xref: /openbmc/qemu/target/i386/cpu.c (revision bad5cfcd)
1 /*
2  *  i386 CPUID, CPU class, definitions, models
3  *
4  *  Copyright (c) 2003 Fabrice Bellard
5  *
6  * This library is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Lesser General Public
8  * License as published by the Free Software Foundation; either
9  * version 2.1 of the License, or (at your option) any later version.
10  *
11  * This library is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
14  * Lesser General Public License for more details.
15  *
16  * You should have received a copy of the GNU Lesser General Public
17  * License along with this library; if not, see <http://www.gnu.org/licenses/>.
18  */
19 
20 #include "qemu/osdep.h"
21 #include "qemu/units.h"
22 #include "qemu/cutils.h"
23 #include "qemu/qemu-print.h"
24 #include "qemu/hw-version.h"
25 #include "cpu.h"
26 #include "tcg/helper-tcg.h"
27 #include "sysemu/reset.h"
28 #include "sysemu/hvf.h"
29 #include "kvm/kvm_i386.h"
30 #include "sev.h"
31 #include "qapi/error.h"
32 #include "qemu/error-report.h"
33 #include "qapi/qapi-visit-machine.h"
34 #include "qapi/qmp/qerror.h"
35 #include "standard-headers/asm-x86/kvm_para.h"
36 #include "hw/qdev-properties.h"
37 #include "hw/i386/topology.h"
38 #ifndef CONFIG_USER_ONLY
39 #include "qapi/qapi-commands-machine-target.h"
40 #include "exec/address-spaces.h"
41 #include "hw/boards.h"
42 #include "hw/i386/sgx-epc.h"
43 #endif
44 
45 #include "disas/capstone.h"
46 #include "cpu-internal.h"
47 
48 static void x86_cpu_realizefn(DeviceState *dev, Error **errp);
49 
50 /* Helpers for building CPUID[2] descriptors: */
51 
52 struct CPUID2CacheDescriptorInfo {
53     enum CacheType type;
54     int level;
55     int size;
56     int line_size;
57     int associativity;
58 };
59 
60 /*
61  * Known CPUID 2 cache descriptors.
62  * From Intel SDM Volume 2A, CPUID instruction
63  */
64 struct CPUID2CacheDescriptorInfo cpuid2_cache_descriptors[] = {
65     [0x06] = { .level = 1, .type = INSTRUCTION_CACHE, .size =   8 * KiB,
66                .associativity = 4,  .line_size = 32, },
67     [0x08] = { .level = 1, .type = INSTRUCTION_CACHE, .size =  16 * KiB,
68                .associativity = 4,  .line_size = 32, },
69     [0x09] = { .level = 1, .type = INSTRUCTION_CACHE, .size =  32 * KiB,
70                .associativity = 4,  .line_size = 64, },
71     [0x0A] = { .level = 1, .type = DATA_CACHE,        .size =   8 * KiB,
72                .associativity = 2,  .line_size = 32, },
73     [0x0C] = { .level = 1, .type = DATA_CACHE,        .size =  16 * KiB,
74                .associativity = 4,  .line_size = 32, },
75     [0x0D] = { .level = 1, .type = DATA_CACHE,        .size =  16 * KiB,
76                .associativity = 4,  .line_size = 64, },
77     [0x0E] = { .level = 1, .type = DATA_CACHE,        .size =  24 * KiB,
78                .associativity = 6,  .line_size = 64, },
79     [0x1D] = { .level = 2, .type = UNIFIED_CACHE,     .size = 128 * KiB,
80                .associativity = 2,  .line_size = 64, },
81     [0x21] = { .level = 2, .type = UNIFIED_CACHE,     .size = 256 * KiB,
82                .associativity = 8,  .line_size = 64, },
83     /* lines per sector is not supported cpuid2_cache_descriptor(),
84     * so descriptors 0x22, 0x23 are not included
85     */
86     [0x24] = { .level = 2, .type = UNIFIED_CACHE,     .size =   1 * MiB,
87                .associativity = 16, .line_size = 64, },
88     /* lines per sector is not supported cpuid2_cache_descriptor(),
89     * so descriptors 0x25, 0x20 are not included
90     */
91     [0x2C] = { .level = 1, .type = DATA_CACHE,        .size =  32 * KiB,
92                .associativity = 8,  .line_size = 64, },
93     [0x30] = { .level = 1, .type = INSTRUCTION_CACHE, .size =  32 * KiB,
94                .associativity = 8,  .line_size = 64, },
95     [0x41] = { .level = 2, .type = UNIFIED_CACHE,     .size = 128 * KiB,
96                .associativity = 4,  .line_size = 32, },
97     [0x42] = { .level = 2, .type = UNIFIED_CACHE,     .size = 256 * KiB,
98                .associativity = 4,  .line_size = 32, },
99     [0x43] = { .level = 2, .type = UNIFIED_CACHE,     .size = 512 * KiB,
100                .associativity = 4,  .line_size = 32, },
101     [0x44] = { .level = 2, .type = UNIFIED_CACHE,     .size =   1 * MiB,
102                .associativity = 4,  .line_size = 32, },
103     [0x45] = { .level = 2, .type = UNIFIED_CACHE,     .size =   2 * MiB,
104                .associativity = 4,  .line_size = 32, },
105     [0x46] = { .level = 3, .type = UNIFIED_CACHE,     .size =   4 * MiB,
106                .associativity = 4,  .line_size = 64, },
107     [0x47] = { .level = 3, .type = UNIFIED_CACHE,     .size =   8 * MiB,
108                .associativity = 8,  .line_size = 64, },
109     [0x48] = { .level = 2, .type = UNIFIED_CACHE,     .size =   3 * MiB,
110                .associativity = 12, .line_size = 64, },
111     /* Descriptor 0x49 depends on CPU family/model, so it is not included */
112     [0x4A] = { .level = 3, .type = UNIFIED_CACHE,     .size =   6 * MiB,
113                .associativity = 12, .line_size = 64, },
114     [0x4B] = { .level = 3, .type = UNIFIED_CACHE,     .size =   8 * MiB,
115                .associativity = 16, .line_size = 64, },
116     [0x4C] = { .level = 3, .type = UNIFIED_CACHE,     .size =  12 * MiB,
117                .associativity = 12, .line_size = 64, },
118     [0x4D] = { .level = 3, .type = UNIFIED_CACHE,     .size =  16 * MiB,
119                .associativity = 16, .line_size = 64, },
120     [0x4E] = { .level = 2, .type = UNIFIED_CACHE,     .size =   6 * MiB,
121                .associativity = 24, .line_size = 64, },
122     [0x60] = { .level = 1, .type = DATA_CACHE,        .size =  16 * KiB,
123                .associativity = 8,  .line_size = 64, },
124     [0x66] = { .level = 1, .type = DATA_CACHE,        .size =   8 * KiB,
125                .associativity = 4,  .line_size = 64, },
126     [0x67] = { .level = 1, .type = DATA_CACHE,        .size =  16 * KiB,
127                .associativity = 4,  .line_size = 64, },
128     [0x68] = { .level = 1, .type = DATA_CACHE,        .size =  32 * KiB,
129                .associativity = 4,  .line_size = 64, },
130     [0x78] = { .level = 2, .type = UNIFIED_CACHE,     .size =   1 * MiB,
131                .associativity = 4,  .line_size = 64, },
132     /* lines per sector is not supported cpuid2_cache_descriptor(),
133     * so descriptors 0x79, 0x7A, 0x7B, 0x7C are not included.
134     */
135     [0x7D] = { .level = 2, .type = UNIFIED_CACHE,     .size =   2 * MiB,
136                .associativity = 8,  .line_size = 64, },
137     [0x7F] = { .level = 2, .type = UNIFIED_CACHE,     .size = 512 * KiB,
138                .associativity = 2,  .line_size = 64, },
139     [0x80] = { .level = 2, .type = UNIFIED_CACHE,     .size = 512 * KiB,
140                .associativity = 8,  .line_size = 64, },
141     [0x82] = { .level = 2, .type = UNIFIED_CACHE,     .size = 256 * KiB,
142                .associativity = 8,  .line_size = 32, },
143     [0x83] = { .level = 2, .type = UNIFIED_CACHE,     .size = 512 * KiB,
144                .associativity = 8,  .line_size = 32, },
145     [0x84] = { .level = 2, .type = UNIFIED_CACHE,     .size =   1 * MiB,
146                .associativity = 8,  .line_size = 32, },
147     [0x85] = { .level = 2, .type = UNIFIED_CACHE,     .size =   2 * MiB,
148                .associativity = 8,  .line_size = 32, },
149     [0x86] = { .level = 2, .type = UNIFIED_CACHE,     .size = 512 * KiB,
150                .associativity = 4,  .line_size = 64, },
151     [0x87] = { .level = 2, .type = UNIFIED_CACHE,     .size =   1 * MiB,
152                .associativity = 8,  .line_size = 64, },
153     [0xD0] = { .level = 3, .type = UNIFIED_CACHE,     .size = 512 * KiB,
154                .associativity = 4,  .line_size = 64, },
155     [0xD1] = { .level = 3, .type = UNIFIED_CACHE,     .size =   1 * MiB,
156                .associativity = 4,  .line_size = 64, },
157     [0xD2] = { .level = 3, .type = UNIFIED_CACHE,     .size =   2 * MiB,
158                .associativity = 4,  .line_size = 64, },
159     [0xD6] = { .level = 3, .type = UNIFIED_CACHE,     .size =   1 * MiB,
160                .associativity = 8,  .line_size = 64, },
161     [0xD7] = { .level = 3, .type = UNIFIED_CACHE,     .size =   2 * MiB,
162                .associativity = 8,  .line_size = 64, },
163     [0xD8] = { .level = 3, .type = UNIFIED_CACHE,     .size =   4 * MiB,
164                .associativity = 8,  .line_size = 64, },
165     [0xDC] = { .level = 3, .type = UNIFIED_CACHE,     .size = 1.5 * MiB,
166                .associativity = 12, .line_size = 64, },
167     [0xDD] = { .level = 3, .type = UNIFIED_CACHE,     .size =   3 * MiB,
168                .associativity = 12, .line_size = 64, },
169     [0xDE] = { .level = 3, .type = UNIFIED_CACHE,     .size =   6 * MiB,
170                .associativity = 12, .line_size = 64, },
171     [0xE2] = { .level = 3, .type = UNIFIED_CACHE,     .size =   2 * MiB,
172                .associativity = 16, .line_size = 64, },
173     [0xE3] = { .level = 3, .type = UNIFIED_CACHE,     .size =   4 * MiB,
174                .associativity = 16, .line_size = 64, },
175     [0xE4] = { .level = 3, .type = UNIFIED_CACHE,     .size =   8 * MiB,
176                .associativity = 16, .line_size = 64, },
177     [0xEA] = { .level = 3, .type = UNIFIED_CACHE,     .size =  12 * MiB,
178                .associativity = 24, .line_size = 64, },
179     [0xEB] = { .level = 3, .type = UNIFIED_CACHE,     .size =  18 * MiB,
180                .associativity = 24, .line_size = 64, },
181     [0xEC] = { .level = 3, .type = UNIFIED_CACHE,     .size =  24 * MiB,
182                .associativity = 24, .line_size = 64, },
183 };
184 
185 /*
186  * "CPUID leaf 2 does not report cache descriptor information,
187  * use CPUID leaf 4 to query cache parameters"
188  */
189 #define CACHE_DESCRIPTOR_UNAVAILABLE 0xFF
190 
191 /*
192  * Return a CPUID 2 cache descriptor for a given cache.
193  * If no known descriptor is found, return CACHE_DESCRIPTOR_UNAVAILABLE
194  */
195 static uint8_t cpuid2_cache_descriptor(CPUCacheInfo *cache)
196 {
197     int i;
198 
199     assert(cache->size > 0);
200     assert(cache->level > 0);
201     assert(cache->line_size > 0);
202     assert(cache->associativity > 0);
203     for (i = 0; i < ARRAY_SIZE(cpuid2_cache_descriptors); i++) {
204         struct CPUID2CacheDescriptorInfo *d = &cpuid2_cache_descriptors[i];
205         if (d->level == cache->level && d->type == cache->type &&
206             d->size == cache->size && d->line_size == cache->line_size &&
207             d->associativity == cache->associativity) {
208                 return i;
209             }
210     }
211 
212     return CACHE_DESCRIPTOR_UNAVAILABLE;
213 }
214 
215 /* CPUID Leaf 4 constants: */
216 
217 /* EAX: */
218 #define CACHE_TYPE_D    1
219 #define CACHE_TYPE_I    2
220 #define CACHE_TYPE_UNIFIED   3
221 
222 #define CACHE_LEVEL(l)        (l << 5)
223 
224 #define CACHE_SELF_INIT_LEVEL (1 << 8)
225 
226 /* EDX: */
227 #define CACHE_NO_INVD_SHARING   (1 << 0)
228 #define CACHE_INCLUSIVE       (1 << 1)
229 #define CACHE_COMPLEX_IDX     (1 << 2)
230 
231 /* Encode CacheType for CPUID[4].EAX */
232 #define CACHE_TYPE(t) (((t) == DATA_CACHE) ? CACHE_TYPE_D : \
233                        ((t) == INSTRUCTION_CACHE) ? CACHE_TYPE_I : \
234                        ((t) == UNIFIED_CACHE) ? CACHE_TYPE_UNIFIED : \
235                        0 /* Invalid value */)
236 
237 
238 /* Encode cache info for CPUID[4] */
239 static void encode_cache_cpuid4(CPUCacheInfo *cache,
240                                 int num_apic_ids, int num_cores,
241                                 uint32_t *eax, uint32_t *ebx,
242                                 uint32_t *ecx, uint32_t *edx)
243 {
244     assert(cache->size == cache->line_size * cache->associativity *
245                           cache->partitions * cache->sets);
246 
247     assert(num_apic_ids > 0);
248     *eax = CACHE_TYPE(cache->type) |
249            CACHE_LEVEL(cache->level) |
250            (cache->self_init ? CACHE_SELF_INIT_LEVEL : 0) |
251            ((num_cores - 1) << 26) |
252            ((num_apic_ids - 1) << 14);
253 
254     assert(cache->line_size > 0);
255     assert(cache->partitions > 0);
256     assert(cache->associativity > 0);
257     /* We don't implement fully-associative caches */
258     assert(cache->associativity < cache->sets);
259     *ebx = (cache->line_size - 1) |
260            ((cache->partitions - 1) << 12) |
261            ((cache->associativity - 1) << 22);
262 
263     assert(cache->sets > 0);
264     *ecx = cache->sets - 1;
265 
266     *edx = (cache->no_invd_sharing ? CACHE_NO_INVD_SHARING : 0) |
267            (cache->inclusive ? CACHE_INCLUSIVE : 0) |
268            (cache->complex_indexing ? CACHE_COMPLEX_IDX : 0);
269 }
270 
271 /* Encode cache info for CPUID[0x80000005].ECX or CPUID[0x80000005].EDX */
272 static uint32_t encode_cache_cpuid80000005(CPUCacheInfo *cache)
273 {
274     assert(cache->size % 1024 == 0);
275     assert(cache->lines_per_tag > 0);
276     assert(cache->associativity > 0);
277     assert(cache->line_size > 0);
278     return ((cache->size / 1024) << 24) | (cache->associativity << 16) |
279            (cache->lines_per_tag << 8) | (cache->line_size);
280 }
281 
282 #define ASSOC_FULL 0xFF
283 
284 /* AMD associativity encoding used on CPUID Leaf 0x80000006: */
285 #define AMD_ENC_ASSOC(a) (a <=   1 ? a   : \
286                           a ==   2 ? 0x2 : \
287                           a ==   4 ? 0x4 : \
288                           a ==   8 ? 0x6 : \
289                           a ==  16 ? 0x8 : \
290                           a ==  32 ? 0xA : \
291                           a ==  48 ? 0xB : \
292                           a ==  64 ? 0xC : \
293                           a ==  96 ? 0xD : \
294                           a == 128 ? 0xE : \
295                           a == ASSOC_FULL ? 0xF : \
296                           0 /* invalid value */)
297 
298 /*
299  * Encode cache info for CPUID[0x80000006].ECX and CPUID[0x80000006].EDX
300  * @l3 can be NULL.
301  */
302 static void encode_cache_cpuid80000006(CPUCacheInfo *l2,
303                                        CPUCacheInfo *l3,
304                                        uint32_t *ecx, uint32_t *edx)
305 {
306     assert(l2->size % 1024 == 0);
307     assert(l2->associativity > 0);
308     assert(l2->lines_per_tag > 0);
309     assert(l2->line_size > 0);
310     *ecx = ((l2->size / 1024) << 16) |
311            (AMD_ENC_ASSOC(l2->associativity) << 12) |
312            (l2->lines_per_tag << 8) | (l2->line_size);
313 
314     if (l3) {
315         assert(l3->size % (512 * 1024) == 0);
316         assert(l3->associativity > 0);
317         assert(l3->lines_per_tag > 0);
318         assert(l3->line_size > 0);
319         *edx = ((l3->size / (512 * 1024)) << 18) |
320                (AMD_ENC_ASSOC(l3->associativity) << 12) |
321                (l3->lines_per_tag << 8) | (l3->line_size);
322     } else {
323         *edx = 0;
324     }
325 }
326 
327 /* Encode cache info for CPUID[8000001D] */
328 static void encode_cache_cpuid8000001d(CPUCacheInfo *cache,
329                                        X86CPUTopoInfo *topo_info,
330                                        uint32_t *eax, uint32_t *ebx,
331                                        uint32_t *ecx, uint32_t *edx)
332 {
333     uint32_t l3_threads;
334     assert(cache->size == cache->line_size * cache->associativity *
335                           cache->partitions * cache->sets);
336 
337     *eax = CACHE_TYPE(cache->type) | CACHE_LEVEL(cache->level) |
338                (cache->self_init ? CACHE_SELF_INIT_LEVEL : 0);
339 
340     /* L3 is shared among multiple cores */
341     if (cache->level == 3) {
342         l3_threads = topo_info->cores_per_die * topo_info->threads_per_core;
343         *eax |= (l3_threads - 1) << 14;
344     } else {
345         *eax |= ((topo_info->threads_per_core - 1) << 14);
346     }
347 
348     assert(cache->line_size > 0);
349     assert(cache->partitions > 0);
350     assert(cache->associativity > 0);
351     /* We don't implement fully-associative caches */
352     assert(cache->associativity < cache->sets);
353     *ebx = (cache->line_size - 1) |
354            ((cache->partitions - 1) << 12) |
355            ((cache->associativity - 1) << 22);
356 
357     assert(cache->sets > 0);
358     *ecx = cache->sets - 1;
359 
360     *edx = (cache->no_invd_sharing ? CACHE_NO_INVD_SHARING : 0) |
361            (cache->inclusive ? CACHE_INCLUSIVE : 0) |
362            (cache->complex_indexing ? CACHE_COMPLEX_IDX : 0);
363 }
364 
365 /* Encode cache info for CPUID[8000001E] */
366 static void encode_topo_cpuid8000001e(X86CPU *cpu, X86CPUTopoInfo *topo_info,
367                                       uint32_t *eax, uint32_t *ebx,
368                                       uint32_t *ecx, uint32_t *edx)
369 {
370     X86CPUTopoIDs topo_ids;
371 
372     x86_topo_ids_from_apicid(cpu->apic_id, topo_info, &topo_ids);
373 
374     *eax = cpu->apic_id;
375 
376     /*
377      * CPUID_Fn8000001E_EBX [Core Identifiers] (CoreId)
378      * Read-only. Reset: 0000_XXXXh.
379      * See Core::X86::Cpuid::ExtApicId.
380      * Core::X86::Cpuid::CoreId_lthree[1:0]_core[3:0]_thread[1:0];
381      * Bits Description
382      * 31:16 Reserved.
383      * 15:8 ThreadsPerCore: threads per core. Read-only. Reset: XXh.
384      *      The number of threads per core is ThreadsPerCore+1.
385      *  7:0 CoreId: core ID. Read-only. Reset: XXh.
386      *
387      *  NOTE: CoreId is already part of apic_id. Just use it. We can
388      *  use all the 8 bits to represent the core_id here.
389      */
390     *ebx = ((topo_info->threads_per_core - 1) << 8) | (topo_ids.core_id & 0xFF);
391 
392     /*
393      * CPUID_Fn8000001E_ECX [Node Identifiers] (NodeId)
394      * Read-only. Reset: 0000_0XXXh.
395      * Core::X86::Cpuid::NodeId_lthree[1:0]_core[3:0]_thread[1:0];
396      * Bits Description
397      * 31:11 Reserved.
398      * 10:8 NodesPerProcessor: Node per processor. Read-only. Reset: XXXb.
399      *      ValidValues:
400      *      Value Description
401      *      000b  1 node per processor.
402      *      001b  2 nodes per processor.
403      *      010b Reserved.
404      *      011b 4 nodes per processor.
405      *      111b-100b Reserved.
406      *  7:0 NodeId: Node ID. Read-only. Reset: XXh.
407      *
408      * NOTE: Hardware reserves 3 bits for number of nodes per processor.
409      * But users can create more nodes than the actual hardware can
410      * support. To genaralize we can use all the upper 8 bits for nodes.
411      * NodeId is combination of node and socket_id which is already decoded
412      * in apic_id. Just use it by shifting.
413      */
414     *ecx = ((topo_info->dies_per_pkg - 1) << 8) |
415            ((cpu->apic_id >> apicid_die_offset(topo_info)) & 0xFF);
416 
417     *edx = 0;
418 }
419 
420 /*
421  * Definitions of the hardcoded cache entries we expose:
422  * These are legacy cache values. If there is a need to change any
423  * of these values please use builtin_x86_defs
424  */
425 
426 /* L1 data cache: */
427 static CPUCacheInfo legacy_l1d_cache = {
428     .type = DATA_CACHE,
429     .level = 1,
430     .size = 32 * KiB,
431     .self_init = 1,
432     .line_size = 64,
433     .associativity = 8,
434     .sets = 64,
435     .partitions = 1,
436     .no_invd_sharing = true,
437 };
438 
439 /*FIXME: CPUID leaf 0x80000005 is inconsistent with leaves 2 & 4 */
440 static CPUCacheInfo legacy_l1d_cache_amd = {
441     .type = DATA_CACHE,
442     .level = 1,
443     .size = 64 * KiB,
444     .self_init = 1,
445     .line_size = 64,
446     .associativity = 2,
447     .sets = 512,
448     .partitions = 1,
449     .lines_per_tag = 1,
450     .no_invd_sharing = true,
451 };
452 
453 /* L1 instruction cache: */
454 static CPUCacheInfo legacy_l1i_cache = {
455     .type = INSTRUCTION_CACHE,
456     .level = 1,
457     .size = 32 * KiB,
458     .self_init = 1,
459     .line_size = 64,
460     .associativity = 8,
461     .sets = 64,
462     .partitions = 1,
463     .no_invd_sharing = true,
464 };
465 
466 /*FIXME: CPUID leaf 0x80000005 is inconsistent with leaves 2 & 4 */
467 static CPUCacheInfo legacy_l1i_cache_amd = {
468     .type = INSTRUCTION_CACHE,
469     .level = 1,
470     .size = 64 * KiB,
471     .self_init = 1,
472     .line_size = 64,
473     .associativity = 2,
474     .sets = 512,
475     .partitions = 1,
476     .lines_per_tag = 1,
477     .no_invd_sharing = true,
478 };
479 
480 /* Level 2 unified cache: */
481 static CPUCacheInfo legacy_l2_cache = {
482     .type = UNIFIED_CACHE,
483     .level = 2,
484     .size = 4 * MiB,
485     .self_init = 1,
486     .line_size = 64,
487     .associativity = 16,
488     .sets = 4096,
489     .partitions = 1,
490     .no_invd_sharing = true,
491 };
492 
493 /*FIXME: CPUID leaf 2 descriptor is inconsistent with CPUID leaf 4 */
494 static CPUCacheInfo legacy_l2_cache_cpuid2 = {
495     .type = UNIFIED_CACHE,
496     .level = 2,
497     .size = 2 * MiB,
498     .line_size = 64,
499     .associativity = 8,
500 };
501 
502 
503 /*FIXME: CPUID leaf 0x80000006 is inconsistent with leaves 2 & 4 */
504 static CPUCacheInfo legacy_l2_cache_amd = {
505     .type = UNIFIED_CACHE,
506     .level = 2,
507     .size = 512 * KiB,
508     .line_size = 64,
509     .lines_per_tag = 1,
510     .associativity = 16,
511     .sets = 512,
512     .partitions = 1,
513 };
514 
515 /* Level 3 unified cache: */
516 static CPUCacheInfo legacy_l3_cache = {
517     .type = UNIFIED_CACHE,
518     .level = 3,
519     .size = 16 * MiB,
520     .line_size = 64,
521     .associativity = 16,
522     .sets = 16384,
523     .partitions = 1,
524     .lines_per_tag = 1,
525     .self_init = true,
526     .inclusive = true,
527     .complex_indexing = true,
528 };
529 
530 /* TLB definitions: */
531 
532 #define L1_DTLB_2M_ASSOC       1
533 #define L1_DTLB_2M_ENTRIES   255
534 #define L1_DTLB_4K_ASSOC       1
535 #define L1_DTLB_4K_ENTRIES   255
536 
537 #define L1_ITLB_2M_ASSOC       1
538 #define L1_ITLB_2M_ENTRIES   255
539 #define L1_ITLB_4K_ASSOC       1
540 #define L1_ITLB_4K_ENTRIES   255
541 
542 #define L2_DTLB_2M_ASSOC       0 /* disabled */
543 #define L2_DTLB_2M_ENTRIES     0 /* disabled */
544 #define L2_DTLB_4K_ASSOC       4
545 #define L2_DTLB_4K_ENTRIES   512
546 
547 #define L2_ITLB_2M_ASSOC       0 /* disabled */
548 #define L2_ITLB_2M_ENTRIES     0 /* disabled */
549 #define L2_ITLB_4K_ASSOC       4
550 #define L2_ITLB_4K_ENTRIES   512
551 
552 /* CPUID Leaf 0x14 constants: */
553 #define INTEL_PT_MAX_SUBLEAF     0x1
554 /*
555  * bit[00]: IA32_RTIT_CTL.CR3 filter can be set to 1 and IA32_RTIT_CR3_MATCH
556  *          MSR can be accessed;
557  * bit[01]: Support Configurable PSB and Cycle-Accurate Mode;
558  * bit[02]: Support IP Filtering, TraceStop filtering, and preservation
559  *          of Intel PT MSRs across warm reset;
560  * bit[03]: Support MTC timing packet and suppression of COFI-based packets;
561  */
562 #define INTEL_PT_MINIMAL_EBX     0xf
563 /*
564  * bit[00]: Tracing can be enabled with IA32_RTIT_CTL.ToPA = 1 and
565  *          IA32_RTIT_OUTPUT_BASE and IA32_RTIT_OUTPUT_MASK_PTRS MSRs can be
566  *          accessed;
567  * bit[01]: ToPA tables can hold any number of output entries, up to the
568  *          maximum allowed by the MaskOrTableOffset field of
569  *          IA32_RTIT_OUTPUT_MASK_PTRS;
570  * bit[02]: Support Single-Range Output scheme;
571  */
572 #define INTEL_PT_MINIMAL_ECX     0x7
573 /* generated packets which contain IP payloads have LIP values */
574 #define INTEL_PT_IP_LIP          (1 << 31)
575 #define INTEL_PT_ADDR_RANGES_NUM 0x2 /* Number of configurable address ranges */
576 #define INTEL_PT_ADDR_RANGES_NUM_MASK 0x3
577 #define INTEL_PT_MTC_BITMAP      (0x0249 << 16) /* Support ART(0,3,6,9) */
578 #define INTEL_PT_CYCLE_BITMAP    0x1fff         /* Support 0,2^(0~11) */
579 #define INTEL_PT_PSB_BITMAP      (0x003f << 16) /* Support 2K,4K,8K,16K,32K,64K */
580 
581 /* CPUID Leaf 0x1D constants: */
582 #define INTEL_AMX_TILE_MAX_SUBLEAF     0x1
583 #define INTEL_AMX_TOTAL_TILE_BYTES     0x2000
584 #define INTEL_AMX_BYTES_PER_TILE       0x400
585 #define INTEL_AMX_BYTES_PER_ROW        0x40
586 #define INTEL_AMX_TILE_MAX_NAMES       0x8
587 #define INTEL_AMX_TILE_MAX_ROWS        0x10
588 
589 /* CPUID Leaf 0x1E constants: */
590 #define INTEL_AMX_TMUL_MAX_K           0x10
591 #define INTEL_AMX_TMUL_MAX_N           0x40
592 
593 void x86_cpu_vendor_words2str(char *dst, uint32_t vendor1,
594                               uint32_t vendor2, uint32_t vendor3)
595 {
596     int i;
597     for (i = 0; i < 4; i++) {
598         dst[i] = vendor1 >> (8 * i);
599         dst[i + 4] = vendor2 >> (8 * i);
600         dst[i + 8] = vendor3 >> (8 * i);
601     }
602     dst[CPUID_VENDOR_SZ] = '\0';
603 }
604 
605 #define I486_FEATURES (CPUID_FP87 | CPUID_VME | CPUID_PSE)
606 #define PENTIUM_FEATURES (I486_FEATURES | CPUID_DE | CPUID_TSC | \
607           CPUID_MSR | CPUID_MCE | CPUID_CX8 | CPUID_MMX | CPUID_APIC)
608 #define PENTIUM2_FEATURES (PENTIUM_FEATURES | CPUID_PAE | CPUID_SEP | \
609           CPUID_MTRR | CPUID_PGE | CPUID_MCA | CPUID_CMOV | CPUID_PAT | \
610           CPUID_PSE36 | CPUID_FXSR)
611 #define PENTIUM3_FEATURES (PENTIUM2_FEATURES | CPUID_SSE)
612 #define PPRO_FEATURES (CPUID_FP87 | CPUID_DE | CPUID_PSE | CPUID_TSC | \
613           CPUID_MSR | CPUID_MCE | CPUID_CX8 | CPUID_PGE | CPUID_CMOV | \
614           CPUID_PAT | CPUID_FXSR | CPUID_MMX | CPUID_SSE | CPUID_SSE2 | \
615           CPUID_PAE | CPUID_SEP | CPUID_APIC)
616 
617 #define TCG_FEATURES (CPUID_FP87 | CPUID_PSE | CPUID_TSC | CPUID_MSR | \
618           CPUID_PAE | CPUID_MCE | CPUID_CX8 | CPUID_APIC | CPUID_SEP | \
619           CPUID_MTRR | CPUID_PGE | CPUID_MCA | CPUID_CMOV | CPUID_PAT | \
620           CPUID_PSE36 | CPUID_CLFLUSH | CPUID_ACPI | CPUID_MMX | \
621           CPUID_FXSR | CPUID_SSE | CPUID_SSE2 | CPUID_SS | CPUID_DE)
622           /* partly implemented:
623           CPUID_MTRR, CPUID_MCA, CPUID_CLFLUSH (needed for Win64) */
624           /* missing:
625           CPUID_VME, CPUID_DTS, CPUID_SS, CPUID_HT, CPUID_TM, CPUID_PBE */
626 
627 /*
628  * Kernel-only features that can be shown to usermode programs even if
629  * they aren't actually supported by TCG, because qemu-user only runs
630  * in CPL=3; remove them if they are ever implemented for system emulation.
631  */
632 #if defined CONFIG_USER_ONLY
633 #define CPUID_EXT_KERNEL_FEATURES (CPUID_EXT_PCID | CPUID_EXT_TSC_DEADLINE_TIMER | \
634                                  CPUID_EXT_X2APIC)
635 #else
636 #define CPUID_EXT_KERNEL_FEATURES 0
637 #endif
638 #define TCG_EXT_FEATURES (CPUID_EXT_SSE3 | CPUID_EXT_PCLMULQDQ | \
639           CPUID_EXT_MONITOR | CPUID_EXT_SSSE3 | CPUID_EXT_CX16 | \
640           CPUID_EXT_SSE41 | CPUID_EXT_SSE42 | CPUID_EXT_POPCNT | \
641           CPUID_EXT_XSAVE | /* CPUID_EXT_OSXSAVE is dynamic */   \
642           CPUID_EXT_MOVBE | CPUID_EXT_AES | CPUID_EXT_HYPERVISOR | \
643           CPUID_EXT_RDRAND | CPUID_EXT_AVX | CPUID_EXT_F16C | \
644           CPUID_EXT_FMA | CPUID_EXT_KERNEL_FEATURES)
645           /* missing:
646           CPUID_EXT_DTES64, CPUID_EXT_DSCPL, CPUID_EXT_VMX, CPUID_EXT_SMX,
647           CPUID_EXT_EST, CPUID_EXT_TM2, CPUID_EXT_CID,
648           CPUID_EXT_XTPR, CPUID_EXT_PDCM, CPUID_EXT_PCID, CPUID_EXT_DCA,
649           CPUID_EXT_X2APIC, CPUID_EXT_TSC_DEADLINE_TIMER */
650 
651 #ifdef TARGET_X86_64
652 #define TCG_EXT2_X86_64_FEATURES CPUID_EXT2_LM
653 #else
654 #define TCG_EXT2_X86_64_FEATURES 0
655 #endif
656 
657 /*
658  * CPUID_*_KERNEL_FEATURES denotes bits and features that are not usable
659  * in usermode or by 32-bit programs.  Those are added to supported
660  * TCG features unconditionally in user-mode emulation mode.  This may
661  * indeed seem strange or incorrect, but it works because code running
662  * under usermode emulation cannot access them.
663  *
664  * Even for long mode, qemu-i386 is not running "a userspace program on a
665  * 32-bit CPU"; it's running "a userspace program with a 32-bit code segment"
666  * and therefore using the 32-bit ABI; the CPU itself might be 64-bit
667  * but again the difference is only visible in kernel mode.
668  */
669 #if defined CONFIG_LINUX_USER
670 #define CPUID_EXT2_KERNEL_FEATURES (CPUID_EXT2_LM | CPUID_EXT2_FFXSR)
671 #elif defined CONFIG_USER_ONLY
672 /* FIXME: Long mode not yet supported for i386 bsd-user */
673 #define CPUID_EXT2_KERNEL_FEATURES CPUID_EXT2_FFXSR
674 #else
675 #define CPUID_EXT2_KERNEL_FEATURES 0
676 #endif
677 
678 #define TCG_EXT2_FEATURES ((TCG_FEATURES & CPUID_EXT2_AMD_ALIASES) | \
679           CPUID_EXT2_NX | CPUID_EXT2_MMXEXT | CPUID_EXT2_RDTSCP | \
680           CPUID_EXT2_3DNOW | CPUID_EXT2_3DNOWEXT | CPUID_EXT2_PDPE1GB | \
681           CPUID_EXT2_SYSCALL | TCG_EXT2_X86_64_FEATURES | \
682           CPUID_EXT2_KERNEL_FEATURES)
683 
684 #if defined CONFIG_USER_ONLY
685 #define CPUID_EXT3_KERNEL_FEATURES CPUID_EXT3_OSVW
686 #else
687 #define CPUID_EXT3_KERNEL_FEATURES 0
688 #endif
689 
690 #define TCG_EXT3_FEATURES (CPUID_EXT3_LAHF_LM | CPUID_EXT3_SVM | \
691           CPUID_EXT3_CR8LEG | CPUID_EXT3_ABM | CPUID_EXT3_SSE4A | \
692           CPUID_EXT3_3DNOWPREFETCH | CPUID_EXT3_KERNEL_FEATURES)
693 
694 #define TCG_EXT4_FEATURES 0
695 
696 #if defined CONFIG_USER_ONLY
697 #define CPUID_SVM_KERNEL_FEATURES (CPUID_SVM_NRIPSAVE | CPUID_SVM_VNMI)
698 #else
699 #define CPUID_SVM_KERNEL_FEATURES 0
700 #endif
701 #define TCG_SVM_FEATURES (CPUID_SVM_NPT | CPUID_SVM_VGIF | \
702           CPUID_SVM_SVME_ADDR_CHK | CPUID_SVM_KERNEL_FEATURES)
703 
704 #define TCG_KVM_FEATURES 0
705 
706 #if defined CONFIG_USER_ONLY
707 #define CPUID_7_0_EBX_KERNEL_FEATURES CPUID_7_0_EBX_INVPCID
708 #else
709 #define CPUID_7_0_EBX_KERNEL_FEATURES 0
710 #endif
711 #define TCG_7_0_EBX_FEATURES (CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_SMAP | \
712           CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ADX | \
713           CPUID_7_0_EBX_PCOMMIT | CPUID_7_0_EBX_CLFLUSHOPT |            \
714           CPUID_7_0_EBX_CLWB | CPUID_7_0_EBX_MPX | CPUID_7_0_EBX_FSGSBASE | \
715           CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_RDSEED | \
716           CPUID_7_0_EBX_KERNEL_FEATURES)
717           /* missing:
718           CPUID_7_0_EBX_HLE
719           CPUID_7_0_EBX_INVPCID, CPUID_7_0_EBX_RTM */
720 
721 #if defined CONFIG_SOFTMMU || defined CONFIG_LINUX
722 #define TCG_7_0_ECX_RDPID CPUID_7_0_ECX_RDPID
723 #else
724 #define TCG_7_0_ECX_RDPID 0
725 #endif
726 #define TCG_7_0_ECX_FEATURES (CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_PKU | \
727           /* CPUID_7_0_ECX_OSPKE is dynamic */ \
728           CPUID_7_0_ECX_LA57 | CPUID_7_0_ECX_PKS | CPUID_7_0_ECX_VAES | \
729           TCG_7_0_ECX_RDPID)
730 
731 #if defined CONFIG_USER_ONLY
732 #define CPUID_7_0_EDX_KERNEL_FEATURES (CPUID_7_0_EDX_SPEC_CTRL | \
733           CPUID_7_0_EDX_ARCH_CAPABILITIES | CPUID_7_0_EDX_SPEC_CTRL_SSBD)
734 #else
735 #define CPUID_7_0_EDX_KERNEL_FEATURES 0
736 #endif
737 #define TCG_7_0_EDX_FEATURES (CPUID_7_0_EDX_FSRM | CPUID_7_0_EDX_KERNEL_FEATURES)
738 
739 #define TCG_7_1_EAX_FEATURES (CPUID_7_1_EAX_FZRM | CPUID_7_1_EAX_FSRS | \
740           CPUID_7_1_EAX_FSRC)
741 #define TCG_7_1_EDX_FEATURES 0
742 #define TCG_7_2_EDX_FEATURES 0
743 #define TCG_APM_FEATURES 0
744 #define TCG_6_EAX_FEATURES CPUID_6_EAX_ARAT
745 #define TCG_XSAVE_FEATURES (CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XGETBV1)
746           /* missing:
747           CPUID_XSAVE_XSAVEC, CPUID_XSAVE_XSAVES */
748 #define TCG_14_0_ECX_FEATURES 0
749 #define TCG_SGX_12_0_EAX_FEATURES 0
750 #define TCG_SGX_12_0_EBX_FEATURES 0
751 #define TCG_SGX_12_1_EAX_FEATURES 0
752 
753 #if defined CONFIG_USER_ONLY
754 #define CPUID_8000_0008_EBX_KERNEL_FEATURES (CPUID_8000_0008_EBX_IBPB | \
755           CPUID_8000_0008_EBX_IBRS | CPUID_8000_0008_EBX_STIBP | \
756           CPUID_8000_0008_EBX_STIBP_ALWAYS_ON | CPUID_8000_0008_EBX_AMD_SSBD | \
757           CPUID_8000_0008_EBX_AMD_PSFD)
758 #else
759 #define CPUID_8000_0008_EBX_KERNEL_FEATURES 0
760 #endif
761 
762 #define TCG_8000_0008_EBX  (CPUID_8000_0008_EBX_XSAVEERPTR | \
763           CPUID_8000_0008_EBX_WBNOINVD | CPUID_8000_0008_EBX_KERNEL_FEATURES)
764 
765 FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
766     [FEAT_1_EDX] = {
767         .type = CPUID_FEATURE_WORD,
768         .feat_names = {
769             "fpu", "vme", "de", "pse",
770             "tsc", "msr", "pae", "mce",
771             "cx8", "apic", NULL, "sep",
772             "mtrr", "pge", "mca", "cmov",
773             "pat", "pse36", "pn" /* Intel psn */, "clflush" /* Intel clfsh */,
774             NULL, "ds" /* Intel dts */, "acpi", "mmx",
775             "fxsr", "sse", "sse2", "ss",
776             "ht" /* Intel htt */, "tm", "ia64", "pbe",
777         },
778         .cpuid = {.eax = 1, .reg = R_EDX, },
779         .tcg_features = TCG_FEATURES,
780     },
781     [FEAT_1_ECX] = {
782         .type = CPUID_FEATURE_WORD,
783         .feat_names = {
784             "pni" /* Intel,AMD sse3 */, "pclmulqdq", "dtes64", "monitor",
785             "ds-cpl", "vmx", "smx", "est",
786             "tm2", "ssse3", "cid", NULL,
787             "fma", "cx16", "xtpr", "pdcm",
788             NULL, "pcid", "dca", "sse4.1",
789             "sse4.2", "x2apic", "movbe", "popcnt",
790             "tsc-deadline", "aes", "xsave", NULL /* osxsave */,
791             "avx", "f16c", "rdrand", "hypervisor",
792         },
793         .cpuid = { .eax = 1, .reg = R_ECX, },
794         .tcg_features = TCG_EXT_FEATURES,
795     },
796     /* Feature names that are already defined on feature_name[] but
797      * are set on CPUID[8000_0001].EDX on AMD CPUs don't have their
798      * names on feat_names below. They are copied automatically
799      * to features[FEAT_8000_0001_EDX] if and only if CPU vendor is AMD.
800      */
801     [FEAT_8000_0001_EDX] = {
802         .type = CPUID_FEATURE_WORD,
803         .feat_names = {
804             NULL /* fpu */, NULL /* vme */, NULL /* de */, NULL /* pse */,
805             NULL /* tsc */, NULL /* msr */, NULL /* pae */, NULL /* mce */,
806             NULL /* cx8 */, NULL /* apic */, NULL, "syscall",
807             NULL /* mtrr */, NULL /* pge */, NULL /* mca */, NULL /* cmov */,
808             NULL /* pat */, NULL /* pse36 */, NULL, NULL /* Linux mp */,
809             "nx", NULL, "mmxext", NULL /* mmx */,
810             NULL /* fxsr */, "fxsr-opt", "pdpe1gb", "rdtscp",
811             NULL, "lm", "3dnowext", "3dnow",
812         },
813         .cpuid = { .eax = 0x80000001, .reg = R_EDX, },
814         .tcg_features = TCG_EXT2_FEATURES,
815     },
816     [FEAT_8000_0001_ECX] = {
817         .type = CPUID_FEATURE_WORD,
818         .feat_names = {
819             "lahf-lm", "cmp-legacy", "svm", "extapic",
820             "cr8legacy", "abm", "sse4a", "misalignsse",
821             "3dnowprefetch", "osvw", "ibs", "xop",
822             "skinit", "wdt", NULL, "lwp",
823             "fma4", "tce", NULL, "nodeid-msr",
824             NULL, "tbm", "topoext", "perfctr-core",
825             "perfctr-nb", NULL, NULL, NULL,
826             NULL, NULL, NULL, NULL,
827         },
828         .cpuid = { .eax = 0x80000001, .reg = R_ECX, },
829         .tcg_features = TCG_EXT3_FEATURES,
830         /*
831          * TOPOEXT is always allowed but can't be enabled blindly by
832          * "-cpu host", as it requires consistent cache topology info
833          * to be provided so it doesn't confuse guests.
