xref: /openbmc/qemu/target/i386/cpu.c (revision e2abbeac)
1 /*
2  *  i386 CPUID, CPU class, definitions, models
3  *
4  *  Copyright (c) 2003 Fabrice Bellard
5  *
6  * This library is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Lesser General Public
8  * License as published by the Free Software Foundation; either
9  * version 2.1 of the License, or (at your option) any later version.
10  *
11  * This library is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
14  * Lesser General Public License for more details.
15  *
16  * You should have received a copy of the GNU Lesser General Public
17  * License along with this library; if not, see <http://www.gnu.org/licenses/>.
18  */
19 
20 #include "qemu/osdep.h"
21 #include "qemu/units.h"
22 #include "qemu/cutils.h"
23 #include "qemu/qemu-print.h"
24 #include "cpu.h"
25 #include "tcg/helper-tcg.h"
26 #include "sysemu/reset.h"
27 #include "sysemu/hvf.h"
28 #include "kvm/kvm_i386.h"
29 #include "sev_i386.h"
30 #include "qapi/qapi-visit-machine.h"
31 #include "qapi/qmp/qerror.h"
32 #include "qapi/qapi-commands-machine-target.h"
33 #include "standard-headers/asm-x86/kvm_para.h"
34 #include "hw/qdev-properties.h"
35 #include "hw/i386/topology.h"
36 #ifndef CONFIG_USER_ONLY
37 #include "exec/address-spaces.h"
38 #include "hw/boards.h"
39 #endif
40 
41 #include "disas/capstone.h"
42 #include "cpu-internal.h"
43 
44 /* Helpers for building CPUID[2] descriptors: */
45 
46 struct CPUID2CacheDescriptorInfo {
47     enum CacheType type;
48     int level;
49     int size;
50     int line_size;
51     int associativity;
52 };
53 
54 /*
55  * Known CPUID 2 cache descriptors.
56  * From Intel SDM Volume 2A, CPUID instruction
57  */
58 struct CPUID2CacheDescriptorInfo cpuid2_cache_descriptors[] = {
59     [0x06] = { .level = 1, .type = INSTRUCTION_CACHE, .size =   8 * KiB,
60                .associativity = 4,  .line_size = 32, },
61     [0x08] = { .level = 1, .type = INSTRUCTION_CACHE, .size =  16 * KiB,
62                .associativity = 4,  .line_size = 32, },
63     [0x09] = { .level = 1, .type = INSTRUCTION_CACHE, .size =  32 * KiB,
64                .associativity = 4,  .line_size = 64, },
65     [0x0A] = { .level = 1, .type = DATA_CACHE,        .size =   8 * KiB,
66                .associativity = 2,  .line_size = 32, },
67     [0x0C] = { .level = 1, .type = DATA_CACHE,        .size =  16 * KiB,
68                .associativity = 4,  .line_size = 32, },
69     [0x0D] = { .level = 1, .type = DATA_CACHE,        .size =  16 * KiB,
70                .associativity = 4,  .line_size = 64, },
71     [0x0E] = { .level = 1, .type = DATA_CACHE,        .size =  24 * KiB,
72                .associativity = 6,  .line_size = 64, },
73     [0x1D] = { .level = 2, .type = UNIFIED_CACHE,     .size = 128 * KiB,
74                .associativity = 2,  .line_size = 64, },
75     [0x21] = { .level = 2, .type = UNIFIED_CACHE,     .size = 256 * KiB,
76                .associativity = 8,  .line_size = 64, },
77     /* lines per sector is not supported cpuid2_cache_descriptor(),
78     * so descriptors 0x22, 0x23 are not included
79     */
80     [0x24] = { .level = 2, .type = UNIFIED_CACHE,     .size =   1 * MiB,
81                .associativity = 16, .line_size = 64, },
82     /* lines per sector is not supported cpuid2_cache_descriptor(),
83     * so descriptors 0x25, 0x20 are not included
84     */
85     [0x2C] = { .level = 1, .type = DATA_CACHE,        .size =  32 * KiB,
86                .associativity = 8,  .line_size = 64, },
87     [0x30] = { .level = 1, .type = INSTRUCTION_CACHE, .size =  32 * KiB,
88                .associativity = 8,  .line_size = 64, },
89     [0x41] = { .level = 2, .type = UNIFIED_CACHE,     .size = 128 * KiB,
90                .associativity = 4,  .line_size = 32, },
91     [0x42] = { .level = 2, .type = UNIFIED_CACHE,     .size = 256 * KiB,
92                .associativity = 4,  .line_size = 32, },
93     [0x43] = { .level = 2, .type = UNIFIED_CACHE,     .size = 512 * KiB,
94                .associativity = 4,  .line_size = 32, },
95     [0x44] = { .level = 2, .type = UNIFIED_CACHE,     .size =   1 * MiB,
96                .associativity = 4,  .line_size = 32, },
97     [0x45] = { .level = 2, .type = UNIFIED_CACHE,     .size =   2 * MiB,
98                .associativity = 4,  .line_size = 32, },
99     [0x46] = { .level = 3, .type = UNIFIED_CACHE,     .size =   4 * MiB,
100                .associativity = 4,  .line_size = 64, },
101     [0x47] = { .level = 3, .type = UNIFIED_CACHE,     .size =   8 * MiB,
102                .associativity = 8,  .line_size = 64, },
103     [0x48] = { .level = 2, .type = UNIFIED_CACHE,     .size =   3 * MiB,
104                .associativity = 12, .line_size = 64, },
105     /* Descriptor 0x49 depends on CPU family/model, so it is not included */
106     [0x4A] = { .level = 3, .type = UNIFIED_CACHE,     .size =   6 * MiB,
107                .associativity = 12, .line_size = 64, },
108     [0x4B] = { .level = 3, .type = UNIFIED_CACHE,     .size =   8 * MiB,
109                .associativity = 16, .line_size = 64, },
110     [0x4C] = { .level = 3, .type = UNIFIED_CACHE,     .size =  12 * MiB,
111                .associativity = 12, .line_size = 64, },
112     [0x4D] = { .level = 3, .type = UNIFIED_CACHE,     .size =  16 * MiB,
113                .associativity = 16, .line_size = 64, },
114     [0x4E] = { .level = 2, .type = UNIFIED_CACHE,     .size =   6 * MiB,
115                .associativity = 24, .line_size = 64, },
116     [0x60] = { .level = 1, .type = DATA_CACHE,        .size =  16 * KiB,
117                .associativity = 8,  .line_size = 64, },
118     [0x66] = { .level = 1, .type = DATA_CACHE,        .size =   8 * KiB,
119                .associativity = 4,  .line_size = 64, },
120     [0x67] = { .level = 1, .type = DATA_CACHE,        .size =  16 * KiB,
121                .associativity = 4,  .line_size = 64, },
122     [0x68] = { .level = 1, .type = DATA_CACHE,        .size =  32 * KiB,
123                .associativity = 4,  .line_size = 64, },
124     [0x78] = { .level = 2, .type = UNIFIED_CACHE,     .size =   1 * MiB,
125                .associativity = 4,  .line_size = 64, },
126     /* lines per sector is not supported cpuid2_cache_descriptor(),
127     * so descriptors 0x79, 0x7A, 0x7B, 0x7C are not included.
128     */
129     [0x7D] = { .level = 2, .type = UNIFIED_CACHE,     .size =   2 * MiB,
130                .associativity = 8,  .line_size = 64, },
131     [0x7F] = { .level = 2, .type = UNIFIED_CACHE,     .size = 512 * KiB,
132                .associativity = 2,  .line_size = 64, },
133     [0x80] = { .level = 2, .type = UNIFIED_CACHE,     .size = 512 * KiB,
134                .associativity = 8,  .line_size = 64, },
135     [0x82] = { .level = 2, .type = UNIFIED_CACHE,     .size = 256 * KiB,
136                .associativity = 8,  .line_size = 32, },
137     [0x83] = { .level = 2, .type = UNIFIED_CACHE,     .size = 512 * KiB,
138                .associativity = 8,  .line_size = 32, },
139     [0x84] = { .level = 2, .type = UNIFIED_CACHE,     .size =   1 * MiB,
140                .associativity = 8,  .line_size = 32, },
141     [0x85] = { .level = 2, .type = UNIFIED_CACHE,     .size =   2 * MiB,
142                .associativity = 8,  .line_size = 32, },
143     [0x86] = { .level = 2, .type = UNIFIED_CACHE,     .size = 512 * KiB,
144                .associativity = 4,  .line_size = 64, },
145     [0x87] = { .level = 2, .type = UNIFIED_CACHE,     .size =   1 * MiB,
146                .associativity = 8,  .line_size = 64, },
147     [0xD0] = { .level = 3, .type = UNIFIED_CACHE,     .size = 512 * KiB,
148                .associativity = 4,  .line_size = 64, },
149     [0xD1] = { .level = 3, .type = UNIFIED_CACHE,     .size =   1 * MiB,
150                .associativity = 4,  .line_size = 64, },
151     [0xD2] = { .level = 3, .type = UNIFIED_CACHE,     .size =   2 * MiB,
152                .associativity = 4,  .line_size = 64, },
153     [0xD6] = { .level = 3, .type = UNIFIED_CACHE,     .size =   1 * MiB,
154                .associativity = 8,  .line_size = 64, },
155     [0xD7] = { .level = 3, .type = UNIFIED_CACHE,     .size =   2 * MiB,
156                .associativity = 8,  .line_size = 64, },
157     [0xD8] = { .level = 3, .type = UNIFIED_CACHE,     .size =   4 * MiB,
158                .associativity = 8,  .line_size = 64, },
159     [0xDC] = { .level = 3, .type = UNIFIED_CACHE,     .size = 1.5 * MiB,
160                .associativity = 12, .line_size = 64, },
161     [0xDD] = { .level = 3, .type = UNIFIED_CACHE,     .size =   3 * MiB,
162                .associativity = 12, .line_size = 64, },
163     [0xDE] = { .level = 3, .type = UNIFIED_CACHE,     .size =   6 * MiB,
164                .associativity = 12, .line_size = 64, },
165     [0xE2] = { .level = 3, .type = UNIFIED_CACHE,     .size =   2 * MiB,
166                .associativity = 16, .line_size = 64, },
167     [0xE3] = { .level = 3, .type = UNIFIED_CACHE,     .size =   4 * MiB,
168                .associativity = 16, .line_size = 64, },
169     [0xE4] = { .level = 3, .type = UNIFIED_CACHE,     .size =   8 * MiB,
170                .associativity = 16, .line_size = 64, },
171     [0xEA] = { .level = 3, .type = UNIFIED_CACHE,     .size =  12 * MiB,
172                .associativity = 24, .line_size = 64, },
173     [0xEB] = { .level = 3, .type = UNIFIED_CACHE,     .size =  18 * MiB,
174                .associativity = 24, .line_size = 64, },
175     [0xEC] = { .level = 3, .type = UNIFIED_CACHE,     .size =  24 * MiB,
176                .associativity = 24, .line_size = 64, },
177 };
178 
179 /*
180  * "CPUID leaf 2 does not report cache descriptor information,
181  * use CPUID leaf 4 to query cache parameters"
182  */
183 #define CACHE_DESCRIPTOR_UNAVAILABLE 0xFF
184 
185 /*
186  * Return a CPUID 2 cache descriptor for a given cache.
187  * If no known descriptor is found, return CACHE_DESCRIPTOR_UNAVAILABLE
188  */
189 static uint8_t cpuid2_cache_descriptor(CPUCacheInfo *cache)
190 {
191     int i;
192 
193     assert(cache->size > 0);
194     assert(cache->level > 0);
195     assert(cache->line_size > 0);
196     assert(cache->associativity > 0);
197     for (i = 0; i < ARRAY_SIZE(cpuid2_cache_descriptors); i++) {
198         struct CPUID2CacheDescriptorInfo *d = &cpuid2_cache_descriptors[i];
199         if (d->level == cache->level && d->type == cache->type &&
200             d->size == cache->size && d->line_size == cache->line_size &&
201             d->associativity == cache->associativity) {
202                 return i;
203             }
204     }
205 
206     return CACHE_DESCRIPTOR_UNAVAILABLE;
207 }
208 
209 /* CPUID Leaf 4 constants: */
210 
211 /* EAX: */
212 #define CACHE_TYPE_D    1
213 #define CACHE_TYPE_I    2
214 #define CACHE_TYPE_UNIFIED   3
215 
216 #define CACHE_LEVEL(l)        (l << 5)
217 
218 #define CACHE_SELF_INIT_LEVEL (1 << 8)
219 
220 /* EDX: */
221 #define CACHE_NO_INVD_SHARING   (1 << 0)
222 #define CACHE_INCLUSIVE       (1 << 1)
223 #define CACHE_COMPLEX_IDX     (1 << 2)
224 
225 /* Encode CacheType for CPUID[4].EAX */
226 #define CACHE_TYPE(t) (((t) == DATA_CACHE) ? CACHE_TYPE_D : \
227                        ((t) == INSTRUCTION_CACHE) ? CACHE_TYPE_I : \
228                        ((t) == UNIFIED_CACHE) ? CACHE_TYPE_UNIFIED : \
229                        0 /* Invalid value */)
230 
231 
232 /* Encode cache info for CPUID[4] */
233 static void encode_cache_cpuid4(CPUCacheInfo *cache,
234                                 int num_apic_ids, int num_cores,
235                                 uint32_t *eax, uint32_t *ebx,
236                                 uint32_t *ecx, uint32_t *edx)
237 {
238     assert(cache->size == cache->line_size * cache->associativity *
239                           cache->partitions * cache->sets);
240 
241     assert(num_apic_ids > 0);
242     *eax = CACHE_TYPE(cache->type) |
243            CACHE_LEVEL(cache->level) |
244            (cache->self_init ? CACHE_SELF_INIT_LEVEL : 0) |
245            ((num_cores - 1) << 26) |
246            ((num_apic_ids - 1) << 14);
247 
248     assert(cache->line_size > 0);
249     assert(cache->partitions > 0);
250     assert(cache->associativity > 0);
251     /* We don't implement fully-associative caches */
252     assert(cache->associativity < cache->sets);
253     *ebx = (cache->line_size - 1) |
254            ((cache->partitions - 1) << 12) |
255            ((cache->associativity - 1) << 22);
256 
257     assert(cache->sets > 0);
258     *ecx = cache->sets - 1;
259 
260     *edx = (cache->no_invd_sharing ? CACHE_NO_INVD_SHARING : 0) |
261            (cache->inclusive ? CACHE_INCLUSIVE : 0) |
262            (cache->complex_indexing ? CACHE_COMPLEX_IDX : 0);
263 }
264 
265 /* Encode cache info for CPUID[0x80000005].ECX or CPUID[0x80000005].EDX */
266 static uint32_t encode_cache_cpuid80000005(CPUCacheInfo *cache)
267 {
268     assert(cache->size % 1024 == 0);
269     assert(cache->lines_per_tag > 0);
270     assert(cache->associativity > 0);
271     assert(cache->line_size > 0);
272     return ((cache->size / 1024) << 24) | (cache->associativity << 16) |
273            (cache->lines_per_tag << 8) | (cache->line_size);
274 }
275 
276 #define ASSOC_FULL 0xFF
277 
278 /* AMD associativity encoding used on CPUID Leaf 0x80000006: */
279 #define AMD_ENC_ASSOC(a) (a <=   1 ? a   : \
280                           a ==   2 ? 0x2 : \
281                           a ==   4 ? 0x4 : \
282                           a ==   8 ? 0x6 : \
283                           a ==  16 ? 0x8 : \
284                           a ==  32 ? 0xA : \
285                           a ==  48 ? 0xB : \
286                           a ==  64 ? 0xC : \
287                           a ==  96 ? 0xD : \
288                           a == 128 ? 0xE : \
289                           a == ASSOC_FULL ? 0xF : \
290                           0 /* invalid value */)
291 
292 /*
293  * Encode cache info for CPUID[0x80000006].ECX and CPUID[0x80000006].EDX
294  * @l3 can be NULL.
295  */
296 static void encode_cache_cpuid80000006(CPUCacheInfo *l2,
297                                        CPUCacheInfo *l3,
298                                        uint32_t *ecx, uint32_t *edx)
299 {
300     assert(l2->size % 1024 == 0);
301     assert(l2->associativity > 0);
302     assert(l2->lines_per_tag > 0);
303     assert(l2->line_size > 0);
304     *ecx = ((l2->size / 1024) << 16) |
305            (AMD_ENC_ASSOC(l2->associativity) << 12) |
306            (l2->lines_per_tag << 8) | (l2->line_size);
307 
308     if (l3) {
309         assert(l3->size % (512 * 1024) == 0);
310         assert(l3->associativity > 0);
311         assert(l3->lines_per_tag > 0);
312         assert(l3->line_size > 0);
313         *edx = ((l3->size / (512 * 1024)) << 18) |
314                (AMD_ENC_ASSOC(l3->associativity) << 12) |
315                (l3->lines_per_tag << 8) | (l3->line_size);
316     } else {
317         *edx = 0;
318     }
319 }
320 
321 /* Encode cache info for CPUID[8000001D] */
322 static void encode_cache_cpuid8000001d(CPUCacheInfo *cache,
323                                        X86CPUTopoInfo *topo_info,
324                                        uint32_t *eax, uint32_t *ebx,
325                                        uint32_t *ecx, uint32_t *edx)
326 {
327     uint32_t l3_threads;
328     assert(cache->size == cache->line_size * cache->associativity *
329                           cache->partitions * cache->sets);
330 
331     *eax = CACHE_TYPE(cache->type) | CACHE_LEVEL(cache->level) |
332                (cache->self_init ? CACHE_SELF_INIT_LEVEL : 0);
333 
334     /* L3 is shared among multiple cores */
335     if (cache->level == 3) {
336         l3_threads = topo_info->cores_per_die * topo_info->threads_per_core;
337         *eax |= (l3_threads - 1) << 14;
338     } else {
339         *eax |= ((topo_info->threads_per_core - 1) << 14);
340     }
341 
342     assert(cache->line_size > 0);
343     assert(cache->partitions > 0);
344     assert(cache->associativity > 0);
345     /* We don't implement fully-associative caches */
346     assert(cache->associativity < cache->sets);
347     *ebx = (cache->line_size - 1) |
348            ((cache->partitions - 1) << 12) |
349            ((cache->associativity - 1) << 22);
350 
351     assert(cache->sets > 0);
352     *ecx = cache->sets - 1;
353 
354     *edx = (cache->no_invd_sharing ? CACHE_NO_INVD_SHARING : 0) |
355            (cache->inclusive ? CACHE_INCLUSIVE : 0) |
356            (cache->complex_indexing ? CACHE_COMPLEX_IDX : 0);
357 }
358 
359 /* Encode cache info for CPUID[8000001E] */
360 static void encode_topo_cpuid8000001e(X86CPU *cpu, X86CPUTopoInfo *topo_info,
361                                       uint32_t *eax, uint32_t *ebx,
362                                       uint32_t *ecx, uint32_t *edx)
363 {
364     X86CPUTopoIDs topo_ids;
365 
366     x86_topo_ids_from_apicid(cpu->apic_id, topo_info, &topo_ids);
367 
368     *eax = cpu->apic_id;
369 
370     /*
371      * CPUID_Fn8000001E_EBX [Core Identifiers] (CoreId)
372      * Read-only. Reset: 0000_XXXXh.
373      * See Core::X86::Cpuid::ExtApicId.
374      * Core::X86::Cpuid::CoreId_lthree[1:0]_core[3:0]_thread[1:0];
375      * Bits Description
376      * 31:16 Reserved.
377      * 15:8 ThreadsPerCore: threads per core. Read-only. Reset: XXh.
378      *      The number of threads per core is ThreadsPerCore+1.
379      *  7:0 CoreId: core ID. Read-only. Reset: XXh.
380      *
381      *  NOTE: CoreId is already part of apic_id. Just use it. We can
382      *  use all the 8 bits to represent the core_id here.
383      */
384     *ebx = ((topo_info->threads_per_core - 1) << 8) | (topo_ids.core_id & 0xFF);
385 
386     /*
387      * CPUID_Fn8000001E_ECX [Node Identifiers] (NodeId)
388      * Read-only. Reset: 0000_0XXXh.
389      * Core::X86::Cpuid::NodeId_lthree[1:0]_core[3:0]_thread[1:0];
390      * Bits Description
391      * 31:11 Reserved.
392      * 10:8 NodesPerProcessor: Node per processor. Read-only. Reset: XXXb.
393      *      ValidValues:
394      *      Value Description
395      *      000b  1 node per processor.
396      *      001b  2 nodes per processor.
397      *      010b Reserved.
398      *      011b 4 nodes per processor.
399      *      111b-100b Reserved.
400      *  7:0 NodeId: Node ID. Read-only. Reset: XXh.
401      *
402      * NOTE: Hardware reserves 3 bits for number of nodes per processor.
403      * But users can create more nodes than the actual hardware can
404      * support. To genaralize we can use all the upper 8 bits for nodes.
405      * NodeId is combination of node and socket_id which is already decoded
406      * in apic_id. Just use it by shifting.
407      */
408     *ecx = ((topo_info->dies_per_pkg - 1) << 8) |
409            ((cpu->apic_id >> apicid_die_offset(topo_info)) & 0xFF);
410 
411     *edx = 0;
412 }
413 
414 /*
415  * Definitions of the hardcoded cache entries we expose:
416  * These are legacy cache values. If there is a need to change any
417  * of these values please use builtin_x86_defs
418  */
419 
420 /* L1 data cache: */
421 static CPUCacheInfo legacy_l1d_cache = {
422     .type = DATA_CACHE,
423     .level = 1,
424     .size = 32 * KiB,
425     .self_init = 1,
426     .line_size = 64,
427     .associativity = 8,
428     .sets = 64,
429     .partitions = 1,
430     .no_invd_sharing = true,
431 };
432 
433 /*FIXME: CPUID leaf 0x80000005 is inconsistent with leaves 2 & 4 */
434 static CPUCacheInfo legacy_l1d_cache_amd = {
435     .type = DATA_CACHE,
436     .level = 1,
437     .size = 64 * KiB,
438     .self_init = 1,
439     .line_size = 64,
440     .associativity = 2,
441     .sets = 512,
442     .partitions = 1,
443     .lines_per_tag = 1,
444     .no_invd_sharing = true,
445 };
446 
447 /* L1 instruction cache: */
448 static CPUCacheInfo legacy_l1i_cache = {
449     .type = INSTRUCTION_CACHE,
450     .level = 1,
451     .size = 32 * KiB,
452     .self_init = 1,
453     .line_size = 64,
454     .associativity = 8,
455     .sets = 64,
456     .partitions = 1,
457     .no_invd_sharing = true,
458 };
459 
460 /*FIXME: CPUID leaf 0x80000005 is inconsistent with leaves 2 & 4 */
461 static CPUCacheInfo legacy_l1i_cache_amd = {
462     .type = INSTRUCTION_CACHE,
463     .level = 1,
464     .size = 64 * KiB,
465     .self_init = 1,
466     .line_size = 64,
467     .associativity = 2,
468     .sets = 512,
469     .partitions = 1,
470     .lines_per_tag = 1,
471     .no_invd_sharing = true,
472 };
473 
474 /* Level 2 unified cache: */
475 static CPUCacheInfo legacy_l2_cache = {
476     .type = UNIFIED_CACHE,
477     .level = 2,
478     .size = 4 * MiB,
479     .self_init = 1,
480     .line_size = 64,
481     .associativity = 16,
482     .sets = 4096,
483     .partitions = 1,
484     .no_invd_sharing = true,
485 };
486 
487 /*FIXME: CPUID leaf 2 descriptor is inconsistent with CPUID leaf 4 */
488 static CPUCacheInfo legacy_l2_cache_cpuid2 = {
489     .type = UNIFIED_CACHE,
490     .level = 2,
491     .size = 2 * MiB,
492     .line_size = 64,
493     .associativity = 8,
494 };
495 
496 
497 /*FIXME: CPUID leaf 0x80000006 is inconsistent with leaves 2 & 4 */
498 static CPUCacheInfo legacy_l2_cache_amd = {
499     .type = UNIFIED_CACHE,
500     .level = 2,
501     .size = 512 * KiB,
502     .line_size = 64,
503     .lines_per_tag = 1,
504     .associativity = 16,
505     .sets = 512,
506     .partitions = 1,
507 };
508 
509 /* Level 3 unified cache: */
510 static CPUCacheInfo legacy_l3_cache = {
511     .type = UNIFIED_CACHE,
512     .level = 3,
513     .size = 16 * MiB,
514     .line_size = 64,
515     .associativity = 16,
516     .sets = 16384,
517     .partitions = 1,
518     .lines_per_tag = 1,
519     .self_init = true,
520     .inclusive = true,
521     .complex_indexing = true,
522 };
523 
524 /* TLB definitions: */
525 
526 #define L1_DTLB_2M_ASSOC       1
527 #define L1_DTLB_2M_ENTRIES   255
528 #define L1_DTLB_4K_ASSOC       1
529 #define L1_DTLB_4K_ENTRIES   255
530 
531 #define L1_ITLB_2M_ASSOC       1
532 #define L1_ITLB_2M_ENTRIES   255
533 #define L1_ITLB_4K_ASSOC       1
534 #define L1_ITLB_4K_ENTRIES   255
535 
536 #define L2_DTLB_2M_ASSOC       0 /* disabled */
537 #define L2_DTLB_2M_ENTRIES     0 /* disabled */
538 #define L2_DTLB_4K_ASSOC       4
539 #define L2_DTLB_4K_ENTRIES   512
540 
541 #define L2_ITLB_2M_ASSOC       0 /* disabled */
542 #define L2_ITLB_2M_ENTRIES     0 /* disabled */
543 #define L2_ITLB_4K_ASSOC       4
544 #define L2_ITLB_4K_ENTRIES   512
545 
546 /* CPUID Leaf 0x14 constants: */
547 #define INTEL_PT_MAX_SUBLEAF     0x1
548 /*
549  * bit[00]: IA32_RTIT_CTL.CR3 filter can be set to 1 and IA32_RTIT_CR3_MATCH
550  *          MSR can be accessed;
551  * bit[01]: Support Configurable PSB and Cycle-Accurate Mode;
552  * bit[02]: Support IP Filtering, TraceStop filtering, and preservation
553  *          of Intel PT MSRs across warm reset;
554  * bit[03]: Support MTC timing packet and suppression of COFI-based packets;
555  */
556 #define INTEL_PT_MINIMAL_EBX     0xf
557 /*
558  * bit[00]: Tracing can be enabled with IA32_RTIT_CTL.ToPA = 1 and
559  *          IA32_RTIT_OUTPUT_BASE and IA32_RTIT_OUTPUT_MASK_PTRS MSRs can be
560  *          accessed;
561  * bit[01]: ToPA tables can hold any number of output entries, up to the
562  *          maximum allowed by the MaskOrTableOffset field of
563  *          IA32_RTIT_OUTPUT_MASK_PTRS;
564  * bit[02]: Support Single-Range Output scheme;
565  */
566 #define INTEL_PT_MINIMAL_ECX     0x7
567 /* generated packets which contain IP payloads have LIP values */
568 #define INTEL_PT_IP_LIP          (1 << 31)
569 #define INTEL_PT_ADDR_RANGES_NUM 0x2 /* Number of configurable address ranges */
570 #define INTEL_PT_ADDR_RANGES_NUM_MASK 0x3
571 #define INTEL_PT_MTC_BITMAP      (0x0249 << 16) /* Support ART(0,3,6,9) */
572 #define INTEL_PT_CYCLE_BITMAP    0x1fff         /* Support 0,2^(0~11) */
573 #define INTEL_PT_PSB_BITMAP      (0x003f << 16) /* Support 2K,4K,8K,16K,32K,64K */
574 
575 void x86_cpu_vendor_words2str(char *dst, uint32_t vendor1,
576                               uint32_t vendor2, uint32_t vendor3)
577 {
578     int i;
579     for (i = 0; i < 4; i++) {
580         dst[i] = vendor1 >> (8 * i);
581         dst[i + 4] = vendor2 >> (8 * i);
582         dst[i + 8] = vendor3 >> (8 * i);
583     }
584     dst[CPUID_VENDOR_SZ] = '\0';
585 }
586 
587 #define I486_FEATURES (CPUID_FP87 | CPUID_VME | CPUID_PSE)
588 #define PENTIUM_FEATURES (I486_FEATURES | CPUID_DE | CPUID_TSC | \
589           CPUID_MSR | CPUID_MCE | CPUID_CX8 | CPUID_MMX | CPUID_APIC)
590 #define PENTIUM2_FEATURES (PENTIUM_FEATURES | CPUID_PAE | CPUID_SEP | \
591           CPUID_MTRR | CPUID_PGE | CPUID_MCA | CPUID_CMOV | CPUID_PAT | \
592           CPUID_PSE36 | CPUID_FXSR)
593 #define PENTIUM3_FEATURES (PENTIUM2_FEATURES | CPUID_SSE)
594 #define PPRO_FEATURES (CPUID_FP87 | CPUID_DE | CPUID_PSE | CPUID_TSC | \
595           CPUID_MSR | CPUID_MCE | CPUID_CX8 | CPUID_PGE | CPUID_CMOV | \
596           CPUID_PAT | CPUID_FXSR | CPUID_MMX | CPUID_SSE | CPUID_SSE2 | \
597           CPUID_PAE | CPUID_SEP | CPUID_APIC)
598 
599 #define TCG_FEATURES (CPUID_FP87 | CPUID_PSE | CPUID_TSC | CPUID_MSR | \
600           CPUID_PAE | CPUID_MCE | CPUID_CX8 | CPUID_APIC | CPUID_SEP | \
601           CPUID_MTRR | CPUID_PGE | CPUID_MCA | CPUID_CMOV | CPUID_PAT | \
602           CPUID_PSE36 | CPUID_CLFLUSH | CPUID_ACPI | CPUID_MMX | \
603           CPUID_FXSR | CPUID_SSE | CPUID_SSE2 | CPUID_SS | CPUID_DE)
604           /* partly implemented:
605           CPUID_MTRR, CPUID_MCA, CPUID_CLFLUSH (needed for Win64) */
606           /* missing:
607           CPUID_VME, CPUID_DTS, CPUID_SS, CPUID_HT, CPUID_TM, CPUID_PBE */
608 #define TCG_EXT_FEATURES (CPUID_EXT_SSE3 | CPUID_EXT_PCLMULQDQ | \
609           CPUID_EXT_MONITOR | CPUID_EXT_SSSE3 | CPUID_EXT_CX16 | \
610           CPUID_EXT_SSE41 | CPUID_EXT_SSE42 | CPUID_EXT_POPCNT | \
611           CPUID_EXT_XSAVE | /* CPUID_EXT_OSXSAVE is dynamic */   \
612           CPUID_EXT_MOVBE | CPUID_EXT_AES | CPUID_EXT_HYPERVISOR | \
613           CPUID_EXT_RDRAND)
614           /* missing:
615           CPUID_EXT_DTES64, CPUID_EXT_DSCPL, CPUID_EXT_VMX, CPUID_EXT_SMX,
616           CPUID_EXT_EST, CPUID_EXT_TM2, CPUID_EXT_CID, CPUID_EXT_FMA,
617           CPUID_EXT_XTPR, CPUID_EXT_PDCM, CPUID_EXT_PCID, CPUID_EXT_DCA,
618           CPUID_EXT_X2APIC, CPUID_EXT_TSC_DEADLINE_TIMER, CPUID_EXT_AVX,
619           CPUID_EXT_F16C */
620 
621 #ifdef TARGET_X86_64
622 #define TCG_EXT2_X86_64_FEATURES (CPUID_EXT2_SYSCALL | CPUID_EXT2_LM)
623 #else
624 #define TCG_EXT2_X86_64_FEATURES 0
625 #endif
626 
627 #define TCG_EXT2_FEATURES ((TCG_FEATURES & CPUID_EXT2_AMD_ALIASES) | \
628           CPUID_EXT2_NX | CPUID_EXT2_MMXEXT | CPUID_EXT2_RDTSCP | \
629           CPUID_EXT2_3DNOW | CPUID_EXT2_3DNOWEXT | CPUID_EXT2_PDPE1GB | \
630           TCG_EXT2_X86_64_FEATURES)
631 #define TCG_EXT3_FEATURES (CPUID_EXT3_LAHF_LM | CPUID_EXT3_SVM | \
632           CPUID_EXT3_CR8LEG | CPUID_EXT3_ABM | CPUID_EXT3_SSE4A)
633 #define TCG_EXT4_FEATURES 0
634 #define TCG_SVM_FEATURES CPUID_SVM_NPT
635 #define TCG_KVM_FEATURES 0
636 #define TCG_7_0_EBX_FEATURES (CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_SMAP | \
637           CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ADX | \
638           CPUID_7_0_EBX_PCOMMIT | CPUID_7_0_EBX_CLFLUSHOPT |            \
639           CPUID_7_0_EBX_CLWB | CPUID_7_0_EBX_MPX | CPUID_7_0_EBX_FSGSBASE | \
640           CPUID_7_0_EBX_ERMS)
641           /* missing:
642           CPUID_7_0_EBX_HLE, CPUID_7_0_EBX_AVX2,
643           CPUID_7_0_EBX_INVPCID, CPUID_7_0_EBX_RTM,
644           CPUID_7_0_EBX_RDSEED */
645 #define TCG_7_0_ECX_FEATURES (CPUID_7_0_ECX_PKU | \
646           /* CPUID_7_0_ECX_OSPKE is dynamic */ \
647           CPUID_7_0_ECX_LA57 | CPUID_7_0_ECX_PKS)
648 #define TCG_7_0_EDX_FEATURES 0
649 #define TCG_7_1_EAX_FEATURES 0
650 #define TCG_APM_FEATURES 0
651 #define TCG_6_EAX_FEATURES CPUID_6_EAX_ARAT
652 #define TCG_XSAVE_FEATURES (CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XGETBV1)
653           /* missing:
654           CPUID_XSAVE_XSAVEC, CPUID_XSAVE_XSAVES */
655 #define TCG_14_0_ECX_FEATURES 0
656 
657 FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
658     [FEAT_1_EDX] = {
659         .type = CPUID_FEATURE_WORD,
660         .feat_names = {
661             "fpu", "vme", "de", "pse",
662             "tsc", "msr", "pae", "mce",
663             "cx8", "apic", NULL, "sep",
664             "mtrr", "pge", "mca", "cmov",
665             "pat", "pse36", "pn" /* Intel psn */, "clflush" /* Intel clfsh */,
666             NULL, "ds" /* Intel dts */, "acpi", "mmx",
667             "fxsr", "sse", "sse2", "ss",
668             "ht" /* Intel htt */, "tm", "ia64", "pbe",
669         },
670         .cpuid = {.eax = 1, .reg = R_EDX, },
671         .tcg_features = TCG_FEATURES,
672     },
673     [FEAT_1_ECX] = {
674         .type = CPUID_FEATURE_WORD,
675         .feat_names = {
676             "pni" /* Intel,AMD sse3 */, "pclmulqdq", "dtes64", "monitor",
677             "ds-cpl", "vmx", "smx", "est",
678             "tm2", "ssse3", "cid", NULL,
679             "fma", "cx16", "xtpr", "pdcm",
680             NULL, "pcid", "dca", "sse4.1",
681             "sse4.2", "x2apic", "movbe", "popcnt",
682             "tsc-deadline", "aes", "xsave", NULL /* osxsave */,
683             "avx", "f16c", "rdrand", "hypervisor",
684         },
685         .cpuid = { .eax = 1, .reg = R_ECX, },
686         .tcg_features = TCG_EXT_FEATURES,
687     },
688     /* Feature names that are already defined on feature_name[] but
689      * are set on CPUID[8000_0001].EDX on AMD CPUs don't have their
690      * names on feat_names below. They are copied automatically
691      * to features[FEAT_8000_0001_EDX] if and only if CPU vendor is AMD.
