_ZMM_Hi256_BIT] =
1448           { .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_AVX512F,
1449             .size = sizeof(XSaveZMM_Hi256) },
1450     [XSTATE_Hi16_ZMM_BIT] =
1451           { .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_AVX512F,
1452             .size = sizeof(XSaveHi16_ZMM) },
1453     [XSTATE_PKRU_BIT] =
1454           { .feature = FEAT_7_0_ECX, .bits = CPUID_7_0_ECX_PKU,
1455             .size = sizeof(XSavePKRU) },
1456     [XSTATE_ARCH_LBR_BIT] = {
1457             .feature = FEAT_7_0_EDX, .bits = CPUID_7_0_EDX_ARCH_LBR,
1458             .offset = 0 /*supervisor mode component, offset = 0 */,
1459             .size = sizeof(XSavesArchLBR) },
1460     [XSTATE_XTILE_CFG_BIT] = {
1461         .feature = FEAT_7_0_EDX, .bits = CPUID_7_0_EDX_AMX_TILE,
1462         .size = sizeof(XSaveXTILECFG),
1463     },
1464     [XSTATE_XTILE_DATA_BIT] = {
1465         .feature = FEAT_7_0_EDX, .bits = CPUID_7_0_EDX_AMX_TILE,
1466         .size = sizeof(XSaveXTILEDATA)
1467     },
1468 };
1469 
1470 uint32_t xsave_area_size(uint64_t mask, bool compacted)
1471 {
1472     uint64_t ret = x86_ext_save_areas[0].size;
1473     const ExtSaveArea *esa;
1474     uint32_t offset = 0;
1475     int i;
1476 
1477     for (i = 2; i < ARRAY_SIZE(x86_ext_save_areas); i++) {
1478         esa = &x86_ext_save_areas[i];
1479         if ((mask >> i) & 1) {
1480             offset = compacted ? ret : esa->offset;
1481             ret = MAX(ret, offset + esa->size);
1482         }
1483     }
1484     return ret;
1485 }
1486 
1487 static inline bool accel_uses_host_cpuid(void)
1488 {
1489     return kvm_enabled() || hvf_enabled();
1490 }
1491 
1492 static inline uint64_t x86_cpu_xsave_xcr0_components(X86CPU *cpu)
1493 {
1494     return ((uint64_t)cpu->env.features[FEAT_XSAVE_XCR0_HI]) << 32 |
1495            cpu->env.features[FEAT_XSAVE_XCR0_LO];
1496 }
1497 
1498 /* Return name of 32-bit register, from a R_* constant */
1499 static const char *get_register_name_32(unsigned int reg)
1500 {
1501     if (reg >= CPU_NB_REGS32) {
1502         return NULL;
1503     }
1504     return x86_reg_info_32[reg].name;
1505 }
1506 
1507 static inline uint64_t x86_cpu_xsave_xss_components(X86CPU *cpu)
1508 {
1509     return ((uint64_t)cpu->env.features[FEAT_XSAVE_XSS_HI]) << 32 |
1510            cpu->env.features[FEAT_XSAVE_XSS_LO];
1511 }
1512 
1513 /*
1514  * Returns the set of feature flags that are supported and migratable by
1515  * QEMU, for a given FeatureWord.
1516  */
1517 static uint64_t x86_cpu_get_migratable_flags(FeatureWord w)
1518 {
1519     FeatureWordInfo *wi = &feature_word_info[w];
1520     uint64_t r = 0;
1521     int i;
1522 
1523     for (i = 0; i < 64; i++) {
1524         uint64_t f = 1ULL << i;
1525 
1526         /* If the feature name is known, it is implicitly considered migratable,
1527          * unless it is explicitly set in unmigratable_flags */
1528         if ((wi->migratable_flags & f) ||
1529             (wi->feat_names[i] && !(wi->unmigratable_flags & f))) {
1530             r |= f;
1531         }
1532     }
1533     return r;
1534 }
1535 
1536 void host_cpuid(uint32_t function, uint32_t count,
1537                 uint32_t *eax, uint32_t *ebx, uint32_t *ecx, uint32_t *edx)
1538 {
1539     uint32_t vec[4];
1540 
1541 #ifdef __x86_64__
1542     asm volatile("cpuid"
1543                  : "=a"(vec[0]), "=b"(vec[1]),
1544                    "=c"(vec[2]), "=d"(vec[3])
1545                  : "0"(function), "c"(count) : "cc");
1546 #elif defined(__i386__)
1547     asm volatile("pusha \n\t"
1548                  "cpuid \n\t"
1549                  "mov %%eax, 0(%2) \n\t"
1550                  "mov %%ebx, 4(%2) \n\t"
1551                  "mov %%ecx, 8(%2) \n\t"
1552                  "mov %%edx, 12(%2) \n\t"
1553                  "popa"
1554                  : : "a"(function), "c"(count), "S"(vec)
1555                  : "memory", "cc");
1556 #else
1557     abort();
1558 #endif
1559 
1560     if (eax)
1561         *eax = vec[0];
1562     if (ebx)
1563         *ebx = vec[1];
1564     if (ecx)
1565         *ecx = vec[2];
1566     if (edx)
1567         *edx = vec[3];
1568 }
1569 
1570 /* CPU class name definitions: */
1571 
1572 /* Return type name for a given CPU model name
1573  * Caller is responsible for freeing the returned string.
1574  */
1575 static char *x86_cpu_type_name(const char *model_name)
1576 {
1577     return g_strdup_printf(X86_CPU_TYPE_NAME("%s"), model_name);
1578 }
1579 
1580 static ObjectClass *x86_cpu_class_by_name(const char *cpu_model)
1581 {
1582     g_autofree char *typename = x86_cpu_type_name(cpu_model);
1583     return object_class_by_name(typename);
1584 }
1585 
1586 static char *x86_cpu_class_get_model_name(X86CPUClass *cc)
1587 {
1588     const char *class_name = object_class_get_name(OBJECT_CLASS(cc));
1589     assert(g_str_has_suffix(class_name, X86_CPU_TYPE_SUFFIX));
1590     return g_strndup(class_name,
1591                      strlen(class_name) - strlen(X86_CPU_TYPE_SUFFIX));
1592 }
1593 
1594 typedef struct X86CPUVersionDefinition {
1595     X86CPUVersion version;
1596     const char *alias;
1597     const char *note;
1598     PropValue *props;
1599 } X86CPUVersionDefinition;
1600 
1601 /* Base definition for a CPU model */
1602 typedef struct X86CPUDefinition {
1603     const char *name;
1604     uint32_t level;
1605     uint32_t xlevel;
1606     /* vendor is zero-terminated, 12 character ASCII string */
1607     char vendor[CPUID_VENDOR_SZ + 1];
1608     int family;
1609     int model;
1610     int stepping;
1611     FeatureWordArray features;
1612     const char *model_id;
1613     const CPUCaches *const cache_info;
1614     /*
1615      * Definitions for alternative versions of CPU model.
1616      * List is terminated by item with version == 0.
1617      * If NULL, version 1 will be registered automatically.
1618      */
1619     const X86CPUVersionDefinition *versions;
1620     const char *deprecation_note;
1621 } X86CPUDefinition;
1622 
1623 /* Reference to a specific CPU model version */
1624 struct X86CPUModel {
1625     /* Base CPU definition */
1626     const X86CPUDefinition *cpudef;
1627     /* CPU model version */
1628     X86CPUVersion version;
1629     const char *note;
1630     /*
1631      * If true, this is an alias CPU model.
1632      * This matters only for "-cpu help" and query-cpu-definitions
1633      */
1634     bool is_alias;
1635 };
1636 
1637 /* Get full model name for CPU version */
1638 static char *x86_cpu_versioned_model_name(const X86CPUDefinition *cpudef,
1639                                           X86CPUVersion version)
1640 {
1641     assert(version > 0);
1642     return g_strdup_printf("%s-v%d", cpudef->name, (int)version);
1643 }
1644 
1645 static const X86CPUVersionDefinition *
1646 x86_cpu_def_get_versions(const X86CPUDefinition *def)
1647 {
1648     /* When X86CPUDefinition::versions is NULL, we register only v1 */
1649     static const X86CPUVersionDefinition default_version_list[] = {
1650         { 1 },
1651         { /* end of list */ }
1652     };
1653 
1654     return def->versions ?: default_version_list;
1655 }
1656 
1657 static const CPUCaches epyc_cache_info = {
1658     .l1d_cache = &(CPUCacheInfo) {
1659         .type = DATA_CACHE,
1660         .level = 1,
1661         .size = 32 * KiB,
1662         .line_size = 64,
1663         .associativity = 8,
1664         .partitions = 1,
1665         .sets = 64,
1666         .lines_per_tag = 1,
1667         .self_init = 1,
1668         .no_invd_sharing = true,
1669     },
1670     .l1i_cache = &(CPUCacheInfo) {
1671         .type = INSTRUCTION_CACHE,
1672         .level = 1,
1673         .size = 64 * KiB,
1674         .line_size = 64,
1675         .associativity = 4,
1676         .partitions = 1,
1677         .sets = 256,
1678         .lines_per_tag = 1,
1679         .self_init = 1,
1680         .no_invd_sharing = true,
1681     },
1682     .l2_cache = &(CPUCacheInfo) {
1683         .type = UNIFIED_CACHE,
1684         .level = 2,
1685         .size = 512 * KiB,
1686         .line_size = 64,
1687         .associativity = 8,
1688         .partitions = 1,
1689         .sets = 1024,
1690         .lines_per_tag = 1,
1691     },
1692     .l3_cache = &(CPUCacheInfo) {
1693         .type = UNIFIED_CACHE,
1694         .level = 3,
1695         .size = 8 * MiB,
1696         .line_size = 64,
1697         .associativity = 16,
1698         .partitions = 1,
1699         .sets = 8192,
1700         .lines_per_tag = 1,
1701         .self_init = true,
1702         .inclusive = true,
1703         .complex_indexing = true,
1704     },
1705 };
1706 
1707 static const CPUCaches epyc_rome_cache_info = {
1708     .l1d_cache = &(CPUCacheInfo) {
1709         .type = DATA_CACHE,
1710         .level = 1,
1711         .size = 32 * KiB,
1712         .line_size = 64,
1713         .associativity = 8,
1714         .partitions = 1,
1715         .sets = 64,
1716         .lines_per_tag = 1,
1717         .self_init = 1,
1718         .no_invd_sharing = true,
1719     },
1720     .l1i_cache = &(CPUCacheInfo) {
1721         .type = INSTRUCTION_CACHE,
1722         .level = 1,
1723         .size = 32 * KiB,
1724         .line_size = 64,
1725         .associativity = 8,
1726         .partitions = 1,
1727         .sets = 64,
1728         .lines_per_tag = 1,
1729         .self_init = 1,
1730         .no_invd_sharing = true,
1731     },
1732     .l2_cache = &(CPUCacheInfo) {
1733         .type = UNIFIED_CACHE,
1734         .level = 2,
1735         .size = 512 * KiB,
1736         .line_size = 64,
1737         .associativity = 8,
1738         .partitions = 1,
1739         .sets = 1024,
1740         .lines_per_tag = 1,
1741     },
1742     .l3_cache = &(CPUCacheInfo) {
1743         .type = UNIFIED_CACHE,
1744         .level = 3,
1745         .size = 16 * MiB,
1746         .line_size = 64,
1747         .associativity = 16,
1748         .partitions = 1,
1749         .sets = 16384,
1750         .lines_per_tag = 1,
1751         .self_init = true,
1752         .inclusive = true,
1753         .complex_indexing = true,
1754     },
1755 };
1756 
1757 static const CPUCaches epyc_milan_cache_info = {
1758     .l1d_cache = &(CPUCacheInfo) {
1759         .type = DATA_CACHE,
1760         .level = 1,
1761         .size = 32 * KiB,
1762         .line_size = 64,
1763         .associativity = 8,
1764         .partitions = 1,
1765         .sets = 64,
1766         .lines_per_tag = 1,
1767         .self_init = 1,
1768         .no_invd_sharing = true,
1769     },
1770     .l1i_cache = &(CPUCacheInfo) {
1771         .type = INSTRUCTION_CACHE,
1772         .level = 1,
1773         .size = 32 * KiB,
1774         .line_size = 64,
1775         .associativity = 8,
1776         .partitions = 1,
1777         .sets = 64,
1778         .lines_per_tag = 1,
1779         .self_init = 1,
1780         .no_invd_sharing = true,
1781     },
1782     .l2_cache = &(CPUCacheInfo) {
1783         .type = UNIFIED_CACHE,
1784         .level = 2,
1785         .size = 512 * KiB,
1786         .line_size = 64,
1787         .associativity = 8,
1788         .partitions = 1,
1789         .sets = 1024,
1790         .lines_per_tag = 1,
1791     },
1792     .l3_cache = &(CPUCacheInfo) {
1793         .type = UNIFIED_CACHE,
1794         .level = 3,
1795         .size = 32 * MiB,
1796         .line_size = 64,
1797         .associativity = 16,
1798         .partitions = 1,
1799         .sets = 32768,
1800         .lines_per_tag = 1,
1801         .self_init = true,
1802         .inclusive = true,
1803         .complex_indexing = true,
1804     },
1805 };
1806 
1807 /* The following VMX features are not supported by KVM and are left out in the
1808  * CPU definitions:
1809  *
1810  *  Dual-monitor support (all processors)
1811  *  Entry to SMM
1812  *  Deactivate dual-monitor treatment
1813  *  Number of CR3-target values
1814  *  Shutdown activity state
1815  *  Wait-for-SIPI activity state
1816  *  PAUSE-loop exiting (Westmere and newer)
1817  *  EPT-violation #VE (Broadwell and newer)
1818  *  Inject event with insn length=0 (Skylake and newer)
1819  *  Conceal non-root operation from PT
1820  *  Conceal VM exits from PT
1821  *  Conceal VM entries from PT
1822  *  Enable ENCLS exiting
1823  *  Mode-based execute control (XS/XU)
1824  s  TSC scaling (Skylake Server and newer)
1825  *  GPA translation for PT (IceLake and newer)
1826  *  User wait and pause
1827  *  ENCLV exiting
1828  *  Load IA32_RTIT_CTL
1829  *  Clear IA32_RTIT_CTL
1830  *  Advanced VM-exit information for EPT violations
1831  *  Sub-page write permissions
1832  *  PT in VMX operation
1833  */
1834 
1835 static const X86CPUDefinition builtin_x86_defs[] = {
1836     {
1837         .name = "qemu64",
1838         .level = 0xd,
1839         .vendor = CPUID_VENDOR_AMD,
1840         .family = 15,
1841         .model = 107,
1842         .stepping = 1,
1843         .features[FEAT_1_EDX] =
1844             PPRO_FEATURES |
1845             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA |
1846             CPUID_PSE36,
1847         .features[FEAT_1_ECX] =
1848             CPUID_EXT_SSE3 | CPUID_EXT_CX16,
1849         .features[FEAT_8000_0001_EDX] =
1850             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX,
1851         .features[FEAT_8000_0001_ECX] =
1852             CPUID_EXT3_LAHF_LM | CPUID_EXT3_SVM,
1853         .xlevel = 0x8000000A,
1854         .model_id = "QEMU Virtual CPU version " QEMU_HW_VERSION,
1855     },
1856     {
1857         .name = "phenom",
1858         .level = 5,
1859         .vendor = CPUID_VENDOR_AMD,
1860         .family = 16,
1861         .model = 2,
1862         .stepping = 3,
1863         /* Missing: CPUID_HT */
1864         .features[FEAT_1_EDX] =
1865             PPRO_FEATURES |
1866             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA |
1867             CPUID_PSE36 | CPUID_VME,
1868         .features[FEAT_1_ECX] =
1869             CPUID_EXT_SSE3 | CPUID_EXT_MONITOR | CPUID_EXT_CX16 |
1870             CPUID_EXT_POPCNT,
1871         .features[FEAT_8000_0001_EDX] =
1872             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX |
1873             CPUID_EXT2_3DNOW | CPUID_EXT2_3DNOWEXT | CPUID_EXT2_MMXEXT |
1874             CPUID_EXT2_FFXSR | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP,
1875         /* Missing: CPUID_EXT3_CMP_LEG, CPUID_EXT3_EXTAPIC,
1876                     CPUID_EXT3_CR8LEG,
1877                     CPUID_EXT3_MISALIGNSSE, CPUID_EXT3_3DNOWPREFETCH,
1878                     CPUID_EXT3_OSVW, CPUID_EXT3_IBS */
1879         .features[FEAT_8000_0001_ECX] =
1880             CPUID_EXT3_LAHF_LM | CPUID_EXT3_SVM |
1881             CPUID_EXT3_ABM | CPUID_EXT3_SSE4A,
1882         /* Missing: CPUID_SVM_LBRV */
1883         .features[FEAT_SVM] =
1884             CPUID_SVM_NPT,
1885         .xlevel = 0x8000001A,
1886         .model_id = "AMD Phenom(tm) 9550 Quad-Core Processor"
1887     },
1888     {
1889         .name = "core2duo",
1890         .level = 10,
1891         .vendor = CPUID_VENDOR_INTEL,
1892         .family = 6,
1893         .model = 15,
1894         .stepping = 11,
1895         /* Missing: CPUID_DTS, CPUID_HT, CPUID_TM, CPUID_PBE */
1896         .features[FEAT_1_EDX] =
1897             PPRO_FEATURES |
1898             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA |
1899             CPUID_PSE36 | CPUID_VME | CPUID_ACPI | CPUID_SS,
1900         /* Missing: CPUID_EXT_DTES64, CPUID_EXT_DSCPL, CPUID_EXT_EST,
1901          * CPUID_EXT_TM2, CPUID_EXT_XTPR, CPUID_EXT_PDCM, CPUID_EXT_VMX */
1902         .features[FEAT_1_ECX] =
1903             CPUID_EXT_SSE3 | CPUID_EXT_MONITOR | CPUID_EXT_SSSE3 |
1904             CPUID_EXT_CX16,
1905         .features[FEAT_8000_0001_EDX] =
1906             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX,
1907         .features[FEAT_8000_0001_ECX] =
1908             CPUID_EXT3_LAHF_LM,
1909         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS,
1910         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE,
1911         .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT,
1912         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
1913         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
1914              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS,
1915         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
1916              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
1917              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
1918              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
1919              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
1920              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
1921              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
1922              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
1923              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
1924              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
1925         .features[FEAT_VMX_SECONDARY_CTLS] =
1926              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES,
1927         .xlevel = 0x80000008,
1928         .model_id = "Intel(R) Core(TM)2 Duo CPU     T7700  @ 2.40GHz",
1929     },
1930     {
1931         .name = "kvm64",
1932         .level = 0xd,
1933         .vendor = CPUID_VENDOR_INTEL,
1934         .family = 15,
1935         .model = 6,
1936         .stepping = 1,
1937         /* Missing: CPUID_HT */
1938         .features[FEAT_1_EDX] =
1939             PPRO_FEATURES | CPUID_VME |
1940             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA |
1941             CPUID_PSE36,
1942         /* Missing: CPUID_EXT_POPCNT, CPUID_EXT_MONITOR */
1943         .features[FEAT_1_ECX] =
1944             CPUID_EXT_SSE3 | CPUID_EXT_CX16,
1945         /* Missing: CPUID_EXT2_PDPE1GB, CPUID_EXT2_RDTSCP */
1946         .features[FEAT_8000_0001_EDX] =
1947             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX,
1948         /* Missing: CPUID_EXT3_LAHF_LM, CPUID_EXT3_CMP_LEG, CPUID_EXT3_EXTAPIC,
1949                     CPUID_EXT3_CR8LEG, CPUID_EXT3_ABM, CPUID_EXT3_SSE4A,
1950                     CPUID_EXT3_MISALIGNSSE, CPUID_EXT3_3DNOWPREFETCH,
1951                     CPUID_EXT3_OSVW, CPUID_EXT3_IBS, CPUID_EXT3_SVM */
1952         .features[FEAT_8000_0001_ECX] =
1953             0,
1954         /* VMX features from Cedar Mill/Prescott */
1955         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE,
1956         .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT,
1957         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
1958         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
1959              VMX_PIN_BASED_NMI_EXITING,
1960         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
1961              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
1962              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
1963              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
1964              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
1965              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
1966              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
1967              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING,
1968         .xlevel = 0x80000008,
1969         .model_id = "Common KVM processor"
1970     },
1971     {
1972         .name = "qemu32",
1973         .level = 4,
1974         .vendor = CPUID_VENDOR_INTEL,
1975         .family = 6,
1976         .model = 6,
1977         .stepping = 3,
1978         .features[FEAT_1_EDX] =
1979             PPRO_FEATURES,
1980         .features[FEAT_1_ECX] =
1981             CPUID_EXT_SSE3,
1982         .xlevel = 0x80000004,
1983         .model_id = "QEMU Virtual CPU version " QEMU_HW_VERSION,
1984     },
1985     {
1986         .name = "kvm32",
1987         .level = 5,
1988         .vendor = CPUID_VENDOR_INTEL,
1989         .family = 15,
1990         .model = 6,
1991         .stepping = 1,
1992         .features[FEAT_1_EDX] =
1993             PPRO_FEATURES | CPUID_VME |
1994             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA | CPUID_PSE36,
1995         .features[FEAT_1_ECX] =
1996             CPUID_EXT_SSE3,
1997         .features[FEAT_8000_0001_ECX] =
1998             0,
1999         /* VMX features from Yonah */
2000         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE,
2001         .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT,
2002         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
2003         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2004              VMX_PIN_BASED_NMI_EXITING,
2005         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2006              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2007              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2008              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2009              VMX_CPU_BASED_MOV_DR_EXITING | VMX_CPU_BASED_UNCOND_IO_EXITING |
2010              VMX_CPU_BASED_USE_IO_BITMAPS | VMX_CPU_BASED_MONITOR_EXITING |
2011              VMX_CPU_BASED_PAUSE_EXITING | VMX_CPU_BASED_USE_MSR_BITMAPS,
2012         .xlevel = 0x80000008,
2013         .model_id = "Common 32-bit KVM processor"
2014     },
2015     {
2016         .name = "coreduo",
2017         .level = 10,
2018         .vendor = CPUID_VENDOR_INTEL,
2019         .family = 6,
2020         .model = 14,
2021         .stepping = 8,
2022         /* Missing: CPUID_DTS, CPUID_HT, CPUID_TM, CPUID_PBE */
2023         .features[FEAT_1_EDX] =
2024             PPRO_FEATURES | CPUID_VME |
2025             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA | CPUID_ACPI |
2026             CPUID_SS,
2027         /* Missing: CPUID_EXT_EST, CPUID_EXT_TM2 , CPUID_EXT_XTPR,
2028          * CPUID_EXT_PDCM, CPUID_EXT_VMX */
2029         .features[FEAT_1_ECX] =
2030             CPUID_EXT_SSE3 | CPUID_EXT_MONITOR,
2031         .features[FEAT_8000_0001_EDX] =
2032             CPUID_EXT2_NX,
2033         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE,
2034         .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT,
2035         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
2036         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2037              VMX_PIN_BASED_NMI_EXITING,
2038         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2039              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2040              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2041              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2042              VMX_CPU_BASED_MOV_DR_EXITING | VMX_CPU_BASED_UNCOND_IO_EXITING |
2043              VMX_CPU_BASED_USE_IO_BITMAPS | VMX_CPU_BASED_MONITOR_EXITING |
2044              VMX_CPU_BASED_PAUSE_EXITING | VMX_CPU_BASED_USE_MSR_BITMAPS,
2045         .xlevel = 0x80000008,
2046         .model_id = "Genuine Intel(R) CPU           T2600  @ 2.16GHz",
2047     },
2048     {
2049         .name = "486",
2050         .level = 1,
2051         .vendor = CPUID_VENDOR_INTEL,
2052         .family = 4,
2053         .model = 8,
2054         .stepping = 0,
2055         .features[FEAT_1_EDX] =
2056             I486_FEATURES,
2057         .xlevel = 0,
2058         .model_id = "",
2059     },
2060     {
2061         .name = "pentium",
2062         .level = 1,
2063         .vendor = CPUID_VENDOR_INTEL,
2064         .family = 5,
2065         .model = 4,
2066         .stepping = 3,
2067         .features[FEAT_1_EDX] =
2068             PENTIUM_FEATURES,
2069         .xlevel = 0,
2070         .model_id = "",
2071     },
2072     {
2073         .name = "pentium2",
2074         .level = 2,
2075         .vendor = CPUID_VENDOR_INTEL,
2076         .family = 6,
2077         .model = 5,
2078         .stepping = 2,
2079         .features[FEAT_1_EDX] =
2080             PENTIUM2_FEATURES,
2081         .xlevel = 0,
2082         .model_id = "",
2083     },
2084     {
2085         .name = "pentium3",
2086         .level = 3,
2087         .vendor = CPUID_VENDOR_INTEL,
2088         .family = 6,
2089         .model = 7,
2090         .stepping = 3,
2091         .features[FEAT_1_EDX] =
2092             PENTIUM3_FEATURES,
2093         .xlevel = 0,
2094         .model_id = "",
2095     },
2096     {
2097         .name = "athlon",
2098         .level = 2,
2099         .vendor = CPUID_VENDOR_AMD,
2100         .family = 6,
2101         .model = 2,
2102         .stepping = 3,
2103         .features[FEAT_1_EDX] =
2104             PPRO_FEATURES | CPUID_PSE36 | CPUID_VME | CPUID_MTRR |
2105             CPUID_MCA,
2106         .features[FEAT_8000_0001_EDX] =
2107             CPUID_EXT2_MMXEXT | CPUID_EXT2_3DNOW | CPUID_EXT2_3DNOWEXT,
2108         .xlevel = 0x80000008,
2109         .model_id = "QEMU Virtual CPU version " QEMU_HW_VERSION,
2110     },
2111     {
2112         .name = "n270",
2113         .level = 10,
2114         .vendor = CPUID_VENDOR_INTEL,
2115         .family = 6,
2116         .model = 28,
2117         .stepping = 2,
2118         /* Missing: CPUID_DTS, CPUID_HT, CPUID_TM, CPUID_PBE */
2119         .features[FEAT_1_EDX] =
2120             PPRO_FEATURES |
2121             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA | CPUID_VME |
2122             CPUID_ACPI | CPUID_SS,
2123             /* Some CPUs got no CPUID_SEP */
2124         /* Missing: CPUID_EXT_DSCPL, CPUID_EXT_EST, CPUID_EXT_TM2,
2125          * CPUID_EXT_XTPR */
2126         .features[FEAT_1_ECX] =
2127             CPUID_EXT_SSE3 | CPUID_EXT_MONITOR | CPUID_EXT_SSSE3 |
2128             CPUID_EXT_MOVBE,
2129         .features[FEAT_8000_0001_EDX] =
2130             CPUID_EXT2_NX,
2131         .features[FEAT_8000_0001_ECX] =
2132             CPUID_EXT3_LAHF_LM,
2133         .xlevel = 0x80000008,
2134         .model_id = "Intel(R) Atom(TM) CPU N270   @ 1.60GHz",
2135     },
2136     {
2137         .name = "Conroe",
2138         .level = 10,
2139         .vendor = CPUID_VENDOR_INTEL,
2140         .family = 6,
2141         .model = 15,
2142         .stepping = 3,
2143         .features[FEAT_1_EDX] =
2144             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2145             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2146             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2147             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2148             CPUID_DE | CPUID_FP87,
2149         .features[FEAT_1_ECX] =
2150             CPUID_EXT_SSSE3 | CPUID_EXT_SSE3,
2151         .features[FEAT_8000_0001_EDX] =
2152             CPUID_EXT2_LM | CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
2153         .features[FEAT_8000_0001_ECX] =
2154             CPUID_EXT3_LAHF_LM,
2155         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS,
2156         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE,
2157         .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT,
2158         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
2159         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2160              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS,
2161         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2162              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2163              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2164              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2165              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2166              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2167              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2168              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2169              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2170              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2171         .features[FEAT_VMX_SECONDARY_CTLS] =
2172              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES,
2173         .xlevel = 0x80000008,
2174         .model_id = "Intel Celeron_4x0 (Conroe/Merom Class Core 2)",
2175     },
2176     {
2177         .name = "Penryn",
2178         .level = 10,
2179         .vendor = CPUID_VENDOR_INTEL,
2180         .family = 6,
2181         .model = 23,
2182         .stepping = 3,
2183         .features[FEAT_1_EDX] =
2184             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2185             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2186             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2187             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2188             CPUID_DE | CPUID_FP87,
2189         .features[FEAT_1_ECX] =
2190             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
2191             CPUID_EXT_SSE3,
2192         .features[FEAT_8000_0001_EDX] =
2193             CPUID_EXT2_LM | CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
2194         .features[FEAT_8000_0001_ECX] =
2195             CPUID_EXT3_LAHF_LM,
2196         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS,
2197         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2198              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL,
2199         .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT |
2200              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL,
2201         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
2202         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2203              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS,
2204         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2205              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2206              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2207              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2208              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2209              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2210              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2211              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2212              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2213              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2214         .features[FEAT_VMX_SECONDARY_CTLS] =
2215              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2216              VMX_SECONDARY_EXEC_WBINVD_EXITING,
2217         .xlevel = 0x80000008,
2218         .model_id = "Intel Core 2 Duo P9xxx (Penryn Class Core 2)",
2219     },
2220     {
2221         .name = "Nehalem",
2222         .level = 11,
2223         .vendor = CPUID_VENDOR_INTEL,
2224         .family = 6,
2225         .model = 26,
2226         .stepping = 3,
2227         .features[FEAT_1_EDX] =
2228             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2229             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2230             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2231             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2232             CPUID_DE | CPUID_FP87,
2233         .features[FEAT_1_ECX] =
2234             CPUID_EXT_POPCNT | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
2235             CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | CPUID_EXT_SSE3,
2236         .features[FEAT_8000_0001_EDX] =
2237             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX,
2238         .features[FEAT_8000_0001_ECX] =
2239             CPUID_EXT3_LAHF_LM,
2240         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2241              MSR_VMX_BASIC_TRUE_CTLS,
2242         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2243              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2244              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2245         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2246              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2247              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2248              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2249              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2250              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2251              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS,
2252         .features[FEAT_VMX_EXIT_CTLS] =
2253              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2254              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2255              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2256              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2257              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2258         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
2259         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2260              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2261              VMX_PIN_BASED_VMX_PREEMPTION_TIMER,
2262         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2263              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2264              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2265              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2266              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2267              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2268              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2269              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2270              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2271              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2272              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2273              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2274         .features[FEAT_VMX_SECONDARY_CTLS] =
2275              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2276              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2277              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2278              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
2279              VMX_SECONDARY_EXEC_ENABLE_VPID,
2280         .xlevel = 0x80000008,
2281         .model_id = "Intel Core i7 9xx (Nehalem Class Core i7)",
2282         .versions = (X86CPUVersionDefinition[]) {
2283             { .version = 1 },
2284             {
2285                 .version = 2,
2286                 .alias = "Nehalem-IBRS",
2287                 .props = (PropValue[]) {
2288                     { "spec-ctrl", "on" },
2289                     { "model-id",
2290                       "Intel Core i7 9xx (Nehalem Core i7, IBRS update)" },
2291                     { /* end of list */ }
2292                 }
2293             },
2294             { /* end of list */ }
2295         }
2296     },
2297     {
2298         .name = "Westmere",
2299         .level = 11,
2300         .vendor = CPUID_VENDOR_INTEL,
2301         .family = 6,
2302         .model = 44,
2303         .stepping = 1,
2304         .features[FEAT_1_EDX] =
2305             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2306             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2307             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2308             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2309             CPUID_DE | CPUID_FP87,
2310         .features[FEAT_1_ECX] =
2311             CPUID_EXT_AES | CPUID_EXT_POPCNT | CPUID_EXT_SSE42 |
2312             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
2313             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3,
2314         .features[FEAT_8000_0001_EDX] =
2315             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX,
2316         .features[FEAT_8000_0001_ECX] =
2317             CPUID_EXT3_LAHF_LM,
2318         .features[FEAT_6_EAX] =
2319             CPUID_6_EAX_ARAT,
2320         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2321              MSR_VMX_BASIC_TRUE_CTLS,
2322         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2323              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2324              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2325         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2326              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2327              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2328              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2329              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2330              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2331              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS,
2332         .features[FEAT_VMX_EXIT_CTLS] =
2333              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2334              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2335              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2336              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2337              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2338         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
2339              MSR_VMX_MISC_STORE_LMA,
2340         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2341              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2342              VMX_PIN_BASED_VMX_PREEMPTION_TIMER,
2343         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2344              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2345              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2346              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2347              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2348              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2349              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2350              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2351              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2352              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2353              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2354              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2355         .features[FEAT_VMX_SECONDARY_CTLS] =
2356              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2357              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2358              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2359              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
2360              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST,
2361         .xlevel = 0x80000008,
2362         .model_id = "Westmere E56xx/L56xx/X56xx (Nehalem-C)",
2363         .versions = (X86CPUVersionDefinition[]) {
2364             { .version = 1 },
2365             {
2366                 .version = 2,
2367                 .alias = "Westmere-IBRS",
2368                 .props = (PropValue[]) {
2369                     { "spec-ctrl", "on" },
2370                     { "model-id",
2371                       "Westmere E56xx/L56xx/X56xx (IBRS update)" },
2372                     { /* end of list */ }
2373                 }
2374             },
2375             { /* end of list */ }
2376         }
2377     },
2378     {
2379         .name = "SandyBridge",
2380         .level = 0xd,
2381         .vendor = CPUID_VENDOR_INTEL,
2382         .family = 6,
2383         .model = 42,
2384         .stepping = 1,
2385         .features[FEAT_1_EDX] =
2386             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2387             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2388             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2389             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2390             CPUID_DE | CPUID_FP87,
2391         .features[FEAT_1_ECX] =
2392             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
2393             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_POPCNT |
2394             CPUID_EXT_X2APIC | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
2395             CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | CPUID_EXT_PCLMULQDQ |
2396             CPUID_EXT_SSE3,
2397         .features[FEAT_8000_0001_EDX] =
2398             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
2399             CPUID_EXT2_SYSCALL,
2400         .features[FEAT_8000_0001_ECX] =
2401             CPUID_EXT3_LAHF_LM,
2402         .features[FEAT_XSAVE] =
2403             CPUID_XSAVE_XSAVEOPT,
2404         .features[FEAT_6_EAX] =
2405             CPUID_6_EAX_ARAT,
2406         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2407              MSR_VMX_BASIC_TRUE_CTLS,
2408         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2409              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2410              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2411         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2412              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2413              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2414              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2415              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2416              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2417              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS,
2418         .features[FEAT_VMX_EXIT_CTLS] =
2419              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2420              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2421              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2422              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2423              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2424         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
2425              MSR_VMX_MISC_STORE_LMA,
2426         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2427              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2428              VMX_PIN_BASED_VMX_PREEMPTION_TIMER,
2429         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2430              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2431              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2432              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2433              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2434              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2435              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2436              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2437              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2438              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2439              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2440              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2441         .features[FEAT_VMX_SECONDARY_CTLS] =
2442              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2443              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2444              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2445              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
2446              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST,
2447         .xlevel = 0x80000008,
2448         .model_id = "Intel Xeon E312xx (Sandy Bridge)",
2449         .versions = (X86CPUVersionDefinition[]) {
2450             { .version = 1 },
2451             {
2452                 .version = 2,
2453                 .alias = "SandyBridge-IBRS",
2454                 .props = (PropValue[]) {
2455                     { "spec-ctrl", "on" },
2456                     { "model-id",
2457                       "Intel Xeon E312xx (Sandy Bridge, IBRS update)" },
2458                     { /* end of list */ }
2459                 }
2460             },
2461             { /* end of list */ }
2462         }
2463     },
2464     {
2465         .name = "IvyBridge",
2466         .level = 0xd,
2467         .vendor = CPUID_VENDOR_INTEL,
2468         .family = 6,
2469         .model = 58,
2470         .stepping = 9,
2471         .features[FEAT_1_EDX] =
2472             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2473             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2474             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2475             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2476             CPUID_DE | CPUID_FP87,