834          */
835         .no_autoenable_flags = CPUID_EXT3_TOPOEXT,
836     },
837     [FEAT_C000_0001_EDX] = {
838         .type = CPUID_FEATURE_WORD,
839         .feat_names = {
840             NULL, NULL, "xstore", "xstore-en",
841             NULL, NULL, "xcrypt", "xcrypt-en",
842             "ace2", "ace2-en", "phe", "phe-en",
843             "pmm", "pmm-en", NULL, NULL,
844             NULL, NULL, NULL, NULL,
845             NULL, NULL, NULL, NULL,
846             NULL, NULL, NULL, NULL,
847             NULL, NULL, NULL, NULL,
848         },
849         .cpuid = { .eax = 0xC0000001, .reg = R_EDX, },
850         .tcg_features = TCG_EXT4_FEATURES,
851     },
852     [FEAT_KVM] = {
853         .type = CPUID_FEATURE_WORD,
854         .feat_names = {
855             "kvmclock", "kvm-nopiodelay", "kvm-mmu", "kvmclock",
856             "kvm-asyncpf", "kvm-steal-time", "kvm-pv-eoi", "kvm-pv-unhalt",
857             NULL, "kvm-pv-tlb-flush", NULL, "kvm-pv-ipi",
858             "kvm-poll-control", "kvm-pv-sched-yield", "kvm-asyncpf-int", "kvm-msi-ext-dest-id",
859             NULL, NULL, NULL, NULL,
860             NULL, NULL, NULL, NULL,
861             "kvmclock-stable-bit", NULL, NULL, NULL,
862             NULL, NULL, NULL, NULL,
863         },
864         .cpuid = { .eax = KVM_CPUID_FEATURES, .reg = R_EAX, },
865         .tcg_features = TCG_KVM_FEATURES,
866     },
867     [FEAT_KVM_HINTS] = {
868         .type = CPUID_FEATURE_WORD,
869         .feat_names = {
870             "kvm-hint-dedicated", NULL, NULL, NULL,
871             NULL, NULL, NULL, NULL,
872             NULL, NULL, NULL, NULL,
873             NULL, NULL, NULL, NULL,
874             NULL, NULL, NULL, NULL,
875             NULL, NULL, NULL, NULL,
876             NULL, NULL, NULL, NULL,
877             NULL, NULL, NULL, NULL,
878         },
879         .cpuid = { .eax = KVM_CPUID_FEATURES, .reg = R_EDX, },
880         .tcg_features = TCG_KVM_FEATURES,
881         /*
882          * KVM hints aren't auto-enabled by -cpu host, they need to be
883          * explicitly enabled in the command-line.
884          */
885         .no_autoenable_flags = ~0U,
886     },
887     [FEAT_SVM] = {
888         .type = CPUID_FEATURE_WORD,
889         .feat_names = {
890             "npt", "lbrv", "svm-lock", "nrip-save",
891             "tsc-scale", "vmcb-clean",  "flushbyasid", "decodeassists",
892             NULL, NULL, "pause-filter", NULL,
893             "pfthreshold", "avic", NULL, "v-vmsave-vmload",
894             "vgif", NULL, NULL, NULL,
895             NULL, NULL, NULL, NULL,
896             NULL, "vnmi", NULL, NULL,
897             "svme-addr-chk", NULL, NULL, NULL,
898         },
899         .cpuid = { .eax = 0x8000000A, .reg = R_EDX, },
900         .tcg_features = TCG_SVM_FEATURES,
901     },
902     [FEAT_7_0_EBX] = {
903         .type = CPUID_FEATURE_WORD,
904         .feat_names = {
905             "fsgsbase", "tsc-adjust", "sgx", "bmi1",
906             "hle", "avx2", NULL, "smep",
907             "bmi2", "erms", "invpcid", "rtm",
908             NULL, NULL, "mpx", NULL,
909             "avx512f", "avx512dq", "rdseed", "adx",
910             "smap", "avx512ifma", "pcommit", "clflushopt",
911             "clwb", "intel-pt", "avx512pf", "avx512er",
912             "avx512cd", "sha-ni", "avx512bw", "avx512vl",
913         },
914         .cpuid = {
915             .eax = 7,
916             .needs_ecx = true, .ecx = 0,
917             .reg = R_EBX,
918         },
919         .tcg_features = TCG_7_0_EBX_FEATURES,
920     },
921     [FEAT_7_0_ECX] = {
922         .type = CPUID_FEATURE_WORD,
923         .feat_names = {
924             NULL, "avx512vbmi", "umip", "pku",
925             NULL /* ospke */, "waitpkg", "avx512vbmi2", NULL,
926             "gfni", "vaes", "vpclmulqdq", "avx512vnni",
927             "avx512bitalg", NULL, "avx512-vpopcntdq", NULL,
928             "la57", NULL, NULL, NULL,
929             NULL, NULL, "rdpid", NULL,
930             "bus-lock-detect", "cldemote", NULL, "movdiri",
931             "movdir64b", NULL, "sgxlc", "pks",
932         },
933         .cpuid = {
934             .eax = 7,
935             .needs_ecx = true, .ecx = 0,
936             .reg = R_ECX,
937         },
938         .tcg_features = TCG_7_0_ECX_FEATURES,
939     },
940     [FEAT_7_0_EDX] = {
941         .type = CPUID_FEATURE_WORD,
942         .feat_names = {
943             NULL, NULL, "avx512-4vnniw", "avx512-4fmaps",
944             "fsrm", NULL, NULL, NULL,
945             "avx512-vp2intersect", NULL, "md-clear", NULL,
946             NULL, NULL, "serialize", NULL,
947             "tsx-ldtrk", NULL, NULL /* pconfig */, "arch-lbr",
948             NULL, NULL, "amx-bf16", "avx512-fp16",
949             "amx-tile", "amx-int8", "spec-ctrl", "stibp",
950             "flush-l1d", "arch-capabilities", "core-capability", "ssbd",
951         },
952         .cpuid = {
953             .eax = 7,
954             .needs_ecx = true, .ecx = 0,
955             .reg = R_EDX,
956         },
957         .tcg_features = TCG_7_0_EDX_FEATURES,
958     },
959     [FEAT_7_1_EAX] = {
960         .type = CPUID_FEATURE_WORD,
961         .feat_names = {
962             NULL, NULL, NULL, NULL,
963             "avx-vnni", "avx512-bf16", NULL, "cmpccxadd",
964             NULL, NULL, "fzrm", "fsrs",
965             "fsrc", NULL, NULL, NULL,
966             NULL, NULL, NULL, NULL,
967             NULL, "amx-fp16", NULL, "avx-ifma",
968             NULL, NULL, NULL, NULL,
969             NULL, NULL, NULL, NULL,
970         },
971         .cpuid = {
972             .eax = 7,
973             .needs_ecx = true, .ecx = 1,
974             .reg = R_EAX,
975         },
976         .tcg_features = TCG_7_1_EAX_FEATURES,
977     },
978     [FEAT_7_1_EDX] = {
979         .type = CPUID_FEATURE_WORD,
980         .feat_names = {
981             NULL, NULL, NULL, NULL,
982             "avx-vnni-int8", "avx-ne-convert", NULL, NULL,
983             "amx-complex", NULL, NULL, NULL,
984             NULL, NULL, "prefetchiti", NULL,
985             NULL, NULL, NULL, NULL,
986             NULL, NULL, NULL, NULL,
987             NULL, NULL, NULL, NULL,
988             NULL, NULL, NULL, NULL,
989         },
990         .cpuid = {
991             .eax = 7,
992             .needs_ecx = true, .ecx = 1,
993             .reg = R_EDX,
994         },
995         .tcg_features = TCG_7_1_EDX_FEATURES,
996     },
997     [FEAT_7_2_EDX] = {
998         .type = CPUID_FEATURE_WORD,
999         .feat_names = {
1000             NULL, NULL, NULL, NULL,
1001             NULL, "mcdt-no", NULL, NULL,
1002             NULL, NULL, NULL, NULL,
1003             NULL, NULL, NULL, NULL,
1004             NULL, NULL, NULL, NULL,
1005             NULL, NULL, NULL, NULL,
1006             NULL, NULL, NULL, NULL,
1007             NULL, NULL, NULL, NULL,
1008         },
1009         .cpuid = {
1010             .eax = 7,
1011             .needs_ecx = true, .ecx = 2,
1012             .reg = R_EDX,
1013         },
1014         .tcg_features = TCG_7_2_EDX_FEATURES,
1015     },
1016     [FEAT_8000_0007_EDX] = {
1017         .type = CPUID_FEATURE_WORD,
1018         .feat_names = {
1019             NULL, NULL, NULL, NULL,
1020             NULL, NULL, NULL, NULL,
1021             "invtsc", NULL, NULL, NULL,
1022             NULL, NULL, NULL, NULL,
1023             NULL, NULL, NULL, NULL,
1024             NULL, NULL, NULL, NULL,
1025             NULL, NULL, NULL, NULL,
1026             NULL, NULL, NULL, NULL,
1027         },
1028         .cpuid = { .eax = 0x80000007, .reg = R_EDX, },
1029         .tcg_features = TCG_APM_FEATURES,
1030         .unmigratable_flags = CPUID_APM_INVTSC,
1031     },
1032     [FEAT_8000_0008_EBX] = {
1033         .type = CPUID_FEATURE_WORD,
1034         .feat_names = {
1035             "clzero", NULL, "xsaveerptr", NULL,
1036             NULL, NULL, NULL, NULL,
1037             NULL, "wbnoinvd", NULL, NULL,
1038             "ibpb", NULL, "ibrs", "amd-stibp",
1039             NULL, "stibp-always-on", NULL, NULL,
1040             NULL, NULL, NULL, NULL,
1041             "amd-ssbd", "virt-ssbd", "amd-no-ssb", NULL,
1042             "amd-psfd", NULL, NULL, NULL,
1043         },
1044         .cpuid = { .eax = 0x80000008, .reg = R_EBX, },
1045         .tcg_features = TCG_8000_0008_EBX,
1046         .unmigratable_flags = 0,
1047     },
1048     [FEAT_8000_0021_EAX] = {
1049         .type = CPUID_FEATURE_WORD,
1050         .feat_names = {
1051             "no-nested-data-bp", NULL, "lfence-always-serializing", NULL,
1052             NULL, NULL, "null-sel-clr-base", NULL,
1053             "auto-ibrs", NULL, NULL, NULL,
1054             NULL, NULL, NULL, NULL,
1055             NULL, NULL, NULL, NULL,
1056             NULL, NULL, NULL, NULL,
1057             NULL, NULL, NULL, NULL,
1058             NULL, NULL, NULL, NULL,
1059         },
1060         .cpuid = { .eax = 0x80000021, .reg = R_EAX, },
1061         .tcg_features = 0,
1062         .unmigratable_flags = 0,
1063     },
1064     [FEAT_XSAVE] = {
1065         .type = CPUID_FEATURE_WORD,
1066         .feat_names = {
1067             "xsaveopt", "xsavec", "xgetbv1", "xsaves",
1068             "xfd", NULL, NULL, NULL,
1069             NULL, NULL, NULL, NULL,
1070             NULL, NULL, NULL, NULL,
1071             NULL, NULL, NULL, NULL,
1072             NULL, NULL, NULL, NULL,
1073             NULL, NULL, NULL, NULL,
1074             NULL, NULL, NULL, NULL,
1075         },
1076         .cpuid = {
1077             .eax = 0xd,
1078             .needs_ecx = true, .ecx = 1,
1079             .reg = R_EAX,
1080         },
1081         .tcg_features = TCG_XSAVE_FEATURES,
1082     },
1083     [FEAT_XSAVE_XSS_LO] = {
1084         .type = CPUID_FEATURE_WORD,
1085         .feat_names = {
1086             NULL, NULL, NULL, NULL,
1087             NULL, NULL, NULL, NULL,
1088             NULL, NULL, NULL, NULL,
1089             NULL, NULL, NULL, NULL,
1090             NULL, NULL, NULL, NULL,
1091             NULL, NULL, NULL, NULL,
1092             NULL, NULL, NULL, NULL,
1093             NULL, NULL, NULL, NULL,
1094         },
1095         .cpuid = {
1096             .eax = 0xD,
1097             .needs_ecx = true,
1098             .ecx = 1,
1099             .reg = R_ECX,
1100         },
1101     },
1102     [FEAT_XSAVE_XSS_HI] = {
1103         .type = CPUID_FEATURE_WORD,
1104         .cpuid = {
1105             .eax = 0xD,
1106             .needs_ecx = true,
1107             .ecx = 1,
1108             .reg = R_EDX
1109         },
1110     },
1111     [FEAT_6_EAX] = {
1112         .type = CPUID_FEATURE_WORD,
1113         .feat_names = {
1114             NULL, NULL, "arat", NULL,
1115             NULL, NULL, NULL, NULL,
1116             NULL, NULL, NULL, NULL,
1117             NULL, NULL, NULL, NULL,
1118             NULL, NULL, NULL, NULL,
1119             NULL, NULL, NULL, NULL,
1120             NULL, NULL, NULL, NULL,
1121             NULL, NULL, NULL, NULL,
1122         },
1123         .cpuid = { .eax = 6, .reg = R_EAX, },
1124         .tcg_features = TCG_6_EAX_FEATURES,
1125     },
1126     [FEAT_XSAVE_XCR0_LO] = {
1127         .type = CPUID_FEATURE_WORD,
1128         .cpuid = {
1129             .eax = 0xD,
1130             .needs_ecx = true, .ecx = 0,
1131             .reg = R_EAX,
1132         },
1133         .tcg_features = ~0U,
1134         .migratable_flags = XSTATE_FP_MASK | XSTATE_SSE_MASK |
1135             XSTATE_YMM_MASK | XSTATE_BNDREGS_MASK | XSTATE_BNDCSR_MASK |
1136             XSTATE_OPMASK_MASK | XSTATE_ZMM_Hi256_MASK | XSTATE_Hi16_ZMM_MASK |
1137             XSTATE_PKRU_MASK,
1138     },
1139     [FEAT_XSAVE_XCR0_HI] = {
1140         .type = CPUID_FEATURE_WORD,
1141         .cpuid = {
1142             .eax = 0xD,
1143             .needs_ecx = true, .ecx = 0,
1144             .reg = R_EDX,
1145         },
1146         .tcg_features = ~0U,
1147     },
1148     /*Below are MSR exposed features*/
1149     [FEAT_ARCH_CAPABILITIES] = {
1150         .type = MSR_FEATURE_WORD,
1151         .feat_names = {
1152             "rdctl-no", "ibrs-all", "rsba", "skip-l1dfl-vmentry",
1153             "ssb-no", "mds-no", "pschange-mc-no", "tsx-ctrl",
1154             "taa-no", NULL, NULL, NULL,
1155             NULL, "sbdr-ssdp-no", "fbsdp-no", "psdp-no",
1156             NULL, "fb-clear", NULL, NULL,
1157             NULL, NULL, NULL, NULL,
1158             "pbrsb-no", NULL, NULL, NULL,
1159             NULL, NULL, NULL, NULL,
1160         },
1161         .msr = {
1162             .index = MSR_IA32_ARCH_CAPABILITIES,
1163         },
1164         /*
1165          * FEAT_ARCH_CAPABILITIES only affects a read-only MSR, which
1166          * cannot be read from user mode.  Therefore, it has no impact
1167          > on any user-mode operation, and warnings about unsupported
1168          * features do not matter.
1169          */
1170         .tcg_features = ~0U,
1171     },
1172     [FEAT_CORE_CAPABILITY] = {
1173         .type = MSR_FEATURE_WORD,
1174         .feat_names = {
1175             NULL, NULL, NULL, NULL,
1176             NULL, "split-lock-detect", NULL, NULL,
1177             NULL, NULL, NULL, NULL,
1178             NULL, NULL, NULL, NULL,
1179             NULL, NULL, NULL, NULL,
1180             NULL, NULL, NULL, NULL,
1181             NULL, NULL, NULL, NULL,
1182             NULL, NULL, NULL, NULL,
1183         },
1184         .msr = {
1185             .index = MSR_IA32_CORE_CAPABILITY,
1186         },
1187     },
1188     [FEAT_PERF_CAPABILITIES] = {
1189         .type = MSR_FEATURE_WORD,
1190         .feat_names = {
1191             NULL, NULL, NULL, NULL,
1192             NULL, NULL, NULL, NULL,
1193             NULL, NULL, NULL, NULL,
1194             NULL, "full-width-write", NULL, NULL,
1195             NULL, NULL, NULL, NULL,
1196             NULL, NULL, NULL, NULL,
1197             NULL, NULL, NULL, NULL,
1198             NULL, NULL, NULL, NULL,
1199         },
1200         .msr = {
1201             .index = MSR_IA32_PERF_CAPABILITIES,
1202         },
1203     },
1204 
1205     [FEAT_VMX_PROCBASED_CTLS] = {
1206         .type = MSR_FEATURE_WORD,
1207         .feat_names = {
1208             NULL, NULL, "vmx-vintr-pending", "vmx-tsc-offset",
1209             NULL, NULL, NULL, "vmx-hlt-exit",
1210             NULL, "vmx-invlpg-exit", "vmx-mwait-exit", "vmx-rdpmc-exit",
1211             "vmx-rdtsc-exit", NULL, NULL, "vmx-cr3-load-noexit",
1212             "vmx-cr3-store-noexit", NULL, NULL, "vmx-cr8-load-exit",
1213             "vmx-cr8-store-exit", "vmx-flexpriority", "vmx-vnmi-pending", "vmx-movdr-exit",
1214             "vmx-io-exit", "vmx-io-bitmap", NULL, "vmx-mtf",
1215             "vmx-msr-bitmap", "vmx-monitor-exit", "vmx-pause-exit", "vmx-secondary-ctls",
1216         },
1217         .msr = {
1218             .index = MSR_IA32_VMX_TRUE_PROCBASED_CTLS,
1219         }
1220     },
1221 
1222     [FEAT_VMX_SECONDARY_CTLS] = {
1223         .type = MSR_FEATURE_WORD,
1224         .feat_names = {
1225             "vmx-apicv-xapic", "vmx-ept", "vmx-desc-exit", "vmx-rdtscp-exit",
1226             "vmx-apicv-x2apic", "vmx-vpid", "vmx-wbinvd-exit", "vmx-unrestricted-guest",
1227             "vmx-apicv-register", "vmx-apicv-vid", "vmx-ple", "vmx-rdrand-exit",
1228             "vmx-invpcid-exit", "vmx-vmfunc", "vmx-shadow-vmcs", "vmx-encls-exit",
1229             "vmx-rdseed-exit", "vmx-pml", NULL, NULL,
1230             "vmx-xsaves", NULL, NULL, NULL,
1231             NULL, "vmx-tsc-scaling", "vmx-enable-user-wait-pause", NULL,
1232             NULL, NULL, NULL, NULL,
1233         },
1234         .msr = {
1235             .index = MSR_IA32_VMX_PROCBASED_CTLS2,
1236         }
1237     },
1238 
1239     [FEAT_VMX_PINBASED_CTLS] = {
1240         .type = MSR_FEATURE_WORD,
1241         .feat_names = {
1242             "vmx-intr-exit", NULL, NULL, "vmx-nmi-exit",
1243             NULL, "vmx-vnmi", "vmx-preemption-timer", "vmx-posted-intr",
1244             NULL, NULL, NULL, NULL,
1245             NULL, NULL, NULL, NULL,
1246             NULL, NULL, NULL, NULL,
1247             NULL, NULL, NULL, NULL,
1248             NULL, NULL, NULL, NULL,
1249             NULL, NULL, NULL, NULL,
1250         },
1251         .msr = {
1252             .index = MSR_IA32_VMX_TRUE_PINBASED_CTLS,
1253         }
1254     },
1255 
1256     [FEAT_VMX_EXIT_CTLS] = {
1257         .type = MSR_FEATURE_WORD,
1258         /*
1259          * VMX_VM_EXIT_HOST_ADDR_SPACE_SIZE is copied from
1260          * the LM CPUID bit.
1261          */
1262         .feat_names = {
1263             NULL, NULL, "vmx-exit-nosave-debugctl", NULL,
1264             NULL, NULL, NULL, NULL,
1265             NULL, NULL /* vmx-exit-host-addr-space-size */, NULL, NULL,
1266             "vmx-exit-load-perf-global-ctrl", NULL, NULL, "vmx-exit-ack-intr",
1267             NULL, NULL, "vmx-exit-save-pat", "vmx-exit-load-pat",
1268             "vmx-exit-save-efer", "vmx-exit-load-efer",
1269                 "vmx-exit-save-preemption-timer", "vmx-exit-clear-bndcfgs",
1270             NULL, "vmx-exit-clear-rtit-ctl", NULL, NULL,
1271             NULL, "vmx-exit-load-pkrs", NULL, NULL,
1272         },
1273         .msr = {
1274             .index = MSR_IA32_VMX_TRUE_EXIT_CTLS,
1275         }
1276     },
1277 
1278     [FEAT_VMX_ENTRY_CTLS] = {
1279         .type = MSR_FEATURE_WORD,
1280         .feat_names = {
1281             NULL, NULL, "vmx-entry-noload-debugctl", NULL,
1282             NULL, NULL, NULL, NULL,
1283             NULL, "vmx-entry-ia32e-mode", NULL, NULL,
1284             NULL, "vmx-entry-load-perf-global-ctrl", "vmx-entry-load-pat", "vmx-entry-load-efer",
1285             "vmx-entry-load-bndcfgs", NULL, "vmx-entry-load-rtit-ctl", NULL,
1286             NULL, NULL, "vmx-entry-load-pkrs", NULL,
1287             NULL, NULL, NULL, NULL,
1288             NULL, NULL, NULL, NULL,
1289         },
1290         .msr = {
1291             .index = MSR_IA32_VMX_TRUE_ENTRY_CTLS,
1292         }
1293     },
1294 
1295     [FEAT_VMX_MISC] = {
1296         .type = MSR_FEATURE_WORD,
1297         .feat_names = {
1298             NULL, NULL, NULL, NULL,
1299             NULL, "vmx-store-lma", "vmx-activity-hlt", "vmx-activity-shutdown",
1300             "vmx-activity-wait-sipi", NULL, NULL, NULL,
1301             NULL, NULL, NULL, NULL,
1302             NULL, NULL, NULL, NULL,
1303             NULL, NULL, NULL, NULL,
1304             NULL, NULL, NULL, NULL,
1305             NULL, "vmx-vmwrite-vmexit-fields", "vmx-zero-len-inject", NULL,
1306         },
1307         .msr = {
1308             .index = MSR_IA32_VMX_MISC,
1309         }
1310     },
1311 
1312     [FEAT_VMX_EPT_VPID_CAPS] = {
1313         .type = MSR_FEATURE_WORD,
1314         .feat_names = {
1315             "vmx-ept-execonly", NULL, NULL, NULL,
1316             NULL, NULL, "vmx-page-walk-4", "vmx-page-walk-5",
1317             NULL, NULL, NULL, NULL,
1318             NULL, NULL, NULL, NULL,
1319             "vmx-ept-2mb", "vmx-ept-1gb", NULL, NULL,
1320             "vmx-invept", "vmx-eptad", "vmx-ept-advanced-exitinfo", NULL,
1321             NULL, "vmx-invept-single-context", "vmx-invept-all-context", NULL,
1322             NULL, NULL, NULL, NULL,
1323             "vmx-invvpid", NULL, NULL, NULL,
1324             NULL, NULL, NULL, NULL,
1325             "vmx-invvpid-single-addr", "vmx-invept-single-context",
1326                 "vmx-invvpid-all-context", "vmx-invept-single-context-noglobals",
1327             NULL, NULL, NULL, NULL,
1328             NULL, NULL, NULL, NULL,
1329             NULL, NULL, NULL, NULL,
1330             NULL, NULL, NULL, NULL,
1331             NULL, NULL, NULL, NULL,
1332         },
1333         .msr = {
1334             .index = MSR_IA32_VMX_EPT_VPID_CAP,
1335         }
1336     },
1337 
1338     [FEAT_VMX_BASIC] = {
1339         .type = MSR_FEATURE_WORD,
1340         .feat_names = {
1341             [54] = "vmx-ins-outs",
1342             [55] = "vmx-true-ctls",
1343         },
1344         .msr = {
1345             .index = MSR_IA32_VMX_BASIC,
1346         },
1347         /* Just to be safe - we don't support setting the MSEG version field.  */
1348         .no_autoenable_flags = MSR_VMX_BASIC_DUAL_MONITOR,
1349     },
1350 
1351     [FEAT_VMX_VMFUNC] = {
1352         .type = MSR_FEATURE_WORD,
1353         .feat_names = {
1354             [0] = "vmx-eptp-switching",
1355         },
1356         .msr = {
1357             .index = MSR_IA32_VMX_VMFUNC,
1358         }
1359     },
1360 
1361     [FEAT_14_0_ECX] = {
1362         .type = CPUID_FEATURE_WORD,
1363         .feat_names = {
1364             NULL, NULL, NULL, NULL,
1365             NULL, NULL, NULL, NULL,
1366             NULL, NULL, NULL, NULL,
1367             NULL, NULL, NULL, NULL,
1368             NULL, NULL, NULL, NULL,
1369             NULL, NULL, NULL, NULL,
1370             NULL, NULL, NULL, NULL,
1371             NULL, NULL, NULL, "intel-pt-lip",
1372         },
1373         .cpuid = {
1374             .eax = 0x14,
1375             .needs_ecx = true, .ecx = 0,
1376             .reg = R_ECX,
1377         },
1378         .tcg_features = TCG_14_0_ECX_FEATURES,
1379      },
1380 
1381     [FEAT_SGX_12_0_EAX] = {
1382         .type = CPUID_FEATURE_WORD,
1383         .feat_names = {
1384             "sgx1", "sgx2", NULL, NULL,
1385             NULL, NULL, NULL, NULL,
1386             NULL, NULL, NULL, "sgx-edeccssa",
1387             NULL, NULL, NULL, NULL,
1388             NULL, NULL, NULL, NULL,
1389             NULL, NULL, NULL, NULL,
1390             NULL, NULL, NULL, NULL,
1391             NULL, NULL, NULL, NULL,
1392         },
1393         .cpuid = {
1394             .eax = 0x12,
1395             .needs_ecx = true, .ecx = 0,
1396             .reg = R_EAX,
1397         },
1398         .tcg_features = TCG_SGX_12_0_EAX_FEATURES,
1399     },
1400 
1401     [FEAT_SGX_12_0_EBX] = {
1402         .type = CPUID_FEATURE_WORD,
1403         .feat_names = {
1404             "sgx-exinfo" , NULL, NULL, NULL,
1405             NULL, NULL, NULL, NULL,
1406             NULL, NULL, NULL, NULL,
1407             NULL, NULL, NULL, NULL,
1408             NULL, NULL, NULL, NULL,
1409             NULL, NULL, NULL, NULL,
1410             NULL, NULL, NULL, NULL,
1411             NULL, NULL, NULL, NULL,
1412         },
1413         .cpuid = {
1414             .eax = 0x12,
1415             .needs_ecx = true, .ecx = 0,
1416             .reg = R_EBX,
1417         },
1418         .tcg_features = TCG_SGX_12_0_EBX_FEATURES,
1419     },
1420 
1421     [FEAT_SGX_12_1_EAX] = {
1422         .type = CPUID_FEATURE_WORD,
1423         .feat_names = {
1424             NULL, "sgx-debug", "sgx-mode64", NULL,
1425             "sgx-provisionkey", "sgx-tokenkey", NULL, "sgx-kss",
1426             NULL, NULL, "sgx-aex-notify", NULL,
1427             NULL, NULL, NULL, NULL,
1428             NULL, NULL, NULL, NULL,
1429             NULL, NULL, NULL, NULL,
1430             NULL, NULL, NULL, NULL,
1431             NULL, NULL, NULL, NULL,
1432         },
1433         .cpuid = {
1434             .eax = 0x12,
1435             .needs_ecx = true, .ecx = 1,
1436             .reg = R_EAX,
1437         },
1438         .tcg_features = TCG_SGX_12_1_EAX_FEATURES,
1439     },
1440 };
1441 
1442 typedef struct FeatureMask {
1443     FeatureWord index;
1444     uint64_t mask;
1445 } FeatureMask;
1446 
1447 typedef struct FeatureDep {
1448     FeatureMask from, to;
1449 } FeatureDep;
1450 
1451 static FeatureDep feature_dependencies[] = {
1452     {
1453         .from = { FEAT_7_0_EDX,             CPUID_7_0_EDX_ARCH_CAPABILITIES },
1454         .to = { FEAT_ARCH_CAPABILITIES,     ~0ull },
1455     },
1456     {
1457         .from = { FEAT_7_0_EDX,             CPUID_7_0_EDX_CORE_CAPABILITY },
1458         .to = { FEAT_CORE_CAPABILITY,       ~0ull },
1459     },
1460     {
1461         .from = { FEAT_1_ECX,             CPUID_EXT_PDCM },
1462         .to = { FEAT_PERF_CAPABILITIES,       ~0ull },
1463     },
1464     {
1465         .from = { FEAT_1_ECX,               CPUID_EXT_VMX },
1466         .to = { FEAT_VMX_PROCBASED_CTLS,    ~0ull },
1467     },
1468     {
1469         .from = { FEAT_1_ECX,               CPUID_EXT_VMX },
1470         .to = { FEAT_VMX_PINBASED_CTLS,     ~0ull },
1471     },
1472     {
1473         .from = { FEAT_1_ECX,               CPUID_EXT_VMX },
1474         .to = { FEAT_VMX_EXIT_CTLS,         ~0ull },
1475     },
1476     {
1477         .from = { FEAT_1_ECX,               CPUID_EXT_VMX },
1478         .to = { FEAT_VMX_ENTRY_CTLS,        ~0ull },
1479     },
1480     {
1481         .from = { FEAT_1_ECX,               CPUID_EXT_VMX },
1482         .to = { FEAT_VMX_MISC,              ~0ull },
1483     },
1484     {
1485         .from = { FEAT_1_ECX,               CPUID_EXT_VMX },
1486         .to = { FEAT_VMX_BASIC,             ~0ull },
1487     },
1488     {
1489         .from = { FEAT_8000_0001_EDX,       CPUID_EXT2_LM },
1490         .to = { FEAT_VMX_ENTRY_CTLS,        VMX_VM_ENTRY_IA32E_MODE },
1491     },
1492     {
1493         .from = { FEAT_VMX_PROCBASED_CTLS,  VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS },
1494         .to = { FEAT_VMX_SECONDARY_CTLS,    ~0ull },
1495     },
1496     {
1497         .from = { FEAT_XSAVE,               CPUID_XSAVE_XSAVES },
1498         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_XSAVES },
1499     },
1500     {
1501         .from = { FEAT_1_ECX,               CPUID_EXT_RDRAND },
1502         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_RDRAND_EXITING },
1503     },
1504     {
1505         .from = { FEAT_7_0_EBX,             CPUID_7_0_EBX_INVPCID },
1506         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_ENABLE_INVPCID },
1507     },
1508     {
1509         .from = { FEAT_7_0_EBX,             CPUID_7_0_EBX_MPX },
1510         .to = { FEAT_VMX_EXIT_CTLS,         VMX_VM_EXIT_CLEAR_BNDCFGS },
1511     },
1512     {
1513         .from = { FEAT_7_0_EBX,             CPUID_7_0_EBX_MPX },
1514         .to = { FEAT_VMX_ENTRY_CTLS,        VMX_VM_ENTRY_LOAD_BNDCFGS },
1515     },
1516     {
1517         .from = { FEAT_7_0_EBX,             CPUID_7_0_EBX_RDSEED },
1518         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_RDSEED_EXITING },
1519     },
1520     {
1521         .from = { FEAT_7_0_EBX,             CPUID_7_0_EBX_INTEL_PT },
1522         .to = { FEAT_14_0_ECX,              ~0ull },
1523     },
1524     {
1525         .from = { FEAT_8000_0001_EDX,       CPUID_EXT2_RDTSCP },
1526         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_RDTSCP },
1527     },
1528     {
1529         .from = { FEAT_VMX_SECONDARY_CTLS,  VMX_SECONDARY_EXEC_ENABLE_EPT },
1530         .to = { FEAT_VMX_EPT_VPID_CAPS,     0xffffffffull },
1531     },
1532     {
1533         .from = { FEAT_VMX_SECONDARY_CTLS,  VMX_SECONDARY_EXEC_ENABLE_EPT },
1534         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST },
1535     },
1536     {
1537         .from = { FEAT_VMX_SECONDARY_CTLS,  VMX_SECONDARY_EXEC_ENABLE_VPID },
1538         .to = { FEAT_VMX_EPT_VPID_CAPS,     0xffffffffull << 32 },
1539     },
1540     {
1541         .from = { FEAT_VMX_SECONDARY_CTLS,  VMX_SECONDARY_EXEC_ENABLE_VMFUNC },
1542         .to = { FEAT_VMX_VMFUNC,            ~0ull },
1543     },
1544     {
1545         .from = { FEAT_8000_0001_ECX,       CPUID_EXT3_SVM },
1546         .to = { FEAT_SVM,                   ~0ull },
1547     },
1548     {
1549         .from = { FEAT_VMX_SECONDARY_CTLS,  VMX_SECONDARY_EXEC_ENABLE_USER_WAIT_PAUSE },
1550         .to = { FEAT_7_0_ECX,               CPUID_7_0_ECX_WAITPKG },
1551     },
1552 };
1553 
1554 typedef struct X86RegisterInfo32 {
1555     /* Name of register */
1556     const char *name;
1557     /* QAPI enum value register */
1558     X86CPURegister32 qapi_enum;
1559 } X86RegisterInfo32;
1560 
1561 #define REGISTER(reg) \
1562     [R_##reg] = { .name = #reg, .qapi_enum = X86_CPU_REGISTER32_##reg }
1563 static const X86RegisterInfo32 x86_reg_info_32[CPU_NB_REGS32] = {
1564     REGISTER(EAX),
1565     REGISTER(ECX),
1566     REGISTER(EDX),
1567     REGISTER(EBX),
1568     REGISTER(ESP),
1569     REGISTER(EBP),
1570     REGISTER(ESI),
1571     REGISTER(EDI),
1572 };
1573 #undef REGISTER
1574 
1575 /* CPUID feature bits available in XSS */
1576 #define CPUID_XSTATE_XSS_MASK    (XSTATE_ARCH_LBR_MASK)
1577 
1578 ExtSaveArea x86_ext_save_areas[XSAVE_STATE_AREA_COUNT] = {
1579     [XSTATE_FP_BIT] = {
1580         /* x87 FP state component is always enabled if XSAVE is supported */
1581         .feature = FEAT_1_ECX, .bits = CPUID_EXT_XSAVE,
1582         .size = sizeof(X86LegacyXSaveArea) + sizeof(X86XSaveHeader),
1583     },
1584     [XSTATE_SSE_BIT] = {
1585         /* SSE state component is always enabled if XSAVE is supported */
1586         .feature = FEAT_1_ECX, .bits = CPUID_EXT_XSAVE,
1587         .size = sizeof(X86LegacyXSaveArea) + sizeof(X86XSaveHeader),
1588     },
1589     [XSTATE_YMM_BIT] =
1590           { .feature = FEAT_1_ECX, .bits = CPUID_EXT_AVX,
1591             .size = sizeof(XSaveAVX) },
1592     [XSTATE_BNDREGS_BIT] =
1593           { .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_MPX,
1594             .size = sizeof(XSaveBNDREG)  },
1595     [XSTATE_BNDCSR_BIT] =
1596           { .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_MPX,
1597             .size = sizeof(XSaveBNDCSR)  },
1598     [XSTATE_OPMASK_BIT] =
1599           { .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_AVX512F,
1600             .size = sizeof(XSaveOpmask) },
1601     [XSTATE_ZMM_Hi256_BIT] =
1602           { .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_AVX512F,
1603             .size = sizeof(XSaveZMM_Hi256) },
1604     [XSTATE_Hi16_ZMM_BIT] =
1605           { .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_AVX512F,
1606             .size = sizeof(XSaveHi16_ZMM) },
1607     [XSTATE_PKRU_BIT] =
1608           { .feature = FEAT_7_0_ECX, .bits = CPUID_7_0_ECX_PKU,
1609             .size = sizeof(XSavePKRU) },
1610     [XSTATE_ARCH_LBR_BIT] = {
1611             .feature = FEAT_7_0_EDX, .bits = CPUID_7_0_EDX_ARCH_LBR,
1612             .offset = 0 /*supervisor mode component, offset = 0 */,
1613             .size = sizeof(XSavesArchLBR) },
1614     [XSTATE_XTILE_CFG_BIT] = {
1615         .feature = FEAT_7_0_EDX, .bits = CPUID_7_0_EDX_AMX_TILE,
1616         .size = sizeof(XSaveXTILECFG),
1617     },
1618     [XSTATE_XTILE_DATA_BIT] = {
1619         .feature = FEAT_7_0_EDX, .bits = CPUID_7_0_EDX_AMX_TILE,
1620         .size = sizeof(XSaveXTILEDATA)
1621     },
1622 };
1623 
1624 uint32_t xsave_area_size(uint64_t mask, bool compacted)
1625 {
1626     uint64_t ret = x86_ext_save_areas[0].size;
1627     const ExtSaveArea *esa;
1628     uint32_t offset = 0;
1629     int i;
1630 
1631     for (i = 2; i < ARRAY_SIZE(x86_ext_save_areas); i++) {
1632         esa = &x86_ext_save_areas[i];
1633         if ((mask >> i) & 1) {
1634             offset = compacted ? ret : esa->offset;
1635             ret = MAX(ret, offset + esa->size);
1636         }
1637     }
1638     return ret;
1639 }
1640 
1641 static inline bool accel_uses_host_cpuid(void)
1642 {
1643     return kvm_enabled() || hvf_enabled();
1644 }
1645 
1646 static inline uint64_t x86_cpu_xsave_xcr0_components(X86CPU *cpu)
1647 {
1648     return ((uint64_t)cpu->env.features[FEAT_XSAVE_XCR0_HI]) << 32 |
1649            cpu->env.features[FEAT_XSAVE_XCR0_LO];
1650 }
1651 
1652 /* Return name of 32-bit register, from a R_* constant */
1653 static const char *get_register_name_32(unsigned int reg)
1654 {
1655     if (reg >= CPU_NB_REGS32) {
1656         return NULL;
1657     }
1658     return x86_reg_info_32[reg].name;
1659 }
1660 
1661 static inline uint64_t x86_cpu_xsave_xss_components(X86CPU *cpu)
1662 {
1663     return ((uint64_t)cpu->env.features[FEAT_XSAVE_XSS_HI]) << 32 |
1664            cpu->env.features[FEAT_XSAVE_XSS_LO];
1665 }
1666 
1667 /*
1668  * Returns the set of feature flags that are supported and migratable by
1669  * QEMU, for a given FeatureWord.
1670  */
1671 static uint64_t x86_cpu_get_migratable_flags(FeatureWord w)
1672 {
1673     FeatureWordInfo *wi = &feature_word_info[w];
1674     uint64_t r = 0;
1675     int i;
1676 
1677     for (i = 0; i < 64; i++) {
1678         uint64_t f = 1ULL << i;
1679 
1680         /* If the feature name is known, it is implicitly considered migratable,
1681          * unless it is explicitly set in unmigratable_flags */
1682         if ((wi->migratable_flags & f) ||
1683             (wi->feat_names[i] && !(wi->unmigratable_flags & f))) {
1684             r |= f;
1685         }
1686     }
1687     return r;
1688 }
1689 
1690 void host_cpuid(uint32_t function, uint32_t count,
1691                 uint32_t *eax, uint32_t *ebx, uint32_t *ecx, uint32_t *edx)
1692 {
1693     uint32_t vec[4];
1694 
1695 #ifdef __x86_64__
1696     asm volatile("cpuid"
1697                  : "=a"(vec[0]), "=b"(vec[1]),
1698                    "=c"(vec[2]), "=d"(vec[3])
1699                  : "0"(function), "c"(count) : "cc");
1700 #elif defined(__i386__)
1701     asm volatile("pusha \n\t"
1702                  "cpuid \n\t"
1703                  "mov %%eax, 0(%2) \n\t"
1704                  "mov %%ebx, 4(%2) \n\t"
1705                  "mov %%ecx, 8(%2) \n\t"
1706                  "mov %%edx, 12(%2) \n\t"
1707                  "popa"
1708                  : : "a"(function), "c"(count), "S"(vec)
1709                  : "memory", "cc");
1710 #else
1711     abort();
1712 #endif
1713 
1714     if (eax)
1715         *eax = vec[0];
1716     if (ebx)
1717         *ebx = vec[1];
1718     if (ecx)
1719         *ecx = vec[2];
1720     if (edx)
1721         *edx = vec[3];
1722 }
1723 
1724 /* CPU class name definitions: */
1725 
1726 /* Return type name for a given CPU model name
1727  * Caller is responsible for freeing the returned string.
1728  */
1729 static char *x86_cpu_type_name(const char *model_name)
1730 {
1731     return g_strdup_printf(X86_CPU_TYPE_NAME("%s"), model_name);
1732 }
1733 
1734 static ObjectClass *x86_cpu_class_by_name(const char *cpu_model)
1735 {
1736     g_autofree char *typename = x86_cpu_type_name(cpu_model);
1737     return object_class_by_name(typename);
1738 }
1739 
1740 static char *x86_cpu_class_get_model_name(X86CPUClass *cc)
1741 {
1742     const char *class_name = object_class_get_name(OBJECT_CLASS(cc));
1743     assert(g_str_has_suffix(class_name, X86_CPU_TYPE_SUFFIX));
1744     return g_strndup(class_name,
1745                      strlen(class_name) - strlen(X86_CPU_TYPE_SUFFIX));
1746 }
1747 
1748 typedef struct X86CPUVersionDefinition {
1749     X86CPUVersion version;
1750     const char *alias;
1751     const char *note;
1752     PropValue *props;
1753     const CPUCaches *const cache_info;
1754 } X86CPUVersionDefinition;
1755 
1756 /* Base definition for a CPU model */
1757 typedef struct X86CPUDefinition {
1758     const char *name;
1759     uint32_t level;
1760     uint32_t xlevel;
1761     /* vendor is zero-terminated, 12 character ASCII string */
1762     char vendor[CPUID_VENDOR_SZ + 1];
1763     int family;
1764     int model;
1765     int stepping;
1766     FeatureWordArray features;
1767     const char *model_id;
1768     const CPUCaches *const cache_info;
1769     /*
1770      * Definitions for alternative versions of CPU model.