692      */
693     [FEAT_8000_0001_EDX] = {
694         .type = CPUID_FEATURE_WORD,
695         .feat_names = {
696             NULL /* fpu */, NULL /* vme */, NULL /* de */, NULL /* pse */,
697             NULL /* tsc */, NULL /* msr */, NULL /* pae */, NULL /* mce */,
698             NULL /* cx8 */, NULL /* apic */, NULL, "syscall",
699             NULL /* mtrr */, NULL /* pge */, NULL /* mca */, NULL /* cmov */,
700             NULL /* pat */, NULL /* pse36 */, NULL, NULL /* Linux mp */,
701             "nx", NULL, "mmxext", NULL /* mmx */,
702             NULL /* fxsr */, "fxsr-opt", "pdpe1gb", "rdtscp",
703             NULL, "lm", "3dnowext", "3dnow",
704         },
705         .cpuid = { .eax = 0x80000001, .reg = R_EDX, },
706         .tcg_features = TCG_EXT2_FEATURES,
707     },
708     [FEAT_8000_0001_ECX] = {
709         .type = CPUID_FEATURE_WORD,
710         .feat_names = {
711             "lahf-lm", "cmp-legacy", "svm", "extapic",
712             "cr8legacy", "abm", "sse4a", "misalignsse",
713             "3dnowprefetch", "osvw", "ibs", "xop",
714             "skinit", "wdt", NULL, "lwp",
715             "fma4", "tce", NULL, "nodeid-msr",
716             NULL, "tbm", "topoext", "perfctr-core",
717             "perfctr-nb", NULL, NULL, NULL,
718             NULL, NULL, NULL, NULL,
719         },
720         .cpuid = { .eax = 0x80000001, .reg = R_ECX, },
721         .tcg_features = TCG_EXT3_FEATURES,
722         /*
723          * TOPOEXT is always allowed but can't be enabled blindly by
724          * "-cpu host", as it requires consistent cache topology info
725          * to be provided so it doesn't confuse guests.
726          */
727         .no_autoenable_flags = CPUID_EXT3_TOPOEXT,
728     },
729     [FEAT_C000_0001_EDX] = {
730         .type = CPUID_FEATURE_WORD,
731         .feat_names = {
732             NULL, NULL, "xstore", "xstore-en",
733             NULL, NULL, "xcrypt", "xcrypt-en",
734             "ace2", "ace2-en", "phe", "phe-en",
735             "pmm", "pmm-en", NULL, NULL,
736             NULL, NULL, NULL, NULL,
737             NULL, NULL, NULL, NULL,
738             NULL, NULL, NULL, NULL,
739             NULL, NULL, NULL, NULL,
740         },
741         .cpuid = { .eax = 0xC0000001, .reg = R_EDX, },
742         .tcg_features = TCG_EXT4_FEATURES,
743     },
744     [FEAT_KVM] = {
745         .type = CPUID_FEATURE_WORD,
746         .feat_names = {
747             "kvmclock", "kvm-nopiodelay", "kvm-mmu", "kvmclock",
748             "kvm-asyncpf", "kvm-steal-time", "kvm-pv-eoi", "kvm-pv-unhalt",
749             NULL, "kvm-pv-tlb-flush", NULL, "kvm-pv-ipi",
750             "kvm-poll-control", "kvm-pv-sched-yield", "kvm-asyncpf-int", "kvm-msi-ext-dest-id",
751             NULL, NULL, NULL, NULL,
752             NULL, NULL, NULL, NULL,
753             "kvmclock-stable-bit", NULL, NULL, NULL,
754             NULL, NULL, NULL, NULL,
755         },
756         .cpuid = { .eax = KVM_CPUID_FEATURES, .reg = R_EAX, },
757         .tcg_features = TCG_KVM_FEATURES,
758     },
759     [FEAT_KVM_HINTS] = {
760         .type = CPUID_FEATURE_WORD,
761         .feat_names = {
762             "kvm-hint-dedicated", NULL, NULL, NULL,
763             NULL, NULL, NULL, NULL,
764             NULL, NULL, NULL, NULL,
765             NULL, NULL, NULL, NULL,
766             NULL, NULL, NULL, NULL,
767             NULL, NULL, NULL, NULL,
768             NULL, NULL, NULL, NULL,
769             NULL, NULL, NULL, NULL,
770         },
771         .cpuid = { .eax = KVM_CPUID_FEATURES, .reg = R_EDX, },
772         .tcg_features = TCG_KVM_FEATURES,
773         /*
774          * KVM hints aren't auto-enabled by -cpu host, they need to be
775          * explicitly enabled in the command-line.
776          */
777         .no_autoenable_flags = ~0U,
778     },
779     [FEAT_SVM] = {
780         .type = CPUID_FEATURE_WORD,
781         .feat_names = {
782             "npt", "lbrv", "svm-lock", "nrip-save",
783             "tsc-scale", "vmcb-clean",  "flushbyasid", "decodeassists",
784             NULL, NULL, "pause-filter", NULL,
785             "pfthreshold", "avic", NULL, "v-vmsave-vmload",
786             "vgif", NULL, NULL, NULL,
787             NULL, NULL, NULL, NULL,
788             NULL, NULL, NULL, NULL,
789             "svme-addr-chk", NULL, NULL, NULL,
790         },
791         .cpuid = { .eax = 0x8000000A, .reg = R_EDX, },
792         .tcg_features = TCG_SVM_FEATURES,
793     },
794     [FEAT_7_0_EBX] = {
795         .type = CPUID_FEATURE_WORD,
796         .feat_names = {
797             "fsgsbase", "tsc-adjust", NULL, "bmi1",
798             "hle", "avx2", NULL, "smep",
799             "bmi2", "erms", "invpcid", "rtm",
800             NULL, NULL, "mpx", NULL,
801             "avx512f", "avx512dq", "rdseed", "adx",
802             "smap", "avx512ifma", "pcommit", "clflushopt",
803             "clwb", "intel-pt", "avx512pf", "avx512er",
804             "avx512cd", "sha-ni", "avx512bw", "avx512vl",
805         },
806         .cpuid = {
807             .eax = 7,
808             .needs_ecx = true, .ecx = 0,
809             .reg = R_EBX,
810         },
811         .tcg_features = TCG_7_0_EBX_FEATURES,
812     },
813     [FEAT_7_0_ECX] = {
814         .type = CPUID_FEATURE_WORD,
815         .feat_names = {
816             NULL, "avx512vbmi", "umip", "pku",
817             NULL /* ospke */, "waitpkg", "avx512vbmi2", NULL,
818             "gfni", "vaes", "vpclmulqdq", "avx512vnni",
819             "avx512bitalg", NULL, "avx512-vpopcntdq", NULL,
820             "la57", NULL, NULL, NULL,
821             NULL, NULL, "rdpid", NULL,
822             "bus-lock-detect", "cldemote", NULL, "movdiri",
823             "movdir64b", NULL, NULL, "pks",
824         },
825         .cpuid = {
826             .eax = 7,
827             .needs_ecx = true, .ecx = 0,
828             .reg = R_ECX,
829         },
830         .tcg_features = TCG_7_0_ECX_FEATURES,
831     },
832     [FEAT_7_0_EDX] = {
833         .type = CPUID_FEATURE_WORD,
834         .feat_names = {
835             NULL, NULL, "avx512-4vnniw", "avx512-4fmaps",
836             "fsrm", NULL, NULL, NULL,
837             "avx512-vp2intersect", NULL, "md-clear", NULL,
838             NULL, NULL, "serialize", NULL,
839             "tsx-ldtrk", NULL, NULL /* pconfig */, NULL,
840             NULL, NULL, NULL, "avx512-fp16",
841             NULL, NULL, "spec-ctrl", "stibp",
842             NULL, "arch-capabilities", "core-capability", "ssbd",
843         },
844         .cpuid = {
845             .eax = 7,
846             .needs_ecx = true, .ecx = 0,
847             .reg = R_EDX,
848         },
849         .tcg_features = TCG_7_0_EDX_FEATURES,
850     },
851     [FEAT_7_1_EAX] = {
852         .type = CPUID_FEATURE_WORD,
853         .feat_names = {
854             NULL, NULL, NULL, NULL,
855             "avx-vnni", "avx512-bf16", NULL, NULL,
856             NULL, NULL, NULL, NULL,
857             NULL, NULL, NULL, NULL,
858             NULL, NULL, NULL, NULL,
859             NULL, NULL, NULL, NULL,
860             NULL, NULL, NULL, NULL,
861             NULL, NULL, NULL, NULL,
862         },
863         .cpuid = {
864             .eax = 7,
865             .needs_ecx = true, .ecx = 1,
866             .reg = R_EAX,
867         },
868         .tcg_features = TCG_7_1_EAX_FEATURES,
869     },
870     [FEAT_8000_0007_EDX] = {
871         .type = CPUID_FEATURE_WORD,
872         .feat_names = {
873             NULL, NULL, NULL, NULL,
874             NULL, NULL, NULL, NULL,
875             "invtsc", NULL, NULL, NULL,
876             NULL, NULL, NULL, NULL,
877             NULL, NULL, NULL, NULL,
878             NULL, NULL, NULL, NULL,
879             NULL, NULL, NULL, NULL,
880             NULL, NULL, NULL, NULL,
881         },
882         .cpuid = { .eax = 0x80000007, .reg = R_EDX, },
883         .tcg_features = TCG_APM_FEATURES,
884         .unmigratable_flags = CPUID_APM_INVTSC,
885     },
886     [FEAT_8000_0008_EBX] = {
887         .type = CPUID_FEATURE_WORD,
888         .feat_names = {
889             "clzero", NULL, "xsaveerptr", NULL,
890             NULL, NULL, NULL, NULL,
891             NULL, "wbnoinvd", NULL, NULL,
892             "ibpb", NULL, "ibrs", "amd-stibp",
893             NULL, NULL, NULL, NULL,
894             NULL, NULL, NULL, NULL,
895             "amd-ssbd", "virt-ssbd", "amd-no-ssb", NULL,
896             NULL, NULL, NULL, NULL,
897         },
898         .cpuid = { .eax = 0x80000008, .reg = R_EBX, },
899         .tcg_features = 0,
900         .unmigratable_flags = 0,
901     },
902     [FEAT_XSAVE] = {
903         .type = CPUID_FEATURE_WORD,
904         .feat_names = {
905             "xsaveopt", "xsavec", "xgetbv1", "xsaves",
906             NULL, NULL, NULL, NULL,
907             NULL, NULL, NULL, NULL,
908             NULL, NULL, NULL, NULL,
909             NULL, NULL, NULL, NULL,
910             NULL, NULL, NULL, NULL,
911             NULL, NULL, NULL, NULL,
912             NULL, NULL, NULL, NULL,
913         },
914         .cpuid = {
915             .eax = 0xd,
916             .needs_ecx = true, .ecx = 1,
917             .reg = R_EAX,
918         },
919         .tcg_features = TCG_XSAVE_FEATURES,
920     },
921     [FEAT_6_EAX] = {
922         .type = CPUID_FEATURE_WORD,
923         .feat_names = {
924             NULL, NULL, "arat", NULL,
925             NULL, NULL, NULL, NULL,
926             NULL, NULL, NULL, NULL,
927             NULL, NULL, NULL, NULL,
928             NULL, NULL, NULL, NULL,
929             NULL, NULL, NULL, NULL,
930             NULL, NULL, NULL, NULL,
931             NULL, NULL, NULL, NULL,
932         },
933         .cpuid = { .eax = 6, .reg = R_EAX, },
934         .tcg_features = TCG_6_EAX_FEATURES,
935     },
936     [FEAT_XSAVE_COMP_LO] = {
937         .type = CPUID_FEATURE_WORD,
938         .cpuid = {
939             .eax = 0xD,
940             .needs_ecx = true, .ecx = 0,
941             .reg = R_EAX,
942         },
943         .tcg_features = ~0U,
944         .migratable_flags = XSTATE_FP_MASK | XSTATE_SSE_MASK |
945             XSTATE_YMM_MASK | XSTATE_BNDREGS_MASK | XSTATE_BNDCSR_MASK |
946             XSTATE_OPMASK_MASK | XSTATE_ZMM_Hi256_MASK | XSTATE_Hi16_ZMM_MASK |
947             XSTATE_PKRU_MASK,
948     },
949     [FEAT_XSAVE_COMP_HI] = {
950         .type = CPUID_FEATURE_WORD,
951         .cpuid = {
952             .eax = 0xD,
953             .needs_ecx = true, .ecx = 0,
954             .reg = R_EDX,
955         },
956         .tcg_features = ~0U,
957     },
958     /*Below are MSR exposed features*/
959     [FEAT_ARCH_CAPABILITIES] = {
960         .type = MSR_FEATURE_WORD,
961         .feat_names = {
962             "rdctl-no", "ibrs-all", "rsba", "skip-l1dfl-vmentry",
963             "ssb-no", "mds-no", "pschange-mc-no", "tsx-ctrl",
964             "taa-no", NULL, NULL, NULL,
965             NULL, NULL, NULL, NULL,
966             NULL, NULL, NULL, NULL,
967             NULL, NULL, NULL, NULL,
968             NULL, NULL, NULL, NULL,
969             NULL, NULL, NULL, NULL,
970         },
971         .msr = {
972             .index = MSR_IA32_ARCH_CAPABILITIES,
973         },
974     },
975     [FEAT_CORE_CAPABILITY] = {
976         .type = MSR_FEATURE_WORD,
977         .feat_names = {
978             NULL, NULL, NULL, NULL,
979             NULL, "split-lock-detect", NULL, NULL,
980             NULL, NULL, NULL, NULL,
981             NULL, NULL, NULL, NULL,
982             NULL, NULL, NULL, NULL,
983             NULL, NULL, NULL, NULL,
984             NULL, NULL, NULL, NULL,
985             NULL, NULL, NULL, NULL,
986         },
987         .msr = {
988             .index = MSR_IA32_CORE_CAPABILITY,
989         },
990     },
991     [FEAT_PERF_CAPABILITIES] = {
992         .type = MSR_FEATURE_WORD,
993         .feat_names = {
994             NULL, NULL, NULL, NULL,
995             NULL, NULL, NULL, NULL,
996             NULL, NULL, NULL, NULL,
997             NULL, "full-width-write", NULL, NULL,
998             NULL, NULL, NULL, NULL,
999             NULL, NULL, NULL, NULL,
1000             NULL, NULL, NULL, NULL,
1001             NULL, NULL, NULL, NULL,
1002         },
1003         .msr = {
1004             .index = MSR_IA32_PERF_CAPABILITIES,
1005         },
1006     },
1007 
1008     [FEAT_VMX_PROCBASED_CTLS] = {
1009         .type = MSR_FEATURE_WORD,
1010         .feat_names = {
1011             NULL, NULL, "vmx-vintr-pending", "vmx-tsc-offset",
1012             NULL, NULL, NULL, "vmx-hlt-exit",
1013             NULL, "vmx-invlpg-exit", "vmx-mwait-exit", "vmx-rdpmc-exit",
1014             "vmx-rdtsc-exit", NULL, NULL, "vmx-cr3-load-noexit",
1015             "vmx-cr3-store-noexit", NULL, NULL, "vmx-cr8-load-exit",
1016             "vmx-cr8-store-exit", "vmx-flexpriority", "vmx-vnmi-pending", "vmx-movdr-exit",
1017             "vmx-io-exit", "vmx-io-bitmap", NULL, "vmx-mtf",
1018             "vmx-msr-bitmap", "vmx-monitor-exit", "vmx-pause-exit", "vmx-secondary-ctls",
1019         },
1020         .msr = {
1021             .index = MSR_IA32_VMX_TRUE_PROCBASED_CTLS,
1022         }
1023     },
1024 
1025     [FEAT_VMX_SECONDARY_CTLS] = {
1026         .type = MSR_FEATURE_WORD,
1027         .feat_names = {
1028             "vmx-apicv-xapic", "vmx-ept", "vmx-desc-exit", "vmx-rdtscp-exit",
1029             "vmx-apicv-x2apic", "vmx-vpid", "vmx-wbinvd-exit", "vmx-unrestricted-guest",
1030             "vmx-apicv-register", "vmx-apicv-vid", "vmx-ple", "vmx-rdrand-exit",
1031             "vmx-invpcid-exit", "vmx-vmfunc", "vmx-shadow-vmcs", "vmx-encls-exit",
1032             "vmx-rdseed-exit", "vmx-pml", NULL, NULL,
1033             "vmx-xsaves", NULL, NULL, NULL,
1034             NULL, NULL, NULL, NULL,
1035             NULL, NULL, NULL, NULL,
1036         },
1037         .msr = {
1038             .index = MSR_IA32_VMX_PROCBASED_CTLS2,
1039         }
1040     },
1041 
1042     [FEAT_VMX_PINBASED_CTLS] = {
1043         .type = MSR_FEATURE_WORD,
1044         .feat_names = {
1045             "vmx-intr-exit", NULL, NULL, "vmx-nmi-exit",
1046             NULL, "vmx-vnmi", "vmx-preemption-timer", "vmx-posted-intr",
1047             NULL, NULL, NULL, NULL,
1048             NULL, NULL, NULL, NULL,
1049             NULL, NULL, NULL, NULL,
1050             NULL, NULL, NULL, NULL,
1051             NULL, NULL, NULL, NULL,
1052             NULL, NULL, NULL, NULL,
1053         },
1054         .msr = {
1055             .index = MSR_IA32_VMX_TRUE_PINBASED_CTLS,
1056         }
1057     },
1058 
1059     [FEAT_VMX_EXIT_CTLS] = {
1060         .type = MSR_FEATURE_WORD,
1061         /*
1062          * VMX_VM_EXIT_HOST_ADDR_SPACE_SIZE is copied from
1063          * the LM CPUID bit.
1064          */
1065         .feat_names = {
1066             NULL, NULL, "vmx-exit-nosave-debugctl", NULL,
1067             NULL, NULL, NULL, NULL,
1068             NULL, NULL /* vmx-exit-host-addr-space-size */, NULL, NULL,
1069             "vmx-exit-load-perf-global-ctrl", NULL, NULL, "vmx-exit-ack-intr",
1070             NULL, NULL, "vmx-exit-save-pat", "vmx-exit-load-pat",
1071             "vmx-exit-save-efer", "vmx-exit-load-efer",
1072                 "vmx-exit-save-preemption-timer", "vmx-exit-clear-bndcfgs",
1073             NULL, "vmx-exit-clear-rtit-ctl", NULL, NULL,
1074             NULL, "vmx-exit-load-pkrs", NULL, NULL,
1075         },
1076         .msr = {
1077             .index = MSR_IA32_VMX_TRUE_EXIT_CTLS,
1078         }
1079     },
1080 
1081     [FEAT_VMX_ENTRY_CTLS] = {
1082         .type = MSR_FEATURE_WORD,
1083         .feat_names = {
1084             NULL, NULL, "vmx-entry-noload-debugctl", NULL,
1085             NULL, NULL, NULL, NULL,
1086             NULL, "vmx-entry-ia32e-mode", NULL, NULL,
1087             NULL, "vmx-entry-load-perf-global-ctrl", "vmx-entry-load-pat", "vmx-entry-load-efer",
1088             "vmx-entry-load-bndcfgs", NULL, "vmx-entry-load-rtit-ctl", NULL,
1089             NULL, NULL, "vmx-entry-load-pkrs", NULL,
1090             NULL, NULL, NULL, NULL,
1091             NULL, NULL, NULL, NULL,
1092         },
1093         .msr = {
1094             .index = MSR_IA32_VMX_TRUE_ENTRY_CTLS,
1095         }
1096     },
1097 
1098     [FEAT_VMX_MISC] = {
1099         .type = MSR_FEATURE_WORD,
1100         .feat_names = {
1101             NULL, NULL, NULL, NULL,
1102             NULL, "vmx-store-lma", "vmx-activity-hlt", "vmx-activity-shutdown",
1103             "vmx-activity-wait-sipi", NULL, NULL, NULL,
1104             NULL, NULL, NULL, NULL,
1105             NULL, NULL, NULL, NULL,
1106             NULL, NULL, NULL, NULL,
1107             NULL, NULL, NULL, NULL,
1108             NULL, "vmx-vmwrite-vmexit-fields", "vmx-zero-len-inject", NULL,
1109         },
1110         .msr = {
1111             .index = MSR_IA32_VMX_MISC,
1112         }
1113     },
1114 
1115     [FEAT_VMX_EPT_VPID_CAPS] = {
1116         .type = MSR_FEATURE_WORD,
1117         .feat_names = {
1118             "vmx-ept-execonly", NULL, NULL, NULL,
1119             NULL, NULL, "vmx-page-walk-4", "vmx-page-walk-5",
1120             NULL, NULL, NULL, NULL,
1121             NULL, NULL, NULL, NULL,
1122             "vmx-ept-2mb", "vmx-ept-1gb", NULL, NULL,
1123             "vmx-invept", "vmx-eptad", "vmx-ept-advanced-exitinfo", NULL,
1124             NULL, "vmx-invept-single-context", "vmx-invept-all-context", NULL,
1125             NULL, NULL, NULL, NULL,
1126             "vmx-invvpid", NULL, NULL, NULL,
1127             NULL, NULL, NULL, NULL,
1128             "vmx-invvpid-single-addr", "vmx-invept-single-context",
1129                 "vmx-invvpid-all-context", "vmx-invept-single-context-noglobals",
1130             NULL, NULL, NULL, NULL,
1131             NULL, NULL, NULL, NULL,
1132             NULL, NULL, NULL, NULL,
1133             NULL, NULL, NULL, NULL,
1134             NULL, NULL, NULL, NULL,
1135         },
1136         .msr = {
1137             .index = MSR_IA32_VMX_EPT_VPID_CAP,
1138         }
1139     },
1140 
1141     [FEAT_VMX_BASIC] = {
1142         .type = MSR_FEATURE_WORD,
1143         .feat_names = {
1144             [54] = "vmx-ins-outs",
1145             [55] = "vmx-true-ctls",
1146         },
1147         .msr = {
1148             .index = MSR_IA32_VMX_BASIC,
1149         },
1150         /* Just to be safe - we don't support setting the MSEG version field.  */
1151         .no_autoenable_flags = MSR_VMX_BASIC_DUAL_MONITOR,
1152     },
1153 
1154     [FEAT_VMX_VMFUNC] = {
1155         .type = MSR_FEATURE_WORD,
1156         .feat_names = {
1157             [0] = "vmx-eptp-switching",
1158         },
1159         .msr = {
1160             .index = MSR_IA32_VMX_VMFUNC,
1161         }
1162     },
1163 
1164     [FEAT_14_0_ECX] = {
1165         .type = CPUID_FEATURE_WORD,
1166         .feat_names = {
1167             NULL, NULL, NULL, NULL,
1168             NULL, NULL, NULL, NULL,
1169             NULL, NULL, NULL, NULL,
1170             NULL, NULL, NULL, NULL,
1171             NULL, NULL, NULL, NULL,
1172             NULL, NULL, NULL, NULL,
1173             NULL, NULL, NULL, NULL,
1174             NULL, NULL, NULL, "intel-pt-lip",
1175         },
1176         .cpuid = {
1177             .eax = 0x14,
1178             .needs_ecx = true, .ecx = 0,
1179             .reg = R_ECX,
1180         },
1181         .tcg_features = TCG_14_0_ECX_FEATURES,
1182      },
1183 
1184 };
1185 
1186 typedef struct FeatureMask {
1187     FeatureWord index;
1188     uint64_t mask;
1189 } FeatureMask;
1190 
1191 typedef struct FeatureDep {
1192     FeatureMask from, to;
1193 } FeatureDep;
1194 
1195 static FeatureDep feature_dependencies[] = {
1196     {
1197         .from = { FEAT_7_0_EDX,             CPUID_7_0_EDX_ARCH_CAPABILITIES },
1198         .to = { FEAT_ARCH_CAPABILITIES,     ~0ull },
1199     },
1200     {
1201         .from = { FEAT_7_0_EDX,             CPUID_7_0_EDX_CORE_CAPABILITY },
1202         .to = { FEAT_CORE_CAPABILITY,       ~0ull },
1203     },
1204     {
1205         .from = { FEAT_1_ECX,             CPUID_EXT_PDCM },
1206         .to = { FEAT_PERF_CAPABILITIES,       ~0ull },
1207     },
1208     {
1209         .from = { FEAT_1_ECX,               CPUID_EXT_VMX },
1210         .to = { FEAT_VMX_PROCBASED_CTLS,    ~0ull },
1211     },
1212     {
1213         .from = { FEAT_1_ECX,               CPUID_EXT_VMX },
1214         .to = { FEAT_VMX_PINBASED_CTLS,     ~0ull },
1215     },
1216     {
1217         .from = { FEAT_1_ECX,               CPUID_EXT_VMX },
1218         .to = { FEAT_VMX_EXIT_CTLS,         ~0ull },
1219     },
1220     {
1221         .from = { FEAT_1_ECX,               CPUID_EXT_VMX },
1222         .to = { FEAT_VMX_ENTRY_CTLS,        ~0ull },
1223     },
1224     {
1225         .from = { FEAT_1_ECX,               CPUID_EXT_VMX },
1226         .to = { FEAT_VMX_MISC,              ~0ull },
1227     },
1228     {
1229         .from = { FEAT_1_ECX,               CPUID_EXT_VMX },
1230         .to = { FEAT_VMX_BASIC,             ~0ull },
1231     },
1232     {
1233         .from = { FEAT_8000_0001_EDX,       CPUID_EXT2_LM },
1234         .to = { FEAT_VMX_ENTRY_CTLS,        VMX_VM_ENTRY_IA32E_MODE },
1235     },
1236     {
1237         .from = { FEAT_VMX_PROCBASED_CTLS,  VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS },
1238         .to = { FEAT_VMX_SECONDARY_CTLS,    ~0ull },
1239     },
1240     {
1241         .from = { FEAT_XSAVE,               CPUID_XSAVE_XSAVES },
1242         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_XSAVES },
1243     },
1244     {
1245         .from = { FEAT_1_ECX,               CPUID_EXT_RDRAND },
1246         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_RDRAND_EXITING },
1247     },
1248     {
1249         .from = { FEAT_7_0_EBX,             CPUID_7_0_EBX_INVPCID },
1250         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_ENABLE_INVPCID },
1251     },
1252     {
1253         .from = { FEAT_7_0_EBX,             CPUID_7_0_EBX_RDSEED },
1254         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_RDSEED_EXITING },
1255     },
1256     {
1257         .from = { FEAT_7_0_EBX,             CPUID_7_0_EBX_INTEL_PT },
1258         .to = { FEAT_14_0_ECX,              ~0ull },
1259     },
1260     {
1261         .from = { FEAT_8000_0001_EDX,       CPUID_EXT2_RDTSCP },
1262         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_RDTSCP },
1263     },
1264     {
1265         .from = { FEAT_VMX_SECONDARY_CTLS,  VMX_SECONDARY_EXEC_ENABLE_EPT },
1266         .to = { FEAT_VMX_EPT_VPID_CAPS,     0xffffffffull },
1267     },
1268     {
1269         .from = { FEAT_VMX_SECONDARY_CTLS,  VMX_SECONDARY_EXEC_ENABLE_EPT },
1270         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST },
1271     },
1272     {
1273         .from = { FEAT_VMX_SECONDARY_CTLS,  VMX_SECONDARY_EXEC_ENABLE_VPID },
1274         .to = { FEAT_VMX_EPT_VPID_CAPS,     0xffffffffull << 32 },
1275     },
1276     {
1277         .from = { FEAT_VMX_SECONDARY_CTLS,  VMX_SECONDARY_EXEC_ENABLE_VMFUNC },
1278         .to = { FEAT_VMX_VMFUNC,            ~0ull },
1279     },
1280     {
1281         .from = { FEAT_8000_0001_ECX,       CPUID_EXT3_SVM },
1282         .to = { FEAT_SVM,                   ~0ull },
1283     },
1284 };
1285 
1286 typedef struct X86RegisterInfo32 {
1287     /* Name of register */
1288     const char *name;
1289     /* QAPI enum value register */
1290     X86CPURegister32 qapi_enum;
1291 } X86RegisterInfo32;
1292 
1293 #define REGISTER(reg) \
1294     [R_##reg] = { .name = #reg, .qapi_enum = X86_CPU_REGISTER32_##reg }
1295 static const X86RegisterInfo32 x86_reg_info_32[CPU_NB_REGS32] = {
1296     REGISTER(EAX),
1297     REGISTER(ECX),
1298     REGISTER(EDX),
1299     REGISTER(EBX),
1300     REGISTER(ESP),
1301     REGISTER(EBP),
1302     REGISTER(ESI),
1303     REGISTER(EDI),
1304 };
1305 #undef REGISTER
1306 
1307 typedef struct ExtSaveArea {
1308     uint32_t feature, bits;
1309     uint32_t offset, size;
1310 } ExtSaveArea;
1311 
1312 static const ExtSaveArea x86_ext_save_areas[] = {
1313     [XSTATE_FP_BIT] = {
1314         /* x87 FP state component is always enabled if XSAVE is supported */
1315         .feature = FEAT_1_ECX, .bits = CPUID_EXT_XSAVE,
1316         /* x87 state is in the legacy region of the XSAVE area */
1317         .offset = 0,
1318         .size = sizeof(X86LegacyXSaveArea) + sizeof(X86XSaveHeader),
1319     },
1320     [XSTATE_SSE_BIT] = {
1321         /* SSE state component is always enabled if XSAVE is supported */
1322         .feature = FEAT_1_ECX, .bits = CPUID_EXT_XSAVE,
1323         /* SSE state is in the legacy region of the XSAVE area */
1324         .offset = 0,
1325         .size = sizeof(X86LegacyXSaveArea) + sizeof(X86XSaveHeader),
1326     },
1327     [XSTATE_YMM_BIT] =
1328           { .feature = FEAT_1_ECX, .bits = CPUID_EXT_AVX,
1329             .offset = offsetof(X86XSaveArea, avx_state),
1330             .size = sizeof(XSaveAVX) },
1331     [XSTATE_BNDREGS_BIT] =
1332           { .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_MPX,
1333             .offset = offsetof(X86XSaveArea, bndreg_state),
1334             .size = sizeof(XSaveBNDREG)  },
1335     [XSTATE_BNDCSR_BIT] =
1336           { .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_MPX,
1337             .offset = offsetof(X86XSaveArea, bndcsr_state),
1338             .size = sizeof(XSaveBNDCSR)  },
1339     [XSTATE_OPMASK_BIT] =
1340           { .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_AVX512F,
1341             .offset = offsetof(X86XSaveArea, opmask_state),
1342             .size = sizeof(XSaveOpmask) },
1343     [XSTATE_ZMM_Hi256_BIT] =
1344           { .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_AVX512F,
1345             .offset = offsetof(X86XSaveArea, zmm_hi256_state),
1346             .size = sizeof(XSaveZMM_Hi256) },
1347     [XSTATE_Hi16_ZMM_BIT] =
1348           { .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_AVX512F,
1349             .offset = offsetof(X86XSaveArea, hi16_zmm_state),
1350             .size = sizeof(XSaveHi16_ZMM) },
1351     [XSTATE_PKRU_BIT] =
1352           { .feature = FEAT_7_0_ECX, .bits = CPUID_7_0_ECX_PKU,
1353             .offset = offsetof(X86XSaveArea, pkru_state),
1354             .size = sizeof(XSavePKRU) },
1355 };
1356 
1357 static uint32_t xsave_area_size(uint64_t mask)
1358 {
1359     int i;
1360     uint64_t ret = 0;
1361 
1362     for (i = 0; i < ARRAY_SIZE(x86_ext_save_areas); i++) {
1363         const ExtSaveArea *esa = &x86_ext_save_areas[i];
1364         if ((mask >> i) & 1) {
1365             ret = MAX(ret, esa->offset + esa->size);
1366         }
1367     }
1368     return ret;
1369 }
1370 
1371 static inline bool accel_uses_host_cpuid(void)
1372 {
1373     return kvm_enabled() || hvf_enabled();
1374 }
1375 
1376 static inline uint64_t x86_cpu_xsave_components(X86CPU *cpu)
1377 {
1378     return ((uint64_t)cpu->env.features[FEAT_XSAVE_COMP_HI]) << 32 |
1379            cpu->env.features[FEAT_XSAVE_COMP_LO];
1380 }
1381 
1382 /* Return name of 32-bit register, from a R_* constant */
1383 static const char *get_register_name_32(unsigned int reg)
1384 {
1385     if (reg >= CPU_NB_REGS32) {
1386         return NULL;
1387     }
1388     return x86_reg_info_32[reg].name;
1389 }
1390 
1391 /*
1392  * Returns the set of feature flags that are supported and migratable by
1393  * QEMU, for a given FeatureWord.
1394  */
1395 static uint64_t x86_cpu_get_migratable_flags(FeatureWord w)
1396 {
1397     FeatureWordInfo *wi = &feature_word_info[w];
1398     uint64_t r = 0;
1399     int i;
1400 
1401     for (i = 0; i < 64; i++) {
1402         uint64_t f = 1ULL << i;
1403 
1404         /* If the feature name is known, it is implicitly considered migratable,
1405          * unless it is explicitly set in unmigratable_flags */
1406         if ((wi->migratable_flags & f) ||
1407             (wi->feat_names[i] && !(wi->unmigratable_flags & f))) {
1408             r |= f;
1409         }
1410     }
1411     return r;
1412 }
1413 
1414 void host_cpuid(uint32_t function, uint32_t count,
1415                 uint32_t *eax, uint32_t *ebx, uint32_t *ecx, uint32_t *edx)
1416 {
1417     uint32_t vec[4];
1418 
1419 #ifdef __x86_64__
1420     asm volatile("cpuid"
1421                  : "=a"(vec[0]), "=b"(vec[1]),
1422                    "=c"(vec[2]), "=d"(vec[3])
1423                  : "0"(function), "c"(count) : "cc");
1424 #elif defined(__i386__)
1425     asm volatile("pusha \n\t"
1426                  "cpuid \n\t"
1427                  "mov %%eax, 0(%2) \n\t"
1428                  "mov %%ebx, 4(%2) \n\t"
1429                  "mov %%ecx, 8(%2) \n\t"
1430                  "mov %%edx, 12(%2) \n\t"
1431                  "popa"
1432                  : : "a"(function), "c"(count), "S"(vec)
1433                  : "memory", "cc");
1434 #else
1435     abort();
1436 #endif
1437 
1438     if (eax)
1439         *eax = vec[0];
1440     if (ebx)
1441         *ebx = vec[1];
1442     if (ecx)
1443         *ecx = vec[2];
1444     if (edx)
1445         *edx = vec[3];
1446 }
1447 
1448 /* CPU class name definitions: */
1449 
1450 /* Return type name for a given CPU model name
1451  * Caller is responsible for freeing the returned string.