2477         .features[FEAT_1_ECX] =
2478             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
2479             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_POPCNT |
2480             CPUID_EXT_X2APIC | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
2481             CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | CPUID_EXT_PCLMULQDQ |
2482             CPUID_EXT_SSE3 | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
2483         .features[FEAT_7_0_EBX] =
2484             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_SMEP |
2485             CPUID_7_0_EBX_ERMS,
2486         .features[FEAT_8000_0001_EDX] =
2487             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
2488             CPUID_EXT2_SYSCALL,
2489         .features[FEAT_8000_0001_ECX] =
2490             CPUID_EXT3_LAHF_LM,
2491         .features[FEAT_XSAVE] =
2492             CPUID_XSAVE_XSAVEOPT,
2493         .features[FEAT_6_EAX] =
2494             CPUID_6_EAX_ARAT,
2495         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2496              MSR_VMX_BASIC_TRUE_CTLS,
2497         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2498              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2499              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2500         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2501              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2502              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2503              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2504              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2505              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2506              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS,
2507         .features[FEAT_VMX_EXIT_CTLS] =
2508              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2509              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2510              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2511              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2512              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2513         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
2514              MSR_VMX_MISC_STORE_LMA,
2515         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2516              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2517              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
2518         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2519              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2520              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2521              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2522              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2523              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2524              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2525              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2526              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2527              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2528              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2529              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2530         .features[FEAT_VMX_SECONDARY_CTLS] =
2531              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2532              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2533              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2534              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
2535              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
2536              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
2537              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
2538              VMX_SECONDARY_EXEC_RDRAND_EXITING,
2539         .xlevel = 0x80000008,
2540         .model_id = "Intel Xeon E3-12xx v2 (Ivy Bridge)",
2541         .versions = (X86CPUVersionDefinition[]) {
2542             { .version = 1 },
2543             {
2544                 .version = 2,
2545                 .alias = "IvyBridge-IBRS",
2546                 .props = (PropValue[]) {
2547                     { "spec-ctrl", "on" },
2548                     { "model-id",
2549                       "Intel Xeon E3-12xx v2 (Ivy Bridge, IBRS)" },
2550                     { /* end of list */ }
2551                 }
2552             },
2553             { /* end of list */ }
2554         }
2555     },
2556     {
2557         .name = "Haswell",
2558         .level = 0xd,
2559         .vendor = CPUID_VENDOR_INTEL,
2560         .family = 6,
2561         .model = 60,
2562         .stepping = 4,
2563         .features[FEAT_1_EDX] =
2564             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2565             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2566             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2567             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2568             CPUID_DE | CPUID_FP87,
2569         .features[FEAT_1_ECX] =
2570             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
2571             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
2572             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
2573             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
2574             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
2575             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
2576         .features[FEAT_8000_0001_EDX] =
2577             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
2578             CPUID_EXT2_SYSCALL,
2579         .features[FEAT_8000_0001_ECX] =
2580             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM,
2581         .features[FEAT_7_0_EBX] =
2582             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
2583             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
2584             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
2585             CPUID_7_0_EBX_RTM,
2586         .features[FEAT_XSAVE] =
2587             CPUID_XSAVE_XSAVEOPT,
2588         .features[FEAT_6_EAX] =
2589             CPUID_6_EAX_ARAT,
2590         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2591              MSR_VMX_BASIC_TRUE_CTLS,
2592         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2593              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2594              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2595         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2596              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2597              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2598              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2599              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2600              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2601              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
2602         .features[FEAT_VMX_EXIT_CTLS] =
2603              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2604              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2605              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2606              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2607              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2608         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
2609              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
2610         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2611              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2612              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
2613         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2614              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2615              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2616              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2617              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2618              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2619              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2620              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2621              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2622              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2623              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2624              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2625         .features[FEAT_VMX_SECONDARY_CTLS] =
2626              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2627              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2628              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2629              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
2630              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
2631              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
2632              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
2633              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
2634              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS,
2635         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
2636         .xlevel = 0x80000008,
2637         .model_id = "Intel Core Processor (Haswell)",
2638         .versions = (X86CPUVersionDefinition[]) {
2639             { .version = 1 },
2640             {
2641                 .version = 2,
2642                 .alias = "Haswell-noTSX",
2643                 .props = (PropValue[]) {
2644                     { "hle", "off" },
2645                     { "rtm", "off" },
2646                     { "stepping", "1" },
2647                     { "model-id", "Intel Core Processor (Haswell, no TSX)", },
2648                     { /* end of list */ }
2649                 },
2650             },
2651             {
2652                 .version = 3,
2653                 .alias = "Haswell-IBRS",
2654                 .props = (PropValue[]) {
2655                     /* Restore TSX features removed by -v2 above */
2656                     { "hle", "on" },
2657                     { "rtm", "on" },
2658                     /*
2659                      * Haswell and Haswell-IBRS had stepping=4 in
2660                      * QEMU 4.0 and older
2661                      */
2662                     { "stepping", "4" },
2663                     { "spec-ctrl", "on" },
2664                     { "model-id",
2665                       "Intel Core Processor (Haswell, IBRS)" },
2666                     { /* end of list */ }
2667                 }
2668             },
2669             {
2670                 .version = 4,
2671                 .alias = "Haswell-noTSX-IBRS",
2672                 .props = (PropValue[]) {
2673                     { "hle", "off" },
2674                     { "rtm", "off" },
2675                     /* spec-ctrl was already enabled by -v3 above */
2676                     { "stepping", "1" },
2677                     { "model-id",
2678                       "Intel Core Processor (Haswell, no TSX, IBRS)" },
2679                     { /* end of list */ }
2680                 }
2681             },
2682             { /* end of list */ }
2683         }
2684     },
2685     {
2686         .name = "Broadwell",
2687         .level = 0xd,
2688         .vendor = CPUID_VENDOR_INTEL,
2689         .family = 6,
2690         .model = 61,
2691         .stepping = 2,
2692         .features[FEAT_1_EDX] =
2693             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2694             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2695             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2696             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2697             CPUID_DE | CPUID_FP87,
2698         .features[FEAT_1_ECX] =
2699             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
2700             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
2701             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
2702             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
2703             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
2704             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
2705         .features[FEAT_8000_0001_EDX] =
2706             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
2707             CPUID_EXT2_SYSCALL,
2708         .features[FEAT_8000_0001_ECX] =
2709             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
2710         .features[FEAT_7_0_EBX] =
2711             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
2712             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
2713             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
2714             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
2715             CPUID_7_0_EBX_SMAP,
2716         .features[FEAT_XSAVE] =
2717             CPUID_XSAVE_XSAVEOPT,
2718         .features[FEAT_6_EAX] =
2719             CPUID_6_EAX_ARAT,
2720         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2721              MSR_VMX_BASIC_TRUE_CTLS,
2722         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2723              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2724              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2725         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2726              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2727              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2728              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2729              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2730              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2731              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
2732         .features[FEAT_VMX_EXIT_CTLS] =
2733              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2734              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2735              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2736              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2737              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2738         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
2739              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
2740         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2741              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2742              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
2743         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2744              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2745              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2746              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2747              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2748              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2749              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2750              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2751              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2752              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2753              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2754              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2755         .features[FEAT_VMX_SECONDARY_CTLS] =
2756              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2757              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2758              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2759              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
2760              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
2761              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
2762              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
2763              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
2764              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
2765              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
2766         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
2767         .xlevel = 0x80000008,
2768         .model_id = "Intel Core Processor (Broadwell)",
2769         .versions = (X86CPUVersionDefinition[]) {
2770             { .version = 1 },
2771             {
2772                 .version = 2,
2773                 .alias = "Broadwell-noTSX",
2774                 .props = (PropValue[]) {
2775                     { "hle", "off" },
2776                     { "rtm", "off" },
2777                     { "model-id", "Intel Core Processor (Broadwell, no TSX)", },
2778                     { /* end of list */ }
2779                 },
2780             },
2781             {
2782                 .version = 3,
2783                 .alias = "Broadwell-IBRS",
2784                 .props = (PropValue[]) {
2785                     /* Restore TSX features removed by -v2 above */
2786                     { "hle", "on" },
2787                     { "rtm", "on" },
2788                     { "spec-ctrl", "on" },
2789                     { "model-id",
2790                       "Intel Core Processor (Broadwell, IBRS)" },
2791                     { /* end of list */ }
2792                 }
2793             },
2794             {
2795                 .version = 4,
2796                 .alias = "Broadwell-noTSX-IBRS",
2797                 .props = (PropValue[]) {
2798                     { "hle", "off" },
2799                     { "rtm", "off" },
2800                     /* spec-ctrl was already enabled by -v3 above */
2801                     { "model-id",
2802                       "Intel Core Processor (Broadwell, no TSX, IBRS)" },
2803                     { /* end of list */ }
2804                 }
2805             },
2806             { /* end of list */ }
2807         }
2808     },
2809     {
2810         .name = "Skylake-Client",
2811         .level = 0xd,
2812         .vendor = CPUID_VENDOR_INTEL,
2813         .family = 6,
2814         .model = 94,
2815         .stepping = 3,
2816         .features[FEAT_1_EDX] =
2817             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2818             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2819             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2820             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2821             CPUID_DE | CPUID_FP87,
2822         .features[FEAT_1_ECX] =
2823             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
2824             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
2825             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
2826             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
2827             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
2828             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
2829         .features[FEAT_8000_0001_EDX] =
2830             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
2831             CPUID_EXT2_SYSCALL,
2832         .features[FEAT_8000_0001_ECX] =
2833             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
2834         .features[FEAT_7_0_EBX] =
2835             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
2836             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
2837             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
2838             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
2839             CPUID_7_0_EBX_SMAP,
2840         /* XSAVES is added in version 4 */
2841         .features[FEAT_XSAVE] =
2842             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
2843             CPUID_XSAVE_XGETBV1,
2844         .features[FEAT_6_EAX] =
2845             CPUID_6_EAX_ARAT,
2846         /* Missing: Mode-based execute control (XS/XU), processor tracing, TSC scaling */
2847         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2848              MSR_VMX_BASIC_TRUE_CTLS,
2849         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2850              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2851              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2852         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2853              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2854              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2855              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2856              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2857              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2858              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
2859         .features[FEAT_VMX_EXIT_CTLS] =
2860              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2861              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2862              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2863              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2864              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2865         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
2866              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
2867         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2868              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2869              VMX_PIN_BASED_VMX_PREEMPTION_TIMER,
2870         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2871              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2872              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2873              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2874              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2875              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2876              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2877              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2878              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2879              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2880              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2881              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2882         .features[FEAT_VMX_SECONDARY_CTLS] =
2883              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2884              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2885              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2886              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
2887              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
2888              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
2889              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
2890         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
2891         .xlevel = 0x80000008,
2892         .model_id = "Intel Core Processor (Skylake)",
2893         .versions = (X86CPUVersionDefinition[]) {
2894             { .version = 1 },
2895             {
2896                 .version = 2,
2897                 .alias = "Skylake-Client-IBRS",
2898                 .props = (PropValue[]) {
2899                     { "spec-ctrl", "on" },
2900                     { "model-id",
2901                       "Intel Core Processor (Skylake, IBRS)" },
2902                     { /* end of list */ }
2903                 }
2904             },
2905             {
2906                 .version = 3,
2907                 .alias = "Skylake-Client-noTSX-IBRS",
2908                 .props = (PropValue[]) {
2909                     { "hle", "off" },
2910                     { "rtm", "off" },
2911                     { "model-id",
2912                       "Intel Core Processor (Skylake, IBRS, no TSX)" },
2913                     { /* end of list */ }
2914                 }
2915             },
2916             {
2917                 .version = 4,
2918                 .note = "IBRS, XSAVES, no TSX",
2919                 .props = (PropValue[]) {
2920                     { "xsaves", "on" },
2921                     { "vmx-xsaves", "on" },
2922                     { /* end of list */ }
2923                 }
2924             },
2925             { /* end of list */ }
2926         }
2927     },
2928     {
2929         .name = "Skylake-Server",
2930         .level = 0xd,
2931         .vendor = CPUID_VENDOR_INTEL,
2932         .family = 6,
2933         .model = 85,
2934         .stepping = 4,
2935         .features[FEAT_1_EDX] =
2936             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2937             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2938             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2939             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2940             CPUID_DE | CPUID_FP87,
2941         .features[FEAT_1_ECX] =
2942             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
2943             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
2944             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
2945             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
2946             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
2947             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
2948         .features[FEAT_8000_0001_EDX] =
2949             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
2950             CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
2951         .features[FEAT_8000_0001_ECX] =
2952             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
2953         .features[FEAT_7_0_EBX] =
2954             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
2955             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
2956             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
2957             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
2958             CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLWB |
2959             CPUID_7_0_EBX_AVX512F | CPUID_7_0_EBX_AVX512DQ |
2960             CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512CD |
2961             CPUID_7_0_EBX_AVX512VL | CPUID_7_0_EBX_CLFLUSHOPT,
2962         .features[FEAT_7_0_ECX] =
2963             CPUID_7_0_ECX_PKU,
2964         /* XSAVES is added in version 5 */
2965         .features[FEAT_XSAVE] =
2966             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
2967             CPUID_XSAVE_XGETBV1,
2968         .features[FEAT_6_EAX] =
2969             CPUID_6_EAX_ARAT,
2970         /* Missing: Mode-based execute control (XS/XU), processor tracing, TSC scaling */
2971         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2972              MSR_VMX_BASIC_TRUE_CTLS,
2973         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2974              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2975              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2976         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2977              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2978              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2979              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2980              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2981              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2982              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
2983         .features[FEAT_VMX_EXIT_CTLS] =
2984              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2985              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2986              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2987              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2988              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2989         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
2990              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
2991         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2992              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2993              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
2994         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2995              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2996              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2997              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2998              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2999              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3000              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3001              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3002              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3003              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3004              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3005              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3006         .features[FEAT_VMX_SECONDARY_CTLS] =
3007              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3008              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3009              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3010              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3011              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3012              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
3013              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
3014              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3015              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
3016              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
3017         .xlevel = 0x80000008,
3018         .model_id = "Intel Xeon Processor (Skylake)",
3019         .versions = (X86CPUVersionDefinition[]) {
3020             { .version = 1 },
3021             {
3022                 .version = 2,
3023                 .alias = "Skylake-Server-IBRS",
3024                 .props = (PropValue[]) {
3025                     /* clflushopt was not added to Skylake-Server-IBRS */
3026                     /* TODO: add -v3 including clflushopt */
3027                     { "clflushopt", "off" },
3028                     { "spec-ctrl", "on" },
3029                     { "model-id",
3030                       "Intel Xeon Processor (Skylake, IBRS)" },
3031                     { /* end of list */ }
3032                 }
3033             },
3034             {
3035                 .version = 3,
3036                 .alias = "Skylake-Server-noTSX-IBRS",
3037                 .props = (PropValue[]) {
3038                     { "hle", "off" },
3039                     { "rtm", "off" },
3040                     { "model-id",
3041                       "Intel Xeon Processor (Skylake, IBRS, no TSX)" },
3042                     { /* end of list */ }
3043                 }
3044             },
3045             {
3046                 .version = 4,
3047                 .props = (PropValue[]) {
3048                     { "vmx-eptp-switching", "on" },
3049                     { /* end of list */ }
3050                 }
3051             },
3052             {
3053                 .version = 5,
3054                 .note = "IBRS, XSAVES, EPT switching, no TSX",
3055                 .props = (PropValue[]) {
3056                     { "xsaves", "on" },
3057                     { "vmx-xsaves", "on" },
3058                     { /* end of list */ }
3059                 }
3060             },
3061             { /* end of list */ }
3062         }
3063     },
3064     {
3065         .name = "Cascadelake-Server",
3066         .level = 0xd,
3067         .vendor = CPUID_VENDOR_INTEL,
3068         .family = 6,
3069         .model = 85,
3070         .stepping = 6,
3071         .features[FEAT_1_EDX] =
3072             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3073             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3074             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3075             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3076             CPUID_DE | CPUID_FP87,
3077         .features[FEAT_1_ECX] =
3078             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
3079             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
3080             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
3081             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
3082             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
3083             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
3084         .features[FEAT_8000_0001_EDX] =
3085             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
3086             CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
3087         .features[FEAT_8000_0001_ECX] =
3088             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
3089         .features[FEAT_7_0_EBX] =
3090             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
3091             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
3092             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
3093             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
3094             CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLWB |
3095             CPUID_7_0_EBX_AVX512F | CPUID_7_0_EBX_AVX512DQ |
3096             CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512CD |
3097             CPUID_7_0_EBX_AVX512VL | CPUID_7_0_EBX_CLFLUSHOPT,
3098         .features[FEAT_7_0_ECX] =
3099             CPUID_7_0_ECX_PKU |
3100             CPUID_7_0_ECX_AVX512VNNI,
3101         .features[FEAT_7_0_EDX] =
3102             CPUID_7_0_EDX_SPEC_CTRL | CPUID_7_0_EDX_SPEC_CTRL_SSBD,
3103         /* XSAVES is added in version 5 */
3104         .features[FEAT_XSAVE] =
3105             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
3106             CPUID_XSAVE_XGETBV1,
3107         .features[FEAT_6_EAX] =
3108             CPUID_6_EAX_ARAT,
3109         /* Missing: Mode-based execute control (XS/XU), processor tracing, TSC scaling */
3110         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
3111              MSR_VMX_BASIC_TRUE_CTLS,
3112         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
3113              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
3114              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
3115         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
3116              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
3117              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
3118              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3119              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3120              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3121              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
3122         .features[FEAT_VMX_EXIT_CTLS] =
3123              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3124              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3125              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
3126              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3127              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3128         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
3129              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
3130         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
3131              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
3132              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
3133         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3134              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3135              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3136              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3137              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3138              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3139              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3140              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3141              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3142              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3143              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3144              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3145         .features[FEAT_VMX_SECONDARY_CTLS] =
3146              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3147              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3148              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3149              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3150              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3151              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
3152              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
3153              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3154              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
3155              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
3156         .xlevel = 0x80000008,
3157         .model_id = "Intel Xeon Processor (Cascadelake)",
3158         .versions = (X86CPUVersionDefinition[]) {
3159             { .version = 1 },
3160             { .version = 2,
3161               .note = "ARCH_CAPABILITIES",
3162               .props = (PropValue[]) {
3163                   { "arch-capabilities", "on" },
3164                   { "rdctl-no", "on" },
3165                   { "ibrs-all", "on" },
3166                   { "skip-l1dfl-vmentry", "on" },
3167                   { "mds-no", "on" },
3168                   { /* end of list */ }
3169               },
3170             },
3171             { .version = 3,
3172               .alias = "Cascadelake-Server-noTSX",
3173               .note = "ARCH_CAPABILITIES, no TSX",
3174               .props = (PropValue[]) {
3175                   { "hle", "off" },
3176                   { "rtm", "off" },
3177                   { /* end of list */ }
3178               },
3179             },
3180             { .version = 4,
3181               .note = "ARCH_CAPABILITIES, no TSX",
3182               .props = (PropValue[]) {
3183                   { "vmx-eptp-switching", "on" },
3184                   { /* end of list */ }
3185               },
3186             },
3187             { .version = 5,
3188               .note = "ARCH_CAPABILITIES, EPT switching, XSAVES, no TSX",
3189               .props = (PropValue[]) {
3190                   { "xsaves", "on" },
3191                   { "vmx-xsaves", "on" },
3192                   { /* end of list */ }
3193               },
3194             },
3195             { /* end of list */ }
3196         }
3197     },
3198     {
3199         .name = "Cooperlake",
3200         .level = 0xd,
3201         .vendor = CPUID_VENDOR_INTEL,
3202         .family = 6,
3203         .model = 85,
3204         .stepping = 10,
3205         .features[FEAT_1_EDX] =
3206             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3207             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3208             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3209             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3210             CPUID_DE | CPUID_FP87,
3211         .features[FEAT_1_ECX] =
3212             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
3213             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
3214             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
3215             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
3216             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
3217             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
3218         .features[FEAT_8000_0001_EDX] =
3219             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
3220             CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
3221         .features[FEAT_8000_0001_ECX] =
3222             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
3223         .features[FEAT_7_0_EBX] =
3224             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
3225             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
3226             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
3227             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
3228             CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLWB |
3229             CPUID_7_0_EBX_AVX512F | CPUID_7_0_EBX_AVX512DQ |
3230             CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512CD |
3231             CPUID_7_0_EBX_AVX512VL | CPUID_7_0_EBX_CLFLUSHOPT,
3232         .features[FEAT_7_0_ECX] =
3233             CPUID_7_0_ECX_PKU |
3234             CPUID_7_0_ECX_AVX512VNNI,
3235         .features[FEAT_7_0_EDX] =
3236             CPUID_7_0_EDX_SPEC_CTRL | CPUID_7_0_EDX_STIBP |
3237             CPUID_7_0_EDX_SPEC_CTRL_SSBD | CPUID_7_0_EDX_ARCH_CAPABILITIES,
3238         .features[FEAT_ARCH_CAPABILITIES] =
3239             MSR_ARCH_CAP_RDCL_NO | MSR_ARCH_CAP_IBRS_ALL |
3240             MSR_ARCH_CAP_SKIP_L1DFL_VMENTRY | MSR_ARCH_CAP_MDS_NO |
3241             MSR_ARCH_CAP_PSCHANGE_MC_NO | MSR_ARCH_CAP_TAA_NO,
3242         .features[FEAT_7_1_EAX] =
3243             CPUID_7_1_EAX_AVX512_BF16,
3244         /* XSAVES is added in version 2 */
3245         .features[FEAT_XSAVE] =
3246             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
3247             CPUID_XSAVE_XGETBV1,
3248         .features[FEAT_6_EAX] =
3249             CPUID_6_EAX_ARAT,
3250         /* Missing: Mode-based execute control (XS/XU), processor tracing, TSC scaling */
3251         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
3252              MSR_VMX_BASIC_TRUE_CTLS,
3253         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
3254              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
3255              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
3256         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
3257              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
3258              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
3259              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3260              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3261              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3262              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
3263         .features[FEAT_VMX_EXIT_CTLS] =
3264              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3265              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3266              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
3267              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3268              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3269         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
3270              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
3271         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
3272              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
3273              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
3274         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3275              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3276              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3277              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3278              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3279              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3280              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3281              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3282              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3283              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3284              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3285              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3286         .features[FEAT_VMX_SECONDARY_CTLS] =
