xref: /openbmc/qemu/target/i386/cpu.c (revision e01cecab)
1 /*
2  *  i386 CPUID helper functions
3  *
4  *  Copyright (c) 2003 Fabrice Bellard
5  *
6  * This library is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Lesser General Public
8  * License as published by the Free Software Foundation; either
9  * version 2 of the License, or (at your option) any later version.
10  *
11  * This library is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
14  * Lesser General Public License for more details.
15  *
16  * You should have received a copy of the GNU Lesser General Public
17  * License along with this library; if not, see <http://www.gnu.org/licenses/>.
18  */
19 #include "qemu/osdep.h"
20 #include "qemu/cutils.h"
21 
22 #include "cpu.h"
23 #include "exec/exec-all.h"
24 #include "sysemu/kvm.h"
25 #include "sysemu/cpus.h"
26 #include "kvm_i386.h"
27 
28 #include "qemu/error-report.h"
29 #include "qemu/option.h"
30 #include "qemu/config-file.h"
31 #include "qapi/qmp/qerror.h"
32 #include "qapi/qmp/types.h"
33 
34 #include "qapi-types.h"
35 #include "qapi-visit.h"
36 #include "qapi/visitor.h"
37 #include "qom/qom-qobject.h"
38 #include "sysemu/arch_init.h"
39 
40 #if defined(CONFIG_KVM)
41 #include <linux/kvm_para.h>
42 #endif
43 
44 #include "sysemu/sysemu.h"
45 #include "hw/qdev-properties.h"
46 #include "hw/i386/topology.h"
47 #ifndef CONFIG_USER_ONLY
48 #include "exec/address-spaces.h"
49 #include "hw/hw.h"
50 #include "hw/xen/xen.h"
51 #include "hw/i386/apic_internal.h"
52 #endif
53 
54 #include "disas/capstone.h"
55 
56 
57 /* Cache topology CPUID constants: */
58 
59 /* CPUID Leaf 2 Descriptors */
60 
61 #define CPUID_2_L1D_32KB_8WAY_64B 0x2c
62 #define CPUID_2_L1I_32KB_8WAY_64B 0x30
63 #define CPUID_2_L2_2MB_8WAY_64B   0x7d
64 #define CPUID_2_L3_16MB_16WAY_64B 0x4d
65 
66 
67 /* CPUID Leaf 4 constants: */
68 
69 /* EAX: */
70 #define CPUID_4_TYPE_DCACHE  1
71 #define CPUID_4_TYPE_ICACHE  2
72 #define CPUID_4_TYPE_UNIFIED 3
73 
74 #define CPUID_4_LEVEL(l)          ((l) << 5)
75 
76 #define CPUID_4_SELF_INIT_LEVEL (1 << 8)
77 #define CPUID_4_FULLY_ASSOC     (1 << 9)
78 
79 /* EDX: */
80 #define CPUID_4_NO_INVD_SHARING (1 << 0)
81 #define CPUID_4_INCLUSIVE       (1 << 1)
82 #define CPUID_4_COMPLEX_IDX     (1 << 2)
83 
84 #define ASSOC_FULL 0xFF
85 
86 /* AMD associativity encoding used on CPUID Leaf 0x80000006: */
87 #define AMD_ENC_ASSOC(a) (a <=   1 ? a   : \
88                           a ==   2 ? 0x2 : \
89                           a ==   4 ? 0x4 : \
90                           a ==   8 ? 0x6 : \
91                           a ==  16 ? 0x8 : \
92                           a ==  32 ? 0xA : \
93                           a ==  48 ? 0xB : \
94                           a ==  64 ? 0xC : \
95                           a ==  96 ? 0xD : \
96                           a == 128 ? 0xE : \
97                           a == ASSOC_FULL ? 0xF : \
98                           0 /* invalid value */)
99 
100 
101 /* Definitions of the hardcoded cache entries we expose: */
102 
103 /* L1 data cache: */
104 #define L1D_LINE_SIZE         64
105 #define L1D_ASSOCIATIVITY      8
106 #define L1D_SETS              64
107 #define L1D_PARTITIONS         1
108 /* Size = LINE_SIZE*ASSOCIATIVITY*SETS*PARTITIONS = 32KiB */
109 #define L1D_DESCRIPTOR CPUID_2_L1D_32KB_8WAY_64B
110 /*FIXME: CPUID leaf 0x80000005 is inconsistent with leaves 2 & 4 */
111 #define L1D_LINES_PER_TAG      1
112 #define L1D_SIZE_KB_AMD       64
113 #define L1D_ASSOCIATIVITY_AMD  2
114 
115 /* L1 instruction cache: */
116 #define L1I_LINE_SIZE         64
117 #define L1I_ASSOCIATIVITY      8
118 #define L1I_SETS              64
119 #define L1I_PARTITIONS         1
120 /* Size = LINE_SIZE*ASSOCIATIVITY*SETS*PARTITIONS = 32KiB */
121 #define L1I_DESCRIPTOR CPUID_2_L1I_32KB_8WAY_64B
122 /*FIXME: CPUID leaf 0x80000005 is inconsistent with leaves 2 & 4 */
123 #define L1I_LINES_PER_TAG      1
124 #define L1I_SIZE_KB_AMD       64
125 #define L1I_ASSOCIATIVITY_AMD  2
126 
127 /* Level 2 unified cache: */
128 #define L2_LINE_SIZE          64
129 #define L2_ASSOCIATIVITY      16
130 #define L2_SETS             4096
131 #define L2_PARTITIONS          1
132 /* Size = LINE_SIZE*ASSOCIATIVITY*SETS*PARTITIONS = 4MiB */
133 /*FIXME: CPUID leaf 2 descriptor is inconsistent with CPUID leaf 4 */
134 #define L2_DESCRIPTOR CPUID_2_L2_2MB_8WAY_64B
135 /*FIXME: CPUID leaf 0x80000006 is inconsistent with leaves 2 & 4 */
136 #define L2_LINES_PER_TAG       1
137 #define L2_SIZE_KB_AMD       512
138 
139 /* Level 3 unified cache: */
140 #define L3_SIZE_KB             0 /* disabled */
141 #define L3_ASSOCIATIVITY       0 /* disabled */
142 #define L3_LINES_PER_TAG       0 /* disabled */
143 #define L3_LINE_SIZE           0 /* disabled */
144 #define L3_N_LINE_SIZE         64
145 #define L3_N_ASSOCIATIVITY     16
146 #define L3_N_SETS           16384
147 #define L3_N_PARTITIONS         1
148 #define L3_N_DESCRIPTOR CPUID_2_L3_16MB_16WAY_64B
149 #define L3_N_LINES_PER_TAG      1
150 #define L3_N_SIZE_KB_AMD    16384
151 
152 /* TLB definitions: */
153 
154 #define L1_DTLB_2M_ASSOC       1
155 #define L1_DTLB_2M_ENTRIES   255
156 #define L1_DTLB_4K_ASSOC       1
157 #define L1_DTLB_4K_ENTRIES   255
158 
159 #define L1_ITLB_2M_ASSOC       1
160 #define L1_ITLB_2M_ENTRIES   255
161 #define L1_ITLB_4K_ASSOC       1
162 #define L1_ITLB_4K_ENTRIES   255
163 
164 #define L2_DTLB_2M_ASSOC       0 /* disabled */
165 #define L2_DTLB_2M_ENTRIES     0 /* disabled */
166 #define L2_DTLB_4K_ASSOC       4
167 #define L2_DTLB_4K_ENTRIES   512
168 
169 #define L2_ITLB_2M_ASSOC       0 /* disabled */
170 #define L2_ITLB_2M_ENTRIES     0 /* disabled */
171 #define L2_ITLB_4K_ASSOC       4
172 #define L2_ITLB_4K_ENTRIES   512
173 
174 
175 
176 static void x86_cpu_vendor_words2str(char *dst, uint32_t vendor1,
177                                      uint32_t vendor2, uint32_t vendor3)
178 {
179     int i;
180     for (i = 0; i < 4; i++) {
181         dst[i] = vendor1 >> (8 * i);
182         dst[i + 4] = vendor2 >> (8 * i);
183         dst[i + 8] = vendor3 >> (8 * i);
184     }
185     dst[CPUID_VENDOR_SZ] = '\0';
186 }
187 
188 #define I486_FEATURES (CPUID_FP87 | CPUID_VME | CPUID_PSE)
189 #define PENTIUM_FEATURES (I486_FEATURES | CPUID_DE | CPUID_TSC | \
190           CPUID_MSR | CPUID_MCE | CPUID_CX8 | CPUID_MMX | CPUID_APIC)
191 #define PENTIUM2_FEATURES (PENTIUM_FEATURES | CPUID_PAE | CPUID_SEP | \
192           CPUID_MTRR | CPUID_PGE | CPUID_MCA | CPUID_CMOV | CPUID_PAT | \
193           CPUID_PSE36 | CPUID_FXSR)
194 #define PENTIUM3_FEATURES (PENTIUM2_FEATURES | CPUID_SSE)
195 #define PPRO_FEATURES (CPUID_FP87 | CPUID_DE | CPUID_PSE | CPUID_TSC | \
196           CPUID_MSR | CPUID_MCE | CPUID_CX8 | CPUID_PGE | CPUID_CMOV | \
197           CPUID_PAT | CPUID_FXSR | CPUID_MMX | CPUID_SSE | CPUID_SSE2 | \
198           CPUID_PAE | CPUID_SEP | CPUID_APIC)
199 
200 #define TCG_FEATURES (CPUID_FP87 | CPUID_PSE | CPUID_TSC | CPUID_MSR | \
201           CPUID_PAE | CPUID_MCE | CPUID_CX8 | CPUID_APIC | CPUID_SEP | \
202           CPUID_MTRR | CPUID_PGE | CPUID_MCA | CPUID_CMOV | CPUID_PAT | \
203           CPUID_PSE36 | CPUID_CLFLUSH | CPUID_ACPI | CPUID_MMX | \
204           CPUID_FXSR | CPUID_SSE | CPUID_SSE2 | CPUID_SS | CPUID_DE)
205           /* partly implemented:
206           CPUID_MTRR, CPUID_MCA, CPUID_CLFLUSH (needed for Win64) */
207           /* missing:
208           CPUID_VME, CPUID_DTS, CPUID_SS, CPUID_HT, CPUID_TM, CPUID_PBE */
209 #define TCG_EXT_FEATURES (CPUID_EXT_SSE3 | CPUID_EXT_PCLMULQDQ | \
210           CPUID_EXT_MONITOR | CPUID_EXT_SSSE3 | CPUID_EXT_CX16 | \
211           CPUID_EXT_SSE41 | CPUID_EXT_SSE42 | CPUID_EXT_POPCNT | \
212           CPUID_EXT_XSAVE | /* CPUID_EXT_OSXSAVE is dynamic */   \
213           CPUID_EXT_MOVBE | CPUID_EXT_AES | CPUID_EXT_HYPERVISOR)
214           /* missing:
215           CPUID_EXT_DTES64, CPUID_EXT_DSCPL, CPUID_EXT_VMX, CPUID_EXT_SMX,
216           CPUID_EXT_EST, CPUID_EXT_TM2, CPUID_EXT_CID, CPUID_EXT_FMA,
217           CPUID_EXT_XTPR, CPUID_EXT_PDCM, CPUID_EXT_PCID, CPUID_EXT_DCA,
218           CPUID_EXT_X2APIC, CPUID_EXT_TSC_DEADLINE_TIMER, CPUID_EXT_AVX,
219           CPUID_EXT_F16C, CPUID_EXT_RDRAND */
220 
221 #ifdef TARGET_X86_64
222 #define TCG_EXT2_X86_64_FEATURES (CPUID_EXT2_SYSCALL | CPUID_EXT2_LM)
223 #else
224 #define TCG_EXT2_X86_64_FEATURES 0
225 #endif
226 
227 #define TCG_EXT2_FEATURES ((TCG_FEATURES & CPUID_EXT2_AMD_ALIASES) | \
228           CPUID_EXT2_NX | CPUID_EXT2_MMXEXT | CPUID_EXT2_RDTSCP | \
229           CPUID_EXT2_3DNOW | CPUID_EXT2_3DNOWEXT | CPUID_EXT2_PDPE1GB | \
230           TCG_EXT2_X86_64_FEATURES)
231 #define TCG_EXT3_FEATURES (CPUID_EXT3_LAHF_LM | CPUID_EXT3_SVM | \
232           CPUID_EXT3_CR8LEG | CPUID_EXT3_ABM | CPUID_EXT3_SSE4A)
233 #define TCG_EXT4_FEATURES 0
234 #define TCG_SVM_FEATURES 0
235 #define TCG_KVM_FEATURES 0
236 #define TCG_7_0_EBX_FEATURES (CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_SMAP | \
237           CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ADX | \
238           CPUID_7_0_EBX_PCOMMIT | CPUID_7_0_EBX_CLFLUSHOPT |            \
239           CPUID_7_0_EBX_CLWB | CPUID_7_0_EBX_MPX | CPUID_7_0_EBX_FSGSBASE | \
240           CPUID_7_0_EBX_ERMS)
241           /* missing:
242           CPUID_7_0_EBX_HLE, CPUID_7_0_EBX_AVX2,
243           CPUID_7_0_EBX_INVPCID, CPUID_7_0_EBX_RTM,
244           CPUID_7_0_EBX_RDSEED */
245 #define TCG_7_0_ECX_FEATURES (CPUID_7_0_ECX_PKU | CPUID_7_0_ECX_OSPKE | \
246           CPUID_7_0_ECX_LA57)
247 #define TCG_7_0_EDX_FEATURES 0
248 #define TCG_APM_FEATURES 0
249 #define TCG_6_EAX_FEATURES CPUID_6_EAX_ARAT
250 #define TCG_XSAVE_FEATURES (CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XGETBV1)
251           /* missing:
252           CPUID_XSAVE_XSAVEC, CPUID_XSAVE_XSAVES */
253 
254 typedef struct FeatureWordInfo {
255     /* feature flags names are taken from "Intel Processor Identification and
256      * the CPUID Instruction" and AMD's "CPUID Specification".
257      * In cases of disagreement between feature naming conventions,
258      * aliases may be added.
259      */
260     const char *feat_names[32];
261     uint32_t cpuid_eax;   /* Input EAX for CPUID */
262     bool cpuid_needs_ecx; /* CPUID instruction uses ECX as input */
263     uint32_t cpuid_ecx;   /* Input ECX value for CPUID */
264     int cpuid_reg;        /* output register (R_* constant) */
265     uint32_t tcg_features; /* Feature flags supported by TCG */
266     uint32_t unmigratable_flags; /* Feature flags known to be unmigratable */
267     uint32_t migratable_flags; /* Feature flags known to be migratable */
268 } FeatureWordInfo;
269 
270 static FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
271     [FEAT_1_EDX] = {
272         .feat_names = {
273             "fpu", "vme", "de", "pse",
274             "tsc", "msr", "pae", "mce",
275             "cx8", "apic", NULL, "sep",
276             "mtrr", "pge", "mca", "cmov",
277             "pat", "pse36", "pn" /* Intel psn */, "clflush" /* Intel clfsh */,
278             NULL, "ds" /* Intel dts */, "acpi", "mmx",
279             "fxsr", "sse", "sse2", "ss",
280             "ht" /* Intel htt */, "tm", "ia64", "pbe",
281         },
282         .cpuid_eax = 1, .cpuid_reg = R_EDX,
283         .tcg_features = TCG_FEATURES,
284     },
285     [FEAT_1_ECX] = {
286         .feat_names = {
287             "pni" /* Intel,AMD sse3 */, "pclmulqdq", "dtes64", "monitor",
288             "ds-cpl", "vmx", "smx", "est",
289             "tm2", "ssse3", "cid", NULL,
290             "fma", "cx16", "xtpr", "pdcm",
291             NULL, "pcid", "dca", "sse4.1",
292             "sse4.2", "x2apic", "movbe", "popcnt",
293             "tsc-deadline", "aes", "xsave", "osxsave",
294             "avx", "f16c", "rdrand", "hypervisor",
295         },
296         .cpuid_eax = 1, .cpuid_reg = R_ECX,
297         .tcg_features = TCG_EXT_FEATURES,
298     },
299     /* Feature names that are already defined on feature_name[] but
300      * are set on CPUID[8000_0001].EDX on AMD CPUs don't have their
301      * names on feat_names below. They are copied automatically
302      * to features[FEAT_8000_0001_EDX] if and only if CPU vendor is AMD.