1771      * List is terminated by item with version == 0.
1772      * If NULL, version 1 will be registered automatically.
1773      */
1774     const X86CPUVersionDefinition *versions;
1775     const char *deprecation_note;
1776 } X86CPUDefinition;
1777 
1778 /* Reference to a specific CPU model version */
1779 struct X86CPUModel {
1780     /* Base CPU definition */
1781     const X86CPUDefinition *cpudef;
1782     /* CPU model version */
1783     X86CPUVersion version;
1784     const char *note;
1785     /*
1786      * If true, this is an alias CPU model.
1787      * This matters only for "-cpu help" and query-cpu-definitions
1788      */
1789     bool is_alias;
1790 };
1791 
1792 /* Get full model name for CPU version */
1793 static char *x86_cpu_versioned_model_name(const X86CPUDefinition *cpudef,
1794                                           X86CPUVersion version)
1795 {
1796     assert(version > 0);
1797     return g_strdup_printf("%s-v%d", cpudef->name, (int)version);
1798 }
1799 
1800 static const X86CPUVersionDefinition *
1801 x86_cpu_def_get_versions(const X86CPUDefinition *def)
1802 {
1803     /* When X86CPUDefinition::versions is NULL, we register only v1 */
1804     static const X86CPUVersionDefinition default_version_list[] = {
1805         { 1 },
1806         { /* end of list */ }
1807     };
1808 
1809     return def->versions ?: default_version_list;
1810 }
1811 
1812 static const CPUCaches epyc_cache_info = {
1813     .l1d_cache = &(CPUCacheInfo) {
1814         .type = DATA_CACHE,
1815         .level = 1,
1816         .size = 32 * KiB,
1817         .line_size = 64,
1818         .associativity = 8,
1819         .partitions = 1,
1820         .sets = 64,
1821         .lines_per_tag = 1,
1822         .self_init = 1,
1823         .no_invd_sharing = true,
1824     },
1825     .l1i_cache = &(CPUCacheInfo) {
1826         .type = INSTRUCTION_CACHE,
1827         .level = 1,
1828         .size = 64 * KiB,
1829         .line_size = 64,
1830         .associativity = 4,
1831         .partitions = 1,
1832         .sets = 256,
1833         .lines_per_tag = 1,
1834         .self_init = 1,
1835         .no_invd_sharing = true,
1836     },
1837     .l2_cache = &(CPUCacheInfo) {
1838         .type = UNIFIED_CACHE,
1839         .level = 2,
1840         .size = 512 * KiB,
1841         .line_size = 64,
1842         .associativity = 8,
1843         .partitions = 1,
1844         .sets = 1024,
1845         .lines_per_tag = 1,
1846     },
1847     .l3_cache = &(CPUCacheInfo) {
1848         .type = UNIFIED_CACHE,
1849         .level = 3,
1850         .size = 8 * MiB,
1851         .line_size = 64,
1852         .associativity = 16,
1853         .partitions = 1,
1854         .sets = 8192,
1855         .lines_per_tag = 1,
1856         .self_init = true,
1857         .inclusive = true,
1858         .complex_indexing = true,
1859     },
1860 };
1861 
1862 static CPUCaches epyc_v4_cache_info = {
1863     .l1d_cache = &(CPUCacheInfo) {
1864         .type = DATA_CACHE,
1865         .level = 1,
1866         .size = 32 * KiB,
1867         .line_size = 64,
1868         .associativity = 8,
1869         .partitions = 1,
1870         .sets = 64,
1871         .lines_per_tag = 1,
1872         .self_init = 1,
1873         .no_invd_sharing = true,
1874     },
1875     .l1i_cache = &(CPUCacheInfo) {
1876         .type = INSTRUCTION_CACHE,
1877         .level = 1,
1878         .size = 64 * KiB,
1879         .line_size = 64,
1880         .associativity = 4,
1881         .partitions = 1,
1882         .sets = 256,
1883         .lines_per_tag = 1,
1884         .self_init = 1,
1885         .no_invd_sharing = true,
1886     },
1887     .l2_cache = &(CPUCacheInfo) {
1888         .type = UNIFIED_CACHE,
1889         .level = 2,
1890         .size = 512 * KiB,
1891         .line_size = 64,
1892         .associativity = 8,
1893         .partitions = 1,
1894         .sets = 1024,
1895         .lines_per_tag = 1,
1896     },
1897     .l3_cache = &(CPUCacheInfo) {
1898         .type = UNIFIED_CACHE,
1899         .level = 3,
1900         .size = 8 * MiB,
1901         .line_size = 64,
1902         .associativity = 16,
1903         .partitions = 1,
1904         .sets = 8192,
1905         .lines_per_tag = 1,
1906         .self_init = true,
1907         .inclusive = true,
1908         .complex_indexing = false,
1909     },
1910 };
1911 
1912 static const CPUCaches epyc_rome_cache_info = {
1913     .l1d_cache = &(CPUCacheInfo) {
1914         .type = DATA_CACHE,
1915         .level = 1,
1916         .size = 32 * KiB,
1917         .line_size = 64,
1918         .associativity = 8,
1919         .partitions = 1,
1920         .sets = 64,
1921         .lines_per_tag = 1,
1922         .self_init = 1,
1923         .no_invd_sharing = true,
1924     },
1925     .l1i_cache = &(CPUCacheInfo) {
1926         .type = INSTRUCTION_CACHE,
1927         .level = 1,
1928         .size = 32 * KiB,
1929         .line_size = 64,
1930         .associativity = 8,
1931         .partitions = 1,
1932         .sets = 64,
1933         .lines_per_tag = 1,
1934         .self_init = 1,
1935         .no_invd_sharing = true,
1936     },
1937     .l2_cache = &(CPUCacheInfo) {
1938         .type = UNIFIED_CACHE,
1939         .level = 2,
1940         .size = 512 * KiB,
1941         .line_size = 64,
1942         .associativity = 8,
1943         .partitions = 1,
1944         .sets = 1024,
1945         .lines_per_tag = 1,
1946     },
1947     .l3_cache = &(CPUCacheInfo) {
1948         .type = UNIFIED_CACHE,
1949         .level = 3,
1950         .size = 16 * MiB,
1951         .line_size = 64,
1952         .associativity = 16,
1953         .partitions = 1,
1954         .sets = 16384,
1955         .lines_per_tag = 1,
1956         .self_init = true,
1957         .inclusive = true,
1958         .complex_indexing = true,
1959     },
1960 };
1961 
1962 static const CPUCaches epyc_rome_v3_cache_info = {
1963     .l1d_cache = &(CPUCacheInfo) {
1964         .type = DATA_CACHE,
1965         .level = 1,
1966         .size = 32 * KiB,
1967         .line_size = 64,
1968         .associativity = 8,
1969         .partitions = 1,
1970         .sets = 64,
1971         .lines_per_tag = 1,
1972         .self_init = 1,
1973         .no_invd_sharing = true,
1974     },
1975     .l1i_cache = &(CPUCacheInfo) {
1976         .type = INSTRUCTION_CACHE,
1977         .level = 1,
1978         .size = 32 * KiB,
1979         .line_size = 64,
1980         .associativity = 8,
1981         .partitions = 1,
1982         .sets = 64,
1983         .lines_per_tag = 1,
1984         .self_init = 1,
1985         .no_invd_sharing = true,
1986     },
1987     .l2_cache = &(CPUCacheInfo) {
1988         .type = UNIFIED_CACHE,
1989         .level = 2,
1990         .size = 512 * KiB,
1991         .line_size = 64,
1992         .associativity = 8,
1993         .partitions = 1,
1994         .sets = 1024,
1995         .lines_per_tag = 1,
1996     },
1997     .l3_cache = &(CPUCacheInfo) {
1998         .type = UNIFIED_CACHE,
1999         .level = 3,
2000         .size = 16 * MiB,
2001         .line_size = 64,
2002         .associativity = 16,
2003         .partitions = 1,
2004         .sets = 16384,
2005         .lines_per_tag = 1,
2006         .self_init = true,
2007         .inclusive = true,
2008         .complex_indexing = false,
2009     },
2010 };
2011 
2012 static const CPUCaches epyc_milan_cache_info = {
2013     .l1d_cache = &(CPUCacheInfo) {
2014         .type = DATA_CACHE,
2015         .level = 1,
2016         .size = 32 * KiB,
2017         .line_size = 64,
2018         .associativity = 8,
2019         .partitions = 1,
2020         .sets = 64,
2021         .lines_per_tag = 1,
2022         .self_init = 1,
2023         .no_invd_sharing = true,
2024     },
2025     .l1i_cache = &(CPUCacheInfo) {
2026         .type = INSTRUCTION_CACHE,
2027         .level = 1,
2028         .size = 32 * KiB,
2029         .line_size = 64,
2030         .associativity = 8,
2031         .partitions = 1,
2032         .sets = 64,
2033         .lines_per_tag = 1,
2034         .self_init = 1,
2035         .no_invd_sharing = true,
2036     },
2037     .l2_cache = &(CPUCacheInfo) {
2038         .type = UNIFIED_CACHE,
2039         .level = 2,
2040         .size = 512 * KiB,
2041         .line_size = 64,
2042         .associativity = 8,
2043         .partitions = 1,
2044         .sets = 1024,
2045         .lines_per_tag = 1,
2046     },
2047     .l3_cache = &(CPUCacheInfo) {
2048         .type = UNIFIED_CACHE,
2049         .level = 3,
2050         .size = 32 * MiB,
2051         .line_size = 64,
2052         .associativity = 16,
2053         .partitions = 1,
2054         .sets = 32768,
2055         .lines_per_tag = 1,
2056         .self_init = true,
2057         .inclusive = true,
2058         .complex_indexing = true,
2059     },
2060 };
2061 
2062 static const CPUCaches epyc_milan_v2_cache_info = {
2063     .l1d_cache = &(CPUCacheInfo) {
2064         .type = DATA_CACHE,
2065         .level = 1,
2066         .size = 32 * KiB,
2067         .line_size = 64,
2068         .associativity = 8,
2069         .partitions = 1,
2070         .sets = 64,
2071         .lines_per_tag = 1,
2072         .self_init = 1,
2073         .no_invd_sharing = true,
2074     },
2075     .l1i_cache = &(CPUCacheInfo) {
2076         .type = INSTRUCTION_CACHE,
2077         .level = 1,
2078         .size = 32 * KiB,
2079         .line_size = 64,
2080         .associativity = 8,
2081         .partitions = 1,
2082         .sets = 64,
2083         .lines_per_tag = 1,
2084         .self_init = 1,
2085         .no_invd_sharing = true,
2086     },
2087     .l2_cache = &(CPUCacheInfo) {
2088         .type = UNIFIED_CACHE,
2089         .level = 2,
2090         .size = 512 * KiB,
2091         .line_size = 64,
2092         .associativity = 8,
2093         .partitions = 1,
2094         .sets = 1024,
2095         .lines_per_tag = 1,
2096     },
2097     .l3_cache = &(CPUCacheInfo) {
2098         .type = UNIFIED_CACHE,
2099         .level = 3,
2100         .size = 32 * MiB,
2101         .line_size = 64,
2102         .associativity = 16,
2103         .partitions = 1,
2104         .sets = 32768,
2105         .lines_per_tag = 1,
2106         .self_init = true,
2107         .inclusive = true,
2108         .complex_indexing = false,
2109     },
2110 };
2111 
2112 static const CPUCaches epyc_genoa_cache_info = {
2113     .l1d_cache = &(CPUCacheInfo) {
2114         .type = DATA_CACHE,
2115         .level = 1,
2116         .size = 32 * KiB,
2117         .line_size = 64,
2118         .associativity = 8,
2119         .partitions = 1,
2120         .sets = 64,
2121         .lines_per_tag = 1,
2122         .self_init = 1,
2123         .no_invd_sharing = true,
2124     },
2125     .l1i_cache = &(CPUCacheInfo) {
2126         .type = INSTRUCTION_CACHE,
2127         .level = 1,
2128         .size = 32 * KiB,
2129         .line_size = 64,
2130         .associativity = 8,
2131         .partitions = 1,
2132         .sets = 64,
2133         .lines_per_tag = 1,
2134         .self_init = 1,
2135         .no_invd_sharing = true,
2136     },
2137     .l2_cache = &(CPUCacheInfo) {
2138         .type = UNIFIED_CACHE,
2139         .level = 2,
2140         .size = 1 * MiB,
2141         .line_size = 64,
2142         .associativity = 8,
2143         .partitions = 1,
2144         .sets = 2048,
2145         .lines_per_tag = 1,
2146     },
2147     .l3_cache = &(CPUCacheInfo) {
2148         .type = UNIFIED_CACHE,
2149         .level = 3,
2150         .size = 32 * MiB,
2151         .line_size = 64,
2152         .associativity = 16,
2153         .partitions = 1,
2154         .sets = 32768,
2155         .lines_per_tag = 1,
2156         .self_init = true,
2157         .inclusive = true,
2158         .complex_indexing = false,
2159     },
2160 };
2161 
2162 /* The following VMX features are not supported by KVM and are left out in the
2163  * CPU definitions:
2164  *
2165  *  Dual-monitor support (all processors)
2166  *  Entry to SMM
2167  *  Deactivate dual-monitor treatment
2168  *  Number of CR3-target values
2169  *  Shutdown activity state
2170  *  Wait-for-SIPI activity state
2171  *  PAUSE-loop exiting (Westmere and newer)
2172  *  EPT-violation #VE (Broadwell and newer)
2173  *  Inject event with insn length=0 (Skylake and newer)
2174  *  Conceal non-root operation from PT
2175  *  Conceal VM exits from PT
2176  *  Conceal VM entries from PT
2177  *  Enable ENCLS exiting
2178  *  Mode-based execute control (XS/XU)
2179  s  TSC scaling (Skylake Server and newer)
2180  *  GPA translation for PT (IceLake and newer)
2181  *  User wait and pause
2182  *  ENCLV exiting
2183  *  Load IA32_RTIT_CTL
2184  *  Clear IA32_RTIT_CTL
2185  *  Advanced VM-exit information for EPT violations
2186  *  Sub-page write permissions
2187  *  PT in VMX operation
2188  */
2189 
2190 static const X86CPUDefinition builtin_x86_defs[] = {
2191     {
2192         .name = "qemu64",
2193         .level = 0xd,
2194         .vendor = CPUID_VENDOR_AMD,
2195         .family = 15,
2196         .model = 107,
2197         .stepping = 1,
2198         .features[FEAT_1_EDX] =
2199             PPRO_FEATURES |
2200             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA |
2201             CPUID_PSE36,
2202         .features[FEAT_1_ECX] =
2203             CPUID_EXT_SSE3 | CPUID_EXT_CX16,
2204         .features[FEAT_8000_0001_EDX] =
2205             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX,
2206         .features[FEAT_8000_0001_ECX] =
2207             CPUID_EXT3_LAHF_LM | CPUID_EXT3_SVM,
2208         .xlevel = 0x8000000A,
2209         .model_id = "QEMU Virtual CPU version " QEMU_HW_VERSION,
2210     },
2211     {
2212         .name = "phenom",
2213         .level = 5,
2214         .vendor = CPUID_VENDOR_AMD,
2215         .family = 16,
2216         .model = 2,
2217         .stepping = 3,
2218         /* Missing: CPUID_HT */
2219         .features[FEAT_1_EDX] =
2220             PPRO_FEATURES |
2221             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA |
2222             CPUID_PSE36 | CPUID_VME,
2223         .features[FEAT_1_ECX] =
2224             CPUID_EXT_SSE3 | CPUID_EXT_MONITOR | CPUID_EXT_CX16 |
2225             CPUID_EXT_POPCNT,
2226         .features[FEAT_8000_0001_EDX] =
2227             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX |
2228             CPUID_EXT2_3DNOW | CPUID_EXT2_3DNOWEXT | CPUID_EXT2_MMXEXT |
2229             CPUID_EXT2_FFXSR | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP,
2230         /* Missing: CPUID_EXT3_CMP_LEG, CPUID_EXT3_EXTAPIC,
2231                     CPUID_EXT3_CR8LEG,
2232                     CPUID_EXT3_MISALIGNSSE, CPUID_EXT3_3DNOWPREFETCH,
2233                     CPUID_EXT3_OSVW, CPUID_EXT3_IBS */
2234         .features[FEAT_8000_0001_ECX] =
2235             CPUID_EXT3_LAHF_LM | CPUID_EXT3_SVM |
2236             CPUID_EXT3_ABM | CPUID_EXT3_SSE4A,
2237         /* Missing: CPUID_SVM_LBRV */
2238         .features[FEAT_SVM] =
2239             CPUID_SVM_NPT,
2240         .xlevel = 0x8000001A,
2241         .model_id = "AMD Phenom(tm) 9550 Quad-Core Processor"
2242     },
2243     {
2244         .name = "core2duo",
2245         .level = 10,
2246         .vendor = CPUID_VENDOR_INTEL,
2247         .family = 6,
2248         .model = 15,
2249         .stepping = 11,
2250         /* Missing: CPUID_DTS, CPUID_HT, CPUID_TM, CPUID_PBE */
2251         .features[FEAT_1_EDX] =
2252             PPRO_FEATURES |
2253             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA |
2254             CPUID_PSE36 | CPUID_VME | CPUID_ACPI | CPUID_SS,
2255         /* Missing: CPUID_EXT_DTES64, CPUID_EXT_DSCPL, CPUID_EXT_EST,
2256          * CPUID_EXT_TM2, CPUID_EXT_XTPR, CPUID_EXT_PDCM, CPUID_EXT_VMX */
2257         .features[FEAT_1_ECX] =
2258             CPUID_EXT_SSE3 | CPUID_EXT_MONITOR | CPUID_EXT_SSSE3 |
2259             CPUID_EXT_CX16,
2260         .features[FEAT_8000_0001_EDX] =
2261             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX,
2262         .features[FEAT_8000_0001_ECX] =
2263             CPUID_EXT3_LAHF_LM,
2264         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS,
2265         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE,
2266         .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT,
2267         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
2268         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2269              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS,
2270         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2271              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2272              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2273              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2274              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2275              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2276              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2277              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2278              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2279              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2280         .features[FEAT_VMX_SECONDARY_CTLS] =
2281              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES,
2282         .xlevel = 0x80000008,
2283         .model_id = "Intel(R) Core(TM)2 Duo CPU     T7700  @ 2.40GHz",
2284     },
2285     {
2286         .name = "kvm64",
2287         .level = 0xd,
2288         .vendor = CPUID_VENDOR_INTEL,
2289         .family = 15,
2290         .model = 6,
2291         .stepping = 1,
2292         /* Missing: CPUID_HT */
2293         .features[FEAT_1_EDX] =
2294             PPRO_FEATURES | CPUID_VME |
2295             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA |
2296             CPUID_PSE36,
2297         /* Missing: CPUID_EXT_POPCNT, CPUID_EXT_MONITOR */
2298         .features[FEAT_1_ECX] =
2299             CPUID_EXT_SSE3 | CPUID_EXT_CX16,
2300         /* Missing: CPUID_EXT2_PDPE1GB, CPUID_EXT2_RDTSCP */
2301         .features[FEAT_8000_0001_EDX] =
2302             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX,
2303         /* Missing: CPUID_EXT3_LAHF_LM, CPUID_EXT3_CMP_LEG, CPUID_EXT3_EXTAPIC,
2304                     CPUID_EXT3_CR8LEG, CPUID_EXT3_ABM, CPUID_EXT3_SSE4A,
2305                     CPUID_EXT3_MISALIGNSSE, CPUID_EXT3_3DNOWPREFETCH,
2306                     CPUID_EXT3_OSVW, CPUID_EXT3_IBS, CPUID_EXT3_SVM */
2307         .features[FEAT_8000_0001_ECX] =
2308             0,
2309         /* VMX features from Cedar Mill/Prescott */
2310         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE,
2311         .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT,
2312         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
2313         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2314              VMX_PIN_BASED_NMI_EXITING,
2315         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2316              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2317              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2318              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2319              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2320              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2321              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2322              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING,
2323         .xlevel = 0x80000008,
2324         .model_id = "Common KVM processor"
2325     },
2326     {
2327         .name = "qemu32",
2328         .level = 4,
2329         .vendor = CPUID_VENDOR_INTEL,
2330         .family = 6,
2331         .model = 6,
2332         .stepping = 3,
2333         .features[FEAT_1_EDX] =
2334             PPRO_FEATURES,
2335         .features[FEAT_1_ECX] =
2336             CPUID_EXT_SSE3,
2337         .xlevel = 0x80000004,
2338         .model_id = "QEMU Virtual CPU version " QEMU_HW_VERSION,
2339     },
2340     {
2341         .name = "kvm32",
2342         .level = 5,
2343         .vendor = CPUID_VENDOR_INTEL,
2344         .family = 15,
2345         .model = 6,
2346         .stepping = 1,
2347         .features[FEAT_1_EDX] =
2348             PPRO_FEATURES | CPUID_VME |
2349             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA | CPUID_PSE36,
2350         .features[FEAT_1_ECX] =
2351             CPUID_EXT_SSE3,
2352         .features[FEAT_8000_0001_ECX] =
2353             0,
2354         /* VMX features from Yonah */
2355         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE,
2356         .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT,
2357         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
2358         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2359              VMX_PIN_BASED_NMI_EXITING,
2360         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2361              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2362              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2363              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2364              VMX_CPU_BASED_MOV_DR_EXITING | VMX_CPU_BASED_UNCOND_IO_EXITING |
2365              VMX_CPU_BASED_USE_IO_BITMAPS | VMX_CPU_BASED_MONITOR_EXITING |
2366              VMX_CPU_BASED_PAUSE_EXITING | VMX_CPU_BASED_USE_MSR_BITMAPS,
2367         .xlevel = 0x80000008,
2368         .model_id = "Common 32-bit KVM processor"
2369     },
2370     {
2371         .name = "coreduo",
2372         .level = 10,
2373         .vendor = CPUID_VENDOR_INTEL,
2374         .family = 6,
2375         .model = 14,
2376         .stepping = 8,
2377         /* Missing: CPUID_DTS, CPUID_HT, CPUID_TM, CPUID_PBE */
2378         .features[FEAT_1_EDX] =
2379             PPRO_FEATURES | CPUID_VME |
2380             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA | CPUID_ACPI |
2381             CPUID_SS,
2382         /* Missing: CPUID_EXT_EST, CPUID_EXT_TM2 , CPUID_EXT_XTPR,
2383          * CPUID_EXT_PDCM, CPUID_EXT_VMX */
2384         .features[FEAT_1_ECX] =
2385             CPUID_EXT_SSE3 | CPUID_EXT_MONITOR,
2386         .features[FEAT_8000_0001_EDX] =
2387             CPUID_EXT2_NX,
2388         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE,
2389         .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT,
2390         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
2391         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2392              VMX_PIN_BASED_NMI_EXITING,
2393         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2394              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2395              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2396              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2397              VMX_CPU_BASED_MOV_DR_EXITING | VMX_CPU_BASED_UNCOND_IO_EXITING |
2398              VMX_CPU_BASED_USE_IO_BITMAPS | VMX_CPU_BASED_MONITOR_EXITING |
2399              VMX_CPU_BASED_PAUSE_EXITING | VMX_CPU_BASED_USE_MSR_BITMAPS,
2400         .xlevel = 0x80000008,
2401         .model_id = "Genuine Intel(R) CPU           T2600  @ 2.16GHz",
2402     },
2403     {
2404         .name = "486",
2405         .level = 1,
2406         .vendor = CPUID_VENDOR_INTEL,
2407         .family = 4,
2408         .model = 8,
2409         .stepping = 0,
2410         .features[FEAT_1_EDX] =
2411             I486_FEATURES,
2412         .xlevel = 0,
2413         .model_id = "",
2414     },
2415     {
2416         .name = "pentium",
2417         .level = 1,
2418         .vendor = CPUID_VENDOR_INTEL,
2419         .family = 5,
2420         .model = 4,
2421         .stepping = 3,
2422         .features[FEAT_1_EDX] =
2423             PENTIUM_FEATURES,
2424         .xlevel = 0,
2425         .model_id = "",
2426     },
2427     {
2428         .name = "pentium2",
2429         .level = 2,
2430         .vendor = CPUID_VENDOR_INTEL,
2431         .family = 6,
2432         .model = 5,
2433         .stepping = 2,
2434         .features[FEAT_1_EDX] =
2435             PENTIUM2_FEATURES,
2436         .xlevel = 0,
2437         .model_id = "",
2438     },
2439     {
2440         .name = "pentium3",
2441         .level = 3,
2442         .vendor = CPUID_VENDOR_INTEL,
2443         .family = 6,
2444         .model = 7,
2445         .stepping = 3,
2446         .features[FEAT_1_EDX] =
2447             PENTIUM3_FEATURES,
2448         .xlevel = 0,
2449         .model_id = "",
2450     },
2451     {
2452         .name = "athlon",
2453         .level = 2,
2454         .vendor = CPUID_VENDOR_AMD,
2455         .family = 6,
2456         .model = 2,
2457         .stepping = 3,
2458         .features[FEAT_1_EDX] =
2459             PPRO_FEATURES | CPUID_PSE36 | CPUID_VME | CPUID_MTRR |
2460             CPUID_MCA,
2461         .features[FEAT_8000_0001_EDX] =
2462             CPUID_EXT2_MMXEXT | CPUID_EXT2_3DNOW | CPUID_EXT2_3DNOWEXT,
2463         .xlevel = 0x80000008,
2464         .model_id = "QEMU Virtual CPU version " QEMU_HW_VERSION,
2465     },
2466     {
2467         .name = "n270",
2468         .level = 10,
2469         .vendor = CPUID_VENDOR_INTEL,
2470         .family = 6,
2471         .model = 28,
2472         .stepping = 2,
2473         /* Missing: CPUID_DTS, CPUID_HT, CPUID_TM, CPUID_PBE */
2474         .features[FEAT_1_EDX] =
2475             PPRO_FEATURES |
2476             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA | CPUID_VME |
2477             CPUID_ACPI | CPUID_SS,
2478             /* Some CPUs got no CPUID_SEP */
2479         /* Missing: CPUID_EXT_DSCPL, CPUID_EXT_EST, CPUID_EXT_TM2,
2480          * CPUID_EXT_XTPR */
2481         .features[FEAT_1_ECX] =
2482             CPUID_EXT_SSE3 | CPUID_EXT_MONITOR | CPUID_EXT_SSSE3 |
2483             CPUID_EXT_MOVBE,
2484         .features[FEAT_8000_0001_EDX] =
2485             CPUID_EXT2_NX,
2486         .features[FEAT_8000_0001_ECX] =
2487             CPUID_EXT3_LAHF_LM,
2488         .xlevel = 0x80000008,
2489         .model_id = "Intel(R) Atom(TM) CPU N270   @ 1.60GHz",
2490     },
2491     {
2492         .name = "Conroe",
2493         .level = 10,
2494         .vendor = CPUID_VENDOR_INTEL,
2495         .family = 6,
2496         .model = 15,
2497         .stepping = 3,
2498         .features[FEAT_1_EDX] =
2499             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2500             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2501             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2502             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2503             CPUID_DE | CPUID_FP87,
2504         .features[FEAT_1_ECX] =
2505             CPUID_EXT_SSSE3 | CPUID_EXT_SSE3,
2506         .features[FEAT_8000_0001_EDX] =
2507             CPUID_EXT2_LM | CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
2508         .features[FEAT_8000_0001_ECX] =
2509             CPUID_EXT3_LAHF_LM,
2510         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS,
2511         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE,
2512         .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT,
2513         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
2514         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2515              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS,
2516         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2517              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2518              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2519              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2520              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2521              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2522              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2523              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2524              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2525              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2526         .features[FEAT_VMX_SECONDARY_CTLS] =
2527              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES,
2528         .xlevel = 0x80000008,
2529         .model_id = "Intel Celeron_4x0 (Conroe/Merom Class Core 2)",
2530     },
2531     {
2532         .name = "Penryn",
2533         .level = 10,
2534         .vendor = CPUID_VENDOR_INTEL,
2535         .family = 6,
2536         .model = 23,
2537         .stepping = 3,
2538         .features[FEAT_1_EDX] =
2539             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2540             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2541             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2542             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2543             CPUID_DE | CPUID_FP87,
2544         .features[FEAT_1_ECX] =
2545             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
2546             CPUID_EXT_SSE3,
2547         .features[FEAT_8000_0001_EDX] =
2548             CPUID_EXT2_LM | CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
2549         .features[FEAT_8000_0001_ECX] =
2550             CPUID_EXT3_LAHF_LM,
2551         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS,
2552         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2553              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL,
2554         .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT |
2555              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL,
2556         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
2557         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2558              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS,
2559         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2560              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2561              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2562              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2563              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2564              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2565              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2566              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2567              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2568              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2569         .features[FEAT_VMX_SECONDARY_CTLS] =
2570              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2571              VMX_SECONDARY_EXEC_WBINVD_EXITING,
2572         .xlevel = 0x80000008,
2573         .model_id = "Intel Core 2 Duo P9xxx (Penryn Class Core 2)",
2574     },
2575     {
2576         .name = "Nehalem",
2577         .level = 11,
2578         .vendor = CPUID_VENDOR_INTEL,
2579         .family = 6,
2580         .model = 26,
2581         .stepping = 3,
2582         .features[FEAT_1_EDX] =
2583             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2584             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2585             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2586             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2587             CPUID_DE | CPUID_FP87,
2588         .features[FEAT_1_ECX] =
2589             CPUID_EXT_POPCNT | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
2590             CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | CPUID_EXT_SSE3,
2591         .features[FEAT_8000_0001_EDX] =
2592             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX,
2593         .features[FEAT_8000_0001_ECX] =
2594             CPUID_EXT3_LAHF_LM,
2595         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2596              MSR_VMX_BASIC_TRUE_CTLS,
2597         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2598              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2599              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2600         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2601              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2602              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2603              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2604              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2605              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2606              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS,
2607         .features[FEAT_VMX_EXIT_CTLS] =
2608              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2609              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2610              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2611              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2612              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2613         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
2614         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2615              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2616              VMX_PIN_BASED_VMX_PREEMPTION_TIMER,
2617         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2618              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2619              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2620              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2621              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2622              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2623              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2624              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2625              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2626              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2627              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2628              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2629         .features[FEAT_VMX_SECONDARY_CTLS] =
2630              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2631              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2632              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2633              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
2634              VMX_SECONDARY_EXEC_ENABLE_VPID,
2635         .xlevel = 0x80000008,
2636         .model_id = "Intel Core i7 9xx (Nehalem Class Core i7)",
2637         .versions = (X86CPUVersionDefinition[]) {
2638             { .version = 1 },
2639             {
2640                 .version = 2,
2641                 .alias = "Nehalem-IBRS",
2642                 .props = (PropValue[]) {
2643                     { "spec-ctrl", "on" },
2644                     { "model-id",
2645                       "Intel Core i7 9xx (Nehalem Core i7, IBRS update)" },
2646                     { /* end of list */ }
2647                 }
2648             },
2649             { /* end of list */ }
2650         }
2651     },
2652     {
2653         .name = "Westmere",
2654         .level = 11,
2655         .vendor = CPUID_VENDOR_INTEL,
2656         .family = 6,
2657         .model = 44,
2658         .stepping = 1,
2659         .features[FEAT_1_EDX] =
2660             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2661             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2662             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2663             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2664             CPUID_DE | CPUID_FP87,
2665         .features[FEAT_1_ECX] =
2666             CPUID_EXT_AES | CPUID_EXT_POPCNT | CPUID_EXT_SSE42 |
2667             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
2668             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3,
2669         .features[FEAT_8000_0001_EDX] =
2670             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX,
2671         .features[FEAT_8000_0001_ECX] =
2672             CPUID_EXT3_LAHF_LM,
2673         .features[FEAT_6_EAX] =
2674             CPUID_6_EAX_ARAT,
2675         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2676              MSR_VMX_BASIC_TRUE_CTLS,
2677         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2678              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2679              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2680         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2681              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2682              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2683              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2684              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2685              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2686              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS,
2687         .features[FEAT_VMX_EXIT_CTLS] =
2688              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2689              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2690              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2691              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2692              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2693         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
2694              MSR_VMX_MISC_STORE_LMA,
2695         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2696              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2697              VMX_PIN_BASED_VMX_PREEMPTION_TIMER,
2698         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2699              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2700              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2701              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2702              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2703              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2704              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2705              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2706              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2707              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2708              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2709              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2710         .features[FEAT_VMX_SECONDARY_CTLS] =
2711              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2712              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2713              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2714              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
2715              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST,
2716         .xlevel = 0x80000008,
2717         .model_id = "Westmere E56xx/L56xx/X56xx (Nehalem-C)",
2718         .versions = (X86CPUVersionDefinition[]) {
2719             { .version = 1 },
2720             {
2721                 .version = 2,
2722                 .alias = "Westmere-IBRS",
2723                 .props = (PropValue[]) {
2724                     { "spec-ctrl", "on" },
2725                     { "model-id",
2726                       "Westmere E56xx/L56xx/X56xx (IBRS update)" },
2727                     { /* end of list */ }
2728                 }
2729             },
2730             { /* end of list */ }
2731         }
2732     },
2733     {
2734         .name = "SandyBridge",
2735         .level = 0xd,
2736         .vendor = CPUID_VENDOR_INTEL,
2737         .family = 6,
2738         .model = 42,
2739         .stepping = 1,
2740         .features[FEAT_1_EDX] =
2741             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2742             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2743             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2744             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2745             CPUID_DE | CPUID_FP87,
2746         .features[FEAT_1_ECX] =
2747             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
2748             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_POPCNT |
2749             CPUID_EXT_X2APIC | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
2750             CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | CPUID_EXT_PCLMULQDQ |
2751             CPUID_EXT_SSE3,
2752         .features[FEAT_8000_0001_EDX] =
2753             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
2754             CPUID_EXT2_SYSCALL,
2755         .features[FEAT_8000_0001_ECX] =
2756             CPUID_EXT3_LAHF_LM,
2757         .features[FEAT_XSAVE] =
2758             CPUID_XSAVE_XSAVEOPT,
2759         .features[FEAT_6_EAX] =
2760             CPUID_6_EAX_ARAT,
2761         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2762              MSR_VMX_BASIC_TRUE_CTLS,
2763         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2764              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2765              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2766         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2767              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2768              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2769              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2770              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2771              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2772              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS,
2773         .features[FEAT_VMX_EXIT_CTLS] =
2774              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2775              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2776              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2777              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2778              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2779         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
2780              MSR_VMX_MISC_STORE_LMA,
2781         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2782              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2783              VMX_PIN_BASED_VMX_PREEMPTION_TIMER,
2784         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2785              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2786              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2787              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2788              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2789              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2790              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2791              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2792              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2793              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2794              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2795              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2796         .features[FEAT_VMX_SECONDARY_CTLS] =
2797              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2798              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2799              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2800              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
2801              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST,
2802         .xlevel = 0x80000008,
2803         .model_id = "Intel Xeon E312xx (Sandy Bridge)",
2804         .versions = (X86CPUVersionDefinition[]) {
2805             { .version = 1 },
2806             {
2807                 .version = 2,
2808                 .alias = "SandyBridge-IBRS",
2809                 .props = (PropValue[]) {
2810                     { "spec-ctrl", "on" },
2811                     { "model-id",
2812                       "Intel Xeon E312xx (Sandy Bridge, IBRS update)" },
2813                     { /* end of list */ }
2814                 }
2815             },
2816             { /* end of list */ }
2817         }
2818     },
2819     {
2820         .name = "IvyBridge",
2821         .level = 0xd,
2822         .vendor = CPUID_VENDOR_INTEL,
2823         .family = 6,
2824         .model = 58,
2825         .stepping = 9,
2826         .features[FEAT_1_EDX] =
2827             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2828             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2829             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2830             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2831             CPUID_DE | CPUID_FP87,
2832         .features[FEAT_1_ECX] =
2833             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
2834             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_POPCNT |
2835             CPUID_EXT_X2APIC | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
2836             CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | CPUID_EXT_PCLMULQDQ |
2837             CPUID_EXT_SSE3 | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
2838         .features[FEAT_7_0_EBX] =
2839             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_SMEP |
2840             CPUID_7_0_EBX_ERMS,
2841         .features[FEAT_8000_0001_EDX] =
2842             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
2843             CPUID_EXT2_SYSCALL,
2844         .features[FEAT_8000_0001_ECX] =
2845             CPUID_EXT3_LAHF_LM,
2846         .features[FEAT_XSAVE] =
2847             CPUID_XSAVE_XSAVEOPT,
2848         .features[FEAT_6_EAX] =
2849             CPUID_6_EAX_ARAT,
2850         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2851              MSR_VMX_BASIC_TRUE_CTLS,
2852         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2853              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2854              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2855         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2856              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2857              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2858              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2859              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2860              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2861              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS,
2862         .features[FEAT_VMX_EXIT_CTLS] =
2863              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2864              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2865              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2866              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2867              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2868         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
2869              MSR_VMX_MISC_STORE_LMA,
2870         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2871              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2872              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
2873         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2874              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2875              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2876              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2877              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2878              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2879              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2880              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2881              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2882              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2883              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2884              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2885         .features[FEAT_VMX_SECONDARY_CTLS] =
2886              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2887              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2888              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2889              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
2890              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
2891              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
2892              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
2893              VMX_SECONDARY_EXEC_RDRAND_EXITING,
2894         .xlevel = 0x80000008,
2895         .model_id = "Intel Xeon E3-12xx v2 (Ivy Bridge)",
2896         .versions = (X86CPUVersionDefinition[]) {
2897             { .version = 1 },
2898             {
2899                 .version = 2,
2900                 .alias = "IvyBridge-IBRS",
2901                 .props = (PropValue[]) {
2902                     { "spec-ctrl", "on" },
2903                     { "model-id",
2904                       "Intel Xeon E3-12xx v2 (Ivy Bridge, IBRS)" },
2905                     { /* end of list */ }
2906                 }
2907             },
2908             { /* end of list */ }
2909         }
2910     },
2911     {
2912         .name = "Haswell",
2913         .level = 0xd,
2914         .vendor = CPUID_VENDOR_INTEL,
2915         .family = 6,
2916         .model = 60,
2917         .stepping = 4,
2918         .features[FEAT_1_EDX] =
2919             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2920             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2921             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2922             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2923             CPUID_DE | CPUID_FP87,
2924         .features[FEAT_1_ECX] =
2925             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
2926             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
2927             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
2928             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
2929             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
2930             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
2931         .features[FEAT_8000_0001_EDX] =
2932             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
2933             CPUID_EXT2_SYSCALL,
2934         .features[FEAT_8000_0001_ECX] =
2935             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM,
2936         .features[FEAT_7_0_EBX] =
2937             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
2938             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
2939             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
2940             CPUID_7_0_EBX_RTM,
2941         .features[FEAT_XSAVE] =
2942             CPUID_XSAVE_XSAVEOPT,
2943         .features[FEAT_6_EAX] =
2944             CPUID_6_EAX_ARAT,
2945         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2946              MSR_VMX_BASIC_TRUE_CTLS,
2947         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2948              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2949              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2950         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2951              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2952              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2953              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2954              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2955              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2956              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
2957         .features[FEAT_VMX_EXIT_CTLS] =
2958              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2959              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2960              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2961              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2962              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2963         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
2964              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
2965         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2966              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2967              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
2968         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2969              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2970              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2971              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2972              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2973              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2974              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2975              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2976              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2977              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2978              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2979              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2980         .features[FEAT_VMX_SECONDARY_CTLS] =
2981              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2982              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2983              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2984              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
2985              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
2986              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