3287              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3288              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3289              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3290              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3291              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3292              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
3293              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
3294              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3295              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
3296              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
3297         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
3298         .xlevel = 0x80000008,
3299         .model_id = "Intel Xeon Processor (Cooperlake)",
3300         .versions = (X86CPUVersionDefinition[]) {
3301             { .version = 1 },
3302             { .version = 2,
3303               .note = "XSAVES",
3304               .props = (PropValue[]) {
3305                   { "xsaves", "on" },
3306                   { "vmx-xsaves", "on" },
3307                   { /* end of list */ }
3308               },
3309             },
3310             { /* end of list */ }
3311         }
3312     },
3313     {
3314         .name = "Icelake-Server",
3315         .level = 0xd,
3316         .vendor = CPUID_VENDOR_INTEL,
3317         .family = 6,
3318         .model = 134,
3319         .stepping = 0,
3320         .features[FEAT_1_EDX] =
3321             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3322             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3323             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3324             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3325             CPUID_DE | CPUID_FP87,
3326         .features[FEAT_1_ECX] =
3327             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
3328             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
3329             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
3330             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
3331             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
3332             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
3333         .features[FEAT_8000_0001_EDX] =
3334             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
3335             CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
3336         .features[FEAT_8000_0001_ECX] =
3337             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
3338         .features[FEAT_8000_0008_EBX] =
3339             CPUID_8000_0008_EBX_WBNOINVD,
3340         .features[FEAT_7_0_EBX] =
3341             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
3342             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
3343             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
3344             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
3345             CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLWB |
3346             CPUID_7_0_EBX_AVX512F | CPUID_7_0_EBX_AVX512DQ |
3347             CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512CD |
3348             CPUID_7_0_EBX_AVX512VL | CPUID_7_0_EBX_CLFLUSHOPT,
3349         .features[FEAT_7_0_ECX] =
3350             CPUID_7_0_ECX_AVX512_VBMI | CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_PKU |
3351             CPUID_7_0_ECX_AVX512_VBMI2 | CPUID_7_0_ECX_GFNI |
3352             CPUID_7_0_ECX_VAES | CPUID_7_0_ECX_VPCLMULQDQ |
3353             CPUID_7_0_ECX_AVX512VNNI | CPUID_7_0_ECX_AVX512BITALG |
3354             CPUID_7_0_ECX_AVX512_VPOPCNTDQ | CPUID_7_0_ECX_LA57,
3355         .features[FEAT_7_0_EDX] =
3356             CPUID_7_0_EDX_SPEC_CTRL | CPUID_7_0_EDX_SPEC_CTRL_SSBD,
3357         /* XSAVES is added in version 5 */
3358         .features[FEAT_XSAVE] =
3359             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
3360             CPUID_XSAVE_XGETBV1,
3361         .features[FEAT_6_EAX] =
3362             CPUID_6_EAX_ARAT,
3363         /* Missing: Mode-based execute control (XS/XU), processor tracing, TSC scaling */
3364         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
3365              MSR_VMX_BASIC_TRUE_CTLS,
3366         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
3367              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
3368              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
3369         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
3370              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
3371              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
3372              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3373              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3374              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3375              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
3376         .features[FEAT_VMX_EXIT_CTLS] =
3377              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3378              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3379              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
3380              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3381              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3382         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
3383              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
3384         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
3385              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
3386              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
3387         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3388              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3389              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3390              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3391              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3392              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3393              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3394              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3395              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3396              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3397              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3398              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3399         .features[FEAT_VMX_SECONDARY_CTLS] =
3400              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3401              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3402              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3403              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3404              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3405              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
3406              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
3407              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3408              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS,
3409         .xlevel = 0x80000008,
3410         .model_id = "Intel Xeon Processor (Icelake)",
3411         .versions = (X86CPUVersionDefinition[]) {
3412             { .version = 1 },
3413             {
3414                 .version = 2,
3415                 .note = "no TSX",
3416                 .alias = "Icelake-Server-noTSX",
3417                 .props = (PropValue[]) {
3418                     { "hle", "off" },
3419                     { "rtm", "off" },
3420                     { /* end of list */ }
3421                 },
3422             },
3423             {
3424                 .version = 3,
3425                 .props = (PropValue[]) {
3426                     { "arch-capabilities", "on" },
3427                     { "rdctl-no", "on" },
3428                     { "ibrs-all", "on" },
3429                     { "skip-l1dfl-vmentry", "on" },
3430                     { "mds-no", "on" },
3431                     { "pschange-mc-no", "on" },
3432                     { "taa-no", "on" },
3433                     { /* end of list */ }
3434                 },
3435             },
3436             {
3437                 .version = 4,
3438                 .props = (PropValue[]) {
3439                     { "sha-ni", "on" },
3440                     { "avx512ifma", "on" },
3441                     { "rdpid", "on" },
3442                     { "fsrm", "on" },
3443                     { "vmx-rdseed-exit", "on" },
3444                     { "vmx-pml", "on" },
3445                     { "vmx-eptp-switching", "on" },
3446                     { "model", "106" },
3447                     { /* end of list */ }
3448                 },
3449             },
3450             {
3451                 .version = 5,
3452                 .note = "XSAVES",
3453                 .props = (PropValue[]) {
3454                     { "xsaves", "on" },
3455                     { "vmx-xsaves", "on" },
3456                     { /* end of list */ }
3457                 },
3458             },
3459             {
3460                 .version = 6,
3461                 .note = "5-level EPT",
3462                 .props = (PropValue[]) {
3463                     { "vmx-page-walk-5", "on" },
3464                     { /* end of list */ }
3465                 },
3466             },
3467             { /* end of list */ }
3468         }
3469     },
3470     {
3471         .name = "Denverton",
3472         .level = 21,
3473         .vendor = CPUID_VENDOR_INTEL,
3474         .family = 6,
3475         .model = 95,
3476         .stepping = 1,
3477         .features[FEAT_1_EDX] =
3478             CPUID_FP87 | CPUID_VME | CPUID_DE | CPUID_PSE | CPUID_TSC |
3479             CPUID_MSR | CPUID_PAE | CPUID_MCE | CPUID_CX8 | CPUID_APIC |
3480             CPUID_SEP | CPUID_MTRR | CPUID_PGE | CPUID_MCA | CPUID_CMOV |
3481             CPUID_PAT | CPUID_PSE36 | CPUID_CLFLUSH | CPUID_MMX | CPUID_FXSR |
3482             CPUID_SSE | CPUID_SSE2,
3483         .features[FEAT_1_ECX] =
3484             CPUID_EXT_SSE3 | CPUID_EXT_PCLMULQDQ | CPUID_EXT_MONITOR |
3485             CPUID_EXT_SSSE3 | CPUID_EXT_CX16 | CPUID_EXT_SSE41 |
3486             CPUID_EXT_SSE42 | CPUID_EXT_X2APIC | CPUID_EXT_MOVBE |
3487             CPUID_EXT_POPCNT | CPUID_EXT_TSC_DEADLINE_TIMER |
3488             CPUID_EXT_AES | CPUID_EXT_XSAVE | CPUID_EXT_RDRAND,
3489         .features[FEAT_8000_0001_EDX] =
3490             CPUID_EXT2_SYSCALL | CPUID_EXT2_NX | CPUID_EXT2_PDPE1GB |
3491             CPUID_EXT2_RDTSCP | CPUID_EXT2_LM,
3492         .features[FEAT_8000_0001_ECX] =
3493             CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
3494         .features[FEAT_7_0_EBX] =
3495             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_ERMS |
3496             CPUID_7_0_EBX_MPX | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_SMAP |
3497             CPUID_7_0_EBX_CLFLUSHOPT | CPUID_7_0_EBX_SHA_NI,
3498         .features[FEAT_7_0_EDX] =
3499             CPUID_7_0_EDX_SPEC_CTRL | CPUID_7_0_EDX_ARCH_CAPABILITIES |
3500             CPUID_7_0_EDX_SPEC_CTRL_SSBD,
3501         /* XSAVES is added in version 3 */
3502         .features[FEAT_XSAVE] =
3503             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC | CPUID_XSAVE_XGETBV1,
3504         .features[FEAT_6_EAX] =
3505             CPUID_6_EAX_ARAT,
3506         .features[FEAT_ARCH_CAPABILITIES] =
3507             MSR_ARCH_CAP_RDCL_NO | MSR_ARCH_CAP_SKIP_L1DFL_VMENTRY,
3508         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
3509              MSR_VMX_BASIC_TRUE_CTLS,
3510         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
3511              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
3512              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
3513         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
3514              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
3515              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
3516              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3517              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3518              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3519              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
3520         .features[FEAT_VMX_EXIT_CTLS] =
3521              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3522              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3523              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
3524              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3525              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3526         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
3527              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
3528         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
3529              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
3530              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
3531         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3532              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3533              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3534              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3535              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3536              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3537              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3538              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3539              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3540              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3541              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3542              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3543         .features[FEAT_VMX_SECONDARY_CTLS] =
3544              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3545              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3546              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3547              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3548              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3549              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
3550              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
3551              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3552              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
3553              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
3554         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
3555         .xlevel = 0x80000008,
3556         .model_id = "Intel Atom Processor (Denverton)",
3557         .versions = (X86CPUVersionDefinition[]) {
3558             { .version = 1 },
3559             {
3560                 .version = 2,
3561                 .note = "no MPX, no MONITOR",
3562                 .props = (PropValue[]) {
3563                     { "monitor", "off" },
3564                     { "mpx", "off" },
3565                     { /* end of list */ },
3566                 },
3567             },
3568             {
3569                 .version = 3,
3570                 .note = "XSAVES, no MPX, no MONITOR",
3571                 .props = (PropValue[]) {
3572                     { "xsaves", "on" },
3573                     { "vmx-xsaves", "on" },
3574                     { /* end of list */ },
3575                 },
3576             },
3577             { /* end of list */ },
3578         },
3579     },
3580     {
3581         .name = "Snowridge",
3582         .level = 27,
3583         .vendor = CPUID_VENDOR_INTEL,
3584         .family = 6,
3585         .model = 134,
3586         .stepping = 1,
3587         .features[FEAT_1_EDX] =
3588             /* missing: CPUID_PN CPUID_IA64 */
3589             /* missing: CPUID_DTS, CPUID_HT, CPUID_TM, CPUID_PBE */
3590             CPUID_FP87 | CPUID_VME | CPUID_DE | CPUID_PSE |
3591             CPUID_TSC | CPUID_MSR | CPUID_PAE | CPUID_MCE |
3592             CPUID_CX8 | CPUID_APIC | CPUID_SEP |
3593             CPUID_MTRR | CPUID_PGE | CPUID_MCA | CPUID_CMOV |
3594             CPUID_PAT | CPUID_PSE36 | CPUID_CLFLUSH |
3595             CPUID_MMX |
3596             CPUID_FXSR | CPUID_SSE | CPUID_SSE2,
3597         .features[FEAT_1_ECX] =
3598             CPUID_EXT_SSE3 | CPUID_EXT_PCLMULQDQ | CPUID_EXT_MONITOR |
3599             CPUID_EXT_SSSE3 |
3600             CPUID_EXT_CX16 |
3601             CPUID_EXT_SSE41 |
3602             CPUID_EXT_SSE42 | CPUID_EXT_X2APIC | CPUID_EXT_MOVBE |
3603             CPUID_EXT_POPCNT |
3604             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_AES | CPUID_EXT_XSAVE |
3605             CPUID_EXT_RDRAND,
3606         .features[FEAT_8000_0001_EDX] =
3607             CPUID_EXT2_SYSCALL |
3608             CPUID_EXT2_NX |
3609             CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
3610             CPUID_EXT2_LM,
3611         .features[FEAT_8000_0001_ECX] =
3612             CPUID_EXT3_LAHF_LM |
3613             CPUID_EXT3_3DNOWPREFETCH,
3614         .features[FEAT_7_0_EBX] =
3615             CPUID_7_0_EBX_FSGSBASE |
3616             CPUID_7_0_EBX_SMEP |
3617             CPUID_7_0_EBX_ERMS |
3618             CPUID_7_0_EBX_MPX |  /* missing bits 13, 15 */
3619             CPUID_7_0_EBX_RDSEED |
3620             CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLFLUSHOPT |
3621             CPUID_7_0_EBX_CLWB |
3622             CPUID_7_0_EBX_SHA_NI,
3623         .features[FEAT_7_0_ECX] =
3624             CPUID_7_0_ECX_UMIP |
3625             /* missing bit 5 */
3626             CPUID_7_0_ECX_GFNI |
3627             CPUID_7_0_ECX_MOVDIRI | CPUID_7_0_ECX_CLDEMOTE |
3628             CPUID_7_0_ECX_MOVDIR64B,
3629         .features[FEAT_7_0_EDX] =
3630             CPUID_7_0_EDX_SPEC_CTRL |
3631             CPUID_7_0_EDX_ARCH_CAPABILITIES | CPUID_7_0_EDX_SPEC_CTRL_SSBD |
3632             CPUID_7_0_EDX_CORE_CAPABILITY,
3633         .features[FEAT_CORE_CAPABILITY] =
3634             MSR_CORE_CAP_SPLIT_LOCK_DETECT,
3635         /* XSAVES is added in version 3 */
3636         .features[FEAT_XSAVE] =
3637             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
3638             CPUID_XSAVE_XGETBV1,
3639         .features[FEAT_6_EAX] =
3640             CPUID_6_EAX_ARAT,
3641         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
3642              MSR_VMX_BASIC_TRUE_CTLS,
3643         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
3644              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
3645              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
3646         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
3647              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
3648              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
3649              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3650              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3651              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3652              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
3653         .features[FEAT_VMX_EXIT_CTLS] =
3654              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3655              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3656              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
3657              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3658              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3659         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
3660              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
3661         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
3662              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
3663              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
3664         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3665              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3666              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3667              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3668              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3669              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3670              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3671              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3672              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3673              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3674              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3675              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3676         .features[FEAT_VMX_SECONDARY_CTLS] =
3677              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3678              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3679              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3680              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3681              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3682              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
3683              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
3684              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3685              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
3686              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
3687         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
3688         .xlevel = 0x80000008,
3689         .model_id = "Intel Atom Processor (SnowRidge)",
3690         .versions = (X86CPUVersionDefinition[]) {
3691             { .version = 1 },
3692             {
3693                 .version = 2,
3694                 .props = (PropValue[]) {
3695                     { "mpx", "off" },
3696                     { "model-id", "Intel Atom Processor (Snowridge, no MPX)" },
3697                     { /* end of list */ },
3698                 },
3699             },
3700             {
3701                 .version = 3,
3702                 .note = "XSAVES, no MPX",
3703                 .props = (PropValue[]) {
3704                     { "xsaves", "on" },
3705                     { "vmx-xsaves", "on" },
3706                     { /* end of list */ },
3707                 },
3708             },
3709             {
3710                 .version = 4,
3711                 .note = "no split lock detect, no core-capability",
3712                 .props = (PropValue[]) {
3713                     { "split-lock-detect", "off" },
3714                     { "core-capability", "off" },
3715                     { /* end of list */ },
3716                 },
3717             },
3718             { /* end of list */ },
3719         },
3720     },
3721     {
3722         .name = "KnightsMill",
3723         .level = 0xd,
3724         .vendor = CPUID_VENDOR_INTEL,
3725         .family = 6,
3726         .model = 133,
3727         .stepping = 0,
3728         .features[FEAT_1_EDX] =
3729             CPUID_VME | CPUID_SS | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR |
3730             CPUID_MMX | CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV |
3731             CPUID_MCA | CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC |
3732             CPUID_CX8 | CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC |
3733             CPUID_PSE | CPUID_DE | CPUID_FP87,
3734         .features[FEAT_1_ECX] =
3735             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
3736             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
3737             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
3738             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
3739             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
3740             CPUID_EXT_F16C | CPUID_EXT_RDRAND,
3741         .features[FEAT_8000_0001_EDX] =
3742             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
3743             CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
3744         .features[FEAT_8000_0001_ECX] =
3745             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
3746         .features[FEAT_7_0_EBX] =
3747             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_AVX2 |
3748             CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS |
3749             CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_AVX512F |
3750             CPUID_7_0_EBX_AVX512CD | CPUID_7_0_EBX_AVX512PF |
3751             CPUID_7_0_EBX_AVX512ER,
3752         .features[FEAT_7_0_ECX] =
3753             CPUID_7_0_ECX_AVX512_VPOPCNTDQ,
3754         .features[FEAT_7_0_EDX] =
3755             CPUID_7_0_EDX_AVX512_4VNNIW | CPUID_7_0_EDX_AVX512_4FMAPS,
3756         .features[FEAT_XSAVE] =
3757             CPUID_XSAVE_XSAVEOPT,
3758         .features[FEAT_6_EAX] =
3759             CPUID_6_EAX_ARAT,
3760         .xlevel = 0x80000008,
3761         .model_id = "Intel Xeon Phi Processor (Knights Mill)",
3762     },
3763     {
3764         .name = "Opteron_G1",
3765         .level = 5,
3766         .vendor = CPUID_VENDOR_AMD,
3767         .family = 15,
3768         .model = 6,
3769         .stepping = 1,
3770         .features[FEAT_1_EDX] =
3771             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3772             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3773             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3774             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3775             CPUID_DE | CPUID_FP87,
3776         .features[FEAT_1_ECX] =
3777             CPUID_EXT_SSE3,
3778         .features[FEAT_8000_0001_EDX] =
3779             CPUID_EXT2_LM | CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
3780         .xlevel = 0x80000008,
3781         .model_id = "AMD Opteron 240 (Gen 1 Class Opteron)",
3782     },
3783     {
3784         .name = "Opteron_G2",
3785         .level = 5,
3786         .vendor = CPUID_VENDOR_AMD,
3787         .family = 15,
3788         .model = 6,
3789         .stepping = 1,
3790         .features[FEAT_1_EDX] =
3791             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3792             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3793             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3794             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3795             CPUID_DE | CPUID_FP87,
3796         .features[FEAT_1_ECX] =
3797             CPUID_EXT_CX16 | CPUID_EXT_SSE3,
3798         .features[FEAT_8000_0001_EDX] =
3799             CPUID_EXT2_LM | CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
3800         .features[FEAT_8000_0001_ECX] =
3801             CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM,
3802         .xlevel = 0x80000008,
3803         .model_id = "AMD Opteron 22xx (Gen 2 Class Opteron)",
3804     },
3805     {
3806         .name = "Opteron_G3",
3807         .level = 5,
3808         .vendor = CPUID_VENDOR_AMD,
3809         .family = 16,
3810         .model = 2,
3811         .stepping = 3,
3812         .features[FEAT_1_EDX] =
3813             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3814             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3815             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3816             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3817             CPUID_DE | CPUID_FP87,
3818         .features[FEAT_1_ECX] =
3819             CPUID_EXT_POPCNT | CPUID_EXT_CX16 | CPUID_EXT_MONITOR |
3820             CPUID_EXT_SSE3,
3821         .features[FEAT_8000_0001_EDX] =
3822             CPUID_EXT2_LM | CPUID_EXT2_NX | CPUID_EXT2_SYSCALL |
3823             CPUID_EXT2_RDTSCP,
3824         .features[FEAT_8000_0001_ECX] =
3825             CPUID_EXT3_MISALIGNSSE | CPUID_EXT3_SSE4A |
3826             CPUID_EXT3_ABM | CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM,
3827         .xlevel = 0x80000008,
3828         .model_id = "AMD Opteron 23xx (Gen 3 Class Opteron)",
3829     },
3830     {
3831         .name = "Opteron_G4",
3832         .level = 0xd,
3833         .vendor = CPUID_VENDOR_AMD,
3834         .family = 21,
3835         .model = 1,
3836         .stepping = 2,
3837         .features[FEAT_1_EDX] =
3838             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3839             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3840             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3841             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3842             CPUID_DE | CPUID_FP87,
3843         .features[FEAT_1_ECX] =
3844             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
3845             CPUID_EXT_POPCNT | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
3846             CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | CPUID_EXT_PCLMULQDQ |
3847             CPUID_EXT_SSE3,
3848         .features[FEAT_8000_0001_EDX] =
3849             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_NX |
3850             CPUID_EXT2_SYSCALL | CPUID_EXT2_RDTSCP,
3851         .features[FEAT_8000_0001_ECX] =
3852             CPUID_EXT3_FMA4 | CPUID_EXT3_XOP |
3853             CPUID_EXT3_3DNOWPREFETCH | CPUID_EXT3_MISALIGNSSE |
3854             CPUID_EXT3_SSE4A | CPUID_EXT3_ABM | CPUID_EXT3_SVM |
3855             CPUID_EXT3_LAHF_LM,
3856         .features[FEAT_SVM] =
3857             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE,
3858         /* no xsaveopt! */
3859         .xlevel = 0x8000001A,
3860         .model_id = "AMD Opteron 62xx class CPU",
3861     },
3862     {
3863         .name = "Opteron_G5",
3864         .level = 0xd,
3865         .vendor = CPUID_VENDOR_AMD,
3866         .family = 21,
3867         .model = 2,
3868         .stepping = 0,
3869         .features[FEAT_1_EDX] =
3870             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3871             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3872             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3873             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3874             CPUID_DE | CPUID_FP87,
3875         .features[FEAT_1_ECX] =
3876             CPUID_EXT_F16C | CPUID_EXT_AVX | CPUID_EXT_XSAVE |
3877             CPUID_EXT_AES | CPUID_EXT_POPCNT | CPUID_EXT_SSE42 |
3878             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_FMA |
3879             CPUID_EXT_SSSE3 | CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3,
3880         .features[FEAT_8000_0001_EDX] =
3881             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_NX |
3882             CPUID_EXT2_SYSCALL | CPUID_EXT2_RDTSCP,
3883         .features[FEAT_8000_0001_ECX] =
3884             CPUID_EXT3_TBM | CPUID_EXT3_FMA4 | CPUID_EXT3_XOP |
3885             CPUID_EXT3_3DNOWPREFETCH | CPUID_EXT3_MISALIGNSSE |
3886             CPUID_EXT3_SSE4A | CPUID_EXT3_ABM | CPUID_EXT3_SVM |
3887             CPUID_EXT3_LAHF_LM,
3888         .features[FEAT_SVM] =
3889             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE,
3890         /* no xsaveopt! */
3891         .xlevel = 0x8000001A,
3892         .model_id = "AMD Opteron 63xx class CPU",
3893     },
3894     {
3895         .name = "EPYC",
3896         .level = 0xd,
3897         .vendor = CPUID_VENDOR_AMD,
3898         .family = 23,
3899         .model = 1,
3900         .stepping = 2,
3901         .features[FEAT_1_EDX] =
3902             CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | CPUID_CLFLUSH |
3903             CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | CPUID_PGE |
3904             CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | CPUID_MCE |
3905             CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | CPUID_DE |
3906             CPUID_VME | CPUID_FP87,
3907         .features[FEAT_1_ECX] =
3908             CPUID_EXT_RDRAND | CPUID_EXT_F16C | CPUID_EXT_AVX |
3909             CPUID_EXT_XSAVE | CPUID_EXT_AES |  CPUID_EXT_POPCNT |
3910             CPUID_EXT_MOVBE | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
3911             CPUID_EXT_CX16 | CPUID_EXT_FMA | CPUID_EXT_SSSE3 |
3912             CPUID_EXT_MONITOR | CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3,
3913         .features[FEAT_8000_0001_EDX] =
3914             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_PDPE1GB |
3915             CPUID_EXT2_FFXSR | CPUID_EXT2_MMXEXT | CPUID_EXT2_NX |
3916             CPUID_EXT2_SYSCALL,
3917         .features[FEAT_8000_0001_ECX] =
3918             CPUID_EXT3_OSVW | CPUID_EXT3_3DNOWPREFETCH |
3919             CPUID_EXT3_MISALIGNSSE | CPUID_EXT3_SSE4A | CPUID_EXT3_ABM |
3920             CPUID_EXT3_CR8LEG | CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM |
3921             CPUID_EXT3_TOPOEXT,
3922         .features[FEAT_7_0_EBX] =
3923             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_AVX2 |
3924             CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_RDSEED |
3925             CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLFLUSHOPT |
3926             CPUID_7_0_EBX_SHA_NI,
3927         .features[FEAT_XSAVE] =
3928             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
3929             CPUID_XSAVE_XGETBV1,
3930         .features[FEAT_6_EAX] =
3931             CPUID_6_EAX_ARAT,
3932         .features[FEAT_SVM] =
3933             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE,
3934         .xlevel = 0x8000001E,
3935         .model_id = "AMD EPYC Processor",
3936         .cache_info = &epyc_cache_info,
3937         .versions = (X86CPUVersionDefinition[]) {
3938             { .version = 1 },
3939             {
3940                 .version = 2,
3941                 .alias = "EPYC-IBPB",
3942                 .props = (PropValue[]) {
3943                     { "ibpb", "on" },
3944                     { "model-id",
3945                       "AMD EPYC Processor (with IBPB)" },
3946                     { /* end of list */ }
3947                 }
3948             },
3949             {
3950                 .version = 3,
3951                 .props = (PropValue[]) {
3952                     { "ibpb", "on" },
3953                     { "perfctr-core", "on" },
3954                     { "clzero", "on" },
3955                     { "xsaveerptr", "on" },
3956                     { "xsaves", "on" },
3957                     { "model-id",
3958                       "AMD EPYC Processor" },
3959                     { /* end of list */ }
3960                 }
3961             },
3962             { /* end of list */ }
3963         }
3964     },
3965     {
3966         .name = "Dhyana",
3967         .level = 0xd,
3968         .vendor = CPUID_VENDOR_HYGON,
3969         .family = 24,
3970         .model = 0,
3971         .stepping = 1,
3972         .features[FEAT_1_EDX] =
3973             CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | CPUID_CLFLUSH |
3974             CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | CPUID_PGE |
3975             CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | CPUID_MCE |
3976             CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | CPUID_DE |
3977             CPUID_VME | CPUID_FP87,
3978         .features[FEAT_1_ECX] =
3979             CPUID_EXT_RDRAND | CPUID_EXT_F16C | CPUID_EXT_AVX |
3980             CPUID_EXT_XSAVE | CPUID_EXT_POPCNT |
3981             CPUID_EXT_MOVBE | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
3982             CPUID_EXT_CX16 | CPUID_EXT_FMA | CPUID_EXT_SSSE3 |
3983             CPUID_EXT_MONITOR | CPUID_EXT_SSE3,
3984         .features[FEAT_8000_0001_EDX] =
3985             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_PDPE1GB |
3986             CPUID_EXT2_FFXSR | CPUID_EXT2_MMXEXT | CPUID_EXT2_NX |
3987             CPUID_EXT2_SYSCALL,
3988         .features[FEAT_8000_0001_ECX] =
3989             CPUID_EXT3_OSVW | CPUID_EXT3_3DNOWPREFETCH |
3990             CPUID_EXT3_MISALIGNSSE | CPUID_EXT3_SSE4A | CPUID_EXT3_ABM |
3991             CPUID_EXT3_CR8LEG | CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM |
3992             CPUID_EXT3_TOPOEXT,
3993         .features[FEAT_8000_0008_EBX] =
3994             CPUID_8000_0008_EBX_IBPB,
3995         .features[FEAT_7_0_EBX] =
3996             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_AVX2 |
3997             CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_RDSEED |
3998             CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLFLUSHOPT,
3999         /* XSAVES is added in version 2 */
4000         .features[FEAT_XSAVE] =
4001             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
4002             CPUID_XSAVE_XGETBV1,
4003         .features[FEAT_6_EAX] =
4004             CPUID_6_EAX_ARAT,
4005         .features[FEAT_SVM] =
4006             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE,
4007         .xlevel = 0x8000001E,
4008         .model_id = "Hygon Dhyana Processor",
4009         .cache_info = &epyc_cache_info,
4010         .versions = (X86CPUVersionDefinition[]) {
4011             { .version = 1 },
4012             { .version = 2,
4013               .note = "XSAVES",
4014               .props = (PropValue[]) {
4015                   { "xsaves", "on" },
4016                   { /* end of list */ }
4017               },
4018             },
4019             { /* end of list */ }
4020         }
4021     },
4022     {
4023         .name = "EPYC-Rome",
4024         .level = 0xd,
4025         .vendor = CPUID_VENDOR_AMD,
4026         .family = 23,
4027         .model = 49,
4028         .stepping = 0,
4029         .features[FEAT_1_EDX] =
4030             CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | CPUID_CLFLUSH |
4031             CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | CPUID_PGE |
4032             CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | CPUID_MCE |
4033             CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | CPUID_DE |
4034             CPUID_VME | CPUID_FP87,
4035         .features[FEAT_1_ECX] =
4036             CPUID_EXT_RDRAND | CPUID_EXT_F16C | CPUID_EXT_AVX |
4037             CPUID_EXT_XSAVE | CPUID_EXT_AES |  CPUID_EXT_POPCNT |
4038             CPUID_EXT_MOVBE | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
4039             CPUID_EXT_CX16 | CPUID_EXT_FMA | CPUID_EXT_SSSE3 |
4040             CPUID_EXT_MONITOR | CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3,
4041         .features[FEAT_8000_0001_EDX] =
4042             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_PDPE1GB |
4043             CPUID_EXT2_FFXSR | CPUID_EXT2_MMXEXT | CPUID_EXT2_NX |
4044             CPUID_EXT2_SYSCALL,
4045         .features[FEAT_8000_0001_ECX] =
4046             CPUID_EXT3_OSVW | CPUID_EXT3_3DNOWPREFETCH |
4047             CPUID_EXT3_MISALIGNSSE | CPUID_EXT3_SSE4A | CPUID_EXT3_ABM |
4048             CPUID_EXT3_CR8LEG | CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM |
4049             CPUID_EXT3_TOPOEXT | CPUID_EXT3_PERFCORE,
4050         .features[FEAT_8000_0008_EBX] =
4051             CPUID_8000_0008_EBX_CLZERO | CPUID_8000_0008_EBX_XSAVEERPTR |
4052             CPUID_8000_0008_EBX_WBNOINVD | CPUID_8000_0008_EBX_IBPB |
4053             CPUID_8000_0008_EBX_STIBP,
4054         .features[FEAT_7_0_EBX] =
4055             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_AVX2 |
4056             CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_RDSEED |
4057             CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLFLUSHOPT |
4058             CPUID_7_0_EBX_SHA_NI | CPUID_7_0_EBX_CLWB,
4059         .features[FEAT_7_0_ECX] =
4060             CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_RDPID,
4061         .features[FEAT_XSAVE] =
4062             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
4063             CPUID_XSAVE_XGETBV1 | CPUID_XSAVE_XSAVES,
4064         .features[FEAT_6_EAX] =
4065             CPUID_6_EAX_ARAT,
4066         .features[FEAT_SVM] =
4067             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE,
4068         .xlevel = 0x8000001E,
4069         .model_id = "AMD EPYC-Rome Processor",
4070         .cache_info = &epyc_rome_cache_info,
4071         .versions = (X86CPUVersionDefinition[]) {
4072             { .version = 1 },
4073             {
4074                 .version = 2,
4075                 .props = (PropValue[]) {
4076                     { "ibrs", "on" },
4077                     { "amd-ssbd", "on" },
4078                     { /* end of list */ }
4079                 }
4080             },
4081             { /* end of list */ }
4082         }
4083     },
4084     {
4085         .name = "EPYC-Milan",
4086         .level = 0xd,
4087         .vendor = CPUID_VENDOR_AMD,
4088         .family = 25,
4089         .model = 1,
4090         .stepping = 1,
4091         .features[FEAT_1_EDX] =
4092             CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | CPUID_CLFLUSH |
4093             CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | CPUID_PGE |
4094             CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | CPUID_MCE |
4095             CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | CPUID_DE |
4096             CPUID_VME | CPUID_FP87,
4097         .features[FEAT_1_ECX] =
4098             CPUID_EXT_RDRAND | CPUID_EXT_F16C | CPUID_EXT_AVX |
4099             CPUID_EXT_XSAVE | CPUID_EXT_AES |  CPUID_EXT_POPCNT |
4100             CPUID_EXT_MOVBE | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
4101             CPUID_EXT_CX16 | CPUID_EXT_FMA | CPUID_EXT_SSSE3 |
4102             CPUID_EXT_MONITOR | CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
4103             CPUID_EXT_PCID,
4104         .features[FEAT_8000_0001_EDX] =
4105             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_PDPE1GB |
4106             CPUID_EXT2_FFXSR | CPUID_EXT2_MMXEXT | CPUID_EXT2_NX |
4107             CPUID_EXT2_SYSCALL,
4108         .features[FEAT_8000_0001_ECX] =
4109             CPUID_EXT3_OSVW | CPUID_EXT3_3DNOWPREFETCH |
4110             CPUID_EXT3_MISALIGNSSE | CPUID_EXT3_SSE4A | CPUID_EXT3_ABM |
4111             CPUID_EXT3_CR8LEG | CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM |
4112             CPUID_EXT3_TOPOEXT | CPUID_EXT3_PERFCORE,
4113         .features[FEAT_8000_0008_EBX] =
4114             CPUID_8000_0008_EBX_CLZERO | CPUID_8000_0008_EBX_XSAVEERPTR |
4115             CPUID_8000_0008_EBX_WBNOINVD | CPUID_8000_0008_EBX_IBPB |
4116             CPUID_8000_0008_EBX_IBRS | CPUID_8000_0008_EBX_STIBP |
4117             CPUID_8000_0008_EBX_AMD_SSBD,
4118         .features[FEAT_7_0_EBX] =
4119             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_AVX2 |
4120             CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_RDSEED |
4121             CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLFLUSHOPT |
4122             CPUID_7_0_EBX_SHA_NI | CPUID_7_0_EBX_CLWB | CPUID_7_0_EBX_ERMS |
4123             CPUID_7_0_EBX_INVPCID,
4124         .features[FEAT_7_0_ECX] =
4125             CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_RDPID | CPUID_7_0_ECX_PKU,
4126         .features[FEAT_7_0_EDX] =
4127             CPUID_7_0_EDX_FSRM,
4128         .features[FEAT_XSAVE] =
4129             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
4130             CPUID_XSAVE_XGETBV1 | CPUID_XSAVE_XSAVES,
4131         .features[FEAT_6_EAX] =
4132             CPUID_6_EAX_ARAT,
4133         .features[FEAT_SVM] =
4134             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE | CPUID_SVM_SVME_ADDR_CHK,
4135         .xlevel = 0x8000001E,
4136         .model_id = "AMD EPYC-Milan Processor",
4137         .cache_info = &epyc_milan_cache_info,
4138     },
4139 };
4140 
4141 /*
4142  * We resolve CPU model aliases using -v1 when using "-machine
4143  * none", but this is just for compatibility while libvirt isn't
4144  * adapted to resolve CPU model versions before creating VMs.