303      */
304     [FEAT_8000_0001_EDX] = {
305         .feat_names = {
306             NULL /* fpu */, NULL /* vme */, NULL /* de */, NULL /* pse */,
307             NULL /* tsc */, NULL /* msr */, NULL /* pae */, NULL /* mce */,
308             NULL /* cx8 */, NULL /* apic */, NULL, "syscall",
309             NULL /* mtrr */, NULL /* pge */, NULL /* mca */, NULL /* cmov */,
310             NULL /* pat */, NULL /* pse36 */, NULL, NULL /* Linux mp */,
311             "nx", NULL, "mmxext", NULL /* mmx */,
312             NULL /* fxsr */, "fxsr-opt", "pdpe1gb", "rdtscp",
313             NULL, "lm", "3dnowext", "3dnow",
314         },
315         .cpuid_eax = 0x80000001, .cpuid_reg = R_EDX,
316         .tcg_features = TCG_EXT2_FEATURES,
317     },
318     [FEAT_8000_0001_ECX] = {
319         .feat_names = {
320             "lahf-lm", "cmp-legacy", "svm", "extapic",
321             "cr8legacy", "abm", "sse4a", "misalignsse",
322             "3dnowprefetch", "osvw", "ibs", "xop",
323             "skinit", "wdt", NULL, "lwp",
324             "fma4", "tce", NULL, "nodeid-msr",
325             NULL, "tbm", "topoext", "perfctr-core",
326             "perfctr-nb", NULL, NULL, NULL,
327             NULL, NULL, NULL, NULL,
328         },
329         .cpuid_eax = 0x80000001, .cpuid_reg = R_ECX,
330         .tcg_features = TCG_EXT3_FEATURES,
331     },
332     [FEAT_C000_0001_EDX] = {
333         .feat_names = {
334             NULL, NULL, "xstore", "xstore-en",
335             NULL, NULL, "xcrypt", "xcrypt-en",
336             "ace2", "ace2-en", "phe", "phe-en",
337             "pmm", "pmm-en", NULL, NULL,
338             NULL, NULL, NULL, NULL,
339             NULL, NULL, NULL, NULL,
340             NULL, NULL, NULL, NULL,
341             NULL, NULL, NULL, NULL,
342         },
343         .cpuid_eax = 0xC0000001, .cpuid_reg = R_EDX,
344         .tcg_features = TCG_EXT4_FEATURES,
345     },
346     [FEAT_KVM] = {
347         .feat_names = {
348             "kvmclock", "kvm-nopiodelay", "kvm-mmu", "kvmclock",
349             "kvm-asyncpf", "kvm-steal-time", "kvm-pv-eoi", "kvm-pv-unhalt",
350             NULL, "kvm-pv-tlb-flush", NULL, NULL,
351             NULL, NULL, NULL, NULL,
352             NULL, NULL, NULL, NULL,
353             NULL, NULL, NULL, NULL,
354             "kvmclock-stable-bit", NULL, NULL, NULL,
355             NULL, NULL, NULL, NULL,
356         },
357         .cpuid_eax = KVM_CPUID_FEATURES, .cpuid_reg = R_EAX,
358         .tcg_features = TCG_KVM_FEATURES,
359     },
360     [FEAT_HYPERV_EAX] = {
361         .feat_names = {
362             NULL /* hv_msr_vp_runtime_access */, NULL /* hv_msr_time_refcount_access */,
363             NULL /* hv_msr_synic_access */, NULL /* hv_msr_stimer_access */,
364             NULL /* hv_msr_apic_access */, NULL /* hv_msr_hypercall_access */,
365             NULL /* hv_vpindex_access */, NULL /* hv_msr_reset_access */,
366             NULL /* hv_msr_stats_access */, NULL /* hv_reftsc_access */,
367             NULL /* hv_msr_idle_access */, NULL /* hv_msr_frequency_access */,
368             NULL, NULL, NULL, NULL,
369             NULL, NULL, NULL, NULL,
370             NULL, NULL, NULL, NULL,
371             NULL, NULL, NULL, NULL,
372             NULL, NULL, NULL, NULL,
373         },
374         .cpuid_eax = 0x40000003, .cpuid_reg = R_EAX,
375     },
376     [FEAT_HYPERV_EBX] = {
377         .feat_names = {
378             NULL /* hv_create_partitions */, NULL /* hv_access_partition_id */,
379             NULL /* hv_access_memory_pool */, NULL /* hv_adjust_message_buffers */,
380             NULL /* hv_post_messages */, NULL /* hv_signal_events */,
381             NULL /* hv_create_port */, NULL /* hv_connect_port */,
382             NULL /* hv_access_stats */, NULL, NULL, NULL /* hv_debugging */,
383             NULL /* hv_cpu_power_management */, NULL /* hv_configure_profiler */,
384             NULL, NULL,
385             NULL, NULL, NULL, NULL,
386             NULL, NULL, NULL, NULL,
387             NULL, NULL, NULL, NULL,
388             NULL, NULL, NULL, NULL,
389         },
390         .cpuid_eax = 0x40000003, .cpuid_reg = R_EBX,
391     },
392     [FEAT_HYPERV_EDX] = {
393         .feat_names = {
394             NULL /* hv_mwait */, NULL /* hv_guest_debugging */,
395             NULL /* hv_perf_monitor */, NULL /* hv_cpu_dynamic_part */,
396             NULL /* hv_hypercall_params_xmm */, NULL /* hv_guest_idle_state */,
397             NULL, NULL,
398             NULL, NULL, NULL /* hv_guest_crash_msr */, NULL,
399             NULL, NULL, NULL, NULL,
400             NULL, NULL, NULL, NULL,
401             NULL, NULL, NULL, NULL,
402             NULL, NULL, NULL, NULL,
403             NULL, NULL, NULL, NULL,
404         },
405         .cpuid_eax = 0x40000003, .cpuid_reg = R_EDX,
406     },
407     [FEAT_SVM] = {
408         .feat_names = {
409             "npt", "lbrv", "svm-lock", "nrip-save",
410             "tsc-scale", "vmcb-clean",  "flushbyasid", "decodeassists",
411             NULL, NULL, "pause-filter", NULL,
412             "pfthreshold", NULL, NULL, NULL,
413             NULL, NULL, NULL, NULL,
414             NULL, NULL, NULL, NULL,
415             NULL, NULL, NULL, NULL,
416             NULL, NULL, NULL, NULL,
417         },
418         .cpuid_eax = 0x8000000A, .cpuid_reg = R_EDX,
419         .tcg_features = TCG_SVM_FEATURES,
420     },
421     [FEAT_7_0_EBX] = {
422         .feat_names = {
423             "fsgsbase", "tsc-adjust", NULL, "bmi1",
424             "hle", "avx2", NULL, "smep",
425             "bmi2", "erms", "invpcid", "rtm",
426             NULL, NULL, "mpx", NULL,
427             "avx512f", "avx512dq", "rdseed", "adx",
428             "smap", "avx512ifma", "pcommit", "clflushopt",
429             "clwb", NULL, "avx512pf", "avx512er",
430             "avx512cd", "sha-ni", "avx512bw", "avx512vl",
431         },
432         .cpuid_eax = 7,
433         .cpuid_needs_ecx = true, .cpuid_ecx = 0,
434         .cpuid_reg = R_EBX,
435         .tcg_features = TCG_7_0_EBX_FEATURES,
436     },
437     [FEAT_7_0_ECX] = {
438         .feat_names = {
439             NULL, "avx512vbmi", "umip", "pku",
440             "ospke", NULL, NULL, NULL,
441             NULL, NULL, NULL, NULL,
442             NULL, NULL, "avx512-vpopcntdq", NULL,
443             "la57", NULL, NULL, NULL,
444             NULL, NULL, "rdpid", NULL,
445             NULL, NULL, NULL, NULL,
446             NULL, NULL, NULL, NULL,
447         },
448         .cpuid_eax = 7,
449         .cpuid_needs_ecx = true, .cpuid_ecx = 0,
450         .cpuid_reg = R_ECX,
451         .tcg_features = TCG_7_0_ECX_FEATURES,
452     },
453     [FEAT_7_0_EDX] = {
454         .feat_names = {
455             NULL, NULL, "avx512-4vnniw", "avx512-4fmaps",
456             NULL, NULL, NULL, NULL,
457             NULL, NULL, NULL, NULL,
458             NULL, NULL, NULL, NULL,
459             NULL, NULL, NULL, NULL,
460             NULL, NULL, NULL, NULL,
461             NULL, NULL, NULL, NULL,
462             NULL, NULL, NULL, NULL,
463         },
464         .cpuid_eax = 7,
465         .cpuid_needs_ecx = true, .cpuid_ecx = 0,
466         .cpuid_reg = R_EDX,
467         .tcg_features = TCG_7_0_EDX_FEATURES,
468     },
469     [FEAT_8000_0007_EDX] = {
470         .feat_names = {
471             NULL, NULL, NULL, NULL,
472             NULL, NULL, NULL, NULL,
473             "invtsc", NULL, NULL, NULL,
474             NULL, NULL, NULL, NULL,
475             NULL, NULL, NULL, NULL,
476             NULL, NULL, NULL, NULL,
477             NULL, NULL, NULL, NULL,
478             NULL, NULL, NULL, NULL,
479         },
480         .cpuid_eax = 0x80000007,
481         .cpuid_reg = R_EDX,
482         .tcg_features = TCG_APM_FEATURES,
483         .unmigratable_flags = CPUID_APM_INVTSC,
484     },
485     [FEAT_XSAVE] = {
486         .feat_names = {
487             "xsaveopt", "xsavec", "xgetbv1", "xsaves",
488             NULL, NULL, NULL, NULL,
489             NULL, NULL, NULL, NULL,
490             NULL, NULL, NULL, NULL,
491             NULL, NULL, NULL, NULL,
492             NULL, NULL, NULL, NULL,
493             NULL, NULL, NULL, NULL,
494             NULL, NULL, NULL, NULL,
495         },
496         .cpuid_eax = 0xd,
497         .cpuid_needs_ecx = true, .cpuid_ecx = 1,
498         .cpuid_reg = R_EAX,
499         .tcg_features = TCG_XSAVE_FEATURES,
500     },
501     [FEAT_6_EAX] = {
502         .feat_names = {
503             NULL, NULL, "arat", NULL,
504             NULL, NULL, NULL, NULL,
505             NULL, NULL, NULL, NULL,
506             NULL, NULL, NULL, NULL,
507             NULL, NULL, NULL, NULL,
508             NULL, NULL, NULL, NULL,
509             NULL, NULL, NULL, NULL,
510             NULL, NULL, NULL, NULL,
511         },
512         .cpuid_eax = 6, .cpuid_reg = R_EAX,
513         .tcg_features = TCG_6_EAX_FEATURES,
514     },
515     [FEAT_XSAVE_COMP_LO] = {
516         .cpuid_eax = 0xD,
517         .cpuid_needs_ecx = true, .cpuid_ecx = 0,
518         .cpuid_reg = R_EAX,
519         .tcg_features = ~0U,
520         .migratable_flags = XSTATE_FP_MASK | XSTATE_SSE_MASK |
521             XSTATE_YMM_MASK | XSTATE_BNDREGS_MASK | XSTATE_BNDCSR_MASK |
522             XSTATE_OPMASK_MASK | XSTATE_ZMM_Hi256_MASK | XSTATE_Hi16_ZMM_MASK |
523             XSTATE_PKRU_MASK,
524     },
525     [FEAT_XSAVE_COMP_HI] = {
526         .cpuid_eax = 0xD,
527         .cpuid_needs_ecx = true, .cpuid_ecx = 0,
528         .cpuid_reg = R_EDX,
529         .tcg_features = ~0U,
530     },
531 };
532 
533 typedef struct X86RegisterInfo32 {
534     /* Name of register */
535     const char *name;
536     /* QAPI enum value register */
537     X86CPURegister32 qapi_enum;
538 } X86RegisterInfo32;
539 
540 #define REGISTER(reg) \
541     [R_##reg] = { .name = #reg, .qapi_enum = X86_CPU_REGISTER32_##reg }
542 static const X86RegisterInfo32 x86_reg_info_32[CPU_NB_REGS32] = {
543     REGISTER(EAX),
544     REGISTER(ECX),
545     REGISTER(EDX),
546     REGISTER(EBX),
547     REGISTER(ESP),
548     REGISTER(EBP),
549     REGISTER(ESI),
550     REGISTER(EDI),
551 };
552 #undef REGISTER
553 
554 typedef struct ExtSaveArea {
555     uint32_t feature, bits;
556     uint32_t offset, size;
557 } ExtSaveArea;
558 
559 static const ExtSaveArea x86_ext_save_areas[] = {
560     [XSTATE_FP_BIT] = {
561         /* x87 FP state component is always enabled if XSAVE is supported */
562         .feature = FEAT_1_ECX, .bits = CPUID_EXT_XSAVE,
563         /* x87 state is in the legacy region of the XSAVE area */
564         .offset = 0,
565         .size = sizeof(X86LegacyXSaveArea) + sizeof(X86XSaveHeader),
566     },
567     [XSTATE_SSE_BIT] = {
568         /* SSE state component is always enabled if XSAVE is supported */
569         .feature = FEAT_1_ECX, .bits = CPUID_EXT_XSAVE,
570         /* SSE state is in the legacy region of the XSAVE area */
571         .offset = 0,
572         .size = sizeof(X86LegacyXSaveArea) + sizeof(X86XSaveHeader),
573     },
574     [XSTATE_YMM_BIT] =
575           { .feature = FEAT_1_ECX, .bits = CPUID_EXT_AVX,
576             .offset = offsetof(X86XSaveArea, avx_state),
577             .size = sizeof(XSaveAVX) },
578     [XSTATE_BNDREGS_BIT] =
579           { .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_MPX,
580             .offset = offsetof(X86XSaveArea, bndreg_state),
581             .size = sizeof(XSaveBNDREG)  },
582     [XSTATE_BNDCSR_BIT] =
583           { .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_MPX,
584             .offset = offsetof(X86XSaveArea, bndcsr_state),
585             .size = sizeof(XSaveBNDCSR)  },
586     [XSTATE_OPMASK_BIT] =
587           { .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_AVX512F,
588             .offset = offsetof(X86XSaveArea, opmask_state),
589             .size = sizeof(XSaveOpmask) },
590     [XSTATE_ZMM_Hi256_BIT] =
591           { .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_AVX512F,
592             .offset = offsetof(X86XSaveArea, zmm_hi256_state),
593             .size = sizeof(XSaveZMM_Hi256) },
594     [XSTATE_Hi16_ZMM_BIT] =
595           { .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_AVX512F,
596             .offset = offsetof(X86XSaveArea, hi16_zmm_state),
597             .size = sizeof(XSaveHi16_ZMM) },
598     [XSTATE_PKRU_BIT] =
599           { .feature = FEAT_7_0_ECX, .bits = CPUID_7_0_ECX_PKU,
600             .offset = offsetof(X86XSaveArea, pkru_state),
601             .size = sizeof(XSavePKRU) },
602 };
603 
604 static uint32_t xsave_area_size(uint64_t mask)
605 {
606     int i;
607     uint64_t ret = 0;
608 
609     for (i = 0; i < ARRAY_SIZE(x86_ext_save_areas); i++) {
610         const ExtSaveArea *esa = &x86_ext_save_areas[i];
611         if ((mask >> i) & 1) {
612             ret = MAX(ret, esa->offset + esa->size);
613         }
614     }
615     return ret;
616 }
617 
618 static inline uint64_t x86_cpu_xsave_components(X86CPU *cpu)
619 {
620     return ((uint64_t)cpu->env.features[FEAT_XSAVE_COMP_HI]) << 32 |
621            cpu->env.features[FEAT_XSAVE_COMP_LO];
622 }
623 
624 const char *get_register_name_32(unsigned int reg)
625 {
626     if (reg >= CPU_NB_REGS32) {
627         return NULL;
628     }
629     return x86_reg_info_32[reg].name;
630 }
631 
632 /*
633  * Returns the set of feature flags that are supported and migratable by
634  * QEMU, for a given FeatureWord.
635  */
636 static uint32_t x86_cpu_get_migratable_flags(FeatureWord w)
637 {
638     FeatureWordInfo *wi = &feature_word_info[w];
639     uint32_t r = 0;
640     int i;
641 
642     for (i = 0; i < 32; i++) {
643         uint32_t f = 1U << i;
644 
645         /* If the feature name is known, it is implicitly considered migratable,
646          * unless it is explicitly set in unmigratable_flags */
647         if ((wi->migratable_flags & f) ||
648             (wi->feat_names[i] && !(wi->unmigratable_flags & f))) {
649             r |= f;
650         }
651     }
652     return r;
653 }
654 
655 void host_cpuid(uint32_t function, uint32_t count,
656                 uint32_t *eax, uint32_t *ebx, uint32_t *ecx, uint32_t *edx)
657 {
658     uint32_t vec[4];
659 
660 #ifdef __x86_64__
661     asm volatile("cpuid"
662                  : "=a"(vec[0]), "=b"(vec[1]),
663                    "=c"(vec[2]), "=d"(vec[3])
664                  : "0"(function), "c"(count) : "cc");
665 #elif defined(__i386__)
666     asm volatile("pusha \n\t"
667                  "cpuid \n\t"
668                  "mov %%eax, 0(%2) \n\t"
669                  "mov %%ebx, 4(%2) \n\t"
670                  "mov %%ecx, 8(%2) \n\t"
671                  "mov %%edx, 12(%2) \n\t"
672                  "popa"
673                  : : "a"(function), "c"(count), "S"(vec)
674                  : "memory", "cc");
675 #else
676     abort();
677 #endif
678 
679     if (eax)
680         *eax = vec[0];
681     if (ebx)
682         *ebx = vec[1];
683     if (ecx)
684         *ecx = vec[2];
685     if (edx)
686         *edx = vec[3];
687 }
688 
689 void host_vendor_fms(char *vendor, int *family, int *model, int *stepping)
690 {
691     uint32_t eax, ebx, ecx, edx;
692 
693     host_cpuid(0x0, 0, &eax, &ebx, &ecx, &edx);
694     x86_cpu_vendor_words2str(vendor, ebx, edx, ecx);
695 
696     host_cpuid(0x1, 0, &eax, &ebx, &ecx, &edx);
697     if (family) {
698         *family = ((eax >> 8) & 0x0F) + ((eax >> 20) & 0xFF);
699     }
700     if (model) {
701         *model = ((eax >> 4) & 0x0F) | ((eax & 0xF0000) >> 12);
702     }
703     if (stepping) {
704         *stepping = eax & 0x0F;
705     }
706 }
707 
708 /* CPU class name definitions: */
709 
710 /* Return type name for a given CPU model name
711  * Caller is responsible for freeing the returned string.
712  */
713 static char *x86_cpu_type_name(const char *model_name)
714 {
715     return g_strdup_printf(X86_CPU_TYPE_NAME("%s"), model_name);
716 }
717 
718 static ObjectClass *x86_cpu_class_by_name(const char *cpu_model)
719 {
720     ObjectClass *oc;
721     char *typename;
722 
723     if (cpu_model == NULL) {
724         return NULL;
725     }
726 
727     typename = x86_cpu_type_name(cpu_model);
728     oc = object_class_by_name(typename);
729     g_free(typename);
730     return oc;
731 }
732 
733 static char *x86_cpu_class_get_model_name(X86CPUClass *cc)
734 {
735     const char *class_name = object_class_get_name(OBJECT_CLASS(cc));
736     assert(g_str_has_suffix(class_name, X86_CPU_TYPE_SUFFIX));
737     return g_strndup(class_name,
738                      strlen(class_name) - strlen(X86_CPU_TYPE_SUFFIX));
739 }
740 
741 struct X86CPUDefinition {
742     const char *name;
743     uint32_t level;
744     uint32_t xlevel;
745     /* vendor is zero-terminated, 12 character ASCII string */
746     char vendor[CPUID_VENDOR_SZ + 1];
747     int family;
748     int model;
749     int stepping;
750     FeatureWordArray features;
751     char model_id[48];
752 };
753 
754 static X86CPUDefinition builtin_x86_defs[] = {
755     {
756         .name = "qemu64",
757         .level = 0xd,
758         .vendor = CPUID_VENDOR_AMD,
759         .family = 6,
760         .model = 6,
761         .stepping = 3,
762         .features[FEAT_1_EDX] =
763             PPRO_FEATURES |
764             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA |
765             CPUID_PSE36,
766         .features[FEAT_1_ECX] =
767             CPUID_EXT_SSE3 | CPUID_EXT_CX16,
768         .features[FEAT_8000_0001_EDX] =
769             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX,
770         .features[FEAT_8000_0001_ECX] =
771             CPUID_EXT3_LAHF_LM | CPUID_EXT3_SVM,
772         .xlevel = 0x8000000A,
773         .model_id = "QEMU Virtual CPU version " QEMU_HW_VERSION,
774     },
775     {
776         .name = "phenom",
777         .level = 5,
778         .vendor = CPUID_VENDOR_AMD,
779         .family = 16,
780         .model = 2,
781         .stepping = 3,
782         /* Missing: CPUID_HT */
783         .features[FEAT_1_EDX] =
784             PPRO_FEATURES |
785             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA |
786             CPUID_PSE36 | CPUID_VME,
787         .features[FEAT_1_ECX] =
788             CPUID_EXT_SSE3 | CPUID_EXT_MONITOR | CPUID_EXT_CX16 |
789             CPUID_EXT_POPCNT,
790         .features[FEAT_8000_0001_EDX] =
791             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX |
792             CPUID_EXT2_3DNOW | CPUID_EXT2_3DNOWEXT | CPUID_EXT2_MMXEXT |
793             CPUID_EXT2_FFXSR | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP,
794         /* Missing: CPUID_EXT3_CMP_LEG, CPUID_EXT3_EXTAPIC,
795                     CPUID_EXT3_CR8LEG,
796                     CPUID_EXT3_MISALIGNSSE, CPUID_EXT3_3DNOWPREFETCH,
797                     CPUID_EXT3_OSVW, CPUID_EXT3_IBS */
798         .features[FEAT_8000_0001_ECX] =
799             CPUID_EXT3_LAHF_LM | CPUID_EXT3_SVM |
800             CPUID_EXT3_ABM | CPUID_EXT3_SSE4A,
801         /* Missing: CPUID_SVM_LBRV */
802         .features[FEAT_SVM] =
803             CPUID_SVM_NPT,
804         .xlevel = 0x8000001A,
805         .model_id = "AMD Phenom(tm) 9550 Quad-Core Processor"
806     },
807     {
808         .name = "core2duo",
809         .level = 10,
810         .vendor = CPUID_VENDOR_INTEL,
811         .family = 6,
812         .model = 15,
813         .stepping = 11,
814         /* Missing: CPUID_DTS, CPUID_HT, CPUID_TM, CPUID_PBE */
815         .features[FEAT_1_EDX] =
816             PPRO_FEATURES |
817             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA |
818             CPUID_PSE36 | CPUID_VME | CPUID_ACPI | CPUID_SS,
819         /* Missing: CPUID_EXT_DTES64, CPUID_EXT_DSCPL, CPUID_EXT_EST,
820          * CPUID_EXT_TM2, CPUID_EXT_XTPR, CPUID_EXT_PDCM, CPUID_EXT_VMX */
821         .features[FEAT_1_ECX] =
822             CPUID_EXT_SSE3 | CPUID_EXT_MONITOR | CPUID_EXT_SSSE3 |
823             CPUID_EXT_CX16,
824         .features[FEAT_8000_0001_EDX] =
825             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX,
826         .features[FEAT_8000_0001_ECX] =
827             CPUID_EXT3_LAHF_LM,
828         .xlevel = 0x80000008,
829         .model_id = "Intel(R) Core(TM)2 Duo CPU     T7700  @ 2.40GHz",
830     },
831     {
832         .name = "kvm64",
833         .level = 0xd,
834         .vendor = CPUID_VENDOR_INTEL,
835         .family = 15,
836         .model = 6,
837         .stepping = 1,
838         /* Missing: CPUID_HT */
839         .features[FEAT_1_EDX] =
840             PPRO_FEATURES | CPUID_VME |
841             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA |
842             CPUID_PSE36,
843         /* Missing: CPUID_EXT_POPCNT, CPUID_EXT_MONITOR */
844         .features[FEAT_1_ECX] =
845             CPUID_EXT_SSE3 | CPUID_EXT_CX16,
846         /* Missing: CPUID_EXT2_PDPE1GB, CPUID_EXT2_RDTSCP */
847         .features[FEAT_8000_0001_EDX] =
848             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX,
849         /* Missing: CPUID_EXT3_LAHF_LM, CPUID_EXT3_CMP_LEG, CPUID_EXT3_EXTAPIC,
850                     CPUID_EXT3_CR8LEG, CPUID_EXT3_ABM, CPUID_EXT3_SSE4A,
851                     CPUID_EXT3_MISALIGNSSE, CPUID_EXT3_3DNOWPREFETCH,
852                     CPUID_EXT3_OSVW, CPUID_EXT3_IBS, CPUID_EXT3_SVM */
853         .features[FEAT_8000_0001_ECX] =
854             0,
855         .xlevel = 0x80000008,
856         .model_id = "Common KVM processor"
857     },
858     {
859         .name = "qemu32",
860         .level = 4,
861         .vendor = CPUID_VENDOR_INTEL,
862         .family = 6,
863         .model = 6,
864         .stepping = 3,
865         .features[FEAT_1_EDX] =
866             PPRO_FEATURES,
867         .features[FEAT_1_ECX] =
868             CPUID_EXT_SSE3,
869         .xlevel = 0x80000004,
870         .model_id = "QEMU Virtual CPU version " QEMU_HW_VERSION,
871     },
872     {
873         .name = "kvm32",
874         .level = 5,
875         .vendor = CPUID_VENDOR_INTEL,
876         .family = 15,
877         .model = 6,
878         .stepping = 1,
879         .features[FEAT_1_EDX] =
880             PPRO_FEATURES | CPUID_VME |
881             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA | CPUID_PSE36,
882         .features[FEAT_1_ECX] =
883             CPUID_EXT_SSE3,
884         .features[FEAT_8000_0001_ECX] =
885             0,
886         .xlevel = 0x80000008,
887         .model_id = "Common 32-bit KVM processor"
888     },
889     {
890         .name = "coreduo",
891         .level = 10,
892         .vendor = CPUID_VENDOR_INTEL,
893         .family = 6,
894         .model = 14,
895         .stepping = 8,
896         /* Missing: CPUID_DTS, CPUID_HT, CPUID_TM, CPUID_PBE */
897         .features[FEAT_1_EDX] =
898             PPRO_FEATURES | CPUID_VME |
899             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA | CPUID_ACPI |
900             CPUID_SS,
901         /* Missing: CPUID_EXT_EST, CPUID_EXT_TM2 , CPUID_EXT_XTPR,
902          * CPUID_EXT_PDCM, CPUID_EXT_VMX */
903         .features[FEAT_1_ECX] =
904             CPUID_EXT_SSE3 | CPUID_EXT_MONITOR,
905         .features[FEAT_8000_0001_EDX] =
906             CPUID_EXT2_NX,
907         .xlevel = 0x80000008,
908         .model_id = "Genuine Intel(R) CPU           T2600  @ 2.16GHz",
909     },
910     {
911         .name = "486",
912         .level = 1,
913         .vendor = CPUID_VENDOR_INTEL,
914         .family = 4,
915         .model = 8,
916         .stepping = 0,
917         .features[FEAT_1_EDX] =
918             I486_FEATURES,
919         .xlevel = 0,
920     },
921     {
922         .name = "pentium",
923         .level = 1,
924         .vendor = CPUID_VENDOR_INTEL,
925         .family = 5,
926         .model = 4,
927         .stepping = 3,
928         .features[FEAT_1_EDX] =
929             PENTIUM_FEATURES,
930         .xlevel = 0,
931     },
932     {
933         .name = "pentium2",
934         .level = 2,
935         .vendor = CPUID_VENDOR_INTEL,
936         .family = 6,
937         .model = 5,
938         .stepping = 2,
939         .features[FEAT_1_EDX] =
940             PENTIUM2_FEATURES,
941         .xlevel = 0,
942     },
943     {
944         .name = "pentium3",
945         .level = 3,
946         .vendor = CPUID_VENDOR_INTEL,
947         .family = 6,
948         .model = 7,
949         .stepping = 3,
950         .features[FEAT_1_EDX] =
951             PENTIUM3_FEATURES,
952         .xlevel = 0,
953     },
954     {
955         .name = "athlon",
956         .level = 2,
957         .vendor = CPUID_VENDOR_AMD,
958         .family = 6,
959         .model = 2,
960         .stepping = 3,
961         .features[FEAT_1_EDX] =
962             PPRO_FEATURES | CPUID_PSE36 | CPUID_VME | CPUID_MTRR |
963             CPUID_MCA,
964         .features[FEAT_8000_0001_EDX] =
965             CPUID_EXT2_MMXEXT | CPUID_EXT2_3DNOW | CPUID_EXT2_3DNOWEXT,
966         .xlevel = 0x80000008,
967         .model_id = "QEMU Virtual CPU version " QEMU_HW_VERSION,
968     },
969     {
970         .name = "n270",
971         .level = 10,
972         .vendor = CPUID_VENDOR_INTEL,
973         .family = 6,
974         .model = 28,
975         .stepping = 2,
976         /* Missing: CPUID_DTS, CPUID_HT, CPUID_TM, CPUID_PBE */
977         .features[FEAT_1_EDX] =
978             PPRO_FEATURES |
979             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA | CPUID_VME |
980             CPUID_ACPI | CPUID_SS,
981             /* Some CPUs got no CPUID_SEP */
982         /* Missing: CPUID_EXT_DSCPL, CPUID_EXT_EST, CPUID_EXT_TM2,
983          * CPUID_EXT_XTPR */
984         .features[FEAT_1_ECX] =
985             CPUID_EXT_SSE3 | CPUID_EXT_MONITOR | CPUID_EXT_SSSE3 |
986             CPUID_EXT_MOVBE,
987         .features[FEAT_8000_0001_EDX] =
988             CPUID_EXT2_NX,
989         .features[FEAT_8000_0001_ECX] =
990             CPUID_EXT3_LAHF_LM,
991         .xlevel = 0x80000008,
992         .model_id = "Intel(R) Atom(TM) CPU N270   @ 1.60GHz",
993     },
994     {
995         .name = "Conroe",
996         .level = 10,
997         .vendor = CPUID_VENDOR_INTEL,
998         .family = 6,
999         .model = 15,
1000         .stepping = 3,
1001         .features[FEAT_1_EDX] =
1002             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
1003             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
1004             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
1005             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
1006             CPUID_DE | CPUID_FP87,
1007         .features[FEAT_1_ECX] =
1008             CPUID_EXT_SSSE3 | CPUID_EXT_SSE3,
1009         .features[FEAT_8000_0001_EDX] =
1010             CPUID_EXT2_LM | CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
1011         .features[FEAT_8000_0001_ECX] =
1012             CPUID_EXT3_LAHF_LM,
1013         .xlevel = 0x80000008,
1014         .model_id = "Intel Celeron_4x0 (Conroe/Merom Class Core 2)",
1015     },
1016     {
1017         .name = "Penryn",
1018         .level = 10,
1019         .vendor = CPUID_VENDOR_INTEL,
1020         .family = 6,
1021         .model = 23,
1022         .stepping = 3,
1023         .features[FEAT_1_EDX] =
1024             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