2987              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
2988              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
2989              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS,
2990         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
2991         .xlevel = 0x80000008,
2992         .model_id = "Intel Core Processor (Haswell)",
2993         .versions = (X86CPUVersionDefinition[]) {
2994             { .version = 1 },
2995             {
2996                 .version = 2,
2997                 .alias = "Haswell-noTSX",
2998                 .props = (PropValue[]) {
2999                     { "hle", "off" },
3000                     { "rtm", "off" },
3001                     { "stepping", "1" },
3002                     { "model-id", "Intel Core Processor (Haswell, no TSX)", },
3003                     { /* end of list */ }
3004                 },
3005             },
3006             {
3007                 .version = 3,
3008                 .alias = "Haswell-IBRS",
3009                 .props = (PropValue[]) {
3010                     /* Restore TSX features removed by -v2 above */
3011                     { "hle", "on" },
3012                     { "rtm", "on" },
3013                     /*
3014                      * Haswell and Haswell-IBRS had stepping=4 in
3015                      * QEMU 4.0 and older
3016                      */
3017                     { "stepping", "4" },
3018                     { "spec-ctrl", "on" },
3019                     { "model-id",
3020                       "Intel Core Processor (Haswell, IBRS)" },
3021                     { /* end of list */ }
3022                 }
3023             },
3024             {
3025                 .version = 4,
3026                 .alias = "Haswell-noTSX-IBRS",
3027                 .props = (PropValue[]) {
3028                     { "hle", "off" },
3029                     { "rtm", "off" },
3030                     /* spec-ctrl was already enabled by -v3 above */
3031                     { "stepping", "1" },
3032                     { "model-id",
3033                       "Intel Core Processor (Haswell, no TSX, IBRS)" },
3034                     { /* end of list */ }
3035                 }
3036             },
3037             { /* end of list */ }
3038         }
3039     },
3040     {
3041         .name = "Broadwell",
3042         .level = 0xd,
3043         .vendor = CPUID_VENDOR_INTEL,
3044         .family = 6,
3045         .model = 61,
3046         .stepping = 2,
3047         .features[FEAT_1_EDX] =
3048             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3049             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3050             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3051             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3052             CPUID_DE | CPUID_FP87,
3053         .features[FEAT_1_ECX] =
3054             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
3055             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
3056             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
3057             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
3058             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
3059             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
3060         .features[FEAT_8000_0001_EDX] =
3061             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
3062             CPUID_EXT2_SYSCALL,
3063         .features[FEAT_8000_0001_ECX] =
3064             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
3065         .features[FEAT_7_0_EBX] =
3066             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
3067             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
3068             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
3069             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
3070             CPUID_7_0_EBX_SMAP,
3071         .features[FEAT_XSAVE] =
3072             CPUID_XSAVE_XSAVEOPT,
3073         .features[FEAT_6_EAX] =
3074             CPUID_6_EAX_ARAT,
3075         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
3076              MSR_VMX_BASIC_TRUE_CTLS,
3077         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
3078              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
3079              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
3080         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
3081              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
3082              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
3083              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3084              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3085              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3086              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
3087         .features[FEAT_VMX_EXIT_CTLS] =
3088              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3089              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3090              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
3091              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3092              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3093         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
3094              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
3095         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
3096              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
3097              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
3098         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3099              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3100              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3101              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3102              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3103              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3104              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3105              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3106              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3107              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3108              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3109              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3110         .features[FEAT_VMX_SECONDARY_CTLS] =
3111              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3112              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3113              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3114              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3115              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3116              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
3117              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
3118              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3119              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
3120              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
3121         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
3122         .xlevel = 0x80000008,
3123         .model_id = "Intel Core Processor (Broadwell)",
3124         .versions = (X86CPUVersionDefinition[]) {
3125             { .version = 1 },
3126             {
3127                 .version = 2,
3128                 .alias = "Broadwell-noTSX",
3129                 .props = (PropValue[]) {
3130                     { "hle", "off" },
3131                     { "rtm", "off" },
3132                     { "model-id", "Intel Core Processor (Broadwell, no TSX)", },
3133                     { /* end of list */ }
3134                 },
3135             },
3136             {
3137                 .version = 3,
3138                 .alias = "Broadwell-IBRS",
3139                 .props = (PropValue[]) {
3140                     /* Restore TSX features removed by -v2 above */
3141                     { "hle", "on" },
3142                     { "rtm", "on" },
3143                     { "spec-ctrl", "on" },
3144                     { "model-id",
3145                       "Intel Core Processor (Broadwell, IBRS)" },
3146                     { /* end of list */ }
3147                 }
3148             },
3149             {
3150                 .version = 4,
3151                 .alias = "Broadwell-noTSX-IBRS",
3152                 .props = (PropValue[]) {
3153                     { "hle", "off" },
3154                     { "rtm", "off" },
3155                     /* spec-ctrl was already enabled by -v3 above */
3156                     { "model-id",
3157                       "Intel Core Processor (Broadwell, no TSX, IBRS)" },
3158                     { /* end of list */ }
3159                 }
3160             },
3161             { /* end of list */ }
3162         }
3163     },
3164     {
3165         .name = "Skylake-Client",
3166         .level = 0xd,
3167         .vendor = CPUID_VENDOR_INTEL,
3168         .family = 6,
3169         .model = 94,
3170         .stepping = 3,
3171         .features[FEAT_1_EDX] =
3172             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3173             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3174             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3175             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3176             CPUID_DE | CPUID_FP87,
3177         .features[FEAT_1_ECX] =
3178             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
3179             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
3180             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
3181             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
3182             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
3183             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
3184         .features[FEAT_8000_0001_EDX] =
3185             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
3186             CPUID_EXT2_SYSCALL,
3187         .features[FEAT_8000_0001_ECX] =
3188             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
3189         .features[FEAT_7_0_EBX] =
3190             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
3191             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
3192             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
3193             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
3194             CPUID_7_0_EBX_SMAP,
3195         /* XSAVES is added in version 4 */
3196         .features[FEAT_XSAVE] =
3197             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
3198             CPUID_XSAVE_XGETBV1,
3199         .features[FEAT_6_EAX] =
3200             CPUID_6_EAX_ARAT,
3201         /* Missing: Mode-based execute control (XS/XU), processor tracing, TSC scaling */
3202         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
3203              MSR_VMX_BASIC_TRUE_CTLS,
3204         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
3205              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
3206              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
3207         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
3208              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
3209              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
3210              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3211              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3212              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3213              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
3214         .features[FEAT_VMX_EXIT_CTLS] =
3215              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3216              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3217              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
3218              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3219              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3220         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
3221              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
3222         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
3223              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
3224              VMX_PIN_BASED_VMX_PREEMPTION_TIMER,
3225         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3226              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3227              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3228              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3229              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3230              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3231              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3232              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3233              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3234              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3235              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3236              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3237         .features[FEAT_VMX_SECONDARY_CTLS] =
3238              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3239              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3240              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3241              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3242              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3243              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
3244              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
3245         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
3246         .xlevel = 0x80000008,
3247         .model_id = "Intel Core Processor (Skylake)",
3248         .versions = (X86CPUVersionDefinition[]) {
3249             { .version = 1 },
3250             {
3251                 .version = 2,
3252                 .alias = "Skylake-Client-IBRS",
3253                 .props = (PropValue[]) {
3254                     { "spec-ctrl", "on" },
3255                     { "model-id",
3256                       "Intel Core Processor (Skylake, IBRS)" },
3257                     { /* end of list */ }
3258                 }
3259             },
3260             {
3261                 .version = 3,
3262                 .alias = "Skylake-Client-noTSX-IBRS",
3263                 .props = (PropValue[]) {
3264                     { "hle", "off" },
3265                     { "rtm", "off" },
3266                     { "model-id",
3267                       "Intel Core Processor (Skylake, IBRS, no TSX)" },
3268                     { /* end of list */ }
3269                 }
3270             },
3271             {
3272                 .version = 4,
3273                 .note = "IBRS, XSAVES, no TSX",
3274                 .props = (PropValue[]) {
3275                     { "xsaves", "on" },
3276                     { "vmx-xsaves", "on" },
3277                     { /* end of list */ }
3278                 }
3279             },
3280             { /* end of list */ }
3281         }
3282     },
3283     {
3284         .name = "Skylake-Server",
3285         .level = 0xd,
3286         .vendor = CPUID_VENDOR_INTEL,
3287         .family = 6,
3288         .model = 85,
3289         .stepping = 4,
3290         .features[FEAT_1_EDX] =
3291             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3292             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3293             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3294             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3295             CPUID_DE | CPUID_FP87,
3296         .features[FEAT_1_ECX] =
3297             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
3298             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
3299             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
3300             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
3301             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
3302             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
3303         .features[FEAT_8000_0001_EDX] =
3304             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
3305             CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
3306         .features[FEAT_8000_0001_ECX] =
3307             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
3308         .features[FEAT_7_0_EBX] =
3309             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
3310             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
3311             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
3312             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
3313             CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLWB |
3314             CPUID_7_0_EBX_AVX512F | CPUID_7_0_EBX_AVX512DQ |
3315             CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512CD |
3316             CPUID_7_0_EBX_AVX512VL | CPUID_7_0_EBX_CLFLUSHOPT,
3317         .features[FEAT_7_0_ECX] =
3318             CPUID_7_0_ECX_PKU,
3319         /* XSAVES is added in version 5 */
3320         .features[FEAT_XSAVE] =
3321             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
3322             CPUID_XSAVE_XGETBV1,
3323         .features[FEAT_6_EAX] =
3324             CPUID_6_EAX_ARAT,
3325         /* Missing: Mode-based execute control (XS/XU), processor tracing, TSC scaling */
3326         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
3327              MSR_VMX_BASIC_TRUE_CTLS,
3328         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
3329              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
3330              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
3331         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
3332              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
3333              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
3334              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3335              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3336              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3337              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
3338         .features[FEAT_VMX_EXIT_CTLS] =
3339              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3340              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3341              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
3342              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3343              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3344         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
3345              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
3346         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
3347              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
3348              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
3349         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3350              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3351              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3352              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3353              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3354              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3355              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3356              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3357              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3358              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3359              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3360              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3361         .features[FEAT_VMX_SECONDARY_CTLS] =
3362              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3363              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3364              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3365              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3366              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3367              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
3368              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
3369              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3370              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
3371              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
3372         .xlevel = 0x80000008,
3373         .model_id = "Intel Xeon Processor (Skylake)",
3374         .versions = (X86CPUVersionDefinition[]) {
3375             { .version = 1 },
3376             {
3377                 .version = 2,
3378                 .alias = "Skylake-Server-IBRS",
3379                 .props = (PropValue[]) {
3380                     /* clflushopt was not added to Skylake-Server-IBRS */
3381                     /* TODO: add -v3 including clflushopt */
3382                     { "clflushopt", "off" },
3383                     { "spec-ctrl", "on" },
3384                     { "model-id",
3385                       "Intel Xeon Processor (Skylake, IBRS)" },
3386                     { /* end of list */ }
3387                 }
3388             },
3389             {
3390                 .version = 3,
3391                 .alias = "Skylake-Server-noTSX-IBRS",
3392                 .props = (PropValue[]) {
3393                     { "hle", "off" },
3394                     { "rtm", "off" },
3395                     { "model-id",
3396                       "Intel Xeon Processor (Skylake, IBRS, no TSX)" },
3397                     { /* end of list */ }
3398                 }
3399             },
3400             {
3401                 .version = 4,
3402                 .props = (PropValue[]) {
3403                     { "vmx-eptp-switching", "on" },
3404                     { /* end of list */ }
3405                 }
3406             },
3407             {
3408                 .version = 5,
3409                 .note = "IBRS, XSAVES, EPT switching, no TSX",
3410                 .props = (PropValue[]) {
3411                     { "xsaves", "on" },
3412                     { "vmx-xsaves", "on" },
3413                     { /* end of list */ }
3414                 }
3415             },
3416             { /* end of list */ }
3417         }
3418     },
3419     {
3420         .name = "Cascadelake-Server",
3421         .level = 0xd,
3422         .vendor = CPUID_VENDOR_INTEL,
3423         .family = 6,
3424         .model = 85,
3425         .stepping = 6,
3426         .features[FEAT_1_EDX] =
3427             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3428             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3429             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3430             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3431             CPUID_DE | CPUID_FP87,
3432         .features[FEAT_1_ECX] =
3433             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
3434             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
3435             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
3436             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
3437             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
3438             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
3439         .features[FEAT_8000_0001_EDX] =
3440             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
3441             CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
3442         .features[FEAT_8000_0001_ECX] =
3443             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
3444         .features[FEAT_7_0_EBX] =
3445             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
3446             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
3447             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
3448             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
3449             CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLWB |
3450             CPUID_7_0_EBX_AVX512F | CPUID_7_0_EBX_AVX512DQ |
3451             CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512CD |
3452             CPUID_7_0_EBX_AVX512VL | CPUID_7_0_EBX_CLFLUSHOPT,
3453         .features[FEAT_7_0_ECX] =
3454             CPUID_7_0_ECX_PKU |
3455             CPUID_7_0_ECX_AVX512VNNI,
3456         .features[FEAT_7_0_EDX] =
3457             CPUID_7_0_EDX_SPEC_CTRL | CPUID_7_0_EDX_SPEC_CTRL_SSBD,
3458         /* XSAVES is added in version 5 */
3459         .features[FEAT_XSAVE] =
3460             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
3461             CPUID_XSAVE_XGETBV1,
3462         .features[FEAT_6_EAX] =
3463             CPUID_6_EAX_ARAT,
3464         /* Missing: Mode-based execute control (XS/XU), processor tracing, TSC scaling */
3465         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
3466              MSR_VMX_BASIC_TRUE_CTLS,
3467         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
3468              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
3469              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
3470         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
3471              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
3472              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
3473              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3474              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3475              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3476              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
3477         .features[FEAT_VMX_EXIT_CTLS] =
3478              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3479              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3480              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
3481              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3482              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3483         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
3484              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
3485         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
3486              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
3487              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
3488         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3489              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3490              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3491              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3492              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3493              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3494              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3495              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3496              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3497              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3498              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3499              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3500         .features[FEAT_VMX_SECONDARY_CTLS] =
3501              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3502              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3503              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3504              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3505              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3506              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
3507              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
3508              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3509              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
3510              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
3511         .xlevel = 0x80000008,
3512         .model_id = "Intel Xeon Processor (Cascadelake)",
3513         .versions = (X86CPUVersionDefinition[]) {
3514             { .version = 1 },
3515             { .version = 2,
3516               .note = "ARCH_CAPABILITIES",
3517               .props = (PropValue[]) {
3518                   { "arch-capabilities", "on" },
3519                   { "rdctl-no", "on" },
3520                   { "ibrs-all", "on" },
3521                   { "skip-l1dfl-vmentry", "on" },
3522                   { "mds-no", "on" },
3523                   { /* end of list */ }
3524               },
3525             },
3526             { .version = 3,
3527               .alias = "Cascadelake-Server-noTSX",
3528               .note = "ARCH_CAPABILITIES, no TSX",
3529               .props = (PropValue[]) {
3530                   { "hle", "off" },
3531                   { "rtm", "off" },
3532                   { /* end of list */ }
3533               },
3534             },
3535             { .version = 4,
3536               .note = "ARCH_CAPABILITIES, no TSX",
3537               .props = (PropValue[]) {
3538                   { "vmx-eptp-switching", "on" },
3539                   { /* end of list */ }
3540               },
3541             },
3542             { .version = 5,
3543               .note = "ARCH_CAPABILITIES, EPT switching, XSAVES, no TSX",
3544               .props = (PropValue[]) {
3545                   { "xsaves", "on" },
3546                   { "vmx-xsaves", "on" },
3547                   { /* end of list */ }
3548               },
3549             },
3550             { /* end of list */ }
3551         }
3552     },
3553     {
3554         .name = "Cooperlake",
3555         .level = 0xd,
3556         .vendor = CPUID_VENDOR_INTEL,
3557         .family = 6,
3558         .model = 85,
3559         .stepping = 10,
3560         .features[FEAT_1_EDX] =
3561             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3562             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3563             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3564             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3565             CPUID_DE | CPUID_FP87,
3566         .features[FEAT_1_ECX] =
3567             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
3568             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
3569             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
3570             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
3571             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
3572             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
3573         .features[FEAT_8000_0001_EDX] =
3574             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
3575             CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
3576         .features[FEAT_8000_0001_ECX] =
3577             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
3578         .features[FEAT_7_0_EBX] =
3579             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
3580             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
3581             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
3582             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
3583             CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLWB |
3584             CPUID_7_0_EBX_AVX512F | CPUID_7_0_EBX_AVX512DQ |
3585             CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512CD |
3586             CPUID_7_0_EBX_AVX512VL | CPUID_7_0_EBX_CLFLUSHOPT,
3587         .features[FEAT_7_0_ECX] =
3588             CPUID_7_0_ECX_PKU |
3589             CPUID_7_0_ECX_AVX512VNNI,
3590         .features[FEAT_7_0_EDX] =
3591             CPUID_7_0_EDX_SPEC_CTRL | CPUID_7_0_EDX_STIBP |
3592             CPUID_7_0_EDX_SPEC_CTRL_SSBD | CPUID_7_0_EDX_ARCH_CAPABILITIES,
3593         .features[FEAT_ARCH_CAPABILITIES] =
3594             MSR_ARCH_CAP_RDCL_NO | MSR_ARCH_CAP_IBRS_ALL |
3595             MSR_ARCH_CAP_SKIP_L1DFL_VMENTRY | MSR_ARCH_CAP_MDS_NO |
3596             MSR_ARCH_CAP_PSCHANGE_MC_NO | MSR_ARCH_CAP_TAA_NO,
3597         .features[FEAT_7_1_EAX] =
3598             CPUID_7_1_EAX_AVX512_BF16,
3599         /* XSAVES is added in version 2 */
3600         .features[FEAT_XSAVE] =
3601             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
3602             CPUID_XSAVE_XGETBV1,
3603         .features[FEAT_6_EAX] =
3604             CPUID_6_EAX_ARAT,
3605         /* Missing: Mode-based execute control (XS/XU), processor tracing, TSC scaling */
3606         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
3607              MSR_VMX_BASIC_TRUE_CTLS,
3608         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
3609              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
3610              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
3611         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
3612              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
3613              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
3614              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3615              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3616              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3617              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
3618         .features[FEAT_VMX_EXIT_CTLS] =
3619              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3620              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3621              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
3622              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3623              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3624         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
3625              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
3626         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
3627              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
3628              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
3629         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3630              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3631              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3632              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3633              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3634              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3635              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3636              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3637              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3638              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3639              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3640              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3641         .features[FEAT_VMX_SECONDARY_CTLS] =
3642              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3643              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3644              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3645              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3646              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3647              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
3648              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
3649              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3650              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
3651              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
3652         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
3653         .xlevel = 0x80000008,
3654         .model_id = "Intel Xeon Processor (Cooperlake)",
3655         .versions = (X86CPUVersionDefinition[]) {
3656             { .version = 1 },
3657             { .version = 2,
3658               .note = "XSAVES",
3659               .props = (PropValue[]) {
3660                   { "xsaves", "on" },
3661                   { "vmx-xsaves", "on" },
3662                   { /* end of list */ }
3663               },
3664             },
3665             { /* end of list */ }
3666         }
3667     },
3668     {
3669         .name = "Icelake-Server",
3670         .level = 0xd,
3671         .vendor = CPUID_VENDOR_INTEL,
3672         .family = 6,
3673         .model = 134,
3674         .stepping = 0,
3675         .features[FEAT_1_EDX] =
3676             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3677             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3678             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3679             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3680             CPUID_DE | CPUID_FP87,
3681         .features[FEAT_1_ECX] =
3682             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
3683             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
3684             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
3685             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
3686             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
3687             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
3688         .features[FEAT_8000_0001_EDX] =
3689             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
3690             CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
3691         .features[FEAT_8000_0001_ECX] =
3692             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
3693         .features[FEAT_8000_0008_EBX] =
3694             CPUID_8000_0008_EBX_WBNOINVD,
3695         .features[FEAT_7_0_EBX] =
3696             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
3697             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
3698             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
3699             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
3700             CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLWB |
3701             CPUID_7_0_EBX_AVX512F | CPUID_7_0_EBX_AVX512DQ |
3702             CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512CD |
3703             CPUID_7_0_EBX_AVX512VL | CPUID_7_0_EBX_CLFLUSHOPT,
3704         .features[FEAT_7_0_ECX] =
3705             CPUID_7_0_ECX_AVX512_VBMI | CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_PKU |
3706             CPUID_7_0_ECX_AVX512_VBMI2 | CPUID_7_0_ECX_GFNI |
3707             CPUID_7_0_ECX_VAES | CPUID_7_0_ECX_VPCLMULQDQ |
3708             CPUID_7_0_ECX_AVX512VNNI | CPUID_7_0_ECX_AVX512BITALG |
3709             CPUID_7_0_ECX_AVX512_VPOPCNTDQ | CPUID_7_0_ECX_LA57,
3710         .features[FEAT_7_0_EDX] =
3711             CPUID_7_0_EDX_SPEC_CTRL | CPUID_7_0_EDX_SPEC_CTRL_SSBD,
3712         /* XSAVES is added in version 5 */
3713         .features[FEAT_XSAVE] =
3714             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
3715             CPUID_XSAVE_XGETBV1,
3716         .features[FEAT_6_EAX] =
3717             CPUID_6_EAX_ARAT,
3718         /* Missing: Mode-based execute control (XS/XU), processor tracing, TSC scaling */
3719         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
3720              MSR_VMX_BASIC_TRUE_CTLS,
3721         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
3722              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
3723              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
3724         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
3725              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
3726              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
3727              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3728              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3729              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3730              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
3731         .features[FEAT_VMX_EXIT_CTLS] =
3732              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3733              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3734              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
3735              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3736              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3737         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
3738              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
3739         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
3740              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
3741              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
3742         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3743              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3744              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3745              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3746              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3747              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3748              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3749              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3750              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3751              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3752              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3753              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3754         .features[FEAT_VMX_SECONDARY_CTLS] =
3755              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3756              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3757              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3758              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3759              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3760              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
3761              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
3762              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3763              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS,
3764         .xlevel = 0x80000008,
3765         .model_id = "Intel Xeon Processor (Icelake)",
3766         .versions = (X86CPUVersionDefinition[]) {
3767             { .version = 1 },
3768             {
3769                 .version = 2,
3770                 .note = "no TSX",
3771                 .alias = "Icelake-Server-noTSX",
3772                 .props = (PropValue[]) {
3773                     { "hle", "off" },
3774                     { "rtm", "off" },
3775                     { /* end of list */ }
3776                 },
3777             },
3778             {
3779                 .version = 3,
3780                 .props = (PropValue[]) {
3781                     { "arch-capabilities", "on" },
3782                     { "rdctl-no", "on" },
3783                     { "ibrs-all", "on" },
3784                     { "skip-l1dfl-vmentry", "on" },
3785                     { "mds-no", "on" },
3786                     { "pschange-mc-no", "on" },
3787                     { "taa-no", "on" },
3788                     { /* end of list */ }
3789                 },
3790             },
3791             {
3792                 .version = 4,
3793                 .props = (PropValue[]) {
3794                     { "sha-ni", "on" },
3795                     { "avx512ifma", "on" },
3796                     { "rdpid", "on" },
3797                     { "fsrm", "on" },
3798                     { "vmx-rdseed-exit", "on" },
3799                     { "vmx-pml", "on" },
3800                     { "vmx-eptp-switching", "on" },
3801                     { "model", "106" },
3802                     { /* end of list */ }
3803                 },
3804             },
3805             {
3806                 .version = 5,
3807                 .note = "XSAVES",
3808                 .props = (PropValue[]) {
3809                     { "xsaves", "on" },
3810                     { "vmx-xsaves", "on" },
3811                     { /* end of list */ }
3812                 },
3813             },
3814             {
3815                 .version = 6,
3816                 .note = "5-level EPT",
3817                 .props = (PropValue[]) {
3818                     { "vmx-page-walk-5", "on" },
3819                     { /* end of list */ }
3820                 },
3821             },
3822             { /* end of list */ }
3823         }
3824     },
3825     {
3826         .name = "SapphireRapids",
3827         .level = 0x20,
3828         .vendor = CPUID_VENDOR_INTEL,
3829         .family = 6,
3830         .model = 143,
3831         .stepping = 4,
3832         /*
3833          * please keep the ascending order so that we can have a clear view of
3834          * bit position of each feature.
3835          */
3836         .features[FEAT_1_EDX] =
3837             CPUID_FP87 | CPUID_VME | CPUID_DE | CPUID_PSE | CPUID_TSC |
3838             CPUID_MSR | CPUID_PAE | CPUID_MCE | CPUID_CX8 | CPUID_APIC |
3839             CPUID_SEP | CPUID_MTRR | CPUID_PGE | CPUID_MCA | CPUID_CMOV |
3840             CPUID_PAT | CPUID_PSE36 | CPUID_CLFLUSH | CPUID_MMX | CPUID_FXSR |
3841             CPUID_SSE | CPUID_SSE2,
3842         .features[FEAT_1_ECX] =
3843             CPUID_EXT_SSE3 | CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSSE3 |
3844             CPUID_EXT_FMA | CPUID_EXT_CX16 | CPUID_EXT_PCID | CPUID_EXT_SSE41 |
3845             CPUID_EXT_SSE42 | CPUID_EXT_X2APIC | CPUID_EXT_MOVBE |
3846             CPUID_EXT_POPCNT | CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_AES |
3847             CPUID_EXT_XSAVE | CPUID_EXT_AVX | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
3848         .features[FEAT_8000_0001_EDX] =
3849             CPUID_EXT2_SYSCALL | CPUID_EXT2_NX | CPUID_EXT2_PDPE1GB |
3850             CPUID_EXT2_RDTSCP | CPUID_EXT2_LM,
3851         .features[FEAT_8000_0001_ECX] =
3852             CPUID_EXT3_LAHF_LM | CPUID_EXT3_ABM | CPUID_EXT3_3DNOWPREFETCH,
3853         .features[FEAT_8000_0008_EBX] =
3854             CPUID_8000_0008_EBX_WBNOINVD,
3855         .features[FEAT_7_0_EBX] =
3856             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_HLE |
3857             CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 |
3858             CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID | CPUID_7_0_EBX_RTM |
3859             CPUID_7_0_EBX_AVX512F | CPUID_7_0_EBX_AVX512DQ |
3860             CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_SMAP |
3861             CPUID_7_0_EBX_AVX512IFMA | CPUID_7_0_EBX_CLFLUSHOPT |
3862             CPUID_7_0_EBX_CLWB | CPUID_7_0_EBX_AVX512CD | CPUID_7_0_EBX_SHA_NI |
3863             CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512VL,
3864         .features[FEAT_7_0_ECX] =
3865             CPUID_7_0_ECX_AVX512_VBMI | CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_PKU |
3866             CPUID_7_0_ECX_AVX512_VBMI2 | CPUID_7_0_ECX_GFNI |
3867             CPUID_7_0_ECX_VAES | CPUID_7_0_ECX_VPCLMULQDQ |
3868             CPUID_7_0_ECX_AVX512VNNI | CPUID_7_0_ECX_AVX512BITALG |
3869             CPUID_7_0_ECX_AVX512_VPOPCNTDQ | CPUID_7_0_ECX_LA57 |
3870             CPUID_7_0_ECX_RDPID | CPUID_7_0_ECX_BUS_LOCK_DETECT,
3871         .features[FEAT_7_0_EDX] =
3872             CPUID_7_0_EDX_FSRM | CPUID_7_0_EDX_SERIALIZE |
3873             CPUID_7_0_EDX_TSX_LDTRK | CPUID_7_0_EDX_AMX_BF16 |
3874             CPUID_7_0_EDX_AVX512_FP16 | CPUID_7_0_EDX_AMX_TILE |
3875             CPUID_7_0_EDX_AMX_INT8 | CPUID_7_0_EDX_SPEC_CTRL |
3876             CPUID_7_0_EDX_ARCH_CAPABILITIES | CPUID_7_0_EDX_SPEC_CTRL_SSBD,
3877         .features[FEAT_ARCH_CAPABILITIES] =
3878             MSR_ARCH_CAP_RDCL_NO | MSR_ARCH_CAP_IBRS_ALL |
3879             MSR_ARCH_CAP_SKIP_L1DFL_VMENTRY | MSR_ARCH_CAP_MDS_NO |
3880             MSR_ARCH_CAP_PSCHANGE_MC_NO | MSR_ARCH_CAP_TAA_NO,
3881         .features[FEAT_XSAVE] =
3882             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
3883             CPUID_XSAVE_XGETBV1 | CPUID_XSAVE_XSAVES | CPUID_D_1_EAX_XFD,
3884         .features[FEAT_6_EAX] =
3885             CPUID_6_EAX_ARAT,
3886         .features[FEAT_7_1_EAX] =
3887             CPUID_7_1_EAX_AVX_VNNI | CPUID_7_1_EAX_AVX512_BF16 |
3888             CPUID_7_1_EAX_FZRM | CPUID_7_1_EAX_FSRS | CPUID_7_1_EAX_FSRC,
3889         .features[FEAT_VMX_BASIC] =
3890             MSR_VMX_BASIC_INS_OUTS | MSR_VMX_BASIC_TRUE_CTLS,
3891         .features[FEAT_VMX_ENTRY_CTLS] =
3892             VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_IA32E_MODE |
3893             VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL |
3894             VMX_VM_ENTRY_LOAD_IA32_PAT | VMX_VM_ENTRY_LOAD_IA32_EFER,
3895         .features[FEAT_VMX_EPT_VPID_CAPS] =
3896             MSR_VMX_EPT_EXECONLY |
3897             MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_PAGE_WALK_LENGTH_5 |
3898             MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB | MSR_VMX_EPT_1GB |
3899             MSR_VMX_EPT_INVEPT | MSR_VMX_EPT_AD_BITS |
3900             MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3901             MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3902             MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT |
3903             MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3904             MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS,
3905         .features[FEAT_VMX_EXIT_CTLS] =
3906             VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3907             VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3908             VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_IA32_PAT |
3909             VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3910             VMX_VM_EXIT_LOAD_IA32_EFER | VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3911         .features[FEAT_VMX_MISC] =
3912             MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_ACTIVITY_HLT |
3913             MSR_VMX_MISC_VMWRITE_VMEXIT,
3914         .features[FEAT_VMX_PINBASED_CTLS] =
3915             VMX_PIN_BASED_EXT_INTR_MASK | VMX_PIN_BASED_NMI_EXITING |
3916             VMX_PIN_BASED_VIRTUAL_NMIS | VMX_PIN_BASED_VMX_PREEMPTION_TIMER |
3917             VMX_PIN_BASED_POSTED_INTR,
3918         .features[FEAT_VMX_PROCBASED_CTLS] =
3919             VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3920             VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3921             VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3922             VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3923             VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3924             VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3925             VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_VIRTUAL_NMI_PENDING |
3926             VMX_CPU_BASED_MOV_DR_EXITING | VMX_CPU_BASED_UNCOND_IO_EXITING |
3927             VMX_CPU_BASED_USE_IO_BITMAPS | VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3928             VMX_CPU_BASED_USE_MSR_BITMAPS | VMX_CPU_BASED_MONITOR_EXITING |
3929             VMX_CPU_BASED_PAUSE_EXITING |
3930             VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3931         .features[FEAT_VMX_SECONDARY_CTLS] =
3932             VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3933             VMX_SECONDARY_EXEC_ENABLE_EPT | VMX_SECONDARY_EXEC_DESC |
3934             VMX_SECONDARY_EXEC_RDTSCP |
3935             VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3936             VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_WBINVD_EXITING |
3937             VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3938             VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
3939             VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
3940             VMX_SECONDARY_EXEC_RDRAND_EXITING |
3941             VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3942             VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
3943             VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML |
3944             VMX_SECONDARY_EXEC_XSAVES,
3945         .features[FEAT_VMX_VMFUNC] =
3946             MSR_VMX_VMFUNC_EPT_SWITCHING,
3947         .xlevel = 0x80000008,
3948         .model_id = "Intel Xeon Processor (SapphireRapids)",
3949         .versions = (X86CPUVersionDefinition[]) {
3950             { .version = 1 },
3951             {
3952                 .version = 2,
3953                 .props = (PropValue[]) {
3954                     { "sbdr-ssdp-no", "on" },
3955                     { "fbsdp-no", "on" },
3956                     { "psdp-no", "on" },
3957                     { /* end of list */ }
3958                 }
3959             },
3960             { /* end of list */ }
3961         }
3962     },
3963     {
3964         .name = "GraniteRapids",
3965         .level = 0x20,
3966         .vendor = CPUID_VENDOR_INTEL,
3967         .family = 6,
3968         .model = 173,
3969         .stepping = 0,
3970         /*
3971          * please keep the ascending order so that we can have a clear view of
3972          * bit position of each feature.