4145  * See "Runnability guarantee of CPU models" at
4146  * docs/about/deprecated.rst.
4147  */
4148 X86CPUVersion default_cpu_version = 1;
4149 
4150 void x86_cpu_set_default_version(X86CPUVersion version)
4151 {
4152     /* Translating CPU_VERSION_AUTO to CPU_VERSION_AUTO doesn't make sense */
4153     assert(version != CPU_VERSION_AUTO);
4154     default_cpu_version = version;
4155 }
4156 
4157 static X86CPUVersion x86_cpu_model_last_version(const X86CPUModel *model)
4158 {
4159     int v = 0;
4160     const X86CPUVersionDefinition *vdef =
4161         x86_cpu_def_get_versions(model->cpudef);
4162     while (vdef->version) {
4163         v = vdef->version;
4164         vdef++;
4165     }
4166     return v;
4167 }
4168 
4169 /* Return the actual version being used for a specific CPU model */
4170 static X86CPUVersion x86_cpu_model_resolve_version(const X86CPUModel *model)
4171 {
4172     X86CPUVersion v = model->version;
4173     if (v == CPU_VERSION_AUTO) {
4174         v = default_cpu_version;
4175     }
4176     if (v == CPU_VERSION_LATEST) {
4177         return x86_cpu_model_last_version(model);
4178     }
4179     return v;
4180 }
4181 
4182 static Property max_x86_cpu_properties[] = {
4183     DEFINE_PROP_BOOL("migratable", X86CPU, migratable, true),
4184     DEFINE_PROP_BOOL("host-cache-info", X86CPU, cache_info_passthrough, false),
4185     DEFINE_PROP_END_OF_LIST()
4186 };
4187 
4188 static void max_x86_cpu_class_init(ObjectClass *oc, void *data)
4189 {
4190     DeviceClass *dc = DEVICE_CLASS(oc);
4191     X86CPUClass *xcc = X86_CPU_CLASS(oc);
4192 
4193     xcc->ordering = 9;
4194 
4195     xcc->model_description =
4196         "Enables all features supported by the accelerator in the current host";
4197 
4198     device_class_set_props(dc, max_x86_cpu_properties);
4199 }
4200 
4201 static void max_x86_cpu_initfn(Object *obj)
4202 {
4203     X86CPU *cpu = X86_CPU(obj);
4204 
4205     /* We can't fill the features array here because we don't know yet if
4206      * "migratable" is true or false.
4207      */
4208     cpu->max_features = true;
4209     object_property_set_bool(OBJECT(cpu), "pmu", true, &error_abort);
4210 
4211     /*
4212      * these defaults are used for TCG and all other accelerators
4213      * besides KVM and HVF, which overwrite these values
4214      */
4215     object_property_set_str(OBJECT(cpu), "vendor", CPUID_VENDOR_AMD,
4216                             &error_abort);
4217 #ifdef TARGET_X86_64
4218     object_property_set_int(OBJECT(cpu), "family", 15, &error_abort);
4219     object_property_set_int(OBJECT(cpu), "model", 107, &error_abort);
4220     object_property_set_int(OBJECT(cpu), "stepping", 1, &error_abort);
4221 #else
4222     object_property_set_int(OBJECT(cpu), "family", 6, &error_abort);
4223     object_property_set_int(OBJECT(cpu), "model", 6, &error_abort);
4224     object_property_set_int(OBJECT(cpu), "stepping", 3, &error_abort);
4225 #endif
4226     object_property_set_str(OBJECT(cpu), "model-id",
4227                             "QEMU TCG CPU version " QEMU_HW_VERSION,
4228                             &error_abort);
4229 }
4230 
4231 static const TypeInfo max_x86_cpu_type_info = {
4232     .name = X86_CPU_TYPE_NAME("max"),
4233     .parent = TYPE_X86_CPU,
4234     .instance_init = max_x86_cpu_initfn,
4235     .class_init = max_x86_cpu_class_init,
4236 };
4237 
4238 static char *feature_word_description(FeatureWordInfo *f, uint32_t bit)
4239 {
4240     assert(f->type == CPUID_FEATURE_WORD || f->type == MSR_FEATURE_WORD);
4241 
4242     switch (f->type) {
4243     case CPUID_FEATURE_WORD:
4244         {
4245             const char *reg = get_register_name_32(f->cpuid.reg);
4246             assert(reg);
4247             return g_strdup_printf("CPUID.%02XH:%s",
4248                                    f->cpuid.eax, reg);
4249         }
4250     case MSR_FEATURE_WORD:
4251         return g_strdup_printf("MSR(%02XH)",
4252                                f->msr.index);
4253     }
4254 
4255     return NULL;
4256 }
4257 
4258 static bool x86_cpu_have_filtered_features(X86CPU *cpu)
4259 {
4260     FeatureWord w;
4261 
4262     for (w = 0; w < FEATURE_WORDS; w++) {
4263         if (cpu->filtered_features[w]) {
4264             return true;
4265         }
4266     }
4267 
4268     return false;
4269 }
4270 
4271 static void mark_unavailable_features(X86CPU *cpu, FeatureWord w, uint64_t mask,
4272                                       const char *verbose_prefix)
4273 {
4274     CPUX86State *env = &cpu->env;
4275     FeatureWordInfo *f = &feature_word_info[w];
4276     int i;
4277 
4278     if (!cpu->force_features) {
4279         env->features[w] &= ~mask;
4280     }
4281     cpu->filtered_features[w] |= mask;
4282 
4283     if (!verbose_prefix) {
4284         return;
4285     }
4286 
4287     for (i = 0; i < 64; ++i) {
4288         if ((1ULL << i) & mask) {
4289             g_autofree char *feat_word_str = feature_word_description(f, i);
4290             warn_report("%s: %s%s%s [bit %d]",
4291                         verbose_prefix,
4292                         feat_word_str,
4293                         f->feat_names[i] ? "." : "",
4294                         f->feat_names[i] ? f->feat_names[i] : "", i);
4295         }
4296     }
4297 }
4298 
4299 static void x86_cpuid_version_get_family(Object *obj, Visitor *v,
4300                                          const char *name, void *opaque,
4301                                          Error **errp)
4302 {
4303     X86CPU *cpu = X86_CPU(obj);
4304     CPUX86State *env = &cpu->env;
4305     int64_t value;
4306 
4307     value = (env->cpuid_version >> 8) & 0xf;
4308     if (value == 0xf) {
4309         value += (env->cpuid_version >> 20) & 0xff;
4310     }
4311     visit_type_int(v, name, &value, errp);
4312 }
4313 
4314 static void x86_cpuid_version_set_family(Object *obj, Visitor *v,
4315                                          const char *name, void *opaque,
4316                                          Error **errp)
4317 {
4318     X86CPU *cpu = X86_CPU(obj);
4319     CPUX86State *env = &cpu->env;
4320     const int64_t min = 0;
4321     const int64_t max = 0xff + 0xf;
4322     int64_t value;
4323 
4324     if (!visit_type_int(v, name, &value, errp)) {
4325         return;
4326     }
4327     if (value < min || value > max) {
4328         error_setg(errp, QERR_PROPERTY_VALUE_OUT_OF_RANGE, "",
4329                    name ? name : "null", value, min, max);
4330         return;
4331     }
4332 
4333     env->cpuid_version &= ~0xff00f00;
4334     if (value > 0x0f) {
4335         env->cpuid_version |= 0xf00 | ((value - 0x0f) << 20);
4336     } else {
4337         env->cpuid_version |= value << 8;
4338     }
4339 }
4340 
4341 static void x86_cpuid_version_get_model(Object *obj, Visitor *v,
4342                                         const char *name, void *opaque,
4343                                         Error **errp)
4344 {
4345     X86CPU *cpu = X86_CPU(obj);
4346     CPUX86State *env = &cpu->env;
4347     int64_t value;
4348 
4349     value = (env->cpuid_version >> 4) & 0xf;
4350     value |= ((env->cpuid_version >> 16) & 0xf) << 4;
4351     visit_type_int(v, name, &value, errp);
4352 }
4353 
4354 static void x86_cpuid_version_set_model(Object *obj, Visitor *v,
4355                                         const char *name, void *opaque,
4356                                         Error **errp)
4357 {
4358     X86CPU *cpu = X86_CPU(obj);
4359     CPUX86State *env = &cpu->env;
4360     const int64_t min = 0;
4361     const int64_t max = 0xff;
4362     int64_t value;
4363 
4364     if (!visit_type_int(v, name, &value, errp)) {
4365         return;
4366     }
4367     if (value < min || value > max) {
4368         error_setg(errp, QERR_PROPERTY_VALUE_OUT_OF_RANGE, "",
4369                    name ? name : "null", value, min, max);
4370         return;
4371     }
4372 
4373     env->cpuid_version &= ~0xf00f0;
4374     env->cpuid_version |= ((value & 0xf) << 4) | ((value >> 4) << 16);
4375 }
4376 
4377 static void x86_cpuid_version_get_stepping(Object *obj, Visitor *v,
4378                                            const char *name, void *opaque,
4379                                            Error **errp)
4380 {
4381     X86CPU *cpu = X86_CPU(obj);
4382     CPUX86State *env = &cpu->env;
4383     int64_t value;
4384 
4385     value = env->cpuid_version & 0xf;
4386     visit_type_int(v, name, &value, errp);
4387 }
4388 
4389 static void x86_cpuid_version_set_stepping(Object *obj, Visitor *v,
4390                                            const char *name, void *opaque,
4391                                            Error **errp)
4392 {
4393     X86CPU *cpu = X86_CPU(obj);
4394     CPUX86State *env = &cpu->env;
4395     const int64_t min = 0;
4396     const int64_t max = 0xf;
4397     int64_t value;
4398 
4399     if (!visit_type_int(v, name, &value, errp)) {
4400         return;
4401     }
4402     if (value < min || value > max) {
4403         error_setg(errp, QERR_PROPERTY_VALUE_OUT_OF_RANGE, "",
4404                    name ? name : "null", value, min, max);
4405         return;
4406     }
4407 
4408     env->cpuid_version &= ~0xf;
4409     env->cpuid_version |= value & 0xf;
4410 }
4411 
4412 static char *x86_cpuid_get_vendor(Object *obj, Error **errp)
4413 {
4414     X86CPU *cpu = X86_CPU(obj);
4415     CPUX86State *env = &cpu->env;
4416     char *value;
4417 
4418     value = g_malloc(CPUID_VENDOR_SZ + 1);
4419     x86_cpu_vendor_words2str(value, env->cpuid_vendor1, env->cpuid_vendor2,
4420                              env->cpuid_vendor3);
4421     return value;
4422 }
4423 
4424 static void x86_cpuid_set_vendor(Object *obj, const char *value,
4425                                  Error **errp)
4426 {
4427     X86CPU *cpu = X86_CPU(obj);
4428     CPUX86State *env = &cpu->env;
4429     int i;
4430 
4431     if (strlen(value) != CPUID_VENDOR_SZ) {
4432         error_setg(errp, QERR_PROPERTY_VALUE_BAD, "", "vendor", value);
4433         return;
4434     }
4435 
4436     env->cpuid_vendor1 = 0;
4437     env->cpuid_vendor2 = 0;
4438     env->cpuid_vendor3 = 0;
4439     for (i = 0; i < 4; i++) {
4440         env->cpuid_vendor1 |= ((uint8_t)value[i    ]) << (8 * i);
4441         env->cpuid_vendor2 |= ((uint8_t)value[i + 4]) << (8 * i);
4442         env->cpuid_vendor3 |= ((uint8_t)value[i + 8]) << (8 * i);
4443     }
4444 }
4445 
4446 static char *x86_cpuid_get_model_id(Object *obj, Error **errp)
4447 {
4448     X86CPU *cpu = X86_CPU(obj);
4449     CPUX86State *env = &cpu->env;
4450     char *value;
4451     int i;
4452 
4453     value = g_malloc(48 + 1);
4454     for (i = 0; i < 48; i++) {
4455         value[i] = env->cpuid_model[i >> 2] >> (8 * (i & 3));
4456     }
4457     value[48] = '\0';
4458     return value;
4459 }
4460 
4461 static void x86_cpuid_set_model_id(Object *obj, const char *model_id,
4462                                    Error **errp)
4463 {
4464     X86CPU *cpu = X86_CPU(obj);
4465     CPUX86State *env = &cpu->env;
4466     int c, len, i;
4467 
4468     if (model_id == NULL) {
4469         model_id = "";
4470     }
4471     len = strlen(model_id);
4472     memset(env->cpuid_model, 0, 48);
4473     for (i = 0; i < 48; i++) {
4474         if (i >= len) {
4475             c = '\0';
4476         } else {
4477             c = (uint8_t)model_id[i];
4478         }
4479         env->cpuid_model[i >> 2] |= c << (8 * (i & 3));
4480     }
4481 }
4482 
4483 static void x86_cpuid_get_tsc_freq(Object *obj, Visitor *v, const char *name,
4484                                    void *opaque, Error **errp)
4485 {
4486     X86CPU *cpu = X86_CPU(obj);
4487     int64_t value;
4488 
4489     value = cpu->env.tsc_khz * 1000;
4490     visit_type_int(v, name, &value, errp);
4491 }
4492 
4493 static void x86_cpuid_set_tsc_freq(Object *obj, Visitor *v, const char *name,
4494                                    void *opaque, Error **errp)
4495 {
4496     X86CPU *cpu = X86_CPU(obj);
4497     const int64_t min = 0;
4498     const int64_t max = INT64_MAX;
4499     int64_t value;
4500 
4501     if (!visit_type_int(v, name, &value, errp)) {
4502         return;
4503     }
4504     if (value < min || value > max) {
4505         error_setg(errp, QERR_PROPERTY_VALUE_OUT_OF_RANGE, "",
4506                    name ? name : "null", value, min, max);
4507         return;
4508     }
4509 
4510     cpu->env.tsc_khz = cpu->env.user_tsc_khz = value / 1000;
4511 }
4512 
4513 /* Generic getter for "feature-words" and "filtered-features" properties */
4514 static void x86_cpu_get_feature_words(Object *obj, Visitor *v,
4515                                       const char *name, void *opaque,
4516                                       Error **errp)
4517 {
4518     uint64_t *array = (uint64_t *)opaque;
4519     FeatureWord w;
4520     X86CPUFeatureWordInfo word_infos[FEATURE_WORDS] = { };
4521     X86CPUFeatureWordInfoList list_entries[FEATURE_WORDS] = { };
4522     X86CPUFeatureWordInfoList *list = NULL;
4523 
4524     for (w = 0; w < FEATURE_WORDS; w++) {
4525         FeatureWordInfo *wi = &feature_word_info[w];
4526         /*
4527                 * We didn't have MSR features when "feature-words" was
4528                 *  introduced. Therefore skipped other type entries.
4529                 */
4530         if (wi->type != CPUID_FEATURE_WORD) {
4531             continue;
4532         }
4533         X86CPUFeatureWordInfo *qwi = &word_infos[w];
4534         qwi->cpuid_input_eax = wi->cpuid.eax;
4535         qwi->has_cpuid_input_ecx = wi->cpuid.needs_ecx;
4536         qwi->cpuid_input_ecx = wi->cpuid.ecx;
4537         qwi->cpuid_register = x86_reg_info_32[wi->cpuid.reg].qapi_enum;
4538         qwi->features = array[w];
4539 
4540         /* List will be in reverse order, but order shouldn't matter */
4541         list_entries[w].next = list;
4542         list_entries[w].value = &word_infos[w];
4543         list = &list_entries[w];
4544     }
4545 
4546     visit_type_X86CPUFeatureWordInfoList(v, "feature-words", &list, errp);
4547 }
4548 
4549 /* Convert all '_' in a feature string option name to '-', to make feature
4550  * name conform to QOM property naming rule, which uses '-' instead of '_'.
4551  */
4552 static inline void feat2prop(char *s)
4553 {
4554     while ((s = strchr(s, '_'))) {
4555         *s = '-';
4556     }
4557 }
4558 
4559 /* Return the feature property name for a feature flag bit */
4560 static const char *x86_cpu_feature_name(FeatureWord w, int bitnr)
4561 {
4562     const char *name;
4563     /* XSAVE components are automatically enabled by other features,
4564      * so return the original feature name instead
4565      */
4566     if (w == FEAT_XSAVE_XCR0_LO || w == FEAT_XSAVE_XCR0_HI) {
4567         int comp = (w == FEAT_XSAVE_XCR0_HI) ? bitnr + 32 : bitnr;
4568 
4569         if (comp < ARRAY_SIZE(x86_ext_save_areas) &&
4570             x86_ext_save_areas[comp].bits) {
4571             w = x86_ext_save_areas[comp].feature;
4572             bitnr = ctz32(x86_ext_save_areas[comp].bits);
4573         }
4574     }
4575 
4576     assert(bitnr < 64);
4577     assert(w < FEATURE_WORDS);
4578     name = feature_word_info[w].feat_names[bitnr];
4579     assert(bitnr < 32 || !(name && feature_word_info[w].type == CPUID_FEATURE_WORD));
4580     return name;
4581 }
4582 
4583 /* Compatibily hack to maintain legacy +-feat semantic,
4584  * where +-feat overwrites any feature set by
4585  * feat=on|feat even if the later is parsed after +-feat
4586  * (i.e. "-x2apic,x2apic=on" will result in x2apic disabled)
4587  */
4588 static GList *plus_features, *minus_features;
4589 
4590 static gint compare_string(gconstpointer a, gconstpointer b)
4591 {
4592     return g_strcmp0(a, b);
4593 }
4594 
4595 /* Parse "+feature,-feature,feature=foo" CPU feature string
4596  */
4597 static void x86_cpu_parse_featurestr(const char *typename, char *features,
4598                                      Error **errp)
4599 {
4600     char *featurestr; /* Single 'key=value" string being parsed */
4601     static bool cpu_globals_initialized;
4602     bool ambiguous = false;
4603 
4604     if (cpu_globals_initialized) {
4605         return;
4606     }
4607     cpu_globals_initialized = true;
4608 
4609     if (!features) {
4610         return;
4611     }
4612 
4613     for (featurestr = strtok(features, ",");
4614          featurestr;
4615          featurestr = strtok(NULL, ",")) {
4616         const char *name;
4617         const char *val = NULL;
4618         char *eq = NULL;
4619         char num[32];
4620         GlobalProperty *prop;
4621 
4622         /* Compatibility syntax: */
4623         if (featurestr[0] == '+') {
4624             plus_features = g_list_append(plus_features,
4625                                           g_strdup(featurestr + 1));
4626             continue;
4627         } else if (featurestr[0] == '-') {
4628             minus_features = g_list_append(minus_features,
4629                                            g_strdup(featurestr + 1));
4630             continue;
4631         }
4632 
4633         eq = strchr(featurestr, '=');
4634         if (eq) {
4635             *eq++ = 0;
4636             val = eq;
4637         } else {
4638             val = "on";
4639         }
4640 
4641         feat2prop(featurestr);
4642         name = featurestr;
4643 
4644         if (g_list_find_custom(plus_features, name, compare_string)) {
4645             warn_report("Ambiguous CPU model string. "
4646                         "Don't mix both \"+%s\" and \"%s=%s\"",
4647                         name, name, val);
4648             ambiguous = true;
4649         }
4650         if (g_list_find_custom(minus_features, name, compare_string)) {
4651             warn_report("Ambiguous CPU model string. "
4652                         "Don't mix both \"-%s\" and \"%s=%s\"",
4653                         name, name, val);
4654             ambiguous = true;
4655         }
4656 
4657         /* Special case: */
4658         if (!strcmp(name, "tsc-freq")) {
4659             int ret;
4660             uint64_t tsc_freq;
4661 
4662             ret = qemu_strtosz_metric(val, NULL, &tsc_freq);
4663             if (ret < 0 || tsc_freq > INT64_MAX) {
4664                 error_setg(errp, "bad numerical value %s", val);
4665                 return;
4666             }
4667             snprintf(num, sizeof(num), "%" PRId64, tsc_freq);
4668             val = num;
4669             name = "tsc-frequency";
4670         }
4671 
4672         prop = g_new0(typeof(*prop), 1);
4673         prop->driver = typename;
4674         prop->property = g_strdup(name);
4675         prop->value = g_strdup(val);
4676         qdev_prop_register_global(prop);
4677     }
4678 
4679     if (ambiguous) {
4680         warn_report("Compatibility of ambiguous CPU model "
4681                     "strings won't be kept on future QEMU versions");
4682     }
4683 }
4684 
4685 static void x86_cpu_filter_features(X86CPU *cpu, bool verbose);
4686 
4687 /* Build a list with the name of all features on a feature word array */
4688 static void x86_cpu_list_feature_names(FeatureWordArray features,
4689                                        strList **list)
4690 {
4691     strList **tail = list;
4692     FeatureWord w;
4693 
4694     for (w = 0; w < FEATURE_WORDS; w++) {
4695         uint64_t filtered = features[w];
4696         int i;
4697         for (i = 0; i < 64; i++) {
4698             if (filtered & (1ULL << i)) {
4699                 QAPI_LIST_APPEND(tail, g_strdup(x86_cpu_feature_name(w, i)));
4700             }
4701         }
4702     }
4703 }
4704 
4705 static void x86_cpu_get_unavailable_features(Object *obj, Visitor *v,
4706                                              const char *name, void *opaque,
4707                                              Error **errp)
4708 {
4709     X86CPU *xc = X86_CPU(obj);
4710     strList *result = NULL;
4711 
4712     x86_cpu_list_feature_names(xc->filtered_features, &result);
4713     visit_type_strList(v, "unavailable-features", &result, errp);
4714 }
4715 
4716 /* Check for missing features that may prevent the CPU class from
4717  * running using the current machine and accelerator.