1452  */
1453 static char *x86_cpu_type_name(const char *model_name)
1454 {
1455     return g_strdup_printf(X86_CPU_TYPE_NAME("%s"), model_name);
1456 }
1457 
1458 static ObjectClass *x86_cpu_class_by_name(const char *cpu_model)
1459 {
1460     g_autofree char *typename = x86_cpu_type_name(cpu_model);
1461     return object_class_by_name(typename);
1462 }
1463 
1464 static char *x86_cpu_class_get_model_name(X86CPUClass *cc)
1465 {
1466     const char *class_name = object_class_get_name(OBJECT_CLASS(cc));
1467     assert(g_str_has_suffix(class_name, X86_CPU_TYPE_SUFFIX));
1468     return g_strndup(class_name,
1469                      strlen(class_name) - strlen(X86_CPU_TYPE_SUFFIX));
1470 }
1471 
1472 typedef struct X86CPUVersionDefinition {
1473     X86CPUVersion version;
1474     const char *alias;
1475     const char *note;
1476     PropValue *props;
1477 } X86CPUVersionDefinition;
1478 
1479 /* Base definition for a CPU model */
1480 typedef struct X86CPUDefinition {
1481     const char *name;
1482     uint32_t level;
1483     uint32_t xlevel;
1484     /* vendor is zero-terminated, 12 character ASCII string */
1485     char vendor[CPUID_VENDOR_SZ + 1];
1486     int family;
1487     int model;
1488     int stepping;
1489     FeatureWordArray features;
1490     const char *model_id;
1491     const CPUCaches *const cache_info;
1492     /*
1493      * Definitions for alternative versions of CPU model.
1494      * List is terminated by item with version == 0.
1495      * If NULL, version 1 will be registered automatically.
1496      */
1497     const X86CPUVersionDefinition *versions;
1498     const char *deprecation_note;
1499 } X86CPUDefinition;
1500 
1501 /* Reference to a specific CPU model version */
1502 struct X86CPUModel {
1503     /* Base CPU definition */
1504     const X86CPUDefinition *cpudef;
1505     /* CPU model version */
1506     X86CPUVersion version;
1507     const char *note;
1508     /*
1509      * If true, this is an alias CPU model.
1510      * This matters only for "-cpu help" and query-cpu-definitions
1511      */
1512     bool is_alias;
1513 };
1514 
1515 /* Get full model name for CPU version */
1516 static char *x86_cpu_versioned_model_name(const X86CPUDefinition *cpudef,
1517                                           X86CPUVersion version)
1518 {
1519     assert(version > 0);
1520     return g_strdup_printf("%s-v%d", cpudef->name, (int)version);
1521 }
1522 
1523 static const X86CPUVersionDefinition *
1524 x86_cpu_def_get_versions(const X86CPUDefinition *def)
1525 {
1526     /* When X86CPUDefinition::versions is NULL, we register only v1 */
1527     static const X86CPUVersionDefinition default_version_list[] = {
1528         { 1 },
1529         { /* end of list */ }
1530     };
1531 
1532     return def->versions ?: default_version_list;
1533 }
1534 
1535 static const CPUCaches epyc_cache_info = {
1536     .l1d_cache = &(CPUCacheInfo) {
1537         .type = DATA_CACHE,
1538         .level = 1,
1539         .size = 32 * KiB,
1540         .line_size = 64,
1541         .associativity = 8,
1542         .partitions = 1,
1543         .sets = 64,
1544         .lines_per_tag = 1,
1545         .self_init = 1,
1546         .no_invd_sharing = true,
1547     },
1548     .l1i_cache = &(CPUCacheInfo) {
1549         .type = INSTRUCTION_CACHE,
1550         .level = 1,
1551         .size = 64 * KiB,
1552         .line_size = 64,
1553         .associativity = 4,
1554         .partitions = 1,
1555         .sets = 256,
1556         .lines_per_tag = 1,
1557         .self_init = 1,
1558         .no_invd_sharing = true,
1559     },
1560     .l2_cache = &(CPUCacheInfo) {
1561         .type = UNIFIED_CACHE,
1562         .level = 2,
1563         .size = 512 * KiB,
1564         .line_size = 64,
1565         .associativity = 8,
1566         .partitions = 1,
1567         .sets = 1024,
1568         .lines_per_tag = 1,
1569     },
1570     .l3_cache = &(CPUCacheInfo) {
1571         .type = UNIFIED_CACHE,
1572         .level = 3,
1573         .size = 8 * MiB,
1574         .line_size = 64,
1575         .associativity = 16,
1576         .partitions = 1,
1577         .sets = 8192,
1578         .lines_per_tag = 1,
1579         .self_init = true,
1580         .inclusive = true,
1581         .complex_indexing = true,
1582     },
1583 };
1584 
1585 static const CPUCaches epyc_rome_cache_info = {
1586     .l1d_cache = &(CPUCacheInfo) {
1587         .type = DATA_CACHE,
1588         .level = 1,
1589         .size = 32 * KiB,
1590         .line_size = 64,
1591         .associativity = 8,
1592         .partitions = 1,
1593         .sets = 64,
1594         .lines_per_tag = 1,
1595         .self_init = 1,
1596         .no_invd_sharing = true,
1597     },
1598     .l1i_cache = &(CPUCacheInfo) {
1599         .type = INSTRUCTION_CACHE,
1600         .level = 1,
1601         .size = 32 * KiB,
1602         .line_size = 64,
1603         .associativity = 8,
1604         .partitions = 1,
1605         .sets = 64,
1606         .lines_per_tag = 1,
1607         .self_init = 1,
1608         .no_invd_sharing = true,
1609     },
1610     .l2_cache = &(CPUCacheInfo) {
1611         .type = UNIFIED_CACHE,
1612         .level = 2,
1613         .size = 512 * KiB,
1614         .line_size = 64,
1615         .associativity = 8,
1616         .partitions = 1,
1617         .sets = 1024,
1618         .lines_per_tag = 1,
1619     },
1620     .l3_cache = &(CPUCacheInfo) {
1621         .type = UNIFIED_CACHE,
1622         .level = 3,
1623         .size = 16 * MiB,
1624         .line_size = 64,
1625         .associativity = 16,
1626         .partitions = 1,
1627         .sets = 16384,
1628         .lines_per_tag = 1,
1629         .self_init = true,
1630         .inclusive = true,
1631         .complex_indexing = true,
1632     },
1633 };
1634 
1635 static const CPUCaches epyc_milan_cache_info = {
1636     .l1d_cache = &(CPUCacheInfo) {
1637         .type = DATA_CACHE,
1638         .level = 1,
1639         .size = 32 * KiB,
1640         .line_size = 64,
1641         .associativity = 8,
1642         .partitions = 1,
1643         .sets = 64,
1644         .lines_per_tag = 1,
1645         .self_init = 1,
1646         .no_invd_sharing = true,
1647     },
1648     .l1i_cache = &(CPUCacheInfo) {
1649         .type = INSTRUCTION_CACHE,
1650         .level = 1,
1651         .size = 32 * KiB,
1652         .line_size = 64,
1653         .associativity = 8,
1654         .partitions = 1,
1655         .sets = 64,
1656         .lines_per_tag = 1,
1657         .self_init = 1,
1658         .no_invd_sharing = true,
1659     },
1660     .l2_cache = &(CPUCacheInfo) {
1661         .type = UNIFIED_CACHE,
1662         .level = 2,
1663         .size = 512 * KiB,
1664         .line_size = 64,
1665         .associativity = 8,
1666         .partitions = 1,
1667         .sets = 1024,
1668         .lines_per_tag = 1,
1669     },
1670     .l3_cache = &(CPUCacheInfo) {
1671         .type = UNIFIED_CACHE,
1672         .level = 3,
1673         .size = 32 * MiB,
1674         .line_size = 64,
1675         .associativity = 16,
1676         .partitions = 1,
1677         .sets = 32768,
1678         .lines_per_tag = 1,
1679         .self_init = true,
1680         .inclusive = true,
1681         .complex_indexing = true,
1682     },
1683 };
1684 
1685 /* The following VMX features are not supported by KVM and are left out in the
1686  * CPU definitions:
1687  *
1688  *  Dual-monitor support (all processors)
1689  *  Entry to SMM
1690  *  Deactivate dual-monitor treatment
1691  *  Number of CR3-target values
1692  *  Shutdown activity state
1693  *  Wait-for-SIPI activity state
1694  *  PAUSE-loop exiting (Westmere and newer)
1695  *  EPT-violation #VE (Broadwell and newer)
1696  *  Inject event with insn length=0 (Skylake and newer)
1697  *  Conceal non-root operation from PT
1698  *  Conceal VM exits from PT
1699  *  Conceal VM entries from PT
1700  *  Enable ENCLS exiting
1701  *  Mode-based execute control (XS/XU)
1702  s  TSC scaling (Skylake Server and newer)
1703  *  GPA translation for PT (IceLake and newer)
1704  *  User wait and pause
1705  *  ENCLV exiting
1706  *  Load IA32_RTIT_CTL
1707  *  Clear IA32_RTIT_CTL
1708  *  Advanced VM-exit information for EPT violations
1709  *  Sub-page write permissions
1710  *  PT in VMX operation
1711  */
1712 
1713 static const X86CPUDefinition builtin_x86_defs[] = {
1714     {
1715         .name = "qemu64",
1716         .level = 0xd,
1717         .vendor = CPUID_VENDOR_AMD,
1718         .family = 15,
1719         .model = 107,
1720         .stepping = 1,
1721         .features[FEAT_1_EDX] =
1722             PPRO_FEATURES |
1723             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA |
1724             CPUID_PSE36,
1725         .features[FEAT_1_ECX] =
1726             CPUID_EXT_SSE3 | CPUID_EXT_CX16,
1727         .features[FEAT_8000_0001_EDX] =
1728             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX,
1729         .features[FEAT_8000_0001_ECX] =
1730             CPUID_EXT3_LAHF_LM | CPUID_EXT3_SVM,
1731         .xlevel = 0x8000000A,
1732         .model_id = "QEMU Virtual CPU version " QEMU_HW_VERSION,
1733     },
1734     {
1735         .name = "phenom",
1736         .level = 5,
1737         .vendor = CPUID_VENDOR_AMD,
1738         .family = 16,
1739         .model = 2,
1740         .stepping = 3,
1741         /* Missing: CPUID_HT */
1742         .features[FEAT_1_EDX] =
1743             PPRO_FEATURES |
1744             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA |
1745             CPUID_PSE36 | CPUID_VME,
1746         .features[FEAT_1_ECX] =
1747             CPUID_EXT_SSE3 | CPUID_EXT_MONITOR | CPUID_EXT_CX16 |
1748             CPUID_EXT_POPCNT,
1749         .features[FEAT_8000_0001_EDX] =
1750             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX |
1751             CPUID_EXT2_3DNOW | CPUID_EXT2_3DNOWEXT | CPUID_EXT2_MMXEXT |
1752             CPUID_EXT2_FFXSR | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP,
1753         /* Missing: CPUID_EXT3_CMP_LEG, CPUID_EXT3_EXTAPIC,
1754                     CPUID_EXT3_CR8LEG,
1755                     CPUID_EXT3_MISALIGNSSE, CPUID_EXT3_3DNOWPREFETCH,
1756                     CPUID_EXT3_OSVW, CPUID_EXT3_IBS */
1757         .features[FEAT_8000_0001_ECX] =
1758             CPUID_EXT3_LAHF_LM | CPUID_EXT3_SVM |
1759             CPUID_EXT3_ABM | CPUID_EXT3_SSE4A,
1760         /* Missing: CPUID_SVM_LBRV */
1761         .features[FEAT_SVM] =
1762             CPUID_SVM_NPT,
1763         .xlevel = 0x8000001A,
1764         .model_id = "AMD Phenom(tm) 9550 Quad-Core Processor"
1765     },
1766     {
1767         .name = "core2duo",
1768         .level = 10,
1769         .vendor = CPUID_VENDOR_INTEL,
1770         .family = 6,
1771         .model = 15,
1772         .stepping = 11,
1773         /* Missing: CPUID_DTS, CPUID_HT, CPUID_TM, CPUID_PBE */
1774         .features[FEAT_1_EDX] =
1775             PPRO_FEATURES |
1776             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA |
1777             CPUID_PSE36 | CPUID_VME | CPUID_ACPI | CPUID_SS,
1778         /* Missing: CPUID_EXT_DTES64, CPUID_EXT_DSCPL, CPUID_EXT_EST,
1779          * CPUID_EXT_TM2, CPUID_EXT_XTPR, CPUID_EXT_PDCM, CPUID_EXT_VMX */
1780         .features[FEAT_1_ECX] =
1781             CPUID_EXT_SSE3 | CPUID_EXT_MONITOR | CPUID_EXT_SSSE3 |
1782             CPUID_EXT_CX16,
1783         .features[FEAT_8000_0001_EDX] =
1784             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX,
1785         .features[FEAT_8000_0001_ECX] =
1786             CPUID_EXT3_LAHF_LM,
1787         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS,
1788         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE,
1789         .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT,
1790         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
1791         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
1792              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS,
1793         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
1794              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
1795              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
1796              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
1797              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
1798              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
1799              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
1800              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
1801              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
1802              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
1803         .features[FEAT_VMX_SECONDARY_CTLS] =
1804              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES,
1805         .xlevel = 0x80000008,
1806         .model_id = "Intel(R) Core(TM)2 Duo CPU     T7700  @ 2.40GHz",
1807     },
1808     {
1809         .name = "kvm64",
1810         .level = 0xd,
1811         .vendor = CPUID_VENDOR_INTEL,
1812         .family = 15,
1813         .model = 6,
1814         .stepping = 1,
1815         /* Missing: CPUID_HT */
1816         .features[FEAT_1_EDX] =
1817             PPRO_FEATURES | CPUID_VME |
1818             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA |
1819             CPUID_PSE36,
1820         /* Missing: CPUID_EXT_POPCNT, CPUID_EXT_MONITOR */
1821         .features[FEAT_1_ECX] =
1822             CPUID_EXT_SSE3 | CPUID_EXT_CX16,
1823         /* Missing: CPUID_EXT2_PDPE1GB, CPUID_EXT2_RDTSCP */
1824         .features[FEAT_8000_0001_EDX] =
1825             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX,
1826         /* Missing: CPUID_EXT3_LAHF_LM, CPUID_EXT3_CMP_LEG, CPUID_EXT3_EXTAPIC,
1827                     CPUID_EXT3_CR8LEG, CPUID_EXT3_ABM, CPUID_EXT3_SSE4A,
1828                     CPUID_EXT3_MISALIGNSSE, CPUID_EXT3_3DNOWPREFETCH,
1829                     CPUID_EXT3_OSVW, CPUID_EXT3_IBS, CPUID_EXT3_SVM */
1830         .features[FEAT_8000_0001_ECX] =
1831             0,
1832         /* VMX features from Cedar Mill/Prescott */
1833         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE,
1834         .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT,
1835         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
1836         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
1837              VMX_PIN_BASED_NMI_EXITING,
1838         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
1839              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
1840              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
1841              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
1842              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
1843              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
1844              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
1845              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING,
1846         .xlevel = 0x80000008,
1847         .model_id = "Common KVM processor"
1848     },
1849     {
1850         .name = "qemu32",
1851         .level = 4,
1852         .vendor = CPUID_VENDOR_INTEL,
1853         .family = 6,
1854         .model = 6,
1855         .stepping = 3,
1856         .features[FEAT_1_EDX] =
1857             PPRO_FEATURES,
1858         .features[FEAT_1_ECX] =
1859             CPUID_EXT_SSE3,
1860         .xlevel = 0x80000004,
1861         .model_id = "QEMU Virtual CPU version " QEMU_HW_VERSION,
1862     },
1863     {
1864         .name = "kvm32",
1865         .level = 5,
1866         .vendor = CPUID_VENDOR_INTEL,
1867         .family = 15,
1868         .model = 6,
1869         .stepping = 1,
1870         .features[FEAT_1_EDX] =
1871             PPRO_FEATURES | CPUID_VME |
1872             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA | CPUID_PSE36,
1873         .features[FEAT_1_ECX] =
1874             CPUID_EXT_SSE3,
1875         .features[FEAT_8000_0001_ECX] =
1876             0,
1877         /* VMX features from Yonah */
1878         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE,
1879         .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT,
1880         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
1881         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
1882              VMX_PIN_BASED_NMI_EXITING,
1883         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
1884              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
1885              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
1886              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
1887              VMX_CPU_BASED_MOV_DR_EXITING | VMX_CPU_BASED_UNCOND_IO_EXITING |
1888              VMX_CPU_BASED_USE_IO_BITMAPS | VMX_CPU_BASED_MONITOR_EXITING |
1889              VMX_CPU_BASED_PAUSE_EXITING | VMX_CPU_BASED_USE_MSR_BITMAPS,
1890         .xlevel = 0x80000008,
1891         .model_id = "Common 32-bit KVM processor"
1892     },
1893     {
1894         .name = "coreduo",
1895         .level = 10,
1896         .vendor = CPUID_VENDOR_INTEL,
1897         .family = 6,
1898         .model = 14,
1899         .stepping = 8,
1900         /* Missing: CPUID_DTS, CPUID_HT, CPUID_TM, CPUID_PBE */
1901         .features[FEAT_1_EDX] =
1902             PPRO_FEATURES | CPUID_VME |
1903             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA | CPUID_ACPI |
1904             CPUID_SS,
1905         /* Missing: CPUID_EXT_EST, CPUID_EXT_TM2 , CPUID_EXT_XTPR,
1906          * CPUID_EXT_PDCM, CPUID_EXT_VMX */
1907         .features[FEAT_1_ECX] =
1908             CPUID_EXT_SSE3 | CPUID_EXT_MONITOR,
1909         .features[FEAT_8000_0001_EDX] =
1910             CPUID_EXT2_NX,
1911         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE,
1912         .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT,
1913         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
1914         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
1915              VMX_PIN_BASED_NMI_EXITING,
1916         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
1917              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
1918              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
1919              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
1920              VMX_CPU_BASED_MOV_DR_EXITING | VMX_CPU_BASED_UNCOND_IO_EXITING |
1921              VMX_CPU_BASED_USE_IO_BITMAPS | VMX_CPU_BASED_MONITOR_EXITING |
1922              VMX_CPU_BASED_PAUSE_EXITING | VMX_CPU_BASED_USE_MSR_BITMAPS,
1923         .xlevel = 0x80000008,
1924         .model_id = "Genuine Intel(R) CPU           T2600  @ 2.16GHz",
1925     },
1926     {
1927         .name = "486",
1928         .level = 1,
1929         .vendor = CPUID_VENDOR_INTEL,
1930         .family = 4,
1931         .model = 8,
1932         .stepping = 0,
1933         .features[FEAT_1_EDX] =
1934             I486_FEATURES,
1935         .xlevel = 0,
1936         .model_id = "",
1937     },
1938     {
1939         .name = "pentium",
1940         .level = 1,
1941         .vendor = CPUID_VENDOR_INTEL,
1942         .family = 5,
1943         .model = 4,
1944         .stepping = 3,
1945         .features[FEAT_1_EDX] =
1946             PENTIUM_FEATURES,
1947         .xlevel = 0,
1948         .model_id = "",
1949     },
1950     {
1951         .name = "pentium2",
1952         .level = 2,
1953         .vendor = CPUID_VENDOR_INTEL,
1954         .family = 6,
1955         .model = 5,
1956         .stepping = 2,
1957         .features[FEAT_1_EDX] =
1958             PENTIUM2_FEATURES,
1959         .xlevel = 0,
1960         .model_id = "",
1961     },
1962     {
1963         .name = "pentium3",
1964         .level = 3,
1965         .vendor = CPUID_VENDOR_INTEL,
1966         .family = 6,
1967         .model = 7,
1968         .stepping = 3,
1969         .features[FEAT_1_EDX] =
1970             PENTIUM3_FEATURES,
1971         .xlevel = 0,
1972         .model_id = "",
1973     },
1974     {
1975         .name = "athlon",
1976         .level = 2,
1977         .vendor = CPUID_VENDOR_AMD,
1978         .family = 6,
1979         .model = 2,
1980         .stepping = 3,
1981         .features[FEAT_1_EDX] =
1982             PPRO_FEATURES | CPUID_PSE36 | CPUID_VME | CPUID_MTRR |
1983             CPUID_MCA,
1984         .features[FEAT_8000_0001_EDX] =
1985             CPUID_EXT2_MMXEXT | CPUID_EXT2_3DNOW | CPUID_EXT2_3DNOWEXT,
1986         .xlevel = 0x80000008,
1987         .model_id = "QEMU Virtual CPU version " QEMU_HW_VERSION,
1988     },
1989     {
1990         .name = "n270",
1991         .level = 10,
1992         .vendor = CPUID_VENDOR_INTEL,
1993         .family = 6,
1994         .model = 28,
1995         .stepping = 2,
1996         /* Missing: CPUID_DTS, CPUID_HT, CPUID_TM, CPUID_PBE */
1997         .features[FEAT_1_EDX] =
1998             PPRO_FEATURES |
1999             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA | CPUID_VME |
2000             CPUID_ACPI | CPUID_SS,
2001             /* Some CPUs got no CPUID_SEP */
2002         /* Missing: CPUID_EXT_DSCPL, CPUID_EXT_EST, CPUID_EXT_TM2,
2003          * CPUID_EXT_XTPR */
2004         .features[FEAT_1_ECX] =
2005             CPUID_EXT_SSE3 | CPUID_EXT_MONITOR | CPUID_EXT_SSSE3 |
2006             CPUID_EXT_MOVBE,
2007         .features[FEAT_8000_0001_EDX] =
2008             CPUID_EXT2_NX,
2009         .features[FEAT_8000_0001_ECX] =
2010             CPUID_EXT3_LAHF_LM,
2011         .xlevel = 0x80000008,
2012         .model_id = "Intel(R) Atom(TM) CPU N270   @ 1.60GHz",
2013     },
2014     {
2015         .name = "Conroe",
2016         .level = 10,
2017         .vendor = CPUID_VENDOR_INTEL,
2018         .family = 6,
2019         .model = 15,
2020         .stepping = 3,
2021         .features[FEAT_1_EDX] =
2022             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2023             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2024             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2025             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2026             CPUID_DE | CPUID_FP87,
2027         .features[FEAT_1_ECX] =
2028             CPUID_EXT_SSSE3 | CPUID_EXT_SSE3,
2029         .features[FEAT_8000_0001_EDX] =
2030             CPUID_EXT2_LM | CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
2031         .features[FEAT_8000_0001_ECX] =
2032             CPUID_EXT3_LAHF_LM,
2033         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS,
2034         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE,
2035         .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT,
2036         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
2037         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2038              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS,
2039         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2040              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2041              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2042              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2043              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2044              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2045              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2046              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2047              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2048              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2049         .features[FEAT_VMX_SECONDARY_CTLS] =
2050              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES,
2051         .xlevel = 0x80000008,
2052         .model_id = "Intel Celeron_4x0 (Conroe/Merom Class Core 2)",
2053     },
2054     {
2055         .name = "Penryn",
2056         .level = 10,
2057         .vendor = CPUID_VENDOR_INTEL,
2058         .family = 6,
2059         .model = 23,
2060         .stepping = 3,
2061         .features[FEAT_1_EDX] =
2062             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2063             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2064             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2065             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2066             CPUID_DE | CPUID_FP87,
2067         .features[FEAT_1_ECX] =
2068             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
2069             CPUID_EXT_SSE3,
2070         .features[FEAT_8000_0001_EDX] =
2071             CPUID_EXT2_LM | CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
2072         .features[FEAT_8000_0001_ECX] =
2073             CPUID_EXT3_LAHF_LM,
2074         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS,
2075         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2076              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL,
2077         .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT |
2078              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL,
2079         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
2080         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2081              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS,
2082         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2083              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2084              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2085              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2086              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2087              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2088              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2089              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2090              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2091              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2092         .features[FEAT_VMX_SECONDARY_CTLS] =
2093              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2094              VMX_SECONDARY_EXEC_WBINVD_EXITING,
2095         .xlevel = 0x80000008,
2096         .model_id = "Intel Core 2 Duo P9xxx (Penryn Class Core 2)",
2097     },
2098     {
2099         .name = "Nehalem",
2100         .level = 11,
2101         .vendor = CPUID_VENDOR_INTEL,
2102         .family = 6,
2103         .model = 26,
2104         .stepping = 3,
2105         .features[FEAT_1_EDX] =
2106             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2107             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2108             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2109             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2110             CPUID_DE | CPUID_FP87,
2111         .features[FEAT_1_ECX] =
2112             CPUID_EXT_POPCNT | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
2113             CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | CPUID_EXT_SSE3,
2114         .features[FEAT_8000_0001_EDX] =
2115             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX,
2116         .features[FEAT_8000_0001_ECX] =
2117             CPUID_EXT3_LAHF_LM,
2118         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2119              MSR_VMX_BASIC_TRUE_CTLS,
2120         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2121              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2122              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2123         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2124              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2125              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2126              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2127              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2128              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2129              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS,
2130         .features[FEAT_VMX_EXIT_CTLS] =
2131              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2132              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2133              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2134              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2135              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2136         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
2137         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2138              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2139              VMX_PIN_BASED_VMX_PREEMPTION_TIMER,
2140         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2141              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2142              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2143              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2144              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2145              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2146              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2147              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2148              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2149              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2150              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2151              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2152         .features[FEAT_VMX_SECONDARY_CTLS] =
2153              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2154              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2155              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2156              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
2157              VMX_SECONDARY_EXEC_ENABLE_VPID,
2158         .xlevel = 0x80000008,
2159         .model_id = "Intel Core i7 9xx (Nehalem Class Core i7)",
2160         .versions = (X86CPUVersionDefinition[]) {
2161             { .version = 1 },
2162             {
2163                 .version = 2,
2164                 .alias = "Nehalem-IBRS",
2165                 .props = (PropValue[]) {
2166                     { "spec-ctrl", "on" },
2167                     { "model-id",
2168                       "Intel Core i7 9xx (Nehalem Core i7, IBRS update)" },
2169                     { /* end of list */ }
2170                 }
2171             },
2172             { /* end of list */ }
2173         }
2174     },
2175     {
2176         .name = "Westmere",
2177         .level = 11,
2178         .vendor = CPUID_VENDOR_INTEL,
2179         .family = 6,
2180         .model = 44,
2181         .stepping = 1,
2182         .features[FEAT_1_EDX] =
2183             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2184             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2185             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2186             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2187             CPUID_DE | CPUID_FP87,
2188         .features[FEAT_1_ECX] =
2189             CPUID_EXT_AES | CPUID_EXT_POPCNT | CPUID_EXT_SSE42 |
2190             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
2191             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3,
2192         .features[FEAT_8000_0001_EDX] =
2193             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX,
2194         .features[FEAT_8000_0001_ECX] =
2195             CPUID_EXT3_LAHF_LM,
2196         .features[FEAT_6_EAX] =
2197             CPUID_6_EAX_ARAT,
2198         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2199              MSR_VMX_BASIC_TRUE_CTLS,
2200         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2201              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2202              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2203         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2204              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2205              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2206              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2207              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2208              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2209              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS,
2210         .features[FEAT_VMX_EXIT_CTLS] =
2211              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2212              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2213              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2214              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2215              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2216         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
2217              MSR_VMX_MISC_STORE_LMA,
2218         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2219              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2220              VMX_PIN_BASED_VMX_PREEMPTION_TIMER,
2221         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2222              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2223              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2224              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2225              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2226              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2227              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2228              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2229              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2230              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2231              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2232              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2233         .features[FEAT_VMX_SECONDARY_CTLS] =
2234              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2235              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2236              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2237              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
2238              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST,
2239         .xlevel = 0x80000008,
2240         .model_id = "Westmere E56xx/L56xx/X56xx (Nehalem-C)",
2241         .versions = (X86CPUVersionDefinition[]) {
2242             { .version = 1 },
2243             {
2244                 .version = 2,
2245                 .alias = "Westmere-IBRS",
2246                 .props = (PropValue[]) {
2247                     { "spec-ctrl", "on" },
2248                     { "model-id",
2249                       "Westmere E56xx/L56xx/X56xx (IBRS update)" },
2250                     { /* end of list */ }
2251                 }
2252             },
2253             { /* end of list */ }
2254         }
2255     },
2256     {
2257         .name = "SandyBridge",
2258         .level = 0xd,
2259         .vendor = CPUID_VENDOR_INTEL,
2260         .family = 6,
2261         .model = 42,
2262         .stepping = 1,
2263         .features[FEAT_1_EDX] =
2264             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2265             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2266             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2267             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2268             CPUID_DE | CPUID_FP87,
2269         .features[FEAT_1_ECX] =
2270             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
2271             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_POPCNT |
2272             CPUID_EXT_X2APIC | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
2273             CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | CPUID_EXT_PCLMULQDQ |
2274             CPUID_EXT_SSE3,
2275         .features[FEAT_8000_0001_EDX] =
2276             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
2277             CPUID_EXT2_SYSCALL,
2278         .features[FEAT_8000_0001_ECX] =
2279             CPUID_EXT3_LAHF_LM,
2280         .features[FEAT_XSAVE] =
2281             CPUID_XSAVE_XSAVEOPT,
2282         .features[FEAT_6_EAX] =
2283             CPUID_6_EAX_ARAT,
2284         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2285              MSR_VMX_BASIC_TRUE_CTLS,
2286         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2287              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2288              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2289         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2290              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2291              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2292              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2293              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2294              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2295              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS,
2296         .features[FEAT_VMX_EXIT_CTLS] =
2297              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2298              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2299              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2300              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2301              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2302         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
2303              MSR_VMX_MISC_STORE_LMA,
2304         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2305              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2306              VMX_PIN_BASED_VMX_PREEMPTION_TIMER,
2307         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2308              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2309              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2310              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2311              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2312              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2313              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2314              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2315              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2316              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2317              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2318              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2319         .features[FEAT_VMX_SECONDARY_CTLS] =
2320              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2321              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2322              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2323              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
2324              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST,
2325         .xlevel = 0x80000008,
2326         .model_id = "Intel Xeon E312xx (Sandy Bridge)",
2327         .versions = (X86CPUVersionDefinition[]) {
2328             { .version = 1 },
2329             {
2330                 .version = 2,
2331                 .alias = "SandyBridge-IBRS",
2332                 .props = (PropValue[]) {
2333                     { "spec-ctrl", "on" },
2334                     { "model-id",
2335                       "Intel Xeon E312xx (Sandy Bridge, IBRS update)" },
2336                     { /* end of list */ }
2337                 }
2338             },
2339             { /* end of list */ }
2340         }
2341     },
2342     {
2343         .name = "IvyBridge",
2344         .level = 0xd,
2345         .vendor = CPUID_VENDOR_INTEL,
2346         .family = 6,
2347         .model = 58,
2348         .stepping = 9,
2349         .features[FEAT_1_EDX] =
2350             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2351             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2352             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2353             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2354             CPUID_DE | CPUID_FP87,
2355         .features[FEAT_1_ECX] =
2356             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
2357             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_POPCNT |
2358             CPUID_EXT_X2APIC | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
2359             CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | CPUID_EXT_PCLMULQDQ |
2360             CPUID_EXT_SSE3 | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
2361         .features[FEAT_7_0_EBX] =
2362             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_SMEP |
2363             CPUID_7_0_EBX_ERMS,
2364         .features[FEAT_8000_0001_EDX] =
2365             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
2366             CPUID_EXT2_SYSCALL,
2367         .features[FEAT_8000_0001_ECX] =
2368             CPUID_EXT3_LAHF_LM,
2369         .features[FEAT_XSAVE] =
2370             CPUID_XSAVE_XSAVEOPT,
2371         .features[FEAT_6_EAX] =
2372             CPUID_6_EAX_ARAT,
2373         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2374              MSR_VMX_BASIC_TRUE_CTLS,
2375         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2376              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2377              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2378         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2379              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2380              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2381              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2382              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2383              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2384              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS,
2385         .features[FEAT_VMX_EXIT_CTLS] =
2386              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2387              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2388              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2389              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2390              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2391         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
2392              MSR_VMX_MISC_STORE_LMA,
2393         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2394              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2395              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
2396         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2397              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2398              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2399              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2400              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2401              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2402              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2403              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2404              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2405              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2406              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2407              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2408         .features[FEAT_VMX_SECONDARY_CTLS] =
2409              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2410              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2411              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2412              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
2413              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
2414              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
2415              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
2416              VMX_SECONDARY_EXEC_RDRAND_EXITING,
2417         .xlevel = 0x80000008,
2418         .model_id = "Intel Xeon E3-12xx v2 (Ivy Bridge)",
2419         .versions = (X86CPUVersionDefinition[]) {
2420             { .version = 1 },
2421             {
2422                 .version = 2,
2423                 .alias = "IvyBridge-IBRS",
2424                 .props = (PropValue[]) {
2425                     { "spec-ctrl", "on" },
2426                     { "model-id",
2427                       "Intel Xeon E3-12xx v2 (Ivy Bridge, IBRS)" },
2428                     { /* end of list */ }
2429                 }
2430             },
2431             { /* end of list */ }
2432         }
2433     },
2434     {
2435         .name = "Haswell",
2436         .level = 0xd,
2437         .vendor = CPUID_VENDOR_INTEL,
2438         .family = 6,
2439         .model = 60,
2440         .stepping = 4,
2441         .features[FEAT_1_EDX] =
2442             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2443             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2444             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2445             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2446             CPUID_DE | CPUID_FP87,
2447         .features[FEAT_1_ECX] =
2448             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
2449             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
2450             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
2451             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
2452             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
2453             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
2454         .features[FEAT_8000_0001_EDX] =
2455             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
2456             CPUID_EXT2_SYSCALL,
2457         .features[FEAT_8000_0001_ECX] =
2458             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM,
2459         .features[FEAT_7_0_EBX] =
2460             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
2461             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
2462             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
2463             CPUID_7_0_EBX_RTM,
2464         .features[FEAT_XSAVE] =
2465             CPUID_XSAVE_XSAVEOPT,
2466         .features[FEAT_6_EAX] =
2467             CPUID_6_EAX_ARAT,
2468         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2469              MSR_VMX_BASIC_TRUE_CTLS,
2470         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2471              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2472              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2473         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2474              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2475              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2476              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2477              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2478              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2479              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
2480         .features[FEAT_VMX_EXIT_CTLS] =
2481              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2482              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2483              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2484              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2485              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2486         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
2487              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
2488         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2489              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2490              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
2491         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2492              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2493              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2494              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2495              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2496              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2497              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2498              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2499              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2500              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2501              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2502              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2503         .features[FEAT_VMX_SECONDARY_CTLS] =
2504              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2505              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2506              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2507              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
2508              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
2509              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
2510              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