1025             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
1026             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
1027             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
1028             CPUID_DE | CPUID_FP87,
1029         .features[FEAT_1_ECX] =
1030             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
1031             CPUID_EXT_SSE3,
1032         .features[FEAT_8000_0001_EDX] =
1033             CPUID_EXT2_LM | CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
1034         .features[FEAT_8000_0001_ECX] =
1035             CPUID_EXT3_LAHF_LM,
1036         .xlevel = 0x80000008,
1037         .model_id = "Intel Core 2 Duo P9xxx (Penryn Class Core 2)",
1038     },
1039     {
1040         .name = "Nehalem",
1041         .level = 11,
1042         .vendor = CPUID_VENDOR_INTEL,
1043         .family = 6,
1044         .model = 26,
1045         .stepping = 3,
1046         .features[FEAT_1_EDX] =
1047             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
1048             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
1049             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
1050             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
1051             CPUID_DE | CPUID_FP87,
1052         .features[FEAT_1_ECX] =
1053             CPUID_EXT_POPCNT | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
1054             CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | CPUID_EXT_SSE3,
1055         .features[FEAT_8000_0001_EDX] =
1056             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX,
1057         .features[FEAT_8000_0001_ECX] =
1058             CPUID_EXT3_LAHF_LM,
1059         .xlevel = 0x80000008,
1060         .model_id = "Intel Core i7 9xx (Nehalem Class Core i7)",
1061     },
1062     {
1063         .name = "Westmere",
1064         .level = 11,
1065         .vendor = CPUID_VENDOR_INTEL,
1066         .family = 6,
1067         .model = 44,
1068         .stepping = 1,
1069         .features[FEAT_1_EDX] =
1070             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
1071             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
1072             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
1073             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
1074             CPUID_DE | CPUID_FP87,
1075         .features[FEAT_1_ECX] =
1076             CPUID_EXT_AES | CPUID_EXT_POPCNT | CPUID_EXT_SSE42 |
1077             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
1078             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3,
1079         .features[FEAT_8000_0001_EDX] =
1080             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX,
1081         .features[FEAT_8000_0001_ECX] =
1082             CPUID_EXT3_LAHF_LM,
1083         .features[FEAT_6_EAX] =
1084             CPUID_6_EAX_ARAT,
1085         .xlevel = 0x80000008,
1086         .model_id = "Westmere E56xx/L56xx/X56xx (Nehalem-C)",
1087     },
1088     {
1089         .name = "SandyBridge",
1090         .level = 0xd,
1091         .vendor = CPUID_VENDOR_INTEL,
1092         .family = 6,
1093         .model = 42,
1094         .stepping = 1,
1095         .features[FEAT_1_EDX] =
1096             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
1097             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
1098             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
1099             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
1100             CPUID_DE | CPUID_FP87,
1101         .features[FEAT_1_ECX] =
1102             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
1103             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_POPCNT |
1104             CPUID_EXT_X2APIC | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
1105             CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | CPUID_EXT_PCLMULQDQ |
1106             CPUID_EXT_SSE3,
1107         .features[FEAT_8000_0001_EDX] =
1108             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
1109             CPUID_EXT2_SYSCALL,
1110         .features[FEAT_8000_0001_ECX] =
1111             CPUID_EXT3_LAHF_LM,
1112         .features[FEAT_XSAVE] =
1113             CPUID_XSAVE_XSAVEOPT,
1114         .features[FEAT_6_EAX] =
1115             CPUID_6_EAX_ARAT,
1116         .xlevel = 0x80000008,
1117         .model_id = "Intel Xeon E312xx (Sandy Bridge)",
1118     },
1119     {
1120         .name = "IvyBridge",
1121         .level = 0xd,
1122         .vendor = CPUID_VENDOR_INTEL,
1123         .family = 6,
1124         .model = 58,
1125         .stepping = 9,
1126         .features[FEAT_1_EDX] =
1127             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
1128             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
1129             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
1130             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
1131             CPUID_DE | CPUID_FP87,
1132         .features[FEAT_1_ECX] =
1133             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
1134             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_POPCNT |
1135             CPUID_EXT_X2APIC | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
1136             CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | CPUID_EXT_PCLMULQDQ |
1137             CPUID_EXT_SSE3 | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
1138         .features[FEAT_7_0_EBX] =
1139             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_SMEP |
1140             CPUID_7_0_EBX_ERMS,
1141         .features[FEAT_8000_0001_EDX] =
1142             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
1143             CPUID_EXT2_SYSCALL,
1144         .features[FEAT_8000_0001_ECX] =
1145             CPUID_EXT3_LAHF_LM,
1146         .features[FEAT_XSAVE] =
1147             CPUID_XSAVE_XSAVEOPT,
1148         .features[FEAT_6_EAX] =
1149             CPUID_6_EAX_ARAT,
1150         .xlevel = 0x80000008,
1151         .model_id = "Intel Xeon E3-12xx v2 (Ivy Bridge)",
1152     },
1153     {
1154         .name = "Haswell-noTSX",
1155         .level = 0xd,
1156         .vendor = CPUID_VENDOR_INTEL,
1157         .family = 6,
1158         .model = 60,
1159         .stepping = 1,
1160         .features[FEAT_1_EDX] =
1161             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
1162             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
1163             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
1164             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
1165             CPUID_DE | CPUID_FP87,
1166         .features[FEAT_1_ECX] =
1167             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
1168             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
1169             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
1170             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
1171             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
1172             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
1173         .features[FEAT_8000_0001_EDX] =
1174             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
1175             CPUID_EXT2_SYSCALL,
1176         .features[FEAT_8000_0001_ECX] =
1177             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM,
1178         .features[FEAT_7_0_EBX] =
1179             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
1180             CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
1181             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID,
1182         .features[FEAT_XSAVE] =
1183             CPUID_XSAVE_XSAVEOPT,
1184         .features[FEAT_6_EAX] =
1185             CPUID_6_EAX_ARAT,
1186         .xlevel = 0x80000008,
1187         .model_id = "Intel Core Processor (Haswell, no TSX)",
1188     },    {
1189         .name = "Haswell",
1190         .level = 0xd,
1191         .vendor = CPUID_VENDOR_INTEL,
1192         .family = 6,
1193         .model = 60,
1194         .stepping = 4,
1195         .features[FEAT_1_EDX] =
1196             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
1197             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
1198             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
1199             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
1200             CPUID_DE | CPUID_FP87,
1201         .features[FEAT_1_ECX] =
1202             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
1203             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
1204             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
1205             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
1206             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
1207             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
1208         .features[FEAT_8000_0001_EDX] =
1209             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
1210             CPUID_EXT2_SYSCALL,
1211         .features[FEAT_8000_0001_ECX] =
1212             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM,
1213         .features[FEAT_7_0_EBX] =
1214             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
1215             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
1216             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
1217             CPUID_7_0_EBX_RTM,
1218         .features[FEAT_XSAVE] =
1219             CPUID_XSAVE_XSAVEOPT,
1220         .features[FEAT_6_EAX] =
1221             CPUID_6_EAX_ARAT,
1222         .xlevel = 0x80000008,
1223         .model_id = "Intel Core Processor (Haswell)",
1224     },
1225     {
1226         .name = "Broadwell-noTSX",
1227         .level = 0xd,
1228         .vendor = CPUID_VENDOR_INTEL,
1229         .family = 6,
1230         .model = 61,
1231         .stepping = 2,
1232         .features[FEAT_1_EDX] =
1233             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
1234             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
1235             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
1236             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
1237             CPUID_DE | CPUID_FP87,
1238         .features[FEAT_1_ECX] =
1239             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
1240             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
1241             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
1242             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
1243             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
1244             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
1245         .features[FEAT_8000_0001_EDX] =
1246             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
1247             CPUID_EXT2_SYSCALL,
1248         .features[FEAT_8000_0001_ECX] =
1249             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
1250         .features[FEAT_7_0_EBX] =
1251             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
1252             CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
1253             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
1254             CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
1255             CPUID_7_0_EBX_SMAP,
1256         .features[FEAT_XSAVE] =
1257             CPUID_XSAVE_XSAVEOPT,
1258         .features[FEAT_6_EAX] =
1259             CPUID_6_EAX_ARAT,
1260         .xlevel = 0x80000008,
1261         .model_id = "Intel Core Processor (Broadwell, no TSX)",
1262     },
1263     {
1264         .name = "Broadwell",
1265         .level = 0xd,
1266         .vendor = CPUID_VENDOR_INTEL,
1267         .family = 6,
1268         .model = 61,
1269         .stepping = 2,
1270         .features[FEAT_1_EDX] =
1271             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
1272             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
1273             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
1274             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
1275             CPUID_DE | CPUID_FP87,
1276         .features[FEAT_1_ECX] =
1277             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
1278             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
1279             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
1280             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
1281             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
1282             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
1283         .features[FEAT_8000_0001_EDX] =
1284             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
1285             CPUID_EXT2_SYSCALL,
1286         .features[FEAT_8000_0001_ECX] =
1287             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
1288         .features[FEAT_7_0_EBX] =
1289             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
1290             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
1291             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
1292             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
1293             CPUID_7_0_EBX_SMAP,
1294         .features[FEAT_XSAVE] =
1295             CPUID_XSAVE_XSAVEOPT,
1296         .features[FEAT_6_EAX] =
1297             CPUID_6_EAX_ARAT,
1298         .xlevel = 0x80000008,
1299         .model_id = "Intel Core Processor (Broadwell)",
1300     },
1301     {
1302         .name = "Skylake-Client",
1303         .level = 0xd,
1304         .vendor = CPUID_VENDOR_INTEL,
1305         .family = 6,
1306         .model = 94,
1307         .stepping = 3,
1308         .features[FEAT_1_EDX] =
1309             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
1310             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
1311             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
1312             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
1313             CPUID_DE | CPUID_FP87,
1314         .features[FEAT_1_ECX] =
1315             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
1316             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
1317             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
1318             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
1319             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
1320             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
1321         .features[FEAT_8000_0001_EDX] =
1322             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
1323             CPUID_EXT2_SYSCALL,
1324         .features[FEAT_8000_0001_ECX] =
1325             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
1326         .features[FEAT_7_0_EBX] =
1327             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
1328             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
1329             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
1330             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
1331             CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_MPX,
1332         /* Missing: XSAVES (not supported by some Linux versions,
1333          * including v4.1 to v4.12).
1334          * KVM doesn't yet expose any XSAVES state save component,
1335          * and the only one defined in Skylake (processor tracing)
1336          * probably will block migration anyway.
1337          */
1338         .features[FEAT_XSAVE] =
1339             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
1340             CPUID_XSAVE_XGETBV1,
1341         .features[FEAT_6_EAX] =
1342             CPUID_6_EAX_ARAT,
1343         .xlevel = 0x80000008,
1344         .model_id = "Intel Core Processor (Skylake)",
1345     },
1346     {
1347         .name = "Skylake-Server",
1348         .level = 0xd,
1349         .vendor = CPUID_VENDOR_INTEL,
1350         .family = 6,
1351         .model = 85,
1352         .stepping = 4,
1353         .features[FEAT_1_EDX] =
1354             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
1355             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
1356             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
1357             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
1358             CPUID_DE | CPUID_FP87,
1359         .features[FEAT_1_ECX] =
1360             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
1361             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
1362             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
1363             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
1364             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
1365             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
1366         .features[FEAT_8000_0001_EDX] =
1367             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
1368             CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
1369         .features[FEAT_8000_0001_ECX] =
1370             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
1371         .features[FEAT_7_0_EBX] =
1372             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
1373             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
1374             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
1375             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
1376             CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_MPX | CPUID_7_0_EBX_CLWB |
1377             CPUID_7_0_EBX_AVX512F | CPUID_7_0_EBX_AVX512DQ |
1378             CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512CD |
1379             CPUID_7_0_EBX_AVX512VL,
1380         /* Missing: XSAVES (not supported by some Linux versions,
1381          * including v4.1 to v4.12).
1382          * KVM doesn't yet expose any XSAVES state save component,
1383          * and the only one defined in Skylake (processor tracing)
1384          * probably will block migration anyway.
1385          */
1386         .features[FEAT_XSAVE] =
1387             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
1388             CPUID_XSAVE_XGETBV1,
1389         .features[FEAT_6_EAX] =
1390             CPUID_6_EAX_ARAT,
1391         .xlevel = 0x80000008,
1392         .model_id = "Intel Xeon Processor (Skylake)",
1393     },
1394     {
1395         .name = "Opteron_G1",
1396         .level = 5,
1397         .vendor = CPUID_VENDOR_AMD,
1398         .family = 15,
1399         .model = 6,
1400         .stepping = 1,
1401         .features[FEAT_1_EDX] =
1402             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
1403             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
1404             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
1405             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
1406             CPUID_DE | CPUID_FP87,
1407         .features[FEAT_1_ECX] =
1408             CPUID_EXT_SSE3,
1409         .features[FEAT_8000_0001_EDX] =
1410             CPUID_EXT2_LM | CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
1411         .xlevel = 0x80000008,
1412         .model_id = "AMD Opteron 240 (Gen 1 Class Opteron)",
1413     },
1414     {
1415         .name = "Opteron_G2",
1416         .level = 5,
1417         .vendor = CPUID_VENDOR_AMD,
1418         .family = 15,
1419         .model = 6,
1420         .stepping = 1,
1421         .features[FEAT_1_EDX] =
1422             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
1423             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
1424             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
1425             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
1426             CPUID_DE | CPUID_FP87,
1427         .features[FEAT_1_ECX] =
1428             CPUID_EXT_CX16 | CPUID_EXT_SSE3,
1429         /* Missing: CPUID_EXT2_RDTSCP */
1430         .features[FEAT_8000_0001_EDX] =
1431             CPUID_EXT2_LM | CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
1432         .features[FEAT_8000_0001_ECX] =
1433             CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM,
1434         .xlevel = 0x80000008,
1435         .model_id = "AMD Opteron 22xx (Gen 2 Class Opteron)",
1436     },
1437     {
1438         .name = "Opteron_G3",
1439         .level = 5,
1440         .vendor = CPUID_VENDOR_AMD,
1441         .family = 16,
1442         .model = 2,
1443         .stepping = 3,
1444         .features[FEAT_1_EDX] =
1445             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
1446             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
1447             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
1448             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
1449             CPUID_DE | CPUID_FP87,
1450         .features[FEAT_1_ECX] =
1451             CPUID_EXT_POPCNT | CPUID_EXT_CX16 | CPUID_EXT_MONITOR |
1452             CPUID_EXT_SSE3,
1453         /* Missing: CPUID_EXT2_RDTSCP */
1454         .features[FEAT_8000_0001_EDX] =
1455             CPUID_EXT2_LM | CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
1456         .features[FEAT_8000_0001_ECX] =
1457             CPUID_EXT3_MISALIGNSSE | CPUID_EXT3_SSE4A |
1458             CPUID_EXT3_ABM | CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM,
1459         .xlevel = 0x80000008,
1460         .model_id = "AMD Opteron 23xx (Gen 3 Class Opteron)",
1461     },
1462     {
1463         .name = "Opteron_G4",
1464         .level = 0xd,
1465         .vendor = CPUID_VENDOR_AMD,
1466         .family = 21,
1467         .model = 1,
1468         .stepping = 2,
1469         .features[FEAT_1_EDX] =
1470             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
1471             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
1472             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
1473             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
1474             CPUID_DE | CPUID_FP87,
1475         .features[FEAT_1_ECX] =
1476             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
1477             CPUID_EXT_POPCNT | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
1478             CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | CPUID_EXT_PCLMULQDQ |
1479             CPUID_EXT_SSE3,
1480         /* Missing: CPUID_EXT2_RDTSCP */
1481         .features[FEAT_8000_0001_EDX] =
1482             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_NX |
1483             CPUID_EXT2_SYSCALL,
1484         .features[FEAT_8000_0001_ECX] =
1485             CPUID_EXT3_FMA4 | CPUID_EXT3_XOP |
1486             CPUID_EXT3_3DNOWPREFETCH | CPUID_EXT3_MISALIGNSSE |
1487             CPUID_EXT3_SSE4A | CPUID_EXT3_ABM | CPUID_EXT3_SVM |
1488             CPUID_EXT3_LAHF_LM,
1489         /* no xsaveopt! */
1490         .xlevel = 0x8000001A,
1491         .model_id = "AMD Opteron 62xx class CPU",
1492     },
1493     {
1494         .name = "Opteron_G5",
1495         .level = 0xd,
1496         .vendor = CPUID_VENDOR_AMD,
1497         .family = 21,
1498         .model = 2,
1499         .stepping = 0,
1500         .features[FEAT_1_EDX] =
1501             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
1502             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
1503             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
1504             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
1505             CPUID_DE | CPUID_FP87,
1506         .features[FEAT_1_ECX] =
1507             CPUID_EXT_F16C | CPUID_EXT_AVX | CPUID_EXT_XSAVE |
1508             CPUID_EXT_AES | CPUID_EXT_POPCNT | CPUID_EXT_SSE42 |
1509             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_FMA |
1510             CPUID_EXT_SSSE3 | CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3,
1511         /* Missing: CPUID_EXT2_RDTSCP */
1512         .features[FEAT_8000_0001_EDX] =
1513             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_NX |
1514             CPUID_EXT2_SYSCALL,
1515         .features[FEAT_8000_0001_ECX] =
1516             CPUID_EXT3_TBM | CPUID_EXT3_FMA4 | CPUID_EXT3_XOP |
1517             CPUID_EXT3_3DNOWPREFETCH | CPUID_EXT3_MISALIGNSSE |
1518             CPUID_EXT3_SSE4A | CPUID_EXT3_ABM | CPUID_EXT3_SVM |
1519             CPUID_EXT3_LAHF_LM,
1520         /* no xsaveopt! */
1521         .xlevel = 0x8000001A,
1522         .model_id = "AMD Opteron 63xx class CPU",
1523     },
1524     {
1525         .name = "EPYC",
1526         .level = 0xd,
1527         .vendor = CPUID_VENDOR_AMD,
1528         .family = 23,
1529         .model = 1,
1530         .stepping = 2,
1531         .features[FEAT_1_EDX] =
1532             CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | CPUID_CLFLUSH |
1533             CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | CPUID_PGE |
1534             CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | CPUID_MCE |
1535             CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | CPUID_DE |
1536             CPUID_VME | CPUID_FP87,
1537         .features[FEAT_1_ECX] =
1538             CPUID_EXT_RDRAND | CPUID_EXT_F16C | CPUID_EXT_AVX |
1539             CPUID_EXT_XSAVE | CPUID_EXT_AES |  CPUID_EXT_POPCNT |
1540             CPUID_EXT_MOVBE | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
1541             CPUID_EXT_CX16 | CPUID_EXT_FMA | CPUID_EXT_SSSE3 |
1542             CPUID_EXT_MONITOR | CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3,
1543         .features[FEAT_8000_0001_EDX] =
1544             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_PDPE1GB |
1545             CPUID_EXT2_FFXSR | CPUID_EXT2_MMXEXT | CPUID_EXT2_NX |
1546             CPUID_EXT2_SYSCALL,
1547         .features[FEAT_8000_0001_ECX] =
1548             CPUID_EXT3_OSVW | CPUID_EXT3_3DNOWPREFETCH |
1549             CPUID_EXT3_MISALIGNSSE | CPUID_EXT3_SSE4A | CPUID_EXT3_ABM |
1550             CPUID_EXT3_CR8LEG | CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM,
1551         .features[FEAT_7_0_EBX] =
1552             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_AVX2 |
1553             CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_RDSEED |
1554             CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLFLUSHOPT |
1555             CPUID_7_0_EBX_SHA_NI,
1556         /* Missing: XSAVES (not supported by some Linux versions,
1557          * including v4.1 to v4.12).
1558          * KVM doesn't yet expose any XSAVES state save component.
1559          */
1560         .features[FEAT_XSAVE] =
1561             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
1562             CPUID_XSAVE_XGETBV1,
1563         .features[FEAT_6_EAX] =
1564             CPUID_6_EAX_ARAT,
1565         .xlevel = 0x8000000A,
1566         .model_id = "AMD EPYC Processor",
1567     },
1568 };
1569 
1570 typedef struct PropValue {
1571     const char *prop, *value;
1572 } PropValue;
1573 
1574 /* KVM-specific features that are automatically added/removed
1575  * from all CPU models when KVM is enabled.