4718  */
4719 static void x86_cpu_class_check_missing_features(X86CPUClass *xcc,
4720                                                  strList **list)
4721 {
4722     strList **tail = list;
4723     X86CPU *xc;
4724     Error *err = NULL;
4725 
4726     if (xcc->host_cpuid_required && !accel_uses_host_cpuid()) {
4727         QAPI_LIST_APPEND(tail, g_strdup("kvm"));
4728         return;
4729     }
4730 
4731     xc = X86_CPU(object_new_with_class(OBJECT_CLASS(xcc)));
4732 
4733     x86_cpu_expand_features(xc, &err);
4734     if (err) {
4735         /* Errors at x86_cpu_expand_features should never happen,
4736          * but in case it does, just report the model as not
4737          * runnable at all using the "type" property.
4738          */
4739         QAPI_LIST_APPEND(tail, g_strdup("type"));
4740         error_free(err);
4741     }
4742 
4743     x86_cpu_filter_features(xc, false);
4744 
4745     x86_cpu_list_feature_names(xc->filtered_features, tail);
4746 
4747     object_unref(OBJECT(xc));
4748 }
4749 
4750 /* Print all cpuid feature names in featureset
4751  */
4752 static void listflags(GList *features)
4753 {
4754     size_t len = 0;
4755     GList *tmp;
4756 
4757     for (tmp = features; tmp; tmp = tmp->next) {
4758         const char *name = tmp->data;
4759         if ((len + strlen(name) + 1) >= 75) {
4760             qemu_printf("\n");
4761             len = 0;
4762         }
4763         qemu_printf("%s%s", len == 0 ? "  " : " ", name);
4764         len += strlen(name) + 1;
4765     }
4766     qemu_printf("\n");
4767 }
4768 
4769 /* Sort alphabetically by type name, respecting X86CPUClass::ordering. */
4770 static gint x86_cpu_list_compare(gconstpointer a, gconstpointer b)
4771 {
4772     ObjectClass *class_a = (ObjectClass *)a;
4773     ObjectClass *class_b = (ObjectClass *)b;
4774     X86CPUClass *cc_a = X86_CPU_CLASS(class_a);
4775     X86CPUClass *cc_b = X86_CPU_CLASS(class_b);
4776     int ret;
4777 
4778     if (cc_a->ordering != cc_b->ordering) {
4779         ret = cc_a->ordering - cc_b->ordering;
4780     } else {
4781         g_autofree char *name_a = x86_cpu_class_get_model_name(cc_a);
4782         g_autofree char *name_b = x86_cpu_class_get_model_name(cc_b);
4783         ret = strcmp(name_a, name_b);
4784     }
4785     return ret;
4786 }
4787 
4788 static GSList *get_sorted_cpu_model_list(void)
4789 {
4790     GSList *list = object_class_get_list(TYPE_X86_CPU, false);
4791     list = g_slist_sort(list, x86_cpu_list_compare);
4792     return list;
4793 }
4794 
4795 static char *x86_cpu_class_get_model_id(X86CPUClass *xc)
4796 {
4797     Object *obj = object_new_with_class(OBJECT_CLASS(xc));
4798     char *r = object_property_get_str(obj, "model-id", &error_abort);
4799     object_unref(obj);
4800     return r;
4801 }
4802 
4803 static char *x86_cpu_class_get_alias_of(X86CPUClass *cc)
4804 {
4805     X86CPUVersion version;
4806 
4807     if (!cc->model || !cc->model->is_alias) {
4808         return NULL;
4809     }
4810     version = x86_cpu_model_resolve_version(cc->model);
4811     if (version <= 0) {
4812         return NULL;
4813     }
4814     return x86_cpu_versioned_model_name(cc->model->cpudef, version);
4815 }
4816 
4817 static void x86_cpu_list_entry(gpointer data, gpointer user_data)
4818 {
4819     ObjectClass *oc = data;
4820     X86CPUClass *cc = X86_CPU_CLASS(oc);
4821     g_autofree char *name = x86_cpu_class_get_model_name(cc);
4822     g_autofree char *desc = g_strdup(cc->model_description);
4823     g_autofree char *alias_of = x86_cpu_class_get_alias_of(cc);
4824     g_autofree char *model_id = x86_cpu_class_get_model_id(cc);
4825 
4826     if (!desc && alias_of) {
4827         if (cc->model && cc->model->version == CPU_VERSION_AUTO) {
4828             desc = g_strdup("(alias configured by machine type)");
4829         } else {
4830             desc = g_strdup_printf("(alias of %s)", alias_of);
4831         }
4832     }
4833     if (!desc && cc->model && cc->model->note) {
4834         desc = g_strdup_printf("%s [%s]", model_id, cc->model->note);
4835     }
4836     if (!desc) {
4837         desc = g_strdup_printf("%s", model_id);
4838     }
4839 
4840     if (cc->model && cc->model->cpudef->deprecation_note) {
4841         g_autofree char *olddesc = desc;
4842         desc = g_strdup_printf("%s (deprecated)", olddesc);
4843     }
4844 
4845     qemu_printf("x86 %-20s  %s\n", name, desc);
4846 }
4847 
4848 /* list available CPU models and flags */
4849 void x86_cpu_list(void)
4850 {
4851     int i, j;
4852     GSList *list;
4853     GList *names = NULL;
4854 
4855     qemu_printf("Available CPUs:\n");
4856     list = get_sorted_cpu_model_list();
4857     g_slist_foreach(list, x86_cpu_list_entry, NULL);
4858     g_slist_free(list);
4859 
4860     names = NULL;
4861     for (i = 0; i < ARRAY_SIZE(feature_word_info); i++) {
4862         FeatureWordInfo *fw = &feature_word_info[i];
4863         for (j = 0; j < 64; j++) {
4864             if (fw->feat_names[j]) {
4865                 names = g_list_append(names, (gpointer)fw->feat_names[j]);
4866             }
4867         }
4868     }
4869 
4870     names = g_list_sort(names, (GCompareFunc)strcmp);
4871 
4872     qemu_printf("\nRecognized CPUID flags:\n");
4873     listflags(names);
4874     qemu_printf("\n");
4875     g_list_free(names);
4876 }
4877 
4878 static void x86_cpu_definition_entry(gpointer data, gpointer user_data)
4879 {
4880     ObjectClass *oc = data;
4881     X86CPUClass *cc = X86_CPU_CLASS(oc);
4882     CpuDefinitionInfoList **cpu_list = user_data;
4883     CpuDefinitionInfo *info;
4884 
4885     info = g_malloc0(sizeof(*info));
4886     info->name = x86_cpu_class_get_model_name(cc);
4887     x86_cpu_class_check_missing_features(cc, &info->unavailable_features);
4888     info->has_unavailable_features = true;
4889     info->q_typename = g_strdup(object_class_get_name(oc));
4890     info->migration_safe = cc->migration_safe;
4891     info->has_migration_safe = true;
4892     info->q_static = cc->static_model;
4893     if (cc->model && cc->model->cpudef->deprecation_note) {
4894         info->deprecated = true;
4895     } else {
4896         info->deprecated = false;
4897     }
4898     /*
4899      * Old machine types won't report aliases, so that alias translation
4900      * doesn't break compatibility with previous QEMU versions.
4901      */
4902     if (default_cpu_version != CPU_VERSION_LEGACY) {
4903         info->alias_of = x86_cpu_class_get_alias_of(cc);
4904     }
4905 
4906     QAPI_LIST_PREPEND(*cpu_list, info);
4907 }
4908 
4909 CpuDefinitionInfoList *qmp_query_cpu_definitions(Error **errp)
4910 {
4911     CpuDefinitionInfoList *cpu_list = NULL;
4912     GSList *list = get_sorted_cpu_model_list();
4913     g_slist_foreach(list, x86_cpu_definition_entry, &cpu_list);
4914     g_slist_free(list);
4915     return cpu_list;
4916 }
4917 
4918 uint64_t x86_cpu_get_supported_feature_word(FeatureWord w,
4919                                             bool migratable_only)
4920 {
4921     FeatureWordInfo *wi = &feature_word_info[w];
4922     uint64_t r = 0;
4923 
4924     if (kvm_enabled()) {
4925         switch (wi->type) {
4926         case CPUID_FEATURE_WORD:
4927             r = kvm_arch_get_supported_cpuid(kvm_state, wi->cpuid.eax,
4928                                                         wi->cpuid.ecx,
4929                                                         wi->cpuid.reg);
4930             break;
4931         case MSR_FEATURE_WORD:
4932             r = kvm_arch_get_supported_msr_feature(kvm_state,
4933                         wi->msr.index);
4934             break;
4935         }
4936     } else if (hvf_enabled()) {
4937         if (wi->type != CPUID_FEATURE_WORD) {
4938             return 0;
4939         }
4940         r = hvf_get_supported_cpuid(wi->cpuid.eax,
4941                                     wi->cpuid.ecx,
4942                                     wi->cpuid.reg);
4943     } else if (tcg_enabled()) {
4944         r = wi->tcg_features;
4945     } else {
4946         return ~0;
4947     }
4948 #ifndef TARGET_X86_64
4949     if (w == FEAT_8000_0001_EDX) {
4950         r &= ~CPUID_EXT2_LM;
4951     }
4952 #endif
4953     if (migratable_only) {
4954         r &= x86_cpu_get_migratable_flags(w);
4955     }
4956     return r;
4957 }
4958 
4959 static void x86_cpu_get_supported_cpuid(uint32_t func, uint32_t index,
4960                                         uint32_t *eax, uint32_t *ebx,
4961                                         uint32_t *ecx, uint32_t *edx)
4962 {
4963     if (kvm_enabled()) {
4964         *eax = kvm_arch_get_supported_cpuid(kvm_state, func, index, R_EAX);
4965         *ebx = kvm_arch_get_supported_cpuid(kvm_state, func, index, R_EBX);
4966         *ecx = kvm_arch_get_supported_cpuid(kvm_state, func, index, R_ECX);
4967         *edx = kvm_arch_get_supported_cpuid(kvm_state, func, index, R_EDX);
4968     } else if (hvf_enabled()) {
4969         *eax = hvf_get_supported_cpuid(func, index, R_EAX);
4970         *ebx = hvf_get_supported_cpuid(func, index, R_EBX);
4971         *ecx = hvf_get_supported_cpuid(func, index, R_ECX);
4972         *edx = hvf_get_supported_cpuid(func, index, R_EDX);
4973     } else {
4974         *eax = 0;
4975         *ebx = 0;
4976         *ecx = 0;
4977         *edx = 0;
4978     }
4979 }
4980 
4981 static void x86_cpu_get_cache_cpuid(uint32_t func, uint32_t index,
4982                                     uint32_t *eax, uint32_t *ebx,
4983                                     uint32_t *ecx, uint32_t *edx)
4984 {
4985     uint32_t level, unused;
4986 
4987     /* Only return valid host leaves.  */
4988     switch (func) {
4989     case 2:
4990     case 4:
4991         host_cpuid(0, 0, &level, &unused, &unused, &unused);
4992         break;
4993     case 0x80000005:
4994     case 0x80000006:
4995     case 0x8000001d:
4996         host_cpuid(0x80000000, 0, &level, &unused, &unused, &unused);
4997         break;
4998     default:
4999         return;
5000     }
5001 
5002     if (func > level) {
5003         *eax = 0;
5004         *ebx = 0;
5005         *ecx = 0;
5006         *edx = 0;
5007     } else {
5008         host_cpuid(func, index, eax, ebx, ecx, edx);
5009     }
5010 }
5011 
5012 /*
5013  * Only for builtin_x86_defs models initialized with x86_register_cpudef_types.
5014  */
5015 void x86_cpu_apply_props(X86CPU *cpu, PropValue *props)
5016 {
5017     PropValue *pv;
5018     for (pv = props; pv->prop; pv++) {
5019         if (!pv->value) {
5020             continue;
5021         }
5022         object_property_parse(OBJECT(cpu), pv->prop, pv->value,
5023                               &error_abort);
5024     }
5025 }
5026 
5027 /*
5028  * Apply properties for the CPU model version specified in model.
5029  * Only for builtin_x86_defs models initialized with x86_register_cpudef_types.
5030  */
5031 
5032 static void x86_cpu_apply_version_props(X86CPU *cpu, X86CPUModel *model)
5033 {
5034     const X86CPUVersionDefinition *vdef;
5035     X86CPUVersion version = x86_cpu_model_resolve_version(model);
5036 
5037     if (version == CPU_VERSION_LEGACY) {
5038         return;
5039     }
5040 
5041     for (vdef = x86_cpu_def_get_versions(model->cpudef); vdef->version; vdef++) {
5042         PropValue *p;
5043 
5044         for (p = vdef->props; p && p->prop; p++) {
5045             object_property_parse(OBJECT(cpu), p->prop, p->value,
5046                                   &error_abort);
5047         }
5048 
5049         if (vdef->version == version) {
5050             break;
5051         }
5052     }
5053 
5054     /*
5055      * If we reached the end of the list, version number was invalid
5056      */
5057     assert(vdef->version == version);
5058 }
5059 
5060 /*
5061  * Load data from X86CPUDefinition into a X86CPU object.
5062  * Only for builtin_x86_defs models initialized with x86_register_cpudef_types.
5063  */
5064 static void x86_cpu_load_model(X86CPU *cpu, X86CPUModel *model)
5065 {
5066     const X86CPUDefinition *def = model->cpudef;
5067     CPUX86State *env = &cpu->env;
5068     FeatureWord w;
5069 
5070     /*NOTE: any property set by this function should be returned by
5071      * x86_cpu_static_props(), so static expansion of
5072      * query-cpu-model-expansion is always complete.
5073      */
5074 
5075     /* CPU models only set _minimum_ values for level/xlevel: */
5076     object_property_set_uint(OBJECT(cpu), "min-level", def->level,
5077                              &error_abort);
5078     object_property_set_uint(OBJECT(cpu), "min-xlevel", def->xlevel,
5079                              &error_abort);
5080 
5081     object_property_set_int(OBJECT(cpu), "family", def->family, &error_abort);
5082     object_property_set_int(OBJECT(cpu), "model", def->model, &error_abort);
5083     object_property_set_int(OBJECT(cpu), "stepping", def->stepping,
5084                             &error_abort);
5085     object_property_set_str(OBJECT(cpu), "model-id", def->model_id,
5086                             &error_abort);
5087     for (w = 0; w < FEATURE_WORDS; w++) {
5088         env->features[w] = def->features[w];
5089     }
5090 
5091     /* legacy-cache defaults to 'off' if CPU model provides cache info */
5092     cpu->legacy_cache = !def->cache_info;
5093 
5094     env->features[FEAT_1_ECX] |= CPUID_EXT_HYPERVISOR;
5095 
5096     /* sysenter isn't supported in compatibility mode on AMD,
5097      * syscall isn't supported in compatibility mode on Intel.
5098      * Normally we advertise the actual CPU vendor, but you can
5099      * override this using the 'vendor' property if you want to use
5100      * KVM's sysenter/syscall emulation in compatibility mode and
5101      * when doing cross vendor migration
5102      */
5103 
5104     /*
5105      * vendor property is set here but then overloaded with the
5106      * host cpu vendor for KVM and HVF.
5107      */
5108     object_property_set_str(OBJECT(cpu), "vendor", def->vendor, &error_abort);
5109 
5110     x86_cpu_apply_version_props(cpu, model);
5111 
5112     /*
5113      * Properties in versioned CPU model are not user specified features.
5114      * We can simply clear env->user_features here since it will be filled later
5115      * in x86_cpu_expand_features() based on plus_features and minus_features.
5116      */
5117     memset(&env->user_features, 0, sizeof(env->user_features));
5118 }
5119 
5120 static gchar *x86_gdb_arch_name(CPUState *cs)
5121 {
5122 #ifdef TARGET_X86_64
5123     return g_strdup("i386:x86-64");
5124 #else
5125     return g_strdup("i386");
5126 #endif
5127 }
5128 
5129 static void x86_cpu_cpudef_class_init(ObjectClass *oc, void *data)
5130 {
5131     X86CPUModel *model = data;
5132     X86CPUClass *xcc = X86_CPU_CLASS(oc);
5133     CPUClass *cc = CPU_CLASS(oc);
5134 
5135     xcc->model = model;
5136     xcc->migration_safe = true;
5137     cc->deprecation_note = model->cpudef->deprecation_note;
5138 }
5139 
5140 static void x86_register_cpu_model_type(const char *name, X86CPUModel *model)
5141 {
5142     g_autofree char *typename = x86_cpu_type_name(name);
5143     TypeInfo ti = {
5144         .name = typename,
5145         .parent = TYPE_X86_CPU,
5146         .class_init = x86_cpu_cpudef_class_init,
5147         .class_data = model,
5148     };
5149 
5150     type_register(&ti);
5151 }
5152 
5153 
5154 /*
5155  * register builtin_x86_defs;
5156  * "max", "base" and subclasses ("host") are not registered here.
5157  * See x86_cpu_register_types for all model registrations.
5158  */
5159 static void x86_register_cpudef_types(const X86CPUDefinition *def)
5160 {
5161     X86CPUModel *m;
5162     const X86CPUVersionDefinition *vdef;
5163 
5164     /* AMD aliases are handled at runtime based on CPUID vendor, so
5165      * they shouldn't be set on the CPU model table.
5166      */
5167     assert(!(def->features[FEAT_8000_0001_EDX] & CPUID_EXT2_AMD_ALIASES));
5168     /* catch mistakes instead of silently truncating model_id when too long */
5169     assert(def->model_id && strlen(def->model_id) <= 48);
5170 
5171     /* Unversioned model: */
5172     m = g_new0(X86CPUModel, 1);
5173     m->cpudef = def;
5174     m->version = CPU_VERSION_AUTO;
5175     m->is_alias = true;
5176     x86_register_cpu_model_type(def->name, m);
5177 
5178     /* Versioned models: */
5179 
5180     for (vdef = x86_cpu_def_get_versions(def); vdef->version; vdef++) {
5181         X86CPUModel *m = g_new0(X86CPUModel, 1);
5182         g_autofree char *name =
5183             x86_cpu_versioned_model_name(def, vdef->version);
5184         m->cpudef = def;
5185         m->version = vdef->version;
5186         m->note = vdef->note;
5187         x86_register_cpu_model_type(name, m);
5188 
5189         if (vdef->alias) {
5190             X86CPUModel *am = g_new0(X86CPUModel, 1);
5191             am->cpudef = def;
5192             am->version = vdef->version;
5193             am->is_alias = true;
5194             x86_register_cpu_model_type(vdef->alias, am);
5195         }
5196     }
5197 
5198 }
5199 
5200 uint32_t cpu_x86_virtual_addr_width(CPUX86State *env)
5201 {
5202     if  (env->features[FEAT_7_0_ECX] & CPUID_7_0_ECX_LA57) {
5203         return 57; /* 57 bits virtual */
5204     } else {
5205         return 48; /* 48 bits virtual */
5206     }
5207 }
5208 
5209 void cpu_x86_cpuid(CPUX86State *env, uint32_t index, uint32_t count,
5210                    uint32_t *eax, uint32_t *ebx,
5211                    uint32_t *ecx, uint32_t *edx)
5212 {
5213     X86CPU *cpu = env_archcpu(env);
5214     CPUState *cs = env_cpu(env);
5215     uint32_t die_offset;
5216     uint32_t limit;
5217     uint32_t signature[3];
5218     X86CPUTopoInfo topo_info;
5219 
5220     topo_info.dies_per_pkg = env->nr_dies;
5221     topo_info.cores_per_die = cs->nr_cores;
5222     topo_info.threads_per_core = cs->nr_threads;
5223 
5224     /* Calculate & apply limits for different index ranges */
5225     if (index >= 0xC0000000) {
5226         limit = env->cpuid_xlevel2;
5227     } else if (index >= 0x80000000) {
5228         limit = env->cpuid_xlevel;
5229     } else if (index >= 0x40000000) {
5230         limit = 0x40000001;
5231     } else {
5232         limit = env->cpuid_level;
5233     }
5234 
5235     if (index > limit) {
5236         /* Intel documentation states that invalid EAX input will
5237          * return the same information as EAX=cpuid_level
5238          * (Intel SDM Vol. 2A - Instruction Set Reference - CPUID)
5239          */
5240         index = env->cpuid_level;
5241     }
5242 
5243     switch(index) {
5244     case 0:
5245         *eax = env->cpuid_level;
5246         *ebx = env->cpuid_vendor1;
5247         *edx = env->cpuid_vendor2;
5248         *ecx = env->cpuid_vendor3;
5249         break;
5250     case 1:
5251         *eax = env->cpuid_version;
5252         *ebx = (cpu->apic_id << 24) |
5253                8 << 8; /* CLFLUSH size in quad words, Linux wants it. */
5254         *ecx = env->features[FEAT_1_ECX];
5255         if ((*ecx & CPUID_EXT_XSAVE) && (env->cr[4] & CR4_OSXSAVE_MASK)) {
5256             *ecx |= CPUID_EXT_OSXSAVE;
5257         }
5258         *edx = env->features[FEAT_1_EDX];
5259         if (cs->nr_cores * cs->nr_threads > 1) {
5260             *ebx |= (cs->nr_cores * cs->nr_threads) << 16;
5261             *edx |= CPUID_HT;
5262         }
5263         if (!cpu->enable_pmu) {
5264             *ecx &= ~CPUID_EXT_PDCM;
5265         }
5266         break;
5267     case 2:
5268         /* cache info: needed for Pentium Pro compatibility */
5269         if (cpu->cache_info_passthrough) {
5270             x86_cpu_get_cache_cpuid(index, 0, eax, ebx, ecx, edx);
5271             break;
5272         } else if (cpu->vendor_cpuid_only && IS_AMD_CPU(env)) {
5273             *eax = *ebx = *ecx = *edx = 0;
5274             break;
5275         }
5276         *eax = 1; /* Number of CPUID[EAX=2] calls required */
5277         *ebx = 0;
5278         if (!cpu->enable_l3_cache) {
5279             *ecx = 0;
5280         } else {
5281             *ecx = cpuid2_cache_descriptor(env->cache_info_cpuid2.l3_cache);
5282         }
5283         *edx = (cpuid2_cache_descriptor(env->cache_info_cpuid2.l1d_cache) << 16) |
5284                (cpuid2_cache_descriptor(env->cache_info_cpuid2.l1i_cache) <<  8) |
5285                (cpuid2_cache_descriptor(env->cache_info_cpuid2.l2_cache));
5286         break;
5287     case 4:
5288         /* cache info: needed for Core compatibility */
5289         if (cpu->cache_info_passthrough) {
5290             x86_cpu_get_cache_cpuid(index, count, eax, ebx, ecx, edx);
5291             /*
5292              * QEMU has its own number of cores/logical cpus,
5293              * set 24..14, 31..26 bit to configured values
5294              */
5295             if (*eax & 31) {
5296                 int host_vcpus_per_cache = 1 + ((*eax & 0x3FFC000) >> 14);
5297                 int vcpus_per_socket = env->nr_dies * cs->nr_cores *
5298                                        cs->nr_threads;
5299                 if (cs->nr_cores > 1) {
5300                     *eax &= ~0xFC000000;
5301                     *eax |= (pow2ceil(cs->nr_cores) - 1) << 26;
5302                 }
5303                 if (host_vcpus_per_cache > vcpus_per_socket) {
5304                     *eax &= ~0x3FFC000;
5305                     *eax |= (pow2ceil(vcpus_per_socket) - 1) << 14;
5306                 }
5307             }
5308         } else if (cpu->vendor_cpuid_only && IS_AMD_CPU(env)) {
5309             *eax = *ebx = *ecx = *edx = 0;
5310         } else {
5311             *eax = 0;
5312             switch (count) {
5313             case 0: /* L1 dcache info */
5314                 encode_cache_cpuid4(env->cache_info_cpuid4.l1d_cache,
5315                                     1, cs->nr_cores,
5316                                     eax, ebx, ecx, edx);
5317                 break;
5318             case 1: /* L1 icache info */
5319                 encode_cache_cpuid4(env->cache_info_cpuid4.l1i_cache,
5320                                     1, cs->nr_cores,
5321                                     eax, ebx, ecx, edx);
5322                 break;
5323             case 2: /* L2 cache info */
5324                 encode_cache_cpuid4(env->cache_info_cpuid4.l2_cache,
5325                                     cs->nr_threads, cs->nr_cores,
5326                                     eax, ebx, ecx, edx);
5327                 break;
5328             case 3: /* L3 cache info */
5329                 die_offset = apicid_die_offset(&topo_info);
5330                 if (cpu->enable_l3_cache) {
5331                     encode_cache_cpuid4(env->cache_info_cpuid4.l3_cache,
5332                                         (1 << die_offset), cs->nr_cores,
5333                                         eax, ebx, ecx, edx);
5334                     break;
5335                 }
5336                 /* fall through */
5337             default: /* end of info */
5338                 *eax = *ebx = *ecx = *edx = 0;
5339                 break;
5340             }
5341         }
5342         break;
5343     case 5:
5344         /* MONITOR/MWAIT Leaf */
5345         *eax = cpu->mwait.eax; /* Smallest monitor-line size in bytes */
5346         *ebx = cpu->mwait.ebx; /* Largest monitor-line size in bytes */
5347         *ecx = cpu->mwait.ecx; /* flags */
5348         *edx = cpu->mwait.edx; /* mwait substates */
5349         break;
5350     case 6:
5351         /* Thermal and Power Leaf */
5352         *eax = env->features[FEAT_6_EAX];
5353         *ebx = 0;
5354         *ecx = 0;
5355         *edx = 0;
5356         break;
5357     case 7:
5358         /* Structured Extended Feature Flags Enumeration Leaf */
5359         if (count == 0) {
5360             /* Maximum ECX value for sub-leaves */
5361             *eax = env->cpuid_level_func7;
5362             *ebx = env->features[FEAT_7_0_EBX]; /* Feature flags */
5363             *ecx = env->features[FEAT_7_0_ECX]; /* Feature flags */
5364             if ((*ecx & CPUID_7_0_ECX_PKU) && env->cr[4] & CR4_PKE_MASK) {
5365                 *ecx |= CPUID_7_0_ECX_OSPKE;
5366             }
5367             *edx = env->features[FEAT_7_0_EDX]; /* Feature flags */
5368 
5369             /*
5370              * SGX cannot be emulated in software.  If hardware does not
5371              * support enabling SGX and/or SGX flexible launch control,
5372              * then we need to update the VM's CPUID values accordingly.