2511              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
2512              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS,
2513         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
2514         .xlevel = 0x80000008,
2515         .model_id = "Intel Core Processor (Haswell)",
2516         .versions = (X86CPUVersionDefinition[]) {
2517             { .version = 1 },
2518             {
2519                 .version = 2,
2520                 .alias = "Haswell-noTSX",
2521                 .props = (PropValue[]) {
2522                     { "hle", "off" },
2523                     { "rtm", "off" },
2524                     { "stepping", "1" },
2525                     { "model-id", "Intel Core Processor (Haswell, no TSX)", },
2526                     { /* end of list */ }
2527                 },
2528             },
2529             {
2530                 .version = 3,
2531                 .alias = "Haswell-IBRS",
2532                 .props = (PropValue[]) {
2533                     /* Restore TSX features removed by -v2 above */
2534                     { "hle", "on" },
2535                     { "rtm", "on" },
2536                     /*
2537                      * Haswell and Haswell-IBRS had stepping=4 in
2538                      * QEMU 4.0 and older
2539                      */
2540                     { "stepping", "4" },
2541                     { "spec-ctrl", "on" },
2542                     { "model-id",
2543                       "Intel Core Processor (Haswell, IBRS)" },
2544                     { /* end of list */ }
2545                 }
2546             },
2547             {
2548                 .version = 4,
2549                 .alias = "Haswell-noTSX-IBRS",
2550                 .props = (PropValue[]) {
2551                     { "hle", "off" },
2552                     { "rtm", "off" },
2553                     /* spec-ctrl was already enabled by -v3 above */
2554                     { "stepping", "1" },
2555                     { "model-id",
2556                       "Intel Core Processor (Haswell, no TSX, IBRS)" },
2557                     { /* end of list */ }
2558                 }
2559             },
2560             { /* end of list */ }
2561         }
2562     },
2563     {
2564         .name = "Broadwell",
2565         .level = 0xd,
2566         .vendor = CPUID_VENDOR_INTEL,
2567         .family = 6,
2568         .model = 61,
2569         .stepping = 2,
2570         .features[FEAT_1_EDX] =
2571             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2572             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2573             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2574             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2575             CPUID_DE | CPUID_FP87,
2576         .features[FEAT_1_ECX] =
2577             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
2578             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
2579             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
2580             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
2581             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
2582             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
2583         .features[FEAT_8000_0001_EDX] =
2584             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
2585             CPUID_EXT2_SYSCALL,
2586         .features[FEAT_8000_0001_ECX] =
2587             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
2588         .features[FEAT_7_0_EBX] =
2589             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
2590             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
2591             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
2592             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
2593             CPUID_7_0_EBX_SMAP,
2594         .features[FEAT_XSAVE] =
2595             CPUID_XSAVE_XSAVEOPT,
2596         .features[FEAT_6_EAX] =
2597             CPUID_6_EAX_ARAT,
2598         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2599              MSR_VMX_BASIC_TRUE_CTLS,
2600         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2601              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2602              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2603         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2604              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2605              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2606              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2607              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2608              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2609              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
2610         .features[FEAT_VMX_EXIT_CTLS] =
2611              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2612              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2613              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2614              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2615              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2616         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
2617              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
2618         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2619              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2620              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
2621         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2622              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2623              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2624              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2625              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2626              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2627              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2628              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2629              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2630              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2631              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2632              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2633         .features[FEAT_VMX_SECONDARY_CTLS] =
2634              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2635              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2636              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2637              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
2638              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
2639              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
2640              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
2641              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
2642              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
2643              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
2644         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
2645         .xlevel = 0x80000008,
2646         .model_id = "Intel Core Processor (Broadwell)",
2647         .versions = (X86CPUVersionDefinition[]) {
2648             { .version = 1 },
2649             {
2650                 .version = 2,
2651                 .alias = "Broadwell-noTSX",
2652                 .props = (PropValue[]) {
2653                     { "hle", "off" },
2654                     { "rtm", "off" },
2655                     { "model-id", "Intel Core Processor (Broadwell, no TSX)", },
2656                     { /* end of list */ }
2657                 },
2658             },
2659             {
2660                 .version = 3,
2661                 .alias = "Broadwell-IBRS",
2662                 .props = (PropValue[]) {
2663                     /* Restore TSX features removed by -v2 above */
2664                     { "hle", "on" },
2665                     { "rtm", "on" },
2666                     { "spec-ctrl", "on" },
2667                     { "model-id",
2668                       "Intel Core Processor (Broadwell, IBRS)" },
2669                     { /* end of list */ }
2670                 }
2671             },
2672             {
2673                 .version = 4,
2674                 .alias = "Broadwell-noTSX-IBRS",
2675                 .props = (PropValue[]) {
2676                     { "hle", "off" },
2677                     { "rtm", "off" },
2678                     /* spec-ctrl was already enabled by -v3 above */
2679                     { "model-id",
2680                       "Intel Core Processor (Broadwell, no TSX, IBRS)" },
2681                     { /* end of list */ }
2682                 }
2683             },
2684             { /* end of list */ }
2685         }
2686     },
2687     {
2688         .name = "Skylake-Client",
2689         .level = 0xd,
2690         .vendor = CPUID_VENDOR_INTEL,
2691         .family = 6,
2692         .model = 94,
2693         .stepping = 3,
2694         .features[FEAT_1_EDX] =
2695             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2696             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2697             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2698             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2699             CPUID_DE | CPUID_FP87,
2700         .features[FEAT_1_ECX] =
2701             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
2702             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
2703             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
2704             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
2705             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
2706             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
2707         .features[FEAT_8000_0001_EDX] =
2708             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
2709             CPUID_EXT2_SYSCALL,
2710         .features[FEAT_8000_0001_ECX] =
2711             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
2712         .features[FEAT_7_0_EBX] =
2713             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
2714             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
2715             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
2716             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
2717             CPUID_7_0_EBX_SMAP,
2718         /* XSAVES is added in version 4 */
2719         .features[FEAT_XSAVE] =
2720             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
2721             CPUID_XSAVE_XGETBV1,
2722         .features[FEAT_6_EAX] =
2723             CPUID_6_EAX_ARAT,
2724         /* Missing: Mode-based execute control (XS/XU), processor tracing, TSC scaling */
2725         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2726              MSR_VMX_BASIC_TRUE_CTLS,
2727         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2728              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2729              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2730         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2731              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2732              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2733              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2734              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2735              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2736              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
2737         .features[FEAT_VMX_EXIT_CTLS] =
2738              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2739              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2740              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2741              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2742              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2743         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
2744              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
2745         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2746              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2747              VMX_PIN_BASED_VMX_PREEMPTION_TIMER,
2748         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2749              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2750              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2751              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2752              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2753              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2754              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2755              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2756              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2757              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2758              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2759              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2760         .features[FEAT_VMX_SECONDARY_CTLS] =
2761              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2762              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2763              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2764              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
2765              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
2766              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
2767              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
2768         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
2769         .xlevel = 0x80000008,
2770         .model_id = "Intel Core Processor (Skylake)",
2771         .versions = (X86CPUVersionDefinition[]) {
2772             { .version = 1 },
2773             {
2774                 .version = 2,
2775                 .alias = "Skylake-Client-IBRS",
2776                 .props = (PropValue[]) {
2777                     { "spec-ctrl", "on" },
2778                     { "model-id",
2779                       "Intel Core Processor (Skylake, IBRS)" },
2780                     { /* end of list */ }
2781                 }
2782             },
2783             {
2784                 .version = 3,
2785                 .alias = "Skylake-Client-noTSX-IBRS",
2786                 .props = (PropValue[]) {
2787                     { "hle", "off" },
2788                     { "rtm", "off" },
2789                     { "model-id",
2790                       "Intel Core Processor (Skylake, IBRS, no TSX)" },
2791                     { /* end of list */ }
2792                 }
2793             },
2794             {
2795                 .version = 4,
2796                 .note = "IBRS, XSAVES, no TSX",
2797                 .props = (PropValue[]) {
2798                     { "xsaves", "on" },
2799                     { "vmx-xsaves", "on" },
2800                     { /* end of list */ }
2801                 }
2802             },
2803             { /* end of list */ }
2804         }
2805     },
2806     {
2807         .name = "Skylake-Server",
2808         .level = 0xd,
2809         .vendor = CPUID_VENDOR_INTEL,
2810         .family = 6,
2811         .model = 85,
2812         .stepping = 4,
2813         .features[FEAT_1_EDX] =
2814             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2815             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2816             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2817             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2818             CPUID_DE | CPUID_FP87,
2819         .features[FEAT_1_ECX] =
2820             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
2821             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
2822             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
2823             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
2824             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
2825             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
2826         .features[FEAT_8000_0001_EDX] =
2827             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
2828             CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
2829         .features[FEAT_8000_0001_ECX] =
2830             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
2831         .features[FEAT_7_0_EBX] =
2832             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
2833             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
2834             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
2835             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
2836             CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLWB |
2837             CPUID_7_0_EBX_AVX512F | CPUID_7_0_EBX_AVX512DQ |
2838             CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512CD |
2839             CPUID_7_0_EBX_AVX512VL | CPUID_7_0_EBX_CLFLUSHOPT,
2840         .features[FEAT_7_0_ECX] =
2841             CPUID_7_0_ECX_PKU,
2842         /* XSAVES is added in version 5 */
2843         .features[FEAT_XSAVE] =
2844             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
2845             CPUID_XSAVE_XGETBV1,
2846         .features[FEAT_6_EAX] =
2847             CPUID_6_EAX_ARAT,
2848         /* Missing: Mode-based execute control (XS/XU), processor tracing, TSC scaling */
2849         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2850              MSR_VMX_BASIC_TRUE_CTLS,
2851         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2852              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2853              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2854         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2855              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2856              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2857              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2858              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2859              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2860              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
2861         .features[FEAT_VMX_EXIT_CTLS] =
2862              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2863              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2864              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2865              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2866              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2867         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
2868              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
2869         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2870              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2871              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
2872         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2873              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2874              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2875              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2876              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2877              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2878              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2879              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2880              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2881              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2882              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2883              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2884         .features[FEAT_VMX_SECONDARY_CTLS] =
2885              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2886              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2887              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2888              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
2889              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
2890              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
2891              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
2892              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
2893              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
2894              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
2895         .xlevel = 0x80000008,
2896         .model_id = "Intel Xeon Processor (Skylake)",
2897         .versions = (X86CPUVersionDefinition[]) {
2898             { .version = 1 },
2899             {
2900                 .version = 2,
2901                 .alias = "Skylake-Server-IBRS",
2902                 .props = (PropValue[]) {
2903                     /* clflushopt was not added to Skylake-Server-IBRS */
2904                     /* TODO: add -v3 including clflushopt */
2905                     { "clflushopt", "off" },
2906                     { "spec-ctrl", "on" },
2907                     { "model-id",
2908                       "Intel Xeon Processor (Skylake, IBRS)" },
2909                     { /* end of list */ }
2910                 }
2911             },
2912             {
2913                 .version = 3,
2914                 .alias = "Skylake-Server-noTSX-IBRS",
2915                 .props = (PropValue[]) {
2916                     { "hle", "off" },
2917                     { "rtm", "off" },
2918                     { "model-id",
2919                       "Intel Xeon Processor (Skylake, IBRS, no TSX)" },
2920                     { /* end of list */ }
2921                 }
2922             },
2923             {
2924                 .version = 4,
2925                 .props = (PropValue[]) {
2926                     { "vmx-eptp-switching", "on" },
2927                     { /* end of list */ }
2928                 }
2929             },
2930             {
2931                 .version = 5,
2932                 .note = "IBRS, XSAVES, EPT switching, no TSX",
2933                 .props = (PropValue[]) {
2934                     { "xsaves", "on" },
2935                     { "vmx-xsaves", "on" },
2936                     { /* end of list */ }
2937                 }
2938             },
2939             { /* end of list */ }
2940         }
2941     },
2942     {
2943         .name = "Cascadelake-Server",
2944         .level = 0xd,
2945         .vendor = CPUID_VENDOR_INTEL,
2946         .family = 6,
2947         .model = 85,
2948         .stepping = 6,
2949         .features[FEAT_1_EDX] =
2950             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2951             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2952             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2953             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2954             CPUID_DE | CPUID_FP87,
2955         .features[FEAT_1_ECX] =
2956             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
2957             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
2958             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
2959             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
2960             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
2961             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
2962         .features[FEAT_8000_0001_EDX] =
2963             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
2964             CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
2965         .features[FEAT_8000_0001_ECX] =
2966             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
2967         .features[FEAT_7_0_EBX] =
2968             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
2969             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
2970             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
2971             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
2972             CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLWB |
2973             CPUID_7_0_EBX_AVX512F | CPUID_7_0_EBX_AVX512DQ |
2974             CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512CD |
2975             CPUID_7_0_EBX_AVX512VL | CPUID_7_0_EBX_CLFLUSHOPT,
2976         .features[FEAT_7_0_ECX] =
2977             CPUID_7_0_ECX_PKU |
2978             CPUID_7_0_ECX_AVX512VNNI,
2979         .features[FEAT_7_0_EDX] =
2980             CPUID_7_0_EDX_SPEC_CTRL | CPUID_7_0_EDX_SPEC_CTRL_SSBD,
2981         /* XSAVES is added in version 5 */
2982         .features[FEAT_XSAVE] =
2983             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
2984             CPUID_XSAVE_XGETBV1,
2985         .features[FEAT_6_EAX] =
2986             CPUID_6_EAX_ARAT,
2987         /* Missing: Mode-based execute control (XS/XU), processor tracing, TSC scaling */
2988         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2989              MSR_VMX_BASIC_TRUE_CTLS,
2990         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2991              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2992              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2993         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2994              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2995              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2996              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2997              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2998              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2999              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
3000         .features[FEAT_VMX_EXIT_CTLS] =
3001              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3002              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3003              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
3004              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3005              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3006         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
3007              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
3008         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
3009              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
3010              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
3011         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3012              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3013              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3014              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3015              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3016              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3017              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3018              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3019              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3020              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3021              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3022              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3023         .features[FEAT_VMX_SECONDARY_CTLS] =
3024              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3025              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3026              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3027              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3028              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3029              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
3030              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
3031              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3032              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
3033              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
3034         .xlevel = 0x80000008,
3035         .model_id = "Intel Xeon Processor (Cascadelake)",
3036         .versions = (X86CPUVersionDefinition[]) {
3037             { .version = 1 },
3038             { .version = 2,
3039               .note = "ARCH_CAPABILITIES",
3040               .props = (PropValue[]) {
3041                   { "arch-capabilities", "on" },
3042                   { "rdctl-no", "on" },
3043                   { "ibrs-all", "on" },
3044                   { "skip-l1dfl-vmentry", "on" },
3045                   { "mds-no", "on" },
3046                   { /* end of list */ }
3047               },
3048             },
3049             { .version = 3,
3050               .alias = "Cascadelake-Server-noTSX",
3051               .note = "ARCH_CAPABILITIES, no TSX",
3052               .props = (PropValue[]) {
3053                   { "hle", "off" },
3054                   { "rtm", "off" },
3055                   { /* end of list */ }
3056               },
3057             },
3058             { .version = 4,
3059               .note = "ARCH_CAPABILITIES, no TSX",
3060               .props = (PropValue[]) {
3061                   { "vmx-eptp-switching", "on" },
3062                   { /* end of list */ }
3063               },
3064             },
3065             { .version = 5,
3066               .note = "ARCH_CAPABILITIES, EPT switching, XSAVES, no TSX",
3067               .props = (PropValue[]) {
3068                   { "xsaves", "on" },
3069                   { "vmx-xsaves", "on" },
3070                   { /* end of list */ }
3071               },
3072             },
3073             { /* end of list */ }
3074         }
3075     },
3076     {
3077         .name = "Cooperlake",
3078         .level = 0xd,
3079         .vendor = CPUID_VENDOR_INTEL,
3080         .family = 6,
3081         .model = 85,
3082         .stepping = 10,
3083         .features[FEAT_1_EDX] =
3084             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3085             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3086             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3087             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3088             CPUID_DE | CPUID_FP87,
3089         .features[FEAT_1_ECX] =
3090             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
3091             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
3092             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
3093             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
3094             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
3095             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
3096         .features[FEAT_8000_0001_EDX] =
3097             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
3098             CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
3099         .features[FEAT_8000_0001_ECX] =
3100             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
3101         .features[FEAT_7_0_EBX] =
3102             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
3103             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
3104             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
3105             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
3106             CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLWB |
3107             CPUID_7_0_EBX_AVX512F | CPUID_7_0_EBX_AVX512DQ |
3108             CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512CD |
3109             CPUID_7_0_EBX_AVX512VL | CPUID_7_0_EBX_CLFLUSHOPT,
3110         .features[FEAT_7_0_ECX] =
3111             CPUID_7_0_ECX_PKU |
3112             CPUID_7_0_ECX_AVX512VNNI,
3113         .features[FEAT_7_0_EDX] =
3114             CPUID_7_0_EDX_SPEC_CTRL | CPUID_7_0_EDX_STIBP |
3115             CPUID_7_0_EDX_SPEC_CTRL_SSBD | CPUID_7_0_EDX_ARCH_CAPABILITIES,
3116         .features[FEAT_ARCH_CAPABILITIES] =
3117             MSR_ARCH_CAP_RDCL_NO | MSR_ARCH_CAP_IBRS_ALL |
3118             MSR_ARCH_CAP_SKIP_L1DFL_VMENTRY | MSR_ARCH_CAP_MDS_NO |
3119             MSR_ARCH_CAP_PSCHANGE_MC_NO | MSR_ARCH_CAP_TAA_NO,
3120         .features[FEAT_7_1_EAX] =
3121             CPUID_7_1_EAX_AVX_VNNI | CPUID_7_1_EAX_AVX512_BF16,
3122         /* XSAVES is added in version 2 */
3123         .features[FEAT_XSAVE] =
3124             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
3125             CPUID_XSAVE_XGETBV1,
3126         .features[FEAT_6_EAX] =
3127             CPUID_6_EAX_ARAT,
3128         /* Missing: Mode-based execute control (XS/XU), processor tracing, TSC scaling */
3129         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
3130              MSR_VMX_BASIC_TRUE_CTLS,
3131         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
3132              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
3133              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
3134         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
3135              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
3136              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
3137              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3138              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3139              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3140              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
3141         .features[FEAT_VMX_EXIT_CTLS] =
3142              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3143              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3144              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
3145              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3146              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3147         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
3148              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
3149         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
3150              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
3151              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
3152         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3153              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3154              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3155              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3156              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3157              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3158              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3159              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3160              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3161              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3162              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3163              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3164         .features[FEAT_VMX_SECONDARY_CTLS] =
3165              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3166              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3167              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3168              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3169              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3170              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
3171              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
3172              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3173              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
3174              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
3175         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
3176         .xlevel = 0x80000008,
3177         .model_id = "Intel Xeon Processor (Cooperlake)",
3178         .versions = (X86CPUVersionDefinition[]) {
3179             { .version = 1 },
3180             { .version = 2,
3181               .note = "XSAVES",
3182               .props = (PropValue[]) {
3183                   { "xsaves", "on" },
3184                   { "vmx-xsaves", "on" },
3185                   { /* end of list */ }
3186               },
3187             },
3188             { /* end of list */ }
3189         }
3190     },
3191     {
3192         .name = "Icelake-Client",
3193         .level = 0xd,
3194         .vendor = CPUID_VENDOR_INTEL,
3195         .family = 6,
3196         .model = 126,
3197         .stepping = 0,
3198         .features[FEAT_1_EDX] =
3199             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3200             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3201             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3202             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3203             CPUID_DE | CPUID_FP87,
3204         .features[FEAT_1_ECX] =
3205             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
3206             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
3207             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
3208             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
3209             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
3210             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
3211         .features[FEAT_8000_0001_EDX] =
3212             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
3213             CPUID_EXT2_SYSCALL,
3214         .features[FEAT_8000_0001_ECX] =
3215             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
3216         .features[FEAT_8000_0008_EBX] =
3217             CPUID_8000_0008_EBX_WBNOINVD,
3218         .features[FEAT_7_0_EBX] =
3219             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
3220             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
3221             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
3222             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
3223             CPUID_7_0_EBX_SMAP,
3224         .features[FEAT_7_0_ECX] =
3225             CPUID_7_0_ECX_AVX512_VBMI | CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_PKU |
3226             CPUID_7_0_ECX_AVX512_VBMI2 | CPUID_7_0_ECX_GFNI |
3227             CPUID_7_0_ECX_VAES | CPUID_7_0_ECX_VPCLMULQDQ |
3228             CPUID_7_0_ECX_AVX512VNNI | CPUID_7_0_ECX_AVX512BITALG |
3229             CPUID_7_0_ECX_AVX512_VPOPCNTDQ,
3230         .features[FEAT_7_0_EDX] =
3231             CPUID_7_0_EDX_SPEC_CTRL | CPUID_7_0_EDX_SPEC_CTRL_SSBD,
3232         /* XSAVES is added in version 3 */
3233         .features[FEAT_XSAVE] =
3234             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
3235             CPUID_XSAVE_XGETBV1,
3236         .features[FEAT_6_EAX] =
3237             CPUID_6_EAX_ARAT,
3238         /* Missing: Mode-based execute control (XS/XU), processor tracing, TSC scaling */
3239         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
3240              MSR_VMX_BASIC_TRUE_CTLS,
3241         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
3242              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
3243              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
3244         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
3245              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
3246              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
3247              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3248              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3249              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3250              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
3251         .features[FEAT_VMX_EXIT_CTLS] =
3252              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3253              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3254              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
3255              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3256              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3257         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
3258              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
3259         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
3260              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
3261              VMX_PIN_BASED_VMX_PREEMPTION_TIMER,
3262         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3263              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3264              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3265              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3266              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3267              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3268              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3269              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3270              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3271              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3272              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3273              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3274         .features[FEAT_VMX_SECONDARY_CTLS] =
3275              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3276              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3277              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3278              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3279              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3280              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
3281              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
3282         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
3283         .xlevel = 0x80000008,
3284         .model_id = "Intel Core Processor (Icelake)",
3285         .versions = (X86CPUVersionDefinition[]) {
3286             {
3287                 .version = 1,
3288                 .note = "deprecated"
3289             },
3290             {
3291                 .version = 2,
3292                 .note = "no TSX, deprecated",
3293                 .alias = "Icelake-Client-noTSX",
3294                 .props = (PropValue[]) {
3295                     { "hle", "off" },
3296                     { "rtm", "off" },
3297                     { /* end of list */ }
3298                 },
3299             },
3300             {
3301                 .version = 3,
3302                 .note = "no TSX, XSAVES, deprecated",
3303                 .props = (PropValue[]) {
3304                     { "xsaves", "on" },
3305                     { "vmx-xsaves", "on" },
3306                     { /* end of list */ }
3307                 },
3308             },
3309             { /* end of list */ }
3310         },
3311         .deprecation_note = "use Icelake-Server instead"
3312     },
3313     {
3314         .name = "Icelake-Server",
3315         .level = 0xd,
3316         .vendor = CPUID_VENDOR_INTEL,
3317         .family = 6,
3318         .model = 134,
3319         .stepping = 0,
3320         .features[FEAT_1_EDX] =
3321             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3322             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3323             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3324             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3325             CPUID_DE | CPUID_FP87,
3326         .features[FEAT_1_ECX] =
3327             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
3328             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
3329             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
3330             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
3331             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
3332             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
3333         .features[FEAT_8000_0001_EDX] =
3334             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
3335             CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
3336         .features[FEAT_8000_0001_ECX] =
3337             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
3338         .features[FEAT_8000_0008_EBX] =
3339             CPUID_8000_0008_EBX_WBNOINVD,
3340         .features[FEAT_7_0_EBX] =
3341             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
3342             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
3343             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
3344             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
3345             CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLWB |
3346             CPUID_7_0_EBX_AVX512F | CPUID_7_0_EBX_AVX512DQ |
3347             CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512CD |
3348             CPUID_7_0_EBX_AVX512VL | CPUID_7_0_EBX_CLFLUSHOPT,
3349         .features[FEAT_7_0_ECX] =
3350             CPUID_7_0_ECX_AVX512_VBMI | CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_PKU |
3351             CPUID_7_0_ECX_AVX512_VBMI2 | CPUID_7_0_ECX_GFNI |
3352             CPUID_7_0_ECX_VAES | CPUID_7_0_ECX_VPCLMULQDQ |
3353             CPUID_7_0_ECX_AVX512VNNI | CPUID_7_0_ECX_AVX512BITALG |
3354             CPUID_7_0_ECX_AVX512_VPOPCNTDQ | CPUID_7_0_ECX_LA57,
3355         .features[FEAT_7_0_EDX] =
3356             CPUID_7_0_EDX_SPEC_CTRL | CPUID_7_0_EDX_SPEC_CTRL_SSBD,
3357         /* XSAVES is added in version 5 */
3358         .features[FEAT_XSAVE] =
3359             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
3360             CPUID_XSAVE_XGETBV1,
3361         .features[FEAT_6_EAX] =
3362             CPUID_6_EAX_ARAT,
3363         /* Missing: Mode-based execute control (XS/XU), processor tracing, TSC scaling */
3364         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
3365              MSR_VMX_BASIC_TRUE_CTLS,
3366         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
3367              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
3368              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
3369         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
3370              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
3371              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
3372              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3373              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3374              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3375              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
3376         .features[FEAT_VMX_EXIT_CTLS] =
3377              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3378              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3379              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
3380              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3381              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3382         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
3383              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
3384         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
3385              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
3386              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
3387         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3388              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3389              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3390              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3391              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3392              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3393              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3394              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3395              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3396              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3397              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3398              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3399         .features[FEAT_VMX_SECONDARY_CTLS] =
3400              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3401              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3402              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3403              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3404              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3405              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
3406              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
3407              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3408              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS,