1576  */
1577 static PropValue kvm_default_props[] = {
1578     { "kvmclock", "on" },
1579     { "kvm-nopiodelay", "on" },
1580     { "kvm-asyncpf", "on" },
1581     { "kvm-steal-time", "on" },
1582     { "kvm-pv-eoi", "on" },
1583     { "kvmclock-stable-bit", "on" },
1584     { "x2apic", "on" },
1585     { "acpi", "off" },
1586     { "monitor", "off" },
1587     { "svm", "off" },
1588     { NULL, NULL },
1589 };
1590 
1591 /* TCG-specific defaults that override all CPU models when using TCG
1592  */
1593 static PropValue tcg_default_props[] = {
1594     { "vme", "off" },
1595     { NULL, NULL },
1596 };
1597 
1598 
1599 void x86_cpu_change_kvm_default(const char *prop, const char *value)
1600 {
1601     PropValue *pv;
1602     for (pv = kvm_default_props; pv->prop; pv++) {
1603         if (!strcmp(pv->prop, prop)) {
1604             pv->value = value;
1605             break;
1606         }
1607     }
1608 
1609     /* It is valid to call this function only for properties that
1610      * are already present in the kvm_default_props table.
1611      */
1612     assert(pv->prop);
1613 }
1614 
1615 static uint32_t x86_cpu_get_supported_feature_word(FeatureWord w,
1616                                                    bool migratable_only);
1617 
1618 static bool lmce_supported(void)
1619 {
1620     uint64_t mce_cap = 0;
1621 
1622 #ifdef CONFIG_KVM
1623     if (kvm_ioctl(kvm_state, KVM_X86_GET_MCE_CAP_SUPPORTED, &mce_cap) < 0) {
1624         return false;
1625     }
1626 #endif
1627 
1628     return !!(mce_cap & MCG_LMCE_P);
1629 }
1630 
1631 #define CPUID_MODEL_ID_SZ 48
1632 
1633 /**
1634  * cpu_x86_fill_model_id:
1635  * Get CPUID model ID string from host CPU.
1636  *
1637  * @str should have at least CPUID_MODEL_ID_SZ bytes
1638  *
1639  * The function does NOT add a null terminator to the string
1640  * automatically.
1641  */
1642 static int cpu_x86_fill_model_id(char *str)
1643 {
1644     uint32_t eax = 0, ebx = 0, ecx = 0, edx = 0;
1645     int i;
1646 
1647     for (i = 0; i < 3; i++) {
1648         host_cpuid(0x80000002 + i, 0, &eax, &ebx, &ecx, &edx);
1649         memcpy(str + i * 16 +  0, &eax, 4);
1650         memcpy(str + i * 16 +  4, &ebx, 4);
1651         memcpy(str + i * 16 +  8, &ecx, 4);
1652         memcpy(str + i * 16 + 12, &edx, 4);
1653     }
1654     return 0;
1655 }
1656 
1657 static Property max_x86_cpu_properties[] = {
1658     DEFINE_PROP_BOOL("migratable", X86CPU, migratable, true),
1659     DEFINE_PROP_BOOL("host-cache-info", X86CPU, cache_info_passthrough, false),
1660     DEFINE_PROP_END_OF_LIST()
1661 };
1662 
1663 static void max_x86_cpu_class_init(ObjectClass *oc, void *data)
1664 {
1665     DeviceClass *dc = DEVICE_CLASS(oc);
1666     X86CPUClass *xcc = X86_CPU_CLASS(oc);
1667 
1668     xcc->ordering = 9;
1669 
1670     xcc->model_description =
1671         "Enables all features supported by the accelerator in the current host";
1672 
1673     dc->props = max_x86_cpu_properties;
1674 }
1675 
1676 static void x86_cpu_load_def(X86CPU *cpu, X86CPUDefinition *def, Error **errp);
1677 
1678 static void max_x86_cpu_initfn(Object *obj)
1679 {
1680     X86CPU *cpu = X86_CPU(obj);
1681     CPUX86State *env = &cpu->env;
1682     KVMState *s = kvm_state;
1683 
1684     /* We can't fill the features array here because we don't know yet if
1685      * "migratable" is true or false.
1686      */
1687     cpu->max_features = true;
1688 
1689     if (kvm_enabled()) {
1690         char vendor[CPUID_VENDOR_SZ + 1] = { 0 };
1691         char model_id[CPUID_MODEL_ID_SZ + 1] = { 0 };
1692         int family, model, stepping;
1693 
1694         host_vendor_fms(vendor, &family, &model, &stepping);
1695 
1696         cpu_x86_fill_model_id(model_id);
1697 
1698         object_property_set_str(OBJECT(cpu), vendor, "vendor", &error_abort);
1699         object_property_set_int(OBJECT(cpu), family, "family", &error_abort);
1700         object_property_set_int(OBJECT(cpu), model, "model", &error_abort);
1701         object_property_set_int(OBJECT(cpu), stepping, "stepping",
1702                                 &error_abort);
1703         object_property_set_str(OBJECT(cpu), model_id, "model-id",
1704                                 &error_abort);
1705 
1706         env->cpuid_min_level =
1707             kvm_arch_get_supported_cpuid(s, 0x0, 0, R_EAX);
1708         env->cpuid_min_xlevel =
1709             kvm_arch_get_supported_cpuid(s, 0x80000000, 0, R_EAX);
1710         env->cpuid_min_xlevel2 =
1711             kvm_arch_get_supported_cpuid(s, 0xC0000000, 0, R_EAX);
1712 
1713         if (lmce_supported()) {
1714             object_property_set_bool(OBJECT(cpu), true, "lmce", &error_abort);
1715         }
1716     } else {
1717         object_property_set_str(OBJECT(cpu), CPUID_VENDOR_AMD,
1718                                 "vendor", &error_abort);
1719         object_property_set_int(OBJECT(cpu), 6, "family", &error_abort);
1720         object_property_set_int(OBJECT(cpu), 6, "model", &error_abort);
1721         object_property_set_int(OBJECT(cpu), 3, "stepping", &error_abort);
1722         object_property_set_str(OBJECT(cpu),
1723                                 "QEMU TCG CPU version " QEMU_HW_VERSION,
1724                                 "model-id", &error_abort);
1725     }
1726 
1727     object_property_set_bool(OBJECT(cpu), true, "pmu", &error_abort);
1728 }
1729 
1730 static const TypeInfo max_x86_cpu_type_info = {
1731     .name = X86_CPU_TYPE_NAME("max"),
1732     .parent = TYPE_X86_CPU,
1733     .instance_init = max_x86_cpu_initfn,
1734     .class_init = max_x86_cpu_class_init,
1735 };
1736 
1737 #ifdef CONFIG_KVM
1738 
1739 static void host_x86_cpu_class_init(ObjectClass *oc, void *data)
1740 {
1741     X86CPUClass *xcc = X86_CPU_CLASS(oc);
1742 
1743     xcc->kvm_required = true;
1744     xcc->ordering = 8;
1745 
1746     xcc->model_description =
1747         "KVM processor with all supported host features "
1748         "(only available in KVM mode)";
1749 }
1750 
1751 static const TypeInfo host_x86_cpu_type_info = {
1752     .name = X86_CPU_TYPE_NAME("host"),
1753     .parent = X86_CPU_TYPE_NAME("max"),
1754     .class_init = host_x86_cpu_class_init,
1755 };
1756 
1757 #endif
1758 
1759 static void report_unavailable_features(FeatureWord w, uint32_t mask)
1760 {
1761     FeatureWordInfo *f = &feature_word_info[w];
1762     int i;
1763 
1764     for (i = 0; i < 32; ++i) {
1765         if ((1UL << i) & mask) {
1766             const char *reg = get_register_name_32(f->cpuid_reg);
1767             assert(reg);
1768             warn_report("%s doesn't support requested feature: "
1769                         "CPUID.%02XH:%s%s%s [bit %d]",
1770                         kvm_enabled() ? "host" : "TCG",
1771                         f->cpuid_eax, reg,
1772                         f->feat_names[i] ? "." : "",
1773                         f->feat_names[i] ? f->feat_names[i] : "", i);
1774         }
1775     }
1776 }
1777 
1778 static void x86_cpuid_version_get_family(Object *obj, Visitor *v,
1779                                          const char *name, void *opaque,
1780                                          Error **errp)
1781 {
1782     X86CPU *cpu = X86_CPU(obj);
1783     CPUX86State *env = &cpu->env;
1784     int64_t value;
1785 
1786     value = (env->cpuid_version >> 8) & 0xf;
1787     if (value == 0xf) {
1788         value += (env->cpuid_version >> 20) & 0xff;
1789     }
1790     visit_type_int(v, name, &value, errp);
1791 }
1792 
1793 static void x86_cpuid_version_set_family(Object *obj, Visitor *v,
1794                                          const char *name, void *opaque,
1795                                          Error **errp)
1796 {
1797     X86CPU *cpu = X86_CPU(obj);
1798     CPUX86State *env = &cpu->env;
1799     const int64_t min = 0;
1800     const int64_t max = 0xff + 0xf;
1801     Error *local_err = NULL;
1802     int64_t value;
1803 
1804     visit_type_int(v, name, &value, &local_err);
1805     if (local_err) {
1806         error_propagate(errp, local_err);
1807         return;
1808     }
1809     if (value < min || value > max) {
1810         error_setg(errp, QERR_PROPERTY_VALUE_OUT_OF_RANGE, "",
1811                    name ? name : "null", value, min, max);
1812         return;
1813     }
1814 
1815     env->cpuid_version &= ~0xff00f00;
1816     if (value > 0x0f) {
1817         env->cpuid_version |= 0xf00 | ((value - 0x0f) << 20);
1818     } else {
1819         env->cpuid_version |= value << 8;
1820     }
1821 }
1822 
1823 static void x86_cpuid_version_get_model(Object *obj, Visitor *v,
1824                                         const char *name, void *opaque,
1825                                         Error **errp)
1826 {
1827     X86CPU *cpu = X86_CPU(obj);
1828     CPUX86State *env = &cpu->env;
1829     int64_t value;
1830 
1831     value = (env->cpuid_version >> 4) & 0xf;
1832     value |= ((env->cpuid_version >> 16) & 0xf) << 4;
1833     visit_type_int(v, name, &value, errp);
1834 }
1835 
1836 static void x86_cpuid_version_set_model(Object *obj, Visitor *v,
1837                                         const char *name, void *opaque,
1838                                         Error **errp)
1839 {
1840     X86CPU *cpu = X86_CPU(obj);
1841     CPUX86State *env = &cpu->env;
1842     const int64_t min = 0;
1843     const int64_t max = 0xff;
1844     Error *local_err = NULL;
1845     int64_t value;
1846 
1847     visit_type_int(v, name, &value, &local_err);
1848     if (local_err) {
1849         error_propagate(errp, local_err);
1850         return;
1851     }
1852     if (value < min || value > max) {
1853         error_setg(errp, QERR_PROPERTY_VALUE_OUT_OF_RANGE, "",
1854                    name ? name : "null", value, min, max);
1855         return;
1856     }
1857 
1858     env->cpuid_version &= ~0xf00f0;
1859     env->cpuid_version |= ((value & 0xf) << 4) | ((value >> 4) << 16);
1860 }
1861 
1862 static void x86_cpuid_version_get_stepping(Object *obj, Visitor *v,
1863                                            const char *name, void *opaque,
1864                                            Error **errp)
1865 {
1866     X86CPU *cpu = X86_CPU(obj);
1867     CPUX86State *env = &cpu->env;
1868     int64_t value;
1869 
1870     value = env->cpuid_version & 0xf;
1871     visit_type_int(v, name, &value, errp);
1872 }
1873 
1874 static void x86_cpuid_version_set_stepping(Object *obj, Visitor *v,
1875                                            const char *name, void *opaque,
1876                                            Error **errp)
1877 {
1878     X86CPU *cpu = X86_CPU(obj);
1879     CPUX86State *env = &cpu->env;
1880     const int64_t min = 0;
1881     const int64_t max = 0xf;
1882     Error *local_err = NULL;
1883     int64_t value;
1884 
1885     visit_type_int(v, name, &value, &local_err);
1886     if (local_err) {
1887         error_propagate(errp, local_err);
1888         return;
1889     }
1890     if (value < min || value > max) {
1891         error_setg(errp, QERR_PROPERTY_VALUE_OUT_OF_RANGE, "",
1892                    name ? name : "null", value, min, max);
1893         return;
1894     }
1895 
1896     env->cpuid_version &= ~0xf;
1897     env->cpuid_version |= value & 0xf;
1898 }
1899 
1900 static char *x86_cpuid_get_vendor(Object *obj, Error **errp)
1901 {
1902     X86CPU *cpu = X86_CPU(obj);
1903     CPUX86State *env = &cpu->env;
1904     char *value;
1905 
1906     value = g_malloc(CPUID_VENDOR_SZ + 1);
1907     x86_cpu_vendor_words2str(value, env->cpuid_vendor1, env->cpuid_vendor2,
1908                              env->cpuid_vendor3);
1909     return value;
1910 }
1911 
1912 static void x86_cpuid_set_vendor(Object *obj, const char *value,
1913                                  Error **errp)
1914 {
1915     X86CPU *cpu = X86_CPU(obj);
1916     CPUX86State *env = &cpu->env;
1917     int i;
1918 
1919     if (strlen(value) != CPUID_VENDOR_SZ) {
1920         error_setg(errp, QERR_PROPERTY_VALUE_BAD, "", "vendor", value);
1921         return;
1922     }
1923 
1924     env->cpuid_vendor1 = 0;
1925     env->cpuid_vendor2 = 0;
1926     env->cpuid_vendor3 = 0;
1927     for (i = 0; i < 4; i++) {
1928         env->cpuid_vendor1 |= ((uint8_t)value[i    ]) << (8 * i);
1929         env->cpuid_vendor2 |= ((uint8_t)value[i + 4]) << (8 * i);
1930         env->cpuid_vendor3 |= ((uint8_t)value[i + 8]) << (8 * i);
1931     }
1932 }
1933 
1934 static char *x86_cpuid_get_model_id(Object *obj, Error **errp)
1935 {
1936     X86CPU *cpu = X86_CPU(obj);
1937     CPUX86State *env = &cpu->env;
1938     char *value;
1939     int i;
1940 
1941     value = g_malloc(48 + 1);
1942     for (i = 0; i < 48; i++) {
1943         value[i] = env->cpuid_model[i >> 2] >> (8 * (i & 3));
1944     }
1945     value[48] = '\0';
1946     return value;
1947 }
1948 
1949 static void x86_cpuid_set_model_id(Object *obj, const char *model_id,
1950                                    Error **errp)
1951 {
1952     X86CPU *cpu = X86_CPU(obj);
1953     CPUX86State *env = &cpu->env;
1954     int c, len, i;
1955 
1956     if (model_id == NULL) {
1957         model_id = "";
1958     }
1959     len = strlen(model_id);
1960     memset(env->cpuid_model, 0, 48);
1961     for (i = 0; i < 48; i++) {
1962         if (i >= len) {
1963             c = '\0';
1964         } else {
1965             c = (uint8_t)model_id[i];
1966         }
1967         env->cpuid_model[i >> 2] |= c << (8 * (i & 3));
1968     }
1969 }
1970 
1971 static void x86_cpuid_get_tsc_freq(Object *obj, Visitor *v, const char *name,
1972                                    void *opaque, Error **errp)
1973 {
1974     X86CPU *cpu = X86_CPU(obj);
1975     int64_t value;
1976 
1977     value = cpu->env.tsc_khz * 1000;
1978     visit_type_int(v, name, &value, errp);
1979 }
1980 
1981 static void x86_cpuid_set_tsc_freq(Object *obj, Visitor *v, const char *name,
1982                                    void *opaque, Error **errp)
1983 {
1984     X86CPU *cpu = X86_CPU(obj);
1985     const int64_t min = 0;
1986     const int64_t max = INT64_MAX;
1987     Error *local_err = NULL;
1988     int64_t value;
1989 
1990     visit_type_int(v, name, &value, &local_err);
1991     if (local_err) {
1992         error_propagate(errp, local_err);
1993         return;
1994     }
1995     if (value < min || value > max) {
1996         error_setg(errp, QERR_PROPERTY_VALUE_OUT_OF_RANGE, "",
1997                    name ? name : "null", value, min, max);
1998         return;
1999     }
2000 
2001     cpu->env.tsc_khz = cpu->env.user_tsc_khz = value / 1000;
2002 }
2003 
2004 /* Generic getter for "feature-words" and "filtered-features" properties */
2005 static void x86_cpu_get_feature_words(Object *obj, Visitor *v,
2006                                       const char *name, void *opaque,
2007                                       Error **errp)
2008 {
2009     uint32_t *array = (uint32_t *)opaque;
2010     FeatureWord w;
2011     X86CPUFeatureWordInfo word_infos[FEATURE_WORDS] = { };
2012     X86CPUFeatureWordInfoList list_entries[FEATURE_WORDS] = { };
2013     X86CPUFeatureWordInfoList *list = NULL;
2014 
2015     for (w = 0; w < FEATURE_WORDS; w++) {
2016         FeatureWordInfo *wi = &feature_word_info[w];
2017         X86CPUFeatureWordInfo *qwi = &word_infos[w];
2018         qwi->cpuid_input_eax = wi->cpuid_eax;
2019         qwi->has_cpuid_input_ecx = wi->cpuid_needs_ecx;
2020         qwi->cpuid_input_ecx = wi->cpuid_ecx;
2021         qwi->cpuid_register = x86_reg_info_32[wi->cpuid_reg].qapi_enum;
2022         qwi->features = array[w];
2023 
2024         /* List will be in reverse order, but order shouldn't matter */
2025         list_entries[w].next = list;
2026         list_entries[w].value = &word_infos[w];
2027         list = &list_entries[w];
2028     }
2029 
2030     visit_type_X86CPUFeatureWordInfoList(v, "feature-words", &list, errp);
2031 }
2032 
2033 static void x86_get_hv_spinlocks(Object *obj, Visitor *v, const char *name,
2034                                  void *opaque, Error **errp)
2035 {
2036     X86CPU *cpu = X86_CPU(obj);
2037     int64_t value = cpu->hyperv_spinlock_attempts;
2038 
2039     visit_type_int(v, name, &value, errp);
2040 }
2041 
2042 static void x86_set_hv_spinlocks(Object *obj, Visitor *v, const char *name,
2043                                  void *opaque, Error **errp)
2044 {
2045     const int64_t min = 0xFFF;
2046     const int64_t max = UINT_MAX;
2047     X86CPU *cpu = X86_CPU(obj);
2048     Error *err = NULL;
2049     int64_t value;
2050 
2051     visit_type_int(v, name, &value, &err);
2052     if (err) {
2053         error_propagate(errp, err);
2054         return;
2055     }
2056 
2057     if (value < min || value > max) {
2058         error_setg(errp, "Property %s.%s doesn't take value %" PRId64
2059                    " (minimum: %" PRId64 ", maximum: %" PRId64 ")",
2060                    object_get_typename(obj), name ? name : "null",
2061                    value, min, max);
2062         return;
2063     }
2064     cpu->hyperv_spinlock_attempts = value;
2065 }
2066 
2067 static const PropertyInfo qdev_prop_spinlocks = {
2068     .name  = "int",
2069     .get   = x86_get_hv_spinlocks,
2070     .set   = x86_set_hv_spinlocks,
2071 };
2072 
2073 /* Convert all '_' in a feature string option name to '-', to make feature
2074  * name conform to QOM property naming rule, which uses '-' instead of '_'.
2075  */
2076 static inline void feat2prop(char *s)
2077 {
2078     while ((s = strchr(s, '_'))) {
2079         *s = '-';
2080     }
2081 }
2082 
2083 /* Return the feature property name for a feature flag bit */
2084 static const char *x86_cpu_feature_name(FeatureWord w, int bitnr)
2085 {
2086     /* XSAVE components are automatically enabled by other features,
2087      * so return the original feature name instead
2088      */
2089     if (w == FEAT_XSAVE_COMP_LO || w == FEAT_XSAVE_COMP_HI) {
2090         int comp = (w == FEAT_XSAVE_COMP_HI) ? bitnr + 32 : bitnr;
2091 
2092         if (comp < ARRAY_SIZE(x86_ext_save_areas) &&
2093             x86_ext_save_areas[comp].bits) {
2094             w = x86_ext_save_areas[comp].feature;
2095             bitnr = ctz32(x86_ext_save_areas[comp].bits);
2096         }
2097     }
2098 
2099     assert(bitnr < 32);
2100     assert(w < FEATURE_WORDS);
2101     return feature_word_info[w].feat_names[bitnr];
2102 }
2103 
2104 /* Compatibily hack to maintain legacy +-feat semantic,
2105  * where +-feat overwrites any feature set by
2106  * feat=on|feat even if the later is parsed after +-feat
2107  * (i.e. "-x2apic,x2apic=on" will result in x2apic disabled)
2108  */
2109 static GList *plus_features, *minus_features;
2110 
2111 static gint compare_string(gconstpointer a, gconstpointer b)
2112 {
2113     return g_strcmp0(a, b);
2114 }
2115 
2116 /* Parse "+feature,-feature,feature=foo" CPU feature string
2117  */
2118 static void x86_cpu_parse_featurestr(const char *typename, char *features,
2119                                      Error **errp)
2120 {
2121     char *featurestr; /* Single 'key=value" string being parsed */
2122     static bool cpu_globals_initialized;
2123     bool ambiguous = false;
2124 
2125     if (cpu_globals_initialized) {
2126         return;
2127     }
2128     cpu_globals_initialized = true;
2129 
2130     if (!features) {
2131         return;
2132     }
2133 
2134     for (featurestr = strtok(features, ",");
2135          featurestr;
2136          featurestr = strtok(NULL, ",")) {
2137         const char *name;
2138         const char *val = NULL;
2139         char *eq = NULL;
2140         char num[32];
2141         GlobalProperty *prop;
2142 
2143         /* Compatibility syntax: */
2144         if (featurestr[0] == '+') {
2145             plus_features = g_list_append(plus_features,
2146                                           g_strdup(featurestr + 1));
2147             continue;
2148         } else if (featurestr[0] == '-') {
2149             minus_features = g_list_append(minus_features,
2150                                            g_strdup(featurestr + 1));
2151             continue;
2152         }
2153 
2154         eq = strchr(featurestr, '=');
2155         if (eq) {
2156             *eq++ = 0;
2157             val = eq;
2158         } else {
2159             val = "on";
2160         }
2161 
2162         feat2prop(featurestr);
2163         name = featurestr;
2164 
2165         if (g_list_find_custom(plus_features, name, compare_string)) {
2166             warn_report("Ambiguous CPU model string. "
2167                         "Don't mix both \"+%s\" and \"%s=%s\"",
2168                         name, name, val);
2169             ambiguous = true;
2170         }
2171         if (g_list_find_custom(minus_features, name, compare_string)) {
2172             warn_report("Ambiguous CPU model string. "
2173                         "Don't mix both \"-%s\" and \"%s=%s\"",
2174                         name, name, val);
2175             ambiguous = true;
2176         }
2177 
2178         /* Special case: */
2179         if (!strcmp(name, "tsc-freq")) {
2180             int ret;
2181             uint64_t tsc_freq;
2182 
2183             ret = qemu_strtosz_metric(val, NULL, &tsc_freq);
2184             if (ret < 0 || tsc_freq > INT64_MAX) {
2185                 error_setg(errp, "bad numerical value %s", val);
2186                 return;
2187             }
2188             snprintf(num, sizeof(num), "%" PRId64, tsc_freq);
2189             val = num;
2190             name = "tsc-frequency";
2191         }
2192 
2193         prop = g_new0(typeof(*prop), 1);
2194         prop->driver = typename;
2195         prop->property = g_strdup(name);
2196         prop->value = g_strdup(val);
2197         prop->errp = &error_fatal;
2198         qdev_prop_register_global(prop);
2199     }
2200 
2201     if (ambiguous) {
2202         warn_report("Compatibility of ambiguous CPU model "
2203                     "strings won't be kept on future QEMU versions");
2204     }
2205 }
2206 
2207 static void x86_cpu_expand_features(X86CPU *cpu, Error **errp);
2208 static int x86_cpu_filter_features(X86CPU *cpu);
2209 
2210 /* Check for missing features that may prevent the CPU class from
2211  * running using the current machine and accelerator.
