xref: /openbmc/qemu/target/i386/cpu.c (revision fc664254)
1 /*
2  *  i386 CPUID, CPU class, definitions, models
3  *
4  *  Copyright (c) 2003 Fabrice Bellard
5  *
6  * This library is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Lesser General Public
8  * License as published by the Free Software Foundation; either
9  * version 2.1 of the License, or (at your option) any later version.
10  *
11  * This library is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
14  * Lesser General Public License for more details.
15  *
16  * You should have received a copy of the GNU Lesser General Public
17  * License along with this library; if not, see <http://www.gnu.org/licenses/>.
18  */
19 
20 #include "qemu/osdep.h"
21 #include "qemu/units.h"
22 #include "qemu/cutils.h"
23 #include "qemu/qemu-print.h"
24 #include "cpu.h"
25 #include "tcg/helper-tcg.h"
26 #include "sysemu/reset.h"
27 #include "sysemu/hvf.h"
28 #include "kvm/kvm_i386.h"
29 #include "sev.h"
30 #include "qapi/error.h"
31 #include "qapi/qapi-visit-machine.h"
32 #include "qapi/qmp/qerror.h"
33 #include "qapi/qapi-commands-machine-target.h"
34 #include "standard-headers/asm-x86/kvm_para.h"
35 #include "hw/qdev-properties.h"
36 #include "hw/i386/topology.h"
37 #ifndef CONFIG_USER_ONLY
38 #include "exec/address-spaces.h"
39 #include "hw/boards.h"
40 #include "hw/i386/sgx-epc.h"
41 #endif
42 
43 #include "disas/capstone.h"
44 #include "cpu-internal.h"
45 
46 /* Helpers for building CPUID[2] descriptors: */
47 
48 struct CPUID2CacheDescriptorInfo {
49     enum CacheType type;
50     int level;
51     int size;
52     int line_size;
53     int associativity;
54 };
55 
56 /*
57  * Known CPUID 2 cache descriptors.
58  * From Intel SDM Volume 2A, CPUID instruction
59  */
60 struct CPUID2CacheDescriptorInfo cpuid2_cache_descriptors[] = {
61     [0x06] = { .level = 1, .type = INSTRUCTION_CACHE, .size =   8 * KiB,
62                .associativity = 4,  .line_size = 32, },
63     [0x08] = { .level = 1, .type = INSTRUCTION_CACHE, .size =  16 * KiB,
64                .associativity = 4,  .line_size = 32, },
65     [0x09] = { .level = 1, .type = INSTRUCTION_CACHE, .size =  32 * KiB,
66                .associativity = 4,  .line_size = 64, },
67     [0x0A] = { .level = 1, .type = DATA_CACHE,        .size =   8 * KiB,
68                .associativity = 2,  .line_size = 32, },
69     [0x0C] = { .level = 1, .type = DATA_CACHE,        .size =  16 * KiB,
70                .associativity = 4,  .line_size = 32, },
71     [0x0D] = { .level = 1, .type = DATA_CACHE,        .size =  16 * KiB,
72                .associativity = 4,  .line_size = 64, },
73     [0x0E] = { .level = 1, .type = DATA_CACHE,        .size =  24 * KiB,
74                .associativity = 6,  .line_size = 64, },
75     [0x1D] = { .level = 2, .type = UNIFIED_CACHE,     .size = 128 * KiB,
76                .associativity = 2,  .line_size = 64, },
77     [0x21] = { .level = 2, .type = UNIFIED_CACHE,     .size = 256 * KiB,
78                .associativity = 8,  .line_size = 64, },
79     /* lines per sector is not supported cpuid2_cache_descriptor(),
80     * so descriptors 0x22, 0x23 are not included
81     */
82     [0x24] = { .level = 2, .type = UNIFIED_CACHE,     .size =   1 * MiB,
83                .associativity = 16, .line_size = 64, },
84     /* lines per sector is not supported cpuid2_cache_descriptor(),
85     * so descriptors 0x25, 0x20 are not included
86     */
87     [0x2C] = { .level = 1, .type = DATA_CACHE,        .size =  32 * KiB,
88                .associativity = 8,  .line_size = 64, },
89     [0x30] = { .level = 1, .type = INSTRUCTION_CACHE, .size =  32 * KiB,
90                .associativity = 8,  .line_size = 64, },
91     [0x41] = { .level = 2, .type = UNIFIED_CACHE,     .size = 128 * KiB,
92                .associativity = 4,  .line_size = 32, },
93     [0x42] = { .level = 2, .type = UNIFIED_CACHE,     .size = 256 * KiB,
94                .associativity = 4,  .line_size = 32, },
95     [0x43] = { .level = 2, .type = UNIFIED_CACHE,     .size = 512 * KiB,
96                .associativity = 4,  .line_size = 32, },
97     [0x44] = { .level = 2, .type = UNIFIED_CACHE,     .size =   1 * MiB,