3409         .xlevel = 0x80000008,
3410         .model_id = "Intel Xeon Processor (Icelake)",
3411         .versions = (X86CPUVersionDefinition[]) {
3412             { .version = 1 },
3413             {
3414                 .version = 2,
3415                 .note = "no TSX",
3416                 .alias = "Icelake-Server-noTSX",
3417                 .props = (PropValue[]) {
3418                     { "hle", "off" },
3419                     { "rtm", "off" },
3420                     { /* end of list */ }
3421                 },
3422             },
3423             {
3424                 .version = 3,
3425                 .props = (PropValue[]) {
3426                     { "arch-capabilities", "on" },
3427                     { "rdctl-no", "on" },
3428                     { "ibrs-all", "on" },
3429                     { "skip-l1dfl-vmentry", "on" },
3430                     { "mds-no", "on" },
3431                     { "pschange-mc-no", "on" },
3432                     { "taa-no", "on" },
3433                     { /* end of list */ }
3434                 },
3435             },
3436             {
3437                 .version = 4,
3438                 .props = (PropValue[]) {
3439                     { "sha-ni", "on" },
3440                     { "avx512ifma", "on" },
3441                     { "rdpid", "on" },
3442                     { "fsrm", "on" },
3443                     { "vmx-rdseed-exit", "on" },
3444                     { "vmx-pml", "on" },
3445                     { "vmx-eptp-switching", "on" },
3446                     { "model", "106" },
3447                     { /* end of list */ }
3448                 },
3449             },
3450             {
3451                 .version = 5,
3452                 .note = "XSAVES",
3453                 .props = (PropValue[]) {
3454                     { "xsaves", "on" },
3455                     { "vmx-xsaves", "on" },
3456                     { /* end of list */ }
3457                 },
3458             },
3459             { /* end of list */ }
3460         }
3461     },
3462     {
3463         .name = "Denverton",
3464         .level = 21,
3465         .vendor = CPUID_VENDOR_INTEL,
3466         .family = 6,
3467         .model = 95,
3468         .stepping = 1,
3469         .features[FEAT_1_EDX] =
3470             CPUID_FP87 | CPUID_VME | CPUID_DE | CPUID_PSE | CPUID_TSC |
3471             CPUID_MSR | CPUID_PAE | CPUID_MCE | CPUID_CX8 | CPUID_APIC |
3472             CPUID_SEP | CPUID_MTRR | CPUID_PGE | CPUID_MCA | CPUID_CMOV |
3473             CPUID_PAT | CPUID_PSE36 | CPUID_CLFLUSH | CPUID_MMX | CPUID_FXSR |
3474             CPUID_SSE | CPUID_SSE2,
3475         .features[FEAT_1_ECX] =
3476             CPUID_EXT_SSE3 | CPUID_EXT_PCLMULQDQ | CPUID_EXT_MONITOR |
3477             CPUID_EXT_SSSE3 | CPUID_EXT_CX16 | CPUID_EXT_SSE41 |
3478             CPUID_EXT_SSE42 | CPUID_EXT_X2APIC | CPUID_EXT_MOVBE |
3479             CPUID_EXT_POPCNT | CPUID_EXT_TSC_DEADLINE_TIMER |
3480             CPUID_EXT_AES | CPUID_EXT_XSAVE | CPUID_EXT_RDRAND,
3481         .features[FEAT_8000_0001_EDX] =
3482             CPUID_EXT2_SYSCALL | CPUID_EXT2_NX | CPUID_EXT2_PDPE1GB |
3483             CPUID_EXT2_RDTSCP | CPUID_EXT2_LM,
3484         .features[FEAT_8000_0001_ECX] =
3485             CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
3486         .features[FEAT_7_0_EBX] =
3487             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_ERMS |
3488             CPUID_7_0_EBX_MPX | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_SMAP |
3489             CPUID_7_0_EBX_CLFLUSHOPT | CPUID_7_0_EBX_SHA_NI,
3490         .features[FEAT_7_0_EDX] =
3491             CPUID_7_0_EDX_SPEC_CTRL | CPUID_7_0_EDX_ARCH_CAPABILITIES |
3492             CPUID_7_0_EDX_SPEC_CTRL_SSBD,
3493         /* XSAVES is added in version 3 */
3494         .features[FEAT_XSAVE] =
3495             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC | CPUID_XSAVE_XGETBV1,
3496         .features[FEAT_6_EAX] =
3497             CPUID_6_EAX_ARAT,
3498         .features[FEAT_ARCH_CAPABILITIES] =
3499             MSR_ARCH_CAP_RDCL_NO | MSR_ARCH_CAP_SKIP_L1DFL_VMENTRY,
3500         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
3501              MSR_VMX_BASIC_TRUE_CTLS,
3502         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
3503              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
3504              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
3505         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
3506              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
3507              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
3508              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3509              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3510              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3511              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
3512         .features[FEAT_VMX_EXIT_CTLS] =
3513              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3514              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3515              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
3516              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3517              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3518         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
3519              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
3520         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
3521              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
3522              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
3523         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3524              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3525              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3526              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3527              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3528              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3529              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3530              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3531              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3532              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3533              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3534              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3535         .features[FEAT_VMX_SECONDARY_CTLS] =
3536              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3537              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3538              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3539              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3540              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3541              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
3542              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
3543              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3544              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
3545              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
3546         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
3547         .xlevel = 0x80000008,
3548         .model_id = "Intel Atom Processor (Denverton)",
3549         .versions = (X86CPUVersionDefinition[]) {
3550             { .version = 1 },
3551             {
3552                 .version = 2,
3553                 .note = "no MPX, no MONITOR",
3554                 .props = (PropValue[]) {
3555                     { "monitor", "off" },
3556                     { "mpx", "off" },
3557                     { /* end of list */ },
3558                 },
3559             },
3560             {
3561                 .version = 3,
3562                 .note = "XSAVES, no MPX, no MONITOR",
3563                 .props = (PropValue[]) {
3564                     { "xsaves", "on" },
3565                     { "vmx-xsaves", "on" },
3566                     { /* end of list */ },
3567                 },
3568             },
3569             { /* end of list */ },
3570         },
3571     },
3572     {
3573         .name = "Snowridge",
3574         .level = 27,
3575         .vendor = CPUID_VENDOR_INTEL,
3576         .family = 6,
3577         .model = 134,
3578         .stepping = 1,
3579         .features[FEAT_1_EDX] =
3580             /* missing: CPUID_PN CPUID_IA64 */
3581             /* missing: CPUID_DTS, CPUID_HT, CPUID_TM, CPUID_PBE */
3582             CPUID_FP87 | CPUID_VME | CPUID_DE | CPUID_PSE |
3583             CPUID_TSC | CPUID_MSR | CPUID_PAE | CPUID_MCE |
3584             CPUID_CX8 | CPUID_APIC | CPUID_SEP |
3585             CPUID_MTRR | CPUID_PGE | CPUID_MCA | CPUID_CMOV |
3586             CPUID_PAT | CPUID_PSE36 | CPUID_CLFLUSH |
3587             CPUID_MMX |
3588             CPUID_FXSR | CPUID_SSE | CPUID_SSE2,
3589         .features[FEAT_1_ECX] =
3590             CPUID_EXT_SSE3 | CPUID_EXT_PCLMULQDQ | CPUID_EXT_MONITOR |
3591             CPUID_EXT_SSSE3 |
3592             CPUID_EXT_CX16 |
3593             CPUID_EXT_SSE41 |
3594             CPUID_EXT_SSE42 | CPUID_EXT_X2APIC | CPUID_EXT_MOVBE |
3595             CPUID_EXT_POPCNT |
3596             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_AES | CPUID_EXT_XSAVE |
3597             CPUID_EXT_RDRAND,
3598         .features[FEAT_8000_0001_EDX] =
3599             CPUID_EXT2_SYSCALL |
3600             CPUID_EXT2_NX |
3601             CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
3602             CPUID_EXT2_LM,
3603         .features[FEAT_8000_0001_ECX] =
3604             CPUID_EXT3_LAHF_LM |
3605             CPUID_EXT3_3DNOWPREFETCH,
3606         .features[FEAT_7_0_EBX] =
3607             CPUID_7_0_EBX_FSGSBASE |
3608             CPUID_7_0_EBX_SMEP |
3609             CPUID_7_0_EBX_ERMS |
3610             CPUID_7_0_EBX_MPX |  /* missing bits 13, 15 */
3611             CPUID_7_0_EBX_RDSEED |
3612             CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLFLUSHOPT |
3613             CPUID_7_0_EBX_CLWB |
3614             CPUID_7_0_EBX_SHA_NI,
3615         .features[FEAT_7_0_ECX] =
3616             CPUID_7_0_ECX_UMIP |
3617             /* missing bit 5 */
3618             CPUID_7_0_ECX_GFNI |
3619             CPUID_7_0_ECX_MOVDIRI | CPUID_7_0_ECX_CLDEMOTE |
3620             CPUID_7_0_ECX_MOVDIR64B,
3621         .features[FEAT_7_0_EDX] =
3622             CPUID_7_0_EDX_SPEC_CTRL |
3623             CPUID_7_0_EDX_ARCH_CAPABILITIES | CPUID_7_0_EDX_SPEC_CTRL_SSBD |
3624             CPUID_7_0_EDX_CORE_CAPABILITY,
3625         .features[FEAT_CORE_CAPABILITY] =
3626             MSR_CORE_CAP_SPLIT_LOCK_DETECT,
3627         /* XSAVES is is added in version 3 */
3628         .features[FEAT_XSAVE] =
3629             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
3630             CPUID_XSAVE_XGETBV1,
3631         .features[FEAT_6_EAX] =
3632             CPUID_6_EAX_ARAT,
3633         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
3634              MSR_VMX_BASIC_TRUE_CTLS,
3635         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
3636              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
3637              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
3638         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
3639              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
3640              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
3641              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3642              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3643              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3644              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
3645         .features[FEAT_VMX_EXIT_CTLS] =
3646              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3647              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3648              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
3649              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3650              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3651         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
3652              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
3653         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
3654              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
3655              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
3656         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3657              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3658              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3659              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3660              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3661              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3662              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3663              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3664              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3665              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3666              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3667              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3668         .features[FEAT_VMX_SECONDARY_CTLS] =
3669              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3670              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3671              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3672              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3673              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3674              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
3675              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
3676              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3677              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
3678              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
3679         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
3680         .xlevel = 0x80000008,
3681         .model_id = "Intel Atom Processor (SnowRidge)",
3682         .versions = (X86CPUVersionDefinition[]) {
3683             { .version = 1 },
3684             {
3685                 .version = 2,
3686                 .props = (PropValue[]) {
3687                     { "mpx", "off" },
3688                     { "model-id", "Intel Atom Processor (Snowridge, no MPX)" },
3689                     { /* end of list */ },
3690                 },
3691             },
3692             {
3693                 .version = 3,
3694                 .note = "XSAVES, no MPX",
3695                 .props = (PropValue[]) {
3696                     { "xsaves", "on" },
3697                     { "vmx-xsaves", "on" },
3698                     { /* end of list */ },
3699                 },
3700             },
3701             { /* end of list */ },
3702         },
3703     },
3704     {
3705         .name = "KnightsMill",
3706         .level = 0xd,
3707         .vendor = CPUID_VENDOR_INTEL,
3708         .family = 6,
3709         .model = 133,
3710         .stepping = 0,
3711         .features[FEAT_1_EDX] =
3712             CPUID_VME | CPUID_SS | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR |
3713             CPUID_MMX | CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV |
3714             CPUID_MCA | CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC |
3715             CPUID_CX8 | CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC |
3716             CPUID_PSE | CPUID_DE | CPUID_FP87,
3717         .features[FEAT_1_ECX] =
3718             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
3719             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
3720             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
3721             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
3722             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
3723             CPUID_EXT_F16C | CPUID_EXT_RDRAND,
3724         .features[FEAT_8000_0001_EDX] =
3725             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
3726             CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
3727         .features[FEAT_8000_0001_ECX] =
3728             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
3729         .features[FEAT_7_0_EBX] =
3730             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_AVX2 |
3731             CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS |
3732             CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_AVX512F |
3733             CPUID_7_0_EBX_AVX512CD | CPUID_7_0_EBX_AVX512PF |
3734             CPUID_7_0_EBX_AVX512ER,
3735         .features[FEAT_7_0_ECX] =
3736             CPUID_7_0_ECX_AVX512_VPOPCNTDQ,
3737         .features[FEAT_7_0_EDX] =
3738             CPUID_7_0_EDX_AVX512_4VNNIW | CPUID_7_0_EDX_AVX512_4FMAPS,
3739         .features[FEAT_XSAVE] =
3740             CPUID_XSAVE_XSAVEOPT,
3741         .features[FEAT_6_EAX] =
3742             CPUID_6_EAX_ARAT,
3743         .xlevel = 0x80000008,
3744         .model_id = "Intel Xeon Phi Processor (Knights Mill)",
3745     },
3746     {
3747         .name = "Opteron_G1",
3748         .level = 5,
3749         .vendor = CPUID_VENDOR_AMD,
3750         .family = 15,
3751         .model = 6,
3752         .stepping = 1,
3753         .features[FEAT_1_EDX] =
3754             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3755             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3756             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3757             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3758             CPUID_DE | CPUID_FP87,
3759         .features[FEAT_1_ECX] =
3760             CPUID_EXT_SSE3,
3761         .features[FEAT_8000_0001_EDX] =
3762             CPUID_EXT2_LM | CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
3763         .xlevel = 0x80000008,
3764         .model_id = "AMD Opteron 240 (Gen 1 Class Opteron)",
3765     },
3766     {
3767         .name = "Opteron_G2",
3768         .level = 5,
3769         .vendor = CPUID_VENDOR_AMD,
3770         .family = 15,
3771         .model = 6,
3772         .stepping = 1,
3773         .features[FEAT_1_EDX] =
3774             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3775             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3776             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3777             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3778             CPUID_DE | CPUID_FP87,
3779         .features[FEAT_1_ECX] =
3780             CPUID_EXT_CX16 | CPUID_EXT_SSE3,
3781         .features[FEAT_8000_0001_EDX] =
3782             CPUID_EXT2_LM | CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
3783         .features[FEAT_8000_0001_ECX] =
3784             CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM,
3785         .xlevel = 0x80000008,
3786         .model_id = "AMD Opteron 22xx (Gen 2 Class Opteron)",
3787     },
3788     {
3789         .name = "Opteron_G3",
3790         .level = 5,
3791         .vendor = CPUID_VENDOR_AMD,
3792         .family = 16,
3793         .model = 2,
3794         .stepping = 3,
3795         .features[FEAT_1_EDX] =
3796             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3797             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3798             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3799             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3800             CPUID_DE | CPUID_FP87,
3801         .features[FEAT_1_ECX] =
3802             CPUID_EXT_POPCNT | CPUID_EXT_CX16 | CPUID_EXT_MONITOR |
3803             CPUID_EXT_SSE3,
3804         .features[FEAT_8000_0001_EDX] =
3805             CPUID_EXT2_LM | CPUID_EXT2_NX | CPUID_EXT2_SYSCALL |
3806             CPUID_EXT2_RDTSCP,
3807         .features[FEAT_8000_0001_ECX] =
3808             CPUID_EXT3_MISALIGNSSE | CPUID_EXT3_SSE4A |
3809             CPUID_EXT3_ABM | CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM,
3810         .xlevel = 0x80000008,
3811         .model_id = "AMD Opteron 23xx (Gen 3 Class Opteron)",
3812     },
3813     {
3814         .name = "Opteron_G4",
3815         .level = 0xd,
3816         .vendor = CPUID_VENDOR_AMD,
3817         .family = 21,
3818         .model = 1,
3819         .stepping = 2,
3820         .features[FEAT_1_EDX] =
3821             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3822             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3823             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3824             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3825             CPUID_DE | CPUID_FP87,
3826         .features[FEAT_1_ECX] =
3827             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
3828             CPUID_EXT_POPCNT | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
3829             CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | CPUID_EXT_PCLMULQDQ |
3830             CPUID_EXT_SSE3,
3831         .features[FEAT_8000_0001_EDX] =
3832             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_NX |
3833             CPUID_EXT2_SYSCALL | CPUID_EXT2_RDTSCP,
3834         .features[FEAT_8000_0001_ECX] =
3835             CPUID_EXT3_FMA4 | CPUID_EXT3_XOP |
3836             CPUID_EXT3_3DNOWPREFETCH | CPUID_EXT3_MISALIGNSSE |
3837             CPUID_EXT3_SSE4A | CPUID_EXT3_ABM | CPUID_EXT3_SVM |
3838             CPUID_EXT3_LAHF_LM,
3839         .features[FEAT_SVM] =
3840             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE,
3841         /* no xsaveopt! */
3842         .xlevel = 0x8000001A,
3843         .model_id = "AMD Opteron 62xx class CPU",
3844     },
3845     {
3846         .name = "Opteron_G5",
3847         .level = 0xd,
3848         .vendor = CPUID_VENDOR_AMD,
3849         .family = 21,
3850         .model = 2,
3851         .stepping = 0,
3852         .features[FEAT_1_EDX] =
3853             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3854             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3855             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3856             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3857             CPUID_DE | CPUID_FP87,
3858         .features[FEAT_1_ECX] =
3859             CPUID_EXT_F16C | CPUID_EXT_AVX | CPUID_EXT_XSAVE |
3860             CPUID_EXT_AES | CPUID_EXT_POPCNT | CPUID_EXT_SSE42 |
3861             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_FMA |
3862             CPUID_EXT_SSSE3 | CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3,
3863         .features[FEAT_8000_0001_EDX] =
3864             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_NX |
3865             CPUID_EXT2_SYSCALL | CPUID_EXT2_RDTSCP,
3866         .features[FEAT_8000_0001_ECX] =
3867             CPUID_EXT3_TBM | CPUID_EXT3_FMA4 | CPUID_EXT3_XOP |
3868             CPUID_EXT3_3DNOWPREFETCH | CPUID_EXT3_MISALIGNSSE |
3869             CPUID_EXT3_SSE4A | CPUID_EXT3_ABM | CPUID_EXT3_SVM |
3870             CPUID_EXT3_LAHF_LM,
3871         .features[FEAT_SVM] =
3872             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE,
3873         /* no xsaveopt! */
3874         .xlevel = 0x8000001A,
3875         .model_id = "AMD Opteron 63xx class CPU",
3876     },
3877     {
3878         .name = "EPYC",
3879         .level = 0xd,
3880         .vendor = CPUID_VENDOR_AMD,
3881         .family = 23,
3882         .model = 1,
3883         .stepping = 2,
3884         .features[FEAT_1_EDX] =
3885             CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | CPUID_CLFLUSH |
3886             CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | CPUID_PGE |
3887             CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | CPUID_MCE |
3888             CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | CPUID_DE |
3889             CPUID_VME | CPUID_FP87,
3890         .features[FEAT_1_ECX] =
3891             CPUID_EXT_RDRAND | CPUID_EXT_F16C | CPUID_EXT_AVX |
3892             CPUID_EXT_XSAVE | CPUID_EXT_AES |  CPUID_EXT_POPCNT |
3893             CPUID_EXT_MOVBE | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
3894             CPUID_EXT_CX16 | CPUID_EXT_FMA | CPUID_EXT_SSSE3 |
3895             CPUID_EXT_MONITOR | CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3,
3896         .features[FEAT_8000_0001_EDX] =
3897             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_PDPE1GB |
3898             CPUID_EXT2_FFXSR | CPUID_EXT2_MMXEXT | CPUID_EXT2_NX |
3899             CPUID_EXT2_SYSCALL,
3900         .features[FEAT_8000_0001_ECX] =
3901             CPUID_EXT3_OSVW | CPUID_EXT3_3DNOWPREFETCH |
3902             CPUID_EXT3_MISALIGNSSE | CPUID_EXT3_SSE4A | CPUID_EXT3_ABM |
3903             CPUID_EXT3_CR8LEG | CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM |
3904             CPUID_EXT3_TOPOEXT,
3905         .features[FEAT_7_0_EBX] =
3906             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_AVX2 |
3907             CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_RDSEED |
3908             CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLFLUSHOPT |
3909             CPUID_7_0_EBX_SHA_NI,
3910         .features[FEAT_XSAVE] =
3911             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
3912             CPUID_XSAVE_XGETBV1,
3913         .features[FEAT_6_EAX] =
3914             CPUID_6_EAX_ARAT,
3915         .features[FEAT_SVM] =
3916             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE,
3917         .xlevel = 0x8000001E,
3918         .model_id = "AMD EPYC Processor",
3919         .cache_info = &epyc_cache_info,
3920         .versions = (X86CPUVersionDefinition[]) {
3921             { .version = 1 },
3922             {
3923                 .version = 2,
3924                 .alias = "EPYC-IBPB",
3925                 .props = (PropValue[]) {
3926                     { "ibpb", "on" },
3927                     { "model-id",
3928                       "AMD EPYC Processor (with IBPB)" },
3929                     { /* end of list */ }
3930                 }
3931             },
3932             {
3933                 .version = 3,
3934                 .props = (PropValue[]) {
3935                     { "ibpb", "on" },
3936                     { "perfctr-core", "on" },
3937                     { "clzero", "on" },
3938                     { "xsaveerptr", "on" },
3939                     { "xsaves", "on" },
3940                     { "model-id",
3941                       "AMD EPYC Processor" },
3942                     { /* end of list */ }
3943                 }
3944             },
3945             { /* end of list */ }
3946         }
3947     },
3948     {
3949         .name = "Dhyana",
3950         .level = 0xd,
3951         .vendor = CPUID_VENDOR_HYGON,
3952         .family = 24,
3953         .model = 0,
3954         .stepping = 1,
3955         .features[FEAT_1_EDX] =
3956             CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | CPUID_CLFLUSH |
3957             CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | CPUID_PGE |
3958             CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | CPUID_MCE |
3959             CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | CPUID_DE |
3960             CPUID_VME | CPUID_FP87,
3961         .features[FEAT_1_ECX] =
3962             CPUID_EXT_RDRAND | CPUID_EXT_F16C | CPUID_EXT_AVX |
3963             CPUID_EXT_XSAVE | CPUID_EXT_POPCNT |
3964             CPUID_EXT_MOVBE | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
3965             CPUID_EXT_CX16 | CPUID_EXT_FMA | CPUID_EXT_SSSE3 |
3966             CPUID_EXT_MONITOR | CPUID_EXT_SSE3,
3967         .features[FEAT_8000_0001_EDX] =
3968             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_PDPE1GB |
3969             CPUID_EXT2_FFXSR | CPUID_EXT2_MMXEXT | CPUID_EXT2_NX |
3970             CPUID_EXT2_SYSCALL,
3971         .features[FEAT_8000_0001_ECX] =
3972             CPUID_EXT3_OSVW | CPUID_EXT3_3DNOWPREFETCH |
3973             CPUID_EXT3_MISALIGNSSE | CPUID_EXT3_SSE4A | CPUID_EXT3_ABM |
3974             CPUID_EXT3_CR8LEG | CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM |
3975             CPUID_EXT3_TOPOEXT,
3976         .features[FEAT_8000_0008_EBX] =
3977             CPUID_8000_0008_EBX_IBPB,
3978         .features[FEAT_7_0_EBX] =
3979             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_AVX2 |
3980             CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_RDSEED |
3981             CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLFLUSHOPT,
3982         /* XSAVES is added in version 2 */
3983         .features[FEAT_XSAVE] =
3984             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
3985             CPUID_XSAVE_XGETBV1,
3986         .features[FEAT_6_EAX] =
3987             CPUID_6_EAX_ARAT,
3988         .features[FEAT_SVM] =
3989             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE,
3990         .xlevel = 0x8000001E,
3991         .model_id = "Hygon Dhyana Processor",
3992         .cache_info = &epyc_cache_info,
3993         .versions = (X86CPUVersionDefinition[]) {
3994             { .version = 1 },
3995             { .version = 2,
3996               .note = "XSAVES",
3997               .props = (PropValue[]) {
3998                   { "xsaves", "on" },
3999                   { /* end of list */ }
4000               },
4001             },
4002             { /* end of list */ }
4003         }
4004     },
4005     {
4006         .name = "EPYC-Rome",
4007         .level = 0xd,
4008         .vendor = CPUID_VENDOR_AMD,
4009         .family = 23,
4010         .model = 49,
4011         .stepping = 0,
4012         .features[FEAT_1_EDX] =
4013             CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | CPUID_CLFLUSH |
4014             CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | CPUID_PGE |
4015             CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | CPUID_MCE |
4016             CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | CPUID_DE |
4017             CPUID_VME | CPUID_FP87,
4018         .features[FEAT_1_ECX] =
4019             CPUID_EXT_RDRAND | CPUID_EXT_F16C | CPUID_EXT_AVX |
4020             CPUID_EXT_XSAVE | CPUID_EXT_AES |  CPUID_EXT_POPCNT |
4021             CPUID_EXT_MOVBE | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
4022             CPUID_EXT_CX16 | CPUID_EXT_FMA | CPUID_EXT_SSSE3 |
4023             CPUID_EXT_MONITOR | CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3,
4024         .features[FEAT_8000_0001_EDX] =
4025             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_PDPE1GB |
4026             CPUID_EXT2_FFXSR | CPUID_EXT2_MMXEXT | CPUID_EXT2_NX |
4027             CPUID_EXT2_SYSCALL,
4028         .features[FEAT_8000_0001_ECX] =
4029             CPUID_EXT3_OSVW | CPUID_EXT3_3DNOWPREFETCH |
4030             CPUID_EXT3_MISALIGNSSE | CPUID_EXT3_SSE4A | CPUID_EXT3_ABM |
4031             CPUID_EXT3_CR8LEG | CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM |
4032             CPUID_EXT3_TOPOEXT | CPUID_EXT3_PERFCORE,
4033         .features[FEAT_8000_0008_EBX] =
4034             CPUID_8000_0008_EBX_CLZERO | CPUID_8000_0008_EBX_XSAVEERPTR |
4035             CPUID_8000_0008_EBX_WBNOINVD | CPUID_8000_0008_EBX_IBPB |
4036             CPUID_8000_0008_EBX_STIBP,
4037         .features[FEAT_7_0_EBX] =
4038             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_AVX2 |
4039             CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_RDSEED |
4040             CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLFLUSHOPT |
4041             CPUID_7_0_EBX_SHA_NI | CPUID_7_0_EBX_CLWB,
4042         .features[FEAT_7_0_ECX] =
4043             CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_RDPID,
4044         .features[FEAT_XSAVE] =
4045             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
4046             CPUID_XSAVE_XGETBV1 | CPUID_XSAVE_XSAVES,
4047         .features[FEAT_6_EAX] =
4048             CPUID_6_EAX_ARAT,
4049         .features[FEAT_SVM] =
4050             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE,
4051         .xlevel = 0x8000001E,
4052         .model_id = "AMD EPYC-Rome Processor",
4053         .cache_info = &epyc_rome_cache_info,
4054         .versions = (X86CPUVersionDefinition[]) {
4055             { .version = 1 },
4056             {
4057                 .version = 2,
4058                 .props = (PropValue[]) {
4059                     { "ibrs", "on" },
4060                     { "amd-ssbd", "on" },
4061                     { /* end of list */ }
4062                 }
4063             },
4064             { /* end of list */ }
4065         }
4066     },
4067     {
4068         .name = "EPYC-Milan",
4069         .level = 0xd,
4070         .vendor = CPUID_VENDOR_AMD,
4071         .family = 25,
4072         .model = 1,
4073         .stepping = 1,
4074         .features[FEAT_1_EDX] =
4075             CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | CPUID_CLFLUSH |
4076             CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | CPUID_PGE |
4077             CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | CPUID_MCE |
4078             CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | CPUID_DE |
4079             CPUID_VME | CPUID_FP87,
4080         .features[FEAT_1_ECX] =
4081             CPUID_EXT_RDRAND | CPUID_EXT_F16C | CPUID_EXT_AVX |
4082             CPUID_EXT_XSAVE | CPUID_EXT_AES |  CPUID_EXT_POPCNT |
4083             CPUID_EXT_MOVBE | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
4084             CPUID_EXT_CX16 | CPUID_EXT_FMA | CPUID_EXT_SSSE3 |
4085             CPUID_EXT_MONITOR | CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
4086             CPUID_EXT_PCID,
4087         .features[FEAT_8000_0001_EDX] =
4088             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_PDPE1GB |
4089             CPUID_EXT2_FFXSR | CPUID_EXT2_MMXEXT | CPUID_EXT2_NX |
4090             CPUID_EXT2_SYSCALL,
4091         .features[FEAT_8000_0001_ECX] =
4092             CPUID_EXT3_OSVW | CPUID_EXT3_3DNOWPREFETCH |
4093             CPUID_EXT3_MISALIGNSSE | CPUID_EXT3_SSE4A | CPUID_EXT3_ABM |
4094             CPUID_EXT3_CR8LEG | CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM |
4095             CPUID_EXT3_TOPOEXT | CPUID_EXT3_PERFCORE,
4096         .features[FEAT_8000_0008_EBX] =
4097             CPUID_8000_0008_EBX_CLZERO | CPUID_8000_0008_EBX_XSAVEERPTR |
4098             CPUID_8000_0008_EBX_WBNOINVD | CPUID_8000_0008_EBX_IBPB |
4099             CPUID_8000_0008_EBX_IBRS | CPUID_8000_0008_EBX_STIBP |
4100             CPUID_8000_0008_EBX_AMD_SSBD,
4101         .features[FEAT_7_0_EBX] =
4102             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_AVX2 |
4103             CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_RDSEED |
4104             CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLFLUSHOPT |
4105             CPUID_7_0_EBX_SHA_NI | CPUID_7_0_EBX_CLWB | CPUID_7_0_EBX_ERMS |
4106             CPUID_7_0_EBX_INVPCID,
4107         .features[FEAT_7_0_ECX] =
4108             CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_RDPID | CPUID_7_0_ECX_PKU,
4109         .features[FEAT_7_0_EDX] =
4110             CPUID_7_0_EDX_FSRM,
4111         .features[FEAT_XSAVE] =
4112             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
4113             CPUID_XSAVE_XGETBV1 | CPUID_XSAVE_XSAVES,
4114         .features[FEAT_6_EAX] =
4115             CPUID_6_EAX_ARAT,
4116         .features[FEAT_SVM] =
4117             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE | CPUID_SVM_SVME_ADDR_CHK,
4118         .xlevel = 0x8000001E,
4119         .model_id = "AMD EPYC-Milan Processor",
4120         .cache_info = &epyc_milan_cache_info,
4121     },
4122 };
4123 
4124 /*
4125  * We resolve CPU model aliases using -v1 when using "-machine
4126  * none", but this is just for compatibility while libvirt isn't
4127  * adapted to resolve CPU model versions before creating VMs.
4128  * See "Runnability guarantee of CPU models" at
4129  * docs/system/deprecated.rst.
4130  */
4131 X86CPUVersion default_cpu_version = 1;
4132 
4133 void x86_cpu_set_default_version(X86CPUVersion version)
4134 {
4135     /* Translating CPU_VERSION_AUTO to CPU_VERSION_AUTO doesn't make sense */
4136     assert(version != CPU_VERSION_AUTO);
4137     default_cpu_version = version;
4138 }
4139 
4140 static X86CPUVersion x86_cpu_model_last_version(const X86CPUModel *model)
4141 {
4142     int v = 0;
4143     const X86CPUVersionDefinition *vdef =
4144         x86_cpu_def_get_versions(model->cpudef);
4145     while (vdef->version) {
4146         v = vdef->version;
4147         vdef++;
4148     }
4149     return v;
4150 }
4151 
4152 /* Return the actual version being used for a specific CPU model */
4153 static X86CPUVersion x86_cpu_model_resolve_version(const X86CPUModel *model)
4154 {
4155     X86CPUVersion v = model->version;
4156     if (v == CPU_VERSION_AUTO) {
4157         v = default_cpu_version;
4158     }
4159     if (v == CPU_VERSION_LATEST) {
4160         return x86_cpu_model_last_version(model);
4161     }
4162     return v;
4163 }
4164 
4165 static Property max_x86_cpu_properties[] = {
4166     DEFINE_PROP_BOOL("migratable", X86CPU, migratable, true),
4167     DEFINE_PROP_BOOL("host-cache-info", X86CPU, cache_info_passthrough, false),
4168     DEFINE_PROP_END_OF_LIST()
4169 };
4170 
4171 static void max_x86_cpu_class_init(ObjectClass *oc, void *data)
4172 {
4173     DeviceClass *dc = DEVICE_CLASS(oc);
4174     X86CPUClass *xcc = X86_CPU_CLASS(oc);
4175 
4176     xcc->ordering = 9;
4177 
4178     xcc->model_description =
4179         "Enables all features supported by the accelerator in the current host";
4180 
4181     device_class_set_props(dc, max_x86_cpu_properties);
4182 }
4183 
4184 static void max_x86_cpu_initfn(Object *obj)
4185 {
4186     X86CPU *cpu = X86_CPU(obj);
4187 
4188     /* We can't fill the features array here because we don't know yet if
4189      * "migratable" is true or false.
4190      */
4191     cpu->max_features = true;
4192     object_property_set_bool(OBJECT(cpu), "pmu", true, &error_abort);
4193 
4194     /*
4195      * these defaults are used for TCG and all other accelerators
4196      * besides KVM and HVF, which overwrite these values
4197      */
4198     object_property_set_str(OBJECT(cpu), "vendor", CPUID_VENDOR_AMD,
4199                             &error_abort);
4200 #ifdef TARGET_X86_64
4201     object_property_set_int(OBJECT(cpu), "family", 15, &error_abort);
4202     object_property_set_int(OBJECT(cpu), "model", 107, &error_abort);
4203     object_property_set_int(OBJECT(cpu), "stepping", 1, &error_abort);
4204 #else
4205     object_property_set_int(OBJECT(cpu), "family", 6, &error_abort);
4206     object_property_set_int(OBJECT(cpu), "model", 6, &error_abort);
4207     object_property_set_int(OBJECT(cpu), "stepping", 3, &error_abort);
4208 #endif
4209     object_property_set_str(OBJECT(cpu), "model-id",
4210                             "QEMU TCG CPU version " QEMU_HW_VERSION,
4211                             &error_abort);
4212 }
4213 
4214 static const TypeInfo max_x86_cpu_type_info = {
4215     .name = X86_CPU_TYPE_NAME("max"),
4216     .parent = TYPE_X86_CPU,
4217     .instance_init = max_x86_cpu_initfn,
4218     .class_init = max_x86_cpu_class_init,
4219 };
4220 
4221 static char *feature_word_description(FeatureWordInfo *f, uint32_t bit)
4222 {
4223     assert(f->type == CPUID_FEATURE_WORD || f->type == MSR_FEATURE_WORD);
4224 
4225     switch (f->type) {
4226     case CPUID_FEATURE_WORD:
4227         {
4228             const char *reg = get_register_name_32(f->cpuid.reg);
4229             assert(reg);
4230             return g_strdup_printf("CPUID.%02XH:%s",
4231                                    f->cpuid.eax, reg);
4232         }
4233     case MSR_FEATURE_WORD:
4234         return g_strdup_printf("MSR(%02XH)",
4235                                f->msr.index);
4236     }
4237 
4238     return NULL;
4239 }
4240 
4241 static bool x86_cpu_have_filtered_features(X86CPU *cpu)
4242 {
4243     FeatureWord w;
4244 
4245     for (w = 0; w < FEATURE_WORDS; w++) {
4246         if (cpu->filtered_features[w]) {
4247             return true;
4248         }
4249     }
4250 
4251     return false;
4252 }
4253 
4254 static void mark_unavailable_features(X86CPU *cpu, FeatureWord w, uint64_t mask,
4255                                       const char *verbose_prefix)
4256 {
4257     CPUX86State *env = &cpu->env;
4258     FeatureWordInfo *f = &feature_word_info[w];
4259     int i;
4260 
4261     if (!cpu->force_features) {
4262         env->features[w] &= ~mask;
4263     }
4264     cpu->filtered_features[w] |= mask;
4265 
4266     if (!verbose_prefix) {
4267         return;
4268     }
4269 
4270     for (i = 0; i < 64; ++i) {
4271         if ((1ULL << i) & mask) {
4272             g_autofree char *feat_word_str = feature_word_description(f, i);
4273             warn_report("%s: %s%s%s [bit %d]",
4274                         verbose_prefix,
4275                         feat_word_str,
4276                         f->feat_names[i] ? "." : "",
4277                         f->feat_names[i] ? f->feat_names[i] : "", i);
4278         }
4279     }
4280 }
4281 
4282 static void x86_cpuid_version_get_family(Object *obj, Visitor *v,
4283                                          const char *name, void *opaque,
4284                                          Error **errp)
4285 {
4286     X86CPU *cpu = X86_CPU(obj);
4287     CPUX86State *env = &cpu->env;
4288     int64_t value;
4289 
4290     value = (env->cpuid_version >> 8) & 0xf;
4291     if (value == 0xf) {
4292         value += (env->cpuid_version >> 20) & 0xff;
4293     }
4294     visit_type_int(v, name, &value, errp);
4295 }
4296 
4297 static void x86_cpuid_version_set_family(Object *obj, Visitor *v,
4298                                          const char *name, void *opaque,
4299                                          Error **errp)
4300 {
4301     X86CPU *cpu = X86_CPU(obj);
4302     CPUX86State *env = &cpu->env;
4303     const int64_t min = 0;
4304     const int64_t max = 0xff + 0xf;
4305     int64_t value;
4306 
4307     if (!visit_type_int(v, name, &value, errp)) {
4308         return;
4309     }
4310     if (value < min || value > max) {
4311         error_setg(errp, QERR_PROPERTY_VALUE_OUT_OF_RANGE, "",
4312                    name ? name : "null", value, min, max);
4313         return;
4314     }
4315 
4316     env->cpuid_version &= ~0xff00f00;
4317     if (value > 0x0f) {
4318         env->cpuid_version |= 0xf00 | ((value - 0x0f) << 20);
4319     } else {
4320         env->cpuid_version |= value << 8;
4321     }
4322 }
4323 
4324 static void x86_cpuid_version_get_model(Object *obj, Visitor *v,
4325                                         const char *name, void *opaque,
4326                                         Error **errp)
4327 {
4328     X86CPU *cpu = X86_CPU(obj);
4329     CPUX86State *env = &cpu->env;
4330     int64_t value;
4331 
4332     value = (env->cpuid_version >> 4) & 0xf;
4333     value |= ((env->cpuid_version >> 16) & 0xf) << 4;
4334     visit_type_int(v, name, &value, errp);
4335 }
4336 
4337 static void x86_cpuid_version_set_model(Object *obj, Visitor *v,
4338                                         const char *name, void *opaque,
4339                                         Error **errp)
4340 {
4341     X86CPU *cpu = X86_CPU(obj);
4342     CPUX86State *env = &cpu->env;
4343     const int64_t min = 0;
4344     const int64_t max = 0xff;
4345     int64_t value;
4346 
4347     if (!visit_type_int(v, name, &value, errp)) {
4348         return;
4349     }
4350     if (value < min || value > max) {
4351         error_setg(errp, QERR_PROPERTY_VALUE_OUT_OF_RANGE, "",
4352                    name ? name : "null", value, min, max);
4353         return;
4354     }
4355 
4356     env->cpuid_version &= ~0xf00f0;
4357     env->cpuid_version |= ((value & 0xf) << 4) | ((value >> 4) << 16);
4358 }
4359 
4360 static void x86_cpuid_version_get_stepping(Object *obj, Visitor *v,
4361                                            const char *name, void *opaque,
4362                                            Error **errp)
4363 {
4364     X86CPU *cpu = X86_CPU(obj);
4365     CPUX86State *env = &cpu->env;
4366     int64_t value;
4367 
4368     value = env->cpuid_version & 0xf;
4369     visit_type_int(v, name, &value, errp);
4370 }
4371 
4372 static void x86_cpuid_version_set_stepping(Object *obj, Visitor *v,
4373                                            const char *name, void *opaque,
4374                                            Error **errp)
4375 {
4376     X86CPU *cpu = X86_CPU(obj);
4377     CPUX86State *env = &cpu->env;
4378     const int64_t min = 0;
4379     const int64_t max = 0xf;
4380     int64_t value;
4381 
4382     if (!visit_type_int(v, name, &value, errp)) {
4383         return;
4384     }
4385     if (value < min || value > max) {
4386         error_setg(errp, QERR_PROPERTY_VALUE_OUT_OF_RANGE, "",
4387                    name ? name : "null", value, min, max);
4388         return;
4389     }
4390 
4391     env->cpuid_version &= ~0xf;
4392     env->cpuid_version |= value & 0xf;
4393 }
4394 
4395 static char *x86_cpuid_get_vendor(Object *obj, Error **errp)
4396 {
4397     X86CPU *cpu = X86_CPU(obj);
4398     CPUX86State *env = &cpu->env;
4399     char *value;
4400 
4401     value = g_malloc(CPUID_VENDOR_SZ + 1);
4402     x86_cpu_vendor_words2str(value, env->cpuid_vendor1, env->cpuid_vendor2,
4403                              env->cpuid_vendor3);
4404     return value;
4405 }
4406 
4407 static void x86_cpuid_set_vendor(Object *obj, const char *value,
4408                                  Error **errp)
4409 {
4410     X86CPU *cpu = X86_CPU(obj);
4411     CPUX86State *env = &cpu->env;
4412     int i;
4413 
4414     if (strlen(value) != CPUID_VENDOR_SZ) {
4415         error_setg(errp, QERR_PROPERTY_VALUE_BAD, "", "vendor", value);
4416         return;
4417     }
4418 
4419     env->cpuid_vendor1 = 0;
4420     env->cpuid_vendor2 = 0;
4421     env->cpuid_vendor3 = 0;
4422     for (i = 0; i < 4; i++) {
4423         env->cpuid_vendor1 |= ((uint8_t)value[i    ]) << (8 * i);
4424         env->cpuid_vendor2 |= ((uint8_t)value[i + 4]) << (8 * i);
4425         env->cpuid_vendor3 |= ((uint8_t)value[i + 8]) << (8 * i);
4426     }
4427 }
4428 
4429 static char *x86_cpuid_get_model_id(Object *obj, Error **errp)
4430 {
4431     X86CPU *cpu = X86_CPU(obj);
4432     CPUX86State *env = &cpu->env;
4433     char *value;
4434     int i;
4435 
4436     value = g_malloc(48 + 1);
4437     for (i = 0; i < 48; i++) {
4438         value[i] = env->cpuid_model[i >> 2] >> (8 * (i & 3));
4439     }
4440     value[48] = '\0';
4441     return value;
4442 }
4443 
4444 static void x86_cpuid_set_model_id(Object *obj, const char *model_id,
4445                                    Error **errp)
4446 {
4447     X86CPU *cpu = X86_CPU(obj);
4448     CPUX86State *env = &cpu->env;
4449     int c, len, i;
4450 
4451     if (model_id == NULL) {
4452         model_id = "";
4453     }
4454     len = strlen(model_id);
4455     memset(env->cpuid_model, 0, 48);
4456     for (i = 0; i < 48; i++) {
4457         if (i >= len) {
4458             c = '\0';
4459         } else {
4460             c = (uint8_t)model_id[i];
4461         }
4462         env->cpuid_model[i >> 2] |= c << (8 * (i & 3));
4463     }
4464 }
4465 
4466 static void x86_cpuid_get_tsc_freq(Object *obj, Visitor *v, const char *name,
4467                                    void *opaque, Error **errp)
4468 {
4469     X86CPU *cpu = X86_CPU(obj);
4470     int64_t value;
4471 
4472     value = cpu->env.tsc_khz * 1000;
4473     visit_type_int(v, name, &value, errp);
4474 }
4475 
4476 static void x86_cpuid_set_tsc_freq(Object *obj, Visitor *v, const char *name,
4477                                    void *opaque, Error **errp)
4478 {
4479     X86CPU *cpu = X86_CPU(obj);
4480     const int64_t min = 0;
4481     const int64_t max = INT64_MAX;
4482     int64_t value;
4483 
4484     if (!visit_type_int(v, name, &value, errp)) {
4485         return;
4486     }
4487     if (value < min || value > max) {
4488         error_setg(errp, QERR_PROPERTY_VALUE_OUT_OF_RANGE, "",
4489                    name ? name : "null", value, min, max);
4490         return;
4491     }
4492 
4493     cpu->env.tsc_khz = cpu->env.user_tsc_khz = value / 1000;
4494 }
4495 
4496 /* Generic getter for "feature-words" and "filtered-features" properties */
4497 static void x86_cpu_get_feature_words(Object *obj, Visitor *v,
4498                                       const char *name, void *opaque,
4499                                       Error **errp)
4500 {
4501     uint64_t *array = (uint64_t *)opaque;
4502     FeatureWord w;
4503     X86CPUFeatureWordInfo word_infos[FEATURE_WORDS] = { };
4504     X86CPUFeatureWordInfoList list_entries[FEATURE_WORDS] = { };
4505     X86CPUFeatureWordInfoList *list = NULL;
4506 
4507     for (w = 0; w < FEATURE_WORDS; w++) {
4508         FeatureWordInfo *wi = &feature_word_info[w];
4509         /*
4510                 * We didn't have MSR features when "feature-words" was
4511                 *  introduced. Therefore skipped other type entries.