2212  */
2213 static void x86_cpu_class_check_missing_features(X86CPUClass *xcc,
2214                                                  strList **missing_feats)
2215 {
2216     X86CPU *xc;
2217     FeatureWord w;
2218     Error *err = NULL;
2219     strList **next = missing_feats;
2220 
2221     if (xcc->kvm_required && !kvm_enabled()) {
2222         strList *new = g_new0(strList, 1);
2223         new->value = g_strdup("kvm");;
2224         *missing_feats = new;
2225         return;
2226     }
2227 
2228     xc = X86_CPU(object_new(object_class_get_name(OBJECT_CLASS(xcc))));
2229 
2230     x86_cpu_expand_features(xc, &err);
2231     if (err) {
2232         /* Errors at x86_cpu_expand_features should never happen,
2233          * but in case it does, just report the model as not
2234          * runnable at all using the "type" property.
2235          */
2236         strList *new = g_new0(strList, 1);
2237         new->value = g_strdup("type");
2238         *next = new;
2239         next = &new->next;
2240     }
2241 
2242     x86_cpu_filter_features(xc);
2243 
2244     for (w = 0; w < FEATURE_WORDS; w++) {
2245         uint32_t filtered = xc->filtered_features[w];
2246         int i;
2247         for (i = 0; i < 32; i++) {
2248             if (filtered & (1UL << i)) {
2249                 strList *new = g_new0(strList, 1);
2250                 new->value = g_strdup(x86_cpu_feature_name(w, i));
2251                 *next = new;
2252                 next = &new->next;
2253             }
2254         }
2255     }
2256 
2257     object_unref(OBJECT(xc));
2258 }
2259 
2260 /* Print all cpuid feature names in featureset
2261  */
2262 static void listflags(FILE *f, fprintf_function print, const char **featureset)
2263 {
2264     int bit;
2265     bool first = true;
2266 
2267     for (bit = 0; bit < 32; bit++) {
2268         if (featureset[bit]) {
2269             print(f, "%s%s", first ? "" : " ", featureset[bit]);
2270             first = false;
2271         }
2272     }
2273 }
2274 
2275 /* Sort alphabetically by type name, respecting X86CPUClass::ordering. */
2276 static gint x86_cpu_list_compare(gconstpointer a, gconstpointer b)
2277 {
2278     ObjectClass *class_a = (ObjectClass *)a;
2279     ObjectClass *class_b = (ObjectClass *)b;
2280     X86CPUClass *cc_a = X86_CPU_CLASS(class_a);
2281     X86CPUClass *cc_b = X86_CPU_CLASS(class_b);
2282     const char *name_a, *name_b;
2283 
2284     if (cc_a->ordering != cc_b->ordering) {
2285         return cc_a->ordering - cc_b->ordering;
2286     } else {
2287         name_a = object_class_get_name(class_a);
2288         name_b = object_class_get_name(class_b);
2289         return strcmp(name_a, name_b);
2290     }
2291 }
2292 
2293 static GSList *get_sorted_cpu_model_list(void)
2294 {
2295     GSList *list = object_class_get_list(TYPE_X86_CPU, false);
2296     list = g_slist_sort(list, x86_cpu_list_compare);
2297     return list;
2298 }
2299 
2300 static void x86_cpu_list_entry(gpointer data, gpointer user_data)
2301 {
2302     ObjectClass *oc = data;
2303     X86CPUClass *cc = X86_CPU_CLASS(oc);
2304     CPUListState *s = user_data;
2305     char *name = x86_cpu_class_get_model_name(cc);
2306     const char *desc = cc->model_description;
2307     if (!desc && cc->cpu_def) {
2308         desc = cc->cpu_def->model_id;
2309     }
2310 
2311     (*s->cpu_fprintf)(s->file, "x86 %16s  %-48s\n",
2312                       name, desc);
2313     g_free(name);
2314 }
2315 
2316 /* list available CPU models and flags */
2317 void x86_cpu_list(FILE *f, fprintf_function cpu_fprintf)
2318 {
2319     int i;
2320     CPUListState s = {
2321         .file = f,
2322         .cpu_fprintf = cpu_fprintf,
2323     };
2324     GSList *list;
2325 
2326     (*cpu_fprintf)(f, "Available CPUs:\n");
2327     list = get_sorted_cpu_model_list();
2328     g_slist_foreach(list, x86_cpu_list_entry, &s);
2329     g_slist_free(list);
2330 
2331     (*cpu_fprintf)(f, "\nRecognized CPUID flags:\n");
2332     for (i = 0; i < ARRAY_SIZE(feature_word_info); i++) {
2333         FeatureWordInfo *fw = &feature_word_info[i];
2334 
2335         (*cpu_fprintf)(f, "  ");
2336         listflags(f, cpu_fprintf, fw->feat_names);
2337         (*cpu_fprintf)(f, "\n");
2338     }
2339 }
2340 
2341 static void x86_cpu_definition_entry(gpointer data, gpointer user_data)
2342 {
2343     ObjectClass *oc = data;
2344     X86CPUClass *cc = X86_CPU_CLASS(oc);
2345     CpuDefinitionInfoList **cpu_list = user_data;
2346     CpuDefinitionInfoList *entry;
2347     CpuDefinitionInfo *info;
2348 
2349     info = g_malloc0(sizeof(*info));
2350     info->name = x86_cpu_class_get_model_name(cc);
2351     x86_cpu_class_check_missing_features(cc, &info->unavailable_features);
2352     info->has_unavailable_features = true;
2353     info->q_typename = g_strdup(object_class_get_name(oc));
2354     info->migration_safe = cc->migration_safe;
2355     info->has_migration_safe = true;
2356     info->q_static = cc->static_model;
2357 
2358     entry = g_malloc0(sizeof(*entry));
2359     entry->value = info;
2360     entry->next = *cpu_list;
2361     *cpu_list = entry;
2362 }
2363 
2364 CpuDefinitionInfoList *arch_query_cpu_definitions(Error **errp)
2365 {
2366     CpuDefinitionInfoList *cpu_list = NULL;
2367     GSList *list = get_sorted_cpu_model_list();
2368     g_slist_foreach(list, x86_cpu_definition_entry, &cpu_list);
2369     g_slist_free(list);
2370     return cpu_list;
2371 }
2372 
2373 static uint32_t x86_cpu_get_supported_feature_word(FeatureWord w,
2374                                                    bool migratable_only)
2375 {
2376     FeatureWordInfo *wi = &feature_word_info[w];
2377     uint32_t r;
2378 
2379     if (kvm_enabled()) {
2380         r = kvm_arch_get_supported_cpuid(kvm_state, wi->cpuid_eax,
2381                                                     wi->cpuid_ecx,
2382                                                     wi->cpuid_reg);
2383     } else if (tcg_enabled()) {
2384         r = wi->tcg_features;
2385     } else {
2386         return ~0;
2387     }
2388     if (migratable_only) {
2389         r &= x86_cpu_get_migratable_flags(w);
2390     }
2391     return r;
2392 }
2393 
2394 static void x86_cpu_report_filtered_features(X86CPU *cpu)
2395 {
2396     FeatureWord w;
2397 
2398     for (w = 0; w < FEATURE_WORDS; w++) {
2399         report_unavailable_features(w, cpu->filtered_features[w]);
2400     }
2401 }
2402 
2403 static void x86_cpu_apply_props(X86CPU *cpu, PropValue *props)
2404 {
2405     PropValue *pv;
2406     for (pv = props; pv->prop; pv++) {
2407         if (!pv->value) {
2408             continue;
2409         }
2410         object_property_parse(OBJECT(cpu), pv->value, pv->prop,
2411                               &error_abort);
2412     }
2413 }
2414 
2415 /* Load data from X86CPUDefinition into a X86CPU object
2416  */
2417 static void x86_cpu_load_def(X86CPU *cpu, X86CPUDefinition *def, Error **errp)
2418 {
2419     CPUX86State *env = &cpu->env;
2420     const char *vendor;
2421     char host_vendor[CPUID_VENDOR_SZ + 1];
2422     FeatureWord w;
2423 
2424     /*NOTE: any property set by this function should be returned by
2425      * x86_cpu_static_props(), so static expansion of
2426      * query-cpu-model-expansion is always complete.
2427      */
2428 
2429     /* CPU models only set _minimum_ values for level/xlevel: */
2430     object_property_set_uint(OBJECT(cpu), def->level, "min-level", errp);
2431     object_property_set_uint(OBJECT(cpu), def->xlevel, "min-xlevel", errp);
2432 
2433     object_property_set_int(OBJECT(cpu), def->family, "family", errp);
2434     object_property_set_int(OBJECT(cpu), def->model, "model", errp);
2435     object_property_set_int(OBJECT(cpu), def->stepping, "stepping", errp);
2436     object_property_set_str(OBJECT(cpu), def->model_id, "model-id", errp);
2437     for (w = 0; w < FEATURE_WORDS; w++) {
2438         env->features[w] = def->features[w];
2439     }
2440 
2441     /* Special cases not set in the X86CPUDefinition structs: */
2442     if (kvm_enabled()) {
2443         if (!kvm_irqchip_in_kernel()) {
2444             x86_cpu_change_kvm_default("x2apic", "off");
2445         }
2446 
2447         x86_cpu_apply_props(cpu, kvm_default_props);
2448     } else if (tcg_enabled()) {
2449         x86_cpu_apply_props(cpu, tcg_default_props);
2450     }
2451 
2452     env->features[FEAT_1_ECX] |= CPUID_EXT_HYPERVISOR;
2453 
2454     /* sysenter isn't supported in compatibility mode on AMD,
2455      * syscall isn't supported in compatibility mode on Intel.
2456      * Normally we advertise the actual CPU vendor, but you can
2457      * override this using the 'vendor' property if you want to use
2458      * KVM's sysenter/syscall emulation in compatibility mode and
2459      * when doing cross vendor migration
2460      */
2461     vendor = def->vendor;
2462     if (kvm_enabled()) {
2463         uint32_t  ebx = 0, ecx = 0, edx = 0;
2464         host_cpuid(0, 0, NULL, &ebx, &ecx, &edx);
2465         x86_cpu_vendor_words2str(host_vendor, ebx, edx, ecx);
2466         vendor = host_vendor;
2467     }
2468 
2469     object_property_set_str(OBJECT(cpu), vendor, "vendor", errp);
2470 
2471 }
2472 
2473 /* Return a QDict containing keys for all properties that can be included
2474  * in static expansion of CPU models. All properties set by x86_cpu_load_def()
2475  * must be included in the dictionary.
2476  */
2477 static QDict *x86_cpu_static_props(void)
2478 {
2479     FeatureWord w;
2480     int i;
2481     static const char *props[] = {
2482         "min-level",
2483         "min-xlevel",
2484         "family",
2485         "model",
2486         "stepping",
2487         "model-id",
2488         "vendor",
2489         "lmce",
2490         NULL,
2491     };
2492     static QDict *d;
2493 
2494     if (d) {
2495         return d;
2496     }
2497 
2498     d = qdict_new();
2499     for (i = 0; props[i]; i++) {
2500         qdict_put_null(d, props[i]);
2501     }
2502 
2503     for (w = 0; w < FEATURE_WORDS; w++) {
2504         FeatureWordInfo *fi = &feature_word_info[w];
2505         int bit;
2506         for (bit = 0; bit < 32; bit++) {
2507             if (!fi->feat_names[bit]) {
2508                 continue;
2509             }
2510             qdict_put_null(d, fi->feat_names[bit]);
2511         }
2512     }
2513 
2514     return d;
2515 }
2516 
2517 /* Add an entry to @props dict, with the value for property. */
2518 static void x86_cpu_expand_prop(X86CPU *cpu, QDict *props, const char *prop)
2519 {
2520     QObject *value = object_property_get_qobject(OBJECT(cpu), prop,
2521                                                  &error_abort);
2522 
2523     qdict_put_obj(props, prop, value);
2524 }
2525 
2526 /* Convert CPU model data from X86CPU object to a property dictionary
2527  * that can recreate exactly the same CPU model.
2528  */
2529 static void x86_cpu_to_dict(X86CPU *cpu, QDict *props)
2530 {
2531     QDict *sprops = x86_cpu_static_props();
2532     const QDictEntry *e;
2533 
2534     for (e = qdict_first(sprops); e; e = qdict_next(sprops, e)) {
2535         const char *prop = qdict_entry_key(e);
2536         x86_cpu_expand_prop(cpu, props, prop);
2537     }
2538 }
2539 
2540 /* Convert CPU model data from X86CPU object to a property dictionary
2541  * that can recreate exactly the same CPU model, including every
2542  * writeable QOM property.
2543  */
2544 static void x86_cpu_to_dict_full(X86CPU *cpu, QDict *props)
2545 {
2546     ObjectPropertyIterator iter;
2547     ObjectProperty *prop;
2548 
2549     object_property_iter_init(&iter, OBJECT(cpu));
2550     while ((prop = object_property_iter_next(&iter))) {
2551         /* skip read-only or write-only properties */
2552         if (!prop->get || !prop->set) {
2553             continue;
2554         }
2555 
2556         /* "hotplugged" is the only property that is configurable
2557          * on the command-line but will be set differently on CPUs
2558          * created using "-cpu ... -smp ..." and by CPUs created
2559          * on the fly by x86_cpu_from_model() for querying. Skip it.
2560          */
2561         if (!strcmp(prop->name, "hotplugged")) {
2562             continue;
2563         }
2564         x86_cpu_expand_prop(cpu, props, prop->name);
2565     }
2566 }
2567 
2568 static void object_apply_props(Object *obj, QDict *props, Error **errp)
2569 {
2570     const QDictEntry *prop;
2571     Error *err = NULL;
2572 
2573     for (prop = qdict_first(props); prop; prop = qdict_next(props, prop)) {
2574         object_property_set_qobject(obj, qdict_entry_value(prop),
2575                                          qdict_entry_key(prop), &err);
2576         if (err) {
2577             break;
2578         }
2579     }
2580 
2581     error_propagate(errp, err);
2582 }
2583 
2584 /* Create X86CPU object according to model+props specification */
2585 static X86CPU *x86_cpu_from_model(const char *model, QDict *props, Error **errp)
2586 {
2587     X86CPU *xc = NULL;
2588     X86CPUClass *xcc;
2589     Error *err = NULL;
2590 
2591     xcc = X86_CPU_CLASS(cpu_class_by_name(TYPE_X86_CPU, model));
2592     if (xcc == NULL) {
2593         error_setg(&err, "CPU model '%s' not found", model);
2594         goto out;
2595     }
2596 
2597     xc = X86_CPU(object_new(object_class_get_name(OBJECT_CLASS(xcc))));
2598     if (props) {
2599         object_apply_props(OBJECT(xc), props, &err);
2600         if (err) {
2601             goto out;
2602         }
2603     }
2604 
2605     x86_cpu_expand_features(xc, &err);
2606     if (err) {
2607         goto out;
2608     }
2609 
2610 out:
2611     if (err) {
2612         error_propagate(errp, err);
2613         object_unref(OBJECT(xc));
2614         xc = NULL;
2615     }
2616     return xc;
2617 }
2618 
2619 CpuModelExpansionInfo *
2620 arch_query_cpu_model_expansion(CpuModelExpansionType type,
2621                                                       CpuModelInfo *model,
2622                                                       Error **errp)
2623 {
2624     X86CPU *xc = NULL;
2625     Error *err = NULL;
2626     CpuModelExpansionInfo *ret = g_new0(CpuModelExpansionInfo, 1);
2627     QDict *props = NULL;
2628     const char *base_name;
2629 
2630     xc = x86_cpu_from_model(model->name,
2631                             model->has_props ?
2632                                 qobject_to_qdict(model->props) :
2633                                 NULL, &err);
2634     if (err) {
2635         goto out;
2636     }
2637 
2638     props = qdict_new();
2639 
2640     switch (type) {
2641     case CPU_MODEL_EXPANSION_TYPE_STATIC:
2642         /* Static expansion will be based on "base" only */
2643         base_name = "base";
2644         x86_cpu_to_dict(xc, props);
2645     break;
2646     case CPU_MODEL_EXPANSION_TYPE_FULL:
2647         /* As we don't return every single property, full expansion needs
2648          * to keep the original model name+props, and add extra
2649          * properties on top of that.
2650          */
2651         base_name = model->name;
2652         x86_cpu_to_dict_full(xc, props);
2653     break;
2654     default:
2655         error_setg(&err, "Unsupportted expansion type");
2656         goto out;
2657     }
2658 
2659     if (!props) {
2660         props = qdict_new();
2661     }
2662     x86_cpu_to_dict(xc, props);
2663 
2664     ret->model = g_new0(CpuModelInfo, 1);
2665     ret->model->name = g_strdup(base_name);
2666     ret->model->props = QOBJECT(props);
2667     ret->model->has_props = true;
2668 
2669 out:
2670     object_unref(OBJECT(xc));
2671     if (err) {
2672         error_propagate(errp, err);
2673         qapi_free_CpuModelExpansionInfo(ret);
2674         ret = NULL;
2675     }
2676     return ret;
2677 }
2678 
2679 static gchar *x86_gdb_arch_name(CPUState *cs)
2680 {
2681 #ifdef TARGET_X86_64
2682     return g_strdup("i386:x86-64");
2683 #else
2684     return g_strdup("i386");
2685 #endif
2686 }
2687 
2688 static void x86_cpu_cpudef_class_init(ObjectClass *oc, void *data)
2689 {
2690     X86CPUDefinition *cpudef = data;
2691     X86CPUClass *xcc = X86_CPU_CLASS(oc);
2692 
2693     xcc->cpu_def = cpudef;
2694     xcc->migration_safe = true;
2695 }
2696 
2697 static void x86_register_cpudef_type(X86CPUDefinition *def)
2698 {
2699     char *typename = x86_cpu_type_name(def->name);
2700     TypeInfo ti = {
2701         .name = typename,
2702         .parent = TYPE_X86_CPU,
2703         .class_init = x86_cpu_cpudef_class_init,
2704         .class_data = def,
2705     };
2706 
2707     /* AMD aliases are handled at runtime based on CPUID vendor, so
2708      * they shouldn't be set on the CPU model table.