5373              */
5374             if ((*ebx & CPUID_7_0_EBX_SGX) &&
5375                 (!kvm_enabled() ||
5376                  !(kvm_arch_get_supported_cpuid(cs->kvm_state, 0x7, 0, R_EBX) &
5377                     CPUID_7_0_EBX_SGX))) {
5378                 *ebx &= ~CPUID_7_0_EBX_SGX;
5379             }
5380 
5381             if ((*ecx & CPUID_7_0_ECX_SGX_LC) &&
5382                 (!(*ebx & CPUID_7_0_EBX_SGX) || !kvm_enabled() ||
5383                  !(kvm_arch_get_supported_cpuid(cs->kvm_state, 0x7, 0, R_ECX) &
5384                     CPUID_7_0_ECX_SGX_LC))) {
5385                 *ecx &= ~CPUID_7_0_ECX_SGX_LC;
5386             }
5387         } else if (count == 1) {
5388             *eax = env->features[FEAT_7_1_EAX];
5389             *ebx = 0;
5390             *ecx = 0;
5391             *edx = 0;
5392         } else {
5393             *eax = 0;
5394             *ebx = 0;
5395             *ecx = 0;
5396             *edx = 0;
5397         }
5398         break;
5399     case 9:
5400         /* Direct Cache Access Information Leaf */
5401         *eax = 0; /* Bits 0-31 in DCA_CAP MSR */
5402         *ebx = 0;
5403         *ecx = 0;
5404         *edx = 0;
5405         break;
5406     case 0xA:
5407         /* Architectural Performance Monitoring Leaf */
5408         if (accel_uses_host_cpuid() && cpu->enable_pmu) {
5409             x86_cpu_get_supported_cpuid(0xA, count, eax, ebx, ecx, edx);
5410         } else {
5411             *eax = 0;
5412             *ebx = 0;
5413             *ecx = 0;
5414             *edx = 0;
5415         }
5416         break;
5417     case 0xB:
5418         /* Extended Topology Enumeration Leaf */
5419         if (!cpu->enable_cpuid_0xb) {
5420                 *eax = *ebx = *ecx = *edx = 0;
5421                 break;
5422         }
5423 
5424         *ecx = count & 0xff;
5425         *edx = cpu->apic_id;
5426 
5427         switch (count) {
5428         case 0:
5429             *eax = apicid_core_offset(&topo_info);
5430             *ebx = cs->nr_threads;
5431             *ecx |= CPUID_TOPOLOGY_LEVEL_SMT;
5432             break;
5433         case 1:
5434             *eax = apicid_pkg_offset(&topo_info);
5435             *ebx = cs->nr_cores * cs->nr_threads;
5436             *ecx |= CPUID_TOPOLOGY_LEVEL_CORE;
5437             break;
5438         default:
5439             *eax = 0;
5440             *ebx = 0;
5441             *ecx |= CPUID_TOPOLOGY_LEVEL_INVALID;
5442         }
5443 
5444         assert(!(*eax & ~0x1f));
5445         *ebx &= 0xffff; /* The count doesn't need to be reliable. */
5446         break;
5447     case 0x1C:
5448         if (accel_uses_host_cpuid() && cpu->enable_pmu &&
5449             (env->features[FEAT_7_0_EDX] & CPUID_7_0_EDX_ARCH_LBR)) {
5450             x86_cpu_get_supported_cpuid(0x1C, 0, eax, ebx, ecx, edx);
5451             *edx = 0;
5452         }
5453         break;
5454     case 0x1F:
5455         /* V2 Extended Topology Enumeration Leaf */
5456         if (env->nr_dies < 2) {
5457             *eax = *ebx = *ecx = *edx = 0;
5458             break;
5459         }
5460 
5461         *ecx = count & 0xff;
5462         *edx = cpu->apic_id;
5463         switch (count) {
5464         case 0:
5465             *eax = apicid_core_offset(&topo_info);
5466             *ebx = cs->nr_threads;
5467             *ecx |= CPUID_TOPOLOGY_LEVEL_SMT;
5468             break;
5469         case 1:
5470             *eax = apicid_die_offset(&topo_info);
5471             *ebx = cs->nr_cores * cs->nr_threads;
5472             *ecx |= CPUID_TOPOLOGY_LEVEL_CORE;
5473             break;
5474         case 2:
5475             *eax = apicid_pkg_offset(&topo_info);
5476             *ebx = env->nr_dies * cs->nr_cores * cs->nr_threads;
5477             *ecx |= CPUID_TOPOLOGY_LEVEL_DIE;
5478             break;
5479         default:
5480             *eax = 0;
5481             *ebx = 0;
5482             *ecx |= CPUID_TOPOLOGY_LEVEL_INVALID;
5483         }
5484         assert(!(*eax & ~0x1f));
5485         *ebx &= 0xffff; /* The count doesn't need to be reliable. */
5486         break;
5487     case 0xD: {
5488         /* Processor Extended State */
5489         *eax = 0;
5490         *ebx = 0;
5491         *ecx = 0;
5492         *edx = 0;
5493         if (!(env->features[FEAT_1_ECX] & CPUID_EXT_XSAVE)) {
5494             break;
5495         }
5496 
5497         if (count == 0) {
5498             *ecx = xsave_area_size(x86_cpu_xsave_xcr0_components(cpu), false);
5499             *eax = env->features[FEAT_XSAVE_XCR0_LO];
5500             *edx = env->features[FEAT_XSAVE_XCR0_HI];
5501             /*
5502              * The initial value of xcr0 and ebx == 0, On host without kvm
5503              * commit 412a3c41(e.g., CentOS 6), the ebx's value always == 0
5504              * even through guest update xcr0, this will crash some legacy guest
5505              * (e.g., CentOS 6), So set ebx == ecx to workaroud it.
5506              */
5507             *ebx = kvm_enabled() ? *ecx : xsave_area_size(env->xcr0, false);
5508         } else if (count == 1) {
5509             uint64_t xstate = x86_cpu_xsave_xcr0_components(cpu) |
5510                               x86_cpu_xsave_xss_components(cpu);
5511 
5512             *eax = env->features[FEAT_XSAVE];
5513             *ebx = xsave_area_size(xstate, true);
5514             *ecx = env->features[FEAT_XSAVE_XSS_LO];
5515             *edx = env->features[FEAT_XSAVE_XSS_HI];
5516             if (kvm_enabled() && cpu->enable_pmu &&
5517                 (env->features[FEAT_7_0_EDX] & CPUID_7_0_EDX_ARCH_LBR) &&
5518                 (*eax & CPUID_XSAVE_XSAVES)) {
5519                 *ecx |= XSTATE_ARCH_LBR_MASK;
5520             } else {
5521                 *ecx &= ~XSTATE_ARCH_LBR_MASK;
5522             }
5523         } else if (count == 0xf &&
5524                    accel_uses_host_cpuid() && cpu->enable_pmu &&
5525                    (env->features[FEAT_7_0_EDX] & CPUID_7_0_EDX_ARCH_LBR)) {
5526             x86_cpu_get_supported_cpuid(0xD, count, eax, ebx, ecx, edx);
5527         } else if (count < ARRAY_SIZE(x86_ext_save_areas)) {
5528             const ExtSaveArea *esa = &x86_ext_save_areas[count];
5529 
5530             if (x86_cpu_xsave_xcr0_components(cpu) & (1ULL << count)) {
5531                 *eax = esa->size;
5532                 *ebx = esa->offset;
5533                 *ecx = esa->ecx &
5534                        (ESA_FEATURE_ALIGN64_MASK | ESA_FEATURE_XFD_MASK);
5535             } else if (x86_cpu_xsave_xss_components(cpu) & (1ULL << count)) {
5536                 *eax = esa->size;
5537                 *ebx = 0;
5538                 *ecx = 1;
5539             }
5540         }
5541         break;
5542     }
5543     case 0x12:
5544 #ifndef CONFIG_USER_ONLY
5545         if (!kvm_enabled() ||
5546             !(env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_SGX)) {
5547             *eax = *ebx = *ecx = *edx = 0;
5548             break;
5549         }
5550 
5551         /*
5552          * SGX sub-leafs CPUID.0x12.{0x2..N} enumerate EPC sections.  Retrieve
5553          * the EPC properties, e.g. confidentiality and integrity, from the
5554          * host's first EPC section, i.e. assume there is one EPC section or
5555          * that all EPC sections have the same security properties.
5556          */
5557         if (count > 1) {
5558             uint64_t epc_addr, epc_size;
5559 
5560             if (sgx_epc_get_section(count - 2, &epc_addr, &epc_size)) {
5561                 *eax = *ebx = *ecx = *edx = 0;
5562                 break;
5563             }
5564             host_cpuid(index, 2, eax, ebx, ecx, edx);
5565             *eax = (uint32_t)(epc_addr & 0xfffff000) | 0x1;
5566             *ebx = (uint32_t)(epc_addr >> 32);
5567             *ecx = (uint32_t)(epc_size & 0xfffff000) | (*ecx & 0xf);
5568             *edx = (uint32_t)(epc_size >> 32);
5569             break;
5570         }
5571 
5572         /*
5573          * SGX sub-leafs CPUID.0x12.{0x0,0x1} are heavily dependent on hardware
5574          * and KVM, i.e. QEMU cannot emulate features to override what KVM
5575          * supports.  Features can be further restricted by userspace, but not
5576          * made more permissive.
5577          */
5578         x86_cpu_get_supported_cpuid(0x12, count, eax, ebx, ecx, edx);
5579 
5580         if (count == 0) {
5581             *eax &= env->features[FEAT_SGX_12_0_EAX];
5582             *ebx &= env->features[FEAT_SGX_12_0_EBX];
5583         } else {
5584             *eax &= env->features[FEAT_SGX_12_1_EAX];
5585             *ebx &= 0; /* ebx reserve */
5586             *ecx &= env->features[FEAT_XSAVE_XSS_LO];
5587             *edx &= env->features[FEAT_XSAVE_XSS_HI];
5588 
5589             /* FP and SSE are always allowed regardless of XSAVE/XCR0. */
5590             *ecx |= XSTATE_FP_MASK | XSTATE_SSE_MASK;
5591 
5592             /* Access to PROVISIONKEY requires additional credentials. */
5593             if ((*eax & (1U << 4)) &&
5594                 !kvm_enable_sgx_provisioning(cs->kvm_state)) {
5595                 *eax &= ~(1U << 4);
5596             }
5597         }
5598 #endif
5599         break;
5600     case 0x14: {
5601         /* Intel Processor Trace Enumeration */
5602         *eax = 0;
5603         *ebx = 0;
5604         *ecx = 0;
5605         *edx = 0;
5606         if (!(env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_INTEL_PT) ||
5607             !kvm_enabled()) {
5608             break;
5609         }
5610 
5611         if (count == 0) {
5612             *eax = INTEL_PT_MAX_SUBLEAF;
5613             *ebx = INTEL_PT_MINIMAL_EBX;
5614             *ecx = INTEL_PT_MINIMAL_ECX;
5615             if (env->features[FEAT_14_0_ECX] & CPUID_14_0_ECX_LIP) {
5616                 *ecx |= CPUID_14_0_ECX_LIP;
5617             }
5618         } else if (count == 1) {
5619             *eax = INTEL_PT_MTC_BITMAP | INTEL_PT_ADDR_RANGES_NUM;
5620             *ebx = INTEL_PT_PSB_BITMAP | INTEL_PT_CYCLE_BITMAP;
5621         }
5622         break;
5623     }
5624     case 0x1D: {
5625         /* AMX TILE */
5626         *eax = 0;
5627         *ebx = 0;
5628         *ecx = 0;
5629         *edx = 0;
5630         if (!(env->features[FEAT_7_0_EDX] & CPUID_7_0_EDX_AMX_TILE)) {
5631             break;
5632         }
5633 
5634         if (count == 0) {
5635             /* Highest numbered palette subleaf */
5636             *eax = INTEL_AMX_TILE_MAX_SUBLEAF;
5637         } else if (count == 1) {
5638             *eax = INTEL_AMX_TOTAL_TILE_BYTES |
5639                    (INTEL_AMX_BYTES_PER_TILE << 16);
5640             *ebx = INTEL_AMX_BYTES_PER_ROW | (INTEL_AMX_TILE_MAX_NAMES << 16);
5641             *ecx = INTEL_AMX_TILE_MAX_ROWS;
5642         }
5643         break;
5644     }
5645     case 0x1E: {
5646         /* AMX TMUL */
5647         *eax = 0;
5648         *ebx = 0;
5649         *ecx = 0;
5650         *edx = 0;
5651         if (!(env->features[FEAT_7_0_EDX] & CPUID_7_0_EDX_AMX_TILE)) {
5652             break;
5653         }
5654 
5655         if (count == 0) {
5656             /* Highest numbered palette subleaf */
5657             *ebx = INTEL_AMX_TMUL_MAX_K | (INTEL_AMX_TMUL_MAX_N << 8);
5658         }
5659         break;
5660     }
5661     case 0x40000000:
5662         /*
5663          * CPUID code in kvm_arch_init_vcpu() ignores stuff
5664          * set here, but we restrict to TCG none the less.
5665          */
5666         if (tcg_enabled() && cpu->expose_tcg) {
5667             memcpy(signature, "TCGTCGTCGTCG", 12);
5668             *eax = 0x40000001;
5669             *ebx = signature[0];
5670             *ecx = signature[1];
5671             *edx = signature[2];
5672         } else {
5673             *eax = 0;
5674             *ebx = 0;
5675             *ecx = 0;
5676             *edx = 0;
5677         }
5678         break;
5679     case 0x40000001:
5680         *eax = 0;
5681         *ebx = 0;
5682         *ecx = 0;
5683         *edx = 0;
5684         break;
5685     case 0x80000000:
5686         *eax = env->cpuid_xlevel;
5687         *ebx = env->cpuid_vendor1;
5688         *edx = env->cpuid_vendor2;
5689         *ecx = env->cpuid_vendor3;
5690         break;
5691     case 0x80000001:
5692         *eax = env->cpuid_version;
5693         *ebx = 0;
5694         *ecx = env->features[FEAT_8000_0001_ECX];
5695         *edx = env->features[FEAT_8000_0001_EDX];
5696 
5697         /* The Linux kernel checks for the CMPLegacy bit and
5698          * discards multiple thread information if it is set.
5699          * So don't set it here for Intel to make Linux guests happy.
5700          */
5701         if (cs->nr_cores * cs->nr_threads > 1) {
5702             if (env->cpuid_vendor1 != CPUID_VENDOR_INTEL_1 ||
5703                 env->cpuid_vendor2 != CPUID_VENDOR_INTEL_2 ||
5704                 env->cpuid_vendor3 != CPUID_VENDOR_INTEL_3) {
5705                 *ecx |= 1 << 1;    /* CmpLegacy bit */
5706             }
5707         }
5708         break;
5709     case 0x80000002:
5710     case 0x80000003:
5711     case 0x80000004:
5712         *eax = env->cpuid_model[(index - 0x80000002) * 4 + 0];
5713         *ebx = env->cpuid_model[(index - 0x80000002) * 4 + 1];
5714         *ecx = env->cpuid_model[(index - 0x80000002) * 4 + 2];
5715         *edx = env->cpuid_model[(index - 0x80000002) * 4 + 3];
5716         break;
5717     case 0x80000005:
5718         /* cache info (L1 cache) */
5719         if (cpu->cache_info_passthrough) {
5720             x86_cpu_get_cache_cpuid(index, 0, eax, ebx, ecx, edx);
5721             break;
5722         }
5723         *eax = (L1_DTLB_2M_ASSOC << 24) | (L1_DTLB_2M_ENTRIES << 16) |
5724                (L1_ITLB_2M_ASSOC <<  8) | (L1_ITLB_2M_ENTRIES);
5725         *ebx = (L1_DTLB_4K_ASSOC << 24) | (L1_DTLB_4K_ENTRIES << 16) |
5726                (L1_ITLB_4K_ASSOC <<  8) | (L1_ITLB_4K_ENTRIES);
5727         *ecx = encode_cache_cpuid80000005(env->cache_info_amd.l1d_cache);
5728         *edx = encode_cache_cpuid80000005(env->cache_info_amd.l1i_cache);
5729         break;
5730     case 0x80000006:
5731         /* cache info (L2 cache) */
5732         if (cpu->cache_info_passthrough) {
5733             x86_cpu_get_cache_cpuid(index, 0, eax, ebx, ecx, edx);
5734             break;
5735         }
5736         *eax = (AMD_ENC_ASSOC(L2_DTLB_2M_ASSOC) << 28) |
5737                (L2_DTLB_2M_ENTRIES << 16) |
5738                (AMD_ENC_ASSOC(L2_ITLB_2M_ASSOC) << 12) |
5739                (L2_ITLB_2M_ENTRIES);
5740         *ebx = (AMD_ENC_ASSOC(L2_DTLB_4K_ASSOC) << 28) |
5741                (L2_DTLB_4K_ENTRIES << 16) |
5742                (AMD_ENC_ASSOC(L2_ITLB_4K_ASSOC) << 12) |
5743                (L2_ITLB_4K_ENTRIES);
5744         encode_cache_cpuid80000006(env->cache_info_amd.l2_cache,
5745                                    cpu->enable_l3_cache ?
5746                                    env->cache_info_amd.l3_cache : NULL,
5747                                    ecx, edx);
5748         break;
5749     case 0x80000007:
5750         *eax = 0;
5751         *ebx = 0;
5752         *ecx = 0;
5753         *edx = env->features[FEAT_8000_0007_EDX];
5754         break;
5755     case 0x80000008:
5756         /* virtual & phys address size in low 2 bytes. */
5757         *eax = cpu->phys_bits;
5758         if (env->features[FEAT_8000_0001_EDX] & CPUID_EXT2_LM) {
5759             /* 64 bit processor */
5760              *eax |= (cpu_x86_virtual_addr_width(env) << 8);
5761         }
5762         *ebx = env->features[FEAT_8000_0008_EBX];
5763         if (cs->nr_cores * cs->nr_threads > 1) {
5764             /*
5765              * Bits 15:12 is "The number of bits in the initial
5766              * Core::X86::Apic::ApicId[ApicId] value that indicate
5767              * thread ID within a package".
5768              * Bits 7:0 is "The number of threads in the package is NC+1"
5769              */
5770             *ecx = (apicid_pkg_offset(&topo_info) << 12) |
5771                    ((cs->nr_cores * cs->nr_threads) - 1);
5772         } else {
5773             *ecx = 0;
5774         }
5775         *edx = 0;
5776         break;
5777     case 0x8000000A:
5778         if (env->features[FEAT_8000_0001_ECX] & CPUID_EXT3_SVM) {
5779             *eax = 0x00000001; /* SVM Revision */
5780             *ebx = 0x00000010; /* nr of ASIDs */
5781             *ecx = 0;
5782             *edx = env->features[FEAT_SVM]; /* optional features */
5783         } else {
5784             *eax = 0;
5785             *ebx = 0;
5786             *ecx = 0;
5787             *edx = 0;
5788         }
5789         break;
5790     case 0x8000001D:
5791         *eax = 0;
5792         if (cpu->cache_info_passthrough) {
5793             x86_cpu_get_cache_cpuid(index, count, eax, ebx, ecx, edx);
5794             break;
5795         }
5796         switch (count) {
5797         case 0: /* L1 dcache info */
5798             encode_cache_cpuid8000001d(env->cache_info_amd.l1d_cache,
5799                                        &topo_info, eax, ebx, ecx, edx);
5800             break;
5801         case 1: /* L1 icache info */
5802             encode_cache_cpuid8000001d(env->cache_info_amd.l1i_cache,
5803                                        &topo_info, eax, ebx, ecx, edx);
5804             break;
5805         case 2: /* L2 cache info */
5806             encode_cache_cpuid8000001d(env->cache_info_amd.l2_cache,
5807                                        &topo_info, eax, ebx, ecx, edx);
5808             break;
5809         case 3: /* L3 cache info */
5810             encode_cache_cpuid8000001d(env->cache_info_amd.l3_cache,
5811                                        &topo_info, eax, ebx, ecx, edx);
5812             break;
5813         default: /* end of info */
5814             *eax = *ebx = *ecx = *edx = 0;
5815             break;
5816         }
5817         break;
5818     case 0x8000001E:
5819         if (cpu->core_id <= 255) {
5820             encode_topo_cpuid8000001e(cpu, &topo_info, eax, ebx, ecx, edx);
5821         } else {
5822             *eax = 0;
5823             *ebx = 0;
5824             *ecx = 0;
5825             *edx = 0;
5826         }
5827         break;
5828     case 0xC0000000:
5829         *eax = env->cpuid_xlevel2;
5830         *ebx = 0;
5831         *ecx = 0;
5832         *edx = 0;
5833         break;
5834     case 0xC0000001:
5835         /* Support for VIA CPU's CPUID instruction */
5836         *eax = env->cpuid_version;
5837         *ebx = 0;
5838         *ecx = 0;
5839         *edx = env->features[FEAT_C000_0001_EDX];
5840         break;
5841     case 0xC0000002:
5842     case 0xC0000003:
5843     case 0xC0000004:
5844         /* Reserved for the future, and now filled with zero */
5845         *eax = 0;
5846         *ebx = 0;
5847         *ecx = 0;
5848         *edx = 0;
5849         break;
5850     case 0x8000001F:
5851         *eax = *ebx = *ecx = *edx = 0;
5852         if (sev_enabled()) {
5853             *eax = 0x2;
5854             *eax |= sev_es_enabled() ? 0x8 : 0;
5855             *ebx = sev_get_cbit_position();
5856             *ebx |= sev_get_reduced_phys_bits() << 6;
5857         }
5858         break;
5859     default:
5860         /* reserved values: zero */
5861         *eax = 0;
5862         *ebx = 0;
5863         *ecx = 0;
5864         *edx = 0;
5865         break;
5866     }
5867 }
5868 
5869 static void x86_cpu_set_sgxlepubkeyhash(CPUX86State *env)
5870 {
5871 #ifndef CONFIG_USER_ONLY
5872     /* Those default values are defined in Skylake HW */
5873     env->msr_ia32_sgxlepubkeyhash[0] = 0xa6053e051270b7acULL;
5874     env->msr_ia32_sgxlepubkeyhash[1] = 0x6cfbe8ba8b3b413dULL;
5875     env->msr_ia32_sgxlepubkeyhash[2] = 0xc4916d99f2b3735dULL;
5876     env->msr_ia32_sgxlepubkeyhash[3] = 0xd4f8c05909f9bb3bULL;
5877 #endif
5878 }
5879 
5880 static void x86_cpu_reset_hold(Object *obj)
5881 {
5882     CPUState *s = CPU(obj);
5883     X86CPU *cpu = X86_CPU(s);
5884     X86CPUClass *xcc = X86_CPU_GET_CLASS(cpu);
5885     CPUX86State *env = &cpu->env;
5886     target_ulong cr4;
5887     uint64_t xcr0;
5888     int i;
5889 
5890     if (xcc->parent_phases.hold) {
5891         xcc->parent_phases.hold(obj);
5892     }
5893 
5894     memset(env, 0, offsetof(CPUX86State, end_reset_fields));
5895 
5896     env->old_exception = -1;
5897 
5898     /* init to reset state */
5899     env->int_ctl = 0;
5900     env->hflags2 |= HF2_GIF_MASK;
5901     env->hflags2 |= HF2_VGIF_MASK;
5902     env->hflags &= ~HF_GUEST_MASK;
5903 
5904     cpu_x86_update_cr0(env, 0x60000010);
5905     env->a20_mask = ~0x0;
5906     env->smbase = 0x30000;
5907     env->msr_smi_count = 0;
5908 
5909     env->idt.limit = 0xffff;
5910     env->gdt.limit = 0xffff;
5911     env->ldt.limit = 0xffff;
5912     env->ldt.flags = DESC_P_MASK | (2 << DESC_TYPE_SHIFT);
5913     env->tr.limit = 0xffff;
5914     env->tr.flags = DESC_P_MASK | (11 << DESC_TYPE_SHIFT);
5915 
5916     cpu_x86_load_seg_cache(env, R_CS, 0xf000, 0xffff0000, 0xffff,
5917                            DESC_P_MASK | DESC_S_MASK | DESC_CS_MASK |
5918                            DESC_R_MASK | DESC_A_MASK);
5919     cpu_x86_load_seg_cache(env, R_DS, 0, 0, 0xffff,
5920                            DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
5921                            DESC_A_MASK);
5922     cpu_x86_load_seg_cache(env, R_ES, 0, 0, 0xffff,
5923                            DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
5924                            DESC_A_MASK);
5925     cpu_x86_load_seg_cache(env, R_SS, 0, 0, 0xffff,
5926                            DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
5927                            DESC_A_MASK);
5928     cpu_x86_load_seg_cache(env, R_FS, 0, 0, 0xffff,
5929                            DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
5930                            DESC_A_MASK);
5931     cpu_x86_load_seg_cache(env, R_GS, 0, 0, 0xffff,
5932                            DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
5933                            DESC_A_MASK);
5934 
5935     env->eip = 0xfff0;
5936     env->regs[R_EDX] = env->cpuid_version;
5937 
5938     env->eflags = 0x2;
5939 
5940     /* FPU init */
5941     for (i = 0; i < 8; i++) {
5942         env->fptags[i] = 1;
5943     }
5944     cpu_set_fpuc(env, 0x37f);
5945 
5946     env->mxcsr = 0x1f80;
5947     /* All units are in INIT state.  */
5948     env->xstate_bv = 0;
5949 
5950     env->pat = 0x0007040600070406ULL;
5951 
5952     if (kvm_enabled()) {
5953         /*
5954          * KVM handles TSC = 0 specially and thinks we are hot-plugging
5955          * a new CPU, use 1 instead to force a reset.
5956          */
5957         if (env->tsc != 0) {
5958             env->tsc = 1;
5959         }
5960     } else {
5961         env->tsc = 0;
5962     }
5963 
5964     env->msr_ia32_misc_enable = MSR_IA32_MISC_ENABLE_DEFAULT;
5965     if (env->features[FEAT_1_ECX] & CPUID_EXT_MONITOR) {
5966         env->msr_ia32_misc_enable |= MSR_IA32_MISC_ENABLE_MWAIT;
5967     }
5968 
5969     memset(env->dr, 0, sizeof(env->dr));
5970     env->dr[6] = DR6_FIXED_1;
5971     env->dr[7] = DR7_FIXED_1;
5972     cpu_breakpoint_remove_all(s, BP_CPU);
5973     cpu_watchpoint_remove_all(s, BP_CPU);
5974 
5975     cr4 = 0;
5976     xcr0 = XSTATE_FP_MASK;
5977 
5978 #ifdef CONFIG_USER_ONLY
5979     /* Enable all the features for user-mode.  */
5980     if (env->features[FEAT_1_EDX] & CPUID_SSE) {
5981         xcr0 |= XSTATE_SSE_MASK;
5982     }
5983     for (i = 2; i < ARRAY_SIZE(x86_ext_save_areas); i++) {
5984         const ExtSaveArea *esa = &x86_ext_save_areas[i];
5985         if (!((1 << i) & CPUID_XSTATE_XCR0_MASK)) {
5986             continue;
5987         }
5988         if (env->features[esa->feature] & esa->bits) {
5989             xcr0 |= 1ull << i;
5990         }
5991     }
5992 
5993     if (env->features[FEAT_1_ECX] & CPUID_EXT_XSAVE) {
5994         cr4 |= CR4_OSFXSR_MASK | CR4_OSXSAVE_MASK;
5995     }
5996     if (env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_FSGSBASE) {
5997         cr4 |= CR4_FSGSBASE_MASK;
5998     }
5999 #endif
6000 
6001     env->xcr0 = xcr0;
6002     cpu_x86_update_cr4(env, cr4);
6003 
6004     /*
6005      * SDM 11.11.5 requires:
6006      *  - IA32_MTRR_DEF_TYPE MSR.E = 0
6007      *  - IA32_MTRR_PHYSMASKn.V = 0
6008      * All other bits are undefined.  For simplification, zero it all.
6009      */
6010     env->mtrr_deftype = 0;
6011     memset(env->mtrr_var, 0, sizeof(env->mtrr_var));
6012     memset(env->mtrr_fixed, 0, sizeof(env->mtrr_fixed));
6013 
6014     env->interrupt_injected = -1;
6015     env->exception_nr = -1;
6016     env->exception_pending = 0;
6017     env->exception_injected = 0;
6018     env->exception_has_payload = false;
6019     env->exception_payload = 0;
6020     env->nmi_injected = false;
6021     env->triple_fault_pending = false;
6022 #if !defined(CONFIG_USER_ONLY)
6023     /* We hard-wire the BSP to the first CPU. */
6024     apic_designate_bsp(cpu->apic_state, s->cpu_index == 0);
6025 
6026     s->halted = !cpu_is_bsp(cpu);
6027 
6028     if (kvm_enabled()) {
6029         kvm_arch_reset_vcpu(cpu);
6030     }
6031 
6032     x86_cpu_set_sgxlepubkeyhash(env);
6033 
6034     env->amd_tsc_scale_msr =  MSR_AMD64_TSC_RATIO_DEFAULT;
6035 
6036 #endif
6037 }
6038 
6039 void x86_cpu_after_reset(X86CPU *cpu)
6040 {
6041 #ifndef CONFIG_USER_ONLY
6042     if (kvm_enabled()) {
6043         kvm_arch_after_reset_vcpu(cpu);
6044     }
6045 
6046     if (cpu->apic_state) {
6047         device_cold_reset(cpu->apic_state);
6048     }
6049 #endif
6050 }
6051 
6052 static void mce_init(X86CPU *cpu)
6053 {
6054     CPUX86State *cenv = &cpu->env;
6055     unsigned int bank;
6056 
6057     if (((cenv->cpuid_version >> 8) & 0xf) >= 6
6058         && (cenv->features[FEAT_1_EDX] & (CPUID_MCE | CPUID_MCA)) ==
6059             (CPUID_MCE | CPUID_MCA)) {
6060         cenv->mcg_cap = MCE_CAP_DEF | MCE_BANKS_DEF |
6061                         (cpu->enable_lmce ? MCG_LMCE_P : 0);
6062         cenv->mcg_ctl = ~(uint64_t)0;
6063         for (bank = 0; bank < MCE_BANKS_DEF; bank++) {
6064             cenv->mce_banks[bank * 4] = ~(uint64_t)0;
6065         }
6066     }
6067 }
6068 
6069 static void x86_cpu_adjust_level(X86CPU *cpu, uint32_t *min, uint32_t value)
6070 {
6071     if (*min < value) {
6072         *min = value;
6073     }
6074 }
6075 
6076 /* Increase cpuid_min_{level,xlevel,xlevel2} automatically, if appropriate */
6077 static void x86_cpu_adjust_feat_level(X86CPU *cpu, FeatureWord w)
6078 {
6079     CPUX86State *env = &cpu->env;
6080     FeatureWordInfo *fi = &feature_word_info[w];
6081     uint32_t eax = fi->cpuid.eax;
6082     uint32_t region = eax & 0xF0000000;
6083 
6084     assert(feature_word_info[w].type == CPUID_FEATURE_WORD);
6085     if (!env->features[w]) {
6086         return;
6087     }
6088 
6089     switch (region) {
6090     case 0x00000000:
6091         x86_cpu_adjust_level(cpu, &env->cpuid_min_level, eax);
6092     break;
6093     case 0x80000000:
6094         x86_cpu_adjust_level(cpu, &env->cpuid_min_xlevel, eax);
6095     break;
6096     case 0xC0000000:
6097         x86_cpu_adjust_level(cpu, &env->cpuid_min_xlevel2, eax);
6098     break;
6099     }
6100 
6101     if (eax == 7) {
6102         x86_cpu_adjust_level(cpu, &env->cpuid_min_level_func7,
6103                              fi->cpuid.ecx);
6104     }
6105 }
6106 
6107 /* Calculate XSAVE components based on the configured CPU feature flags */
6108 static void x86_cpu_enable_xsave_components(X86CPU *cpu)
6109 {
6110     CPUX86State *env = &cpu->env;
6111     int i;
6112     uint64_t mask;
6113     static bool request_perm;
6114 
6115     if (!(env->features[FEAT_1_ECX] & CPUID_EXT_XSAVE)) {
6116         env->features[FEAT_XSAVE_XCR0_LO] = 0;
6117         env->features[FEAT_XSAVE_XCR0_HI] = 0;
6118         return;
6119     }
6120 
6121     mask = 0;
6122     for (i = 0; i < ARRAY_SIZE(x86_ext_save_areas); i++) {
6123         const ExtSaveArea *esa = &x86_ext_save_areas[i];
6124         if (env->features[esa->feature] & esa->bits) {
6125             mask |= (1ULL << i);
6126         }
6127     }
6128 
6129     /* Only request permission for first vcpu */
6130     if (kvm_enabled() && !request_perm) {
6131         kvm_request_xsave_components(cpu, mask);
6132         request_perm = true;
6133     }
6134 
6135     env->features[FEAT_XSAVE_XCR0_LO] = mask & CPUID_XSTATE_XCR0_MASK;
6136     env->features[FEAT_XSAVE_XCR0_HI] = mask >> 32;
6137     env->features[FEAT_XSAVE_XSS_LO] = mask & CPUID_XSTATE_XSS_MASK;
6138     env->features[FEAT_XSAVE_XSS_HI] = mask >> 32;
6139 }
6140 
6141 /***** Steps involved on loading and filtering CPUID data
6142  *
6143  * When initializing and realizing a CPU object, the steps
6144  * involved in setting up CPUID data are:
6145  *
6146  * 1) Loading CPU model definition (X86CPUDefinition). This is
6147  *    implemented by x86_cpu_load_model() and should be completely
6148  *    transparent, as it is done automatically by instance_init.