4512                 */
4513         if (wi->type != CPUID_FEATURE_WORD) {
4514             continue;
4515         }
4516         X86CPUFeatureWordInfo *qwi = &word_infos[w];
4517         qwi->cpuid_input_eax = wi->cpuid.eax;
4518         qwi->has_cpuid_input_ecx = wi->cpuid.needs_ecx;
4519         qwi->cpuid_input_ecx = wi->cpuid.ecx;
4520         qwi->cpuid_register = x86_reg_info_32[wi->cpuid.reg].qapi_enum;
4521         qwi->features = array[w];
4522 
4523         /* List will be in reverse order, but order shouldn't matter */
4524         list_entries[w].next = list;
4525         list_entries[w].value = &word_infos[w];
4526         list = &list_entries[w];
4527     }
4528 
4529     visit_type_X86CPUFeatureWordInfoList(v, "feature-words", &list, errp);
4530 }
4531 
4532 /* Convert all '_' in a feature string option name to '-', to make feature
4533  * name conform to QOM property naming rule, which uses '-' instead of '_'.
4534  */
4535 static inline void feat2prop(char *s)
4536 {
4537     while ((s = strchr(s, '_'))) {
4538         *s = '-';
4539     }
4540 }
4541 
4542 /* Return the feature property name for a feature flag bit */
4543 static const char *x86_cpu_feature_name(FeatureWord w, int bitnr)
4544 {
4545     const char *name;
4546     /* XSAVE components are automatically enabled by other features,
4547      * so return the original feature name instead
4548      */
4549     if (w == FEAT_XSAVE_COMP_LO || w == FEAT_XSAVE_COMP_HI) {
4550         int comp = (w == FEAT_XSAVE_COMP_HI) ? bitnr + 32 : bitnr;
4551 
4552         if (comp < ARRAY_SIZE(x86_ext_save_areas) &&
4553             x86_ext_save_areas[comp].bits) {
4554             w = x86_ext_save_areas[comp].feature;
4555             bitnr = ctz32(x86_ext_save_areas[comp].bits);
4556         }
4557     }
4558 
4559     assert(bitnr < 64);
4560     assert(w < FEATURE_WORDS);
4561     name = feature_word_info[w].feat_names[bitnr];
4562     assert(bitnr < 32 || !(name && feature_word_info[w].type == CPUID_FEATURE_WORD));
4563     return name;
4564 }
4565 
4566 /* Compatibily hack to maintain legacy +-feat semantic,
4567  * where +-feat overwrites any feature set by
4568  * feat=on|feat even if the later is parsed after +-feat
4569  * (i.e. "-x2apic,x2apic=on" will result in x2apic disabled)
4570  */
4571 static GList *plus_features, *minus_features;
4572 
4573 static gint compare_string(gconstpointer a, gconstpointer b)
4574 {
4575     return g_strcmp0(a, b);
4576 }
4577 
4578 /* Parse "+feature,-feature,feature=foo" CPU feature string
4579  */
4580 static void x86_cpu_parse_featurestr(const char *typename, char *features,
4581                                      Error **errp)
4582 {
4583     char *featurestr; /* Single 'key=value" string being parsed */
4584     static bool cpu_globals_initialized;
4585     bool ambiguous = false;
4586 
4587     if (cpu_globals_initialized) {
4588         return;
4589     }
4590     cpu_globals_initialized = true;
4591 
4592     if (!features) {
4593         return;
4594     }
4595 
4596     for (featurestr = strtok(features, ",");
4597          featurestr;
4598          featurestr = strtok(NULL, ",")) {
4599         const char *name;
4600         const char *val = NULL;
4601         char *eq = NULL;
4602         char num[32];
4603         GlobalProperty *prop;
4604 
4605         /* Compatibility syntax: */
4606         if (featurestr[0] == '+') {
4607             plus_features = g_list_append(plus_features,
4608                                           g_strdup(featurestr + 1));
4609             continue;
4610         } else if (featurestr[0] == '-') {
4611             minus_features = g_list_append(minus_features,
4612                                            g_strdup(featurestr + 1));
4613             continue;
4614         }
4615 
4616         eq = strchr(featurestr, '=');
4617         if (eq) {
4618             *eq++ = 0;
4619             val = eq;
4620         } else {
4621             val = "on";
4622         }
4623 
4624         feat2prop(featurestr);
4625         name = featurestr;
4626 
4627         if (g_list_find_custom(plus_features, name, compare_string)) {
4628             warn_report("Ambiguous CPU model string. "
4629                         "Don't mix both \"+%s\" and \"%s=%s\"",
4630                         name, name, val);
4631             ambiguous = true;
4632         }
4633         if (g_list_find_custom(minus_features, name, compare_string)) {
4634             warn_report("Ambiguous CPU model string. "
4635                         "Don't mix both \"-%s\" and \"%s=%s\"",
4636                         name, name, val);
4637             ambiguous = true;
4638         }
4639 
4640         /* Special case: */
4641         if (!strcmp(name, "tsc-freq")) {
4642             int ret;
4643             uint64_t tsc_freq;
4644 
4645             ret = qemu_strtosz_metric(val, NULL, &tsc_freq);
4646             if (ret < 0 || tsc_freq > INT64_MAX) {
4647                 error_setg(errp, "bad numerical value %s", val);
4648                 return;
4649             }
4650             snprintf(num, sizeof(num), "%" PRId64, tsc_freq);
4651             val = num;
4652             name = "tsc-frequency";
4653         }
4654 
4655         prop = g_new0(typeof(*prop), 1);
4656         prop->driver = typename;
4657         prop->property = g_strdup(name);
4658         prop->value = g_strdup(val);
4659         qdev_prop_register_global(prop);
4660     }
4661 
4662     if (ambiguous) {
4663         warn_report("Compatibility of ambiguous CPU model "
4664                     "strings won't be kept on future QEMU versions");
4665     }
4666 }
4667 
4668 static void x86_cpu_filter_features(X86CPU *cpu, bool verbose);
4669 
4670 /* Build a list with the name of all features on a feature word array */
4671 static void x86_cpu_list_feature_names(FeatureWordArray features,
4672                                        strList **list)
4673 {
4674     strList **tail = list;
4675     FeatureWord w;
4676 
4677     for (w = 0; w < FEATURE_WORDS; w++) {
4678         uint64_t filtered = features[w];
4679         int i;
4680         for (i = 0; i < 64; i++) {
4681             if (filtered & (1ULL << i)) {
4682                 QAPI_LIST_APPEND(tail, g_strdup(x86_cpu_feature_name(w, i)));
4683             }
4684         }
4685     }
4686 }
4687 
4688 static void x86_cpu_get_unavailable_features(Object *obj, Visitor *v,
4689                                              const char *name, void *opaque,
4690                                              Error **errp)
4691 {
4692     X86CPU *xc = X86_CPU(obj);
4693     strList *result = NULL;
4694 
4695     x86_cpu_list_feature_names(xc->filtered_features, &result);
4696     visit_type_strList(v, "unavailable-features", &result, errp);
4697 }
4698 
4699 /* Check for missing features that may prevent the CPU class from
4700  * running using the current machine and accelerator.
4701  */
4702 static void x86_cpu_class_check_missing_features(X86CPUClass *xcc,
4703                                                  strList **list)
4704 {
4705     strList **tail = list;
4706     X86CPU *xc;
4707     Error *err = NULL;
4708 
4709     if (xcc->host_cpuid_required && !accel_uses_host_cpuid()) {
4710         QAPI_LIST_APPEND(tail, g_strdup("kvm"));
4711         return;
4712     }
4713 
4714     xc = X86_CPU(object_new_with_class(OBJECT_CLASS(xcc)));
4715 
4716     x86_cpu_expand_features(xc, &err);
4717     if (err) {
4718         /* Errors at x86_cpu_expand_features should never happen,
4719          * but in case it does, just report the model as not
4720          * runnable at all using the "type" property.
4721          */
4722         QAPI_LIST_APPEND(tail, g_strdup("type"));
4723         error_free(err);
4724     }
4725 
4726     x86_cpu_filter_features(xc, false);
4727 
4728     x86_cpu_list_feature_names(xc->filtered_features, tail);
4729 
4730     object_unref(OBJECT(xc));
4731 }
4732 
4733 /* Print all cpuid feature names in featureset
4734  */
4735 static void listflags(GList *features)
4736 {
4737     size_t len = 0;
4738     GList *tmp;
4739 
4740     for (tmp = features; tmp; tmp = tmp->next) {
4741         const char *name = tmp->data;
4742         if ((len + strlen(name) + 1) >= 75) {
4743             qemu_printf("\n");
4744             len = 0;
4745         }
4746         qemu_printf("%s%s", len == 0 ? "  " : " ", name);
4747         len += strlen(name) + 1;
4748     }
4749     qemu_printf("\n");
4750 }
4751 
4752 /* Sort alphabetically by type name, respecting X86CPUClass::ordering. */
4753 static gint x86_cpu_list_compare(gconstpointer a, gconstpointer b)
4754 {
4755     ObjectClass *class_a = (ObjectClass *)a;
4756     ObjectClass *class_b = (ObjectClass *)b;
4757     X86CPUClass *cc_a = X86_CPU_CLASS(class_a);
4758     X86CPUClass *cc_b = X86_CPU_CLASS(class_b);
4759     int ret;
4760 
4761     if (cc_a->ordering != cc_b->ordering) {
4762         ret = cc_a->ordering - cc_b->ordering;
4763     } else {
4764         g_autofree char *name_a = x86_cpu_class_get_model_name(cc_a);
4765         g_autofree char *name_b = x86_cpu_class_get_model_name(cc_b);
4766         ret = strcmp(name_a, name_b);
4767     }
4768     return ret;
4769 }
4770 
4771 static GSList *get_sorted_cpu_model_list(void)
4772 {
4773     GSList *list = object_class_get_list(TYPE_X86_CPU, false);
4774     list = g_slist_sort(list, x86_cpu_list_compare);
4775     return list;
4776 }
4777 
4778 static char *x86_cpu_class_get_model_id(X86CPUClass *xc)
4779 {
4780     Object *obj = object_new_with_class(OBJECT_CLASS(xc));
4781     char *r = object_property_get_str(obj, "model-id", &error_abort);
4782     object_unref(obj);
4783     return r;
4784 }
4785 
4786 static char *x86_cpu_class_get_alias_of(X86CPUClass *cc)
4787 {
4788     X86CPUVersion version;
4789 
4790     if (!cc->model || !cc->model->is_alias) {
4791         return NULL;
4792     }
4793     version = x86_cpu_model_resolve_version(cc->model);
4794     if (version <= 0) {
4795         return NULL;
4796     }
4797     return x86_cpu_versioned_model_name(cc->model->cpudef, version);
4798 }
4799 
4800 static void x86_cpu_list_entry(gpointer data, gpointer user_data)
4801 {
4802     ObjectClass *oc = data;
4803     X86CPUClass *cc = X86_CPU_CLASS(oc);
4804     g_autofree char *name = x86_cpu_class_get_model_name(cc);
4805     g_autofree char *desc = g_strdup(cc->model_description);
4806     g_autofree char *alias_of = x86_cpu_class_get_alias_of(cc);
4807     g_autofree char *model_id = x86_cpu_class_get_model_id(cc);
4808 
4809     if (!desc && alias_of) {
4810         if (cc->model && cc->model->version == CPU_VERSION_AUTO) {
4811             desc = g_strdup("(alias configured by machine type)");
4812         } else {
4813             desc = g_strdup_printf("(alias of %s)", alias_of);
4814         }
4815     }
4816     if (!desc && cc->model && cc->model->note) {
4817         desc = g_strdup_printf("%s [%s]", model_id, cc->model->note);
4818     }
4819     if (!desc) {
4820         desc = g_strdup_printf("%s", model_id);
4821     }
4822 
4823     qemu_printf("x86 %-20s  %-58s\n", name, desc);
4824 }
4825 
4826 /* list available CPU models and flags */
4827 void x86_cpu_list(void)
4828 {
4829     int i, j;
4830     GSList *list;
4831     GList *names = NULL;
4832 
4833     qemu_printf("Available CPUs:\n");
4834     list = get_sorted_cpu_model_list();
4835     g_slist_foreach(list, x86_cpu_list_entry, NULL);
4836     g_slist_free(list);
4837 
4838     names = NULL;
4839     for (i = 0; i < ARRAY_SIZE(feature_word_info); i++) {
4840         FeatureWordInfo *fw = &feature_word_info[i];
4841         for (j = 0; j < 64; j++) {
4842             if (fw->feat_names[j]) {
4843                 names = g_list_append(names, (gpointer)fw->feat_names[j]);
4844             }
4845         }
4846     }
4847 
4848     names = g_list_sort(names, (GCompareFunc)strcmp);
4849 
4850     qemu_printf("\nRecognized CPUID flags:\n");
4851     listflags(names);
4852     qemu_printf("\n");
4853     g_list_free(names);
4854 }
4855 
4856 static void x86_cpu_definition_entry(gpointer data, gpointer user_data)
4857 {
4858     ObjectClass *oc = data;
4859     X86CPUClass *cc = X86_CPU_CLASS(oc);
4860     CpuDefinitionInfoList **cpu_list = user_data;
4861     CpuDefinitionInfo *info;
4862 
4863     info = g_malloc0(sizeof(*info));
4864     info->name = x86_cpu_class_get_model_name(cc);
4865     x86_cpu_class_check_missing_features(cc, &info->unavailable_features);
4866     info->has_unavailable_features = true;
4867     info->q_typename = g_strdup(object_class_get_name(oc));
4868     info->migration_safe = cc->migration_safe;
4869     info->has_migration_safe = true;
4870     info->q_static = cc->static_model;
4871     if (cc->model && cc->model->cpudef->deprecation_note) {
4872         info->deprecated = true;
4873     } else {
4874         info->deprecated = false;
4875     }
4876     /*
4877      * Old machine types won't report aliases, so that alias translation
4878      * doesn't break compatibility with previous QEMU versions.
4879      */
4880     if (default_cpu_version != CPU_VERSION_LEGACY) {
4881         info->alias_of = x86_cpu_class_get_alias_of(cc);
4882         info->has_alias_of = !!info->alias_of;
4883     }
4884 
4885     QAPI_LIST_PREPEND(*cpu_list, info);
4886 }
4887 
4888 CpuDefinitionInfoList *qmp_query_cpu_definitions(Error **errp)
4889 {
4890     CpuDefinitionInfoList *cpu_list = NULL;
4891     GSList *list = get_sorted_cpu_model_list();
4892     g_slist_foreach(list, x86_cpu_definition_entry, &cpu_list);
4893     g_slist_free(list);
4894     return cpu_list;
4895 }
4896 
4897 static uint64_t x86_cpu_get_supported_feature_word(FeatureWord w,
4898                                                    bool migratable_only)
4899 {
4900     FeatureWordInfo *wi = &feature_word_info[w];
4901     uint64_t r = 0;
4902 
4903     if (kvm_enabled()) {
4904         switch (wi->type) {
4905         case CPUID_FEATURE_WORD:
4906             r = kvm_arch_get_supported_cpuid(kvm_state, wi->cpuid.eax,
4907                                                         wi->cpuid.ecx,
4908                                                         wi->cpuid.reg);
4909             break;
4910         case MSR_FEATURE_WORD:
4911             r = kvm_arch_get_supported_msr_feature(kvm_state,
4912                         wi->msr.index);
4913             break;
4914         }
4915     } else if (hvf_enabled()) {
4916         if (wi->type != CPUID_FEATURE_WORD) {
4917             return 0;
4918         }
4919         r = hvf_get_supported_cpuid(wi->cpuid.eax,
4920                                     wi->cpuid.ecx,
4921                                     wi->cpuid.reg);
4922     } else if (tcg_enabled()) {
4923         r = wi->tcg_features;
4924     } else {
4925         return ~0;
4926     }
4927 #ifndef TARGET_X86_64
4928     if (w == FEAT_8000_0001_EDX) {
4929         r &= ~CPUID_EXT2_LM;
4930     }
4931 #endif
4932     if (migratable_only) {
4933         r &= x86_cpu_get_migratable_flags(w);
4934     }
4935     return r;
4936 }
4937 
4938 void x86_cpu_apply_props(X86CPU *cpu, PropValue *props)
4939 {
4940     PropValue *pv;
4941     for (pv = props; pv->prop; pv++) {
4942         if (!pv->value) {
4943             continue;
4944         }
4945         object_property_parse(OBJECT(cpu), pv->prop, pv->value,
4946                               &error_abort);
4947     }
4948 }
4949 
4950 /* Apply properties for the CPU model version specified in model */
4951 static void x86_cpu_apply_version_props(X86CPU *cpu, X86CPUModel *model)
4952 {
4953     const X86CPUVersionDefinition *vdef;
4954     X86CPUVersion version = x86_cpu_model_resolve_version(model);
4955 
4956     if (version == CPU_VERSION_LEGACY) {
4957         return;
4958     }
4959 
4960     for (vdef = x86_cpu_def_get_versions(model->cpudef); vdef->version; vdef++) {
4961         PropValue *p;
4962 
4963         for (p = vdef->props; p && p->prop; p++) {
4964             object_property_parse(OBJECT(cpu), p->prop, p->value,
4965                                   &error_abort);
4966         }
4967 
4968         if (vdef->version == version) {
4969             break;
4970         }
4971     }
4972 
4973     /*
4974      * If we reached the end of the list, version number was invalid
4975      */
4976     assert(vdef->version == version);
4977 }
4978 
4979 /* Load data from X86CPUDefinition into a X86CPU object
4980  */
4981 static void x86_cpu_load_model(X86CPU *cpu, X86CPUModel *model)
4982 {
4983     const X86CPUDefinition *def = model->cpudef;
4984     CPUX86State *env = &cpu->env;
4985     FeatureWord w;
4986 
4987     /*NOTE: any property set by this function should be returned by
4988      * x86_cpu_static_props(), so static expansion of
4989      * query-cpu-model-expansion is always complete.
4990      */
4991 
4992     /* CPU models only set _minimum_ values for level/xlevel: */
4993     object_property_set_uint(OBJECT(cpu), "min-level", def->level,
4994                              &error_abort);
4995     object_property_set_uint(OBJECT(cpu), "min-xlevel", def->xlevel,
4996                              &error_abort);
4997 
4998     object_property_set_int(OBJECT(cpu), "family", def->family, &error_abort);
4999     object_property_set_int(OBJECT(cpu), "model", def->model, &error_abort);
5000     object_property_set_int(OBJECT(cpu), "stepping", def->stepping,
5001                             &error_abort);
5002     object_property_set_str(OBJECT(cpu), "model-id", def->model_id,
5003                             &error_abort);
5004     for (w = 0; w < FEATURE_WORDS; w++) {
5005         env->features[w] = def->features[w];
5006     }
5007 
5008     /* legacy-cache defaults to 'off' if CPU model provides cache info */
5009     cpu->legacy_cache = !def->cache_info;
5010 
5011     env->features[FEAT_1_ECX] |= CPUID_EXT_HYPERVISOR;
5012 
5013     /* sysenter isn't supported in compatibility mode on AMD,
5014      * syscall isn't supported in compatibility mode on Intel.
5015      * Normally we advertise the actual CPU vendor, but you can
5016      * override this using the 'vendor' property if you want to use
5017      * KVM's sysenter/syscall emulation in compatibility mode and
5018      * when doing cross vendor migration
5019      */
5020 
5021     /*
5022      * vendor property is set here but then overloaded with the
5023      * host cpu vendor for KVM and HVF.
5024      */
5025     object_property_set_str(OBJECT(cpu), "vendor", def->vendor, &error_abort);
5026 
5027     x86_cpu_apply_version_props(cpu, model);
5028 
5029     /*
5030      * Properties in versioned CPU model are not user specified features.
5031      * We can simply clear env->user_features here since it will be filled later
5032      * in x86_cpu_expand_features() based on plus_features and minus_features.
5033      */
5034     memset(&env->user_features, 0, sizeof(env->user_features));
5035 }
5036 
5037 static gchar *x86_gdb_arch_name(CPUState *cs)
5038 {
5039 #ifdef TARGET_X86_64
5040     return g_strdup("i386:x86-64");
5041 #else
5042     return g_strdup("i386");
5043 #endif
5044 }
5045 
5046 static void x86_cpu_cpudef_class_init(ObjectClass *oc, void *data)
5047 {
5048     X86CPUModel *model = data;
5049     X86CPUClass *xcc = X86_CPU_CLASS(oc);
5050     CPUClass *cc = CPU_CLASS(oc);
5051 
5052     xcc->model = model;
5053     xcc->migration_safe = true;
5054     cc->deprecation_note = model->cpudef->deprecation_note;
5055 }
5056 
5057 static void x86_register_cpu_model_type(const char *name, X86CPUModel *model)
5058 {
5059     g_autofree char *typename = x86_cpu_type_name(name);
5060     TypeInfo ti = {
5061         .name = typename,
5062         .parent = TYPE_X86_CPU,
5063         .class_init = x86_cpu_cpudef_class_init,
5064         .class_data = model,
5065     };
5066 
5067     type_register(&ti);
5068 }
5069 
5070 static void x86_register_cpudef_types(const X86CPUDefinition *def)
5071 {
5072     X86CPUModel *m;
5073     const X86CPUVersionDefinition *vdef;
5074 
5075     /* AMD aliases are handled at runtime based on CPUID vendor, so
5076      * they shouldn't be set on the CPU model table.
5077      */
5078     assert(!(def->features[FEAT_8000_0001_EDX] & CPUID_EXT2_AMD_ALIASES));
5079     /* catch mistakes instead of silently truncating model_id when too long */
5080     assert(def->model_id && strlen(def->model_id) <= 48);
5081 
5082     /* Unversioned model: */
5083     m = g_new0(X86CPUModel, 1);
5084     m->cpudef = def;
5085     m->version = CPU_VERSION_AUTO;
5086     m->is_alias = true;
5087     x86_register_cpu_model_type(def->name, m);
5088 
5089     /* Versioned models: */
5090 
5091     for (vdef = x86_cpu_def_get_versions(def); vdef->version; vdef++) {
5092         X86CPUModel *m = g_new0(X86CPUModel, 1);
5093         g_autofree char *name =
5094             x86_cpu_versioned_model_name(def, vdef->version);
5095         m->cpudef = def;
5096         m->version = vdef->version;
5097         m->note = vdef->note;
5098         x86_register_cpu_model_type(name, m);
5099 
5100         if (vdef->alias) {
5101             X86CPUModel *am = g_new0(X86CPUModel, 1);
5102             am->cpudef = def;
5103             am->version = vdef->version;
5104             am->is_alias = true;
5105             x86_register_cpu_model_type(vdef->alias, am);
5106         }
5107     }
5108 
5109 }
5110 
5111 void cpu_x86_cpuid(CPUX86State *env, uint32_t index, uint32_t count,
5112                    uint32_t *eax, uint32_t *ebx,
5113                    uint32_t *ecx, uint32_t *edx)
5114 {
5115     X86CPU *cpu = env_archcpu(env);
5116     CPUState *cs = env_cpu(env);
5117     uint32_t die_offset;
5118     uint32_t limit;
5119     uint32_t signature[3];
5120     X86CPUTopoInfo topo_info;
5121 
5122     topo_info.dies_per_pkg = env->nr_dies;
5123     topo_info.cores_per_die = cs->nr_cores;
5124     topo_info.threads_per_core = cs->nr_threads;
5125 
5126     /* Calculate & apply limits for different index ranges */
5127     if (index >= 0xC0000000) {
5128         limit = env->cpuid_xlevel2;
5129     } else if (index >= 0x80000000) {
5130         limit = env->cpuid_xlevel;
5131     } else if (index >= 0x40000000) {
5132         limit = 0x40000001;
5133     } else {
5134         limit = env->cpuid_level;
5135     }
5136 
5137     if (index > limit) {
5138         /* Intel documentation states that invalid EAX input will
5139          * return the same information as EAX=cpuid_level
5140          * (Intel SDM Vol. 2A - Instruction Set Reference - CPUID)
5141          */
5142         index = env->cpuid_level;
5143     }
5144 
5145     switch(index) {
5146     case 0:
5147         *eax = env->cpuid_level;
5148         *ebx = env->cpuid_vendor1;
5149         *edx = env->cpuid_vendor2;
5150         *ecx = env->cpuid_vendor3;
5151         break;
5152     case 1:
5153         *eax = env->cpuid_version;
5154         *ebx = (cpu->apic_id << 24) |
5155                8 << 8; /* CLFLUSH size in quad words, Linux wants it. */
5156         *ecx = env->features[FEAT_1_ECX];
5157         if ((*ecx & CPUID_EXT_XSAVE) && (env->cr[4] & CR4_OSXSAVE_MASK)) {
5158             *ecx |= CPUID_EXT_OSXSAVE;
5159         }
5160         *edx = env->features[FEAT_1_EDX];
5161         if (cs->nr_cores * cs->nr_threads > 1) {
5162             *ebx |= (cs->nr_cores * cs->nr_threads) << 16;
5163             *edx |= CPUID_HT;
5164         }
5165         if (!cpu->enable_pmu) {
5166             *ecx &= ~CPUID_EXT_PDCM;
5167         }
5168         break;
5169     case 2:
5170         /* cache info: needed for Pentium Pro compatibility */
5171         if (cpu->cache_info_passthrough) {
5172             host_cpuid(index, 0, eax, ebx, ecx, edx);
5173             break;
5174         }
5175         *eax = 1; /* Number of CPUID[EAX=2] calls required */
5176         *ebx = 0;
5177         if (!cpu->enable_l3_cache) {
5178             *ecx = 0;
5179         } else {
5180             *ecx = cpuid2_cache_descriptor(env->cache_info_cpuid2.l3_cache);
5181         }
5182         *edx = (cpuid2_cache_descriptor(env->cache_info_cpuid2.l1d_cache) << 16) |
5183                (cpuid2_cache_descriptor(env->cache_info_cpuid2.l1i_cache) <<  8) |
5184                (cpuid2_cache_descriptor(env->cache_info_cpuid2.l2_cache));
5185         break;
5186     case 4:
5187         /* cache info: needed for Core compatibility */
5188         if (cpu->cache_info_passthrough) {
5189             host_cpuid(index, count, eax, ebx, ecx, edx);
5190             /* QEMU gives out its own APIC IDs, never pass down bits 31..26.  */
5191             *eax &= ~0xFC000000;
5192             if ((*eax & 31) && cs->nr_cores > 1) {
5193                 *eax |= (cs->nr_cores - 1) << 26;
5194             }
5195         } else {
5196             *eax = 0;
5197             switch (count) {
5198             case 0: /* L1 dcache info */
5199                 encode_cache_cpuid4(env->cache_info_cpuid4.l1d_cache,
5200                                     1, cs->nr_cores,
5201                                     eax, ebx, ecx, edx);
5202                 break;
5203             case 1: /* L1 icache info */
5204                 encode_cache_cpuid4(env->cache_info_cpuid4.l1i_cache,
5205                                     1, cs->nr_cores,
5206                                     eax, ebx, ecx, edx);
5207                 break;
5208             case 2: /* L2 cache info */
5209                 encode_cache_cpuid4(env->cache_info_cpuid4.l2_cache,
5210                                     cs->nr_threads, cs->nr_cores,
5211                                     eax, ebx, ecx, edx);
5212                 break;
5213             case 3: /* L3 cache info */
5214                 die_offset = apicid_die_offset(&topo_info);
5215                 if (cpu->enable_l3_cache) {
5216                     encode_cache_cpuid4(env->cache_info_cpuid4.l3_cache,
5217                                         (1 << die_offset), cs->nr_cores,
5218                                         eax, ebx, ecx, edx);
5219                     break;
5220                 }
5221                 /* fall through */
5222             default: /* end of info */
5223                 *eax = *ebx = *ecx = *edx = 0;
5224                 break;
5225             }
5226         }
5227         break;
5228     case 5:
5229         /* MONITOR/MWAIT Leaf */
5230         *eax = cpu->mwait.eax; /* Smallest monitor-line size in bytes */
5231         *ebx = cpu->mwait.ebx; /* Largest monitor-line size in bytes */
5232         *ecx = cpu->mwait.ecx; /* flags */
5233         *edx = cpu->mwait.edx; /* mwait substates */
5234         break;
5235     case 6:
5236         /* Thermal and Power Leaf */
5237         *eax = env->features[FEAT_6_EAX];
5238         *ebx = 0;
5239         *ecx = 0;
5240         *edx = 0;
5241         break;
5242     case 7:
5243         /* Structured Extended Feature Flags Enumeration Leaf */
5244         if (count == 0) {
5245             /* Maximum ECX value for sub-leaves */
5246             *eax = env->cpuid_level_func7;
5247             *ebx = env->features[FEAT_7_0_EBX]; /* Feature flags */
5248             *ecx = env->features[FEAT_7_0_ECX]; /* Feature flags */
5249             if ((*ecx & CPUID_7_0_ECX_PKU) && env->cr[4] & CR4_PKE_MASK) {
5250                 *ecx |= CPUID_7_0_ECX_OSPKE;
5251             }
5252             *edx = env->features[FEAT_7_0_EDX]; /* Feature flags */
5253         } else if (count == 1) {
5254             *eax = env->features[FEAT_7_1_EAX];
5255             *ebx = 0;
5256             *ecx = 0;
5257             *edx = 0;
5258         } else {
5259             *eax = 0;
5260             *ebx = 0;
5261             *ecx = 0;
5262             *edx = 0;
5263         }
5264         break;
5265     case 9:
5266         /* Direct Cache Access Information Leaf */
5267         *eax = 0; /* Bits 0-31 in DCA_CAP MSR */
5268         *ebx = 0;
5269         *ecx = 0;
5270         *edx = 0;
5271         break;
5272     case 0xA:
5273         /* Architectural Performance Monitoring Leaf */
5274         if (kvm_enabled() && cpu->enable_pmu) {
5275             KVMState *s = cs->kvm_state;
5276 
5277             *eax = kvm_arch_get_supported_cpuid(s, 0xA, count, R_EAX);
5278             *ebx = kvm_arch_get_supported_cpuid(s, 0xA, count, R_EBX);
5279             *ecx = kvm_arch_get_supported_cpuid(s, 0xA, count, R_ECX);
5280             *edx = kvm_arch_get_supported_cpuid(s, 0xA, count, R_EDX);
5281         } else if (hvf_enabled() && cpu->enable_pmu) {
5282             *eax = hvf_get_supported_cpuid(0xA, count, R_EAX);
5283             *ebx = hvf_get_supported_cpuid(0xA, count, R_EBX);
5284             *ecx = hvf_get_supported_cpuid(0xA, count, R_ECX);
5285             *edx = hvf_get_supported_cpuid(0xA, count, R_EDX);
5286         } else {
5287             *eax = 0;
5288             *ebx = 0;
5289             *ecx = 0;
5290             *edx = 0;
5291         }
5292         break;
5293     case 0xB:
5294         /* Extended Topology Enumeration Leaf */
5295         if (!cpu->enable_cpuid_0xb) {
5296                 *eax = *ebx = *ecx = *edx = 0;
5297                 break;
5298         }
5299 
5300         *ecx = count & 0xff;
5301         *edx = cpu->apic_id;
5302 
5303         switch (count) {
5304         case 0:
5305             *eax = apicid_core_offset(&topo_info);
5306             *ebx = cs->nr_threads;
5307             *ecx |= CPUID_TOPOLOGY_LEVEL_SMT;
5308             break;
5309         case 1:
5310             *eax = apicid_pkg_offset(&topo_info);
5311             *ebx = cs->nr_cores * cs->nr_threads;
5312             *ecx |= CPUID_TOPOLOGY_LEVEL_CORE;
5313             break;
5314         default:
5315             *eax = 0;
5316             *ebx = 0;
5317             *ecx |= CPUID_TOPOLOGY_LEVEL_INVALID;
5318         }
5319 
5320         assert(!(*eax & ~0x1f));
5321         *ebx &= 0xffff; /* The count doesn't need to be reliable. */
5322         break;
5323     case 0x1F:
5324         /* V2 Extended Topology Enumeration Leaf */
5325         if (env->nr_dies < 2) {
5326             *eax = *ebx = *ecx = *edx = 0;
5327             break;
5328         }
5329 
5330         *ecx = count & 0xff;
5331         *edx = cpu->apic_id;
5332         switch (count) {
5333         case 0:
5334             *eax = apicid_core_offset(&topo_info);
5335             *ebx = cs->nr_threads;
5336             *ecx |= CPUID_TOPOLOGY_LEVEL_SMT;
5337             break;
5338         case 1:
5339             *eax = apicid_die_offset(&topo_info);
5340             *ebx = cs->nr_cores * cs->nr_threads;
5341             *ecx |= CPUID_TOPOLOGY_LEVEL_CORE;
5342             break;
5343         case 2:
5344             *eax = apicid_pkg_offset(&topo_info);
5345             *ebx = env->nr_dies * cs->nr_cores * cs->nr_threads;
5346             *ecx |= CPUID_TOPOLOGY_LEVEL_DIE;
5347             break;
5348         default:
5349             *eax = 0;
5350             *ebx = 0;
5351             *ecx |= CPUID_TOPOLOGY_LEVEL_INVALID;
5352         }
5353         assert(!(*eax & ~0x1f));
5354         *ebx &= 0xffff; /* The count doesn't need to be reliable. */
5355         break;
5356     case 0xD: {
5357         /* Processor Extended State */
5358         *eax = 0;
5359         *ebx = 0;
5360         *ecx = 0;
5361         *edx = 0;
5362         if (!(env->features[FEAT_1_ECX] & CPUID_EXT_XSAVE)) {
5363             break;
5364         }
5365 
5366         if (count == 0) {
5367             *ecx = xsave_area_size(x86_cpu_xsave_components(cpu));
5368             *eax = env->features[FEAT_XSAVE_COMP_LO];
5369             *edx = env->features[FEAT_XSAVE_COMP_HI];
5370             /*
5371              * The initial value of xcr0 and ebx == 0, On host without kvm
5372              * commit 412a3c41(e.g., CentOS 6), the ebx's value always == 0
5373              * even through guest update xcr0, this will crash some legacy guest
5374              * (e.g., CentOS 6), So set ebx == ecx to workaroud it.