3973          */
3974         .features[FEAT_1_EDX] =
3975             CPUID_FP87 | CPUID_VME | CPUID_DE | CPUID_PSE | CPUID_TSC |
3976             CPUID_MSR | CPUID_PAE | CPUID_MCE | CPUID_CX8 | CPUID_APIC |
3977             CPUID_SEP | CPUID_MTRR | CPUID_PGE | CPUID_MCA | CPUID_CMOV |
3978             CPUID_PAT | CPUID_PSE36 | CPUID_CLFLUSH | CPUID_MMX | CPUID_FXSR |
3979             CPUID_SSE | CPUID_SSE2,
3980         .features[FEAT_1_ECX] =
3981             CPUID_EXT_SSE3 | CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSSE3 |
3982             CPUID_EXT_FMA | CPUID_EXT_CX16 | CPUID_EXT_PCID | CPUID_EXT_SSE41 |
3983             CPUID_EXT_SSE42 | CPUID_EXT_X2APIC | CPUID_EXT_MOVBE |
3984             CPUID_EXT_POPCNT | CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_AES |
3985             CPUID_EXT_XSAVE | CPUID_EXT_AVX | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
3986         .features[FEAT_8000_0001_EDX] =
3987             CPUID_EXT2_SYSCALL | CPUID_EXT2_NX | CPUID_EXT2_PDPE1GB |
3988             CPUID_EXT2_RDTSCP | CPUID_EXT2_LM,
3989         .features[FEAT_8000_0001_ECX] =
3990             CPUID_EXT3_LAHF_LM | CPUID_EXT3_ABM | CPUID_EXT3_3DNOWPREFETCH,
3991         .features[FEAT_8000_0008_EBX] =
3992             CPUID_8000_0008_EBX_WBNOINVD,
3993         .features[FEAT_7_0_EBX] =
3994             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_HLE |
3995             CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 |
3996             CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID | CPUID_7_0_EBX_RTM |
3997             CPUID_7_0_EBX_AVX512F | CPUID_7_0_EBX_AVX512DQ |
3998             CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_SMAP |
3999             CPUID_7_0_EBX_AVX512IFMA | CPUID_7_0_EBX_CLFLUSHOPT |
4000             CPUID_7_0_EBX_CLWB | CPUID_7_0_EBX_AVX512CD | CPUID_7_0_EBX_SHA_NI |
4001             CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512VL,
4002         .features[FEAT_7_0_ECX] =
4003             CPUID_7_0_ECX_AVX512_VBMI | CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_PKU |
4004             CPUID_7_0_ECX_AVX512_VBMI2 | CPUID_7_0_ECX_GFNI |
4005             CPUID_7_0_ECX_VAES | CPUID_7_0_ECX_VPCLMULQDQ |
4006             CPUID_7_0_ECX_AVX512VNNI | CPUID_7_0_ECX_AVX512BITALG |
4007             CPUID_7_0_ECX_AVX512_VPOPCNTDQ | CPUID_7_0_ECX_LA57 |
4008             CPUID_7_0_ECX_RDPID | CPUID_7_0_ECX_BUS_LOCK_DETECT,
4009         .features[FEAT_7_0_EDX] =
4010             CPUID_7_0_EDX_FSRM | CPUID_7_0_EDX_SERIALIZE |
4011             CPUID_7_0_EDX_TSX_LDTRK | CPUID_7_0_EDX_AMX_BF16 |
4012             CPUID_7_0_EDX_AVX512_FP16 | CPUID_7_0_EDX_AMX_TILE |
4013             CPUID_7_0_EDX_AMX_INT8 | CPUID_7_0_EDX_SPEC_CTRL |
4014             CPUID_7_0_EDX_ARCH_CAPABILITIES | CPUID_7_0_EDX_SPEC_CTRL_SSBD,
4015         .features[FEAT_ARCH_CAPABILITIES] =
4016             MSR_ARCH_CAP_RDCL_NO | MSR_ARCH_CAP_IBRS_ALL |
4017             MSR_ARCH_CAP_SKIP_L1DFL_VMENTRY | MSR_ARCH_CAP_MDS_NO |
4018             MSR_ARCH_CAP_PSCHANGE_MC_NO | MSR_ARCH_CAP_TAA_NO |
4019             MSR_ARCH_CAP_SBDR_SSDP_NO | MSR_ARCH_CAP_FBSDP_NO |
4020             MSR_ARCH_CAP_PSDP_NO | MSR_ARCH_CAP_PBRSB_NO,
4021         .features[FEAT_XSAVE] =
4022             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
4023             CPUID_XSAVE_XGETBV1 | CPUID_XSAVE_XSAVES | CPUID_D_1_EAX_XFD,
4024         .features[FEAT_6_EAX] =
4025             CPUID_6_EAX_ARAT,
4026         .features[FEAT_7_1_EAX] =
4027             CPUID_7_1_EAX_AVX_VNNI | CPUID_7_1_EAX_AVX512_BF16 |
4028             CPUID_7_1_EAX_FZRM | CPUID_7_1_EAX_FSRS | CPUID_7_1_EAX_FSRC |
4029             CPUID_7_1_EAX_AMX_FP16,
4030         .features[FEAT_7_1_EDX] =
4031             CPUID_7_1_EDX_PREFETCHITI,
4032         .features[FEAT_7_2_EDX] =
4033             CPUID_7_2_EDX_MCDT_NO,
4034         .features[FEAT_VMX_BASIC] =
4035             MSR_VMX_BASIC_INS_OUTS | MSR_VMX_BASIC_TRUE_CTLS,
4036         .features[FEAT_VMX_ENTRY_CTLS] =
4037             VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_IA32E_MODE |
4038             VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL |
4039             VMX_VM_ENTRY_LOAD_IA32_PAT | VMX_VM_ENTRY_LOAD_IA32_EFER,
4040         .features[FEAT_VMX_EPT_VPID_CAPS] =
4041             MSR_VMX_EPT_EXECONLY |
4042             MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_PAGE_WALK_LENGTH_5 |
4043             MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB | MSR_VMX_EPT_1GB |
4044             MSR_VMX_EPT_INVEPT | MSR_VMX_EPT_AD_BITS |
4045             MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
4046             MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
4047             MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT |
4048             MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
4049             MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS,
4050         .features[FEAT_VMX_EXIT_CTLS] =
4051             VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
4052             VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
4053             VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_IA32_PAT |
4054             VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
4055             VMX_VM_EXIT_LOAD_IA32_EFER | VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
4056         .features[FEAT_VMX_MISC] =
4057             MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_ACTIVITY_HLT |
4058             MSR_VMX_MISC_VMWRITE_VMEXIT,
4059         .features[FEAT_VMX_PINBASED_CTLS] =
4060             VMX_PIN_BASED_EXT_INTR_MASK | VMX_PIN_BASED_NMI_EXITING |
4061             VMX_PIN_BASED_VIRTUAL_NMIS | VMX_PIN_BASED_VMX_PREEMPTION_TIMER |
4062             VMX_PIN_BASED_POSTED_INTR,
4063         .features[FEAT_VMX_PROCBASED_CTLS] =
4064             VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
4065             VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
4066             VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
4067             VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
4068             VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
4069             VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
4070             VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_VIRTUAL_NMI_PENDING |
4071             VMX_CPU_BASED_MOV_DR_EXITING | VMX_CPU_BASED_UNCOND_IO_EXITING |
4072             VMX_CPU_BASED_USE_IO_BITMAPS | VMX_CPU_BASED_MONITOR_TRAP_FLAG |
4073             VMX_CPU_BASED_USE_MSR_BITMAPS | VMX_CPU_BASED_MONITOR_EXITING |
4074             VMX_CPU_BASED_PAUSE_EXITING |
4075             VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
4076         .features[FEAT_VMX_SECONDARY_CTLS] =
4077             VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
4078             VMX_SECONDARY_EXEC_ENABLE_EPT | VMX_SECONDARY_EXEC_DESC |
4079             VMX_SECONDARY_EXEC_RDTSCP |
4080             VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
4081             VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_WBINVD_EXITING |
4082             VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
4083             VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
4084             VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
4085             VMX_SECONDARY_EXEC_RDRAND_EXITING |
4086             VMX_SECONDARY_EXEC_ENABLE_INVPCID |
4087             VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
4088             VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML |
4089             VMX_SECONDARY_EXEC_XSAVES,
4090         .features[FEAT_VMX_VMFUNC] =
4091             MSR_VMX_VMFUNC_EPT_SWITCHING,
4092         .xlevel = 0x80000008,
4093         .model_id = "Intel Xeon Processor (GraniteRapids)",
4094         .versions = (X86CPUVersionDefinition[]) {
4095             { .version = 1 },
4096             { /* end of list */ },
4097         },
4098     },
4099     {
4100         .name = "Denverton",
4101         .level = 21,
4102         .vendor = CPUID_VENDOR_INTEL,
4103         .family = 6,
4104         .model = 95,
4105         .stepping = 1,
4106         .features[FEAT_1_EDX] =
4107             CPUID_FP87 | CPUID_VME | CPUID_DE | CPUID_PSE | CPUID_TSC |
4108             CPUID_MSR | CPUID_PAE | CPUID_MCE | CPUID_CX8 | CPUID_APIC |
4109             CPUID_SEP | CPUID_MTRR | CPUID_PGE | CPUID_MCA | CPUID_CMOV |
4110             CPUID_PAT | CPUID_PSE36 | CPUID_CLFLUSH | CPUID_MMX | CPUID_FXSR |
4111             CPUID_SSE | CPUID_SSE2,
4112         .features[FEAT_1_ECX] =
4113             CPUID_EXT_SSE3 | CPUID_EXT_PCLMULQDQ | CPUID_EXT_MONITOR |
4114             CPUID_EXT_SSSE3 | CPUID_EXT_CX16 | CPUID_EXT_SSE41 |
4115             CPUID_EXT_SSE42 | CPUID_EXT_X2APIC | CPUID_EXT_MOVBE |
4116             CPUID_EXT_POPCNT | CPUID_EXT_TSC_DEADLINE_TIMER |
4117             CPUID_EXT_AES | CPUID_EXT_XSAVE | CPUID_EXT_RDRAND,
4118         .features[FEAT_8000_0001_EDX] =
4119             CPUID_EXT2_SYSCALL | CPUID_EXT2_NX | CPUID_EXT2_PDPE1GB |
4120             CPUID_EXT2_RDTSCP | CPUID_EXT2_LM,
4121         .features[FEAT_8000_0001_ECX] =
4122             CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
4123         .features[FEAT_7_0_EBX] =
4124             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_ERMS |
4125             CPUID_7_0_EBX_MPX | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_SMAP |
4126             CPUID_7_0_EBX_CLFLUSHOPT | CPUID_7_0_EBX_SHA_NI,
4127         .features[FEAT_7_0_EDX] =
4128             CPUID_7_0_EDX_SPEC_CTRL | CPUID_7_0_EDX_ARCH_CAPABILITIES |
4129             CPUID_7_0_EDX_SPEC_CTRL_SSBD,
4130         /* XSAVES is added in version 3 */
4131         .features[FEAT_XSAVE] =
4132             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC | CPUID_XSAVE_XGETBV1,
4133         .features[FEAT_6_EAX] =
4134             CPUID_6_EAX_ARAT,
4135         .features[FEAT_ARCH_CAPABILITIES] =
4136             MSR_ARCH_CAP_RDCL_NO | MSR_ARCH_CAP_SKIP_L1DFL_VMENTRY,
4137         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
4138              MSR_VMX_BASIC_TRUE_CTLS,
4139         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
4140              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
4141              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
4142         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
4143              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
4144              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
4145              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
4146              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
4147              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
4148              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
4149         .features[FEAT_VMX_EXIT_CTLS] =
4150              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
4151              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
4152              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
4153              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
4154              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
4155         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
4156              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
4157         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
4158              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
4159              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
4160         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
4161              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
4162              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
4163              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
4164              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
4165              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
4166              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
4167              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
4168              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
4169              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
4170              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
4171              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
4172         .features[FEAT_VMX_SECONDARY_CTLS] =
4173              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
4174              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
4175              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
4176              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
4177              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
4178              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
4179              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
4180              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
4181              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
4182              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
4183         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
4184         .xlevel = 0x80000008,
4185         .model_id = "Intel Atom Processor (Denverton)",
4186         .versions = (X86CPUVersionDefinition[]) {
4187             { .version = 1 },
4188             {
4189                 .version = 2,
4190                 .note = "no MPX, no MONITOR",
4191                 .props = (PropValue[]) {
4192                     { "monitor", "off" },
4193                     { "mpx", "off" },
4194                     { /* end of list */ },
4195                 },
4196             },
4197             {
4198                 .version = 3,
4199                 .note = "XSAVES, no MPX, no MONITOR",
4200                 .props = (PropValue[]) {
4201                     { "xsaves", "on" },
4202                     { "vmx-xsaves", "on" },
4203                     { /* end of list */ },
4204                 },
4205             },
4206             { /* end of list */ },
4207         },
4208     },
4209     {
4210         .name = "Snowridge",
4211         .level = 27,
4212         .vendor = CPUID_VENDOR_INTEL,
4213         .family = 6,
4214         .model = 134,
4215         .stepping = 1,
4216         .features[FEAT_1_EDX] =
4217             /* missing: CPUID_PN CPUID_IA64 */
4218             /* missing: CPUID_DTS, CPUID_HT, CPUID_TM, CPUID_PBE */
4219             CPUID_FP87 | CPUID_VME | CPUID_DE | CPUID_PSE |
4220             CPUID_TSC | CPUID_MSR | CPUID_PAE | CPUID_MCE |
4221             CPUID_CX8 | CPUID_APIC | CPUID_SEP |
4222             CPUID_MTRR | CPUID_PGE | CPUID_MCA | CPUID_CMOV |
4223             CPUID_PAT | CPUID_PSE36 | CPUID_CLFLUSH |
4224             CPUID_MMX |
4225             CPUID_FXSR | CPUID_SSE | CPUID_SSE2,
4226         .features[FEAT_1_ECX] =
4227             CPUID_EXT_SSE3 | CPUID_EXT_PCLMULQDQ | CPUID_EXT_MONITOR |
4228             CPUID_EXT_SSSE3 |
4229             CPUID_EXT_CX16 |
4230             CPUID_EXT_SSE41 |
4231             CPUID_EXT_SSE42 | CPUID_EXT_X2APIC | CPUID_EXT_MOVBE |
4232             CPUID_EXT_POPCNT |
4233             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_AES | CPUID_EXT_XSAVE |
4234             CPUID_EXT_RDRAND,
4235         .features[FEAT_8000_0001_EDX] =
4236             CPUID_EXT2_SYSCALL |
4237             CPUID_EXT2_NX |
4238             CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
4239             CPUID_EXT2_LM,
4240         .features[FEAT_8000_0001_ECX] =
4241             CPUID_EXT3_LAHF_LM |
4242             CPUID_EXT3_3DNOWPREFETCH,
4243         .features[FEAT_7_0_EBX] =
4244             CPUID_7_0_EBX_FSGSBASE |
4245             CPUID_7_0_EBX_SMEP |
4246             CPUID_7_0_EBX_ERMS |
4247             CPUID_7_0_EBX_MPX |  /* missing bits 13, 15 */
4248             CPUID_7_0_EBX_RDSEED |
4249             CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLFLUSHOPT |
4250             CPUID_7_0_EBX_CLWB |
4251             CPUID_7_0_EBX_SHA_NI,
4252         .features[FEAT_7_0_ECX] =
4253             CPUID_7_0_ECX_UMIP |
4254             /* missing bit 5 */
4255             CPUID_7_0_ECX_GFNI |
4256             CPUID_7_0_ECX_MOVDIRI | CPUID_7_0_ECX_CLDEMOTE |
4257             CPUID_7_0_ECX_MOVDIR64B,
4258         .features[FEAT_7_0_EDX] =
4259             CPUID_7_0_EDX_SPEC_CTRL |
4260             CPUID_7_0_EDX_ARCH_CAPABILITIES | CPUID_7_0_EDX_SPEC_CTRL_SSBD |
4261             CPUID_7_0_EDX_CORE_CAPABILITY,
4262         .features[FEAT_CORE_CAPABILITY] =
4263             MSR_CORE_CAP_SPLIT_LOCK_DETECT,
4264         /* XSAVES is added in version 3 */
4265         .features[FEAT_XSAVE] =
4266             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
4267             CPUID_XSAVE_XGETBV1,
4268         .features[FEAT_6_EAX] =
4269             CPUID_6_EAX_ARAT,
4270         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
4271              MSR_VMX_BASIC_TRUE_CTLS,
4272         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
4273              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
4274              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
4275         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
4276              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
4277              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
4278              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
4279              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
4280              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
4281              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
4282         .features[FEAT_VMX_EXIT_CTLS] =
4283              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
4284              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
4285              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
4286              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
4287              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
4288         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
4289              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
4290         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
4291              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
4292              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
4293         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
4294              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
4295              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
4296              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
4297              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
4298              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
4299              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
4300              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
4301              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
4302              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
4303              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
4304              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
4305         .features[FEAT_VMX_SECONDARY_CTLS] =
4306              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
4307              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
4308              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
4309              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
4310              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
4311              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
4312              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
4313              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
4314              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
4315              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
4316         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
4317         .xlevel = 0x80000008,
4318         .model_id = "Intel Atom Processor (SnowRidge)",
4319         .versions = (X86CPUVersionDefinition[]) {
4320             { .version = 1 },
4321             {
4322                 .version = 2,
4323                 .props = (PropValue[]) {
4324                     { "mpx", "off" },
4325                     { "model-id", "Intel Atom Processor (Snowridge, no MPX)" },
4326                     { /* end of list */ },
4327                 },
4328             },
4329             {
4330                 .version = 3,
4331                 .note = "XSAVES, no MPX",
4332                 .props = (PropValue[]) {
4333                     { "xsaves", "on" },
4334                     { "vmx-xsaves", "on" },
4335                     { /* end of list */ },
4336                 },
4337             },
4338             {
4339                 .version = 4,
4340                 .note = "no split lock detect, no core-capability",
4341                 .props = (PropValue[]) {
4342                     { "split-lock-detect", "off" },
4343                     { "core-capability", "off" },
4344                     { /* end of list */ },
4345                 },
4346             },
4347             { /* end of list */ },
4348         },
4349     },
4350     {
4351         .name = "KnightsMill",
4352         .level = 0xd,
4353         .vendor = CPUID_VENDOR_INTEL,
4354         .family = 6,
4355         .model = 133,
4356         .stepping = 0,
4357         .features[FEAT_1_EDX] =
4358             CPUID_VME | CPUID_SS | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR |
4359             CPUID_MMX | CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV |
4360             CPUID_MCA | CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC |
4361             CPUID_CX8 | CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC |
4362             CPUID_PSE | CPUID_DE | CPUID_FP87,
4363         .features[FEAT_1_ECX] =
4364             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
4365             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
4366             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
4367             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
4368             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
4369             CPUID_EXT_F16C | CPUID_EXT_RDRAND,
4370         .features[FEAT_8000_0001_EDX] =
4371             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
4372             CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
4373         .features[FEAT_8000_0001_ECX] =
4374             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
4375         .features[FEAT_7_0_EBX] =
4376             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_AVX2 |
4377             CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS |
4378             CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_AVX512F |
4379             CPUID_7_0_EBX_AVX512CD | CPUID_7_0_EBX_AVX512PF |
4380             CPUID_7_0_EBX_AVX512ER,
4381         .features[FEAT_7_0_ECX] =
4382             CPUID_7_0_ECX_AVX512_VPOPCNTDQ,
4383         .features[FEAT_7_0_EDX] =
4384             CPUID_7_0_EDX_AVX512_4VNNIW | CPUID_7_0_EDX_AVX512_4FMAPS,
4385         .features[FEAT_XSAVE] =
4386             CPUID_XSAVE_XSAVEOPT,
4387         .features[FEAT_6_EAX] =
4388             CPUID_6_EAX_ARAT,
4389         .xlevel = 0x80000008,
4390         .model_id = "Intel Xeon Phi Processor (Knights Mill)",
4391     },
4392     {
4393         .name = "Opteron_G1",
4394         .level = 5,
4395         .vendor = CPUID_VENDOR_AMD,
4396         .family = 15,
4397         .model = 6,
4398         .stepping = 1,
4399         .features[FEAT_1_EDX] =
4400             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
4401             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
4402             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
4403             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
4404             CPUID_DE | CPUID_FP87,
4405         .features[FEAT_1_ECX] =
4406             CPUID_EXT_SSE3,
4407         .features[FEAT_8000_0001_EDX] =
4408             CPUID_EXT2_LM | CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
4409         .xlevel = 0x80000008,
4410         .model_id = "AMD Opteron 240 (Gen 1 Class Opteron)",
4411     },
4412     {
4413         .name = "Opteron_G2",
4414         .level = 5,
4415         .vendor = CPUID_VENDOR_AMD,
4416         .family = 15,
4417         .model = 6,
4418         .stepping = 1,
4419         .features[FEAT_1_EDX] =
4420             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
4421             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
4422             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
4423             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
4424             CPUID_DE | CPUID_FP87,
4425         .features[FEAT_1_ECX] =
4426             CPUID_EXT_CX16 | CPUID_EXT_SSE3,
4427         .features[FEAT_8000_0001_EDX] =
4428             CPUID_EXT2_LM | CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
4429         .features[FEAT_8000_0001_ECX] =
4430             CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM,
4431         .xlevel = 0x80000008,
4432         .model_id = "AMD Opteron 22xx (Gen 2 Class Opteron)",
4433     },
4434     {
4435         .name = "Opteron_G3",
4436         .level = 5,
4437         .vendor = CPUID_VENDOR_AMD,
4438         .family = 16,
4439         .model = 2,
4440         .stepping = 3,
4441         .features[FEAT_1_EDX] =
4442             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
4443             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
4444             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
4445             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
4446             CPUID_DE | CPUID_FP87,
4447         .features[FEAT_1_ECX] =
4448             CPUID_EXT_POPCNT | CPUID_EXT_CX16 | CPUID_EXT_MONITOR |
4449             CPUID_EXT_SSE3,
4450         .features[FEAT_8000_0001_EDX] =
4451             CPUID_EXT2_LM | CPUID_EXT2_NX | CPUID_EXT2_SYSCALL |
4452             CPUID_EXT2_RDTSCP,
4453         .features[FEAT_8000_0001_ECX] =
4454             CPUID_EXT3_MISALIGNSSE | CPUID_EXT3_SSE4A |
4455             CPUID_EXT3_ABM | CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM,
4456         .xlevel = 0x80000008,
4457         .model_id = "AMD Opteron 23xx (Gen 3 Class Opteron)",
4458     },
4459     {
4460         .name = "Opteron_G4",
4461         .level = 0xd,
4462         .vendor = CPUID_VENDOR_AMD,
4463         .family = 21,
4464         .model = 1,
4465         .stepping = 2,
4466         .features[FEAT_1_EDX] =
4467             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
4468             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
4469             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
4470             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
4471             CPUID_DE | CPUID_FP87,
4472         .features[FEAT_1_ECX] =
4473             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
4474             CPUID_EXT_POPCNT | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
4475             CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | CPUID_EXT_PCLMULQDQ |
4476             CPUID_EXT_SSE3,
4477         .features[FEAT_8000_0001_EDX] =
4478             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_NX |
4479             CPUID_EXT2_SYSCALL | CPUID_EXT2_RDTSCP,
4480         .features[FEAT_8000_0001_ECX] =
4481             CPUID_EXT3_FMA4 | CPUID_EXT3_XOP |
4482             CPUID_EXT3_3DNOWPREFETCH | CPUID_EXT3_MISALIGNSSE |
4483             CPUID_EXT3_SSE4A | CPUID_EXT3_ABM | CPUID_EXT3_SVM |
4484             CPUID_EXT3_LAHF_LM,
4485         .features[FEAT_SVM] =
4486             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE,
4487         /* no xsaveopt! */
4488         .xlevel = 0x8000001A,
4489         .model_id = "AMD Opteron 62xx class CPU",
4490     },
4491     {
4492         .name = "Opteron_G5",
4493         .level = 0xd,
4494         .vendor = CPUID_VENDOR_AMD,
4495         .family = 21,
4496         .model = 2,
4497         .stepping = 0,
4498         .features[FEAT_1_EDX] =
4499             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
4500             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
4501             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
4502             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
4503             CPUID_DE | CPUID_FP87,
4504         .features[FEAT_1_ECX] =
4505             CPUID_EXT_F16C | CPUID_EXT_AVX | CPUID_EXT_XSAVE |
4506             CPUID_EXT_AES | CPUID_EXT_POPCNT | CPUID_EXT_SSE42 |
4507             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_FMA |
4508             CPUID_EXT_SSSE3 | CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3,
4509         .features[FEAT_8000_0001_EDX] =
4510             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_NX |
4511             CPUID_EXT2_SYSCALL | CPUID_EXT2_RDTSCP,
4512         .features[FEAT_8000_0001_ECX] =
4513             CPUID_EXT3_TBM | CPUID_EXT3_FMA4 | CPUID_EXT3_XOP |
4514             CPUID_EXT3_3DNOWPREFETCH | CPUID_EXT3_MISALIGNSSE |
4515             CPUID_EXT3_SSE4A | CPUID_EXT3_ABM | CPUID_EXT3_SVM |
4516             CPUID_EXT3_LAHF_LM,
4517         .features[FEAT_SVM] =
4518             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE,
4519         /* no xsaveopt! */
4520         .xlevel = 0x8000001A,
4521         .model_id = "AMD Opteron 63xx class CPU",
4522     },
4523     {
4524         .name = "EPYC",
4525         .level = 0xd,
4526         .vendor = CPUID_VENDOR_AMD,
4527         .family = 23,
4528         .model = 1,
4529         .stepping = 2,
4530         .features[FEAT_1_EDX] =
4531             CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | CPUID_CLFLUSH |
4532             CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | CPUID_PGE |
4533             CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | CPUID_MCE |
4534             CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | CPUID_DE |
4535             CPUID_VME | CPUID_FP87,
4536         .features[FEAT_1_ECX] =
4537             CPUID_EXT_RDRAND | CPUID_EXT_F16C | CPUID_EXT_AVX |
4538             CPUID_EXT_XSAVE | CPUID_EXT_AES |  CPUID_EXT_POPCNT |
4539             CPUID_EXT_MOVBE | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
4540             CPUID_EXT_CX16 | CPUID_EXT_FMA | CPUID_EXT_SSSE3 |
4541             CPUID_EXT_MONITOR | CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3,
4542         .features[FEAT_8000_0001_EDX] =
4543             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_PDPE1GB |
4544             CPUID_EXT2_FFXSR | CPUID_EXT2_MMXEXT | CPUID_EXT2_NX |
4545             CPUID_EXT2_SYSCALL,
4546         .features[FEAT_8000_0001_ECX] =
4547             CPUID_EXT3_OSVW | CPUID_EXT3_3DNOWPREFETCH |
4548             CPUID_EXT3_MISALIGNSSE | CPUID_EXT3_SSE4A | CPUID_EXT3_ABM |
4549             CPUID_EXT3_CR8LEG | CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM |
4550             CPUID_EXT3_TOPOEXT,
4551         .features[FEAT_7_0_EBX] =
4552             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_AVX2 |
4553             CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_RDSEED |
4554             CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLFLUSHOPT |
4555             CPUID_7_0_EBX_SHA_NI,
4556         .features[FEAT_XSAVE] =
4557             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
4558             CPUID_XSAVE_XGETBV1,
4559         .features[FEAT_6_EAX] =
4560             CPUID_6_EAX_ARAT,
4561         .features[FEAT_SVM] =
4562             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE,
4563         .xlevel = 0x8000001E,
4564         .model_id = "AMD EPYC Processor",
4565         .cache_info = &epyc_cache_info,
4566         .versions = (X86CPUVersionDefinition[]) {
4567             { .version = 1 },
4568             {
4569                 .version = 2,
4570                 .alias = "EPYC-IBPB",
4571                 .props = (PropValue[]) {
4572                     { "ibpb", "on" },
4573                     { "model-id",
4574                       "AMD EPYC Processor (with IBPB)" },
4575                     { /* end of list */ }
4576                 }
4577             },
4578             {
4579                 .version = 3,
4580                 .props = (PropValue[]) {
4581                     { "ibpb", "on" },
4582                     { "perfctr-core", "on" },
4583                     { "clzero", "on" },
4584                     { "xsaveerptr", "on" },
4585                     { "xsaves", "on" },
4586                     { "model-id",
4587                       "AMD EPYC Processor" },
4588                     { /* end of list */ }
4589                 }
4590             },
4591             {
4592                 .version = 4,
4593                 .props = (PropValue[]) {
4594                     { "model-id",
4595                       "AMD EPYC-v4 Processor" },
4596                     { /* end of list */ }
4597                 },
4598                 .cache_info = &epyc_v4_cache_info
4599             },
4600             { /* end of list */ }
4601         }
4602     },
4603     {
4604         .name = "Dhyana",
4605         .level = 0xd,
4606         .vendor = CPUID_VENDOR_HYGON,
4607         .family = 24,
4608         .model = 0,
4609         .stepping = 1,
4610         .features[FEAT_1_EDX] =
4611             CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | CPUID_CLFLUSH |
4612             CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | CPUID_PGE |
4613             CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | CPUID_MCE |
4614             CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | CPUID_DE |
4615             CPUID_VME | CPUID_FP87,
4616         .features[FEAT_1_ECX] =
4617             CPUID_EXT_RDRAND | CPUID_EXT_F16C | CPUID_EXT_AVX |
4618             CPUID_EXT_XSAVE | CPUID_EXT_POPCNT |
4619             CPUID_EXT_MOVBE | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
4620             CPUID_EXT_CX16 | CPUID_EXT_FMA | CPUID_EXT_SSSE3 |
4621             CPUID_EXT_MONITOR | CPUID_EXT_SSE3,
4622         .features[FEAT_8000_0001_EDX] =
4623             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_PDPE1GB |
4624             CPUID_EXT2_FFXSR | CPUID_EXT2_MMXEXT | CPUID_EXT2_NX |
4625             CPUID_EXT2_SYSCALL,
4626         .features[FEAT_8000_0001_ECX] =
4627             CPUID_EXT3_OSVW | CPUID_EXT3_3DNOWPREFETCH |
4628             CPUID_EXT3_MISALIGNSSE | CPUID_EXT3_SSE4A | CPUID_EXT3_ABM |
4629             CPUID_EXT3_CR8LEG | CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM |
4630             CPUID_EXT3_TOPOEXT,
4631         .features[FEAT_8000_0008_EBX] =
4632             CPUID_8000_0008_EBX_IBPB,
4633         .features[FEAT_7_0_EBX] =
4634             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_AVX2 |
4635             CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_RDSEED |
4636             CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLFLUSHOPT,
4637         /* XSAVES is added in version 2 */
4638         .features[FEAT_XSAVE] =
4639             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
4640             CPUID_XSAVE_XGETBV1,
4641         .features[FEAT_6_EAX] =
4642             CPUID_6_EAX_ARAT,
4643         .features[FEAT_SVM] =
4644             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE,
4645         .xlevel = 0x8000001E,
4646         .model_id = "Hygon Dhyana Processor",
4647         .cache_info = &epyc_cache_info,
4648         .versions = (X86CPUVersionDefinition[]) {
4649             { .version = 1 },
4650             { .version = 2,
4651               .note = "XSAVES",
4652               .props = (PropValue[]) {
4653                   { "xsaves", "on" },
4654                   { /* end of list */ }
4655               },
4656             },
4657             { /* end of list */ }
4658         }
4659     },
4660     {
4661         .name = "EPYC-Rome",
4662         .level = 0xd,
4663         .vendor = CPUID_VENDOR_AMD,
4664         .family = 23,
4665         .model = 49,
4666         .stepping = 0,
4667         .features[FEAT_1_EDX] =
4668             CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | CPUID_CLFLUSH |
4669             CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | CPUID_PGE |
4670             CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | CPUID_MCE |
4671             CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | CPUID_DE |
4672             CPUID_VME | CPUID_FP87,
4673         .features[FEAT_1_ECX] =
4674             CPUID_EXT_RDRAND | CPUID_EXT_F16C | CPUID_EXT_AVX |
4675             CPUID_EXT_XSAVE | CPUID_EXT_AES |  CPUID_EXT_POPCNT |
4676             CPUID_EXT_MOVBE | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
4677             CPUID_EXT_CX16 | CPUID_EXT_FMA | CPUID_EXT_SSSE3 |
4678             CPUID_EXT_MONITOR | CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3,
4679         .features[FEAT_8000_0001_EDX] =
4680             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_PDPE1GB |
4681             CPUID_EXT2_FFXSR | CPUID_EXT2_MMXEXT | CPUID_EXT2_NX |
4682             CPUID_EXT2_SYSCALL,
4683         .features[FEAT_8000_0001_ECX] =
4684             CPUID_EXT3_OSVW | CPUID_EXT3_3DNOWPREFETCH |
4685             CPUID_EXT3_MISALIGNSSE | CPUID_EXT3_SSE4A | CPUID_EXT3_ABM |
4686             CPUID_EXT3_CR8LEG | CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM |
4687             CPUID_EXT3_TOPOEXT | CPUID_EXT3_PERFCORE,
4688         .features[FEAT_8000_0008_EBX] =
4689             CPUID_8000_0008_EBX_CLZERO | CPUID_8000_0008_EBX_XSAVEERPTR |
4690             CPUID_8000_0008_EBX_WBNOINVD | CPUID_8000_0008_EBX_IBPB |
4691             CPUID_8000_0008_EBX_STIBP,
4692         .features[FEAT_7_0_EBX] =
4693             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_AVX2 |
4694             CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_RDSEED |
4695             CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLFLUSHOPT |
4696             CPUID_7_0_EBX_SHA_NI | CPUID_7_0_EBX_CLWB,
4697         .features[FEAT_7_0_ECX] =
4698             CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_RDPID,
4699         .features[FEAT_XSAVE] =
4700             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
4701             CPUID_XSAVE_XGETBV1 | CPUID_XSAVE_XSAVES,
4702         .features[FEAT_6_EAX] =
4703             CPUID_6_EAX_ARAT,
4704         .features[FEAT_SVM] =
4705             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE,
4706         .xlevel = 0x8000001E,
4707         .model_id = "AMD EPYC-Rome Processor",
4708         .cache_info = &epyc_rome_cache_info,
4709         .versions = (X86CPUVersionDefinition[]) {
4710             { .version = 1 },
4711             {
4712                 .version = 2,
4713                 .props = (PropValue[]) {
4714                     { "ibrs", "on" },
4715                     { "amd-ssbd", "on" },
4716                     { /* end of list */ }
4717                 }
4718             },
4719             {
4720                 .version = 3,
4721                 .props = (PropValue[]) {
4722                     { "model-id",
4723                       "AMD EPYC-Rome-v3 Processor" },
4724                     { /* end of list */ }
4725                 },
4726                 .cache_info = &epyc_rome_v3_cache_info
4727             },
4728             {
4729                 .version = 4,
4730                 .props = (PropValue[]) {
4731                     /* Erratum 1386 */
4732                     { "model-id",
4733                       "AMD EPYC-Rome-v4 Processor (no XSAVES)" },
4734                     { "xsaves", "off" },
4735                     { /* end of list */ }
4736                 },
4737             },
4738             { /* end of list */ }
4739         }
4740     },
4741     {
4742         .name = "EPYC-Milan",
4743         .level = 0xd,
4744         .vendor = CPUID_VENDOR_AMD,
4745         .family = 25,
4746         .model = 1,
4747         .stepping = 1,
4748         .features[FEAT_1_EDX] =
4749             CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | CPUID_CLFLUSH |
4750             CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | CPUID_PGE |
4751             CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | CPUID_MCE |
4752             CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | CPUID_DE |
4753             CPUID_VME | CPUID_FP87,
4754         .features[FEAT_1_ECX] =
4755             CPUID_EXT_RDRAND | CPUID_EXT_F16C | CPUID_EXT_AVX |
4756             CPUID_EXT_XSAVE | CPUID_EXT_AES |  CPUID_EXT_POPCNT |
4757             CPUID_EXT_MOVBE | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
4758             CPUID_EXT_CX16 | CPUID_EXT_FMA | CPUID_EXT_SSSE3 |
4759             CPUID_EXT_MONITOR | CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
4760             CPUID_EXT_PCID,
4761         .features[FEAT_8000_0001_EDX] =
4762             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_PDPE1GB |
4763             CPUID_EXT2_FFXSR | CPUID_EXT2_MMXEXT | CPUID_EXT2_NX |
4764             CPUID_EXT2_SYSCALL,
4765         .features[FEAT_8000_0001_ECX] =
4766             CPUID_EXT3_OSVW | CPUID_EXT3_3DNOWPREFETCH |
4767             CPUID_EXT3_MISALIGNSSE | CPUID_EXT3_SSE4A | CPUID_EXT3_ABM |
4768             CPUID_EXT3_CR8LEG | CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM |
4769             CPUID_EXT3_TOPOEXT | CPUID_EXT3_PERFCORE,
4770         .features[FEAT_8000_0008_EBX] =
4771             CPUID_8000_0008_EBX_CLZERO | CPUID_8000_0008_EBX_XSAVEERPTR |
4772             CPUID_8000_0008_EBX_WBNOINVD | CPUID_8000_0008_EBX_IBPB |
4773             CPUID_8000_0008_EBX_IBRS | CPUID_8000_0008_EBX_STIBP |
4774             CPUID_8000_0008_EBX_AMD_SSBD,
4775         .features[FEAT_7_0_EBX] =
4776             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_AVX2 |
4777             CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_RDSEED |
4778             CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLFLUSHOPT |
4779             CPUID_7_0_EBX_SHA_NI | CPUID_7_0_EBX_CLWB | CPUID_7_0_EBX_ERMS |
4780             CPUID_7_0_EBX_INVPCID,
4781         .features[FEAT_7_0_ECX] =
4782             CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_RDPID | CPUID_7_0_ECX_PKU,
4783         .features[FEAT_7_0_EDX] =
4784             CPUID_7_0_EDX_FSRM,
4785         .features[FEAT_XSAVE] =
4786             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
4787             CPUID_XSAVE_XGETBV1 | CPUID_XSAVE_XSAVES,
4788         .features[FEAT_6_EAX] =
4789             CPUID_6_EAX_ARAT,
4790         .features[FEAT_SVM] =
4791             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE | CPUID_SVM_SVME_ADDR_CHK,
4792         .xlevel = 0x8000001E,
4793         .model_id = "AMD EPYC-Milan Processor",
4794         .cache_info = &epyc_milan_cache_info,
4795         .versions = (X86CPUVersionDefinition[]) {
4796             { .version = 1 },
4797             {
4798                 .version = 2,
4799                 .props = (PropValue[]) {
4800                     { "model-id",
4801                       "AMD EPYC-Milan-v2 Processor" },
4802                     { "vaes", "on" },
4803                     { "vpclmulqdq", "on" },
4804                     { "stibp-always-on", "on" },
4805                     { "amd-psfd", "on" },
4806                     { "no-nested-data-bp", "on" },
4807                     { "lfence-always-serializing", "on" },
4808                     { "null-sel-clr-base", "on" },
4809                     { /* end of list */ }
4810                 },
4811                 .cache_info = &epyc_milan_v2_cache_info
4812             },
4813             { /* end of list */ }
4814         }
4815     },
4816     {
4817         .name = "EPYC-Genoa",
4818         .level = 0xd,
4819         .vendor = CPUID_VENDOR_AMD,
4820         .family = 25,
4821         .model = 17,
4822         .stepping = 0,
4823         .features[FEAT_1_EDX] =
4824             CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | CPUID_CLFLUSH |
4825             CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | CPUID_PGE |
4826             CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | CPUID_MCE |
4827             CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | CPUID_DE |
4828             CPUID_VME | CPUID_FP87,
4829         .features[FEAT_1_ECX] =
4830             CPUID_EXT_RDRAND | CPUID_EXT_F16C | CPUID_EXT_AVX |
4831             CPUID_EXT_XSAVE | CPUID_EXT_AES |  CPUID_EXT_POPCNT |
4832             CPUID_EXT_MOVBE | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
4833             CPUID_EXT_PCID | CPUID_EXT_CX16 | CPUID_EXT_FMA |
4834             CPUID_EXT_SSSE3 | CPUID_EXT_MONITOR | CPUID_EXT_PCLMULQDQ |
4835             CPUID_EXT_SSE3,
4836         .features[FEAT_8000_0001_EDX] =
4837             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_PDPE1GB |
4838             CPUID_EXT2_FFXSR | CPUID_EXT2_MMXEXT | CPUID_EXT2_NX |
4839             CPUID_EXT2_SYSCALL,
4840         .features[FEAT_8000_0001_ECX] =
4841             CPUID_EXT3_OSVW | CPUID_EXT3_3DNOWPREFETCH |
4842             CPUID_EXT3_MISALIGNSSE | CPUID_EXT3_SSE4A | CPUID_EXT3_ABM |
4843             CPUID_EXT3_CR8LEG | CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM |
4844             CPUID_EXT3_TOPOEXT | CPUID_EXT3_PERFCORE,
4845         .features[FEAT_8000_0008_EBX] =
4846             CPUID_8000_0008_EBX_CLZERO | CPUID_8000_0008_EBX_XSAVEERPTR |
4847             CPUID_8000_0008_EBX_WBNOINVD | CPUID_8000_0008_EBX_IBPB |
4848             CPUID_8000_0008_EBX_IBRS | CPUID_8000_0008_EBX_STIBP |
4849             CPUID_8000_0008_EBX_STIBP_ALWAYS_ON |
4850             CPUID_8000_0008_EBX_AMD_SSBD | CPUID_8000_0008_EBX_AMD_PSFD,
4851         .features[FEAT_8000_0021_EAX] =
4852             CPUID_8000_0021_EAX_No_NESTED_DATA_BP |
4853             CPUID_8000_0021_EAX_LFENCE_ALWAYS_SERIALIZING |
4854             CPUID_8000_0021_EAX_NULL_SEL_CLR_BASE |
4855             CPUID_8000_0021_EAX_AUTO_IBRS,
4856         .features[FEAT_7_0_EBX] =
4857             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_AVX2 |
4858             CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS |
4859             CPUID_7_0_EBX_INVPCID | CPUID_7_0_EBX_AVX512F |
4860             CPUID_7_0_EBX_AVX512DQ | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
4861             CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_AVX512IFMA |
4862             CPUID_7_0_EBX_CLFLUSHOPT | CPUID_7_0_EBX_CLWB |
4863             CPUID_7_0_EBX_AVX512CD | CPUID_7_0_EBX_SHA_NI |
4864             CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512VL,
4865         .features[FEAT_7_0_ECX] =
4866             CPUID_7_0_ECX_AVX512_VBMI | CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_PKU |
4867             CPUID_7_0_ECX_AVX512_VBMI2 | CPUID_7_0_ECX_GFNI |
4868             CPUID_7_0_ECX_VAES | CPUID_7_0_ECX_VPCLMULQDQ |
4869             CPUID_7_0_ECX_AVX512VNNI | CPUID_7_0_ECX_AVX512BITALG |
4870             CPUID_7_0_ECX_AVX512_VPOPCNTDQ | CPUID_7_0_ECX_LA57 |
4871             CPUID_7_0_ECX_RDPID,
4872         .features[FEAT_7_0_EDX] =
4873             CPUID_7_0_EDX_FSRM,
4874         .features[FEAT_7_1_EAX] =
4875             CPUID_7_1_EAX_AVX512_BF16,
4876         .features[FEAT_XSAVE] =
4877             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
4878             CPUID_XSAVE_XGETBV1 | CPUID_XSAVE_XSAVES,
4879         .features[FEAT_6_EAX] =
4880             CPUID_6_EAX_ARAT,
4881         .features[FEAT_SVM] =
4882             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE | CPUID_SVM_VNMI |
4883             CPUID_SVM_SVME_ADDR_CHK,
4884         .xlevel = 0x80000022,
4885         .model_id = "AMD EPYC-Genoa Processor",
4886         .cache_info = &epyc_genoa_cache_info,
4887     },
4888 };
4889 
4890 /*
4891  * We resolve CPU model aliases using -v1 when using "-machine
4892  * none", but this is just for compatibility while libvirt isn't
4893  * adapted to resolve CPU model versions before creating VMs.
4894  * See "Runnability guarantee of CPU models" at
4895  * docs/about/deprecated.rst.
4896  */
4897 X86CPUVersion default_cpu_version = 1;
4898 
4899 void x86_cpu_set_default_version(X86CPUVersion version)
4900 {
4901     /* Translating CPU_VERSION_AUTO to CPU_VERSION_AUTO doesn't make sense */
4902     assert(version != CPU_VERSION_AUTO);
4903     default_cpu_version = version;
4904 }
4905 
4906 static X86CPUVersion x86_cpu_model_last_version(const X86CPUModel *model)
4907 {
4908     int v = 0;
4909     const X86CPUVersionDefinition *vdef =
4910         x86_cpu_def_get_versions(model->cpudef);
4911     while (vdef->version) {
4912         v = vdef->version;
4913         vdef++;
4914     }
4915     return v;
4916 }
4917 
4918 /* Return the actual version being used for a specific CPU model */
4919 static X86CPUVersion x86_cpu_model_resolve_version(const X86CPUModel *model)
4920 {
4921     X86CPUVersion v = model->version;
4922     if (v == CPU_VERSION_AUTO) {
4923         v = default_cpu_version;
4924     }
4925     if (v == CPU_VERSION_LATEST) {
4926         return x86_cpu_model_last_version(model);
4927     }
4928     return v;
4929 }
4930 
4931 static Property max_x86_cpu_properties[] = {
4932     DEFINE_PROP_BOOL("migratable", X86CPU, migratable, true),
4933     DEFINE_PROP_BOOL("host-cache-info", X86CPU, cache_info_passthrough, false),
4934     DEFINE_PROP_END_OF_LIST()
4935 };
4936 
4937 static void max_x86_cpu_realize(DeviceState *dev, Error **errp)
4938 {
4939     Object *obj = OBJECT(dev);
4940 
4941     if (!object_property_get_int(obj, "family", &error_abort)) {
4942         if (X86_CPU(obj)->env.features[FEAT_8000_0001_EDX] & CPUID_EXT2_LM) {
4943             object_property_set_int(obj, "family", 15, &error_abort);
4944             object_property_set_int(obj, "model", 107, &error_abort);
4945             object_property_set_int(obj, "stepping", 1, &error_abort);
4946         } else {
4947             object_property_set_int(obj, "family", 6, &error_abort);
4948             object_property_set_int(obj, "model", 6, &error_abort);
4949             object_property_set_int(obj, "stepping", 3, &error_abort);
4950         }
4951     }
4952 
4953     x86_cpu_realizefn(dev, errp);
4954 }
4955 
4956 static void max_x86_cpu_class_init(ObjectClass *oc, void *data)
4957 {
4958     DeviceClass *dc = DEVICE_CLASS(oc);
4959     X86CPUClass *xcc = X86_CPU_CLASS(oc);
4960 
4961     xcc->ordering = 9;
4962 
4963     xcc->model_description =
4964         "Enables all features supported by the accelerator in the current host";
4965 
4966     device_class_set_props(dc, max_x86_cpu_properties);
4967     dc->realize = max_x86_cpu_realize;
4968 }
4969 
4970 static void max_x86_cpu_initfn(Object *obj)
4971 {
4972     X86CPU *cpu = X86_CPU(obj);
4973 
4974     /* We can't fill the features array here because we don't know yet if
4975      * "migratable" is true or false.
4976      */
4977     cpu->max_features = true;
4978     object_property_set_bool(OBJECT(cpu), "pmu", true, &error_abort);
4979 
4980     /*
4981      * these defaults are used for TCG and all other accelerators
4982      * besides KVM and HVF, which overwrite these values
4983      */
4984     object_property_set_str(OBJECT(cpu), "vendor", CPUID_VENDOR_AMD,
4985                             &error_abort);
4986     object_property_set_str(OBJECT(cpu), "model-id",
4987                             "QEMU TCG CPU version " QEMU_HW_VERSION,
4988                             &error_abort);
4989 }
4990 
4991 static const TypeInfo max_x86_cpu_type_info = {
4992     .name = X86_CPU_TYPE_NAME("max"),
4993     .parent = TYPE_X86_CPU,
4994     .instance_init = max_x86_cpu_initfn,
4995     .class_init = max_x86_cpu_class_init,
4996 };
4997 
4998 static char *feature_word_description(FeatureWordInfo *f, uint32_t bit)
4999 {
5000     assert(f->type == CPUID_FEATURE_WORD || f->type == MSR_FEATURE_WORD);
5001 
5002     switch (f->type) {
5003     case CPUID_FEATURE_WORD:
5004         {
5005             const char *reg = get_register_name_32(f->cpuid.reg);
5006             assert(reg);
5007             return g_strdup_printf("CPUID.%02XH:%s",
5008                                    f->cpuid.eax, reg);
5009         }
5010     case MSR_FEATURE_WORD:
5011         return g_strdup_printf("MSR(%02XH)",
5012                                f->msr.index);
5013     }
5014 
5015     return NULL;
5016 }
5017 
5018 static bool x86_cpu_have_filtered_features(X86CPU *cpu)
5019 {
5020     FeatureWord w;
5021 
5022     for (w = 0; w < FEATURE_WORDS; w++) {
5023         if (cpu->filtered_features[w]) {
5024             return true;
5025         }
5026     }
5027 
5028     return false;
5029 }
5030 
5031 static void mark_unavailable_features(X86CPU *cpu, FeatureWord w, uint64_t mask,
5032                                       const char *verbose_prefix)
5033 {
5034     CPUX86State *env = &cpu->env;
5035     FeatureWordInfo *f = &feature_word_info[w];
5036     int i;
5037 
5038     if (!cpu->force_features) {
5039         env->features[w] &= ~mask;
5040     }
5041     cpu->filtered_features[w] |= mask;
5042 
5043     if (!verbose_prefix) {
5044         return;
5045     }
5046 
5047     for (i = 0; i < 64; ++i) {
5048         if ((1ULL << i) & mask) {
5049             g_autofree char *feat_word_str = feature_word_description(f, i);
5050             warn_report("%s: %s%s%s [bit %d]",
5051                         verbose_prefix,
5052                         feat_word_str,
5053                         f->feat_names[i] ? "." : "",
5054                         f->feat_names[i] ? f->feat_names[i] : "", i);
5055         }
5056     }
5057 }
5058 
5059 static void x86_cpuid_version_get_family(Object *obj, Visitor *v,
5060                                          const char *name, void *opaque,
5061                                          Error **errp)
5062 {
5063     X86CPU *cpu = X86_CPU(obj);
5064     CPUX86State *env = &cpu->env;
5065     int64_t value;
5066 
5067     value = (env->cpuid_version >> 8) & 0xf;
5068     if (value == 0xf) {
5069         value += (env->cpuid_version >> 20) & 0xff;
5070     }
5071     visit_type_int(v, name, &value, errp);
5072 }
5073 
5074 static void x86_cpuid_version_set_family(Object *obj, Visitor *v,
5075                                          const char *name, void *opaque,
5076                                          Error **errp)
5077 {
5078     X86CPU *cpu = X86_CPU(obj);
5079     CPUX86State *env = &cpu->env;
5080     const int64_t min = 0;
5081     const int64_t max = 0xff + 0xf;
5082     int64_t value;
5083 
5084     if (!visit_type_int(v, name, &value, errp)) {
5085         return;
5086     }
5087     if (value < min || value > max) {
5088         error_setg(errp, QERR_PROPERTY_VALUE_OUT_OF_RANGE, "",
5089                    name ? name : "null", value, min, max);
5090         return;
5091     }
5092 
5093     env->cpuid_version &= ~0xff00f00;
5094     if (value > 0x0f) {
5095         env->cpuid_version |= 0xf00 | ((value - 0x0f) << 20);
5096     } else {
5097         env->cpuid_version |= value << 8;
5098     }
5099 }
5100 
5101 static void x86_cpuid_version_get_model(Object *obj, Visitor *v,
5102                                         const char *name, void *opaque,
5103                                         Error **errp)
5104 {
5105     X86CPU *cpu = X86_CPU(obj);
5106     CPUX86State *env = &cpu->env;
5107     int64_t value;
5108 
5109     value = (env->cpuid_version >> 4) & 0xf;
5110     value |= ((env->cpuid_version >> 16) & 0xf) << 4;
5111     visit_type_int(v, name, &value, errp);
5112 }
5113 
5114 static void x86_cpuid_version_set_model(Object *obj, Visitor *v,
5115                                         const char *name, void *opaque,
5116                                         Error **errp)
5117 {
5118     X86CPU *cpu = X86_CPU(obj);
5119     CPUX86State *env = &cpu->env;
5120     const int64_t min = 0;
5121     const int64_t max = 0xff;
5122     int64_t value;
5123 
5124     if (!visit_type_int(v, name, &value, errp)) {
5125         return;
5126     }
5127     if (value < min || value > max) {
5128         error_setg(errp, QERR_PROPERTY_VALUE_OUT_OF_RANGE, "",
5129                    name ? name : "null", value, min, max);
5130         return;
5131     }
5132 
5133     env->cpuid_version &= ~0xf00f0;
5134     env->cpuid_version |= ((value & 0xf) << 4) | ((value >> 4) << 16);
5135 }
5136 
5137 static void x86_cpuid_version_get_stepping(Object *obj, Visitor *v,
5138                                            const char *name, void *opaque,
5139                                            Error **errp)
5140 {
5141     X86CPU *cpu = X86_CPU(obj);
5142     CPUX86State *env = &cpu->env;
5143     int64_t value;
5144 
5145     value = env->cpuid_version & 0xf;
5146     visit_type_int(v, name, &value, errp);
5147 }
5148 
5149 static void x86_cpuid_version_set_stepping(Object *obj, Visitor *v,
5150                                            const char *name, void *opaque,
5151                                            Error **errp)
5152 {
5153     X86CPU *cpu = X86_CPU(obj);
5154     CPUX86State *env = &cpu->env;
5155     const int64_t min = 0;
5156     const int64_t max = 0xf;
5157     int64_t value;
5158 
5159     if (!visit_type_int(v, name, &value, errp)) {
5160         return;
5161     }
5162     if (value < min || value > max) {
5163         error_setg(errp, QERR_PROPERTY_VALUE_OUT_OF_RANGE, "",
5164                    name ? name : "null", value, min, max);
5165         return;
5166     }
5167 
5168     env->cpuid_version &= ~0xf;
5169     env->cpuid_version |= value & 0xf;
5170 }
5171 
5172 static char *x86_cpuid_get_vendor(Object *obj, Error **errp)
5173 {
5174     X86CPU *cpu = X86_CPU(obj);
5175     CPUX86State *env = &cpu->env;
5176     char *value;
5177 
5178     value = g_malloc(CPUID_VENDOR_SZ + 1);
5179     x86_cpu_vendor_words2str(value, env->cpuid_vendor1, env->cpuid_vendor2,
5180                              env->cpuid_vendor3);
5181     return value;
5182 }
5183 
5184 static void x86_cpuid_set_vendor(Object *obj, const char *value,
5185                                  Error **errp)
5186 {
5187     X86CPU *cpu = X86_CPU(obj);
5188     CPUX86State *env = &cpu->env;
5189     int i;
5190 
5191     if (strlen(value) != CPUID_VENDOR_SZ) {
5192         error_setg(errp, QERR_PROPERTY_VALUE_BAD, "", "vendor", value);
5193         return;
5194     }
5195 
5196     env->cpuid_vendor1 = 0;
5197     env->cpuid_vendor2 = 0;
5198     env->cpuid_vendor3 = 0;
5199     for (i = 0; i < 4; i++) {
5200         env->cpuid_vendor1 |= ((uint8_t)value[i    ]) << (8 * i);
5201         env->cpuid_vendor2 |= ((uint8_t)value[i + 4]) << (8 * i);
5202         env->cpuid_vendor3 |= ((uint8_t)value[i + 8]) << (8 * i);
5203     }
5204 }
5205 
5206 static char *x86_cpuid_get_model_id(Object *obj, Error **errp)
5207 {
5208     X86CPU *cpu = X86_CPU(obj);
5209     CPUX86State *env = &cpu->env;
5210     char *value;
5211     int i;
5212 
5213     value = g_malloc(48 + 1);
5214     for (i = 0; i < 48; i++) {
5215         value[i] = env->cpuid_model[i >> 2] >> (8 * (i & 3));
5216     }
5217     value[48] = '\0';
5218     return value;
5219 }
5220 
5221 static void x86_cpuid_set_model_id(Object *obj, const char *model_id,
5222                                    Error **errp)
5223 {
5224     X86CPU *cpu = X86_CPU(obj);
5225     CPUX86State *env = &cpu->env;
5226     int c, len, i;
5227 
5228     if (model_id == NULL) {
5229         model_id = "";
5230     }
5231     len = strlen(model_id);
5232     memset(env->cpuid_model, 0, 48);
5233     for (i = 0; i < 48; i++) {
5234         if (i >= len) {
5235             c = '\0';
5236         } else {
5237             c = (uint8_t)model_id[i];
5238         }
5239         env->cpuid_model[i >> 2] |= c << (8 * (i & 3));
5240     }
5241 }
5242 
5243 static void x86_cpuid_get_tsc_freq(Object *obj, Visitor *v, const char *name,
5244                                    void *opaque, Error **errp)
5245 {
5246     X86CPU *cpu = X86_CPU(obj);
5247     int64_t value;
5248 
5249     value = cpu->env.tsc_khz * 1000;
5250     visit_type_int(v, name, &value, errp);
5251 }
5252 
5253 static void x86_cpuid_set_tsc_freq(Object *obj, Visitor *v, const char *name,
5254                                    void *opaque, Error **errp)
5255 {
5256     X86CPU *cpu = X86_CPU(obj);
5257     const int64_t min = 0;
5258     const int64_t max = INT64_MAX;
5259     int64_t value;
5260 
5261     if (!visit_type_int(v, name, &value, errp)) {
5262         return;
5263     }
5264     if (value < min || value > max) {
5265         error_setg(errp, QERR_PROPERTY_VALUE_OUT_OF_RANGE, "",
5266                    name ? name : "null", value, min, max);
5267         return;
5268     }
5269 
5270     cpu->env.tsc_khz = cpu->env.user_tsc_khz = value / 1000;
5271 }
5272 
5273 /* Generic getter for "feature-words" and "filtered-features" properties */
5274 static void x86_cpu_get_feature_words(Object *obj, Visitor *v,
5275                                       const char *name, void *opaque,
5276                                       Error **errp)
5277 {
5278     uint64_t *array = (uint64_t *)opaque;
5279     FeatureWord w;
5280     X86CPUFeatureWordInfo word_infos[FEATURE_WORDS] = { };
5281     X86CPUFeatureWordInfoList list_entries[FEATURE_WORDS] = { };
5282     X86CPUFeatureWordInfoList *list = NULL;
5283 
5284     for (w = 0; w < FEATURE_WORDS; w++) {
5285         FeatureWordInfo *wi = &feature_word_info[w];
5286         /*
5287                 * We didn't have MSR features when "feature-words" was
5288                 *  introduced. Therefore skipped other type entries.