2709      */
2710     assert(!(def->features[FEAT_8000_0001_EDX] & CPUID_EXT2_AMD_ALIASES));
2711 
2712     type_register(&ti);
2713     g_free(typename);
2714 }
2715 
2716 #if !defined(CONFIG_USER_ONLY)
2717 
2718 void cpu_clear_apic_feature(CPUX86State *env)
2719 {
2720     env->features[FEAT_1_EDX] &= ~CPUID_APIC;
2721 }
2722 
2723 #endif /* !CONFIG_USER_ONLY */
2724 
2725 void cpu_x86_cpuid(CPUX86State *env, uint32_t index, uint32_t count,
2726                    uint32_t *eax, uint32_t *ebx,
2727                    uint32_t *ecx, uint32_t *edx)
2728 {
2729     X86CPU *cpu = x86_env_get_cpu(env);
2730     CPUState *cs = CPU(cpu);
2731     uint32_t pkg_offset;
2732     uint32_t limit;
2733     uint32_t signature[3];
2734 
2735     /* Calculate & apply limits for different index ranges */
2736     if (index >= 0xC0000000) {
2737         limit = env->cpuid_xlevel2;
2738     } else if (index >= 0x80000000) {
2739         limit = env->cpuid_xlevel;
2740     } else if (index >= 0x40000000) {
2741         limit = 0x40000001;
2742     } else {
2743         limit = env->cpuid_level;
2744     }
2745 
2746     if (index > limit) {
2747         /* Intel documentation states that invalid EAX input will
2748          * return the same information as EAX=cpuid_level
2749          * (Intel SDM Vol. 2A - Instruction Set Reference - CPUID)
2750          */
2751         index = env->cpuid_level;
2752     }
2753 
2754     switch(index) {
2755     case 0:
2756         *eax = env->cpuid_level;
2757         *ebx = env->cpuid_vendor1;
2758         *edx = env->cpuid_vendor2;
2759         *ecx = env->cpuid_vendor3;
2760         break;
2761     case 1:
2762         *eax = env->cpuid_version;
2763         *ebx = (cpu->apic_id << 24) |
2764                8 << 8; /* CLFLUSH size in quad words, Linux wants it. */
2765         *ecx = env->features[FEAT_1_ECX];
2766         if ((*ecx & CPUID_EXT_XSAVE) && (env->cr[4] & CR4_OSXSAVE_MASK)) {
2767             *ecx |= CPUID_EXT_OSXSAVE;
2768         }
2769         *edx = env->features[FEAT_1_EDX];
2770         if (cs->nr_cores * cs->nr_threads > 1) {
2771             *ebx |= (cs->nr_cores * cs->nr_threads) << 16;
2772             *edx |= CPUID_HT;
2773         }
2774         break;
2775     case 2:
2776         /* cache info: needed for Pentium Pro compatibility */
2777         if (cpu->cache_info_passthrough) {
2778             host_cpuid(index, 0, eax, ebx, ecx, edx);
2779             break;
2780         }
2781         *eax = 1; /* Number of CPUID[EAX=2] calls required */
2782         *ebx = 0;
2783         if (!cpu->enable_l3_cache) {
2784             *ecx = 0;
2785         } else {
2786             *ecx = L3_N_DESCRIPTOR;
2787         }
2788         *edx = (L1D_DESCRIPTOR << 16) | \
2789                (L1I_DESCRIPTOR <<  8) | \
2790                (L2_DESCRIPTOR);
2791         break;
2792     case 4:
2793         /* cache info: needed for Core compatibility */
2794         if (cpu->cache_info_passthrough) {
2795             host_cpuid(index, count, eax, ebx, ecx, edx);
2796             *eax &= ~0xFC000000;
2797         } else {
2798             *eax = 0;
2799             switch (count) {
2800             case 0: /* L1 dcache info */
2801                 *eax |= CPUID_4_TYPE_DCACHE | \
2802                         CPUID_4_LEVEL(1) | \
2803                         CPUID_4_SELF_INIT_LEVEL;
2804                 *ebx = (L1D_LINE_SIZE - 1) | \
2805                        ((L1D_PARTITIONS - 1) << 12) | \
2806                        ((L1D_ASSOCIATIVITY - 1) << 22);
2807                 *ecx = L1D_SETS - 1;
2808                 *edx = CPUID_4_NO_INVD_SHARING;
2809                 break;
2810             case 1: /* L1 icache info */
2811                 *eax |= CPUID_4_TYPE_ICACHE | \
2812                         CPUID_4_LEVEL(1) | \
2813                         CPUID_4_SELF_INIT_LEVEL;
2814                 *ebx = (L1I_LINE_SIZE - 1) | \
2815                        ((L1I_PARTITIONS - 1) << 12) | \
2816                        ((L1I_ASSOCIATIVITY - 1) << 22);
2817                 *ecx = L1I_SETS - 1;
2818                 *edx = CPUID_4_NO_INVD_SHARING;
2819                 break;
2820             case 2: /* L2 cache info */
2821                 *eax |= CPUID_4_TYPE_UNIFIED | \
2822                         CPUID_4_LEVEL(2) | \
2823                         CPUID_4_SELF_INIT_LEVEL;
2824                 if (cs->nr_threads > 1) {
2825                     *eax |= (cs->nr_threads - 1) << 14;
2826                 }
2827                 *ebx = (L2_LINE_SIZE - 1) | \
2828                        ((L2_PARTITIONS - 1) << 12) | \
2829                        ((L2_ASSOCIATIVITY - 1) << 22);
2830                 *ecx = L2_SETS - 1;
2831                 *edx = CPUID_4_NO_INVD_SHARING;
2832                 break;
2833             case 3: /* L3 cache info */
2834                 if (!cpu->enable_l3_cache) {
2835                     *eax = 0;
2836                     *ebx = 0;
2837                     *ecx = 0;
2838                     *edx = 0;
2839                     break;
2840                 }
2841                 *eax |= CPUID_4_TYPE_UNIFIED | \
2842                         CPUID_4_LEVEL(3) | \
2843                         CPUID_4_SELF_INIT_LEVEL;
2844                 pkg_offset = apicid_pkg_offset(cs->nr_cores, cs->nr_threads);
2845                 *eax |= ((1 << pkg_offset) - 1) << 14;
2846                 *ebx = (L3_N_LINE_SIZE - 1) | \
2847                        ((L3_N_PARTITIONS - 1) << 12) | \
2848                        ((L3_N_ASSOCIATIVITY - 1) << 22);
2849                 *ecx = L3_N_SETS - 1;
2850                 *edx = CPUID_4_INCLUSIVE | CPUID_4_COMPLEX_IDX;
2851                 break;
2852             default: /* end of info */
2853                 *eax = 0;
2854                 *ebx = 0;
2855                 *ecx = 0;
2856                 *edx = 0;
2857                 break;
2858             }
2859         }
2860 
2861         /* QEMU gives out its own APIC IDs, never pass down bits 31..26.  */
2862         if ((*eax & 31) && cs->nr_cores > 1) {
2863             *eax |= (cs->nr_cores - 1) << 26;
2864         }
2865         break;
2866     case 5:
2867         /* mwait info: needed for Core compatibility */
2868         *eax = 0; /* Smallest monitor-line size in bytes */
2869         *ebx = 0; /* Largest monitor-line size in bytes */
2870         *ecx = CPUID_MWAIT_EMX | CPUID_MWAIT_IBE;
2871         *edx = 0;
2872         break;
2873     case 6:
2874         /* Thermal and Power Leaf */
2875         *eax = env->features[FEAT_6_EAX];
2876         *ebx = 0;
2877         *ecx = 0;
2878         *edx = 0;
2879         break;
2880     case 7:
2881         /* Structured Extended Feature Flags Enumeration Leaf */
2882         if (count == 0) {
2883             *eax = 0; /* Maximum ECX value for sub-leaves */
2884             *ebx = env->features[FEAT_7_0_EBX]; /* Feature flags */
2885             *ecx = env->features[FEAT_7_0_ECX]; /* Feature flags */
2886             if ((*ecx & CPUID_7_0_ECX_PKU) && env->cr[4] & CR4_PKE_MASK) {
2887                 *ecx |= CPUID_7_0_ECX_OSPKE;
2888             }
2889             *edx = env->features[FEAT_7_0_EDX]; /* Feature flags */
2890         } else {
2891             *eax = 0;
2892             *ebx = 0;
2893             *ecx = 0;
2894             *edx = 0;
2895         }
2896         break;
2897     case 9:
2898         /* Direct Cache Access Information Leaf */
2899         *eax = 0; /* Bits 0-31 in DCA_CAP MSR */
2900         *ebx = 0;
2901         *ecx = 0;
2902         *edx = 0;
2903         break;
2904     case 0xA:
2905         /* Architectural Performance Monitoring Leaf */
2906         if (kvm_enabled() && cpu->enable_pmu) {
2907             KVMState *s = cs->kvm_state;
2908 
2909             *eax = kvm_arch_get_supported_cpuid(s, 0xA, count, R_EAX);
2910             *ebx = kvm_arch_get_supported_cpuid(s, 0xA, count, R_EBX);
2911             *ecx = kvm_arch_get_supported_cpuid(s, 0xA, count, R_ECX);
2912             *edx = kvm_arch_get_supported_cpuid(s, 0xA, count, R_EDX);
2913         } else {
2914             *eax = 0;
2915             *ebx = 0;
2916             *ecx = 0;
2917             *edx = 0;
2918         }
2919         break;
2920     case 0xB:
2921         /* Extended Topology Enumeration Leaf */
2922         if (!cpu->enable_cpuid_0xb) {
2923                 *eax = *ebx = *ecx = *edx = 0;
2924                 break;
2925         }
2926 
2927         *ecx = count & 0xff;
2928         *edx = cpu->apic_id;
2929 
2930         switch (count) {
2931         case 0:
2932             *eax = apicid_core_offset(cs->nr_cores, cs->nr_threads);
2933             *ebx = cs->nr_threads;
2934             *ecx |= CPUID_TOPOLOGY_LEVEL_SMT;
2935             break;
2936         case 1:
2937             *eax = apicid_pkg_offset(cs->nr_cores, cs->nr_threads);
2938             *ebx = cs->nr_cores * cs->nr_threads;
2939             *ecx |= CPUID_TOPOLOGY_LEVEL_CORE;
2940             break;
2941         default:
2942             *eax = 0;
2943             *ebx = 0;
2944             *ecx |= CPUID_TOPOLOGY_LEVEL_INVALID;
2945         }
2946 
2947         assert(!(*eax & ~0x1f));
2948         *ebx &= 0xffff; /* The count doesn't need to be reliable. */
2949         break;
2950     case 0xD: {
2951         /* Processor Extended State */
2952         *eax = 0;
2953         *ebx = 0;
2954         *ecx = 0;
2955         *edx = 0;
2956         if (!(env->features[FEAT_1_ECX] & CPUID_EXT_XSAVE)) {
2957             break;
2958         }
2959 
2960         if (count == 0) {
2961             *ecx = xsave_area_size(x86_cpu_xsave_components(cpu));
2962             *eax = env->features[FEAT_XSAVE_COMP_LO];
2963             *edx = env->features[FEAT_XSAVE_COMP_HI];
2964             *ebx = *ecx;
2965         } else if (count == 1) {
2966             *eax = env->features[FEAT_XSAVE];
2967         } else if (count < ARRAY_SIZE(x86_ext_save_areas)) {
2968             if ((x86_cpu_xsave_components(cpu) >> count) & 1) {
2969                 const ExtSaveArea *esa = &x86_ext_save_areas[count];
2970                 *eax = esa->size;
2971                 *ebx = esa->offset;
2972             }
2973         }
2974         break;
2975     }
2976     case 0x40000000:
2977         /*
2978          * CPUID code in kvm_arch_init_vcpu() ignores stuff
2979          * set here, but we restrict to TCG none the less.
2980          */
2981         if (tcg_enabled() && cpu->expose_tcg) {
2982             memcpy(signature, "TCGTCGTCGTCG", 12);
2983             *eax = 0x40000001;
2984             *ebx = signature[0];
2985             *ecx = signature[1];
2986             *edx = signature[2];
2987         } else {
2988             *eax = 0;
2989             *ebx = 0;
2990             *ecx = 0;
2991             *edx = 0;
2992         }
2993         break;
2994     case 0x40000001:
2995         *eax = 0;
2996         *ebx = 0;
2997         *ecx = 0;
2998         *edx = 0;
2999         break;
3000     case 0x80000000:
3001         *eax = env->cpuid_xlevel;
3002         *ebx = env->cpuid_vendor1;
3003         *edx = env->cpuid_vendor2;
3004         *ecx = env->cpuid_vendor3;
3005         break;
3006     case 0x80000001:
3007         *eax = env->cpuid_version;
3008         *ebx = 0;
3009         *ecx = env->features[FEAT_8000_0001_ECX];
3010         *edx = env->features[FEAT_8000_0001_EDX];
3011 
3012         /* The Linux kernel checks for the CMPLegacy bit and
3013          * discards multiple thread information if it is set.
3014          * So don't set it here for Intel to make Linux guests happy.
3015          */
3016         if (cs->nr_cores * cs->nr_threads > 1) {
3017             if (env->cpuid_vendor1 != CPUID_VENDOR_INTEL_1 ||
3018                 env->cpuid_vendor2 != CPUID_VENDOR_INTEL_2 ||
3019                 env->cpuid_vendor3 != CPUID_VENDOR_INTEL_3) {
3020                 *ecx |= 1 << 1;    /* CmpLegacy bit */
3021             }
3022         }
3023         break;
3024     case 0x80000002:
3025     case 0x80000003:
3026     case 0x80000004:
3027         *eax = env->cpuid_model[(index - 0x80000002) * 4 + 0];
3028         *ebx = env->cpuid_model[(index - 0x80000002) * 4 + 1];
3029         *ecx = env->cpuid_model[(index - 0x80000002) * 4 + 2];
3030         *edx = env->cpuid_model[(index - 0x80000002) * 4 + 3];
3031         break;
3032     case 0x80000005:
3033         /* cache info (L1 cache) */
3034         if (cpu->cache_info_passthrough) {
3035             host_cpuid(index, 0, eax, ebx, ecx, edx);
3036             break;
3037         }
3038         *eax = (L1_DTLB_2M_ASSOC << 24) | (L1_DTLB_2M_ENTRIES << 16) | \
3039                (L1_ITLB_2M_ASSOC <<  8) | (L1_ITLB_2M_ENTRIES);
3040         *ebx = (L1_DTLB_4K_ASSOC << 24) | (L1_DTLB_4K_ENTRIES << 16) | \
3041                (L1_ITLB_4K_ASSOC <<  8) | (L1_ITLB_4K_ENTRIES);
3042         *ecx = (L1D_SIZE_KB_AMD << 24) | (L1D_ASSOCIATIVITY_AMD << 16) | \
3043                (L1D_LINES_PER_TAG << 8) | (L1D_LINE_SIZE);
3044         *edx = (L1I_SIZE_KB_AMD << 24) | (L1I_ASSOCIATIVITY_AMD << 16) | \
3045                (L1I_LINES_PER_TAG << 8) | (L1I_LINE_SIZE);
3046         break;
3047     case 0x80000006:
3048         /* cache info (L2 cache) */
3049         if (cpu->cache_info_passthrough) {
3050             host_cpuid(index, 0, eax, ebx, ecx, edx);
3051             break;
3052         }
3053         *eax = (AMD_ENC_ASSOC(L2_DTLB_2M_ASSOC) << 28) | \
3054                (L2_DTLB_2M_ENTRIES << 16) | \
3055                (AMD_ENC_ASSOC(L2_ITLB_2M_ASSOC) << 12) | \
3056                (L2_ITLB_2M_ENTRIES);
3057         *ebx = (AMD_ENC_ASSOC(L2_DTLB_4K_ASSOC) << 28) | \
3058                (L2_DTLB_4K_ENTRIES << 16) | \
3059                (AMD_ENC_ASSOC(L2_ITLB_4K_ASSOC) << 12) | \
3060                (L2_ITLB_4K_ENTRIES);
3061         *ecx = (L2_SIZE_KB_AMD << 16) | \
3062                (AMD_ENC_ASSOC(L2_ASSOCIATIVITY) << 12) | \
3063                (L2_LINES_PER_TAG << 8) | (L2_LINE_SIZE);
3064         if (!cpu->enable_l3_cache) {
3065             *edx = ((L3_SIZE_KB / 512) << 18) | \
3066                    (AMD_ENC_ASSOC(L3_ASSOCIATIVITY) << 12) | \
3067                    (L3_LINES_PER_TAG << 8) | (L3_LINE_SIZE);
3068         } else {
3069             *edx = ((L3_N_SIZE_KB_AMD / 512) << 18) | \
3070                    (AMD_ENC_ASSOC(L3_N_ASSOCIATIVITY) << 12) | \
3071                    (L3_N_LINES_PER_TAG << 8) | (L3_N_LINE_SIZE);
3072         }
3073         break;
3074     case 0x80000007:
3075         *eax = 0;
3076         *ebx = 0;
3077         *ecx = 0;
3078         *edx = env->features[FEAT_8000_0007_EDX];
3079         break;
3080     case 0x80000008:
3081         /* virtual & phys address size in low 2 bytes. */
3082         if (env->features[FEAT_8000_0001_EDX] & CPUID_EXT2_LM) {
3083             /* 64 bit processor */
3084             *eax = cpu->phys_bits; /* configurable physical bits */
3085             if  (env->features[FEAT_7_0_ECX] & CPUID_7_0_ECX_LA57) {
3086                 *eax |= 0x00003900; /* 57 bits virtual */
3087             } else {
3088                 *eax |= 0x00003000; /* 48 bits virtual */
3089             }
3090         } else {
3091             *eax = cpu->phys_bits;
3092         }
3093         *ebx = 0;
3094         *ecx = 0;
3095         *edx = 0;
3096         if (cs->nr_cores * cs->nr_threads > 1) {
3097             *ecx |= (cs->nr_cores * cs->nr_threads) - 1;
3098         }
3099         break;
3100     case 0x8000000A:
3101         if (env->features[FEAT_8000_0001_ECX] & CPUID_EXT3_SVM) {
3102             *eax = 0x00000001; /* SVM Revision */
3103             *ebx = 0x00000010; /* nr of ASIDs */
3104             *ecx = 0;
3105             *edx = env->features[FEAT_SVM]; /* optional features */
3106         } else {
3107             *eax = 0;
3108             *ebx = 0;
3109             *ecx = 0;
3110             *edx = 0;
3111         }
3112         break;
3113     case 0xC0000000:
3114         *eax = env->cpuid_xlevel2;
3115         *ebx = 0;
3116         *ecx = 0;
3117         *edx = 0;
3118         break;
3119     case 0xC0000001:
3120         /* Support for VIA CPU's CPUID instruction */
3121         *eax = env->cpuid_version;
3122         *ebx = 0;
3123         *ecx = 0;
3124         *edx = env->features[FEAT_C000_0001_EDX];
3125         break;
3126     case 0xC0000002:
3127     case 0xC0000003:
3128     case 0xC0000004:
3129         /* Reserved for the future, and now filled with zero */
3130         *eax = 0;
3131         *ebx = 0;
3132         *ecx = 0;
3133         *edx = 0;
3134         break;
3135     default:
3136         /* reserved values: zero */
3137         *eax = 0;
3138         *ebx = 0;
3139         *ecx = 0;
3140         *edx = 0;
3141         break;
3142     }
3143 }
3144 
3145 /* CPUClass::reset() */
3146 static void x86_cpu_reset(CPUState *s)
3147 {
3148     X86CPU *cpu = X86_CPU(s);
3149     X86CPUClass *xcc = X86_CPU_GET_CLASS(cpu);
3150     CPUX86State *env = &cpu->env;
3151     target_ulong cr4;
3152     uint64_t xcr0;
3153     int i;
3154 
3155     xcc->parent_reset(s);
3156 
3157     memset(env, 0, offsetof(CPUX86State, end_reset_fields));
3158 
3159     env->old_exception = -1;
3160 
3161     /* init to reset state */
3162 
3163     env->hflags2 |= HF2_GIF_MASK;
3164 
3165     cpu_x86_update_cr0(env, 0x60000010);
3166     env->a20_mask = ~0x0;
3167     env->smbase = 0x30000;
3168 
3169     env->idt.limit = 0xffff;
3170     env->gdt.limit = 0xffff;
3171     env->ldt.limit = 0xffff;
3172     env->ldt.flags = DESC_P_MASK | (2 << DESC_TYPE_SHIFT);
3173     env->tr.limit = 0xffff;
3174     env->tr.flags = DESC_P_MASK | (11 << DESC_TYPE_SHIFT);
3175 
3176     cpu_x86_load_seg_cache(env, R_CS, 0xf000, 0xffff0000, 0xffff,
3177                            DESC_P_MASK | DESC_S_MASK | DESC_CS_MASK |
3178                            DESC_R_MASK | DESC_A_MASK);
3179     cpu_x86_load_seg_cache(env, R_DS, 0, 0, 0xffff,
3180                            DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
3181                            DESC_A_MASK);
3182     cpu_x86_load_seg_cache(env, R_ES, 0, 0, 0xffff,
3183                            DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
3184                            DESC_A_MASK);
3185     cpu_x86_load_seg_cache(env, R_SS, 0, 0, 0xffff,
3186                            DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
3187                            DESC_A_MASK);
3188     cpu_x86_load_seg_cache(env, R_FS, 0, 0, 0xffff,
3189                            DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
3190                            DESC_A_MASK);
3191     cpu_x86_load_seg_cache(env, R_GS, 0, 0, 0xffff,
3192                            DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
3193                            DESC_A_MASK);
3194 
3195     env->eip = 0xfff0;
3196     env->regs[R_EDX] = env->cpuid_version;
3197 
3198     env->eflags = 0x2;
3199 
3200     /* FPU init */
3201     for (i = 0; i < 8; i++) {
3202         env->fptags[i] = 1;
3203     }
3204     cpu_set_fpuc(env, 0x37f);
3205 
3206     env->mxcsr = 0x1f80;
3207     /* All units are in INIT state.  */
3208     env->xstate_bv = 0;
3209 
3210     env->pat = 0x0007040600070406ULL;
3211     env->msr_ia32_misc_enable = MSR_IA32_MISC_ENABLE_DEFAULT;
3212 
3213     memset(env->dr, 0, sizeof(env->dr));
3214     env->dr[6] = DR6_FIXED_1;
3215     env->dr[7] = DR7_FIXED_1;
3216     cpu_breakpoint_remove_all(s, BP_CPU);
3217     cpu_watchpoint_remove_all(s, BP_CPU);
3218 
3219     cr4 = 0;
3220     xcr0 = XSTATE_FP_MASK;
3221 
3222 #ifdef CONFIG_USER_ONLY
3223     /* Enable all the features for user-mode.  */
3224     if (env->features[FEAT_1_EDX] & CPUID_SSE) {
3225         xcr0 |= XSTATE_SSE_MASK;
3226     }
3227     for (i = 2; i < ARRAY_SIZE(x86_ext_save_areas); i++) {
3228         const ExtSaveArea *esa = &x86_ext_save_areas[i];
3229         if (env->features[esa->feature] & esa->bits) {
3230             xcr0 |= 1ull << i;
3231         }
3232     }
3233 
3234     if (env->features[FEAT_1_ECX] & CPUID_EXT_XSAVE) {
3235         cr4 |= CR4_OSFXSR_MASK | CR4_OSXSAVE_MASK;
3236     }
3237     if (env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_FSGSBASE) {
3238         cr4 |= CR4_FSGSBASE_MASK;
3239     }
3240 #endif
3241 
3242     env->xcr0 = xcr0;
3243     cpu_x86_update_cr4(env, cr4);
3244 
3245     /*
3246      * SDM 11.11.5 requires:
3247      *  - IA32_MTRR_DEF_TYPE MSR.E = 0
3248      *  - IA32_MTRR_PHYSMASKn.V = 0
3249      * All other bits are undefined.  For simplification, zero it all.