5375              */
5376             *ebx = kvm_enabled() ? *ecx : xsave_area_size(env->xcr0);
5377         } else if (count == 1) {
5378             *eax = env->features[FEAT_XSAVE];
5379         } else if (count < ARRAY_SIZE(x86_ext_save_areas)) {
5380             if ((x86_cpu_xsave_components(cpu) >> count) & 1) {
5381                 const ExtSaveArea *esa = &x86_ext_save_areas[count];
5382                 *eax = esa->size;
5383                 *ebx = esa->offset;
5384             }
5385         }
5386         break;
5387     }
5388     case 0x14: {
5389         /* Intel Processor Trace Enumeration */
5390         *eax = 0;
5391         *ebx = 0;
5392         *ecx = 0;
5393         *edx = 0;
5394         if (!(env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_INTEL_PT) ||
5395             !kvm_enabled()) {
5396             break;
5397         }
5398 
5399         if (count == 0) {
5400             *eax = INTEL_PT_MAX_SUBLEAF;
5401             *ebx = INTEL_PT_MINIMAL_EBX;
5402             *ecx = INTEL_PT_MINIMAL_ECX;
5403             if (env->features[FEAT_14_0_ECX] & CPUID_14_0_ECX_LIP) {
5404                 *ecx |= CPUID_14_0_ECX_LIP;
5405             }
5406         } else if (count == 1) {
5407             *eax = INTEL_PT_MTC_BITMAP | INTEL_PT_ADDR_RANGES_NUM;
5408             *ebx = INTEL_PT_PSB_BITMAP | INTEL_PT_CYCLE_BITMAP;
5409         }
5410         break;
5411     }
5412     case 0x40000000:
5413         /*
5414          * CPUID code in kvm_arch_init_vcpu() ignores stuff
5415          * set here, but we restrict to TCG none the less.
5416          */
5417         if (tcg_enabled() && cpu->expose_tcg) {
5418             memcpy(signature, "TCGTCGTCGTCG", 12);
5419             *eax = 0x40000001;
5420             *ebx = signature[0];
5421             *ecx = signature[1];
5422             *edx = signature[2];
5423         } else {
5424             *eax = 0;
5425             *ebx = 0;
5426             *ecx = 0;
5427             *edx = 0;
5428         }
5429         break;
5430     case 0x40000001:
5431         *eax = 0;
5432         *ebx = 0;
5433         *ecx = 0;
5434         *edx = 0;
5435         break;
5436     case 0x80000000:
5437         *eax = env->cpuid_xlevel;
5438         *ebx = env->cpuid_vendor1;
5439         *edx = env->cpuid_vendor2;
5440         *ecx = env->cpuid_vendor3;
5441         break;
5442     case 0x80000001:
5443         *eax = env->cpuid_version;
5444         *ebx = 0;
5445         *ecx = env->features[FEAT_8000_0001_ECX];
5446         *edx = env->features[FEAT_8000_0001_EDX];
5447 
5448         /* The Linux kernel checks for the CMPLegacy bit and
5449          * discards multiple thread information if it is set.
5450          * So don't set it here for Intel to make Linux guests happy.
5451          */
5452         if (cs->nr_cores * cs->nr_threads > 1) {
5453             if (env->cpuid_vendor1 != CPUID_VENDOR_INTEL_1 ||
5454                 env->cpuid_vendor2 != CPUID_VENDOR_INTEL_2 ||
5455                 env->cpuid_vendor3 != CPUID_VENDOR_INTEL_3) {
5456                 *ecx |= 1 << 1;    /* CmpLegacy bit */
5457             }
5458         }
5459         break;
5460     case 0x80000002:
5461     case 0x80000003:
5462     case 0x80000004:
5463         *eax = env->cpuid_model[(index - 0x80000002) * 4 + 0];
5464         *ebx = env->cpuid_model[(index - 0x80000002) * 4 + 1];
5465         *ecx = env->cpuid_model[(index - 0x80000002) * 4 + 2];
5466         *edx = env->cpuid_model[(index - 0x80000002) * 4 + 3];
5467         break;
5468     case 0x80000005:
5469         /* cache info (L1 cache) */
5470         if (cpu->cache_info_passthrough) {
5471             host_cpuid(index, 0, eax, ebx, ecx, edx);
5472             break;
5473         }
5474         *eax = (L1_DTLB_2M_ASSOC << 24) | (L1_DTLB_2M_ENTRIES << 16) |
5475                (L1_ITLB_2M_ASSOC <<  8) | (L1_ITLB_2M_ENTRIES);
5476         *ebx = (L1_DTLB_4K_ASSOC << 24) | (L1_DTLB_4K_ENTRIES << 16) |
5477                (L1_ITLB_4K_ASSOC <<  8) | (L1_ITLB_4K_ENTRIES);
5478         *ecx = encode_cache_cpuid80000005(env->cache_info_amd.l1d_cache);
5479         *edx = encode_cache_cpuid80000005(env->cache_info_amd.l1i_cache);
5480         break;
5481     case 0x80000006:
5482         /* cache info (L2 cache) */
5483         if (cpu->cache_info_passthrough) {
5484             host_cpuid(index, 0, eax, ebx, ecx, edx);
5485             break;
5486         }
5487         *eax = (AMD_ENC_ASSOC(L2_DTLB_2M_ASSOC) << 28) |
5488                (L2_DTLB_2M_ENTRIES << 16) |
5489                (AMD_ENC_ASSOC(L2_ITLB_2M_ASSOC) << 12) |
5490                (L2_ITLB_2M_ENTRIES);
5491         *ebx = (AMD_ENC_ASSOC(L2_DTLB_4K_ASSOC) << 28) |
5492                (L2_DTLB_4K_ENTRIES << 16) |
5493                (AMD_ENC_ASSOC(L2_ITLB_4K_ASSOC) << 12) |
5494                (L2_ITLB_4K_ENTRIES);
5495         encode_cache_cpuid80000006(env->cache_info_amd.l2_cache,
5496                                    cpu->enable_l3_cache ?
5497                                    env->cache_info_amd.l3_cache : NULL,
5498                                    ecx, edx);
5499         break;
5500     case 0x80000007:
5501         *eax = 0;
5502         *ebx = 0;
5503         *ecx = 0;
5504         *edx = env->features[FEAT_8000_0007_EDX];
5505         break;
5506     case 0x80000008:
5507         /* virtual & phys address size in low 2 bytes. */
5508         if (env->features[FEAT_8000_0001_EDX] & CPUID_EXT2_LM) {
5509             /* 64 bit processor */
5510             *eax = cpu->phys_bits; /* configurable physical bits */
5511             if  (env->features[FEAT_7_0_ECX] & CPUID_7_0_ECX_LA57) {
5512                 *eax |= 0x00003900; /* 57 bits virtual */
5513             } else {
5514                 *eax |= 0x00003000; /* 48 bits virtual */
5515             }
5516         } else {
5517             *eax = cpu->phys_bits;
5518         }
5519         *ebx = env->features[FEAT_8000_0008_EBX];
5520         if (cs->nr_cores * cs->nr_threads > 1) {
5521             /*
5522              * Bits 15:12 is "The number of bits in the initial
5523              * Core::X86::Apic::ApicId[ApicId] value that indicate
5524              * thread ID within a package".
5525              * Bits 7:0 is "The number of threads in the package is NC+1"
5526              */
5527             *ecx = (apicid_pkg_offset(&topo_info) << 12) |
5528                    ((cs->nr_cores * cs->nr_threads) - 1);
5529         } else {
5530             *ecx = 0;
5531         }
5532         *edx = 0;
5533         break;
5534     case 0x8000000A:
5535         if (env->features[FEAT_8000_0001_ECX] & CPUID_EXT3_SVM) {
5536             *eax = 0x00000001; /* SVM Revision */
5537             *ebx = 0x00000010; /* nr of ASIDs */
5538             *ecx = 0;
5539             *edx = env->features[FEAT_SVM]; /* optional features */
5540         } else {
5541             *eax = 0;
5542             *ebx = 0;
5543             *ecx = 0;
5544             *edx = 0;
5545         }
5546         break;
5547     case 0x8000001D:
5548         *eax = 0;
5549         if (cpu->cache_info_passthrough) {
5550             host_cpuid(index, count, eax, ebx, ecx, edx);
5551             break;
5552         }
5553         switch (count) {
5554         case 0: /* L1 dcache info */
5555             encode_cache_cpuid8000001d(env->cache_info_amd.l1d_cache,
5556                                        &topo_info, eax, ebx, ecx, edx);
5557             break;
5558         case 1: /* L1 icache info */
5559             encode_cache_cpuid8000001d(env->cache_info_amd.l1i_cache,
5560                                        &topo_info, eax, ebx, ecx, edx);
5561             break;
5562         case 2: /* L2 cache info */
5563             encode_cache_cpuid8000001d(env->cache_info_amd.l2_cache,
5564                                        &topo_info, eax, ebx, ecx, edx);
5565             break;
5566         case 3: /* L3 cache info */
5567             encode_cache_cpuid8000001d(env->cache_info_amd.l3_cache,
5568                                        &topo_info, eax, ebx, ecx, edx);
5569             break;
5570         default: /* end of info */
5571             *eax = *ebx = *ecx = *edx = 0;
5572             break;
5573         }
5574         break;
5575     case 0x8000001E:
5576         if (cpu->core_id <= 255) {
5577             encode_topo_cpuid8000001e(cpu, &topo_info, eax, ebx, ecx, edx);
5578         } else {
5579             *eax = 0;
5580             *ebx = 0;
5581             *ecx = 0;
5582             *edx = 0;
5583         }
5584         break;
5585     case 0xC0000000:
5586         *eax = env->cpuid_xlevel2;
5587         *ebx = 0;
5588         *ecx = 0;
5589         *edx = 0;
5590         break;
5591     case 0xC0000001:
5592         /* Support for VIA CPU's CPUID instruction */
5593         *eax = env->cpuid_version;
5594         *ebx = 0;
5595         *ecx = 0;
5596         *edx = env->features[FEAT_C000_0001_EDX];
5597         break;
5598     case 0xC0000002:
5599     case 0xC0000003:
5600     case 0xC0000004:
5601         /* Reserved for the future, and now filled with zero */
5602         *eax = 0;
5603         *ebx = 0;
5604         *ecx = 0;
5605         *edx = 0;
5606         break;
5607     case 0x8000001F:
5608         *eax = sev_enabled() ? 0x2 : 0;
5609         *eax |= sev_es_enabled() ? 0x8 : 0;
5610         *ebx = sev_get_cbit_position();
5611         *ebx |= sev_get_reduced_phys_bits() << 6;
5612         *ecx = 0;
5613         *edx = 0;
5614         break;
5615     default:
5616         /* reserved values: zero */
5617         *eax = 0;
5618         *ebx = 0;
5619         *ecx = 0;
5620         *edx = 0;
5621         break;
5622     }
5623 }
5624 
5625 static void x86_cpu_reset(DeviceState *dev)
5626 {
5627     CPUState *s = CPU(dev);
5628     X86CPU *cpu = X86_CPU(s);
5629     X86CPUClass *xcc = X86_CPU_GET_CLASS(cpu);
5630     CPUX86State *env = &cpu->env;
5631     target_ulong cr4;
5632     uint64_t xcr0;
5633     int i;
5634 
5635     xcc->parent_reset(dev);
5636 
5637     memset(env, 0, offsetof(CPUX86State, end_reset_fields));
5638 
5639     env->old_exception = -1;
5640 
5641     /* init to reset state */
5642 
5643     env->hflags2 |= HF2_GIF_MASK;
5644     env->hflags &= ~HF_GUEST_MASK;
5645 
5646     cpu_x86_update_cr0(env, 0x60000010);
5647     env->a20_mask = ~0x0;
5648     env->smbase = 0x30000;
5649     env->msr_smi_count = 0;
5650 
5651     env->idt.limit = 0xffff;
5652     env->gdt.limit = 0xffff;
5653     env->ldt.limit = 0xffff;
5654     env->ldt.flags = DESC_P_MASK | (2 << DESC_TYPE_SHIFT);
5655     env->tr.limit = 0xffff;
5656     env->tr.flags = DESC_P_MASK | (11 << DESC_TYPE_SHIFT);
5657 
5658     cpu_x86_load_seg_cache(env, R_CS, 0xf000, 0xffff0000, 0xffff,
5659                            DESC_P_MASK | DESC_S_MASK | DESC_CS_MASK |
5660                            DESC_R_MASK | DESC_A_MASK);
5661     cpu_x86_load_seg_cache(env, R_DS, 0, 0, 0xffff,
5662                            DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
5663                            DESC_A_MASK);
5664     cpu_x86_load_seg_cache(env, R_ES, 0, 0, 0xffff,
5665                            DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
5666                            DESC_A_MASK);
5667     cpu_x86_load_seg_cache(env, R_SS, 0, 0, 0xffff,
5668                            DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
5669                            DESC_A_MASK);
5670     cpu_x86_load_seg_cache(env, R_FS, 0, 0, 0xffff,
5671                            DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
5672                            DESC_A_MASK);
5673     cpu_x86_load_seg_cache(env, R_GS, 0, 0, 0xffff,
5674                            DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
5675                            DESC_A_MASK);
5676 
5677     env->eip = 0xfff0;
5678     env->regs[R_EDX] = env->cpuid_version;
5679 
5680     env->eflags = 0x2;
5681 
5682     /* FPU init */
5683     for (i = 0; i < 8; i++) {
5684         env->fptags[i] = 1;
5685     }
5686     cpu_set_fpuc(env, 0x37f);
5687 
5688     env->mxcsr = 0x1f80;
5689     /* All units are in INIT state.  */
5690     env->xstate_bv = 0;
5691 
5692     env->pat = 0x0007040600070406ULL;
5693     env->msr_ia32_misc_enable = MSR_IA32_MISC_ENABLE_DEFAULT;
5694     if (env->features[FEAT_1_ECX] & CPUID_EXT_MONITOR) {
5695         env->msr_ia32_misc_enable |= MSR_IA32_MISC_ENABLE_MWAIT;
5696     }
5697 
5698     memset(env->dr, 0, sizeof(env->dr));
5699     env->dr[6] = DR6_FIXED_1;
5700     env->dr[7] = DR7_FIXED_1;
5701     cpu_breakpoint_remove_all(s, BP_CPU);
5702     cpu_watchpoint_remove_all(s, BP_CPU);
5703 
5704     cr4 = 0;
5705     xcr0 = XSTATE_FP_MASK;
5706 
5707 #ifdef CONFIG_USER_ONLY
5708     /* Enable all the features for user-mode.  */
5709     if (env->features[FEAT_1_EDX] & CPUID_SSE) {
5710         xcr0 |= XSTATE_SSE_MASK;
5711     }
5712     for (i = 2; i < ARRAY_SIZE(x86_ext_save_areas); i++) {
5713         const ExtSaveArea *esa = &x86_ext_save_areas[i];
5714         if (env->features[esa->feature] & esa->bits) {
5715             xcr0 |= 1ull << i;
5716         }
5717     }
5718 
5719     if (env->features[FEAT_1_ECX] & CPUID_EXT_XSAVE) {
5720         cr4 |= CR4_OSFXSR_MASK | CR4_OSXSAVE_MASK;
5721     }
5722     if (env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_FSGSBASE) {
5723         cr4 |= CR4_FSGSBASE_MASK;
5724     }
5725 #endif
5726 
5727     env->xcr0 = xcr0;
5728     cpu_x86_update_cr4(env, cr4);
5729 
5730     /*
5731      * SDM 11.11.5 requires:
5732      *  - IA32_MTRR_DEF_TYPE MSR.E = 0
5733      *  - IA32_MTRR_PHYSMASKn.V = 0
5734      * All other bits are undefined.  For simplification, zero it all.
5735      */
5736     env->mtrr_deftype = 0;
5737     memset(env->mtrr_var, 0, sizeof(env->mtrr_var));
5738     memset(env->mtrr_fixed, 0, sizeof(env->mtrr_fixed));
5739 
5740     env->interrupt_injected = -1;
5741     env->exception_nr = -1;
5742     env->exception_pending = 0;
5743     env->exception_injected = 0;
5744     env->exception_has_payload = false;
5745     env->exception_payload = 0;
5746     env->nmi_injected = false;
5747 #if !defined(CONFIG_USER_ONLY)
5748     /* We hard-wire the BSP to the first CPU. */
5749     apic_designate_bsp(cpu->apic_state, s->cpu_index == 0);
5750 
5751     s->halted = !cpu_is_bsp(cpu);
5752 
5753     if (kvm_enabled()) {
5754         kvm_arch_reset_vcpu(cpu);
5755     }
5756 #endif
5757 }
5758 
5759 static void mce_init(X86CPU *cpu)
5760 {
5761     CPUX86State *cenv = &cpu->env;
5762     unsigned int bank;
5763 
5764     if (((cenv->cpuid_version >> 8) & 0xf) >= 6
5765         && (cenv->features[FEAT_1_EDX] & (CPUID_MCE | CPUID_MCA)) ==
5766             (CPUID_MCE | CPUID_MCA)) {
5767         cenv->mcg_cap = MCE_CAP_DEF | MCE_BANKS_DEF |
5768                         (cpu->enable_lmce ? MCG_LMCE_P : 0);
5769         cenv->mcg_ctl = ~(uint64_t)0;
5770         for (bank = 0; bank < MCE_BANKS_DEF; bank++) {
5771             cenv->mce_banks[bank * 4] = ~(uint64_t)0;
5772         }
5773     }
5774 }
5775 
5776 static void x86_cpu_adjust_level(X86CPU *cpu, uint32_t *min, uint32_t value)
5777 {
5778     if (*min < value) {
5779         *min = value;
5780     }
5781 }
5782 
5783 /* Increase cpuid_min_{level,xlevel,xlevel2} automatically, if appropriate */
5784 static void x86_cpu_adjust_feat_level(X86CPU *cpu, FeatureWord w)
5785 {
5786     CPUX86State *env = &cpu->env;
5787     FeatureWordInfo *fi = &feature_word_info[w];
5788     uint32_t eax = fi->cpuid.eax;
5789     uint32_t region = eax & 0xF0000000;
5790 
5791     assert(feature_word_info[w].type == CPUID_FEATURE_WORD);
5792     if (!env->features[w]) {
5793         return;
5794     }
5795 
5796     switch (region) {
5797     case 0x00000000:
5798         x86_cpu_adjust_level(cpu, &env->cpuid_min_level, eax);
5799     break;
5800     case 0x80000000:
5801         x86_cpu_adjust_level(cpu, &env->cpuid_min_xlevel, eax);
5802     break;
5803     case 0xC0000000:
5804         x86_cpu_adjust_level(cpu, &env->cpuid_min_xlevel2, eax);
5805     break;
5806     }
5807 
5808     if (eax == 7) {
5809         x86_cpu_adjust_level(cpu, &env->cpuid_min_level_func7,
5810                              fi->cpuid.ecx);
5811     }
5812 }
5813 
5814 /* Calculate XSAVE components based on the configured CPU feature flags */
5815 static void x86_cpu_enable_xsave_components(X86CPU *cpu)
5816 {
5817     CPUX86State *env = &cpu->env;
5818     int i;
5819     uint64_t mask;
5820 
5821     if (!(env->features[FEAT_1_ECX] & CPUID_EXT_XSAVE)) {
5822         env->features[FEAT_XSAVE_COMP_LO] = 0;
5823         env->features[FEAT_XSAVE_COMP_HI] = 0;
5824         return;
5825     }
5826 
5827     mask = 0;
5828     for (i = 0; i < ARRAY_SIZE(x86_ext_save_areas); i++) {
5829         const ExtSaveArea *esa = &x86_ext_save_areas[i];
5830         if (env->features[esa->feature] & esa->bits) {
5831             mask |= (1ULL << i);
5832         }
5833     }
5834 
5835     env->features[FEAT_XSAVE_COMP_LO] = mask;
5836     env->features[FEAT_XSAVE_COMP_HI] = mask >> 32;
5837 }
5838 
5839 /***** Steps involved on loading and filtering CPUID data
5840  *
5841  * When initializing and realizing a CPU object, the steps
5842  * involved in setting up CPUID data are:
5843  *
5844  * 1) Loading CPU model definition (X86CPUDefinition). This is
5845  *    implemented by x86_cpu_load_model() and should be completely
5846  *    transparent, as it is done automatically by instance_init.
5847  *    No code should need to look at X86CPUDefinition structs
5848  *    outside instance_init.
5849  *
5850  * 2) CPU expansion. This is done by realize before CPUID
5851  *    filtering, and will make sure host/accelerator data is
5852  *    loaded for CPU models that depend on host capabilities
5853  *    (e.g. "host"). Done by x86_cpu_expand_features().
5854  *
5855  * 3) CPUID filtering. This initializes extra data related to
5856  *    CPUID, and checks if the host supports all capabilities
5857  *    required by the CPU. Runnability of a CPU model is
5858  *    determined at this step. Done by x86_cpu_filter_features().
5859  *
5860  * Some operations don't require all steps to be performed.
5861  * More precisely:
5862  *
5863  * - CPU instance creation (instance_init) will run only CPU
5864  *   model loading. CPU expansion can't run at instance_init-time
5865  *   because host/accelerator data may be not available yet.
5866  * - CPU realization will perform both CPU model expansion and CPUID
5867  *   filtering, and return an error in case one of them fails.
5868  * - query-cpu-definitions needs to run all 3 steps. It needs
5869  *   to run CPUID filtering, as the 'unavailable-features'
5870  *   field is set based on the filtering results.
5871  * - The query-cpu-model-expansion QMP command only needs to run
5872  *   CPU model loading and CPU expansion. It should not filter
5873  *   any CPUID data based on host capabilities.
5874  */
5875 
5876 /* Expand CPU configuration data, based on configured features
5877  * and host/accelerator capabilities when appropriate.
5878  */
5879 void x86_cpu_expand_features(X86CPU *cpu, Error **errp)
5880 {
5881     CPUX86State *env = &cpu->env;
5882     FeatureWord w;
5883     int i;
5884     GList *l;
5885 
5886     for (l = plus_features; l; l = l->next) {
5887         const char *prop = l->data;
5888         if (!object_property_set_bool(OBJECT(cpu), prop, true, errp)) {
5889             return;
5890         }
5891     }
5892 
5893     for (l = minus_features; l; l = l->next) {
5894         const char *prop = l->data;
5895         if (!object_property_set_bool(OBJECT(cpu), prop, false, errp)) {
5896             return;
5897         }
5898     }
5899 
5900     /*TODO: Now cpu->max_features doesn't overwrite features
5901      * set using QOM properties, and we can convert
5902      * plus_features & minus_features to global properties
5903      * inside x86_cpu_parse_featurestr() too.
5904      */
5905     if (cpu->max_features) {
5906         for (w = 0; w < FEATURE_WORDS; w++) {
5907             /* Override only features that weren't set explicitly
5908              * by the user.
5909              */
5910             env->features[w] |=
5911                 x86_cpu_get_supported_feature_word(w, cpu->migratable) &
5912                 ~env->user_features[w] &
5913                 ~feature_word_info[w].no_autoenable_flags;
5914         }
5915     }
5916 
5917     for (i = 0; i < ARRAY_SIZE(feature_dependencies); i++) {
5918         FeatureDep *d = &feature_dependencies[i];
5919         if (!(env->features[d->from.index] & d->from.mask)) {
5920             uint64_t unavailable_features = env->features[d->to.index] & d->to.mask;
5921 
5922             /* Not an error unless the dependent feature was added explicitly.  */
5923             mark_unavailable_features(cpu, d->to.index,
5924                                       unavailable_features & env->user_features[d->to.index],
5925                                       "This feature depends on other features that were not requested");
5926 
5927             env->features[d->to.index] &= ~unavailable_features;
5928         }
5929     }
5930 
5931     if (!kvm_enabled() || !cpu->expose_kvm) {
5932         env->features[FEAT_KVM] = 0;
5933     }
5934 
5935     x86_cpu_enable_xsave_components(cpu);
5936 
5937     /* CPUID[EAX=7,ECX=0].EBX always increased level automatically: */
5938     x86_cpu_adjust_feat_level(cpu, FEAT_7_0_EBX);
5939     if (cpu->full_cpuid_auto_level) {
5940         x86_cpu_adjust_feat_level(cpu, FEAT_1_EDX);
5941         x86_cpu_adjust_feat_level(cpu, FEAT_1_ECX);
5942         x86_cpu_adjust_feat_level(cpu, FEAT_6_EAX);
5943         x86_cpu_adjust_feat_level(cpu, FEAT_7_0_ECX);
5944         x86_cpu_adjust_feat_level(cpu, FEAT_7_1_EAX);
5945         x86_cpu_adjust_feat_level(cpu, FEAT_8000_0001_EDX);
5946         x86_cpu_adjust_feat_level(cpu, FEAT_8000_0001_ECX);
5947         x86_cpu_adjust_feat_level(cpu, FEAT_8000_0007_EDX);
5948         x86_cpu_adjust_feat_level(cpu, FEAT_8000_0008_EBX);
5949         x86_cpu_adjust_feat_level(cpu, FEAT_C000_0001_EDX);
5950         x86_cpu_adjust_feat_level(cpu, FEAT_SVM);
5951         x86_cpu_adjust_feat_level(cpu, FEAT_XSAVE);
5952 
5953         /* Intel Processor Trace requires CPUID[0x14] */
5954         if ((env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_INTEL_PT)) {
5955             if (cpu->intel_pt_auto_level) {
5956                 x86_cpu_adjust_level(cpu, &cpu->env.cpuid_min_level, 0x14);
5957             } else if (cpu->env.cpuid_min_level < 0x14) {
5958                 mark_unavailable_features(cpu, FEAT_7_0_EBX,
5959                     CPUID_7_0_EBX_INTEL_PT,
5960                     "Intel PT need CPUID leaf 0x14, please set by \"-cpu ...,intel-pt=on,min-level=0x14\"");
5961             }
5962         }
5963 
5964         /* CPU topology with multi-dies support requires CPUID[0x1F] */
5965         if (env->nr_dies > 1) {
5966             x86_cpu_adjust_level(cpu, &env->cpuid_min_level, 0x1F);
5967         }
5968 
5969         /* SVM requires CPUID[0x8000000A] */
5970         if (env->features[FEAT_8000_0001_ECX] & CPUID_EXT3_SVM) {
5971             x86_cpu_adjust_level(cpu, &env->cpuid_min_xlevel, 0x8000000A);
5972         }
5973 
5974         /* SEV requires CPUID[0x8000001F] */
5975         if (sev_enabled()) {
5976             x86_cpu_adjust_level(cpu, &env->cpuid_min_xlevel, 0x8000001F);
5977         }
5978     }
5979 
5980     /* Set cpuid_*level* based on cpuid_min_*level, if not explicitly set */
5981     if (env->cpuid_level_func7 == UINT32_MAX) {
5982         env->cpuid_level_func7 = env->cpuid_min_level_func7;
5983     }
5984     if (env->cpuid_level == UINT32_MAX) {
5985         env->cpuid_level = env->cpuid_min_level;
5986     }
5987     if (env->cpuid_xlevel == UINT32_MAX) {
5988         env->cpuid_xlevel = env->cpuid_min_xlevel;
5989     }
5990     if (env->cpuid_xlevel2 == UINT32_MAX) {
5991         env->cpuid_xlevel2 = env->cpuid_min_xlevel2;
5992     }
5993 }
5994 
5995 /*
5996  * Finishes initialization of CPUID data, filters CPU feature
5997  * words based on host availability of each feature.
5998  *
5999  * Returns: 0 if all flags are supported by the host, non-zero otherwise.
6000  */
6001 static void x86_cpu_filter_features(X86CPU *cpu, bool verbose)
6002 {
6003     CPUX86State *env = &cpu->env;
6004     FeatureWord w;
6005     const char *prefix = NULL;
6006 
6007     if (verbose) {
6008         prefix = accel_uses_host_cpuid()
6009                  ? "host doesn't support requested feature"
6010                  : "TCG doesn't support requested feature";
6011     }
6012 
6013     for (w = 0; w < FEATURE_WORDS; w++) {
6014         uint64_t host_feat =
6015             x86_cpu_get_supported_feature_word(w, false);
6016         uint64_t requested_features = env->features[w];
6017         uint64_t unavailable_features = requested_features & ~host_feat;
6018         mark_unavailable_features(cpu, w, unavailable_features, prefix);
6019     }
6020 
6021     if ((env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_INTEL_PT) &&
6022         kvm_enabled()) {
6023         KVMState *s = CPU(cpu)->kvm_state;
6024         uint32_t eax_0 = kvm_arch_get_supported_cpuid(s, 0x14, 0, R_EAX);
6025         uint32_t ebx_0 = kvm_arch_get_supported_cpuid(s, 0x14, 0, R_EBX);
6026         uint32_t ecx_0 = kvm_arch_get_supported_cpuid(s, 0x14, 0, R_ECX);
6027         uint32_t eax_1 = kvm_arch_get_supported_cpuid(s, 0x14, 1, R_EAX);
6028         uint32_t ebx_1 = kvm_arch_get_supported_cpuid(s, 0x14, 1, R_EBX);
6029 
6030         if (!eax_0 ||
6031            ((ebx_0 & INTEL_PT_MINIMAL_EBX) != INTEL_PT_MINIMAL_EBX) ||
6032            ((ecx_0 & INTEL_PT_MINIMAL_ECX) != INTEL_PT_MINIMAL_ECX) ||
6033            ((eax_1 & INTEL_PT_MTC_BITMAP) != INTEL_PT_MTC_BITMAP) ||
6034            ((eax_1 & INTEL_PT_ADDR_RANGES_NUM_MASK) <
6035                                            INTEL_PT_ADDR_RANGES_NUM) ||
6036            ((ebx_1 & (INTEL_PT_PSB_BITMAP | INTEL_PT_CYCLE_BITMAP)) !=
6037                 (INTEL_PT_PSB_BITMAP | INTEL_PT_CYCLE_BITMAP)) ||
6038            ((ecx_0 & CPUID_14_0_ECX_LIP) !=
6039                 (env->features[FEAT_14_0_ECX] & CPUID_14_0_ECX_LIP))) {
6040             /*
6041              * Processor Trace capabilities aren't configurable, so if the
6042              * host can't emulate the capabilities we report on
6043              * cpu_x86_cpuid(), intel-pt can't be enabled on the current host.
6044              */
6045             mark_unavailable_features(cpu, FEAT_7_0_EBX, CPUID_7_0_EBX_INTEL_PT, prefix);
6046         }
6047     }
6048 }
6049 
6050 static void x86_cpu_hyperv_realize(X86CPU *cpu)
6051 {
6052     size_t len;
6053 
6054     /* Hyper-V vendor id */
6055     if (!cpu->hyperv_vendor) {
6056         object_property_set_str(OBJECT(cpu), "hv-vendor-id", "Microsoft Hv",
6057                                 &error_abort);
6058     }
6059     len = strlen(cpu->hyperv_vendor);
6060     if (len > 12) {
6061         warn_report("hv-vendor-id truncated to 12 characters");
6062         len = 12;
6063     }
6064     memset(cpu->hyperv_vendor_id, 0, 12);
6065     memcpy(cpu->hyperv_vendor_id, cpu->hyperv_vendor, len);
6066 
6067     /* 'Hv#1' interface identification*/
6068     cpu->hyperv_interface_id[0] = 0x31237648;
6069     cpu->hyperv_interface_id[1] = 0;
6070     cpu->hyperv_interface_id[2] = 0;
6071     cpu->hyperv_interface_id[3] = 0;
6072 
6073     /* Hypervisor system identity */
6074     cpu->hyperv_version_id[0] = 0x00001bbc;
6075     cpu->hyperv_version_id[1] = 0x00060001;
6076 
6077     /* Hypervisor implementation limits */
6078     cpu->hyperv_limits[0] = 64;
6079     cpu->hyperv_limits[1] = 0;
6080     cpu->hyperv_limits[2] = 0;
6081 }
6082 
6083 static void x86_cpu_realizefn(DeviceState *dev, Error **errp)
6084 {
6085     CPUState *cs = CPU(dev);
6086     X86CPU *cpu = X86_CPU(dev);
6087     X86CPUClass *xcc = X86_CPU_GET_CLASS(dev);
6088     CPUX86State *env = &cpu->env;
6089     Error *local_err = NULL;
6090     static bool ht_warned;
6091 
6092     if (cpu->apic_id == UNASSIGNED_APIC_ID) {
6093         error_setg(errp, "apic-id property was not initialized properly");
6094         return;
6095     }
6096 
6097     /*
6098      * Process Hyper-V enlightenments.
6099      * Note: this currently has to happen before the expansion of CPU features.
6100      */
6101     x86_cpu_hyperv_realize(cpu);
6102 
6103     x86_cpu_expand_features(cpu, &local_err);
6104     if (local_err) {
6105         goto out;
6106     }
6107 
6108     x86_cpu_filter_features(cpu, cpu->check_cpuid || cpu->enforce_cpuid);
6109 
6110     if (cpu->enforce_cpuid && x86_cpu_have_filtered_features(cpu)) {
6111         error_setg(&local_err,
6112                    accel_uses_host_cpuid() ?
6113                        "Host doesn't support requested features" :
6114                        "TCG doesn't support requested features");
6115         goto out;
6116     }
6117 
6118     /* On AMD CPUs, some CPUID[8000_0001].EDX bits must match the bits on
6119      * CPUID[1].EDX.
6120      */
6121     if (IS_AMD_CPU(env)) {
6122         env->features[FEAT_8000_0001_EDX] &= ~CPUID_EXT2_AMD_ALIASES;
6123         env->features[FEAT_8000_0001_EDX] |= (env->features[FEAT_1_EDX]
6124            & CPUID_EXT2_AMD_ALIASES);
6125     }
6126 
6127     /*
6128      * note: the call to the framework needs to happen after feature expansion,
6129      * but before the checks/modifications to ucode_rev, mwait, phys_bits.
6130      * These may be set by the accel-specific code,
6131      * and the results are subsequently checked / assumed in this function.
6132      */
6133     cpu_exec_realizefn(cs, &local_err);
6134     if (local_err != NULL) {
6135         error_propagate(errp, local_err);
6136         return;
6137     }
6138 
6139     if (xcc->host_cpuid_required && !accel_uses_host_cpuid()) {
6140         g_autofree char *name = x86_cpu_class_get_model_name(xcc);
6141         error_setg(&local_err, "CPU model '%s' requires KVM or HVF", name);
6142         goto out;
6143     }
6144 
6145     if (cpu->ucode_rev == 0) {
6146         /*
6147          * The default is the same as KVM's. Note that this check
6148          * needs to happen after the evenual setting of ucode_rev in
6149          * accel-specific code in cpu_exec_realizefn.
6150          */
6151         if (IS_AMD_CPU(env)) {
6152             cpu->ucode_rev = 0x01000065;
6153         } else {
6154             cpu->ucode_rev = 0x100000000ULL;
6155         }
6156     }
6157 
6158     /*
6159      * mwait extended info: needed for Core compatibility
6160      * We always wake on interrupt even if host does not have the capability.