5289                 */
5290         if (wi->type != CPUID_FEATURE_WORD) {
5291             continue;
5292         }
5293         X86CPUFeatureWordInfo *qwi = &word_infos[w];
5294         qwi->cpuid_input_eax = wi->cpuid.eax;
5295         qwi->has_cpuid_input_ecx = wi->cpuid.needs_ecx;
5296         qwi->cpuid_input_ecx = wi->cpuid.ecx;
5297         qwi->cpuid_register = x86_reg_info_32[wi->cpuid.reg].qapi_enum;
5298         qwi->features = array[w];
5299 
5300         /* List will be in reverse order, but order shouldn't matter */
5301         list_entries[w].next = list;
5302         list_entries[w].value = &word_infos[w];
5303         list = &list_entries[w];
5304     }
5305 
5306     visit_type_X86CPUFeatureWordInfoList(v, "feature-words", &list, errp);
5307 }
5308 
5309 /* Convert all '_' in a feature string option name to '-', to make feature
5310  * name conform to QOM property naming rule, which uses '-' instead of '_'.
5311  */
5312 static inline void feat2prop(char *s)
5313 {
5314     while ((s = strchr(s, '_'))) {
5315         *s = '-';
5316     }
5317 }
5318 
5319 /* Return the feature property name for a feature flag bit */
5320 static const char *x86_cpu_feature_name(FeatureWord w, int bitnr)
5321 {
5322     const char *name;
5323     /* XSAVE components are automatically enabled by other features,
5324      * so return the original feature name instead
5325      */
5326     if (w == FEAT_XSAVE_XCR0_LO || w == FEAT_XSAVE_XCR0_HI) {
5327         int comp = (w == FEAT_XSAVE_XCR0_HI) ? bitnr + 32 : bitnr;
5328 
5329         if (comp < ARRAY_SIZE(x86_ext_save_areas) &&
5330             x86_ext_save_areas[comp].bits) {
5331             w = x86_ext_save_areas[comp].feature;
5332             bitnr = ctz32(x86_ext_save_areas[comp].bits);
5333         }
5334     }
5335 
5336     assert(bitnr < 64);
5337     assert(w < FEATURE_WORDS);
5338     name = feature_word_info[w].feat_names[bitnr];
5339     assert(bitnr < 32 || !(name && feature_word_info[w].type == CPUID_FEATURE_WORD));
5340     return name;
5341 }
5342 
5343 /* Compatibility hack to maintain legacy +-feat semantic,
5344  * where +-feat overwrites any feature set by
5345  * feat=on|feat even if the later is parsed after +-feat
5346  * (i.e. "-x2apic,x2apic=on" will result in x2apic disabled)
5347  */
5348 static GList *plus_features, *minus_features;
5349 
5350 static gint compare_string(gconstpointer a, gconstpointer b)
5351 {
5352     return g_strcmp0(a, b);
5353 }
5354 
5355 /* Parse "+feature,-feature,feature=foo" CPU feature string
5356  */
5357 static void x86_cpu_parse_featurestr(const char *typename, char *features,
5358                                      Error **errp)
5359 {
5360     char *featurestr; /* Single 'key=value" string being parsed */
5361     static bool cpu_globals_initialized;
5362     bool ambiguous = false;
5363 
5364     if (cpu_globals_initialized) {
5365         return;
5366     }
5367     cpu_globals_initialized = true;
5368 
5369     if (!features) {
5370         return;
5371     }
5372 
5373     for (featurestr = strtok(features, ",");
5374          featurestr;
5375          featurestr = strtok(NULL, ",")) {
5376         const char *name;
5377         const char *val = NULL;
5378         char *eq = NULL;
5379         char num[32];
5380         GlobalProperty *prop;
5381 
5382         /* Compatibility syntax: */
5383         if (featurestr[0] == '+') {
5384             plus_features = g_list_append(plus_features,
5385                                           g_strdup(featurestr + 1));
5386             continue;
5387         } else if (featurestr[0] == '-') {
5388             minus_features = g_list_append(minus_features,
5389                                            g_strdup(featurestr + 1));
5390             continue;
5391         }
5392 
5393         eq = strchr(featurestr, '=');
5394         if (eq) {
5395             *eq++ = 0;
5396             val = eq;
5397         } else {
5398             val = "on";
5399         }
5400 
5401         feat2prop(featurestr);
5402         name = featurestr;
5403 
5404         if (g_list_find_custom(plus_features, name, compare_string)) {
5405             warn_report("Ambiguous CPU model string. "
5406                         "Don't mix both \"+%s\" and \"%s=%s\"",
5407                         name, name, val);
5408             ambiguous = true;
5409         }
5410         if (g_list_find_custom(minus_features, name, compare_string)) {
5411             warn_report("Ambiguous CPU model string. "
5412                         "Don't mix both \"-%s\" and \"%s=%s\"",
5413                         name, name, val);
5414             ambiguous = true;
5415         }
5416 
5417         /* Special case: */
5418         if (!strcmp(name, "tsc-freq")) {
5419             int ret;
5420             uint64_t tsc_freq;
5421 
5422             ret = qemu_strtosz_metric(val, NULL, &tsc_freq);
5423             if (ret < 0 || tsc_freq > INT64_MAX) {
5424                 error_setg(errp, "bad numerical value %s", val);
5425                 return;
5426             }
5427             snprintf(num, sizeof(num), "%" PRId64, tsc_freq);
5428             val = num;
5429             name = "tsc-frequency";
5430         }
5431 
5432         prop = g_new0(typeof(*prop), 1);
5433         prop->driver = typename;
5434         prop->property = g_strdup(name);
5435         prop->value = g_strdup(val);
5436         qdev_prop_register_global(prop);
5437     }
5438 
5439     if (ambiguous) {
5440         warn_report("Compatibility of ambiguous CPU model "
5441                     "strings won't be kept on future QEMU versions");
5442     }
5443 }
5444 
5445 static void x86_cpu_filter_features(X86CPU *cpu, bool verbose);
5446 
5447 /* Build a list with the name of all features on a feature word array */
5448 static void x86_cpu_list_feature_names(FeatureWordArray features,
5449                                        strList **list)
5450 {
5451     strList **tail = list;
5452     FeatureWord w;
5453 
5454     for (w = 0; w < FEATURE_WORDS; w++) {
5455         uint64_t filtered = features[w];
5456         int i;
5457         for (i = 0; i < 64; i++) {
5458             if (filtered & (1ULL << i)) {
5459                 QAPI_LIST_APPEND(tail, g_strdup(x86_cpu_feature_name(w, i)));
5460             }
5461         }
5462     }
5463 }
5464 
5465 static void x86_cpu_get_unavailable_features(Object *obj, Visitor *v,
5466                                              const char *name, void *opaque,
5467                                              Error **errp)
5468 {
5469     X86CPU *xc = X86_CPU(obj);
5470     strList *result = NULL;
5471 
5472     x86_cpu_list_feature_names(xc->filtered_features, &result);
5473     visit_type_strList(v, "unavailable-features", &result, errp);
5474 }
5475 
5476 /* Print all cpuid feature names in featureset
5477  */
5478 static void listflags(GList *features)
5479 {
5480     size_t len = 0;
5481     GList *tmp;
5482 
5483     for (tmp = features; tmp; tmp = tmp->next) {
5484         const char *name = tmp->data;
5485         if ((len + strlen(name) + 1) >= 75) {
5486             qemu_printf("\n");
5487             len = 0;
5488         }
5489         qemu_printf("%s%s", len == 0 ? "  " : " ", name);
5490         len += strlen(name) + 1;
5491     }
5492     qemu_printf("\n");
5493 }
5494 
5495 /* Sort alphabetically by type name, respecting X86CPUClass::ordering. */
5496 static gint x86_cpu_list_compare(gconstpointer a, gconstpointer b)
5497 {
5498     ObjectClass *class_a = (ObjectClass *)a;
5499     ObjectClass *class_b = (ObjectClass *)b;
5500     X86CPUClass *cc_a = X86_CPU_CLASS(class_a);
5501     X86CPUClass *cc_b = X86_CPU_CLASS(class_b);
5502     int ret;
5503 
5504     if (cc_a->ordering != cc_b->ordering) {
5505         ret = cc_a->ordering - cc_b->ordering;
5506     } else {
5507         g_autofree char *name_a = x86_cpu_class_get_model_name(cc_a);
5508         g_autofree char *name_b = x86_cpu_class_get_model_name(cc_b);
5509         ret = strcmp(name_a, name_b);
5510     }
5511     return ret;
5512 }
5513 
5514 static GSList *get_sorted_cpu_model_list(void)
5515 {
5516     GSList *list = object_class_get_list(TYPE_X86_CPU, false);
5517     list = g_slist_sort(list, x86_cpu_list_compare);
5518     return list;
5519 }
5520 
5521 static char *x86_cpu_class_get_model_id(X86CPUClass *xc)
5522 {
5523     Object *obj = object_new_with_class(OBJECT_CLASS(xc));
5524     char *r = object_property_get_str(obj, "model-id", &error_abort);
5525     object_unref(obj);
5526     return r;
5527 }
5528 
5529 static char *x86_cpu_class_get_alias_of(X86CPUClass *cc)
5530 {
5531     X86CPUVersion version;
5532 
5533     if (!cc->model || !cc->model->is_alias) {
5534         return NULL;
5535     }
5536     version = x86_cpu_model_resolve_version(cc->model);
5537     if (version <= 0) {
5538         return NULL;
5539     }
5540     return x86_cpu_versioned_model_name(cc->model->cpudef, version);
5541 }
5542 
5543 static void x86_cpu_list_entry(gpointer data, gpointer user_data)
5544 {
5545     ObjectClass *oc = data;
5546     X86CPUClass *cc = X86_CPU_CLASS(oc);
5547     g_autofree char *name = x86_cpu_class_get_model_name(cc);
5548     g_autofree char *desc = g_strdup(cc->model_description);
5549     g_autofree char *alias_of = x86_cpu_class_get_alias_of(cc);
5550     g_autofree char *model_id = x86_cpu_class_get_model_id(cc);
5551 
5552     if (!desc && alias_of) {
5553         if (cc->model && cc->model->version == CPU_VERSION_AUTO) {
5554             desc = g_strdup("(alias configured by machine type)");
5555         } else {
5556             desc = g_strdup_printf("(alias of %s)", alias_of);
5557         }
5558     }
5559     if (!desc && cc->model && cc->model->note) {
5560         desc = g_strdup_printf("%s [%s]", model_id, cc->model->note);
5561     }
5562     if (!desc) {
5563         desc = g_strdup_printf("%s", model_id);
5564     }
5565 
5566     if (cc->model && cc->model->cpudef->deprecation_note) {
5567         g_autofree char *olddesc = desc;
5568         desc = g_strdup_printf("%s (deprecated)", olddesc);
5569     }
5570 
5571     qemu_printf("x86 %-20s  %s\n", name, desc);
5572 }
5573 
5574 /* list available CPU models and flags */
5575 void x86_cpu_list(void)
5576 {
5577     int i, j;
5578     GSList *list;
5579     GList *names = NULL;
5580 
5581     qemu_printf("Available CPUs:\n");
5582     list = get_sorted_cpu_model_list();
5583     g_slist_foreach(list, x86_cpu_list_entry, NULL);
5584     g_slist_free(list);
5585 
5586     names = NULL;
5587     for (i = 0; i < ARRAY_SIZE(feature_word_info); i++) {
5588         FeatureWordInfo *fw = &feature_word_info[i];
5589         for (j = 0; j < 64; j++) {
5590             if (fw->feat_names[j]) {
5591                 names = g_list_append(names, (gpointer)fw->feat_names[j]);
5592             }
5593         }
5594     }
5595 
5596     names = g_list_sort(names, (GCompareFunc)strcmp);
5597 
5598     qemu_printf("\nRecognized CPUID flags:\n");
5599     listflags(names);
5600     qemu_printf("\n");
5601     g_list_free(names);
5602 }
5603 
5604 #ifndef CONFIG_USER_ONLY
5605 
5606 /* Check for missing features that may prevent the CPU class from
5607  * running using the current machine and accelerator.
5608  */
5609 static void x86_cpu_class_check_missing_features(X86CPUClass *xcc,
5610                                                  strList **list)
5611 {
5612     strList **tail = list;
5613     X86CPU *xc;
5614     Error *err = NULL;
5615 
5616     if (xcc->host_cpuid_required && !accel_uses_host_cpuid()) {
5617         QAPI_LIST_APPEND(tail, g_strdup("kvm"));
5618         return;
5619     }
5620 
5621     xc = X86_CPU(object_new_with_class(OBJECT_CLASS(xcc)));
5622 
5623     x86_cpu_expand_features(xc, &err);
5624     if (err) {
5625         /* Errors at x86_cpu_expand_features should never happen,
5626          * but in case it does, just report the model as not
5627          * runnable at all using the "type" property.
5628          */
5629         QAPI_LIST_APPEND(tail, g_strdup("type"));
5630         error_free(err);
5631     }
5632 
5633     x86_cpu_filter_features(xc, false);
5634 
5635     x86_cpu_list_feature_names(xc->filtered_features, tail);
5636 
5637     object_unref(OBJECT(xc));
5638 }
5639 
5640 static void x86_cpu_definition_entry(gpointer data, gpointer user_data)
5641 {
5642     ObjectClass *oc = data;
5643     X86CPUClass *cc = X86_CPU_CLASS(oc);
5644     CpuDefinitionInfoList **cpu_list = user_data;
5645     CpuDefinitionInfo *info;
5646 
5647     info = g_malloc0(sizeof(*info));
5648     info->name = x86_cpu_class_get_model_name(cc);
5649     x86_cpu_class_check_missing_features(cc, &info->unavailable_features);
5650     info->has_unavailable_features = true;
5651     info->q_typename = g_strdup(object_class_get_name(oc));
5652     info->migration_safe = cc->migration_safe;
5653     info->has_migration_safe = true;
5654     info->q_static = cc->static_model;
5655     if (cc->model && cc->model->cpudef->deprecation_note) {
5656         info->deprecated = true;
5657     } else {
5658         info->deprecated = false;
5659     }
5660     /*
5661      * Old machine types won't report aliases, so that alias translation
5662      * doesn't break compatibility with previous QEMU versions.
5663      */
5664     if (default_cpu_version != CPU_VERSION_LEGACY) {
5665         info->alias_of = x86_cpu_class_get_alias_of(cc);
5666     }
5667 
5668     QAPI_LIST_PREPEND(*cpu_list, info);
5669 }
5670 
5671 CpuDefinitionInfoList *qmp_query_cpu_definitions(Error **errp)
5672 {
5673     CpuDefinitionInfoList *cpu_list = NULL;
5674     GSList *list = get_sorted_cpu_model_list();
5675     g_slist_foreach(list, x86_cpu_definition_entry, &cpu_list);
5676     g_slist_free(list);
5677     return cpu_list;
5678 }
5679 
5680 #endif /* !CONFIG_USER_ONLY */
5681 
5682 uint64_t x86_cpu_get_supported_feature_word(FeatureWord w,
5683                                             bool migratable_only)
5684 {
5685     FeatureWordInfo *wi = &feature_word_info[w];
5686     uint64_t r = 0;
5687 
5688     if (kvm_enabled()) {
5689         switch (wi->type) {
5690         case CPUID_FEATURE_WORD:
5691             r = kvm_arch_get_supported_cpuid(kvm_state, wi->cpuid.eax,
5692                                                         wi->cpuid.ecx,
5693                                                         wi->cpuid.reg);
5694             break;
5695         case MSR_FEATURE_WORD:
5696             r = kvm_arch_get_supported_msr_feature(kvm_state,
5697                         wi->msr.index);
5698             break;
5699         }
5700     } else if (hvf_enabled()) {
5701         if (wi->type != CPUID_FEATURE_WORD) {
5702             return 0;
5703         }
5704         r = hvf_get_supported_cpuid(wi->cpuid.eax,
5705                                     wi->cpuid.ecx,
5706                                     wi->cpuid.reg);
5707     } else if (tcg_enabled()) {
5708         r = wi->tcg_features;
5709     } else {
5710         return ~0;
5711     }
5712 #ifndef TARGET_X86_64
5713     if (w == FEAT_8000_0001_EDX) {
5714         /*
5715          * 32-bit TCG can emulate 64-bit compatibility mode.  If there is no
5716          * way for userspace to get out of its 32-bit jail, we can leave
5717          * the LM bit set.
5718          */
5719         uint32_t unavail = tcg_enabled()
5720             ? CPUID_EXT2_LM & ~CPUID_EXT2_KERNEL_FEATURES
5721             : CPUID_EXT2_LM;
5722         r &= ~unavail;
5723     }
5724 #endif
5725     if (migratable_only) {
5726         r &= x86_cpu_get_migratable_flags(w);
5727     }
5728     return r;
5729 }
5730 
5731 static void x86_cpu_get_supported_cpuid(uint32_t func, uint32_t index,
5732                                         uint32_t *eax, uint32_t *ebx,
5733                                         uint32_t *ecx, uint32_t *edx)
5734 {
5735     if (kvm_enabled()) {
5736         *eax = kvm_arch_get_supported_cpuid(kvm_state, func, index, R_EAX);
5737         *ebx = kvm_arch_get_supported_cpuid(kvm_state, func, index, R_EBX);
5738         *ecx = kvm_arch_get_supported_cpuid(kvm_state, func, index, R_ECX);
5739         *edx = kvm_arch_get_supported_cpuid(kvm_state, func, index, R_EDX);
5740     } else if (hvf_enabled()) {
5741         *eax = hvf_get_supported_cpuid(func, index, R_EAX);
5742         *ebx = hvf_get_supported_cpuid(func, index, R_EBX);
5743         *ecx = hvf_get_supported_cpuid(func, index, R_ECX);
5744         *edx = hvf_get_supported_cpuid(func, index, R_EDX);
5745     } else {
5746         *eax = 0;
5747         *ebx = 0;
5748         *ecx = 0;
5749         *edx = 0;
5750     }
5751 }
5752 
5753 static void x86_cpu_get_cache_cpuid(uint32_t func, uint32_t index,
5754                                     uint32_t *eax, uint32_t *ebx,
5755                                     uint32_t *ecx, uint32_t *edx)
5756 {
5757     uint32_t level, unused;
5758 
5759     /* Only return valid host leaves.  */
5760     switch (func) {
5761     case 2:
5762     case 4:
5763         host_cpuid(0, 0, &level, &unused, &unused, &unused);
5764         break;
5765     case 0x80000005:
5766     case 0x80000006:
5767     case 0x8000001d:
5768         host_cpuid(0x80000000, 0, &level, &unused, &unused, &unused);
5769         break;
5770     default:
5771         return;
5772     }
5773 
5774     if (func > level) {
5775         *eax = 0;
5776         *ebx = 0;
5777         *ecx = 0;
5778         *edx = 0;
5779     } else {
5780         host_cpuid(func, index, eax, ebx, ecx, edx);
5781     }
5782 }
5783 
5784 /*
5785  * Only for builtin_x86_defs models initialized with x86_register_cpudef_types.
5786  */
5787 void x86_cpu_apply_props(X86CPU *cpu, PropValue *props)
5788 {
5789     PropValue *pv;
5790     for (pv = props; pv->prop; pv++) {
5791         if (!pv->value) {
5792             continue;
5793         }
5794         object_property_parse(OBJECT(cpu), pv->prop, pv->value,
5795                               &error_abort);
5796     }
5797 }
5798 
5799 /*
5800  * Apply properties for the CPU model version specified in model.
5801  * Only for builtin_x86_defs models initialized with x86_register_cpudef_types.
5802  */
5803 
5804 static void x86_cpu_apply_version_props(X86CPU *cpu, X86CPUModel *model)
5805 {
5806     const X86CPUVersionDefinition *vdef;
5807     X86CPUVersion version = x86_cpu_model_resolve_version(model);
5808 
5809     if (version == CPU_VERSION_LEGACY) {
5810         return;
5811     }
5812 
5813     for (vdef = x86_cpu_def_get_versions(model->cpudef); vdef->version; vdef++) {
5814         PropValue *p;
5815 
5816         for (p = vdef->props; p && p->prop; p++) {
5817             object_property_parse(OBJECT(cpu), p->prop, p->value,
5818                                   &error_abort);
5819         }
5820 
5821         if (vdef->version == version) {
5822             break;
5823         }
5824     }
5825 
5826     /*
5827      * If we reached the end of the list, version number was invalid
5828      */
5829     assert(vdef->version == version);
5830 }
5831 
5832 static const CPUCaches *x86_cpu_get_versioned_cache_info(X86CPU *cpu,
5833                                                          X86CPUModel *model)
5834 {
5835     const X86CPUVersionDefinition *vdef;
5836     X86CPUVersion version = x86_cpu_model_resolve_version(model);
5837     const CPUCaches *cache_info = model->cpudef->cache_info;
5838 
5839     if (version == CPU_VERSION_LEGACY) {
5840         return cache_info;
5841     }
5842 
5843     for (vdef = x86_cpu_def_get_versions(model->cpudef); vdef->version; vdef++) {
5844         if (vdef->cache_info) {
5845             cache_info = vdef->cache_info;
5846         }
5847 
5848         if (vdef->version == version) {
5849             break;
5850         }
5851     }
5852 
5853     assert(vdef->version == version);
5854     return cache_info;
5855 }
5856 
5857 /*
5858  * Load data from X86CPUDefinition into a X86CPU object.
5859  * Only for builtin_x86_defs models initialized with x86_register_cpudef_types.
5860  */
5861 static void x86_cpu_load_model(X86CPU *cpu, X86CPUModel *model)
5862 {
5863     const X86CPUDefinition *def = model->cpudef;
5864     CPUX86State *env = &cpu->env;
5865     FeatureWord w;
5866 
5867     /*NOTE: any property set by this function should be returned by
5868      * x86_cpu_static_props(), so static expansion of
5869      * query-cpu-model-expansion is always complete.
5870      */
5871 
5872     /* CPU models only set _minimum_ values for level/xlevel: */
5873     object_property_set_uint(OBJECT(cpu), "min-level", def->level,
5874                              &error_abort);
5875     object_property_set_uint(OBJECT(cpu), "min-xlevel", def->xlevel,
5876                              &error_abort);
5877 
5878     object_property_set_int(OBJECT(cpu), "family", def->family, &error_abort);
5879     object_property_set_int(OBJECT(cpu), "model", def->model, &error_abort);
5880     object_property_set_int(OBJECT(cpu), "stepping", def->stepping,
5881                             &error_abort);
5882     object_property_set_str(OBJECT(cpu), "model-id", def->model_id,
5883                             &error_abort);
5884     for (w = 0; w < FEATURE_WORDS; w++) {
5885         env->features[w] = def->features[w];
5886     }
5887 
5888     /* legacy-cache defaults to 'off' if CPU model provides cache info */
5889     cpu->legacy_cache = !x86_cpu_get_versioned_cache_info(cpu, model);
5890 
5891     env->features[FEAT_1_ECX] |= CPUID_EXT_HYPERVISOR;
5892 
5893     /* sysenter isn't supported in compatibility mode on AMD,
5894      * syscall isn't supported in compatibility mode on Intel.
5895      * Normally we advertise the actual CPU vendor, but you can
5896      * override this using the 'vendor' property if you want to use
5897      * KVM's sysenter/syscall emulation in compatibility mode and
5898      * when doing cross vendor migration
5899      */
5900 
5901     /*
5902      * vendor property is set here but then overloaded with the
5903      * host cpu vendor for KVM and HVF.
5904      */
5905     object_property_set_str(OBJECT(cpu), "vendor", def->vendor, &error_abort);
5906 
5907     x86_cpu_apply_version_props(cpu, model);
5908 
5909     /*
5910      * Properties in versioned CPU model are not user specified features.
5911      * We can simply clear env->user_features here since it will be filled later
5912      * in x86_cpu_expand_features() based on plus_features and minus_features.
5913      */
5914     memset(&env->user_features, 0, sizeof(env->user_features));
5915 }
5916 
5917 static gchar *x86_gdb_arch_name(CPUState *cs)
5918 {
5919 #ifdef TARGET_X86_64
5920     return g_strdup("i386:x86-64");
5921 #else
5922     return g_strdup("i386");
5923 #endif
5924 }
5925 
5926 static void x86_cpu_cpudef_class_init(ObjectClass *oc, void *data)
5927 {
5928     X86CPUModel *model = data;
5929     X86CPUClass *xcc = X86_CPU_CLASS(oc);
5930     CPUClass *cc = CPU_CLASS(oc);
5931 
5932     xcc->model = model;
5933     xcc->migration_safe = true;
5934     cc->deprecation_note = model->cpudef->deprecation_note;
5935 }
5936 
5937 static void x86_register_cpu_model_type(const char *name, X86CPUModel *model)
5938 {
5939     g_autofree char *typename = x86_cpu_type_name(name);
5940     TypeInfo ti = {
5941         .name = typename,
5942         .parent = TYPE_X86_CPU,
5943         .class_init = x86_cpu_cpudef_class_init,
5944         .class_data = model,
5945     };
5946 
5947     type_register(&ti);
5948 }
5949 
5950 
5951 /*
5952  * register builtin_x86_defs;
5953  * "max", "base" and subclasses ("host") are not registered here.
5954  * See x86_cpu_register_types for all model registrations.
5955  */
5956 static void x86_register_cpudef_types(const X86CPUDefinition *def)
5957 {
5958     X86CPUModel *m;
5959     const X86CPUVersionDefinition *vdef;
5960 
5961     /* AMD aliases are handled at runtime based on CPUID vendor, so
5962      * they shouldn't be set on the CPU model table.
5963      */
5964     assert(!(def->features[FEAT_8000_0001_EDX] & CPUID_EXT2_AMD_ALIASES));
5965     /* catch mistakes instead of silently truncating model_id when too long */
5966     assert(def->model_id && strlen(def->model_id) <= 48);
5967 
5968     /* Unversioned model: */
5969     m = g_new0(X86CPUModel, 1);
5970     m->cpudef = def;
5971     m->version = CPU_VERSION_AUTO;
5972     m->is_alias = true;
5973     x86_register_cpu_model_type(def->name, m);
5974 
5975     /* Versioned models: */
5976 
5977     for (vdef = x86_cpu_def_get_versions(def); vdef->version; vdef++) {
5978         X86CPUModel *m = g_new0(X86CPUModel, 1);
5979         g_autofree char *name =
5980             x86_cpu_versioned_model_name(def, vdef->version);
5981         m->cpudef = def;
5982         m->version = vdef->version;
5983         m->note = vdef->note;
5984         x86_register_cpu_model_type(name, m);
5985 
5986         if (vdef->alias) {
5987             X86CPUModel *am = g_new0(X86CPUModel, 1);
5988             am->cpudef = def;
5989             am->version = vdef->version;
5990             am->is_alias = true;
5991             x86_register_cpu_model_type(vdef->alias, am);
5992         }
5993     }
5994 
5995 }
5996 
5997 uint32_t cpu_x86_virtual_addr_width(CPUX86State *env)
5998 {
5999     if  (env->features[FEAT_7_0_ECX] & CPUID_7_0_ECX_LA57) {
6000         return 57; /* 57 bits virtual */
6001     } else {
6002         return 48; /* 48 bits virtual */
6003     }
6004 }
6005 
6006 void cpu_x86_cpuid(CPUX86State *env, uint32_t index, uint32_t count,
6007                    uint32_t *eax, uint32_t *ebx,
6008                    uint32_t *ecx, uint32_t *edx)
6009 {
6010     X86CPU *cpu = env_archcpu(env);
6011     CPUState *cs = env_cpu(env);
6012     uint32_t die_offset;
6013     uint32_t limit;
6014     uint32_t signature[3];
6015     X86CPUTopoInfo topo_info;
6016 
6017     topo_info.dies_per_pkg = env->nr_dies;
6018     topo_info.cores_per_die = cs->nr_cores;
6019     topo_info.threads_per_core = cs->nr_threads;
6020 
6021     /* Calculate & apply limits for different index ranges */
6022     if (index >= 0xC0000000) {
6023         limit = env->cpuid_xlevel2;
6024     } else if (index >= 0x80000000) {
6025         limit = env->cpuid_xlevel;
6026     } else if (index >= 0x40000000) {
6027         limit = 0x40000001;
6028     } else {
6029         limit = env->cpuid_level;
6030     }
6031 
6032     if (index > limit) {
6033         /* Intel documentation states that invalid EAX input will
6034          * return the same information as EAX=cpuid_level
6035          * (Intel SDM Vol. 2A - Instruction Set Reference - CPUID)
6036          */
6037         index = env->cpuid_level;
6038     }
6039 
6040     switch(index) {
6041     case 0:
6042         *eax = env->cpuid_level;
6043         *ebx = env->cpuid_vendor1;
6044         *edx = env->cpuid_vendor2;
6045         *ecx = env->cpuid_vendor3;
6046         break;
6047     case 1:
6048         *eax = env->cpuid_version;
6049         *ebx = (cpu->apic_id << 24) |
6050                8 << 8; /* CLFLUSH size in quad words, Linux wants it. */
6051         *ecx = env->features[FEAT_1_ECX];
6052         if ((*ecx & CPUID_EXT_XSAVE) && (env->cr[4] & CR4_OSXSAVE_MASK)) {
6053             *ecx |= CPUID_EXT_OSXSAVE;
6054         }
6055         *edx = env->features[FEAT_1_EDX];
6056         if (cs->nr_cores * cs->nr_threads > 1) {
6057             *ebx |= (cs->nr_cores * cs->nr_threads) << 16;
6058             *edx |= CPUID_HT;
6059         }
6060         if (!cpu->enable_pmu) {
6061             *ecx &= ~CPUID_EXT_PDCM;
6062         }
6063         break;
6064     case 2:
6065         /* cache info: needed for Pentium Pro compatibility */
6066         if (cpu->cache_info_passthrough) {
6067             x86_cpu_get_cache_cpuid(index, 0, eax, ebx, ecx, edx);
6068             break;
6069         } else if (cpu->vendor_cpuid_only && IS_AMD_CPU(env)) {
6070             *eax = *ebx = *ecx = *edx = 0;
6071             break;
6072         }
6073         *eax = 1; /* Number of CPUID[EAX=2] calls required */
6074         *ebx = 0;
6075         if (!cpu->enable_l3_cache) {
6076             *ecx = 0;
6077         } else {
6078             *ecx = cpuid2_cache_descriptor(env->cache_info_cpuid2.l3_cache);
6079         }
6080         *edx = (cpuid2_cache_descriptor(env->cache_info_cpuid2.l1d_cache) << 16) |
6081                (cpuid2_cache_descriptor(env->cache_info_cpuid2.l1i_cache) <<  8) |
6082                (cpuid2_cache_descriptor(env->cache_info_cpuid2.l2_cache));
6083         break;
6084     case 4:
6085         /* cache info: needed for Core compatibility */
6086         if (cpu->cache_info_passthrough) {
6087             x86_cpu_get_cache_cpuid(index, count, eax, ebx, ecx, edx);
6088             /*
6089              * QEMU has its own number of cores/logical cpus,
6090              * set 24..14, 31..26 bit to configured values
6091              */
6092             if (*eax & 31) {
6093                 int host_vcpus_per_cache = 1 + ((*eax & 0x3FFC000) >> 14);
6094                 int vcpus_per_socket = env->nr_dies * cs->nr_cores *
6095                                        cs->nr_threads;
6096                 if (cs->nr_cores > 1) {
6097                     *eax &= ~0xFC000000;
6098                     *eax |= (pow2ceil(cs->nr_cores) - 1) << 26;
6099                 }
6100                 if (host_vcpus_per_cache > vcpus_per_socket) {
6101                     *eax &= ~0x3FFC000;
6102                     *eax |= (pow2ceil(vcpus_per_socket) - 1) << 14;
6103                 }
6104             }
6105         } else if (cpu->vendor_cpuid_only && IS_AMD_CPU(env)) {
6106             *eax = *ebx = *ecx = *edx = 0;
6107         } else {
6108             *eax = 0;
6109             switch (count) {
6110             case 0: /* L1 dcache info */
6111                 encode_cache_cpuid4(env->cache_info_cpuid4.l1d_cache,
6112                                     1, cs->nr_cores,
6113                                     eax, ebx, ecx, edx);
6114                 break;
6115             case 1: /* L1 icache info */
6116                 encode_cache_cpuid4(env->cache_info_cpuid4.l1i_cache,
6117                                     1, cs->nr_cores,
6118                                     eax, ebx, ecx, edx);
6119                 break;
6120             case 2: /* L2 cache info */
6121                 encode_cache_cpuid4(env->cache_info_cpuid4.l2_cache,
6122                                     cs->nr_threads, cs->nr_cores,
6123                                     eax, ebx, ecx, edx);
6124                 break;
6125             case 3: /* L3 cache info */
6126                 die_offset = apicid_die_offset(&topo_info);
6127                 if (cpu->enable_l3_cache) {
6128                     encode_cache_cpuid4(env->cache_info_cpuid4.l3_cache,
6129                                         (1 << die_offset), cs->nr_cores,
6130                                         eax, ebx, ecx, edx);
6131                     break;
6132                 }
6133                 /* fall through */
6134             default: /* end of info */
6135                 *eax = *ebx = *ecx = *edx = 0;
6136                 break;
6137             }
6138         }
6139         break;
6140     case 5:
6141         /* MONITOR/MWAIT Leaf */
6142         *eax = cpu->mwait.eax; /* Smallest monitor-line size in bytes */
6143         *ebx = cpu->mwait.ebx; /* Largest monitor-line size in bytes */
6144         *ecx = cpu->mwait.ecx; /* flags */
6145         *edx = cpu->mwait.edx; /* mwait substates */
6146         break;
6147     case 6:
6148         /* Thermal and Power Leaf */
6149         *eax = env->features[FEAT_6_EAX];
6150         *ebx = 0;
6151         *ecx = 0;
6152         *edx = 0;
6153         break;
6154     case 7:
6155         /* Structured Extended Feature Flags Enumeration Leaf */
6156         if (count == 0) {
6157             uint32_t eax_0_unused, ebx_0, ecx_0, edx_0_unused;
6158 
6159             /* Maximum ECX value for sub-leaves */
6160             *eax = env->cpuid_level_func7;
6161             *ebx = env->features[FEAT_7_0_EBX]; /* Feature flags */
6162             *ecx = env->features[FEAT_7_0_ECX]; /* Feature flags */
6163             if ((*ecx & CPUID_7_0_ECX_PKU) && env->cr[4] & CR4_PKE_MASK) {
6164                 *ecx |= CPUID_7_0_ECX_OSPKE;
6165             }
6166             *edx = env->features[FEAT_7_0_EDX]; /* Feature flags */
6167 
6168             /*
6169              * SGX cannot be emulated in software.  If hardware does not
6170              * support enabling SGX and/or SGX flexible launch control,
6171              * then we need to update the VM's CPUID values accordingly.
6172              */
6173             x86_cpu_get_supported_cpuid(0x7, 0,
6174                                         &eax_0_unused, &ebx_0,
6175                                         &ecx_0, &edx_0_unused);
6176             if ((*ebx & CPUID_7_0_EBX_SGX) && !(ebx_0 & CPUID_7_0_EBX_SGX)) {
6177                 *ebx &= ~CPUID_7_0_EBX_SGX;
6178             }
6179 
6180             if ((*ecx & CPUID_7_0_ECX_SGX_LC)
6181                     && (!(*ebx & CPUID_7_0_EBX_SGX) || !(ecx_0 & CPUID_7_0_ECX_SGX_LC))) {
6182                 *ecx &= ~CPUID_7_0_ECX_SGX_LC;
6183             }
6184         } else if (count == 1) {
6185             *eax = env->features[FEAT_7_1_EAX];
6186             *edx = env->features[FEAT_7_1_EDX];
6187             *ebx = 0;
6188             *ecx = 0;
6189         } else if (count == 2) {
6190             *edx = env->features[FEAT_7_2_EDX];
6191             *eax = 0;
6192             *ebx = 0;
6193             *ecx = 0;
6194         } else {
6195             *eax = 0;
6196             *ebx = 0;
6197             *ecx = 0;
6198             *edx = 0;
6199         }
6200         break;
6201     case 9:
6202         /* Direct Cache Access Information Leaf */
6203         *eax = 0; /* Bits 0-31 in DCA_CAP MSR */
6204         *ebx = 0;
6205         *ecx = 0;
6206         *edx = 0;
6207         break;
6208     case 0xA:
6209         /* Architectural Performance Monitoring Leaf */
6210         if (cpu->enable_pmu) {
6211             x86_cpu_get_supported_cpuid(0xA, count, eax, ebx, ecx, edx);
6212         } else {
6213             *eax = 0;
6214             *ebx = 0;
6215             *ecx = 0;
6216             *edx = 0;
6217         }
6218         break;
6219     case 0xB:
6220         /* Extended Topology Enumeration Leaf */
6221         if (!cpu->enable_cpuid_0xb) {
6222                 *eax = *ebx = *ecx = *edx = 0;
6223                 break;
6224         }
6225 
6226         *ecx = count & 0xff;
6227         *edx = cpu->apic_id;
6228 
6229         switch (count) {
6230         case 0:
6231             *eax = apicid_core_offset(&topo_info);
6232             *ebx = cs->nr_threads;
6233             *ecx |= CPUID_TOPOLOGY_LEVEL_SMT;
6234             break;
6235         case 1:
6236             *eax = apicid_pkg_offset(&topo_info);
6237             *ebx = cs->nr_cores * cs->nr_threads;
6238             *ecx |= CPUID_TOPOLOGY_LEVEL_CORE;
6239             break;
6240         default:
6241             *eax = 0;
6242             *ebx = 0;
6243             *ecx |= CPUID_TOPOLOGY_LEVEL_INVALID;
6244         }
6245 
6246         assert(!(*eax & ~0x1f));
6247         *ebx &= 0xffff; /* The count doesn't need to be reliable. */
6248         break;
6249     case 0x1C:
6250         if (cpu->enable_pmu && (env->features[FEAT_7_0_EDX] & CPUID_7_0_EDX_ARCH_LBR)) {
6251             x86_cpu_get_supported_cpuid(0x1C, 0, eax, ebx, ecx, edx);
6252             *edx = 0;
6253         }
6254         break;
6255     case 0x1F:
6256         /* V2 Extended Topology Enumeration Leaf */
6257         if (env->nr_dies < 2) {
6258             *eax = *ebx = *ecx = *edx = 0;
6259             break;
6260         }
6261 
6262         *ecx = count & 0xff;
6263         *edx = cpu->apic_id;
6264         switch (count) {
6265         case 0:
6266             *eax = apicid_core_offset(&topo_info);
6267             *ebx = cs->nr_threads;
6268             *ecx |= CPUID_TOPOLOGY_LEVEL_SMT;
6269             break;
6270         case 1:
6271             *eax = apicid_die_offset(&topo_info);
6272             *ebx = cs->nr_cores * cs->nr_threads;
6273             *ecx |= CPUID_TOPOLOGY_LEVEL_CORE;
6274             break;
6275         case 2:
6276             *eax = apicid_pkg_offset(&topo_info);
6277             *ebx = env->nr_dies * cs->nr_cores * cs->nr_threads;
6278             *ecx |= CPUID_TOPOLOGY_LEVEL_DIE;
6279             break;
6280         default:
6281             *eax = 0;
6282             *ebx = 0;
6283             *ecx |= CPUID_TOPOLOGY_LEVEL_INVALID;
6284         }
6285         assert(!(*eax & ~0x1f));
6286         *ebx &= 0xffff; /* The count doesn't need to be reliable. */
6287         break;
6288     case 0xD: {
6289         /* Processor Extended State */
6290         *eax = 0;
6291         *ebx = 0;
6292         *ecx = 0;
6293         *edx = 0;
6294         if (!(env->features[FEAT_1_ECX] & CPUID_EXT_XSAVE)) {
6295             break;
6296         }
6297 
6298         if (count == 0) {
6299             *ecx = xsave_area_size(x86_cpu_xsave_xcr0_components(cpu), false);
6300             *eax = env->features[FEAT_XSAVE_XCR0_LO];
6301             *edx = env->features[FEAT_XSAVE_XCR0_HI];
6302             /*
6303              * The initial value of xcr0 and ebx == 0, On host without kvm
6304              * commit 412a3c41(e.g., CentOS 6), the ebx's value always == 0
6305              * even through guest update xcr0, this will crash some legacy guest
6306              * (e.g., CentOS 6), So set ebx == ecx to workaround it.