98                .associativity = 4,  .line_size = 32, },
99     [0x45] = { .level = 2, .type = UNIFIED_CACHE,     .size =   2 * MiB,
100                .associativity = 4,  .line_size = 32, },
101     [0x46] = { .level = 3, .type = UNIFIED_CACHE,     .size =   4 * MiB,
102                .associativity = 4,  .line_size = 64, },
103     [0x47] = { .level = 3, .type = UNIFIED_CACHE,     .size =   8 * MiB,
104                .associativity = 8,  .line_size = 64, },
105     [0x48] = { .level = 2, .type = UNIFIED_CACHE,     .size =   3 * MiB,
106                .associativity = 12, .line_size = 64, },
107     /* Descriptor 0x49 depends on CPU family/model, so it is not included */
108     [0x4A] = { .level = 3, .type = UNIFIED_CACHE,     .size =   6 * MiB,
109                .associativity = 12, .line_size = 64, },
110     [0x4B] = { .level = 3, .type = UNIFIED_CACHE,     .size =   8 * MiB,
111                .associativity = 16, .line_size = 64, },
112     [0x4C] = { .level = 3, .type = UNIFIED_CACHE,     .size =  12 * MiB,
113                .associativity = 12, .line_size = 64, },
114     [0x4D] = { .level = 3, .type = UNIFIED_CACHE,     .size =  16 * MiB,
115                .associativity = 16, .line_size = 64, },
116     [0x4E] = { .level = 2, .type = UNIFIED_CACHE,     .size =   6 * MiB,
117                .associativity = 24, .line_size = 64, },
118     [0x60] = { .level = 1, .type = DATA_CACHE,        .size =  16 * KiB,
119                .associativity = 8,  .line_size = 64, },
120     [0x66] = { .level = 1, .type = DATA_CACHE,        .size =   8 * KiB,
121                .associativity = 4,  .line_size = 64, },
122     [0x67] = { .level = 1, .type = DATA_CACHE,        .size =  16 * KiB,
123                .associativity = 4,  .line_size = 64, },
124     [0x68] = { .level = 1, .type = DATA_CACHE,        .size =  32 * KiB,
125                .associativity = 4,  .line_size = 64, },
126     [0x78] = { .level = 2, .type = UNIFIED_CACHE,     .size =   1 * MiB,
127                .associativity = 4,  .line_size = 64, },
128     /* lines per sector is not supported cpuid2_cache_descriptor(),
129     * so descriptors 0x79, 0x7A, 0x7B, 0x7C are not included.
130     */
131     [0x7D] = { .level = 2, .type = UNIFIED_CACHE,     .size =   2 * MiB,
132                .associativity = 8,  .line_size = 64, },
133     [0x7F] = { .level = 2, .type = UNIFIED_CACHE,     .size = 512 * KiB,
134                .associativity = 2,  .line_size = 64, },
135     [0x80] = { .level = 2, .type = UNIFIED_CACHE,     .size = 512 * KiB,
136                .associativity = 8,  .line_size = 64, },
137     [0x82] = { .level = 2, .type = UNIFIED_CACHE,     .size = 256 * KiB,
138                .associativity = 8,  .line_size = 32, },
139     [0x83] = { .level = 2, .type = UNIFIED_CACHE,     .size = 512 * KiB,
140                .associativity = 8,  .line_size = 32, },
141     [0x84] = { .level = 2, .type = UNIFIED_CACHE,     .size =   1 * MiB,
142                .associativity = 8,  .line_size = 32, },
143     [0x85] = { .level = 2, .type = UNIFIED_CACHE,     .size =   2 * MiB,
144                .associativity = 8,  .line_size = 32, },
145     [0x86] = { .level = 2, .type = UNIFIED_CACHE,     .size = 512 * KiB,
146                .associativity = 4,  .line_size = 64, },
147     [0x87] = { .level = 2, .type = UNIFIED_CACHE,     .size =   1 * MiB,
148                .associativity = 8,  .line_size = 64, },
149     [0xD0] = { .level = 3, .type = UNIFIED_CACHE,     .size = 512 * KiB,
150                .associativity = 4,  .line_size = 64, },
151     [0xD1] = { .level = 3, .type = UNIFIED_CACHE,     .size =   1 * MiB,
152                .associativity = 4,  .line_size = 64, },
153     [0xD2] = { .level = 3, .type = UNIFIED_CACHE,     .size =   2 * MiB,
154                .associativity = 4,  .line_size = 64, },
155     [0xD6] = { .level = 3, .type = UNIFIED_CACHE,     .size =   1 * MiB,
156                .associativity = 8,  .line_size = 64, },
157     [0xD7] = { .level = 3, .type = UNIFIED_CACHE,     .size =   2 * MiB,
158                .associativity = 8,  .line_size = 64, },
159     [0xD8] = { .level = 3, .type = UNIFIED_CACHE,     .size =   4 * MiB,
160                .associativity = 8,  .line_size = 64, },