6149  *    No code should need to look at X86CPUDefinition structs
6150  *    outside instance_init.
6151  *
6152  * 2) CPU expansion. This is done by realize before CPUID
6153  *    filtering, and will make sure host/accelerator data is
6154  *    loaded for CPU models that depend on host capabilities
6155  *    (e.g. "host"). Done by x86_cpu_expand_features().
6156  *
6157  * 3) CPUID filtering. This initializes extra data related to
6158  *    CPUID, and checks if the host supports all capabilities
6159  *    required by the CPU. Runnability of a CPU model is
6160  *    determined at this step. Done by x86_cpu_filter_features().
6161  *
6162  * Some operations don't require all steps to be performed.
6163  * More precisely:
6164  *
6165  * - CPU instance creation (instance_init) will run only CPU
6166  *   model loading. CPU expansion can't run at instance_init-time
6167  *   because host/accelerator data may be not available yet.
6168  * - CPU realization will perform both CPU model expansion and CPUID
6169  *   filtering, and return an error in case one of them fails.
6170  * - query-cpu-definitions needs to run all 3 steps. It needs
6171  *   to run CPUID filtering, as the 'unavailable-features'
6172  *   field is set based on the filtering results.
6173  * - The query-cpu-model-expansion QMP command only needs to run
6174  *   CPU model loading and CPU expansion. It should not filter
6175  *   any CPUID data based on host capabilities.
6176  */
6177 
6178 /* Expand CPU configuration data, based on configured features
6179  * and host/accelerator capabilities when appropriate.
6180  */
6181 void x86_cpu_expand_features(X86CPU *cpu, Error **errp)
6182 {
6183     CPUX86State *env = &cpu->env;
6184     FeatureWord w;
6185     int i;
6186     GList *l;
6187 
6188     for (l = plus_features; l; l = l->next) {
6189         const char *prop = l->data;
6190         if (!object_property_set_bool(OBJECT(cpu), prop, true, errp)) {
6191             return;
6192         }
6193     }
6194 
6195     for (l = minus_features; l; l = l->next) {
6196         const char *prop = l->data;
6197         if (!object_property_set_bool(OBJECT(cpu), prop, false, errp)) {
6198             return;
6199         }
6200     }
6201 
6202     /*TODO: Now cpu->max_features doesn't overwrite features
6203      * set using QOM properties, and we can convert
6204      * plus_features & minus_features to global properties
6205      * inside x86_cpu_parse_featurestr() too.
6206      */
6207     if (cpu->max_features) {
6208         for (w = 0; w < FEATURE_WORDS; w++) {
6209             /* Override only features that weren't set explicitly
6210              * by the user.
6211              */
6212             env->features[w] |=
6213                 x86_cpu_get_supported_feature_word(w, cpu->migratable) &
6214                 ~env->user_features[w] &
6215                 ~feature_word_info[w].no_autoenable_flags;
6216         }
6217     }
6218 
6219     for (i = 0; i < ARRAY_SIZE(feature_dependencies); i++) {
6220         FeatureDep *d = &feature_dependencies[i];
6221         if (!(env->features[d->from.index] & d->from.mask)) {
6222             uint64_t unavailable_features = env->features[d->to.index] & d->to.mask;
6223 
6224             /* Not an error unless the dependent feature was added explicitly.  */
6225             mark_unavailable_features(cpu, d->to.index,
6226                                       unavailable_features & env->user_features[d->to.index],
6227                                       "This feature depends on other features that were not requested");
6228 
6229             env->features[d->to.index] &= ~unavailable_features;
6230         }
6231     }
6232 
6233     if (!kvm_enabled() || !cpu->expose_kvm) {
6234         env->features[FEAT_KVM] = 0;
6235     }
6236 
6237     x86_cpu_enable_xsave_components(cpu);
6238 
6239     /* CPUID[EAX=7,ECX=0].EBX always increased level automatically: */
6240     x86_cpu_adjust_feat_level(cpu, FEAT_7_0_EBX);
6241     if (cpu->full_cpuid_auto_level) {
6242         x86_cpu_adjust_feat_level(cpu, FEAT_1_EDX);
6243         x86_cpu_adjust_feat_level(cpu, FEAT_1_ECX);
6244         x86_cpu_adjust_feat_level(cpu, FEAT_6_EAX);
6245         x86_cpu_adjust_feat_level(cpu, FEAT_7_0_ECX);
6246         x86_cpu_adjust_feat_level(cpu, FEAT_7_1_EAX);
6247         x86_cpu_adjust_feat_level(cpu, FEAT_8000_0001_EDX);
6248         x86_cpu_adjust_feat_level(cpu, FEAT_8000_0001_ECX);
6249         x86_cpu_adjust_feat_level(cpu, FEAT_8000_0007_EDX);
6250         x86_cpu_adjust_feat_level(cpu, FEAT_8000_0008_EBX);
6251         x86_cpu_adjust_feat_level(cpu, FEAT_C000_0001_EDX);
6252         x86_cpu_adjust_feat_level(cpu, FEAT_SVM);
6253         x86_cpu_adjust_feat_level(cpu, FEAT_XSAVE);
6254 
6255         /* Intel Processor Trace requires CPUID[0x14] */
6256         if ((env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_INTEL_PT)) {
6257             if (cpu->intel_pt_auto_level) {
6258                 x86_cpu_adjust_level(cpu, &cpu->env.cpuid_min_level, 0x14);
6259             } else if (cpu->env.cpuid_min_level < 0x14) {
6260                 mark_unavailable_features(cpu, FEAT_7_0_EBX,
6261                     CPUID_7_0_EBX_INTEL_PT,
6262                     "Intel PT need CPUID leaf 0x14, please set by \"-cpu ...,intel-pt=on,min-level=0x14\"");
6263             }
6264         }
6265 
6266         /*
6267          * Intel CPU topology with multi-dies support requires CPUID[0x1F].
6268          * For AMD Rome/Milan, cpuid level is 0x10, and guest OS should detect
6269          * extended toplogy by leaf 0xB. Only adjust it for Intel CPU, unless
6270          * cpu->vendor_cpuid_only has been unset for compatibility with older
6271          * machine types.
6272          */
6273         if ((env->nr_dies > 1) &&
6274             (IS_INTEL_CPU(env) || !cpu->vendor_cpuid_only)) {
6275             x86_cpu_adjust_level(cpu, &env->cpuid_min_level, 0x1F);
6276         }
6277 
6278         /* SVM requires CPUID[0x8000000A] */
6279         if (env->features[FEAT_8000_0001_ECX] & CPUID_EXT3_SVM) {
6280             x86_cpu_adjust_level(cpu, &env->cpuid_min_xlevel, 0x8000000A);
6281         }
6282 
6283         /* SEV requires CPUID[0x8000001F] */
6284         if (sev_enabled()) {
6285             x86_cpu_adjust_level(cpu, &env->cpuid_min_xlevel, 0x8000001F);
6286         }
6287 
6288         /* SGX requires CPUID[0x12] for EPC enumeration */
6289         if (env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_SGX) {
6290             x86_cpu_adjust_level(cpu, &env->cpuid_min_level, 0x12);
6291         }
6292     }
6293 
6294     /* Set cpuid_*level* based on cpuid_min_*level, if not explicitly set */
6295     if (env->cpuid_level_func7 == UINT32_MAX) {
6296         env->cpuid_level_func7 = env->cpuid_min_level_func7;
6297     }
6298     if (env->cpuid_level == UINT32_MAX) {
6299         env->cpuid_level = env->cpuid_min_level;
6300     }
6301     if (env->cpuid_xlevel == UINT32_MAX) {
6302         env->cpuid_xlevel = env->cpuid_min_xlevel;
6303     }
6304     if (env->cpuid_xlevel2 == UINT32_MAX) {
6305         env->cpuid_xlevel2 = env->cpuid_min_xlevel2;
6306     }
6307 
6308     if (kvm_enabled()) {
6309         kvm_hyperv_expand_features(cpu, errp);
6310     }
6311 }
6312 
6313 /*
6314  * Finishes initialization of CPUID data, filters CPU feature
6315  * words based on host availability of each feature.
6316  *
6317  * Returns: 0 if all flags are supported by the host, non-zero otherwise.
6318  */
6319 static void x86_cpu_filter_features(X86CPU *cpu, bool verbose)
6320 {
6321     CPUX86State *env = &cpu->env;
6322     FeatureWord w;
6323     const char *prefix = NULL;
6324 
6325     if (verbose) {
6326         prefix = accel_uses_host_cpuid()
6327                  ? "host doesn't support requested feature"
6328                  : "TCG doesn't support requested feature";
6329     }
6330 
6331     for (w = 0; w < FEATURE_WORDS; w++) {
6332         uint64_t host_feat =
6333             x86_cpu_get_supported_feature_word(w, false);
6334         uint64_t requested_features = env->features[w];
6335         uint64_t unavailable_features = requested_features & ~host_feat;
6336         mark_unavailable_features(cpu, w, unavailable_features, prefix);
6337     }
6338 
6339     if ((env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_INTEL_PT) &&
6340         kvm_enabled()) {
6341         KVMState *s = CPU(cpu)->kvm_state;
6342         uint32_t eax_0 = kvm_arch_get_supported_cpuid(s, 0x14, 0, R_EAX);
6343         uint32_t ebx_0 = kvm_arch_get_supported_cpuid(s, 0x14, 0, R_EBX);
6344         uint32_t ecx_0 = kvm_arch_get_supported_cpuid(s, 0x14, 0, R_ECX);
6345         uint32_t eax_1 = kvm_arch_get_supported_cpuid(s, 0x14, 1, R_EAX);
6346         uint32_t ebx_1 = kvm_arch_get_supported_cpuid(s, 0x14, 1, R_EBX);
6347 
6348         if (!eax_0 ||
6349            ((ebx_0 & INTEL_PT_MINIMAL_EBX) != INTEL_PT_MINIMAL_EBX) ||
6350            ((ecx_0 & INTEL_PT_MINIMAL_ECX) != INTEL_PT_MINIMAL_ECX) ||
6351            ((eax_1 & INTEL_PT_MTC_BITMAP) != INTEL_PT_MTC_BITMAP) ||
6352            ((eax_1 & INTEL_PT_ADDR_RANGES_NUM_MASK) <
6353                                            INTEL_PT_ADDR_RANGES_NUM) ||
6354            ((ebx_1 & (INTEL_PT_PSB_BITMAP | INTEL_PT_CYCLE_BITMAP)) !=
6355                 (INTEL_PT_PSB_BITMAP | INTEL_PT_CYCLE_BITMAP)) ||
6356            ((ecx_0 & CPUID_14_0_ECX_LIP) !=
6357                 (env->features[FEAT_14_0_ECX] & CPUID_14_0_ECX_LIP))) {
6358             /*
6359              * Processor Trace capabilities aren't configurable, so if the
6360              * host can't emulate the capabilities we report on
6361              * cpu_x86_cpuid(), intel-pt can't be enabled on the current host.
6362              */
6363             mark_unavailable_features(cpu, FEAT_7_0_EBX, CPUID_7_0_EBX_INTEL_PT, prefix);
6364         }
6365     }
6366 }
6367 
6368 static void x86_cpu_hyperv_realize(X86CPU *cpu)
6369 {
6370     size_t len;
6371 
6372     /* Hyper-V vendor id */
6373     if (!cpu->hyperv_vendor) {
6374         object_property_set_str(OBJECT(cpu), "hv-vendor-id", "Microsoft Hv",
6375                                 &error_abort);
6376     }
6377     len = strlen(cpu->hyperv_vendor);
6378     if (len > 12) {
6379         warn_report("hv-vendor-id truncated to 12 characters");
6380         len = 12;
6381     }
6382     memset(cpu->hyperv_vendor_id, 0, 12);
6383     memcpy(cpu->hyperv_vendor_id, cpu->hyperv_vendor, len);
6384 
6385     /* 'Hv#1' interface identification*/
6386     cpu->hyperv_interface_id[0] = 0x31237648;
6387     cpu->hyperv_interface_id[1] = 0;
6388     cpu->hyperv_interface_id[2] = 0;
6389     cpu->hyperv_interface_id[3] = 0;
6390 
6391     /* Hypervisor implementation limits */
6392     cpu->hyperv_limits[0] = 64;
6393     cpu->hyperv_limits[1] = 0;
6394     cpu->hyperv_limits[2] = 0;
6395 }
6396 
6397 static void x86_cpu_realizefn(DeviceState *dev, Error **errp)
6398 {
6399     CPUState *cs = CPU(dev);
6400     X86CPU *cpu = X86_CPU(dev);
6401     X86CPUClass *xcc = X86_CPU_GET_CLASS(dev);
6402     CPUX86State *env = &cpu->env;
6403     Error *local_err = NULL;
6404     static bool ht_warned;
6405     unsigned requested_lbr_fmt;
6406 
6407     if (cpu->apic_id == UNASSIGNED_APIC_ID) {
6408         error_setg(errp, "apic-id property was not initialized properly");
6409         return;
6410     }
6411 
6412     /*
6413      * Process Hyper-V enlightenments.
6414      * Note: this currently has to happen before the expansion of CPU features.
6415      */
6416     x86_cpu_hyperv_realize(cpu);
6417 
6418     x86_cpu_expand_features(cpu, &local_err);
6419     if (local_err) {
6420         goto out;
6421     }
6422 
6423     /*
6424      * Override env->features[FEAT_PERF_CAPABILITIES].LBR_FMT
6425      * with user-provided setting.
6426      */
6427     if (cpu->lbr_fmt != ~PERF_CAP_LBR_FMT) {
6428         if ((cpu->lbr_fmt & PERF_CAP_LBR_FMT) != cpu->lbr_fmt) {
6429             error_setg(errp, "invalid lbr-fmt");
6430             return;
6431         }
6432         env->features[FEAT_PERF_CAPABILITIES] &= ~PERF_CAP_LBR_FMT;
6433         env->features[FEAT_PERF_CAPABILITIES] |= cpu->lbr_fmt;
6434     }
6435 
6436     /*
6437      * vPMU LBR is supported when 1) KVM is enabled 2) Option pmu=on and
6438      * 3)vPMU LBR format matches that of host setting.
6439      */
6440     requested_lbr_fmt =
6441         env->features[FEAT_PERF_CAPABILITIES] & PERF_CAP_LBR_FMT;
6442     if (requested_lbr_fmt && kvm_enabled()) {
6443         uint64_t host_perf_cap =
6444             x86_cpu_get_supported_feature_word(FEAT_PERF_CAPABILITIES, false);
6445         unsigned host_lbr_fmt = host_perf_cap & PERF_CAP_LBR_FMT;
6446 
6447         if (!cpu->enable_pmu) {
6448             error_setg(errp, "vPMU: LBR is unsupported without pmu=on");
6449             return;
6450         }
6451         if (requested_lbr_fmt != host_lbr_fmt) {
6452             error_setg(errp, "vPMU: the lbr-fmt value (0x%x) does not match "
6453                         "the host value (0x%x).",
6454                         requested_lbr_fmt, host_lbr_fmt);
6455             return;
6456         }
6457     }
6458 
6459     x86_cpu_filter_features(cpu, cpu->check_cpuid || cpu->enforce_cpuid);
6460 
6461     if (cpu->enforce_cpuid && x86_cpu_have_filtered_features(cpu)) {
6462         error_setg(&local_err,
6463                    accel_uses_host_cpuid() ?
6464                        "Host doesn't support requested features" :
6465                        "TCG doesn't support requested features");
6466         goto out;
6467     }
6468 
6469     /* On AMD CPUs, some CPUID[8000_0001].EDX bits must match the bits on
6470      * CPUID[1].EDX.
6471      */
6472     if (IS_AMD_CPU(env)) {
6473         env->features[FEAT_8000_0001_EDX] &= ~CPUID_EXT2_AMD_ALIASES;
6474         env->features[FEAT_8000_0001_EDX] |= (env->features[FEAT_1_EDX]
6475            & CPUID_EXT2_AMD_ALIASES);
6476     }
6477 
6478     x86_cpu_set_sgxlepubkeyhash(env);
6479 
6480     /*
6481      * note: the call to the framework needs to happen after feature expansion,
6482      * but before the checks/modifications to ucode_rev, mwait, phys_bits.
6483      * These may be set by the accel-specific code,
6484      * and the results are subsequently checked / assumed in this function.
6485      */
6486     cpu_exec_realizefn(cs, &local_err);
6487     if (local_err != NULL) {
6488         error_propagate(errp, local_err);
6489         return;
6490     }
6491 
6492     if (xcc->host_cpuid_required && !accel_uses_host_cpuid()) {
6493         g_autofree char *name = x86_cpu_class_get_model_name(xcc);
6494         error_setg(&local_err, "CPU model '%s' requires KVM or HVF", name);
6495         goto out;
6496     }
6497 
6498     if (cpu->ucode_rev == 0) {
6499         /*
6500          * The default is the same as KVM's. Note that this check
6501          * needs to happen after the evenual setting of ucode_rev in
6502          * accel-specific code in cpu_exec_realizefn.
6503          */
6504         if (IS_AMD_CPU(env)) {
6505             cpu->ucode_rev = 0x01000065;
6506         } else {
6507             cpu->ucode_rev = 0x100000000ULL;
6508         }
6509     }
6510 
6511     /*
6512      * mwait extended info: needed for Core compatibility
6513      * We always wake on interrupt even if host does not have the capability.
6514      *
6515      * requires the accel-specific code in cpu_exec_realizefn to
6516      * have already acquired the CPUID data into cpu->mwait.
6517      */
6518     cpu->mwait.ecx |= CPUID_MWAIT_EMX | CPUID_MWAIT_IBE;
6519 
6520     /* For 64bit systems think about the number of physical bits to present.
6521      * ideally this should be the same as the host; anything other than matching
6522      * the host can cause incorrect guest behaviour.
6523      * QEMU used to pick the magic value of 40 bits that corresponds to
6524      * consumer AMD devices but nothing else.
6525      *
6526      * Note that this code assumes features expansion has already been done
6527      * (as it checks for CPUID_EXT2_LM), and also assumes that potential
6528      * phys_bits adjustments to match the host have been already done in
6529      * accel-specific code in cpu_exec_realizefn.
6530      */
6531     if (env->features[FEAT_8000_0001_EDX] & CPUID_EXT2_LM) {
6532         if (cpu->phys_bits &&
6533             (cpu->phys_bits > TARGET_PHYS_ADDR_SPACE_BITS ||
6534             cpu->phys_bits < 32)) {
6535             error_setg(errp, "phys-bits should be between 32 and %u "
6536                              " (but is %u)",
6537                              TARGET_PHYS_ADDR_SPACE_BITS, cpu->phys_bits);
6538             return;
6539         }
6540         /*
6541          * 0 means it was not explicitly set by the user (or by machine
6542          * compat_props or by the host code in host-cpu.c).
6543          * In this case, the default is the value used by TCG (40).
6544          */
6545         if (cpu->phys_bits == 0) {
6546             cpu->phys_bits = TCG_PHYS_ADDR_BITS;
6547         }
6548     } else {
6549         /* For 32 bit systems don't use the user set value, but keep
6550          * phys_bits consistent with what we tell the guest.
6551          */
6552         if (cpu->phys_bits != 0) {
6553             error_setg(errp, "phys-bits is not user-configurable in 32 bit");
6554             return;
6555         }
6556 
6557         if (env->features[FEAT_1_EDX] & CPUID_PSE36) {
6558             cpu->phys_bits = 36;
6559         } else {
6560             cpu->phys_bits = 32;
6561         }
6562     }
6563 
6564     /* Cache information initialization */
6565     if (!cpu->legacy_cache) {
6566         if (!xcc->model || !xcc->model->cpudef->cache_info) {
6567             g_autofree char *name = x86_cpu_class_get_model_name(xcc);
6568             error_setg(errp,
6569                        "CPU model '%s' doesn't support legacy-cache=off", name);
6570             return;
6571         }
6572         env->cache_info_cpuid2 = env->cache_info_cpuid4 = env->cache_info_amd =
6573             *xcc->model->cpudef->cache_info;
6574     } else {
6575         /* Build legacy cache information */
6576         env->cache_info_cpuid2.l1d_cache = &legacy_l1d_cache;
6577         env->cache_info_cpuid2.l1i_cache = &legacy_l1i_cache;
6578         env->cache_info_cpuid2.l2_cache = &legacy_l2_cache_cpuid2;
6579         env->cache_info_cpuid2.l3_cache = &legacy_l3_cache;
6580 
6581         env->cache_info_cpuid4.l1d_cache = &legacy_l1d_cache;
6582         env->cache_info_cpuid4.l1i_cache = &legacy_l1i_cache;
6583         env->cache_info_cpuid4.l2_cache = &legacy_l2_cache;
6584         env->cache_info_cpuid4.l3_cache = &legacy_l3_cache;
6585 
6586         env->cache_info_amd.l1d_cache = &legacy_l1d_cache_amd;
6587         env->cache_info_amd.l1i_cache = &legacy_l1i_cache_amd;
6588         env->cache_info_amd.l2_cache = &legacy_l2_cache_amd;
6589         env->cache_info_amd.l3_cache = &legacy_l3_cache;
6590     }
6591 
6592 #ifndef CONFIG_USER_ONLY
6593     MachineState *ms = MACHINE(qdev_get_machine());
6594     qemu_register_reset(x86_cpu_machine_reset_cb, cpu);
6595 
6596     if (cpu->env.features[FEAT_1_EDX] & CPUID_APIC || ms->smp.cpus > 1) {
6597         x86_cpu_apic_create(cpu, &local_err);
6598         if (local_err != NULL) {
6599             goto out;
6600         }
6601     }
6602 #endif
6603 
6604     mce_init(cpu);
6605 
6606     qemu_init_vcpu(cs);
6607 
6608     /*
6609      * Most Intel and certain AMD CPUs support hyperthreading. Even though QEMU
6610      * fixes this issue by adjusting CPUID_0000_0001_EBX and CPUID_8000_0008_ECX
6611      * based on inputs (sockets,cores,threads), it is still better to give
6612      * users a warning.
6613      *
6614      * NOTE: the following code has to follow qemu_init_vcpu(). Otherwise
6615      * cs->nr_threads hasn't be populated yet and the checking is incorrect.
6616      */
6617     if (IS_AMD_CPU(env) &&
6618         !(env->features[FEAT_8000_0001_ECX] & CPUID_EXT3_TOPOEXT) &&
6619         cs->nr_threads > 1 && !ht_warned) {
6620             warn_report("This family of AMD CPU doesn't support "
6621                         "hyperthreading(%d)",
6622                         cs->nr_threads);
6623             error_printf("Please configure -smp options properly"
6624                          " or try enabling topoext feature.\n");
6625             ht_warned = true;
6626     }
6627 
6628 #ifndef CONFIG_USER_ONLY
6629     x86_cpu_apic_realize(cpu, &local_err);
6630     if (local_err != NULL) {
6631         goto out;
6632     }
6633 #endif /* !CONFIG_USER_ONLY */
6634     cpu_reset(cs);
6635 
6636     xcc->parent_realize(dev, &local_err);
6637 
6638 out:
6639     if (local_err != NULL) {
6640         error_propagate(errp, local_err);
6641         return;
6642     }
6643 }
6644 
6645 static void x86_cpu_unrealizefn(DeviceState *dev)
6646 {
6647     X86CPU *cpu = X86_CPU(dev);
6648     X86CPUClass *xcc = X86_CPU_GET_CLASS(dev);
6649 
6650 #ifndef CONFIG_USER_ONLY
6651     cpu_remove_sync(CPU(dev));
6652     qemu_unregister_reset(x86_cpu_machine_reset_cb, dev);
6653 #endif
6654 
6655     if (cpu->apic_state) {
6656         object_unparent(OBJECT(cpu->apic_state));
6657         cpu->apic_state = NULL;
6658     }
6659 
6660     xcc->parent_unrealize(dev);
6661 }
6662 
6663 typedef struct BitProperty {
6664     FeatureWord w;
6665     uint64_t mask;
6666 } BitProperty;
6667 
6668 static void x86_cpu_get_bit_prop(Object *obj, Visitor *v, const char *name,
6669                                  void *opaque, Error **errp)
6670 {
6671     X86CPU *cpu = X86_CPU(obj);
6672     BitProperty *fp = opaque;
6673     uint64_t f = cpu->env.features[fp->w];
6674     bool value = (f & fp->mask) == fp->mask;
6675     visit_type_bool(v, name, &value, errp);
6676 }
6677 
6678 static void x86_cpu_set_bit_prop(Object *obj, Visitor *v, const char *name,
6679                                  void *opaque, Error **errp)
6680 {
6681     DeviceState *dev = DEVICE(obj);
6682     X86CPU *cpu = X86_CPU(obj);
6683     BitProperty *fp = opaque;
6684     bool value;
6685 
6686     if (dev->realized) {
6687         qdev_prop_set_after_realize(dev, name, errp);
6688         return;
6689     }
6690 
6691     if (!visit_type_bool(v, name, &value, errp)) {
6692         return;
6693     }
6694 
6695     if (value) {
6696         cpu->env.features[fp->w] |= fp->mask;
6697     } else {
6698         cpu->env.features[fp->w] &= ~fp->mask;
6699     }
6700     cpu->env.user_features[fp->w] |= fp->mask;
6701 }
6702 
6703 /* Register a boolean property to get/set a single bit in a uint32_t field.
6704  *
6705  * The same property name can be registered multiple times to make it affect
6706  * multiple bits in the same FeatureWord. In that case, the getter will return
6707  * true only if all bits are set.
6708  */
6709 static void x86_cpu_register_bit_prop(X86CPUClass *xcc,
6710                                       const char *prop_name,
6711                                       FeatureWord w,
6712                                       int bitnr)
6713 {
6714     ObjectClass *oc = OBJECT_CLASS(xcc);
6715     BitProperty *fp;
6716     ObjectProperty *op;
6717     uint64_t mask = (1ULL << bitnr);
6718 
6719     op = object_class_property_find(oc, prop_name);
6720     if (op) {
6721         fp = op->opaque;
6722         assert(fp->w == w);
6723         fp->mask |= mask;
6724     } else {
6725         fp = g_new0(BitProperty, 1);
6726         fp->w = w;
6727         fp->mask = mask;
6728         object_class_property_add(oc, prop_name, "bool",
6729                                   x86_cpu_get_bit_prop,
6730                                   x86_cpu_set_bit_prop,
6731                                   NULL, fp);
6732     }
6733 }
6734 
6735 static void x86_cpu_register_feature_bit_props(X86CPUClass *xcc,
6736                                                FeatureWord w,
6737                                                int bitnr)
6738 {
6739     FeatureWordInfo *fi = &feature_word_info[w];
6740     const char *name = fi->feat_names[bitnr];
6741 
6742     if (!name) {
6743         return;
6744     }
6745 
6746     /* Property names should use "-" instead of "_".