3250      */
3251     env->mtrr_deftype = 0;
3252     memset(env->mtrr_var, 0, sizeof(env->mtrr_var));
3253     memset(env->mtrr_fixed, 0, sizeof(env->mtrr_fixed));
3254 
3255 #if !defined(CONFIG_USER_ONLY)
3256     /* We hard-wire the BSP to the first CPU. */
3257     apic_designate_bsp(cpu->apic_state, s->cpu_index == 0);
3258 
3259     s->halted = !cpu_is_bsp(cpu);
3260 
3261     if (kvm_enabled()) {
3262         kvm_arch_reset_vcpu(cpu);
3263     }
3264 #endif
3265 }
3266 
3267 #ifndef CONFIG_USER_ONLY
3268 bool cpu_is_bsp(X86CPU *cpu)
3269 {
3270     return cpu_get_apic_base(cpu->apic_state) & MSR_IA32_APICBASE_BSP;
3271 }
3272 
3273 /* TODO: remove me, when reset over QOM tree is implemented */
3274 static void x86_cpu_machine_reset_cb(void *opaque)
3275 {
3276     X86CPU *cpu = opaque;
3277     cpu_reset(CPU(cpu));
3278 }
3279 #endif
3280 
3281 static void mce_init(X86CPU *cpu)
3282 {
3283     CPUX86State *cenv = &cpu->env;
3284     unsigned int bank;
3285 
3286     if (((cenv->cpuid_version >> 8) & 0xf) >= 6
3287         && (cenv->features[FEAT_1_EDX] & (CPUID_MCE | CPUID_MCA)) ==
3288             (CPUID_MCE | CPUID_MCA)) {
3289         cenv->mcg_cap = MCE_CAP_DEF | MCE_BANKS_DEF |
3290                         (cpu->enable_lmce ? MCG_LMCE_P : 0);
3291         cenv->mcg_ctl = ~(uint64_t)0;
3292         for (bank = 0; bank < MCE_BANKS_DEF; bank++) {
3293             cenv->mce_banks[bank * 4] = ~(uint64_t)0;
3294         }
3295     }
3296 }
3297 
3298 #ifndef CONFIG_USER_ONLY
3299 APICCommonClass *apic_get_class(void)
3300 {
3301     const char *apic_type = "apic";
3302 
3303     if (kvm_apic_in_kernel()) {
3304         apic_type = "kvm-apic";
3305     } else if (xen_enabled()) {
3306         apic_type = "xen-apic";
3307     }
3308 
3309     return APIC_COMMON_CLASS(object_class_by_name(apic_type));
3310 }
3311 
3312 static void x86_cpu_apic_create(X86CPU *cpu, Error **errp)
3313 {
3314     APICCommonState *apic;
3315     ObjectClass *apic_class = OBJECT_CLASS(apic_get_class());
3316 
3317     cpu->apic_state = DEVICE(object_new(object_class_get_name(apic_class)));
3318 
3319     object_property_add_child(OBJECT(cpu), "lapic",
3320                               OBJECT(cpu->apic_state), &error_abort);
3321     object_unref(OBJECT(cpu->apic_state));
3322 
3323     qdev_prop_set_uint32(cpu->apic_state, "id", cpu->apic_id);
3324     /* TODO: convert to link<> */
3325     apic = APIC_COMMON(cpu->apic_state);
3326     apic->cpu = cpu;
3327     apic->apicbase = APIC_DEFAULT_ADDRESS | MSR_IA32_APICBASE_ENABLE;
3328 }
3329 
3330 static void x86_cpu_apic_realize(X86CPU *cpu, Error **errp)
3331 {
3332     APICCommonState *apic;
3333     static bool apic_mmio_map_once;
3334 
3335     if (cpu->apic_state == NULL) {
3336         return;
3337     }
3338     object_property_set_bool(OBJECT(cpu->apic_state), true, "realized",
3339                              errp);
3340 
3341     /* Map APIC MMIO area */
3342     apic = APIC_COMMON(cpu->apic_state);
3343     if (!apic_mmio_map_once) {
3344         memory_region_add_subregion_overlap(get_system_memory(),
3345                                             apic->apicbase &
3346                                             MSR_IA32_APICBASE_BASE,
3347                                             &apic->io_memory,
3348                                             0x1000);
3349         apic_mmio_map_once = true;
3350      }
3351 }
3352 
3353 static void x86_cpu_machine_done(Notifier *n, void *unused)
3354 {
3355     X86CPU *cpu = container_of(n, X86CPU, machine_done);
3356     MemoryRegion *smram =
3357         (MemoryRegion *) object_resolve_path("/machine/smram", NULL);
3358 
3359     if (smram) {
3360         cpu->smram = g_new(MemoryRegion, 1);
3361         memory_region_init_alias(cpu->smram, OBJECT(cpu), "smram",
3362                                  smram, 0, 1ull << 32);
3363         memory_region_set_enabled(cpu->smram, true);
3364         memory_region_add_subregion_overlap(cpu->cpu_as_root, 0, cpu->smram, 1);
3365     }
3366 }
3367 #else
3368 static void x86_cpu_apic_realize(X86CPU *cpu, Error **errp)
3369 {
3370 }
3371 #endif
3372 
3373 /* Note: Only safe for use on x86(-64) hosts */
3374 static uint32_t x86_host_phys_bits(void)
3375 {
3376     uint32_t eax;
3377     uint32_t host_phys_bits;
3378 
3379     host_cpuid(0x80000000, 0, &eax, NULL, NULL, NULL);
3380     if (eax >= 0x80000008) {
3381         host_cpuid(0x80000008, 0, &eax, NULL, NULL, NULL);
3382         /* Note: According to AMD doc 25481 rev 2.34 they have a field
3383          * at 23:16 that can specify a maximum physical address bits for
3384          * the guest that can override this value; but I've not seen
3385          * anything with that set.
3386          */
3387         host_phys_bits = eax & 0xff;
3388     } else {
3389         /* It's an odd 64 bit machine that doesn't have the leaf for
3390          * physical address bits; fall back to 36 that's most older
3391          * Intel.
3392          */
3393         host_phys_bits = 36;
3394     }
3395 
3396     return host_phys_bits;
3397 }
3398 
3399 static void x86_cpu_adjust_level(X86CPU *cpu, uint32_t *min, uint32_t value)
3400 {
3401     if (*min < value) {
3402         *min = value;
3403     }
3404 }
3405 
3406 /* Increase cpuid_min_{level,xlevel,xlevel2} automatically, if appropriate */
3407 static void x86_cpu_adjust_feat_level(X86CPU *cpu, FeatureWord w)
3408 {
3409     CPUX86State *env = &cpu->env;
3410     FeatureWordInfo *fi = &feature_word_info[w];
3411     uint32_t eax = fi->cpuid_eax;
3412     uint32_t region = eax & 0xF0000000;
3413 
3414     if (!env->features[w]) {
3415         return;
3416     }
3417 
3418     switch (region) {
3419     case 0x00000000:
3420         x86_cpu_adjust_level(cpu, &env->cpuid_min_level, eax);
3421     break;
3422     case 0x80000000:
3423         x86_cpu_adjust_level(cpu, &env->cpuid_min_xlevel, eax);
3424     break;
3425     case 0xC0000000:
3426         x86_cpu_adjust_level(cpu, &env->cpuid_min_xlevel2, eax);
3427     break;
3428     }
3429 }
3430 
3431 /* Calculate XSAVE components based on the configured CPU feature flags */
3432 static void x86_cpu_enable_xsave_components(X86CPU *cpu)
3433 {
3434     CPUX86State *env = &cpu->env;
3435     int i;
3436     uint64_t mask;
3437 
3438     if (!(env->features[FEAT_1_ECX] & CPUID_EXT_XSAVE)) {
3439         return;
3440     }
3441 
3442     mask = 0;
3443     for (i = 0; i < ARRAY_SIZE(x86_ext_save_areas); i++) {
3444         const ExtSaveArea *esa = &x86_ext_save_areas[i];
3445         if (env->features[esa->feature] & esa->bits) {
3446             mask |= (1ULL << i);
3447         }
3448     }
3449 
3450     env->features[FEAT_XSAVE_COMP_LO] = mask;
3451     env->features[FEAT_XSAVE_COMP_HI] = mask >> 32;
3452 }
3453 
3454 /***** Steps involved on loading and filtering CPUID data
3455  *
3456  * When initializing and realizing a CPU object, the steps
3457  * involved in setting up CPUID data are:
3458  *
3459  * 1) Loading CPU model definition (X86CPUDefinition). This is
3460  *    implemented by x86_cpu_load_def() and should be completely
3461  *    transparent, as it is done automatically by instance_init.
3462  *    No code should need to look at X86CPUDefinition structs
3463  *    outside instance_init.
3464  *
3465  * 2) CPU expansion. This is done by realize before CPUID
3466  *    filtering, and will make sure host/accelerator data is
3467  *    loaded for CPU models that depend on host capabilities
3468  *    (e.g. "host"). Done by x86_cpu_expand_features().
3469  *
3470  * 3) CPUID filtering. This initializes extra data related to
3471  *    CPUID, and checks if the host supports all capabilities
3472  *    required by the CPU. Runnability of a CPU model is
3473  *    determined at this step. Done by x86_cpu_filter_features().
3474  *
3475  * Some operations don't require all steps to be performed.
3476  * More precisely:
3477  *
3478  * - CPU instance creation (instance_init) will run only CPU
3479  *   model loading. CPU expansion can't run at instance_init-time
3480  *   because host/accelerator data may be not available yet.
3481  * - CPU realization will perform both CPU model expansion and CPUID
3482  *   filtering, and return an error in case one of them fails.
3483  * - query-cpu-definitions needs to run all 3 steps. It needs
3484  *   to run CPUID filtering, as the 'unavailable-features'
3485  *   field is set based on the filtering results.
3486  * - The query-cpu-model-expansion QMP command only needs to run
3487  *   CPU model loading and CPU expansion. It should not filter
3488  *   any CPUID data based on host capabilities.
3489  */
3490 
3491 /* Expand CPU configuration data, based on configured features
3492  * and host/accelerator capabilities when appropriate.
3493  */
3494 static void x86_cpu_expand_features(X86CPU *cpu, Error **errp)
3495 {
3496     CPUX86State *env = &cpu->env;
3497     FeatureWord w;
3498     GList *l;
3499     Error *local_err = NULL;
3500 
3501     /*TODO: Now cpu->max_features doesn't overwrite features
3502      * set using QOM properties, and we can convert
3503      * plus_features & minus_features to global properties
3504      * inside x86_cpu_parse_featurestr() too.
3505      */
3506     if (cpu->max_features) {
3507         for (w = 0; w < FEATURE_WORDS; w++) {
3508             /* Override only features that weren't set explicitly
3509              * by the user.
3510              */
3511             env->features[w] |=
3512                 x86_cpu_get_supported_feature_word(w, cpu->migratable) &
3513                 ~env->user_features[w];
3514         }
3515     }
3516 
3517     for (l = plus_features; l; l = l->next) {
3518         const char *prop = l->data;
3519         object_property_set_bool(OBJECT(cpu), true, prop, &local_err);
3520         if (local_err) {
3521             goto out;
3522         }
3523     }
3524 
3525     for (l = minus_features; l; l = l->next) {
3526         const char *prop = l->data;
3527         object_property_set_bool(OBJECT(cpu), false, prop, &local_err);
3528         if (local_err) {
3529             goto out;
3530         }
3531     }
3532 
3533     if (!kvm_enabled() || !cpu->expose_kvm) {
3534         env->features[FEAT_KVM] = 0;
3535     }
3536 
3537     x86_cpu_enable_xsave_components(cpu);
3538 
3539     /* CPUID[EAX=7,ECX=0].EBX always increased level automatically: */
3540     x86_cpu_adjust_feat_level(cpu, FEAT_7_0_EBX);
3541     if (cpu->full_cpuid_auto_level) {
3542         x86_cpu_adjust_feat_level(cpu, FEAT_1_EDX);
3543         x86_cpu_adjust_feat_level(cpu, FEAT_1_ECX);
3544         x86_cpu_adjust_feat_level(cpu, FEAT_6_EAX);
3545         x86_cpu_adjust_feat_level(cpu, FEAT_7_0_ECX);
3546         x86_cpu_adjust_feat_level(cpu, FEAT_8000_0001_EDX);
3547         x86_cpu_adjust_feat_level(cpu, FEAT_8000_0001_ECX);
3548         x86_cpu_adjust_feat_level(cpu, FEAT_8000_0007_EDX);
3549         x86_cpu_adjust_feat_level(cpu, FEAT_C000_0001_EDX);
3550         x86_cpu_adjust_feat_level(cpu, FEAT_SVM);
3551         x86_cpu_adjust_feat_level(cpu, FEAT_XSAVE);
3552         /* SVM requires CPUID[0x8000000A] */
3553         if (env->features[FEAT_8000_0001_ECX] & CPUID_EXT3_SVM) {
3554             x86_cpu_adjust_level(cpu, &env->cpuid_min_xlevel, 0x8000000A);
3555         }
3556     }
3557 
3558     /* Set cpuid_*level* based on cpuid_min_*level, if not explicitly set */
3559     if (env->cpuid_level == UINT32_MAX) {
3560         env->cpuid_level = env->cpuid_min_level;
3561     }
3562     if (env->cpuid_xlevel == UINT32_MAX) {
3563         env->cpuid_xlevel = env->cpuid_min_xlevel;
3564     }
3565     if (env->cpuid_xlevel2 == UINT32_MAX) {
3566         env->cpuid_xlevel2 = env->cpuid_min_xlevel2;
3567     }
3568 
3569 out:
3570     if (local_err != NULL) {
3571         error_propagate(errp, local_err);
3572     }
3573 }
3574 
3575 /*
3576  * Finishes initialization of CPUID data, filters CPU feature
3577  * words based on host availability of each feature.
3578  *
3579  * Returns: 0 if all flags are supported by the host, non-zero otherwise.
3580  */
3581 static int x86_cpu_filter_features(X86CPU *cpu)
3582 {
3583     CPUX86State *env = &cpu->env;
3584     FeatureWord w;
3585     int rv = 0;
3586 
3587     for (w = 0; w < FEATURE_WORDS; w++) {
3588         uint32_t host_feat =
3589             x86_cpu_get_supported_feature_word(w, false);
3590         uint32_t requested_features = env->features[w];
3591         env->features[w] &= host_feat;
3592         cpu->filtered_features[w] = requested_features & ~env->features[w];
3593         if (cpu->filtered_features[w]) {
3594             rv = 1;
3595         }
3596     }
3597 
3598     return rv;
3599 }
3600 
3601 #define IS_INTEL_CPU(env) ((env)->cpuid_vendor1 == CPUID_VENDOR_INTEL_1 && \
3602                            (env)->cpuid_vendor2 == CPUID_VENDOR_INTEL_2 && \
3603                            (env)->cpuid_vendor3 == CPUID_VENDOR_INTEL_3)
3604 #define IS_AMD_CPU(env) ((env)->cpuid_vendor1 == CPUID_VENDOR_AMD_1 && \
3605                          (env)->cpuid_vendor2 == CPUID_VENDOR_AMD_2 && \
3606                          (env)->cpuid_vendor3 == CPUID_VENDOR_AMD_3)
3607 static void x86_cpu_realizefn(DeviceState *dev, Error **errp)
3608 {
3609     CPUState *cs = CPU(dev);
3610     X86CPU *cpu = X86_CPU(dev);
3611     X86CPUClass *xcc = X86_CPU_GET_CLASS(dev);
3612     CPUX86State *env = &cpu->env;
3613     Error *local_err = NULL;
3614     static bool ht_warned;
3615 
3616     if (xcc->kvm_required && !kvm_enabled()) {
3617         char *name = x86_cpu_class_get_model_name(xcc);
3618         error_setg(&local_err, "CPU model '%s' requires KVM", name);
3619         g_free(name);
3620         goto out;
3621     }
3622 
3623     if (cpu->apic_id == UNASSIGNED_APIC_ID) {
3624         error_setg(errp, "apic-id property was not initialized properly");
3625         return;
3626     }
3627 
3628     x86_cpu_expand_features(cpu, &local_err);
3629     if (local_err) {
3630         goto out;
3631     }
3632 
3633     if (x86_cpu_filter_features(cpu) &&
3634         (cpu->check_cpuid || cpu->enforce_cpuid)) {
3635         x86_cpu_report_filtered_features(cpu);
3636         if (cpu->enforce_cpuid) {
3637             error_setg(&local_err,
3638                        kvm_enabled() ?
3639                            "Host doesn't support requested features" :
3640                            "TCG doesn't support requested features");
3641             goto out;
3642         }
3643     }
3644 
3645     /* On AMD CPUs, some CPUID[8000_0001].EDX bits must match the bits on
3646      * CPUID[1].EDX.
3647      */
3648     if (IS_AMD_CPU(env)) {
3649         env->features[FEAT_8000_0001_EDX] &= ~CPUID_EXT2_AMD_ALIASES;
3650         env->features[FEAT_8000_0001_EDX] |= (env->features[FEAT_1_EDX]
3651            & CPUID_EXT2_AMD_ALIASES);
3652     }
3653 
3654     /* For 64bit systems think about the number of physical bits to present.
3655      * ideally this should be the same as the host; anything other than matching
3656      * the host can cause incorrect guest behaviour.
3657      * QEMU used to pick the magic value of 40 bits that corresponds to
3658      * consumer AMD devices but nothing else.
3659      */
3660     if (env->features[FEAT_8000_0001_EDX] & CPUID_EXT2_LM) {
3661         if (kvm_enabled()) {
3662             uint32_t host_phys_bits = x86_host_phys_bits();
3663             static bool warned;
3664 
3665             if (cpu->host_phys_bits) {
3666                 /* The user asked for us to use the host physical bits */
3667                 cpu->phys_bits = host_phys_bits;
3668             }
3669 
3670             /* Print a warning if the user set it to a value that's not the
3671              * host value.
3672              */
3673             if (cpu->phys_bits != host_phys_bits && cpu->phys_bits != 0 &&
3674                 !warned) {
3675                 warn_report("Host physical bits (%u)"
3676                             " does not match phys-bits property (%u)",
3677                             host_phys_bits, cpu->phys_bits);
3678                 warned = true;
3679             }
3680 
3681             if (cpu->phys_bits &&
3682                 (cpu->phys_bits > TARGET_PHYS_ADDR_SPACE_BITS ||
3683                 cpu->phys_bits < 32)) {
3684                 error_setg(errp, "phys-bits should be between 32 and %u "
3685                                  " (but is %u)",
3686                                  TARGET_PHYS_ADDR_SPACE_BITS, cpu->phys_bits);
3687                 return;
3688             }
3689         } else {
3690             if (cpu->phys_bits && cpu->phys_bits != TCG_PHYS_ADDR_BITS) {
3691                 error_setg(errp, "TCG only supports phys-bits=%u",
3692                                   TCG_PHYS_ADDR_BITS);
3693                 return;
3694             }
3695         }
3696         /* 0 means it was not explicitly set by the user (or by machine
3697          * compat_props or by the host code above). In this case, the default
3698          * is the value used by TCG (40).
3699          */
3700         if (cpu->phys_bits == 0) {
3701             cpu->phys_bits = TCG_PHYS_ADDR_BITS;
3702         }
3703     } else {
3704         /* For 32 bit systems don't use the user set value, but keep
3705          * phys_bits consistent with what we tell the guest.
3706          */
3707         if (cpu->phys_bits != 0) {
3708             error_setg(errp, "phys-bits is not user-configurable in 32 bit");
3709             return;
3710         }
3711 
3712         if (env->features[FEAT_1_EDX] & CPUID_PSE36) {
3713             cpu->phys_bits = 36;
3714         } else {
3715             cpu->phys_bits = 32;
3716         }
3717     }
3718     cpu_exec_realizefn(cs, &local_err);
3719     if (local_err != NULL) {
3720         error_propagate(errp, local_err);
3721         return;
3722     }
3723 
3724 #ifndef CONFIG_USER_ONLY
3725     qemu_register_reset(x86_cpu_machine_reset_cb, cpu);
3726 
3727     if (cpu->env.features[FEAT_1_EDX] & CPUID_APIC || smp_cpus > 1) {
3728         x86_cpu_apic_create(cpu, &local_err);
3729         if (local_err != NULL) {
3730             goto out;
3731         }
3732     }
3733 #endif
3734 
3735     mce_init(cpu);
3736 
3737 #ifndef CONFIG_USER_ONLY
3738     if (tcg_enabled()) {
3739         AddressSpace *as_normal = g_new0(AddressSpace, 1);
3740         AddressSpace *as_smm = g_new(AddressSpace, 1);
3741 
3742         address_space_init(as_normal, cs->memory, "cpu-memory");
3743 
3744         cpu->cpu_as_mem = g_new(MemoryRegion, 1);
3745         cpu->cpu_as_root = g_new(MemoryRegion, 1);
3746 
3747         /* Outer container... */
3748         memory_region_init(cpu->cpu_as_root, OBJECT(cpu), "memory", ~0ull);
3749         memory_region_set_enabled(cpu->cpu_as_root, true);
3750 
3751         /* ... with two regions inside: normal system memory with low
3752          * priority, and...
3753          */
3754         memory_region_init_alias(cpu->cpu_as_mem, OBJECT(cpu), "memory",
3755                                  get_system_memory(), 0, ~0ull);
3756         memory_region_add_subregion_overlap(cpu->cpu_as_root, 0, cpu->cpu_as_mem, 0);
3757         memory_region_set_enabled(cpu->cpu_as_mem, true);
3758         address_space_init(as_smm, cpu->cpu_as_root, "CPU");
3759 
3760         cs->num_ases = 2;
3761         cpu_address_space_init(cs, as_normal, 0);
3762         cpu_address_space_init(cs, as_smm, 1);
3763 
3764         /* ... SMRAM with higher priority, linked from /machine/smram.  */
3765         cpu->machine_done.notify = x86_cpu_machine_done;
3766         qemu_add_machine_init_done_notifier(&cpu->machine_done);
3767     }
3768 #endif
3769 
3770     qemu_init_vcpu(cs);
3771 
3772     /* Only Intel CPUs support hyperthreading. Even though QEMU fixes this
3773      * issue by adjusting CPUID_0000_0001_EBX and CPUID_8000_0008_ECX
3774      * based on inputs (sockets,cores,threads), it is still better to gives
3775      * users a warning.
3776      *
3777      * NOTE: the following code has to follow qemu_init_vcpu(). Otherwise
3778      * cs->nr_threads hasn't be populated yet and the checking is incorrect.
3779      */
3780     if (!IS_INTEL_CPU(env) && cs->nr_threads > 1 && !ht_warned) {
3781         error_report("AMD CPU doesn't support hyperthreading. Please configure"
3782                      " -smp options properly.");
3783         ht_warned = true;
3784     }
3785 
3786     x86_cpu_apic_realize(cpu, &local_err);
3787     if (local_err != NULL) {
3788         goto out;
3789     }
3790     cpu_reset(cs);
3791 
3792     xcc->parent_realize(dev, &local_err);
3793 
3794 out:
3795     if (local_err != NULL) {
3796         error_propagate(errp, local_err);
3797         return;
3798     }
3799 }
3800 
3801 static void x86_cpu_unrealizefn(DeviceState *dev, Error **errp)
3802 {
3803     X86CPU *cpu = X86_CPU(dev);
3804     X86CPUClass *xcc = X86_CPU_GET_CLASS(dev);
3805     Error *local_err = NULL;
3806 
3807 #ifndef CONFIG_USER_ONLY
3808     cpu_remove_sync(CPU(dev));
3809     qemu_unregister_reset(x86_cpu_machine_reset_cb, dev);
3810 #endif
3811 
3812     if (cpu->apic_state) {
3813         object_unparent(OBJECT(cpu->apic_state));
3814         cpu->apic_state = NULL;
3815     }
3816 
3817     xcc->parent_unrealize(dev, &local_err);
3818     if (local_err != NULL) {
3819         error_propagate(errp, local_err);
3820         return;
3821     }
3822 }
3823 
3824 typedef struct BitProperty {
3825     FeatureWord w;
3826     uint32_t mask;
3827 } BitProperty;
3828 
3829 static void x86_cpu_get_bit_prop(Object *obj, Visitor *v, const char *name,
3830                                  void *opaque, Error **errp)
3831 {
3832     X86CPU *cpu = X86_CPU(obj);
3833     BitProperty *fp = opaque;
3834     uint32_t f = cpu->env.features[fp->w];
3835     bool value = (f & fp->mask) == fp->mask;
3836     visit_type_bool(v, name, &value, errp);
3837 }
3838 
3839 static void x86_cpu_set_bit_prop(Object *obj, Visitor *v, const char *name,
3840                                  void *opaque, Error **errp)
3841 {
3842     DeviceState *dev = DEVICE(obj);
3843     X86CPU *cpu = X86_CPU(obj);
3844     BitProperty *fp = opaque;
3845     Error *local_err = NULL;
3846     bool value;
3847 
3848     if (dev->realized) {
3849         qdev_prop_set_after_realize(dev, name, errp);
3850         return;
3851     }
3852 
3853     visit_type_bool(v, name, &value, &local_err);
3854     if (local_err) {
3855         error_propagate(errp, local_err);
3856         return;
3857     }
3858 
3859     if (value) {
3860         cpu->env.features[fp->w] |= fp->mask;
3861     } else {
3862         cpu->env.features[fp->w] &= ~fp->mask;
3863     }
3864     cpu->env.user_features[fp->w] |= fp->mask;
3865 }
3866 
3867 static void x86_cpu_release_bit_prop(Object *obj, const char *name,
3868                                      void *opaque)
3869 {
3870     BitProperty *prop = opaque;
3871     g_free(prop);
3872 }
3873 
3874 /* Register a boolean property to get/set a single bit in a uint32_t field.