6307              */
6308             *ebx = kvm_enabled() ? *ecx : xsave_area_size(env->xcr0, false);
6309         } else if (count == 1) {
6310             uint64_t xstate = x86_cpu_xsave_xcr0_components(cpu) |
6311                               x86_cpu_xsave_xss_components(cpu);
6312 
6313             *eax = env->features[FEAT_XSAVE];
6314             *ebx = xsave_area_size(xstate, true);
6315             *ecx = env->features[FEAT_XSAVE_XSS_LO];
6316             *edx = env->features[FEAT_XSAVE_XSS_HI];
6317             if (kvm_enabled() && cpu->enable_pmu &&
6318                 (env->features[FEAT_7_0_EDX] & CPUID_7_0_EDX_ARCH_LBR) &&
6319                 (*eax & CPUID_XSAVE_XSAVES)) {
6320                 *ecx |= XSTATE_ARCH_LBR_MASK;
6321             } else {
6322                 *ecx &= ~XSTATE_ARCH_LBR_MASK;
6323             }
6324         } else if (count == 0xf && cpu->enable_pmu
6325                    && (env->features[FEAT_7_0_EDX] & CPUID_7_0_EDX_ARCH_LBR)) {
6326             x86_cpu_get_supported_cpuid(0xD, count, eax, ebx, ecx, edx);
6327         } else if (count < ARRAY_SIZE(x86_ext_save_areas)) {
6328             const ExtSaveArea *esa = &x86_ext_save_areas[count];
6329 
6330             if (x86_cpu_xsave_xcr0_components(cpu) & (1ULL << count)) {
6331                 *eax = esa->size;
6332                 *ebx = esa->offset;
6333                 *ecx = esa->ecx &
6334                        (ESA_FEATURE_ALIGN64_MASK | ESA_FEATURE_XFD_MASK);
6335             } else if (x86_cpu_xsave_xss_components(cpu) & (1ULL << count)) {
6336                 *eax = esa->size;
6337                 *ebx = 0;
6338                 *ecx = 1;
6339             }
6340         }
6341         break;
6342     }
6343     case 0x12:
6344 #ifndef CONFIG_USER_ONLY
6345         if (!kvm_enabled() ||
6346             !(env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_SGX)) {
6347             *eax = *ebx = *ecx = *edx = 0;
6348             break;
6349         }
6350 
6351         /*
6352          * SGX sub-leafs CPUID.0x12.{0x2..N} enumerate EPC sections.  Retrieve
6353          * the EPC properties, e.g. confidentiality and integrity, from the
6354          * host's first EPC section, i.e. assume there is one EPC section or
6355          * that all EPC sections have the same security properties.
6356          */
6357         if (count > 1) {
6358             uint64_t epc_addr, epc_size;
6359 
6360             if (sgx_epc_get_section(count - 2, &epc_addr, &epc_size)) {
6361                 *eax = *ebx = *ecx = *edx = 0;
6362                 break;
6363             }
6364             host_cpuid(index, 2, eax, ebx, ecx, edx);
6365             *eax = (uint32_t)(epc_addr & 0xfffff000) | 0x1;
6366             *ebx = (uint32_t)(epc_addr >> 32);
6367             *ecx = (uint32_t)(epc_size & 0xfffff000) | (*ecx & 0xf);
6368             *edx = (uint32_t)(epc_size >> 32);
6369             break;
6370         }
6371 
6372         /*
6373          * SGX sub-leafs CPUID.0x12.{0x0,0x1} are heavily dependent on hardware
6374          * and KVM, i.e. QEMU cannot emulate features to override what KVM
6375          * supports.  Features can be further restricted by userspace, but not
6376          * made more permissive.
6377          */
6378         x86_cpu_get_supported_cpuid(0x12, count, eax, ebx, ecx, edx);
6379 
6380         if (count == 0) {
6381             *eax &= env->features[FEAT_SGX_12_0_EAX];
6382             *ebx &= env->features[FEAT_SGX_12_0_EBX];
6383         } else {
6384             *eax &= env->features[FEAT_SGX_12_1_EAX];
6385             *ebx &= 0; /* ebx reserve */
6386             *ecx &= env->features[FEAT_XSAVE_XCR0_LO];
6387             *edx &= env->features[FEAT_XSAVE_XCR0_HI];
6388 
6389             /* FP and SSE are always allowed regardless of XSAVE/XCR0. */
6390             *ecx |= XSTATE_FP_MASK | XSTATE_SSE_MASK;
6391 
6392             /* Access to PROVISIONKEY requires additional credentials. */
6393             if ((*eax & (1U << 4)) &&
6394                 !kvm_enable_sgx_provisioning(cs->kvm_state)) {
6395                 *eax &= ~(1U << 4);
6396             }
6397         }
6398 #endif
6399         break;
6400     case 0x14: {
6401         /* Intel Processor Trace Enumeration */
6402         *eax = 0;
6403         *ebx = 0;
6404         *ecx = 0;
6405         *edx = 0;
6406         if (!(env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_INTEL_PT) ||
6407             !kvm_enabled()) {
6408             break;
6409         }
6410 
6411         if (count == 0) {
6412             *eax = INTEL_PT_MAX_SUBLEAF;
6413             *ebx = INTEL_PT_MINIMAL_EBX;
6414             *ecx = INTEL_PT_MINIMAL_ECX;
6415             if (env->features[FEAT_14_0_ECX] & CPUID_14_0_ECX_LIP) {
6416                 *ecx |= CPUID_14_0_ECX_LIP;
6417             }
6418         } else if (count == 1) {
6419             *eax = INTEL_PT_MTC_BITMAP | INTEL_PT_ADDR_RANGES_NUM;
6420             *ebx = INTEL_PT_PSB_BITMAP | INTEL_PT_CYCLE_BITMAP;
6421         }
6422         break;
6423     }
6424     case 0x1D: {
6425         /* AMX TILE, for now hardcoded for Sapphire Rapids*/
6426         *eax = 0;
6427         *ebx = 0;
6428         *ecx = 0;
6429         *edx = 0;
6430         if (!(env->features[FEAT_7_0_EDX] & CPUID_7_0_EDX_AMX_TILE)) {
6431             break;
6432         }
6433 
6434         if (count == 0) {
6435             /* Highest numbered palette subleaf */
6436             *eax = INTEL_AMX_TILE_MAX_SUBLEAF;
6437         } else if (count == 1) {
6438             *eax = INTEL_AMX_TOTAL_TILE_BYTES |
6439                    (INTEL_AMX_BYTES_PER_TILE << 16);
6440             *ebx = INTEL_AMX_BYTES_PER_ROW | (INTEL_AMX_TILE_MAX_NAMES << 16);
6441             *ecx = INTEL_AMX_TILE_MAX_ROWS;
6442         }
6443         break;
6444     }
6445     case 0x1E: {
6446         /* AMX TMUL, for now hardcoded for Sapphire Rapids */
6447         *eax = 0;
6448         *ebx = 0;
6449         *ecx = 0;
6450         *edx = 0;
6451         if (!(env->features[FEAT_7_0_EDX] & CPUID_7_0_EDX_AMX_TILE)) {
6452             break;
6453         }
6454 
6455         if (count == 0) {
6456             /* Highest numbered palette subleaf */
6457             *ebx = INTEL_AMX_TMUL_MAX_K | (INTEL_AMX_TMUL_MAX_N << 8);
6458         }
6459         break;
6460     }
6461     case 0x40000000:
6462         /*
6463          * CPUID code in kvm_arch_init_vcpu() ignores stuff
6464          * set here, but we restrict to TCG none the less.
6465          */
6466         if (tcg_enabled() && cpu->expose_tcg) {
6467             memcpy(signature, "TCGTCGTCGTCG", 12);
6468             *eax = 0x40000001;
6469             *ebx = signature[0];
6470             *ecx = signature[1];
6471             *edx = signature[2];
6472         } else {
6473             *eax = 0;
6474             *ebx = 0;
6475             *ecx = 0;
6476             *edx = 0;
6477         }
6478         break;
6479     case 0x40000001:
6480         *eax = 0;
6481         *ebx = 0;
6482         *ecx = 0;
6483         *edx = 0;
6484         break;
6485     case 0x80000000:
6486         *eax = env->cpuid_xlevel;
6487         *ebx = env->cpuid_vendor1;
6488         *edx = env->cpuid_vendor2;
6489         *ecx = env->cpuid_vendor3;
6490         break;
6491     case 0x80000001:
6492         *eax = env->cpuid_version;
6493         *ebx = 0;
6494         *ecx = env->features[FEAT_8000_0001_ECX];
6495         *edx = env->features[FEAT_8000_0001_EDX];
6496 
6497         /* The Linux kernel checks for the CMPLegacy bit and
6498          * discards multiple thread information if it is set.
6499          * So don't set it here for Intel to make Linux guests happy.
6500          */
6501         if (cs->nr_cores * cs->nr_threads > 1) {
6502             if (env->cpuid_vendor1 != CPUID_VENDOR_INTEL_1 ||
6503                 env->cpuid_vendor2 != CPUID_VENDOR_INTEL_2 ||
6504                 env->cpuid_vendor3 != CPUID_VENDOR_INTEL_3) {
6505                 *ecx |= 1 << 1;    /* CmpLegacy bit */
6506             }
6507         }
6508         if (tcg_enabled() && env->cpuid_vendor1 == CPUID_VENDOR_INTEL_1 &&
6509             !(env->hflags & HF_LMA_MASK)) {
6510             *edx &= ~CPUID_EXT2_SYSCALL;
6511         }
6512         break;
6513     case 0x80000002:
6514     case 0x80000003:
6515     case 0x80000004:
6516         *eax = env->cpuid_model[(index - 0x80000002) * 4 + 0];
6517         *ebx = env->cpuid_model[(index - 0x80000002) * 4 + 1];
6518         *ecx = env->cpuid_model[(index - 0x80000002) * 4 + 2];
6519         *edx = env->cpuid_model[(index - 0x80000002) * 4 + 3];
6520         break;
6521     case 0x80000005:
6522         /* cache info (L1 cache) */
6523         if (cpu->cache_info_passthrough) {
6524             x86_cpu_get_cache_cpuid(index, 0, eax, ebx, ecx, edx);
6525             break;
6526         }
6527         *eax = (L1_DTLB_2M_ASSOC << 24) | (L1_DTLB_2M_ENTRIES << 16) |
6528                (L1_ITLB_2M_ASSOC <<  8) | (L1_ITLB_2M_ENTRIES);
6529         *ebx = (L1_DTLB_4K_ASSOC << 24) | (L1_DTLB_4K_ENTRIES << 16) |
6530                (L1_ITLB_4K_ASSOC <<  8) | (L1_ITLB_4K_ENTRIES);
6531         *ecx = encode_cache_cpuid80000005(env->cache_info_amd.l1d_cache);
6532         *edx = encode_cache_cpuid80000005(env->cache_info_amd.l1i_cache);
6533         break;
6534     case 0x80000006:
6535         /* cache info (L2 cache) */
6536         if (cpu->cache_info_passthrough) {
6537             x86_cpu_get_cache_cpuid(index, 0, eax, ebx, ecx, edx);
6538             break;
6539         }
6540         *eax = (AMD_ENC_ASSOC(L2_DTLB_2M_ASSOC) << 28) |
6541                (L2_DTLB_2M_ENTRIES << 16) |
6542                (AMD_ENC_ASSOC(L2_ITLB_2M_ASSOC) << 12) |
6543                (L2_ITLB_2M_ENTRIES);
6544         *ebx = (AMD_ENC_ASSOC(L2_DTLB_4K_ASSOC) << 28) |
6545                (L2_DTLB_4K_ENTRIES << 16) |
6546                (AMD_ENC_ASSOC(L2_ITLB_4K_ASSOC) << 12) |
6547                (L2_ITLB_4K_ENTRIES);
6548         encode_cache_cpuid80000006(env->cache_info_amd.l2_cache,
6549                                    cpu->enable_l3_cache ?
6550                                    env->cache_info_amd.l3_cache : NULL,
6551                                    ecx, edx);
6552         break;
6553     case 0x80000007:
6554         *eax = 0;
6555         *ebx = 0;
6556         *ecx = 0;
6557         *edx = env->features[FEAT_8000_0007_EDX];
6558         break;
6559     case 0x80000008:
6560         /* virtual & phys address size in low 2 bytes. */
6561         *eax = cpu->phys_bits;
6562         if (env->features[FEAT_8000_0001_EDX] & CPUID_EXT2_LM) {
6563             /* 64 bit processor */
6564              *eax |= (cpu_x86_virtual_addr_width(env) << 8);
6565         }
6566         *ebx = env->features[FEAT_8000_0008_EBX];
6567         if (cs->nr_cores * cs->nr_threads > 1) {
6568             /*
6569              * Bits 15:12 is "The number of bits in the initial
6570              * Core::X86::Apic::ApicId[ApicId] value that indicate
6571              * thread ID within a package".
6572              * Bits 7:0 is "The number of threads in the package is NC+1"
6573              */
6574             *ecx = (apicid_pkg_offset(&topo_info) << 12) |
6575                    ((cs->nr_cores * cs->nr_threads) - 1);
6576         } else {
6577             *ecx = 0;
6578         }
6579         *edx = 0;
6580         break;
6581     case 0x8000000A:
6582         if (env->features[FEAT_8000_0001_ECX] & CPUID_EXT3_SVM) {
6583             *eax = 0x00000001; /* SVM Revision */
6584             *ebx = 0x00000010; /* nr of ASIDs */
6585             *ecx = 0;
6586             *edx = env->features[FEAT_SVM]; /* optional features */
6587         } else {
6588             *eax = 0;
6589             *ebx = 0;
6590             *ecx = 0;
6591             *edx = 0;
6592         }
6593         break;
6594     case 0x8000001D:
6595         *eax = 0;
6596         if (cpu->cache_info_passthrough) {
6597             x86_cpu_get_cache_cpuid(index, count, eax, ebx, ecx, edx);
6598             break;
6599         }
6600         switch (count) {
6601         case 0: /* L1 dcache info */
6602             encode_cache_cpuid8000001d(env->cache_info_amd.l1d_cache,
6603                                        &topo_info, eax, ebx, ecx, edx);
6604             break;
6605         case 1: /* L1 icache info */
6606             encode_cache_cpuid8000001d(env->cache_info_amd.l1i_cache,
6607                                        &topo_info, eax, ebx, ecx, edx);
6608             break;
6609         case 2: /* L2 cache info */
6610             encode_cache_cpuid8000001d(env->cache_info_amd.l2_cache,
6611                                        &topo_info, eax, ebx, ecx, edx);
6612             break;
6613         case 3: /* L3 cache info */
6614             encode_cache_cpuid8000001d(env->cache_info_amd.l3_cache,
6615                                        &topo_info, eax, ebx, ecx, edx);
6616             break;
6617         default: /* end of info */
6618             *eax = *ebx = *ecx = *edx = 0;
6619             break;
6620         }
6621         break;
6622     case 0x8000001E:
6623         if (cpu->core_id <= 255) {
6624             encode_topo_cpuid8000001e(cpu, &topo_info, eax, ebx, ecx, edx);
6625         } else {
6626             *eax = 0;
6627             *ebx = 0;
6628             *ecx = 0;
6629             *edx = 0;
6630         }
6631         break;
6632     case 0xC0000000:
6633         *eax = env->cpuid_xlevel2;
6634         *ebx = 0;
6635         *ecx = 0;
6636         *edx = 0;
6637         break;
6638     case 0xC0000001:
6639         /* Support for VIA CPU's CPUID instruction */
6640         *eax = env->cpuid_version;
6641         *ebx = 0;
6642         *ecx = 0;
6643         *edx = env->features[FEAT_C000_0001_EDX];
6644         break;
6645     case 0xC0000002:
6646     case 0xC0000003:
6647     case 0xC0000004:
6648         /* Reserved for the future, and now filled with zero */
6649         *eax = 0;
6650         *ebx = 0;
6651         *ecx = 0;
6652         *edx = 0;
6653         break;
6654     case 0x8000001F:
6655         *eax = *ebx = *ecx = *edx = 0;
6656         if (sev_enabled()) {
6657             *eax = 0x2;
6658             *eax |= sev_es_enabled() ? 0x8 : 0;
6659             *ebx = sev_get_cbit_position() & 0x3f; /* EBX[5:0] */
6660             *ebx |= (sev_get_reduced_phys_bits() & 0x3f) << 6; /* EBX[11:6] */
6661         }
6662         break;
6663     case 0x80000021:
6664         *eax = env->features[FEAT_8000_0021_EAX];
6665         *ebx = *ecx = *edx = 0;
6666         break;
6667     default:
6668         /* reserved values: zero */
6669         *eax = 0;
6670         *ebx = 0;
6671         *ecx = 0;
6672         *edx = 0;
6673         break;
6674     }
6675 }
6676 
6677 static void x86_cpu_set_sgxlepubkeyhash(CPUX86State *env)
6678 {
6679 #ifndef CONFIG_USER_ONLY
6680     /* Those default values are defined in Skylake HW */
6681     env->msr_ia32_sgxlepubkeyhash[0] = 0xa6053e051270b7acULL;
6682     env->msr_ia32_sgxlepubkeyhash[1] = 0x6cfbe8ba8b3b413dULL;
6683     env->msr_ia32_sgxlepubkeyhash[2] = 0xc4916d99f2b3735dULL;
6684     env->msr_ia32_sgxlepubkeyhash[3] = 0xd4f8c05909f9bb3bULL;
6685 #endif
6686 }
6687 
6688 static void x86_cpu_reset_hold(Object *obj)
6689 {
6690     CPUState *s = CPU(obj);
6691     X86CPU *cpu = X86_CPU(s);
6692     X86CPUClass *xcc = X86_CPU_GET_CLASS(cpu);
6693     CPUX86State *env = &cpu->env;
6694     target_ulong cr4;
6695     uint64_t xcr0;
6696     int i;
6697 
6698     if (xcc->parent_phases.hold) {
6699         xcc->parent_phases.hold(obj);
6700     }
6701 
6702     memset(env, 0, offsetof(CPUX86State, end_reset_fields));
6703 
6704     env->old_exception = -1;
6705 
6706     /* init to reset state */
6707     env->int_ctl = 0;
6708     env->hflags2 |= HF2_GIF_MASK;
6709     env->hflags2 |= HF2_VGIF_MASK;
6710     env->hflags &= ~HF_GUEST_MASK;
6711 
6712     cpu_x86_update_cr0(env, 0x60000010);
6713     env->a20_mask = ~0x0;
6714     env->smbase = 0x30000;
6715     env->msr_smi_count = 0;
6716 
6717     env->idt.limit = 0xffff;
6718     env->gdt.limit = 0xffff;
6719     env->ldt.limit = 0xffff;
6720     env->ldt.flags = DESC_P_MASK | (2 << DESC_TYPE_SHIFT);
6721     env->tr.limit = 0xffff;
6722     env->tr.flags = DESC_P_MASK | (11 << DESC_TYPE_SHIFT);
6723 
6724     cpu_x86_load_seg_cache(env, R_CS, 0xf000, 0xffff0000, 0xffff,
6725                            DESC_P_MASK | DESC_S_MASK | DESC_CS_MASK |
6726                            DESC_R_MASK | DESC_A_MASK);
6727     cpu_x86_load_seg_cache(env, R_DS, 0, 0, 0xffff,
6728                            DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
6729                            DESC_A_MASK);
6730     cpu_x86_load_seg_cache(env, R_ES, 0, 0, 0xffff,
6731                            DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
6732                            DESC_A_MASK);
6733     cpu_x86_load_seg_cache(env, R_SS, 0, 0, 0xffff,
6734                            DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
6735                            DESC_A_MASK);
6736     cpu_x86_load_seg_cache(env, R_FS, 0, 0, 0xffff,
6737                            DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
6738                            DESC_A_MASK);
6739     cpu_x86_load_seg_cache(env, R_GS, 0, 0, 0xffff,
6740                            DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
6741                            DESC_A_MASK);
6742 
6743     env->eip = 0xfff0;
6744     env->regs[R_EDX] = env->cpuid_version;
6745 
6746     env->eflags = 0x2;
6747 
6748     /* FPU init */
6749     for (i = 0; i < 8; i++) {
6750         env->fptags[i] = 1;
6751     }
6752     cpu_set_fpuc(env, 0x37f);
6753 
6754     env->mxcsr = 0x1f80;
6755     /* All units are in INIT state.  */
6756     env->xstate_bv = 0;
6757 
6758     env->pat = 0x0007040600070406ULL;
6759 
6760     if (kvm_enabled()) {
6761         /*
6762          * KVM handles TSC = 0 specially and thinks we are hot-plugging
6763          * a new CPU, use 1 instead to force a reset.
6764          */
6765         if (env->tsc != 0) {
6766             env->tsc = 1;
6767         }
6768     } else {
6769         env->tsc = 0;
6770     }
6771 
6772     env->msr_ia32_misc_enable = MSR_IA32_MISC_ENABLE_DEFAULT;
6773     if (env->features[FEAT_1_ECX] & CPUID_EXT_MONITOR) {
6774         env->msr_ia32_misc_enable |= MSR_IA32_MISC_ENABLE_MWAIT;
6775     }
6776 
6777     memset(env->dr, 0, sizeof(env->dr));
6778     env->dr[6] = DR6_FIXED_1;
6779     env->dr[7] = DR7_FIXED_1;
6780     cpu_breakpoint_remove_all(s, BP_CPU);
6781     cpu_watchpoint_remove_all(s, BP_CPU);
6782 
6783     cr4 = 0;
6784     xcr0 = XSTATE_FP_MASK;
6785 
6786 #ifdef CONFIG_USER_ONLY
6787     /* Enable all the features for user-mode.  */
6788     if (env->features[FEAT_1_EDX] & CPUID_SSE) {
6789         xcr0 |= XSTATE_SSE_MASK;
6790     }
6791     for (i = 2; i < ARRAY_SIZE(x86_ext_save_areas); i++) {
6792         const ExtSaveArea *esa = &x86_ext_save_areas[i];
6793         if (!((1 << i) & CPUID_XSTATE_XCR0_MASK)) {
6794             continue;
6795         }
6796         if (env->features[esa->feature] & esa->bits) {
6797             xcr0 |= 1ull << i;
6798         }
6799     }
6800 
6801     if (env->features[FEAT_1_ECX] & CPUID_EXT_XSAVE) {
6802         cr4 |= CR4_OSFXSR_MASK | CR4_OSXSAVE_MASK;
6803     }
6804     if (env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_FSGSBASE) {
6805         cr4 |= CR4_FSGSBASE_MASK;
6806     }
6807 #endif
6808 
6809     env->xcr0 = xcr0;
6810     cpu_x86_update_cr4(env, cr4);
6811 
6812     /*
6813      * SDM 11.11.5 requires:
6814      *  - IA32_MTRR_DEF_TYPE MSR.E = 0
6815      *  - IA32_MTRR_PHYSMASKn.V = 0
6816      * All other bits are undefined.  For simplification, zero it all.
6817      */
6818     env->mtrr_deftype = 0;
6819     memset(env->mtrr_var, 0, sizeof(env->mtrr_var));
6820     memset(env->mtrr_fixed, 0, sizeof(env->mtrr_fixed));
6821 
6822     env->interrupt_injected = -1;
6823     env->exception_nr = -1;
6824     env->exception_pending = 0;
6825     env->exception_injected = 0;
6826     env->exception_has_payload = false;
6827     env->exception_payload = 0;
6828     env->nmi_injected = false;
6829     env->triple_fault_pending = false;
6830 #if !defined(CONFIG_USER_ONLY)
6831     /* We hard-wire the BSP to the first CPU. */
6832     apic_designate_bsp(cpu->apic_state, s->cpu_index == 0);
6833 
6834     s->halted = !cpu_is_bsp(cpu);
6835 
6836     if (kvm_enabled()) {
6837         kvm_arch_reset_vcpu(cpu);
6838     }
6839 
6840     x86_cpu_set_sgxlepubkeyhash(env);
6841 
6842     env->amd_tsc_scale_msr =  MSR_AMD64_TSC_RATIO_DEFAULT;
6843 
6844 #endif
6845 }
6846 
6847 void x86_cpu_after_reset(X86CPU *cpu)
6848 {
6849 #ifndef CONFIG_USER_ONLY
6850     if (kvm_enabled()) {
6851         kvm_arch_after_reset_vcpu(cpu);
6852     }
6853 
6854     if (cpu->apic_state) {
6855         device_cold_reset(cpu->apic_state);
6856     }
6857 #endif
6858 }
6859 
6860 static void mce_init(X86CPU *cpu)
6861 {
6862     CPUX86State *cenv = &cpu->env;
6863     unsigned int bank;
6864 
6865     if (((cenv->cpuid_version >> 8) & 0xf) >= 6
6866         && (cenv->features[FEAT_1_EDX] & (CPUID_MCE | CPUID_MCA)) ==
6867             (CPUID_MCE | CPUID_MCA)) {
6868         cenv->mcg_cap = MCE_CAP_DEF | MCE_BANKS_DEF |
6869                         (cpu->enable_lmce ? MCG_LMCE_P : 0);
6870         cenv->mcg_ctl = ~(uint64_t)0;
6871         for (bank = 0; bank < MCE_BANKS_DEF; bank++) {
6872             cenv->mce_banks[bank * 4] = ~(uint64_t)0;
6873         }
6874     }
6875 }
6876 
6877 static void x86_cpu_adjust_level(X86CPU *cpu, uint32_t *min, uint32_t value)
6878 {
6879     if (*min < value) {
6880         *min = value;
6881     }
6882 }
6883 
6884 /* Increase cpuid_min_{level,xlevel,xlevel2} automatically, if appropriate */
6885 static void x86_cpu_adjust_feat_level(X86CPU *cpu, FeatureWord w)
6886 {
6887     CPUX86State *env = &cpu->env;
6888     FeatureWordInfo *fi = &feature_word_info[w];
6889     uint32_t eax = fi->cpuid.eax;
6890     uint32_t region = eax & 0xF0000000;
6891 
6892     assert(feature_word_info[w].type == CPUID_FEATURE_WORD);
6893     if (!env->features[w]) {
6894         return;
6895     }
6896 
6897     switch (region) {
6898     case 0x00000000:
6899         x86_cpu_adjust_level(cpu, &env->cpuid_min_level, eax);
6900     break;
6901     case 0x80000000:
6902         x86_cpu_adjust_level(cpu, &env->cpuid_min_xlevel, eax);
6903     break;
6904     case 0xC0000000:
6905         x86_cpu_adjust_level(cpu, &env->cpuid_min_xlevel2, eax);
6906     break;
6907     }
6908 
6909     if (eax == 7) {
6910         x86_cpu_adjust_level(cpu, &env->cpuid_min_level_func7,
6911                              fi->cpuid.ecx);
6912     }
6913 }
6914 
6915 /* Calculate XSAVE components based on the configured CPU feature flags */
6916 static void x86_cpu_enable_xsave_components(X86CPU *cpu)
6917 {
6918     CPUX86State *env = &cpu->env;
6919     int i;
6920     uint64_t mask;
6921     static bool request_perm;
6922 
6923     if (!(env->features[FEAT_1_ECX] & CPUID_EXT_XSAVE)) {
6924         env->features[FEAT_XSAVE_XCR0_LO] = 0;
6925         env->features[FEAT_XSAVE_XCR0_HI] = 0;
6926         return;
6927     }
6928 
6929     mask = 0;
6930     for (i = 0; i < ARRAY_SIZE(x86_ext_save_areas); i++) {
6931         const ExtSaveArea *esa = &x86_ext_save_areas[i];
6932         if (env->features[esa->feature] & esa->bits) {
6933             mask |= (1ULL << i);
6934         }
6935     }
6936 
6937     /* Only request permission for first vcpu */
6938     if (kvm_enabled() && !request_perm) {
6939         kvm_request_xsave_components(cpu, mask);
6940         request_perm = true;
6941     }
6942 
6943     env->features[FEAT_XSAVE_XCR0_LO] = mask & CPUID_XSTATE_XCR0_MASK;
6944     env->features[FEAT_XSAVE_XCR0_HI] = mask >> 32;
6945     env->features[FEAT_XSAVE_XSS_LO] = mask & CPUID_XSTATE_XSS_MASK;
6946     env->features[FEAT_XSAVE_XSS_HI] = mask >> 32;
6947 }
6948 
6949 /***** Steps involved on loading and filtering CPUID data
6950  *
6951  * When initializing and realizing a CPU object, the steps
6952  * involved in setting up CPUID data are:
6953  *
6954  * 1) Loading CPU model definition (X86CPUDefinition). This is
6955  *    implemented by x86_cpu_load_model() and should be completely
6956  *    transparent, as it is done automatically by instance_init.
6957  *    No code should need to look at X86CPUDefinition structs
6958  *    outside instance_init.
6959  *
6960  * 2) CPU expansion. This is done by realize before CPUID
6961  *    filtering, and will make sure host/accelerator data is
6962  *    loaded for CPU models that depend on host capabilities
6963  *    (e.g. "host"). Done by x86_cpu_expand_features().
6964  *
6965  * 3) CPUID filtering. This initializes extra data related to
6966  *    CPUID, and checks if the host supports all capabilities
6967  *    required by the CPU. Runnability of a CPU model is
6968  *    determined at this step. Done by x86_cpu_filter_features().
6969  *
6970  * Some operations don't require all steps to be performed.
6971  * More precisely:
6972  *
6973  * - CPU instance creation (instance_init) will run only CPU
6974  *   model loading. CPU expansion can't run at instance_init-time
6975  *   because host/accelerator data may be not available yet.
6976  * - CPU realization will perform both CPU model expansion and CPUID
6977  *   filtering, and return an error in case one of them fails.
6978  * - query-cpu-definitions needs to run all 3 steps. It needs
6979  *   to run CPUID filtering, as the 'unavailable-features'
6980  *   field is set based on the filtering results.
6981  * - The query-cpu-model-expansion QMP command only needs to run
6982  *   CPU model loading and CPU expansion. It should not filter
6983  *   any CPUID data based on host capabilities.
6984  */
6985 
6986 /* Expand CPU configuration data, based on configured features
6987  * and host/accelerator capabilities when appropriate.
6988  */
6989 void x86_cpu_expand_features(X86CPU *cpu, Error **errp)
6990 {
6991     CPUX86State *env = &cpu->env;
6992     FeatureWord w;
6993     int i;
6994     GList *l;
6995 
6996     for (l = plus_features; l; l = l->next) {
6997         const char *prop = l->data;
6998         if (!object_property_set_bool(OBJECT(cpu), prop, true, errp)) {
6999             return;
7000         }
7001     }
7002 
7003     for (l = minus_features; l; l = l->next) {
7004         const char *prop = l->data;
7005         if (!object_property_set_bool(OBJECT(cpu), prop, false, errp)) {
7006             return;
7007         }
7008     }
7009 
7010     /*TODO: Now cpu->max_features doesn't overwrite features
7011      * set using QOM properties, and we can convert
7012      * plus_features & minus_features to global properties
7013      * inside x86_cpu_parse_featurestr() too.
7014      */
7015     if (cpu->max_features) {
7016         for (w = 0; w < FEATURE_WORDS; w++) {
7017             /* Override only features that weren't set explicitly
7018              * by the user.
7019              */
7020             env->features[w] |=
7021                 x86_cpu_get_supported_feature_word(w, cpu->migratable) &
7022                 ~env->user_features[w] &
7023                 ~feature_word_info[w].no_autoenable_flags;
7024         }
7025     }
7026 
7027     for (i = 0; i < ARRAY_SIZE(feature_dependencies); i++) {
7028         FeatureDep *d = &feature_dependencies[i];
7029         if (!(env->features[d->from.index] & d->from.mask)) {
7030             uint64_t unavailable_features = env->features[d->to.index] & d->to.mask;
7031 
7032             /* Not an error unless the dependent feature was added explicitly.  */
7033             mark_unavailable_features(cpu, d->to.index,
7034                                       unavailable_features & env->user_features[d->to.index],
7035                                       "This feature depends on other features that were not requested");
7036 
7037             env->features[d->to.index] &= ~unavailable_features;
7038         }
7039     }
7040 
7041     if (!kvm_enabled() || !cpu->expose_kvm) {
7042         env->features[FEAT_KVM] = 0;
7043     }
7044 
7045     x86_cpu_enable_xsave_components(cpu);
7046 
7047     /* CPUID[EAX=7,ECX=0].EBX always increased level automatically: */
7048     x86_cpu_adjust_feat_level(cpu, FEAT_7_0_EBX);
7049     if (cpu->full_cpuid_auto_level) {
7050         x86_cpu_adjust_feat_level(cpu, FEAT_1_EDX);
7051         x86_cpu_adjust_feat_level(cpu, FEAT_1_ECX);
7052         x86_cpu_adjust_feat_level(cpu, FEAT_6_EAX);
7053         x86_cpu_adjust_feat_level(cpu, FEAT_7_0_ECX);
7054         x86_cpu_adjust_feat_level(cpu, FEAT_7_1_EAX);
7055         x86_cpu_adjust_feat_level(cpu, FEAT_7_1_EDX);
7056         x86_cpu_adjust_feat_level(cpu, FEAT_7_2_EDX);
7057         x86_cpu_adjust_feat_level(cpu, FEAT_8000_0001_EDX);
7058         x86_cpu_adjust_feat_level(cpu, FEAT_8000_0001_ECX);
7059         x86_cpu_adjust_feat_level(cpu, FEAT_8000_0007_EDX);
7060         x86_cpu_adjust_feat_level(cpu, FEAT_8000_0008_EBX);
7061         x86_cpu_adjust_feat_level(cpu, FEAT_C000_0001_EDX);
7062         x86_cpu_adjust_feat_level(cpu, FEAT_SVM);
7063         x86_cpu_adjust_feat_level(cpu, FEAT_XSAVE);
7064 
7065         /* Intel Processor Trace requires CPUID[0x14] */
7066         if ((env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_INTEL_PT)) {
7067             if (cpu->intel_pt_auto_level) {
7068                 x86_cpu_adjust_level(cpu, &cpu->env.cpuid_min_level, 0x14);
7069             } else if (cpu->env.cpuid_min_level < 0x14) {
7070                 mark_unavailable_features(cpu, FEAT_7_0_EBX,
7071                     CPUID_7_0_EBX_INTEL_PT,
7072                     "Intel PT need CPUID leaf 0x14, please set by \"-cpu ...,intel-pt=on,min-level=0x14\"");
7073             }
7074         }
7075 
7076         /*
7077          * Intel CPU topology with multi-dies support requires CPUID[0x1F].
7078          * For AMD Rome/Milan, cpuid level is 0x10, and guest OS should detect
7079          * extended toplogy by leaf 0xB. Only adjust it for Intel CPU, unless
7080          * cpu->vendor_cpuid_only has been unset for compatibility with older
7081          * machine types.
7082          */
7083         if ((env->nr_dies > 1) &&
7084             (IS_INTEL_CPU(env) || !cpu->vendor_cpuid_only)) {
7085             x86_cpu_adjust_level(cpu, &env->cpuid_min_level, 0x1F);
7086         }
7087 
7088         /* SVM requires CPUID[0x8000000A] */
7089         if (env->features[FEAT_8000_0001_ECX] & CPUID_EXT3_SVM) {
7090             x86_cpu_adjust_level(cpu, &env->cpuid_min_xlevel, 0x8000000A);
7091         }
7092 
7093         /* SEV requires CPUID[0x8000001F] */
7094         if (sev_enabled()) {
7095             x86_cpu_adjust_level(cpu, &env->cpuid_min_xlevel, 0x8000001F);
7096         }
7097 
7098         if (env->features[FEAT_8000_0021_EAX]) {
7099             x86_cpu_adjust_level(cpu, &env->cpuid_min_xlevel, 0x80000021);
7100         }
7101 
7102         /* SGX requires CPUID[0x12] for EPC enumeration */
7103         if (env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_SGX) {
7104             x86_cpu_adjust_level(cpu, &env->cpuid_min_level, 0x12);
7105         }
7106     }
7107 
7108     /* Set cpuid_*level* based on cpuid_min_*level, if not explicitly set */
7109     if (env->cpuid_level_func7 == UINT32_MAX) {
7110         env->cpuid_level_func7 = env->cpuid_min_level_func7;
7111     }
7112     if (env->cpuid_level == UINT32_MAX) {
7113         env->cpuid_level = env->cpuid_min_level;
7114     }
7115     if (env->cpuid_xlevel == UINT32_MAX) {
7116         env->cpuid_xlevel = env->cpuid_min_xlevel;
7117     }
7118     if (env->cpuid_xlevel2 == UINT32_MAX) {
7119         env->cpuid_xlevel2 = env->cpuid_min_xlevel2;
7120     }
7121 
7122     if (kvm_enabled() && !kvm_hyperv_expand_features(cpu, errp)) {
7123         return;
7124     }
7125 }
7126 
7127 /*
7128  * Finishes initialization of CPUID data, filters CPU feature
7129  * words based on host availability of each feature.
7130  *
7131  * Returns: 0 if all flags are supported by the host, non-zero otherwise.
7132  */
7133 static void x86_cpu_filter_features(X86CPU *cpu, bool verbose)
7134 {
7135     CPUX86State *env = &cpu->env;
7136     FeatureWord w;
7137     const char *prefix = NULL;
7138 
7139     if (verbose) {
7140         prefix = accel_uses_host_cpuid()
7141                  ? "host doesn't support requested feature"
7142                  : "TCG doesn't support requested feature";
7143     }
7144 
7145     for (w = 0; w < FEATURE_WORDS; w++) {
7146         uint64_t host_feat =
7147             x86_cpu_get_supported_feature_word(w, false);
7148         uint64_t requested_features = env->features[w];
7149         uint64_t unavailable_features = requested_features & ~host_feat;
7150         mark_unavailable_features(cpu, w, unavailable_features, prefix);
7151     }
7152 
7153     if (env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_INTEL_PT) {
7154         uint32_t eax_0, ebx_0, ecx_0, edx_0_unused;
7155         uint32_t eax_1, ebx_1, ecx_1_unused, edx_1_unused;
7156 
7157         x86_cpu_get_supported_cpuid(0x14, 0,
7158                                     &eax_0, &ebx_0, &ecx_0, &edx_0_unused);
7159         x86_cpu_get_supported_cpuid(0x14, 1,
7160                                     &eax_1, &ebx_1, &ecx_1_unused, &edx_1_unused);
7161 
7162         if (!eax_0 ||
7163            ((ebx_0 & INTEL_PT_MINIMAL_EBX) != INTEL_PT_MINIMAL_EBX) ||
7164            ((ecx_0 & INTEL_PT_MINIMAL_ECX) != INTEL_PT_MINIMAL_ECX) ||
7165            ((eax_1 & INTEL_PT_MTC_BITMAP) != INTEL_PT_MTC_BITMAP) ||
7166            ((eax_1 & INTEL_PT_ADDR_RANGES_NUM_MASK) <
7167                                            INTEL_PT_ADDR_RANGES_NUM) ||
7168            ((ebx_1 & (INTEL_PT_PSB_BITMAP | INTEL_PT_CYCLE_BITMAP)) !=
7169                 (INTEL_PT_PSB_BITMAP | INTEL_PT_CYCLE_BITMAP)) ||
7170            ((ecx_0 & CPUID_14_0_ECX_LIP) !=
7171                 (env->features[FEAT_14_0_ECX] & CPUID_14_0_ECX_LIP))) {
7172             /*
7173              * Processor Trace capabilities aren't configurable, so if the
7174              * host can't emulate the capabilities we report on
7175              * cpu_x86_cpuid(), intel-pt can't be enabled on the current host.
7176              */
7177             mark_unavailable_features(cpu, FEAT_7_0_EBX, CPUID_7_0_EBX_INTEL_PT, prefix);
7178         }
7179     }
7180 }
7181 
7182 static void x86_cpu_hyperv_realize(X86CPU *cpu)
7183 {
7184     size_t len;
7185 
7186     /* Hyper-V vendor id */
7187     if (!cpu->hyperv_vendor) {
7188         object_property_set_str(OBJECT(cpu), "hv-vendor-id", "Microsoft Hv",
7189                                 &error_abort);
7190     }
7191     len = strlen(cpu->hyperv_vendor);
7192     if (len > 12) {
7193         warn_report("hv-vendor-id truncated to 12 characters");
7194         len = 12;
7195     }
7196     memset(cpu->hyperv_vendor_id, 0, 12);
7197     memcpy(cpu->hyperv_vendor_id, cpu->hyperv_vendor, len);
7198 
7199     /* 'Hv#1' interface identification*/
7200     cpu->hyperv_interface_id[0] = 0x31237648;
7201     cpu->hyperv_interface_id[1] = 0;
7202     cpu->hyperv_interface_id[2] = 0;
7203     cpu->hyperv_interface_id[3] = 0;
7204 
7205     /* Hypervisor implementation limits */
7206     cpu->hyperv_limits[0] = 64;
7207     cpu->hyperv_limits[1] = 0;
7208     cpu->hyperv_limits[2] = 0;
7209 }
7210 
7211 static void x86_cpu_realizefn(DeviceState *dev, Error **errp)
7212 {
7213     CPUState *cs = CPU(dev);
7214     X86CPU *cpu = X86_CPU(dev);
7215     X86CPUClass *xcc = X86_CPU_GET_CLASS(dev);
7216     CPUX86State *env = &cpu->env;
7217     Error *local_err = NULL;
7218     static bool ht_warned;
7219     unsigned requested_lbr_fmt;
7220 
7221     /* Use pc-relative instructions in system-mode */
7222 #ifndef CONFIG_USER_ONLY
7223     cs->tcg_cflags |= CF_PCREL;
7224 #endif
7225 
7226     if (cpu->apic_id == UNASSIGNED_APIC_ID) {
7227         error_setg(errp, "apic-id property was not initialized properly");
7228         return;
7229     }
7230 
7231     /*
7232      * Process Hyper-V enlightenments.