6747      * Old names containing underscores are registered as aliases
6748      * using object_property_add_alias()
6749      */
6750     assert(!strchr(name, '_'));
6751     /* aliases don't use "|" delimiters anymore, they are registered
6752      * manually using object_property_add_alias() */
6753     assert(!strchr(name, '|'));
6754     x86_cpu_register_bit_prop(xcc, name, w, bitnr);
6755 }
6756 
6757 static void x86_cpu_post_initfn(Object *obj)
6758 {
6759     accel_cpu_instance_init(CPU(obj));
6760 }
6761 
6762 static void x86_cpu_initfn(Object *obj)
6763 {
6764     X86CPU *cpu = X86_CPU(obj);
6765     X86CPUClass *xcc = X86_CPU_GET_CLASS(obj);
6766     CPUX86State *env = &cpu->env;
6767 
6768     env->nr_dies = 1;
6769     cpu_set_cpustate_pointers(cpu);
6770 
6771     object_property_add(obj, "feature-words", "X86CPUFeatureWordInfo",
6772                         x86_cpu_get_feature_words,
6773                         NULL, NULL, (void *)env->features);
6774     object_property_add(obj, "filtered-features", "X86CPUFeatureWordInfo",
6775                         x86_cpu_get_feature_words,
6776                         NULL, NULL, (void *)cpu->filtered_features);
6777 
6778     object_property_add_alias(obj, "sse3", obj, "pni");
6779     object_property_add_alias(obj, "pclmuldq", obj, "pclmulqdq");
6780     object_property_add_alias(obj, "sse4-1", obj, "sse4.1");
6781     object_property_add_alias(obj, "sse4-2", obj, "sse4.2");
6782     object_property_add_alias(obj, "xd", obj, "nx");
6783     object_property_add_alias(obj, "ffxsr", obj, "fxsr-opt");
6784     object_property_add_alias(obj, "i64", obj, "lm");
6785 
6786     object_property_add_alias(obj, "ds_cpl", obj, "ds-cpl");
6787     object_property_add_alias(obj, "tsc_adjust", obj, "tsc-adjust");
6788     object_property_add_alias(obj, "fxsr_opt", obj, "fxsr-opt");
6789     object_property_add_alias(obj, "lahf_lm", obj, "lahf-lm");
6790     object_property_add_alias(obj, "cmp_legacy", obj, "cmp-legacy");
6791     object_property_add_alias(obj, "nodeid_msr", obj, "nodeid-msr");
6792     object_property_add_alias(obj, "perfctr_core", obj, "perfctr-core");
6793     object_property_add_alias(obj, "perfctr_nb", obj, "perfctr-nb");
6794     object_property_add_alias(obj, "kvm_nopiodelay", obj, "kvm-nopiodelay");
6795     object_property_add_alias(obj, "kvm_mmu", obj, "kvm-mmu");
6796     object_property_add_alias(obj, "kvm_asyncpf", obj, "kvm-asyncpf");
6797     object_property_add_alias(obj, "kvm_asyncpf_int", obj, "kvm-asyncpf-int");
6798     object_property_add_alias(obj, "kvm_steal_time", obj, "kvm-steal-time");
6799     object_property_add_alias(obj, "kvm_pv_eoi", obj, "kvm-pv-eoi");
6800     object_property_add_alias(obj, "kvm_pv_unhalt", obj, "kvm-pv-unhalt");
6801     object_property_add_alias(obj, "kvm_poll_control", obj, "kvm-poll-control");
6802     object_property_add_alias(obj, "svm_lock", obj, "svm-lock");
6803     object_property_add_alias(obj, "nrip_save", obj, "nrip-save");
6804     object_property_add_alias(obj, "tsc_scale", obj, "tsc-scale");
6805     object_property_add_alias(obj, "vmcb_clean", obj, "vmcb-clean");
6806     object_property_add_alias(obj, "pause_filter", obj, "pause-filter");
6807     object_property_add_alias(obj, "sse4_1", obj, "sse4.1");
6808     object_property_add_alias(obj, "sse4_2", obj, "sse4.2");
6809 
6810     object_property_add_alias(obj, "hv-apicv", obj, "hv-avic");
6811     cpu->lbr_fmt = ~PERF_CAP_LBR_FMT;
6812     object_property_add_alias(obj, "lbr_fmt", obj, "lbr-fmt");
6813 
6814     if (xcc->model) {
6815         x86_cpu_load_model(cpu, xcc->model);
6816     }
6817 }
6818 
6819 static int64_t x86_cpu_get_arch_id(CPUState *cs)
6820 {
6821     X86CPU *cpu = X86_CPU(cs);
6822 
6823     return cpu->apic_id;
6824 }
6825 
6826 #if !defined(CONFIG_USER_ONLY)
6827 static bool x86_cpu_get_paging_enabled(const CPUState *cs)
6828 {
6829     X86CPU *cpu = X86_CPU(cs);
6830 
6831     return cpu->env.cr[0] & CR0_PG_MASK;
6832 }
6833 #endif /* !CONFIG_USER_ONLY */
6834 
6835 static void x86_cpu_set_pc(CPUState *cs, vaddr value)
6836 {
6837     X86CPU *cpu = X86_CPU(cs);
6838 
6839     cpu->env.eip = value;
6840 }
6841 
6842 static vaddr x86_cpu_get_pc(CPUState *cs)
6843 {
6844     X86CPU *cpu = X86_CPU(cs);
6845 
6846     /* Match cpu_get_tb_cpu_state. */
6847     return cpu->env.eip + cpu->env.segs[R_CS].base;
6848 }
6849 
6850 int x86_cpu_pending_interrupt(CPUState *cs, int interrupt_request)
6851 {
6852     X86CPU *cpu = X86_CPU(cs);
6853     CPUX86State *env = &cpu->env;
6854 
6855 #if !defined(CONFIG_USER_ONLY)
6856     if (interrupt_request & CPU_INTERRUPT_POLL) {
6857         return CPU_INTERRUPT_POLL;
6858     }
6859 #endif
6860     if (interrupt_request & CPU_INTERRUPT_SIPI) {
6861         return CPU_INTERRUPT_SIPI;
6862     }
6863 
6864     if (env->hflags2 & HF2_GIF_MASK) {
6865         if ((interrupt_request & CPU_INTERRUPT_SMI) &&
6866             !(env->hflags & HF_SMM_MASK)) {
6867             return CPU_INTERRUPT_SMI;
6868         } else if ((interrupt_request & CPU_INTERRUPT_NMI) &&
6869                    !(env->hflags2 & HF2_NMI_MASK)) {
6870             return CPU_INTERRUPT_NMI;
6871         } else if (interrupt_request & CPU_INTERRUPT_MCE) {
6872             return CPU_INTERRUPT_MCE;
6873         } else if ((interrupt_request & CPU_INTERRUPT_HARD) &&
6874                    (((env->hflags2 & HF2_VINTR_MASK) &&
6875                      (env->hflags2 & HF2_HIF_MASK)) ||
6876                     (!(env->hflags2 & HF2_VINTR_MASK) &&
6877                      (env->eflags & IF_MASK &&
6878                       !(env->hflags & HF_INHIBIT_IRQ_MASK))))) {
6879             return CPU_INTERRUPT_HARD;
6880 #if !defined(CONFIG_USER_ONLY)
6881         } else if (env->hflags2 & HF2_VGIF_MASK) {
6882             if((interrupt_request & CPU_INTERRUPT_VIRQ) &&
6883                    (env->eflags & IF_MASK) &&
6884                    !(env->hflags & HF_INHIBIT_IRQ_MASK)) {
6885                         return CPU_INTERRUPT_VIRQ;
6886             }
6887 #endif
6888         }
6889     }
6890 
6891     return 0;
6892 }
6893 
6894 static bool x86_cpu_has_work(CPUState *cs)
6895 {
6896     return x86_cpu_pending_interrupt(cs, cs->interrupt_request) != 0;
6897 }
6898 
6899 static void x86_disas_set_info(CPUState *cs, disassemble_info *info)
6900 {
6901     X86CPU *cpu = X86_CPU(cs);
6902     CPUX86State *env = &cpu->env;
6903 
6904     info->mach = (env->hflags & HF_CS64_MASK ? bfd_mach_x86_64
6905                   : env->hflags & HF_CS32_MASK ? bfd_mach_i386_i386
6906                   : bfd_mach_i386_i8086);
6907 
6908     info->cap_arch = CS_ARCH_X86;
6909     info->cap_mode = (env->hflags & HF_CS64_MASK ? CS_MODE_64
6910                       : env->hflags & HF_CS32_MASK ? CS_MODE_32
6911                       : CS_MODE_16);
6912     info->cap_insn_unit = 1;
6913     info->cap_insn_split = 8;
6914 }
6915 
6916 void x86_update_hflags(CPUX86State *env)
6917 {
6918    uint32_t hflags;
6919 #define HFLAG_COPY_MASK \
6920     ~( HF_CPL_MASK | HF_PE_MASK | HF_MP_MASK | HF_EM_MASK | \
6921        HF_TS_MASK | HF_TF_MASK | HF_VM_MASK | HF_IOPL_MASK | \
6922        HF_OSFXSR_MASK | HF_LMA_MASK | HF_CS32_MASK | \
6923        HF_SS32_MASK | HF_CS64_MASK | HF_ADDSEG_MASK)
6924 
6925     hflags = env->hflags & HFLAG_COPY_MASK;
6926     hflags |= (env->segs[R_SS].flags >> DESC_DPL_SHIFT) & HF_CPL_MASK;
6927     hflags |= (env->cr[0] & CR0_PE_MASK) << (HF_PE_SHIFT - CR0_PE_SHIFT);
6928     hflags |= (env->cr[0] << (HF_MP_SHIFT - CR0_MP_SHIFT)) &
6929                 (HF_MP_MASK | HF_EM_MASK | HF_TS_MASK);
6930     hflags |= (env->eflags & (HF_TF_MASK | HF_VM_MASK | HF_IOPL_MASK));
6931 
6932     if (env->cr[4] & CR4_OSFXSR_MASK) {
6933         hflags |= HF_OSFXSR_MASK;
6934     }
6935 
6936     if (env->efer & MSR_EFER_LMA) {
6937         hflags |= HF_LMA_MASK;
6938     }
6939 
6940     if ((hflags & HF_LMA_MASK) && (env->segs[R_CS].flags & DESC_L_MASK)) {
6941         hflags |= HF_CS32_MASK | HF_SS32_MASK | HF_CS64_MASK;
6942     } else {
6943         hflags |= (env->segs[R_CS].flags & DESC_B_MASK) >>
6944                     (DESC_B_SHIFT - HF_CS32_SHIFT);
6945         hflags |= (env->segs[R_SS].flags & DESC_B_MASK) >>
6946                     (DESC_B_SHIFT - HF_SS32_SHIFT);
6947         if (!(env->cr[0] & CR0_PE_MASK) || (env->eflags & VM_MASK) ||
6948             !(hflags & HF_CS32_MASK)) {
6949             hflags |= HF_ADDSEG_MASK;
6950         } else {
6951             hflags |= ((env->segs[R_DS].base | env->segs[R_ES].base |
6952                         env->segs[R_SS].base) != 0) << HF_ADDSEG_SHIFT;
6953         }
6954     }
6955     env->hflags = hflags;
6956 }
6957 
6958 static Property x86_cpu_properties[] = {
6959 #ifdef CONFIG_USER_ONLY
6960     /* apic_id = 0 by default for *-user, see commit 9886e834 */
6961     DEFINE_PROP_UINT32("apic-id", X86CPU, apic_id, 0),
6962     DEFINE_PROP_INT32("thread-id", X86CPU, thread_id, 0),
6963     DEFINE_PROP_INT32("core-id", X86CPU, core_id, 0),
6964     DEFINE_PROP_INT32("die-id", X86CPU, die_id, 0),
6965     DEFINE_PROP_INT32("socket-id", X86CPU, socket_id, 0),
6966 #else
6967     DEFINE_PROP_UINT32("apic-id", X86CPU, apic_id, UNASSIGNED_APIC_ID),
6968     DEFINE_PROP_INT32("thread-id", X86CPU, thread_id, -1),
6969     DEFINE_PROP_INT32("core-id", X86CPU, core_id, -1),
6970     DEFINE_PROP_INT32("die-id", X86CPU, die_id, -1),
6971     DEFINE_PROP_INT32("socket-id", X86CPU, socket_id, -1),
6972 #endif
6973     DEFINE_PROP_INT32("node-id", X86CPU, node_id, CPU_UNSET_NUMA_NODE_ID),
6974     DEFINE_PROP_BOOL("pmu", X86CPU, enable_pmu, false),
6975     DEFINE_PROP_UINT64_CHECKMASK("lbr-fmt", X86CPU, lbr_fmt, PERF_CAP_LBR_FMT),
6976 
6977     DEFINE_PROP_UINT32("hv-spinlocks", X86CPU, hyperv_spinlock_attempts,
6978                        HYPERV_SPINLOCK_NEVER_NOTIFY),
6979     DEFINE_PROP_BIT64("hv-relaxed", X86CPU, hyperv_features,
6980                       HYPERV_FEAT_RELAXED, 0),
6981     DEFINE_PROP_BIT64("hv-vapic", X86CPU, hyperv_features,
6982                       HYPERV_FEAT_VAPIC, 0),
6983     DEFINE_PROP_BIT64("hv-time", X86CPU, hyperv_features,
6984                       HYPERV_FEAT_TIME, 0),
6985     DEFINE_PROP_BIT64("hv-crash", X86CPU, hyperv_features,
6986                       HYPERV_FEAT_CRASH, 0),
6987     DEFINE_PROP_BIT64("hv-reset", X86CPU, hyperv_features,
6988                       HYPERV_FEAT_RESET, 0),
6989     DEFINE_PROP_BIT64("hv-vpindex", X86CPU, hyperv_features,
6990                       HYPERV_FEAT_VPINDEX, 0),
6991     DEFINE_PROP_BIT64("hv-runtime", X86CPU, hyperv_features,
6992                       HYPERV_FEAT_RUNTIME, 0),
6993     DEFINE_PROP_BIT64("hv-synic", X86CPU, hyperv_features,
6994                       HYPERV_FEAT_SYNIC, 0),
6995     DEFINE_PROP_BIT64("hv-stimer", X86CPU, hyperv_features,
6996                       HYPERV_FEAT_STIMER, 0),
6997     DEFINE_PROP_BIT64("hv-frequencies", X86CPU, hyperv_features,
6998                       HYPERV_FEAT_FREQUENCIES, 0),
6999     DEFINE_PROP_BIT64("hv-reenlightenment", X86CPU, hyperv_features,
7000                       HYPERV_FEAT_REENLIGHTENMENT, 0),
7001     DEFINE_PROP_BIT64("hv-tlbflush", X86CPU, hyperv_features,
7002                       HYPERV_FEAT_TLBFLUSH, 0),
7003     DEFINE_PROP_BIT64("hv-evmcs", X86CPU, hyperv_features,
7004                       HYPERV_FEAT_EVMCS, 0),
7005     DEFINE_PROP_BIT64("hv-ipi", X86CPU, hyperv_features,
7006                       HYPERV_FEAT_IPI, 0),
7007     DEFINE_PROP_BIT64("hv-stimer-direct", X86CPU, hyperv_features,
7008                       HYPERV_FEAT_STIMER_DIRECT, 0),
7009     DEFINE_PROP_BIT64("hv-avic", X86CPU, hyperv_features,
7010                       HYPERV_FEAT_AVIC, 0),
7011     DEFINE_PROP_BIT64("hv-emsr-bitmap", X86CPU, hyperv_features,
7012                       HYPERV_FEAT_MSR_BITMAP, 0),
7013     DEFINE_PROP_BIT64("hv-xmm-input", X86CPU, hyperv_features,
7014                       HYPERV_FEAT_XMM_INPUT, 0),
7015     DEFINE_PROP_BIT64("hv-tlbflush-ext", X86CPU, hyperv_features,
7016                       HYPERV_FEAT_TLBFLUSH_EXT, 0),
7017     DEFINE_PROP_BIT64("hv-tlbflush-direct", X86CPU, hyperv_features,
7018                       HYPERV_FEAT_TLBFLUSH_DIRECT, 0),
7019     DEFINE_PROP_ON_OFF_AUTO("hv-no-nonarch-coresharing", X86CPU,
7020                             hyperv_no_nonarch_cs, ON_OFF_AUTO_OFF),
7021     DEFINE_PROP_BIT64("hv-syndbg", X86CPU, hyperv_features,
7022                       HYPERV_FEAT_SYNDBG, 0),
7023     DEFINE_PROP_BOOL("hv-passthrough", X86CPU, hyperv_passthrough, false),
7024     DEFINE_PROP_BOOL("hv-enforce-cpuid", X86CPU, hyperv_enforce_cpuid, false),
7025 
7026     /* WS2008R2 identify by default */
7027     DEFINE_PROP_UINT32("hv-version-id-build", X86CPU, hyperv_ver_id_build,
7028                        0x3839),
7029     DEFINE_PROP_UINT16("hv-version-id-major", X86CPU, hyperv_ver_id_major,
7030                        0x000A),
7031     DEFINE_PROP_UINT16("hv-version-id-minor", X86CPU, hyperv_ver_id_minor,
7032                        0x0000),
7033     DEFINE_PROP_UINT32("hv-version-id-spack", X86CPU, hyperv_ver_id_sp, 0),
7034     DEFINE_PROP_UINT8("hv-version-id-sbranch", X86CPU, hyperv_ver_id_sb, 0),
7035     DEFINE_PROP_UINT32("hv-version-id-snumber", X86CPU, hyperv_ver_id_sn, 0),
7036 
7037     DEFINE_PROP_BOOL("check", X86CPU, check_cpuid, true),
7038     DEFINE_PROP_BOOL("enforce", X86CPU, enforce_cpuid, false),
7039     DEFINE_PROP_BOOL("x-force-features", X86CPU, force_features, false),
7040     DEFINE_PROP_BOOL("kvm", X86CPU, expose_kvm, true),
7041     DEFINE_PROP_UINT32("phys-bits", X86CPU, phys_bits, 0),
7042     DEFINE_PROP_BOOL("host-phys-bits", X86CPU, host_phys_bits, false),
7043     DEFINE_PROP_UINT8("host-phys-bits-limit", X86CPU, host_phys_bits_limit, 0),
7044     DEFINE_PROP_BOOL("fill-mtrr-mask", X86CPU, fill_mtrr_mask, true),
7045     DEFINE_PROP_UINT32("level-func7", X86CPU, env.cpuid_level_func7,
7046                        UINT32_MAX),
7047     DEFINE_PROP_UINT32("level", X86CPU, env.cpuid_level, UINT32_MAX),
7048     DEFINE_PROP_UINT32("xlevel", X86CPU, env.cpuid_xlevel, UINT32_MAX),
7049     DEFINE_PROP_UINT32("xlevel2", X86CPU, env.cpuid_xlevel2, UINT32_MAX),
7050     DEFINE_PROP_UINT32("min-level", X86CPU, env.cpuid_min_level, 0),
7051     DEFINE_PROP_UINT32("min-xlevel", X86CPU, env.cpuid_min_xlevel, 0),
7052     DEFINE_PROP_UINT32("min-xlevel2", X86CPU, env.cpuid_min_xlevel2, 0),
7053     DEFINE_PROP_UINT64("ucode-rev", X86CPU, ucode_rev, 0),
7054     DEFINE_PROP_BOOL("full-cpuid-auto-level", X86CPU, full_cpuid_auto_level, true),
7055     DEFINE_PROP_STRING("hv-vendor-id", X86CPU, hyperv_vendor),
7056     DEFINE_PROP_BOOL("cpuid-0xb", X86CPU, enable_cpuid_0xb, true),
7057     DEFINE_PROP_BOOL("x-vendor-cpuid-only", X86CPU, vendor_cpuid_only, true),
7058     DEFINE_PROP_BOOL("lmce", X86CPU, enable_lmce, false),
7059     DEFINE_PROP_BOOL("l3-cache", X86CPU, enable_l3_cache, true),
7060     DEFINE_PROP_BOOL("kvm-no-smi-migration", X86CPU, kvm_no_smi_migration,
7061                      false),
7062     DEFINE_PROP_BOOL("kvm-pv-enforce-cpuid", X86CPU, kvm_pv_enforce_cpuid,
7063                      false),
7064     DEFINE_PROP_BOOL("vmware-cpuid-freq", X86CPU, vmware_cpuid_freq, true),
7065     DEFINE_PROP_BOOL("tcg-cpuid", X86CPU, expose_tcg, true),
7066     DEFINE_PROP_BOOL("x-migrate-smi-count", X86CPU, migrate_smi_count,
7067                      true),
7068     /*
7069      * lecacy_cache defaults to true unless the CPU model provides its
7070      * own cache information (see x86_cpu_load_def()).
7071      */
7072     DEFINE_PROP_BOOL("legacy-cache", X86CPU, legacy_cache, true),
7073 
7074     /*
7075      * From "Requirements for Implementing the Microsoft
7076      * Hypervisor Interface":
7077      * https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/reference/tlfs
7078      *
7079      * "Starting with Windows Server 2012 and Windows 8, if
7080      * CPUID.40000005.EAX contains a value of -1, Windows assumes that
7081      * the hypervisor imposes no specific limit to the number of VPs.
7082      * In this case, Windows Server 2012 guest VMs may use more than
7083      * 64 VPs, up to the maximum supported number of processors applicable
7084      * to the specific Windows version being used."
7085      */
7086     DEFINE_PROP_INT32("x-hv-max-vps", X86CPU, hv_max_vps, -1),
7087     DEFINE_PROP_BOOL("x-hv-synic-kvm-only", X86CPU, hyperv_synic_kvm_only,
7088                      false),
7089     DEFINE_PROP_BOOL("x-intel-pt-auto-level", X86CPU, intel_pt_auto_level,
7090                      true),
7091     DEFINE_PROP_END_OF_LIST()
7092 };
7093 
7094 #ifndef CONFIG_USER_ONLY
7095 #include "hw/core/sysemu-cpu-ops.h"
7096 
7097 static const struct SysemuCPUOps i386_sysemu_ops = {
7098     .get_memory_mapping = x86_cpu_get_memory_mapping,
7099     .get_paging_enabled = x86_cpu_get_paging_enabled,
7100     .get_phys_page_attrs_debug = x86_cpu_get_phys_page_attrs_debug,
7101     .asidx_from_attrs = x86_asidx_from_attrs,
7102     .get_crash_info = x86_cpu_get_crash_info,
7103     .write_elf32_note = x86_cpu_write_elf32_note,
7104     .write_elf64_note = x86_cpu_write_elf64_note,
7105     .write_elf32_qemunote = x86_cpu_write_elf32_qemunote,
7106     .write_elf64_qemunote = x86_cpu_write_elf64_qemunote,
7107     .legacy_vmsd = &vmstate_x86_cpu,
7108 };
7109 #endif
7110 
7111 static void x86_cpu_common_class_init(ObjectClass *oc, void *data)
7112 {
7113     X86CPUClass *xcc = X86_CPU_CLASS(oc);
7114     CPUClass *cc = CPU_CLASS(oc);
7115     DeviceClass *dc = DEVICE_CLASS(oc);
7116     ResettableClass *rc = RESETTABLE_CLASS(oc);
7117     FeatureWord w;
7118 
7119     device_class_set_parent_realize(dc, x86_cpu_realizefn,
7120                                     &xcc->parent_realize);
7121     device_class_set_parent_unrealize(dc, x86_cpu_unrealizefn,
7122                                       &xcc->parent_unrealize);
7123     device_class_set_props(dc, x86_cpu_properties);
7124 
7125     resettable_class_set_parent_phases(rc, NULL, x86_cpu_reset_hold, NULL,
7126                                        &xcc->parent_phases);
7127     cc->reset_dump_flags = CPU_DUMP_FPU | CPU_DUMP_CCOP;
7128 
7129     cc->class_by_name = x86_cpu_class_by_name;
7130     cc->parse_features = x86_cpu_parse_featurestr;
7131     cc->has_work = x86_cpu_has_work;
7132     cc->dump_state = x86_cpu_dump_state;
7133     cc->set_pc = x86_cpu_set_pc;
7134     cc->get_pc = x86_cpu_get_pc;
7135     cc->gdb_read_register = x86_cpu_gdb_read_register;
7136     cc->gdb_write_register = x86_cpu_gdb_write_register;
7137     cc->get_arch_id = x86_cpu_get_arch_id;
7138 
7139 #ifndef CONFIG_USER_ONLY
7140     cc->sysemu_ops = &i386_sysemu_ops;
7141 #endif /* !CONFIG_USER_ONLY */
7142 
7143     cc->gdb_arch_name = x86_gdb_arch_name;
7144 #ifdef TARGET_X86_64
7145     cc->gdb_core_xml_file = "i386-64bit.xml";
7146     cc->gdb_num_core_regs = 66;
7147 #else
7148     cc->gdb_core_xml_file = "i386-32bit.xml";
7149     cc->gdb_num_core_regs = 50;
7150 #endif
7151     cc->disas_set_info = x86_disas_set_info;
7152 
7153     dc->user_creatable = true;
7154 
7155     object_class_property_add(oc, "family", "int",
7156                               x86_cpuid_version_get_family,
7157                               x86_cpuid_version_set_family, NULL, NULL);
7158     object_class_property_add(oc, "model", "int",
7159                               x86_cpuid_version_get_model,
7160                               x86_cpuid_version_set_model, NULL, NULL);
7161     object_class_property_add(oc, "stepping", "int",
7162                               x86_cpuid_version_get_stepping,
7163                               x86_cpuid_version_set_stepping, NULL, NULL);
7164     object_class_property_add_str(oc, "vendor",
7165                                   x86_cpuid_get_vendor,
7166                                   x86_cpuid_set_vendor);
7167     object_class_property_add_str(oc, "model-id",
7168                                   x86_cpuid_get_model_id,
7169                                   x86_cpuid_set_model_id);
7170     object_class_property_add(oc, "tsc-frequency", "int",
7171                               x86_cpuid_get_tsc_freq,
7172                               x86_cpuid_set_tsc_freq, NULL, NULL);
7173     /*
7174      * The "unavailable-features" property has the same semantics as
7175      * CpuDefinitionInfo.unavailable-features on the "query-cpu-definitions"
7176      * QMP command: they list the features that would have prevented the
7177      * CPU from running if the "enforce" flag was set.
7178      */
7179     object_class_property_add(oc, "unavailable-features", "strList",
7180                               x86_cpu_get_unavailable_features,
7181                               NULL, NULL, NULL);
7182 
7183 #if !defined(CONFIG_USER_ONLY)
7184     object_class_property_add(oc, "crash-information", "GuestPanicInformation",
7185                               x86_cpu_get_crash_info_qom, NULL, NULL, NULL);
7186 #endif
7187 
7188     for (w = 0; w < FEATURE_WORDS; w++) {
7189         int bitnr;
7190         for (bitnr = 0; bitnr < 64; bitnr++) {
7191             x86_cpu_register_feature_bit_props(xcc, w, bitnr);
7192         }
7193     }
7194 }
7195 
7196 static const TypeInfo x86_cpu_type_info = {
7197     .name = TYPE_X86_CPU,
7198     .parent = TYPE_CPU,
7199     .instance_size = sizeof(X86CPU),
7200     .instance_init = x86_cpu_initfn,
7201     .instance_post_init = x86_cpu_post_initfn,
7202 
7203     .abstract = true,
7204     .class_size = sizeof(X86CPUClass),
7205     .class_init = x86_cpu_common_class_init,
7206 };
7207 
7208 /* "base" CPU model, used by query-cpu-model-expansion */
7209 static void x86_cpu_base_class_init(ObjectClass *oc, void *data)
7210 {
7211     X86CPUClass *xcc = X86_CPU_CLASS(oc);
7212 
7213     xcc->static_model = true;
7214     xcc->migration_safe = true;
7215     xcc->model_description = "base CPU model type with no features enabled";
7216     xcc->ordering = 8;
7217 }
7218 
7219 static const TypeInfo x86_base_cpu_type_info = {
7220         .name = X86_CPU_TYPE_NAME("base"),
7221         .parent = TYPE_X86_CPU,
7222         .class_init = x86_cpu_base_class_init,
7223 };
7224 
7225 static void x86_cpu_register_types(void)
7226 {
7227     int i;
7228 
7229     type_register_static(&x86_cpu_type_info);
7230     for (i = 0; i < ARRAY_SIZE(builtin_x86_defs); i++) {
7231         x86_register_cpudef_types(&builtin_x86_defs[i]);
7232     }
7233     type_register_static(&max_x86_cpu_type_info);
7234     type_register_static(&x86_base_cpu_type_info);
7235 }
7236 
7237 type_init(x86_cpu_register_types)
7238