3875  *
3876  * The same property name can be registered multiple times to make it affect
3877  * multiple bits in the same FeatureWord. In that case, the getter will return
3878  * true only if all bits are set.
3879  */
3880 static void x86_cpu_register_bit_prop(X86CPU *cpu,
3881                                       const char *prop_name,
3882                                       FeatureWord w,
3883                                       int bitnr)
3884 {
3885     BitProperty *fp;
3886     ObjectProperty *op;
3887     uint32_t mask = (1UL << bitnr);
3888 
3889     op = object_property_find(OBJECT(cpu), prop_name, NULL);
3890     if (op) {
3891         fp = op->opaque;
3892         assert(fp->w == w);
3893         fp->mask |= mask;
3894     } else {
3895         fp = g_new0(BitProperty, 1);
3896         fp->w = w;
3897         fp->mask = mask;
3898         object_property_add(OBJECT(cpu), prop_name, "bool",
3899                             x86_cpu_get_bit_prop,
3900                             x86_cpu_set_bit_prop,
3901                             x86_cpu_release_bit_prop, fp, &error_abort);
3902     }
3903 }
3904 
3905 static void x86_cpu_register_feature_bit_props(X86CPU *cpu,
3906                                                FeatureWord w,
3907                                                int bitnr)
3908 {
3909     FeatureWordInfo *fi = &feature_word_info[w];
3910     const char *name = fi->feat_names[bitnr];
3911 
3912     if (!name) {
3913         return;
3914     }
3915 
3916     /* Property names should use "-" instead of "_".
3917      * Old names containing underscores are registered as aliases
3918      * using object_property_add_alias()
3919      */
3920     assert(!strchr(name, '_'));
3921     /* aliases don't use "|" delimiters anymore, they are registered
3922      * manually using object_property_add_alias() */
3923     assert(!strchr(name, '|'));
3924     x86_cpu_register_bit_prop(cpu, name, w, bitnr);
3925 }
3926 
3927 static GuestPanicInformation *x86_cpu_get_crash_info(CPUState *cs)
3928 {
3929     X86CPU *cpu = X86_CPU(cs);
3930     CPUX86State *env = &cpu->env;
3931     GuestPanicInformation *panic_info = NULL;
3932 
3933     if (env->features[FEAT_HYPERV_EDX] & HV_GUEST_CRASH_MSR_AVAILABLE) {
3934         panic_info = g_malloc0(sizeof(GuestPanicInformation));
3935 
3936         panic_info->type = GUEST_PANIC_INFORMATION_TYPE_HYPER_V;
3937 
3938         assert(HV_CRASH_PARAMS >= 5);
3939         panic_info->u.hyper_v.arg1 = env->msr_hv_crash_params[0];
3940         panic_info->u.hyper_v.arg2 = env->msr_hv_crash_params[1];
3941         panic_info->u.hyper_v.arg3 = env->msr_hv_crash_params[2];
3942         panic_info->u.hyper_v.arg4 = env->msr_hv_crash_params[3];
3943         panic_info->u.hyper_v.arg5 = env->msr_hv_crash_params[4];
3944     }
3945 
3946     return panic_info;
3947 }
3948 static void x86_cpu_get_crash_info_qom(Object *obj, Visitor *v,
3949                                        const char *name, void *opaque,
3950                                        Error **errp)
3951 {
3952     CPUState *cs = CPU(obj);
3953     GuestPanicInformation *panic_info;
3954 
3955     if (!cs->crash_occurred) {
3956         error_setg(errp, "No crash occured");
3957         return;
3958     }
3959 
3960     panic_info = x86_cpu_get_crash_info(cs);
3961     if (panic_info == NULL) {
3962         error_setg(errp, "No crash information");
3963         return;
3964     }
3965 
3966     visit_type_GuestPanicInformation(v, "crash-information", &panic_info,
3967                                      errp);
3968     qapi_free_GuestPanicInformation(panic_info);
3969 }
3970 
3971 static void x86_cpu_initfn(Object *obj)
3972 {
3973     CPUState *cs = CPU(obj);
3974     X86CPU *cpu = X86_CPU(obj);
3975     X86CPUClass *xcc = X86_CPU_GET_CLASS(obj);
3976     CPUX86State *env = &cpu->env;
3977     FeatureWord w;
3978 
3979     cs->env_ptr = env;
3980 
3981     object_property_add(obj, "family", "int",
3982                         x86_cpuid_version_get_family,
3983                         x86_cpuid_version_set_family, NULL, NULL, NULL);
3984     object_property_add(obj, "model", "int",
3985                         x86_cpuid_version_get_model,
3986                         x86_cpuid_version_set_model, NULL, NULL, NULL);
3987     object_property_add(obj, "stepping", "int",
3988                         x86_cpuid_version_get_stepping,
3989                         x86_cpuid_version_set_stepping, NULL, NULL, NULL);
3990     object_property_add_str(obj, "vendor",
3991                             x86_cpuid_get_vendor,
3992                             x86_cpuid_set_vendor, NULL);
3993     object_property_add_str(obj, "model-id",
3994                             x86_cpuid_get_model_id,
3995                             x86_cpuid_set_model_id, NULL);
3996     object_property_add(obj, "tsc-frequency", "int",
3997                         x86_cpuid_get_tsc_freq,
3998                         x86_cpuid_set_tsc_freq, NULL, NULL, NULL);
3999     object_property_add(obj, "feature-words", "X86CPUFeatureWordInfo",
4000                         x86_cpu_get_feature_words,
4001                         NULL, NULL, (void *)env->features, NULL);
4002     object_property_add(obj, "filtered-features", "X86CPUFeatureWordInfo",
4003                         x86_cpu_get_feature_words,
4004                         NULL, NULL, (void *)cpu->filtered_features, NULL);
4005 
4006     object_property_add(obj, "crash-information", "GuestPanicInformation",
4007                         x86_cpu_get_crash_info_qom, NULL, NULL, NULL, NULL);
4008 
4009     cpu->hyperv_spinlock_attempts = HYPERV_SPINLOCK_NEVER_RETRY;
4010 
4011     for (w = 0; w < FEATURE_WORDS; w++) {
4012         int bitnr;
4013 
4014         for (bitnr = 0; bitnr < 32; bitnr++) {
4015             x86_cpu_register_feature_bit_props(cpu, w, bitnr);
4016         }
4017     }
4018 
4019     object_property_add_alias(obj, "sse3", obj, "pni", &error_abort);
4020     object_property_add_alias(obj, "pclmuldq", obj, "pclmulqdq", &error_abort);
4021     object_property_add_alias(obj, "sse4-1", obj, "sse4.1", &error_abort);
4022     object_property_add_alias(obj, "sse4-2", obj, "sse4.2", &error_abort);
4023     object_property_add_alias(obj, "xd", obj, "nx", &error_abort);
4024     object_property_add_alias(obj, "ffxsr", obj, "fxsr-opt", &error_abort);
4025     object_property_add_alias(obj, "i64", obj, "lm", &error_abort);
4026 
4027     object_property_add_alias(obj, "ds_cpl", obj, "ds-cpl", &error_abort);
4028     object_property_add_alias(obj, "tsc_adjust", obj, "tsc-adjust", &error_abort);
4029     object_property_add_alias(obj, "fxsr_opt", obj, "fxsr-opt", &error_abort);
4030     object_property_add_alias(obj, "lahf_lm", obj, "lahf-lm", &error_abort);
4031     object_property_add_alias(obj, "cmp_legacy", obj, "cmp-legacy", &error_abort);
4032     object_property_add_alias(obj, "nodeid_msr", obj, "nodeid-msr", &error_abort);
4033     object_property_add_alias(obj, "perfctr_core", obj, "perfctr-core", &error_abort);
4034     object_property_add_alias(obj, "perfctr_nb", obj, "perfctr-nb", &error_abort);
4035     object_property_add_alias(obj, "kvm_nopiodelay", obj, "kvm-nopiodelay", &error_abort);
4036     object_property_add_alias(obj, "kvm_mmu", obj, "kvm-mmu", &error_abort);
4037     object_property_add_alias(obj, "kvm_asyncpf", obj, "kvm-asyncpf", &error_abort);
4038     object_property_add_alias(obj, "kvm_steal_time", obj, "kvm-steal-time", &error_abort);
4039     object_property_add_alias(obj, "kvm_pv_eoi", obj, "kvm-pv-eoi", &error_abort);
4040     object_property_add_alias(obj, "kvm_pv_unhalt", obj, "kvm-pv-unhalt", &error_abort);
4041     object_property_add_alias(obj, "svm_lock", obj, "svm-lock", &error_abort);
4042     object_property_add_alias(obj, "nrip_save", obj, "nrip-save", &error_abort);
4043     object_property_add_alias(obj, "tsc_scale", obj, "tsc-scale", &error_abort);
4044     object_property_add_alias(obj, "vmcb_clean", obj, "vmcb-clean", &error_abort);
4045     object_property_add_alias(obj, "pause_filter", obj, "pause-filter", &error_abort);
4046     object_property_add_alias(obj, "sse4_1", obj, "sse4.1", &error_abort);
4047     object_property_add_alias(obj, "sse4_2", obj, "sse4.2", &error_abort);
4048 
4049     if (xcc->cpu_def) {
4050         x86_cpu_load_def(cpu, xcc->cpu_def, &error_abort);
4051     }
4052 }
4053 
4054 static int64_t x86_cpu_get_arch_id(CPUState *cs)
4055 {
4056     X86CPU *cpu = X86_CPU(cs);
4057 
4058     return cpu->apic_id;
4059 }
4060 
4061 static bool x86_cpu_get_paging_enabled(const CPUState *cs)
4062 {
4063     X86CPU *cpu = X86_CPU(cs);
4064 
4065     return cpu->env.cr[0] & CR0_PG_MASK;
4066 }
4067 
4068 static void x86_cpu_set_pc(CPUState *cs, vaddr value)
4069 {
4070     X86CPU *cpu = X86_CPU(cs);
4071 
4072     cpu->env.eip = value;
4073 }
4074 
4075 static void x86_cpu_synchronize_from_tb(CPUState *cs, TranslationBlock *tb)
4076 {
4077     X86CPU *cpu = X86_CPU(cs);
4078 
4079     cpu->env.eip = tb->pc - tb->cs_base;
4080 }
4081 
4082 static bool x86_cpu_has_work(CPUState *cs)
4083 {
4084     X86CPU *cpu = X86_CPU(cs);
4085     CPUX86State *env = &cpu->env;
4086 
4087     return ((cs->interrupt_request & (CPU_INTERRUPT_HARD |
4088                                       CPU_INTERRUPT_POLL)) &&
4089             (env->eflags & IF_MASK)) ||
4090            (cs->interrupt_request & (CPU_INTERRUPT_NMI |
4091                                      CPU_INTERRUPT_INIT |
4092                                      CPU_INTERRUPT_SIPI |
4093                                      CPU_INTERRUPT_MCE)) ||
4094            ((cs->interrupt_request & CPU_INTERRUPT_SMI) &&
4095             !(env->hflags & HF_SMM_MASK));
4096 }
4097 
4098 static void x86_disas_set_info(CPUState *cs, disassemble_info *info)
4099 {
4100     X86CPU *cpu = X86_CPU(cs);
4101     CPUX86State *env = &cpu->env;
4102 
4103     info->mach = (env->hflags & HF_CS64_MASK ? bfd_mach_x86_64
4104                   : env->hflags & HF_CS32_MASK ? bfd_mach_i386_i386
4105                   : bfd_mach_i386_i8086);
4106     info->print_insn = print_insn_i386;
4107 
4108     info->cap_arch = CS_ARCH_X86;
4109     info->cap_mode = (env->hflags & HF_CS64_MASK ? CS_MODE_64
4110                       : env->hflags & HF_CS32_MASK ? CS_MODE_32
4111                       : CS_MODE_16);
4112 }
4113 
4114 static Property x86_cpu_properties[] = {
4115 #ifdef CONFIG_USER_ONLY
4116     /* apic_id = 0 by default for *-user, see commit 9886e834 */
4117     DEFINE_PROP_UINT32("apic-id", X86CPU, apic_id, 0),
4118     DEFINE_PROP_INT32("thread-id", X86CPU, thread_id, 0),
4119     DEFINE_PROP_INT32("core-id", X86CPU, core_id, 0),
4120     DEFINE_PROP_INT32("socket-id", X86CPU, socket_id, 0),
4121 #else
4122     DEFINE_PROP_UINT32("apic-id", X86CPU, apic_id, UNASSIGNED_APIC_ID),
4123     DEFINE_PROP_INT32("thread-id", X86CPU, thread_id, -1),
4124     DEFINE_PROP_INT32("core-id", X86CPU, core_id, -1),
4125     DEFINE_PROP_INT32("socket-id", X86CPU, socket_id, -1),
4126 #endif
4127     DEFINE_PROP_INT32("node-id", X86CPU, node_id, CPU_UNSET_NUMA_NODE_ID),
4128     DEFINE_PROP_BOOL("pmu", X86CPU, enable_pmu, false),
4129     { .name  = "hv-spinlocks", .info  = &qdev_prop_spinlocks },
4130     DEFINE_PROP_BOOL("hv-relaxed", X86CPU, hyperv_relaxed_timing, false),
4131     DEFINE_PROP_BOOL("hv-vapic", X86CPU, hyperv_vapic, false),
4132     DEFINE_PROP_BOOL("hv-time", X86CPU, hyperv_time, false),
4133     DEFINE_PROP_BOOL("hv-crash", X86CPU, hyperv_crash, false),
4134     DEFINE_PROP_BOOL("hv-reset", X86CPU, hyperv_reset, false),
4135     DEFINE_PROP_BOOL("hv-vpindex", X86CPU, hyperv_vpindex, false),
4136     DEFINE_PROP_BOOL("hv-runtime", X86CPU, hyperv_runtime, false),
4137     DEFINE_PROP_BOOL("hv-synic", X86CPU, hyperv_synic, false),
4138     DEFINE_PROP_BOOL("hv-stimer", X86CPU, hyperv_stimer, false),
4139     DEFINE_PROP_BOOL("check", X86CPU, check_cpuid, true),
4140     DEFINE_PROP_BOOL("enforce", X86CPU, enforce_cpuid, false),
4141     DEFINE_PROP_BOOL("kvm", X86CPU, expose_kvm, true),
4142     DEFINE_PROP_UINT32("phys-bits", X86CPU, phys_bits, 0),
4143     DEFINE_PROP_BOOL("host-phys-bits", X86CPU, host_phys_bits, false),
4144     DEFINE_PROP_BOOL("fill-mtrr-mask", X86CPU, fill_mtrr_mask, true),
4145     DEFINE_PROP_UINT32("level", X86CPU, env.cpuid_level, UINT32_MAX),
4146     DEFINE_PROP_UINT32("xlevel", X86CPU, env.cpuid_xlevel, UINT32_MAX),
4147     DEFINE_PROP_UINT32("xlevel2", X86CPU, env.cpuid_xlevel2, UINT32_MAX),
4148     DEFINE_PROP_UINT32("min-level", X86CPU, env.cpuid_min_level, 0),
4149     DEFINE_PROP_UINT32("min-xlevel", X86CPU, env.cpuid_min_xlevel, 0),
4150     DEFINE_PROP_UINT32("min-xlevel2", X86CPU, env.cpuid_min_xlevel2, 0),
4151     DEFINE_PROP_BOOL("full-cpuid-auto-level", X86CPU, full_cpuid_auto_level, true),
4152     DEFINE_PROP_STRING("hv-vendor-id", X86CPU, hyperv_vendor_id),
4153     DEFINE_PROP_BOOL("cpuid-0xb", X86CPU, enable_cpuid_0xb, true),
4154     DEFINE_PROP_BOOL("lmce", X86CPU, enable_lmce, false),
4155     DEFINE_PROP_BOOL("l3-cache", X86CPU, enable_l3_cache, true),
4156     DEFINE_PROP_BOOL("kvm-no-smi-migration", X86CPU, kvm_no_smi_migration,
4157                      false),
4158     DEFINE_PROP_BOOL("vmware-cpuid-freq", X86CPU, vmware_cpuid_freq, true),
4159     DEFINE_PROP_BOOL("tcg-cpuid", X86CPU, expose_tcg, true),
4160 
4161     /*
4162      * From "Requirements for Implementing the Microsoft
4163      * Hypervisor Interface":
4164      * https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/reference/tlfs
4165      *
4166      * "Starting with Windows Server 2012 and Windows 8, if
4167      * CPUID.40000005.EAX contains a value of -1, Windows assumes that
4168      * the hypervisor imposes no specific limit to the number of VPs.
4169      * In this case, Windows Server 2012 guest VMs may use more than
4170      * 64 VPs, up to the maximum supported number of processors applicable
4171      * to the specific Windows version being used."
4172      */
4173     DEFINE_PROP_INT32("x-hv-max-vps", X86CPU, hv_max_vps, -1),
4174     DEFINE_PROP_END_OF_LIST()
4175 };
4176 
4177 static void x86_cpu_common_class_init(ObjectClass *oc, void *data)
4178 {
4179     X86CPUClass *xcc = X86_CPU_CLASS(oc);
4180     CPUClass *cc = CPU_CLASS(oc);
4181     DeviceClass *dc = DEVICE_CLASS(oc);
4182 
4183     xcc->parent_realize = dc->realize;
4184     xcc->parent_unrealize = dc->unrealize;
4185     dc->realize = x86_cpu_realizefn;
4186     dc->unrealize = x86_cpu_unrealizefn;
4187     dc->props = x86_cpu_properties;
4188 
4189     xcc->parent_reset = cc->reset;
4190     cc->reset = x86_cpu_reset;
4191     cc->reset_dump_flags = CPU_DUMP_FPU | CPU_DUMP_CCOP;
4192 
4193     cc->class_by_name = x86_cpu_class_by_name;
4194     cc->parse_features = x86_cpu_parse_featurestr;
4195     cc->has_work = x86_cpu_has_work;
4196 #ifdef CONFIG_TCG
4197     cc->do_interrupt = x86_cpu_do_interrupt;
4198     cc->cpu_exec_interrupt = x86_cpu_exec_interrupt;
4199 #endif
4200     cc->dump_state = x86_cpu_dump_state;
4201     cc->get_crash_info = x86_cpu_get_crash_info;
4202     cc->set_pc = x86_cpu_set_pc;
4203     cc->synchronize_from_tb = x86_cpu_synchronize_from_tb;
4204     cc->gdb_read_register = x86_cpu_gdb_read_register;
4205     cc->gdb_write_register = x86_cpu_gdb_write_register;
4206     cc->get_arch_id = x86_cpu_get_arch_id;
4207     cc->get_paging_enabled = x86_cpu_get_paging_enabled;
4208 #ifdef CONFIG_USER_ONLY
4209     cc->handle_mmu_fault = x86_cpu_handle_mmu_fault;
4210 #else
4211     cc->asidx_from_attrs = x86_asidx_from_attrs;
4212     cc->get_memory_mapping = x86_cpu_get_memory_mapping;
4213     cc->get_phys_page_debug = x86_cpu_get_phys_page_debug;
4214     cc->write_elf64_note = x86_cpu_write_elf64_note;
4215     cc->write_elf64_qemunote = x86_cpu_write_elf64_qemunote;
4216     cc->write_elf32_note = x86_cpu_write_elf32_note;
4217     cc->write_elf32_qemunote = x86_cpu_write_elf32_qemunote;
4218     cc->vmsd = &vmstate_x86_cpu;
4219 #endif
4220     cc->gdb_arch_name = x86_gdb_arch_name;
4221 #ifdef TARGET_X86_64
4222     cc->gdb_core_xml_file = "i386-64bit.xml";
4223     cc->gdb_num_core_regs = 57;
4224 #else
4225     cc->gdb_core_xml_file = "i386-32bit.xml";
4226     cc->gdb_num_core_regs = 41;
4227 #endif
4228 #if defined(CONFIG_TCG) && !defined(CONFIG_USER_ONLY)
4229     cc->debug_excp_handler = breakpoint_handler;
4230 #endif
4231     cc->cpu_exec_enter = x86_cpu_exec_enter;
4232     cc->cpu_exec_exit = x86_cpu_exec_exit;
4233 #ifdef CONFIG_TCG
4234     cc->tcg_initialize = tcg_x86_init;
4235 #endif
4236     cc->disas_set_info = x86_disas_set_info;
4237 
4238     dc->user_creatable = true;
4239 }
4240 
4241 static const TypeInfo x86_cpu_type_info = {
4242     .name = TYPE_X86_CPU,
4243     .parent = TYPE_CPU,
4244     .instance_size = sizeof(X86CPU),
4245     .instance_init = x86_cpu_initfn,
4246     .abstract = true,
4247     .class_size = sizeof(X86CPUClass),
4248     .class_init = x86_cpu_common_class_init,
4249 };
4250 
4251 
4252 /* "base" CPU model, used by query-cpu-model-expansion */
4253 static void x86_cpu_base_class_init(ObjectClass *oc, void *data)
4254 {
4255     X86CPUClass *xcc = X86_CPU_CLASS(oc);
4256 
4257     xcc->static_model = true;
4258     xcc->migration_safe = true;
4259     xcc->model_description = "base CPU model type with no features enabled";
4260     xcc->ordering = 8;
4261 }
4262 
4263 static const TypeInfo x86_base_cpu_type_info = {
4264         .name = X86_CPU_TYPE_NAME("base"),
4265         .parent = TYPE_X86_CPU,
4266         .class_init = x86_cpu_base_class_init,
4267 };
4268 
4269 static void x86_cpu_register_types(void)
4270 {
4271     int i;
4272 
4273     type_register_static(&x86_cpu_type_info);
4274     for (i = 0; i < ARRAY_SIZE(builtin_x86_defs); i++) {
4275         x86_register_cpudef_type(&builtin_x86_defs[i]);
4276     }
4277     type_register_static(&max_x86_cpu_type_info);
4278     type_register_static(&x86_base_cpu_type_info);
4279 #ifdef CONFIG_KVM
4280     type_register_static(&host_x86_cpu_type_info);
4281 #endif
4282 }
4283 
4284 type_init(x86_cpu_register_types)
4285