7233      * Note: this currently has to happen before the expansion of CPU features.
7234      */
7235     x86_cpu_hyperv_realize(cpu);
7236 
7237     x86_cpu_expand_features(cpu, &local_err);
7238     if (local_err) {
7239         goto out;
7240     }
7241 
7242     /*
7243      * Override env->features[FEAT_PERF_CAPABILITIES].LBR_FMT
7244      * with user-provided setting.
7245      */
7246     if (cpu->lbr_fmt != ~PERF_CAP_LBR_FMT) {
7247         if ((cpu->lbr_fmt & PERF_CAP_LBR_FMT) != cpu->lbr_fmt) {
7248             error_setg(errp, "invalid lbr-fmt");
7249             return;
7250         }
7251         env->features[FEAT_PERF_CAPABILITIES] &= ~PERF_CAP_LBR_FMT;
7252         env->features[FEAT_PERF_CAPABILITIES] |= cpu->lbr_fmt;
7253     }
7254 
7255     /*
7256      * vPMU LBR is supported when 1) KVM is enabled 2) Option pmu=on and
7257      * 3)vPMU LBR format matches that of host setting.
7258      */
7259     requested_lbr_fmt =
7260         env->features[FEAT_PERF_CAPABILITIES] & PERF_CAP_LBR_FMT;
7261     if (requested_lbr_fmt && kvm_enabled()) {
7262         uint64_t host_perf_cap =
7263             x86_cpu_get_supported_feature_word(FEAT_PERF_CAPABILITIES, false);
7264         unsigned host_lbr_fmt = host_perf_cap & PERF_CAP_LBR_FMT;
7265 
7266         if (!cpu->enable_pmu) {
7267             error_setg(errp, "vPMU: LBR is unsupported without pmu=on");
7268             return;
7269         }
7270         if (requested_lbr_fmt != host_lbr_fmt) {
7271             error_setg(errp, "vPMU: the lbr-fmt value (0x%x) does not match "
7272                         "the host value (0x%x).",
7273                         requested_lbr_fmt, host_lbr_fmt);
7274             return;
7275         }
7276     }
7277 
7278     x86_cpu_filter_features(cpu, cpu->check_cpuid || cpu->enforce_cpuid);
7279 
7280     if (cpu->enforce_cpuid && x86_cpu_have_filtered_features(cpu)) {
7281         error_setg(&local_err,
7282                    accel_uses_host_cpuid() ?
7283                        "Host doesn't support requested features" :
7284                        "TCG doesn't support requested features");
7285         goto out;
7286     }
7287 
7288     /* On AMD CPUs, some CPUID[8000_0001].EDX bits must match the bits on
7289      * CPUID[1].EDX.
7290      */
7291     if (IS_AMD_CPU(env)) {
7292         env->features[FEAT_8000_0001_EDX] &= ~CPUID_EXT2_AMD_ALIASES;
7293         env->features[FEAT_8000_0001_EDX] |= (env->features[FEAT_1_EDX]
7294            & CPUID_EXT2_AMD_ALIASES);
7295     }
7296 
7297     x86_cpu_set_sgxlepubkeyhash(env);
7298 
7299     /*
7300      * note: the call to the framework needs to happen after feature expansion,
7301      * but before the checks/modifications to ucode_rev, mwait, phys_bits.
7302      * These may be set by the accel-specific code,
7303      * and the results are subsequently checked / assumed in this function.
7304      */
7305     cpu_exec_realizefn(cs, &local_err);
7306     if (local_err != NULL) {
7307         error_propagate(errp, local_err);
7308         return;
7309     }
7310 
7311     if (xcc->host_cpuid_required && !accel_uses_host_cpuid()) {
7312         g_autofree char *name = x86_cpu_class_get_model_name(xcc);
7313         error_setg(&local_err, "CPU model '%s' requires KVM or HVF", name);
7314         goto out;
7315     }
7316 
7317     if (cpu->ucode_rev == 0) {
7318         /*
7319          * The default is the same as KVM's. Note that this check
7320          * needs to happen after the evenual setting of ucode_rev in
7321          * accel-specific code in cpu_exec_realizefn.
7322          */
7323         if (IS_AMD_CPU(env)) {
7324             cpu->ucode_rev = 0x01000065;
7325         } else {
7326             cpu->ucode_rev = 0x100000000ULL;
7327         }
7328     }
7329 
7330     /*
7331      * mwait extended info: needed for Core compatibility
7332      * We always wake on interrupt even if host does not have the capability.
7333      *
7334      * requires the accel-specific code in cpu_exec_realizefn to
7335      * have already acquired the CPUID data into cpu->mwait.
7336      */
7337     cpu->mwait.ecx |= CPUID_MWAIT_EMX | CPUID_MWAIT_IBE;
7338 
7339     /* For 64bit systems think about the number of physical bits to present.
7340      * ideally this should be the same as the host; anything other than matching
7341      * the host can cause incorrect guest behaviour.
7342      * QEMU used to pick the magic value of 40 bits that corresponds to
7343      * consumer AMD devices but nothing else.
7344      *
7345      * Note that this code assumes features expansion has already been done
7346      * (as it checks for CPUID_EXT2_LM), and also assumes that potential
7347      * phys_bits adjustments to match the host have been already done in
7348      * accel-specific code in cpu_exec_realizefn.
7349      */
7350     if (env->features[FEAT_8000_0001_EDX] & CPUID_EXT2_LM) {
7351         if (cpu->phys_bits &&
7352             (cpu->phys_bits > TARGET_PHYS_ADDR_SPACE_BITS ||
7353             cpu->phys_bits < 32)) {
7354             error_setg(errp, "phys-bits should be between 32 and %u "
7355                              " (but is %u)",
7356                              TARGET_PHYS_ADDR_SPACE_BITS, cpu->phys_bits);
7357             return;
7358         }
7359         /*
7360          * 0 means it was not explicitly set by the user (or by machine
7361          * compat_props or by the host code in host-cpu.c).
7362          * In this case, the default is the value used by TCG (40).
7363          */
7364         if (cpu->phys_bits == 0) {
7365             cpu->phys_bits = TCG_PHYS_ADDR_BITS;
7366         }
7367     } else {
7368         /* For 32 bit systems don't use the user set value, but keep
7369          * phys_bits consistent with what we tell the guest.
7370          */
7371         if (cpu->phys_bits != 0) {
7372             error_setg(errp, "phys-bits is not user-configurable in 32 bit");
7373             return;
7374         }
7375 
7376         if (env->features[FEAT_1_EDX] & CPUID_PSE36) {
7377             cpu->phys_bits = 36;
7378         } else {
7379             cpu->phys_bits = 32;
7380         }
7381     }
7382 
7383     /* Cache information initialization */
7384     if (!cpu->legacy_cache) {
7385         const CPUCaches *cache_info =
7386             x86_cpu_get_versioned_cache_info(cpu, xcc->model);
7387 
7388         if (!xcc->model || !cache_info) {
7389             g_autofree char *name = x86_cpu_class_get_model_name(xcc);
7390             error_setg(errp,
7391                        "CPU model '%s' doesn't support legacy-cache=off", name);
7392             return;
7393         }
7394         env->cache_info_cpuid2 = env->cache_info_cpuid4 = env->cache_info_amd =
7395             *cache_info;
7396     } else {
7397         /* Build legacy cache information */
7398         env->cache_info_cpuid2.l1d_cache = &legacy_l1d_cache;
7399         env->cache_info_cpuid2.l1i_cache = &legacy_l1i_cache;
7400         env->cache_info_cpuid2.l2_cache = &legacy_l2_cache_cpuid2;
7401         env->cache_info_cpuid2.l3_cache = &legacy_l3_cache;
7402 
7403         env->cache_info_cpuid4.l1d_cache = &legacy_l1d_cache;
7404         env->cache_info_cpuid4.l1i_cache = &legacy_l1i_cache;
7405         env->cache_info_cpuid4.l2_cache = &legacy_l2_cache;
7406         env->cache_info_cpuid4.l3_cache = &legacy_l3_cache;
7407 
7408         env->cache_info_amd.l1d_cache = &legacy_l1d_cache_amd;
7409         env->cache_info_amd.l1i_cache = &legacy_l1i_cache_amd;
7410         env->cache_info_amd.l2_cache = &legacy_l2_cache_amd;
7411         env->cache_info_amd.l3_cache = &legacy_l3_cache;
7412     }
7413 
7414 #ifndef CONFIG_USER_ONLY
7415     MachineState *ms = MACHINE(qdev_get_machine());
7416     qemu_register_reset(x86_cpu_machine_reset_cb, cpu);
7417 
7418     if (cpu->env.features[FEAT_1_EDX] & CPUID_APIC || ms->smp.cpus > 1) {
7419         x86_cpu_apic_create(cpu, &local_err);
7420         if (local_err != NULL) {
7421             goto out;
7422         }
7423     }
7424 #endif
7425 
7426     mce_init(cpu);
7427 
7428     qemu_init_vcpu(cs);
7429 
7430     /*
7431      * Most Intel and certain AMD CPUs support hyperthreading. Even though QEMU
7432      * fixes this issue by adjusting CPUID_0000_0001_EBX and CPUID_8000_0008_ECX
7433      * based on inputs (sockets,cores,threads), it is still better to give
7434      * users a warning.
7435      *
7436      * NOTE: the following code has to follow qemu_init_vcpu(). Otherwise
7437      * cs->nr_threads hasn't be populated yet and the checking is incorrect.
7438      */
7439     if (IS_AMD_CPU(env) &&
7440         !(env->features[FEAT_8000_0001_ECX] & CPUID_EXT3_TOPOEXT) &&
7441         cs->nr_threads > 1 && !ht_warned) {
7442             warn_report("This family of AMD CPU doesn't support "
7443                         "hyperthreading(%d)",
7444                         cs->nr_threads);
7445             error_printf("Please configure -smp options properly"
7446                          " or try enabling topoext feature.\n");
7447             ht_warned = true;
7448     }
7449 
7450 #ifndef CONFIG_USER_ONLY
7451     x86_cpu_apic_realize(cpu, &local_err);
7452     if (local_err != NULL) {
7453         goto out;
7454     }
7455 #endif /* !CONFIG_USER_ONLY */
7456     cpu_reset(cs);
7457 
7458     xcc->parent_realize(dev, &local_err);
7459 
7460 out:
7461     if (local_err != NULL) {
7462         error_propagate(errp, local_err);
7463         return;
7464     }
7465 }
7466 
7467 static void x86_cpu_unrealizefn(DeviceState *dev)
7468 {
7469     X86CPU *cpu = X86_CPU(dev);
7470     X86CPUClass *xcc = X86_CPU_GET_CLASS(dev);
7471 
7472 #ifndef CONFIG_USER_ONLY
7473     cpu_remove_sync(CPU(dev));
7474     qemu_unregister_reset(x86_cpu_machine_reset_cb, dev);
7475 #endif
7476 
7477     if (cpu->apic_state) {
7478         object_unparent(OBJECT(cpu->apic_state));
7479         cpu->apic_state = NULL;
7480     }
7481 
7482     xcc->parent_unrealize(dev);
7483 }
7484 
7485 typedef struct BitProperty {
7486     FeatureWord w;
7487     uint64_t mask;
7488 } BitProperty;
7489 
7490 static void x86_cpu_get_bit_prop(Object *obj, Visitor *v, const char *name,
7491                                  void *opaque, Error **errp)
7492 {
7493     X86CPU *cpu = X86_CPU(obj);
7494     BitProperty *fp = opaque;
7495     uint64_t f = cpu->env.features[fp->w];
7496     bool value = (f & fp->mask) == fp->mask;
7497     visit_type_bool(v, name, &value, errp);
7498 }
7499 
7500 static void x86_cpu_set_bit_prop(Object *obj, Visitor *v, const char *name,
7501                                  void *opaque, Error **errp)
7502 {
7503     DeviceState *dev = DEVICE(obj);
7504     X86CPU *cpu = X86_CPU(obj);
7505     BitProperty *fp = opaque;
7506     bool value;
7507 
7508     if (dev->realized) {
7509         qdev_prop_set_after_realize(dev, name, errp);
7510         return;
7511     }
7512 
7513     if (!visit_type_bool(v, name, &value, errp)) {
7514         return;
7515     }
7516 
7517     if (value) {
7518         cpu->env.features[fp->w] |= fp->mask;
7519     } else {
7520         cpu->env.features[fp->w] &= ~fp->mask;
7521     }
7522     cpu->env.user_features[fp->w] |= fp->mask;
7523 }
7524 
7525 /* Register a boolean property to get/set a single bit in a uint32_t field.
7526  *
7527  * The same property name can be registered multiple times to make it affect
7528  * multiple bits in the same FeatureWord. In that case, the getter will return
7529  * true only if all bits are set.
7530  */
7531 static void x86_cpu_register_bit_prop(X86CPUClass *xcc,
7532                                       const char *prop_name,
7533                                       FeatureWord w,
7534                                       int bitnr)
7535 {
7536     ObjectClass *oc = OBJECT_CLASS(xcc);
7537     BitProperty *fp;
7538     ObjectProperty *op;
7539     uint64_t mask = (1ULL << bitnr);
7540 
7541     op = object_class_property_find(oc, prop_name);
7542     if (op) {
7543         fp = op->opaque;
7544         assert(fp->w == w);
7545         fp->mask |= mask;
7546     } else {
7547         fp = g_new0(BitProperty, 1);
7548         fp->w = w;
7549         fp->mask = mask;
7550         object_class_property_add(oc, prop_name, "bool",
7551                                   x86_cpu_get_bit_prop,
7552                                   x86_cpu_set_bit_prop,
7553                                   NULL, fp);
7554     }
7555 }
7556 
7557 static void x86_cpu_register_feature_bit_props(X86CPUClass *xcc,
7558                                                FeatureWord w,
7559                                                int bitnr)
7560 {
7561     FeatureWordInfo *fi = &feature_word_info[w];
7562     const char *name = fi->feat_names[bitnr];
7563 
7564     if (!name) {
7565         return;
7566     }
7567 
7568     /* Property names should use "-" instead of "_".
7569      * Old names containing underscores are registered as aliases
7570      * using object_property_add_alias()
7571      */
7572     assert(!strchr(name, '_'));
7573     /* aliases don't use "|" delimiters anymore, they are registered
7574      * manually using object_property_add_alias() */
7575     assert(!strchr(name, '|'));
7576     x86_cpu_register_bit_prop(xcc, name, w, bitnr);
7577 }
7578 
7579 static void x86_cpu_post_initfn(Object *obj)
7580 {
7581     accel_cpu_instance_init(CPU(obj));
7582 }
7583 
7584 static void x86_cpu_initfn(Object *obj)
7585 {
7586     X86CPU *cpu = X86_CPU(obj);
7587     X86CPUClass *xcc = X86_CPU_GET_CLASS(obj);
7588     CPUX86State *env = &cpu->env;
7589 
7590     env->nr_dies = 1;
7591     cpu_set_cpustate_pointers(cpu);
7592 
7593     object_property_add(obj, "feature-words", "X86CPUFeatureWordInfo",
7594                         x86_cpu_get_feature_words,
7595                         NULL, NULL, (void *)env->features);
7596     object_property_add(obj, "filtered-features", "X86CPUFeatureWordInfo",
7597                         x86_cpu_get_feature_words,
7598                         NULL, NULL, (void *)cpu->filtered_features);
7599 
7600     object_property_add_alias(obj, "sse3", obj, "pni");
7601     object_property_add_alias(obj, "pclmuldq", obj, "pclmulqdq");
7602     object_property_add_alias(obj, "sse4-1", obj, "sse4.1");
7603     object_property_add_alias(obj, "sse4-2", obj, "sse4.2");
7604     object_property_add_alias(obj, "xd", obj, "nx");
7605     object_property_add_alias(obj, "ffxsr", obj, "fxsr-opt");
7606     object_property_add_alias(obj, "i64", obj, "lm");
7607 
7608     object_property_add_alias(obj, "ds_cpl", obj, "ds-cpl");
7609     object_property_add_alias(obj, "tsc_adjust", obj, "tsc-adjust");
7610     object_property_add_alias(obj, "fxsr_opt", obj, "fxsr-opt");
7611     object_property_add_alias(obj, "lahf_lm", obj, "lahf-lm");
7612     object_property_add_alias(obj, "cmp_legacy", obj, "cmp-legacy");
7613     object_property_add_alias(obj, "nodeid_msr", obj, "nodeid-msr");
7614     object_property_add_alias(obj, "perfctr_core", obj, "perfctr-core");
7615     object_property_add_alias(obj, "perfctr_nb", obj, "perfctr-nb");
7616     object_property_add_alias(obj, "kvm_nopiodelay", obj, "kvm-nopiodelay");
7617     object_property_add_alias(obj, "kvm_mmu", obj, "kvm-mmu");
7618     object_property_add_alias(obj, "kvm_asyncpf", obj, "kvm-asyncpf");
7619     object_property_add_alias(obj, "kvm_asyncpf_int", obj, "kvm-asyncpf-int");
7620     object_property_add_alias(obj, "kvm_steal_time", obj, "kvm-steal-time");
7621     object_property_add_alias(obj, "kvm_pv_eoi", obj, "kvm-pv-eoi");
7622     object_property_add_alias(obj, "kvm_pv_unhalt", obj, "kvm-pv-unhalt");
7623     object_property_add_alias(obj, "kvm_poll_control", obj, "kvm-poll-control");
7624     object_property_add_alias(obj, "svm_lock", obj, "svm-lock");
7625     object_property_add_alias(obj, "nrip_save", obj, "nrip-save");
7626     object_property_add_alias(obj, "tsc_scale", obj, "tsc-scale");
7627     object_property_add_alias(obj, "vmcb_clean", obj, "vmcb-clean");
7628     object_property_add_alias(obj, "pause_filter", obj, "pause-filter");
7629     object_property_add_alias(obj, "sse4_1", obj, "sse4.1");
7630     object_property_add_alias(obj, "sse4_2", obj, "sse4.2");
7631 
7632     object_property_add_alias(obj, "hv-apicv", obj, "hv-avic");
7633     cpu->lbr_fmt = ~PERF_CAP_LBR_FMT;
7634     object_property_add_alias(obj, "lbr_fmt", obj, "lbr-fmt");
7635 
7636     if (xcc->model) {
7637         x86_cpu_load_model(cpu, xcc->model);
7638     }
7639 }
7640 
7641 static int64_t x86_cpu_get_arch_id(CPUState *cs)
7642 {
7643     X86CPU *cpu = X86_CPU(cs);
7644 
7645     return cpu->apic_id;
7646 }
7647 
7648 #if !defined(CONFIG_USER_ONLY)
7649 static bool x86_cpu_get_paging_enabled(const CPUState *cs)
7650 {
7651     X86CPU *cpu = X86_CPU(cs);
7652 
7653     return cpu->env.cr[0] & CR0_PG_MASK;
7654 }
7655 #endif /* !CONFIG_USER_ONLY */
7656 
7657 static void x86_cpu_set_pc(CPUState *cs, vaddr value)
7658 {
7659     X86CPU *cpu = X86_CPU(cs);
7660 
7661     cpu->env.eip = value;
7662 }
7663 
7664 static vaddr x86_cpu_get_pc(CPUState *cs)
7665 {
7666     X86CPU *cpu = X86_CPU(cs);
7667 
7668     /* Match cpu_get_tb_cpu_state. */
7669     return cpu->env.eip + cpu->env.segs[R_CS].base;
7670 }
7671 
7672 int x86_cpu_pending_interrupt(CPUState *cs, int interrupt_request)
7673 {
7674     X86CPU *cpu = X86_CPU(cs);
7675     CPUX86State *env = &cpu->env;
7676 
7677 #if !defined(CONFIG_USER_ONLY)
7678     if (interrupt_request & CPU_INTERRUPT_POLL) {
7679         return CPU_INTERRUPT_POLL;
7680     }
7681 #endif
7682     if (interrupt_request & CPU_INTERRUPT_SIPI) {
7683         return CPU_INTERRUPT_SIPI;
7684     }
7685 
7686     if (env->hflags2 & HF2_GIF_MASK) {
7687         if ((interrupt_request & CPU_INTERRUPT_SMI) &&
7688             !(env->hflags & HF_SMM_MASK)) {
7689             return CPU_INTERRUPT_SMI;
7690         } else if ((interrupt_request & CPU_INTERRUPT_NMI) &&
7691                    !(env->hflags2 & HF2_NMI_MASK)) {
7692             return CPU_INTERRUPT_NMI;
7693         } else if (interrupt_request & CPU_INTERRUPT_MCE) {
7694             return CPU_INTERRUPT_MCE;
7695         } else if ((interrupt_request & CPU_INTERRUPT_HARD) &&
7696                    (((env->hflags2 & HF2_VINTR_MASK) &&
7697                      (env->hflags2 & HF2_HIF_MASK)) ||
7698                     (!(env->hflags2 & HF2_VINTR_MASK) &&
7699                      (env->eflags & IF_MASK &&
7700                       !(env->hflags & HF_INHIBIT_IRQ_MASK))))) {
7701             return CPU_INTERRUPT_HARD;
7702 #if !defined(CONFIG_USER_ONLY)
7703         } else if (env->hflags2 & HF2_VGIF_MASK) {
7704             if((interrupt_request & CPU_INTERRUPT_VIRQ) &&
7705                    (env->eflags & IF_MASK) &&
7706                    !(env->hflags & HF_INHIBIT_IRQ_MASK)) {
7707                         return CPU_INTERRUPT_VIRQ;
7708             }
7709 #endif
7710         }
7711     }
7712 
7713     return 0;
7714 }
7715 
7716 static bool x86_cpu_has_work(CPUState *cs)
7717 {
7718     return x86_cpu_pending_interrupt(cs, cs->interrupt_request) != 0;
7719 }
7720 
7721 static void x86_disas_set_info(CPUState *cs, disassemble_info *info)
7722 {
7723     X86CPU *cpu = X86_CPU(cs);
7724     CPUX86State *env = &cpu->env;
7725 
7726     info->mach = (env->hflags & HF_CS64_MASK ? bfd_mach_x86_64
7727                   : env->hflags & HF_CS32_MASK ? bfd_mach_i386_i386
7728                   : bfd_mach_i386_i8086);
7729 
7730     info->cap_arch = CS_ARCH_X86;
7731     info->cap_mode = (env->hflags & HF_CS64_MASK ? CS_MODE_64
7732                       : env->hflags & HF_CS32_MASK ? CS_MODE_32
7733                       : CS_MODE_16);
7734     info->cap_insn_unit = 1;
7735     info->cap_insn_split = 8;
7736 }
7737 
7738 void x86_update_hflags(CPUX86State *env)
7739 {
7740    uint32_t hflags;
7741 #define HFLAG_COPY_MASK \
7742     ~( HF_CPL_MASK | HF_PE_MASK | HF_MP_MASK | HF_EM_MASK | \
7743        HF_TS_MASK | HF_TF_MASK | HF_VM_MASK | HF_IOPL_MASK | \
7744        HF_OSFXSR_MASK | HF_LMA_MASK | HF_CS32_MASK | \
7745        HF_SS32_MASK | HF_CS64_MASK | HF_ADDSEG_MASK)
7746 
7747     hflags = env->hflags & HFLAG_COPY_MASK;
7748     hflags |= (env->segs[R_SS].flags >> DESC_DPL_SHIFT) & HF_CPL_MASK;
7749     hflags |= (env->cr[0] & CR0_PE_MASK) << (HF_PE_SHIFT - CR0_PE_SHIFT);
7750     hflags |= (env->cr[0] << (HF_MP_SHIFT - CR0_MP_SHIFT)) &
7751                 (HF_MP_MASK | HF_EM_MASK | HF_TS_MASK);
7752     hflags |= (env->eflags & (HF_TF_MASK | HF_VM_MASK | HF_IOPL_MASK));
7753 
7754     if (env->cr[4] & CR4_OSFXSR_MASK) {
7755         hflags |= HF_OSFXSR_MASK;
7756     }
7757 
7758     if (env->efer & MSR_EFER_LMA) {
7759         hflags |= HF_LMA_MASK;
7760     }
7761 
7762     if ((hflags & HF_LMA_MASK) && (env->segs[R_CS].flags & DESC_L_MASK)) {
7763         hflags |= HF_CS32_MASK | HF_SS32_MASK | HF_CS64_MASK;
7764     } else {
7765         hflags |= (env->segs[R_CS].flags & DESC_B_MASK) >>
7766                     (DESC_B_SHIFT - HF_CS32_SHIFT);
7767         hflags |= (env->segs[R_SS].flags & DESC_B_MASK) >>
7768                     (DESC_B_SHIFT - HF_SS32_SHIFT);
7769         if (!(env->cr[0] & CR0_PE_MASK) || (env->eflags & VM_MASK) ||
7770             !(hflags & HF_CS32_MASK)) {
7771             hflags |= HF_ADDSEG_MASK;
7772         } else {
7773             hflags |= ((env->segs[R_DS].base | env->segs[R_ES].base |
7774                         env->segs[R_SS].base) != 0) << HF_ADDSEG_SHIFT;
7775         }
7776     }
7777     env->hflags = hflags;
7778 }
7779 
7780 static Property x86_cpu_properties[] = {
7781 #ifdef CONFIG_USER_ONLY
7782     /* apic_id = 0 by default for *-user, see commit 9886e834 */
7783     DEFINE_PROP_UINT32("apic-id", X86CPU, apic_id, 0),
7784     DEFINE_PROP_INT32("thread-id", X86CPU, thread_id, 0),
7785     DEFINE_PROP_INT32("core-id", X86CPU, core_id, 0),
7786     DEFINE_PROP_INT32("die-id", X86CPU, die_id, 0),
7787     DEFINE_PROP_INT32("socket-id", X86CPU, socket_id, 0),
7788 #else
7789     DEFINE_PROP_UINT32("apic-id", X86CPU, apic_id, UNASSIGNED_APIC_ID),
7790     DEFINE_PROP_INT32("thread-id", X86CPU, thread_id, -1),
7791     DEFINE_PROP_INT32("core-id", X86CPU, core_id, -1),
7792     DEFINE_PROP_INT32("die-id", X86CPU, die_id, -1),
7793     DEFINE_PROP_INT32("socket-id", X86CPU, socket_id, -1),
7794 #endif
7795     DEFINE_PROP_INT32("node-id", X86CPU, node_id, CPU_UNSET_NUMA_NODE_ID),
7796     DEFINE_PROP_BOOL("pmu", X86CPU, enable_pmu, false),
7797     DEFINE_PROP_UINT64_CHECKMASK("lbr-fmt", X86CPU, lbr_fmt, PERF_CAP_LBR_FMT),
7798 
7799     DEFINE_PROP_UINT32("hv-spinlocks", X86CPU, hyperv_spinlock_attempts,
7800                        HYPERV_SPINLOCK_NEVER_NOTIFY),
7801     DEFINE_PROP_BIT64("hv-relaxed", X86CPU, hyperv_features,
7802                       HYPERV_FEAT_RELAXED, 0),
7803     DEFINE_PROP_BIT64("hv-vapic", X86CPU, hyperv_features,
7804                       HYPERV_FEAT_VAPIC, 0),
7805     DEFINE_PROP_BIT64("hv-time", X86CPU, hyperv_features,
7806                       HYPERV_FEAT_TIME, 0),
7807     DEFINE_PROP_BIT64("hv-crash", X86CPU, hyperv_features,
7808                       HYPERV_FEAT_CRASH, 0),
7809     DEFINE_PROP_BIT64("hv-reset", X86CPU, hyperv_features,
7810                       HYPERV_FEAT_RESET, 0),
7811     DEFINE_PROP_BIT64("hv-vpindex", X86CPU, hyperv_features,
7812                       HYPERV_FEAT_VPINDEX, 0),
7813     DEFINE_PROP_BIT64("hv-runtime", X86CPU, hyperv_features,
7814                       HYPERV_FEAT_RUNTIME, 0),
7815     DEFINE_PROP_BIT64("hv-synic", X86CPU, hyperv_features,
7816                       HYPERV_FEAT_SYNIC, 0),
7817     DEFINE_PROP_BIT64("hv-stimer", X86CPU, hyperv_features,
7818                       HYPERV_FEAT_STIMER, 0),
7819     DEFINE_PROP_BIT64("hv-frequencies", X86CPU, hyperv_features,
7820                       HYPERV_FEAT_FREQUENCIES, 0),
7821     DEFINE_PROP_BIT64("hv-reenlightenment", X86CPU, hyperv_features,
7822                       HYPERV_FEAT_REENLIGHTENMENT, 0),
7823     DEFINE_PROP_BIT64("hv-tlbflush", X86CPU, hyperv_features,
7824                       HYPERV_FEAT_TLBFLUSH, 0),
7825     DEFINE_PROP_BIT64("hv-evmcs", X86CPU, hyperv_features,
7826                       HYPERV_FEAT_EVMCS, 0),
7827     DEFINE_PROP_BIT64("hv-ipi", X86CPU, hyperv_features,
7828                       HYPERV_FEAT_IPI, 0),
7829     DEFINE_PROP_BIT64("hv-stimer-direct", X86CPU, hyperv_features,
7830                       HYPERV_FEAT_STIMER_DIRECT, 0),
7831     DEFINE_PROP_BIT64("hv-avic", X86CPU, hyperv_features,
7832                       HYPERV_FEAT_AVIC, 0),
7833     DEFINE_PROP_BIT64("hv-emsr-bitmap", X86CPU, hyperv_features,
7834                       HYPERV_FEAT_MSR_BITMAP, 0),
7835     DEFINE_PROP_BIT64("hv-xmm-input", X86CPU, hyperv_features,
7836                       HYPERV_FEAT_XMM_INPUT, 0),
7837     DEFINE_PROP_BIT64("hv-tlbflush-ext", X86CPU, hyperv_features,
7838                       HYPERV_FEAT_TLBFLUSH_EXT, 0),
7839     DEFINE_PROP_BIT64("hv-tlbflush-direct", X86CPU, hyperv_features,
7840                       HYPERV_FEAT_TLBFLUSH_DIRECT, 0),
7841     DEFINE_PROP_ON_OFF_AUTO("hv-no-nonarch-coresharing", X86CPU,
7842                             hyperv_no_nonarch_cs, ON_OFF_AUTO_OFF),
7843     DEFINE_PROP_BIT64("hv-syndbg", X86CPU, hyperv_features,
7844                       HYPERV_FEAT_SYNDBG, 0),
7845     DEFINE_PROP_BOOL("hv-passthrough", X86CPU, hyperv_passthrough, false),
7846     DEFINE_PROP_BOOL("hv-enforce-cpuid", X86CPU, hyperv_enforce_cpuid, false),
7847 
7848     /* WS2008R2 identify by default */
7849     DEFINE_PROP_UINT32("hv-version-id-build", X86CPU, hyperv_ver_id_build,
7850                        0x3839),
7851     DEFINE_PROP_UINT16("hv-version-id-major", X86CPU, hyperv_ver_id_major,
7852                        0x000A),
7853     DEFINE_PROP_UINT16("hv-version-id-minor", X86CPU, hyperv_ver_id_minor,
7854                        0x0000),
7855     DEFINE_PROP_UINT32("hv-version-id-spack", X86CPU, hyperv_ver_id_sp, 0),
7856     DEFINE_PROP_UINT8("hv-version-id-sbranch", X86CPU, hyperv_ver_id_sb, 0),
7857     DEFINE_PROP_UINT32("hv-version-id-snumber", X86CPU, hyperv_ver_id_sn, 0),
7858 
7859     DEFINE_PROP_BOOL("check", X86CPU, check_cpuid, true),
7860     DEFINE_PROP_BOOL("enforce", X86CPU, enforce_cpuid, false),
7861     DEFINE_PROP_BOOL("x-force-features", X86CPU, force_features, false),
7862     DEFINE_PROP_BOOL("kvm", X86CPU, expose_kvm, true),
7863     DEFINE_PROP_UINT32("phys-bits", X86CPU, phys_bits, 0),
7864     DEFINE_PROP_BOOL("host-phys-bits", X86CPU, host_phys_bits, false),
7865     DEFINE_PROP_UINT8("host-phys-bits-limit", X86CPU, host_phys_bits_limit, 0),
7866     DEFINE_PROP_BOOL("fill-mtrr-mask", X86CPU, fill_mtrr_mask, true),
7867     DEFINE_PROP_UINT32("level-func7", X86CPU, env.cpuid_level_func7,
7868                        UINT32_MAX),
7869     DEFINE_PROP_UINT32("level", X86CPU, env.cpuid_level, UINT32_MAX),
7870     DEFINE_PROP_UINT32("xlevel", X86CPU, env.cpuid_xlevel, UINT32_MAX),
7871     DEFINE_PROP_UINT32("xlevel2", X86CPU, env.cpuid_xlevel2, UINT32_MAX),
7872     DEFINE_PROP_UINT32("min-level", X86CPU, env.cpuid_min_level, 0),
7873     DEFINE_PROP_UINT32("min-xlevel", X86CPU, env.cpuid_min_xlevel, 0),
7874     DEFINE_PROP_UINT32("min-xlevel2", X86CPU, env.cpuid_min_xlevel2, 0),
7875     DEFINE_PROP_UINT64("ucode-rev", X86CPU, ucode_rev, 0),
7876     DEFINE_PROP_BOOL("full-cpuid-auto-level", X86CPU, full_cpuid_auto_level, true),
7877     DEFINE_PROP_STRING("hv-vendor-id", X86CPU, hyperv_vendor),
7878     DEFINE_PROP_BOOL("cpuid-0xb", X86CPU, enable_cpuid_0xb, true),
7879     DEFINE_PROP_BOOL("x-vendor-cpuid-only", X86CPU, vendor_cpuid_only, true),
7880     DEFINE_PROP_BOOL("lmce", X86CPU, enable_lmce, false),
7881     DEFINE_PROP_BOOL("l3-cache", X86CPU, enable_l3_cache, true),
7882     DEFINE_PROP_BOOL("kvm-no-smi-migration", X86CPU, kvm_no_smi_migration,
7883                      false),
7884     DEFINE_PROP_BOOL("kvm-pv-enforce-cpuid", X86CPU, kvm_pv_enforce_cpuid,
7885                      false),
7886     DEFINE_PROP_BOOL("vmware-cpuid-freq", X86CPU, vmware_cpuid_freq, true),
7887     DEFINE_PROP_BOOL("tcg-cpuid", X86CPU, expose_tcg, true),
7888     DEFINE_PROP_BOOL("x-migrate-smi-count", X86CPU, migrate_smi_count,
7889                      true),
7890     /*
7891      * lecacy_cache defaults to true unless the CPU model provides its
7892      * own cache information (see x86_cpu_load_def()).
7893      */
7894     DEFINE_PROP_BOOL("legacy-cache", X86CPU, legacy_cache, true),
7895     DEFINE_PROP_BOOL("xen-vapic", X86CPU, xen_vapic, false),
7896 
7897     /*
7898      * From "Requirements for Implementing the Microsoft
7899      * Hypervisor Interface":
7900      * https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/reference/tlfs
7901      *
7902      * "Starting with Windows Server 2012 and Windows 8, if
7903      * CPUID.40000005.EAX contains a value of -1, Windows assumes that
7904      * the hypervisor imposes no specific limit to the number of VPs.
7905      * In this case, Windows Server 2012 guest VMs may use more than
7906      * 64 VPs, up to the maximum supported number of processors applicable
7907      * to the specific Windows version being used."
7908      */
7909     DEFINE_PROP_INT32("x-hv-max-vps", X86CPU, hv_max_vps, -1),
7910     DEFINE_PROP_BOOL("x-hv-synic-kvm-only", X86CPU, hyperv_synic_kvm_only,
7911                      false),
7912     DEFINE_PROP_BOOL("x-intel-pt-auto-level", X86CPU, intel_pt_auto_level,
7913                      true),
7914     DEFINE_PROP_END_OF_LIST()
7915 };
7916 
7917 #ifndef CONFIG_USER_ONLY
7918 #include "hw/core/sysemu-cpu-ops.h"
7919 
7920 static const struct SysemuCPUOps i386_sysemu_ops = {
7921     .get_memory_mapping = x86_cpu_get_memory_mapping,
7922     .get_paging_enabled = x86_cpu_get_paging_enabled,
7923     .get_phys_page_attrs_debug = x86_cpu_get_phys_page_attrs_debug,
7924     .asidx_from_attrs = x86_asidx_from_attrs,
7925     .get_crash_info = x86_cpu_get_crash_info,
7926     .write_elf32_note = x86_cpu_write_elf32_note,
7927     .write_elf64_note = x86_cpu_write_elf64_note,
7928     .write_elf32_qemunote = x86_cpu_write_elf32_qemunote,
7929     .write_elf64_qemunote = x86_cpu_write_elf64_qemunote,
7930     .legacy_vmsd = &vmstate_x86_cpu,
7931 };
7932 #endif
7933 
7934 static void x86_cpu_common_class_init(ObjectClass *oc, void *data)
7935 {
7936     X86CPUClass *xcc = X86_CPU_CLASS(oc);
7937     CPUClass *cc = CPU_CLASS(oc);
7938     DeviceClass *dc = DEVICE_CLASS(oc);
7939     ResettableClass *rc = RESETTABLE_CLASS(oc);
7940     FeatureWord w;
7941 
7942     device_class_set_parent_realize(dc, x86_cpu_realizefn,
7943                                     &xcc->parent_realize);
7944     device_class_set_parent_unrealize(dc, x86_cpu_unrealizefn,
7945                                       &xcc->parent_unrealize);
7946     device_class_set_props(dc, x86_cpu_properties);
7947 
7948     resettable_class_set_parent_phases(rc, NULL, x86_cpu_reset_hold, NULL,
7949                                        &xcc->parent_phases);
7950     cc->reset_dump_flags = CPU_DUMP_FPU | CPU_DUMP_CCOP;
7951 
7952     cc->class_by_name = x86_cpu_class_by_name;
7953     cc->parse_features = x86_cpu_parse_featurestr;
7954     cc->has_work = x86_cpu_has_work;
7955     cc->dump_state = x86_cpu_dump_state;
7956     cc->set_pc = x86_cpu_set_pc;
7957     cc->get_pc = x86_cpu_get_pc;
7958     cc->gdb_read_register = x86_cpu_gdb_read_register;
7959     cc->gdb_write_register = x86_cpu_gdb_write_register;
7960     cc->get_arch_id = x86_cpu_get_arch_id;
7961 
7962 #ifndef CONFIG_USER_ONLY
7963     cc->sysemu_ops = &i386_sysemu_ops;
7964 #endif /* !CONFIG_USER_ONLY */
7965 
7966     cc->gdb_arch_name = x86_gdb_arch_name;
7967 #ifdef TARGET_X86_64
7968     cc->gdb_core_xml_file = "i386-64bit.xml";
7969     cc->gdb_num_core_regs = 66;
7970 #else
7971     cc->gdb_core_xml_file = "i386-32bit.xml";
7972     cc->gdb_num_core_regs = 50;
7973 #endif
7974     cc->disas_set_info = x86_disas_set_info;
7975 
7976     dc->user_creatable = true;
7977 
7978     object_class_property_add(oc, "family", "int",
7979                               x86_cpuid_version_get_family,
7980                               x86_cpuid_version_set_family, NULL, NULL);
7981     object_class_property_add(oc, "model", "int",
7982                               x86_cpuid_version_get_model,
7983                               x86_cpuid_version_set_model, NULL, NULL);
7984     object_class_property_add(oc, "stepping", "int",
7985                               x86_cpuid_version_get_stepping,
7986                               x86_cpuid_version_set_stepping, NULL, NULL);
7987     object_class_property_add_str(oc, "vendor",
7988                                   x86_cpuid_get_vendor,
7989                                   x86_cpuid_set_vendor);
7990     object_class_property_add_str(oc, "model-id",
7991                                   x86_cpuid_get_model_id,
7992                                   x86_cpuid_set_model_id);
7993     object_class_property_add(oc, "tsc-frequency", "int",
7994                               x86_cpuid_get_tsc_freq,
7995                               x86_cpuid_set_tsc_freq, NULL, NULL);
7996     /*
7997      * The "unavailable-features" property has the same semantics as
7998      * CpuDefinitionInfo.unavailable-features on the "query-cpu-definitions"
7999      * QMP command: they list the features that would have prevented the
8000      * CPU from running if the "enforce" flag was set.
8001      */
8002     object_class_property_add(oc, "unavailable-features", "strList",
8003                               x86_cpu_get_unavailable_features,
8004                               NULL, NULL, NULL);
8005 
8006 #if !defined(CONFIG_USER_ONLY)
8007     object_class_property_add(oc, "crash-information", "GuestPanicInformation",
8008                               x86_cpu_get_crash_info_qom, NULL, NULL, NULL);
8009 #endif
8010 
8011     for (w = 0; w < FEATURE_WORDS; w++) {
8012         int bitnr;
8013         for (bitnr = 0; bitnr < 64; bitnr++) {
8014             x86_cpu_register_feature_bit_props(xcc, w, bitnr);
8015         }
8016     }
8017 }
8018 
8019 static const TypeInfo x86_cpu_type_info = {
8020     .name = TYPE_X86_CPU,
8021     .parent = TYPE_CPU,
8022     .instance_size = sizeof(X86CPU),
8023     .instance_init = x86_cpu_initfn,
8024     .instance_post_init = x86_cpu_post_initfn,
8025 
8026     .abstract = true,
8027     .class_size = sizeof(X86CPUClass),
8028     .class_init = x86_cpu_common_class_init,
8029 };
8030 
8031 /* "base" CPU model, used by query-cpu-model-expansion */
8032 static void x86_cpu_base_class_init(ObjectClass *oc, void *data)
8033 {
8034     X86CPUClass *xcc = X86_CPU_CLASS(oc);
8035 
8036     xcc->static_model = true;
8037     xcc->migration_safe = true;
8038     xcc->model_description = "base CPU model type with no features enabled";
8039     xcc->ordering = 8;
8040 }
8041 
8042 static const TypeInfo x86_base_cpu_type_info = {
8043         .name = X86_CPU_TYPE_NAME("base"),
8044         .parent = TYPE_X86_CPU,
8045         .class_init = x86_cpu_base_class_init,
8046 };
8047 
8048 static void x86_cpu_register_types(void)
8049 {
8050     int i;
8051 
8052     type_register_static(&x86_cpu_type_info);
8053     for (i = 0; i < ARRAY_SIZE(builtin_x86_defs); i++) {
8054         x86_register_cpudef_types(&builtin_x86_defs[i]);
8055     }
8056     type_register_static(&max_x86_cpu_type_info);
8057     type_register_static(&x86_base_cpu_type_info);
8058 }
8059 
8060 type_init(x86_cpu_register_types)
8061