6161      *
6162      * requires the accel-specific code in cpu_exec_realizefn to
6163      * have already acquired the CPUID data into cpu->mwait.
6164      */
6165     cpu->mwait.ecx |= CPUID_MWAIT_EMX | CPUID_MWAIT_IBE;
6166 
6167     /* For 64bit systems think about the number of physical bits to present.
6168      * ideally this should be the same as the host; anything other than matching
6169      * the host can cause incorrect guest behaviour.
6170      * QEMU used to pick the magic value of 40 bits that corresponds to
6171      * consumer AMD devices but nothing else.
6172      *
6173      * Note that this code assumes features expansion has already been done
6174      * (as it checks for CPUID_EXT2_LM), and also assumes that potential
6175      * phys_bits adjustments to match the host have been already done in
6176      * accel-specific code in cpu_exec_realizefn.
6177      */
6178     if (env->features[FEAT_8000_0001_EDX] & CPUID_EXT2_LM) {
6179         if (cpu->phys_bits &&
6180             (cpu->phys_bits > TARGET_PHYS_ADDR_SPACE_BITS ||
6181             cpu->phys_bits < 32)) {
6182             error_setg(errp, "phys-bits should be between 32 and %u "
6183                              " (but is %u)",
6184                              TARGET_PHYS_ADDR_SPACE_BITS, cpu->phys_bits);
6185             return;
6186         }
6187         /*
6188          * 0 means it was not explicitly set by the user (or by machine
6189          * compat_props or by the host code in host-cpu.c).
6190          * In this case, the default is the value used by TCG (40).
6191          */
6192         if (cpu->phys_bits == 0) {
6193             cpu->phys_bits = TCG_PHYS_ADDR_BITS;
6194         }
6195     } else {
6196         /* For 32 bit systems don't use the user set value, but keep
6197          * phys_bits consistent with what we tell the guest.
6198          */
6199         if (cpu->phys_bits != 0) {
6200             error_setg(errp, "phys-bits is not user-configurable in 32 bit");
6201             return;
6202         }
6203 
6204         if (env->features[FEAT_1_EDX] & CPUID_PSE36) {
6205             cpu->phys_bits = 36;
6206         } else {
6207             cpu->phys_bits = 32;
6208         }
6209     }
6210 
6211     /* Cache information initialization */
6212     if (!cpu->legacy_cache) {
6213         if (!xcc->model || !xcc->model->cpudef->cache_info) {
6214             g_autofree char *name = x86_cpu_class_get_model_name(xcc);
6215             error_setg(errp,
6216                        "CPU model '%s' doesn't support legacy-cache=off", name);
6217             return;
6218         }
6219         env->cache_info_cpuid2 = env->cache_info_cpuid4 = env->cache_info_amd =
6220             *xcc->model->cpudef->cache_info;
6221     } else {
6222         /* Build legacy cache information */
6223         env->cache_info_cpuid2.l1d_cache = &legacy_l1d_cache;
6224         env->cache_info_cpuid2.l1i_cache = &legacy_l1i_cache;
6225         env->cache_info_cpuid2.l2_cache = &legacy_l2_cache_cpuid2;
6226         env->cache_info_cpuid2.l3_cache = &legacy_l3_cache;
6227 
6228         env->cache_info_cpuid4.l1d_cache = &legacy_l1d_cache;
6229         env->cache_info_cpuid4.l1i_cache = &legacy_l1i_cache;
6230         env->cache_info_cpuid4.l2_cache = &legacy_l2_cache;
6231         env->cache_info_cpuid4.l3_cache = &legacy_l3_cache;
6232 
6233         env->cache_info_amd.l1d_cache = &legacy_l1d_cache_amd;
6234         env->cache_info_amd.l1i_cache = &legacy_l1i_cache_amd;
6235         env->cache_info_amd.l2_cache = &legacy_l2_cache_amd;
6236         env->cache_info_amd.l3_cache = &legacy_l3_cache;
6237     }
6238 
6239 #ifndef CONFIG_USER_ONLY
6240     MachineState *ms = MACHINE(qdev_get_machine());
6241     qemu_register_reset(x86_cpu_machine_reset_cb, cpu);
6242 
6243     if (cpu->env.features[FEAT_1_EDX] & CPUID_APIC || ms->smp.cpus > 1) {
6244         x86_cpu_apic_create(cpu, &local_err);
6245         if (local_err != NULL) {
6246             goto out;
6247         }
6248     }
6249 #endif
6250 
6251     mce_init(cpu);
6252 
6253     qemu_init_vcpu(cs);
6254 
6255     /*
6256      * Most Intel and certain AMD CPUs support hyperthreading. Even though QEMU
6257      * fixes this issue by adjusting CPUID_0000_0001_EBX and CPUID_8000_0008_ECX
6258      * based on inputs (sockets,cores,threads), it is still better to give
6259      * users a warning.
6260      *
6261      * NOTE: the following code has to follow qemu_init_vcpu(). Otherwise
6262      * cs->nr_threads hasn't be populated yet and the checking is incorrect.
6263      */
6264     if (IS_AMD_CPU(env) &&
6265         !(env->features[FEAT_8000_0001_ECX] & CPUID_EXT3_TOPOEXT) &&
6266         cs->nr_threads > 1 && !ht_warned) {
6267             warn_report("This family of AMD CPU doesn't support "
6268                         "hyperthreading(%d)",
6269                         cs->nr_threads);
6270             error_printf("Please configure -smp options properly"
6271                          " or try enabling topoext feature.\n");
6272             ht_warned = true;
6273     }
6274 
6275 #ifndef CONFIG_USER_ONLY
6276     x86_cpu_apic_realize(cpu, &local_err);
6277     if (local_err != NULL) {
6278         goto out;
6279     }
6280 #endif /* !CONFIG_USER_ONLY */
6281     cpu_reset(cs);
6282 
6283     xcc->parent_realize(dev, &local_err);
6284 
6285 out:
6286     if (local_err != NULL) {
6287         error_propagate(errp, local_err);
6288         return;
6289     }
6290 }
6291 
6292 static void x86_cpu_unrealizefn(DeviceState *dev)
6293 {
6294     X86CPU *cpu = X86_CPU(dev);
6295     X86CPUClass *xcc = X86_CPU_GET_CLASS(dev);
6296 
6297 #ifndef CONFIG_USER_ONLY
6298     cpu_remove_sync(CPU(dev));
6299     qemu_unregister_reset(x86_cpu_machine_reset_cb, dev);
6300 #endif
6301 
6302     if (cpu->apic_state) {
6303         object_unparent(OBJECT(cpu->apic_state));
6304         cpu->apic_state = NULL;
6305     }
6306 
6307     xcc->parent_unrealize(dev);
6308 }
6309 
6310 typedef struct BitProperty {
6311     FeatureWord w;
6312     uint64_t mask;
6313 } BitProperty;
6314 
6315 static void x86_cpu_get_bit_prop(Object *obj, Visitor *v, const char *name,
6316                                  void *opaque, Error **errp)
6317 {
6318     X86CPU *cpu = X86_CPU(obj);
6319     BitProperty *fp = opaque;
6320     uint64_t f = cpu->env.features[fp->w];
6321     bool value = (f & fp->mask) == fp->mask;
6322     visit_type_bool(v, name, &value, errp);
6323 }
6324 
6325 static void x86_cpu_set_bit_prop(Object *obj, Visitor *v, const char *name,
6326                                  void *opaque, Error **errp)
6327 {
6328     DeviceState *dev = DEVICE(obj);
6329     X86CPU *cpu = X86_CPU(obj);
6330     BitProperty *fp = opaque;
6331     bool value;
6332 
6333     if (dev->realized) {
6334         qdev_prop_set_after_realize(dev, name, errp);
6335         return;
6336     }
6337 
6338     if (!visit_type_bool(v, name, &value, errp)) {
6339         return;
6340     }
6341 
6342     if (value) {
6343         cpu->env.features[fp->w] |= fp->mask;
6344     } else {
6345         cpu->env.features[fp->w] &= ~fp->mask;
6346     }
6347     cpu->env.user_features[fp->w] |= fp->mask;
6348 }
6349 
6350 /* Register a boolean property to get/set a single bit in a uint32_t field.
6351  *
6352  * The same property name can be registered multiple times to make it affect
6353  * multiple bits in the same FeatureWord. In that case, the getter will return
6354  * true only if all bits are set.
6355  */
6356 static void x86_cpu_register_bit_prop(X86CPUClass *xcc,
6357                                       const char *prop_name,
6358                                       FeatureWord w,
6359                                       int bitnr)
6360 {
6361     ObjectClass *oc = OBJECT_CLASS(xcc);
6362     BitProperty *fp;
6363     ObjectProperty *op;
6364     uint64_t mask = (1ULL << bitnr);
6365 
6366     op = object_class_property_find(oc, prop_name);
6367     if (op) {
6368         fp = op->opaque;
6369         assert(fp->w == w);
6370         fp->mask |= mask;
6371     } else {
6372         fp = g_new0(BitProperty, 1);
6373         fp->w = w;
6374         fp->mask = mask;
6375         object_class_property_add(oc, prop_name, "bool",
6376                                   x86_cpu_get_bit_prop,
6377                                   x86_cpu_set_bit_prop,
6378                                   NULL, fp);
6379     }
6380 }
6381 
6382 static void x86_cpu_register_feature_bit_props(X86CPUClass *xcc,
6383                                                FeatureWord w,
6384                                                int bitnr)
6385 {
6386     FeatureWordInfo *fi = &feature_word_info[w];
6387     const char *name = fi->feat_names[bitnr];
6388 
6389     if (!name) {
6390         return;
6391     }
6392 
6393     /* Property names should use "-" instead of "_".
6394      * Old names containing underscores are registered as aliases
6395      * using object_property_add_alias()
6396      */
6397     assert(!strchr(name, '_'));
6398     /* aliases don't use "|" delimiters anymore, they are registered
6399      * manually using object_property_add_alias() */
6400     assert(!strchr(name, '|'));
6401     x86_cpu_register_bit_prop(xcc, name, w, bitnr);
6402 }
6403 
6404 static void x86_cpu_post_initfn(Object *obj)
6405 {
6406     accel_cpu_instance_init(CPU(obj));
6407 }
6408 
6409 static void x86_cpu_initfn(Object *obj)
6410 {
6411     X86CPU *cpu = X86_CPU(obj);
6412     X86CPUClass *xcc = X86_CPU_GET_CLASS(obj);
6413     CPUX86State *env = &cpu->env;
6414 
6415     env->nr_dies = 1;
6416     cpu_set_cpustate_pointers(cpu);
6417 
6418     object_property_add(obj, "feature-words", "X86CPUFeatureWordInfo",
6419                         x86_cpu_get_feature_words,
6420                         NULL, NULL, (void *)env->features);
6421     object_property_add(obj, "filtered-features", "X86CPUFeatureWordInfo",
6422                         x86_cpu_get_feature_words,
6423                         NULL, NULL, (void *)cpu->filtered_features);
6424 
6425     object_property_add_alias(obj, "sse3", obj, "pni");
6426     object_property_add_alias(obj, "pclmuldq", obj, "pclmulqdq");
6427     object_property_add_alias(obj, "sse4-1", obj, "sse4.1");
6428     object_property_add_alias(obj, "sse4-2", obj, "sse4.2");
6429     object_property_add_alias(obj, "xd", obj, "nx");
6430     object_property_add_alias(obj, "ffxsr", obj, "fxsr-opt");
6431     object_property_add_alias(obj, "i64", obj, "lm");
6432 
6433     object_property_add_alias(obj, "ds_cpl", obj, "ds-cpl");
6434     object_property_add_alias(obj, "tsc_adjust", obj, "tsc-adjust");
6435     object_property_add_alias(obj, "fxsr_opt", obj, "fxsr-opt");
6436     object_property_add_alias(obj, "lahf_lm", obj, "lahf-lm");
6437     object_property_add_alias(obj, "cmp_legacy", obj, "cmp-legacy");
6438     object_property_add_alias(obj, "nodeid_msr", obj, "nodeid-msr");
6439     object_property_add_alias(obj, "perfctr_core", obj, "perfctr-core");
6440     object_property_add_alias(obj, "perfctr_nb", obj, "perfctr-nb");
6441     object_property_add_alias(obj, "kvm_nopiodelay", obj, "kvm-nopiodelay");
6442     object_property_add_alias(obj, "kvm_mmu", obj, "kvm-mmu");
6443     object_property_add_alias(obj, "kvm_asyncpf", obj, "kvm-asyncpf");
6444     object_property_add_alias(obj, "kvm_asyncpf_int", obj, "kvm-asyncpf-int");
6445     object_property_add_alias(obj, "kvm_steal_time", obj, "kvm-steal-time");
6446     object_property_add_alias(obj, "kvm_pv_eoi", obj, "kvm-pv-eoi");
6447     object_property_add_alias(obj, "kvm_pv_unhalt", obj, "kvm-pv-unhalt");
6448     object_property_add_alias(obj, "kvm_poll_control", obj, "kvm-poll-control");
6449     object_property_add_alias(obj, "svm_lock", obj, "svm-lock");
6450     object_property_add_alias(obj, "nrip_save", obj, "nrip-save");
6451     object_property_add_alias(obj, "tsc_scale", obj, "tsc-scale");
6452     object_property_add_alias(obj, "vmcb_clean", obj, "vmcb-clean");
6453     object_property_add_alias(obj, "pause_filter", obj, "pause-filter");
6454     object_property_add_alias(obj, "sse4_1", obj, "sse4.1");
6455     object_property_add_alias(obj, "sse4_2", obj, "sse4.2");
6456 
6457     if (xcc->model) {
6458         x86_cpu_load_model(cpu, xcc->model);
6459     }
6460 }
6461 
6462 static int64_t x86_cpu_get_arch_id(CPUState *cs)
6463 {
6464     X86CPU *cpu = X86_CPU(cs);
6465 
6466     return cpu->apic_id;
6467 }
6468 
6469 #if !defined(CONFIG_USER_ONLY)
6470 static bool x86_cpu_get_paging_enabled(const CPUState *cs)
6471 {
6472     X86CPU *cpu = X86_CPU(cs);
6473 
6474     return cpu->env.cr[0] & CR0_PG_MASK;
6475 }
6476 #endif /* !CONFIG_USER_ONLY */
6477 
6478 static void x86_cpu_set_pc(CPUState *cs, vaddr value)
6479 {
6480     X86CPU *cpu = X86_CPU(cs);
6481 
6482     cpu->env.eip = value;
6483 }
6484 
6485 int x86_cpu_pending_interrupt(CPUState *cs, int interrupt_request)
6486 {
6487     X86CPU *cpu = X86_CPU(cs);
6488     CPUX86State *env = &cpu->env;
6489 
6490 #if !defined(CONFIG_USER_ONLY)
6491     if (interrupt_request & CPU_INTERRUPT_POLL) {
6492         return CPU_INTERRUPT_POLL;
6493     }
6494 #endif
6495     if (interrupt_request & CPU_INTERRUPT_SIPI) {
6496         return CPU_INTERRUPT_SIPI;
6497     }
6498 
6499     if (env->hflags2 & HF2_GIF_MASK) {
6500         if ((interrupt_request & CPU_INTERRUPT_SMI) &&
6501             !(env->hflags & HF_SMM_MASK)) {
6502             return CPU_INTERRUPT_SMI;
6503         } else if ((interrupt_request & CPU_INTERRUPT_NMI) &&
6504                    !(env->hflags2 & HF2_NMI_MASK)) {
6505             return CPU_INTERRUPT_NMI;
6506         } else if (interrupt_request & CPU_INTERRUPT_MCE) {
6507             return CPU_INTERRUPT_MCE;
6508         } else if ((interrupt_request & CPU_INTERRUPT_HARD) &&
6509                    (((env->hflags2 & HF2_VINTR_MASK) &&
6510                      (env->hflags2 & HF2_HIF_MASK)) ||
6511                     (!(env->hflags2 & HF2_VINTR_MASK) &&
6512                      (env->eflags & IF_MASK &&
6513                       !(env->hflags & HF_INHIBIT_IRQ_MASK))))) {
6514             return CPU_INTERRUPT_HARD;
6515 #if !defined(CONFIG_USER_ONLY)
6516         } else if ((interrupt_request & CPU_INTERRUPT_VIRQ) &&
6517                    (env->eflags & IF_MASK) &&
6518                    !(env->hflags & HF_INHIBIT_IRQ_MASK)) {
6519             return CPU_INTERRUPT_VIRQ;
6520 #endif
6521         }
6522     }
6523 
6524     return 0;
6525 }
6526 
6527 static bool x86_cpu_has_work(CPUState *cs)
6528 {
6529     return x86_cpu_pending_interrupt(cs, cs->interrupt_request) != 0;
6530 }
6531 
6532 static void x86_disas_set_info(CPUState *cs, disassemble_info *info)
6533 {
6534     X86CPU *cpu = X86_CPU(cs);
6535     CPUX86State *env = &cpu->env;
6536 
6537     info->mach = (env->hflags & HF_CS64_MASK ? bfd_mach_x86_64
6538                   : env->hflags & HF_CS32_MASK ? bfd_mach_i386_i386
6539                   : bfd_mach_i386_i8086);
6540     info->print_insn = print_insn_i386;
6541 
6542     info->cap_arch = CS_ARCH_X86;
6543     info->cap_mode = (env->hflags & HF_CS64_MASK ? CS_MODE_64
6544                       : env->hflags & HF_CS32_MASK ? CS_MODE_32
6545                       : CS_MODE_16);
6546     info->cap_insn_unit = 1;
6547     info->cap_insn_split = 8;
6548 }
6549 
6550 void x86_update_hflags(CPUX86State *env)
6551 {
6552    uint32_t hflags;
6553 #define HFLAG_COPY_MASK \
6554     ~( HF_CPL_MASK | HF_PE_MASK | HF_MP_MASK | HF_EM_MASK | \
6555        HF_TS_MASK | HF_TF_MASK | HF_VM_MASK | HF_IOPL_MASK | \
6556        HF_OSFXSR_MASK | HF_LMA_MASK | HF_CS32_MASK | \
6557        HF_SS32_MASK | HF_CS64_MASK | HF_ADDSEG_MASK)
6558 
6559     hflags = env->hflags & HFLAG_COPY_MASK;
6560     hflags |= (env->segs[R_SS].flags >> DESC_DPL_SHIFT) & HF_CPL_MASK;
6561     hflags |= (env->cr[0] & CR0_PE_MASK) << (HF_PE_SHIFT - CR0_PE_SHIFT);
6562     hflags |= (env->cr[0] << (HF_MP_SHIFT - CR0_MP_SHIFT)) &
6563                 (HF_MP_MASK | HF_EM_MASK | HF_TS_MASK);
6564     hflags |= (env->eflags & (HF_TF_MASK | HF_VM_MASK | HF_IOPL_MASK));
6565 
6566     if (env->cr[4] & CR4_OSFXSR_MASK) {
6567         hflags |= HF_OSFXSR_MASK;
6568     }
6569 
6570     if (env->efer & MSR_EFER_LMA) {
6571         hflags |= HF_LMA_MASK;
6572     }
6573 
6574     if ((hflags & HF_LMA_MASK) && (env->segs[R_CS].flags & DESC_L_MASK)) {
6575         hflags |= HF_CS32_MASK | HF_SS32_MASK | HF_CS64_MASK;
6576     } else {
6577         hflags |= (env->segs[R_CS].flags & DESC_B_MASK) >>
6578                     (DESC_B_SHIFT - HF_CS32_SHIFT);
6579         hflags |= (env->segs[R_SS].flags & DESC_B_MASK) >>
6580                     (DESC_B_SHIFT - HF_SS32_SHIFT);
6581         if (!(env->cr[0] & CR0_PE_MASK) || (env->eflags & VM_MASK) ||
6582             !(hflags & HF_CS32_MASK)) {
6583             hflags |= HF_ADDSEG_MASK;
6584         } else {
6585             hflags |= ((env->segs[R_DS].base | env->segs[R_ES].base |
6586                         env->segs[R_SS].base) != 0) << HF_ADDSEG_SHIFT;
6587         }
6588     }
6589     env->hflags = hflags;
6590 }
6591 
6592 static Property x86_cpu_properties[] = {
6593 #ifdef CONFIG_USER_ONLY
6594     /* apic_id = 0 by default for *-user, see commit 9886e834 */
6595     DEFINE_PROP_UINT32("apic-id", X86CPU, apic_id, 0),
6596     DEFINE_PROP_INT32("thread-id", X86CPU, thread_id, 0),
6597     DEFINE_PROP_INT32("core-id", X86CPU, core_id, 0),
6598     DEFINE_PROP_INT32("die-id", X86CPU, die_id, 0),
6599     DEFINE_PROP_INT32("socket-id", X86CPU, socket_id, 0),
6600 #else
6601     DEFINE_PROP_UINT32("apic-id", X86CPU, apic_id, UNASSIGNED_APIC_ID),
6602     DEFINE_PROP_INT32("thread-id", X86CPU, thread_id, -1),
6603     DEFINE_PROP_INT32("core-id", X86CPU, core_id, -1),
6604     DEFINE_PROP_INT32("die-id", X86CPU, die_id, -1),
6605     DEFINE_PROP_INT32("socket-id", X86CPU, socket_id, -1),
6606 #endif
6607     DEFINE_PROP_INT32("node-id", X86CPU, node_id, CPU_UNSET_NUMA_NODE_ID),
6608     DEFINE_PROP_BOOL("pmu", X86CPU, enable_pmu, false),
6609 
6610     DEFINE_PROP_UINT32("hv-spinlocks", X86CPU, hyperv_spinlock_attempts,
6611                        HYPERV_SPINLOCK_NEVER_NOTIFY),
6612     DEFINE_PROP_BIT64("hv-relaxed", X86CPU, hyperv_features,
6613                       HYPERV_FEAT_RELAXED, 0),
6614     DEFINE_PROP_BIT64("hv-vapic", X86CPU, hyperv_features,
6615                       HYPERV_FEAT_VAPIC, 0),
6616     DEFINE_PROP_BIT64("hv-time", X86CPU, hyperv_features,
6617                       HYPERV_FEAT_TIME, 0),
6618     DEFINE_PROP_BIT64("hv-crash", X86CPU, hyperv_features,
6619                       HYPERV_FEAT_CRASH, 0),
6620     DEFINE_PROP_BIT64("hv-reset", X86CPU, hyperv_features,
6621                       HYPERV_FEAT_RESET, 0),
6622     DEFINE_PROP_BIT64("hv-vpindex", X86CPU, hyperv_features,
6623                       HYPERV_FEAT_VPINDEX, 0),
6624     DEFINE_PROP_BIT64("hv-runtime", X86CPU, hyperv_features,
6625                       HYPERV_FEAT_RUNTIME, 0),
6626     DEFINE_PROP_BIT64("hv-synic", X86CPU, hyperv_features,
6627                       HYPERV_FEAT_SYNIC, 0),
6628     DEFINE_PROP_BIT64("hv-stimer", X86CPU, hyperv_features,
6629                       HYPERV_FEAT_STIMER, 0),
6630     DEFINE_PROP_BIT64("hv-frequencies", X86CPU, hyperv_features,
6631                       HYPERV_FEAT_FREQUENCIES, 0),
6632     DEFINE_PROP_BIT64("hv-reenlightenment", X86CPU, hyperv_features,
6633                       HYPERV_FEAT_REENLIGHTENMENT, 0),
6634     DEFINE_PROP_BIT64("hv-tlbflush", X86CPU, hyperv_features,
6635                       HYPERV_FEAT_TLBFLUSH, 0),
6636     DEFINE_PROP_BIT64("hv-evmcs", X86CPU, hyperv_features,
6637                       HYPERV_FEAT_EVMCS, 0),
6638     DEFINE_PROP_BIT64("hv-ipi", X86CPU, hyperv_features,
6639                       HYPERV_FEAT_IPI, 0),
6640     DEFINE_PROP_BIT64("hv-stimer-direct", X86CPU, hyperv_features,
6641                       HYPERV_FEAT_STIMER_DIRECT, 0),
6642     DEFINE_PROP_ON_OFF_AUTO("hv-no-nonarch-coresharing", X86CPU,
6643                             hyperv_no_nonarch_cs, ON_OFF_AUTO_OFF),
6644     DEFINE_PROP_BOOL("hv-passthrough", X86CPU, hyperv_passthrough, false),
6645 
6646     DEFINE_PROP_BOOL("check", X86CPU, check_cpuid, true),
6647     DEFINE_PROP_BOOL("enforce", X86CPU, enforce_cpuid, false),
6648     DEFINE_PROP_BOOL("x-force-features", X86CPU, force_features, false),
6649     DEFINE_PROP_BOOL("kvm", X86CPU, expose_kvm, true),
6650     DEFINE_PROP_UINT32("phys-bits", X86CPU, phys_bits, 0),
6651     DEFINE_PROP_BOOL("host-phys-bits", X86CPU, host_phys_bits, false),
6652     DEFINE_PROP_UINT8("host-phys-bits-limit", X86CPU, host_phys_bits_limit, 0),
6653     DEFINE_PROP_BOOL("fill-mtrr-mask", X86CPU, fill_mtrr_mask, true),
6654     DEFINE_PROP_UINT32("level-func7", X86CPU, env.cpuid_level_func7,
6655                        UINT32_MAX),
6656     DEFINE_PROP_UINT32("level", X86CPU, env.cpuid_level, UINT32_MAX),
6657     DEFINE_PROP_UINT32("xlevel", X86CPU, env.cpuid_xlevel, UINT32_MAX),
6658     DEFINE_PROP_UINT32("xlevel2", X86CPU, env.cpuid_xlevel2, UINT32_MAX),
6659     DEFINE_PROP_UINT32("min-level", X86CPU, env.cpuid_min_level, 0),
6660     DEFINE_PROP_UINT32("min-xlevel", X86CPU, env.cpuid_min_xlevel, 0),
6661     DEFINE_PROP_UINT32("min-xlevel2", X86CPU, env.cpuid_min_xlevel2, 0),
6662     DEFINE_PROP_UINT64("ucode-rev", X86CPU, ucode_rev, 0),
6663     DEFINE_PROP_BOOL("full-cpuid-auto-level", X86CPU, full_cpuid_auto_level, true),
6664     DEFINE_PROP_STRING("hv-vendor-id", X86CPU, hyperv_vendor),
6665     DEFINE_PROP_BOOL("cpuid-0xb", X86CPU, enable_cpuid_0xb, true),
6666     DEFINE_PROP_BOOL("lmce", X86CPU, enable_lmce, false),
6667     DEFINE_PROP_BOOL("l3-cache", X86CPU, enable_l3_cache, true),
6668     DEFINE_PROP_BOOL("kvm-no-smi-migration", X86CPU, kvm_no_smi_migration,
6669                      false),
6670     DEFINE_PROP_BOOL("vmware-cpuid-freq", X86CPU, vmware_cpuid_freq, true),
6671     DEFINE_PROP_BOOL("tcg-cpuid", X86CPU, expose_tcg, true),
6672     DEFINE_PROP_BOOL("x-migrate-smi-count", X86CPU, migrate_smi_count,
6673                      true),
6674     /*
6675      * lecacy_cache defaults to true unless the CPU model provides its
6676      * own cache information (see x86_cpu_load_def()).
6677      */
6678     DEFINE_PROP_BOOL("legacy-cache", X86CPU, legacy_cache, true),
6679 
6680     /*
6681      * From "Requirements for Implementing the Microsoft
6682      * Hypervisor Interface":
6683      * https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/reference/tlfs
6684      *
6685      * "Starting with Windows Server 2012 and Windows 8, if
6686      * CPUID.40000005.EAX contains a value of -1, Windows assumes that
6687      * the hypervisor imposes no specific limit to the number of VPs.
6688      * In this case, Windows Server 2012 guest VMs may use more than
6689      * 64 VPs, up to the maximum supported number of processors applicable
6690      * to the specific Windows version being used."
6691      */
6692     DEFINE_PROP_INT32("x-hv-max-vps", X86CPU, hv_max_vps, -1),
6693     DEFINE_PROP_BOOL("x-hv-synic-kvm-only", X86CPU, hyperv_synic_kvm_only,
6694                      false),
6695     DEFINE_PROP_BOOL("x-intel-pt-auto-level", X86CPU, intel_pt_auto_level,
6696                      true),
6697     DEFINE_PROP_END_OF_LIST()
6698 };
6699 
6700 #ifndef CONFIG_USER_ONLY
6701 #include "hw/core/sysemu-cpu-ops.h"
6702 
6703 static const struct SysemuCPUOps i386_sysemu_ops = {
6704     .get_memory_mapping = x86_cpu_get_memory_mapping,
6705     .get_paging_enabled = x86_cpu_get_paging_enabled,
6706     .get_phys_page_attrs_debug = x86_cpu_get_phys_page_attrs_debug,
6707     .asidx_from_attrs = x86_asidx_from_attrs,
6708     .get_crash_info = x86_cpu_get_crash_info,
6709     .write_elf32_note = x86_cpu_write_elf32_note,
6710     .write_elf64_note = x86_cpu_write_elf64_note,
6711     .write_elf32_qemunote = x86_cpu_write_elf32_qemunote,
6712     .write_elf64_qemunote = x86_cpu_write_elf64_qemunote,
6713     .legacy_vmsd = &vmstate_x86_cpu,
6714 };
6715 #endif
6716 
6717 static void x86_cpu_common_class_init(ObjectClass *oc, void *data)
6718 {
6719     X86CPUClass *xcc = X86_CPU_CLASS(oc);
6720     CPUClass *cc = CPU_CLASS(oc);
6721     DeviceClass *dc = DEVICE_CLASS(oc);
6722     FeatureWord w;
6723 
6724     device_class_set_parent_realize(dc, x86_cpu_realizefn,
6725                                     &xcc->parent_realize);
6726     device_class_set_parent_unrealize(dc, x86_cpu_unrealizefn,
6727                                       &xcc->parent_unrealize);
6728     device_class_set_props(dc, x86_cpu_properties);
6729 
6730     device_class_set_parent_reset(dc, x86_cpu_reset, &xcc->parent_reset);
6731     cc->reset_dump_flags = CPU_DUMP_FPU | CPU_DUMP_CCOP;
6732 
6733     cc->class_by_name = x86_cpu_class_by_name;
6734     cc->parse_features = x86_cpu_parse_featurestr;
6735     cc->has_work = x86_cpu_has_work;
6736     cc->dump_state = x86_cpu_dump_state;
6737     cc->set_pc = x86_cpu_set_pc;
6738     cc->gdb_read_register = x86_cpu_gdb_read_register;
6739     cc->gdb_write_register = x86_cpu_gdb_write_register;
6740     cc->get_arch_id = x86_cpu_get_arch_id;
6741 
6742 #ifndef CONFIG_USER_ONLY
6743     cc->sysemu_ops = &i386_sysemu_ops;
6744 #endif /* !CONFIG_USER_ONLY */
6745 
6746     cc->gdb_arch_name = x86_gdb_arch_name;
6747 #ifdef TARGET_X86_64
6748     cc->gdb_core_xml_file = "i386-64bit.xml";
6749     cc->gdb_num_core_regs = 66;
6750 #else
6751     cc->gdb_core_xml_file = "i386-32bit.xml";
6752     cc->gdb_num_core_regs = 50;
6753 #endif
6754     cc->disas_set_info = x86_disas_set_info;
6755 
6756     dc->user_creatable = true;
6757 
6758     object_class_property_add(oc, "family", "int",
6759                               x86_cpuid_version_get_family,
6760                               x86_cpuid_version_set_family, NULL, NULL);
6761     object_class_property_add(oc, "model", "int",
6762                               x86_cpuid_version_get_model,
6763                               x86_cpuid_version_set_model, NULL, NULL);
6764     object_class_property_add(oc, "stepping", "int",
6765                               x86_cpuid_version_get_stepping,
6766                               x86_cpuid_version_set_stepping, NULL, NULL);
6767     object_class_property_add_str(oc, "vendor",
6768                                   x86_cpuid_get_vendor,
6769                                   x86_cpuid_set_vendor);
6770     object_class_property_add_str(oc, "model-id",
6771                                   x86_cpuid_get_model_id,
6772                                   x86_cpuid_set_model_id);
6773     object_class_property_add(oc, "tsc-frequency", "int",
6774                               x86_cpuid_get_tsc_freq,
6775                               x86_cpuid_set_tsc_freq, NULL, NULL);
6776     /*
6777      * The "unavailable-features" property has the same semantics as
6778      * CpuDefinitionInfo.unavailable-features on the "query-cpu-definitions"
6779      * QMP command: they list the features that would have prevented the
6780      * CPU from running if the "enforce" flag was set.
6781      */
6782     object_class_property_add(oc, "unavailable-features", "strList",
6783                               x86_cpu_get_unavailable_features,
6784                               NULL, NULL, NULL);
6785 
6786 #if !defined(CONFIG_USER_ONLY)
6787     object_class_property_add(oc, "crash-information", "GuestPanicInformation",
6788                               x86_cpu_get_crash_info_qom, NULL, NULL, NULL);
6789 #endif
6790 
6791     for (w = 0; w < FEATURE_WORDS; w++) {
6792         int bitnr;
6793         for (bitnr = 0; bitnr < 64; bitnr++) {
6794             x86_cpu_register_feature_bit_props(xcc, w, bitnr);
6795         }
6796     }
6797 }
6798 
6799 static const TypeInfo x86_cpu_type_info = {
6800     .name = TYPE_X86_CPU,
6801     .parent = TYPE_CPU,
6802     .instance_size = sizeof(X86CPU),
6803     .instance_init = x86_cpu_initfn,
6804     .instance_post_init = x86_cpu_post_initfn,
6805 
6806     .abstract = true,
6807     .class_size = sizeof(X86CPUClass),
6808     .class_init = x86_cpu_common_class_init,
6809 };
6810 
6811 
6812 /* "base" CPU model, used by query-cpu-model-expansion */
6813 static void x86_cpu_base_class_init(ObjectClass *oc, void *data)
6814 {
6815     X86CPUClass *xcc = X86_CPU_CLASS(oc);
6816 
6817     xcc->static_model = true;
6818     xcc->migration_safe = true;
6819     xcc->model_description = "base CPU model type with no features enabled";
6820     xcc->ordering = 8;
6821 }
6822 
6823 static const TypeInfo x86_base_cpu_type_info = {
6824         .name = X86_CPU_TYPE_NAME("base"),
6825         .parent = TYPE_X86_CPU,
6826         .class_init = x86_cpu_base_class_init,
6827 };
6828 
6829 static void x86_cpu_register_types(void)
6830 {
6831     int i;
6832 
6833     type_register_static(&x86_cpu_type_info);
6834     for (i = 0; i < ARRAY_SIZE(builtin_x86_defs); i++) {
6835         x86_register_cpudef_types(&builtin_x86_defs[i]);
6836     }
6837     type_register_static(&max_x86_cpu_type_info);
6838     type_register_static(&x86_base_cpu_type_info);
6839 }
6840 
6841 type_init(x86_cpu_register_types)
6842