161     [0xDC] = { .level = 3, .type = UNIFIED_CACHE,     .size = 1.5 * MiB,
162                .associativity = 12, .line_size = 64, },
163     [0xDD] = { .level = 3, .type = UNIFIED_CACHE,     .size =   3 * MiB,
164                .associativity = 12, .line_size = 64, },
165     [0xDE] = { .level = 3, .type = UNIFIED_CACHE,     .size =   6 * MiB,
166                .associativity = 12, .line_size = 64, },
167     [0xE2] = { .level = 3, .type = UNIFIED_CACHE,     .size =   2 * MiB,
168                .associativity = 16, .line_size = 64, },
169     [0xE3] = { .level = 3, .type = UNIFIED_CACHE,     .size =   4 * MiB,
170                .associativity = 16, .line_size = 64, },
171     [0xE4] = { .level = 3, .type = UNIFIED_CACHE,     .size =   8 * MiB,
172                .associativity = 16, .line_size = 64, },
173     [0xEA] = { .level = 3, .type = UNIFIED_CACHE,     .size =  12 * MiB,
174                .associativity = 24, .line_size = 64, },
175     [0xEB] = { .level = 3, .type = UNIFIED_CACHE,     .size =  18 * MiB,
176                .associativity = 24, .line_size = 64, },
177     [0xEC] = { .level = 3, .type = UNIFIED_CACHE,     .size =  24 * MiB,
178                .associativity = 24, .line_size = 64, },
179 };
180 
181 /*
182  * "CPUID leaf 2 does not report cache descriptor information,
183  * use CPUID leaf 4 to query cache parameters"
184  */
185 #define CACHE_DESCRIPTOR_UNAVAILABLE 0xFF
186 
187 /*
188  * Return a CPUID 2 cache descriptor for a given cache.
189  * If no known descriptor is found, return CACHE_DESCRIPTOR_UNAVAILABLE
190  */
191 static uint8_t cpuid2_cache_descriptor(CPUCacheInfo *cache)
192 {
193     int i;
194 
195     assert(cache->size > 0);
196     assert(cache->level > 0);
197     assert(cache->line_size > 0);
198     assert(cache->associativity > 0);
199     for (i = 0; i < ARRAY_SIZE(cpuid2_cache_descriptors); i++) {
200         struct CPUID2CacheDescriptorInfo *d = &cpuid2_cache_descriptors[i];
201         if (d->level == cache->level && d->type == cache->type &&
202             d->size == cache->size && d->line_size == cache->line_size &&
203             d->associativity == cache->associativity) {
204                 return i;
205             }
206     }
207 
208     return CACHE_DESCRIPTOR_UNAVAILABLE;
209 }
210 
211 /* CPUID Leaf 4 constants: */
212 
213 /* EAX: */
214 #define CACHE_TYPE_D    1
215 #define CACHE_TYPE_I    2
216 #define CACHE_TYPE_UNIFIED   3
217 
218 #define CACHE_LEVEL(l)        (l << 5)
219 
220 #define CACHE_SELF_INIT_LEVEL (1 << 8)
221 
222 /* EDX: */
223 #define CACHE_NO_INVD_SHARING   (1 << 0)
224 #define CACHE_INCLUSIVE       (1 << 1)
225 #define CACHE_COMPLEX_IDX     (1 << 2)
226 
227 /* Encode CacheType for CPUID[4].EAX */
228 #define CACHE_TYPE(t) (((t) == DATA_CACHE) ? CACHE_TYPE_D : \
229                        ((t) == INSTRUCTION_CACHE) ? CACHE_TYPE_I : \
230                        ((t) == UNIFIED_CACHE) ? CACHE_TYPE_UNIFIED : \
231                        0 /* Invalid value */)
232 
233 
234 /* Encode cache info for CPUID[4] */
235 static void encode_cache_cpuid4(CPUCacheInfo *cache,
236                                 int num_apic_ids, int num_cores,
237                                 uint32_t *eax, uint32_t *ebx,
238                                 uint32_t *ecx, uint32_t *edx)
239 {
240     assert(cache->size == cache->line_size * cache->associativity *
241                           cache->partitions * cache->sets);
242 
243     assert(num_apic_ids > 0);
244     *eax = CACHE_TYPE(cache->type) |
245            CACHE_LEVEL(cache->level) |
246            (cache->self_init ? CACHE_SELF_INIT_LEVEL : 0) |
247            ((num_cores - 1) << 26) |
248            ((num_apic_ids - 1) << 14);
249 
250     assert(cache->line_size > 0);
251     assert(cache->partitions > 0);
252     assert(cache->associativity > 0);
253     /* We don't implement fully-associative caches */
254     assert(cache->associativity < cache->sets);
255     *ebx = (cache->line_size - 1) |
256            ((cache->partitions - 1) << 12) |
257            ((cache->associativity - 1) << 22);
258 
259     assert(cache->sets > 0);
260     *ecx = cache->sets - 1;
261 
262     *edx = (cache->no_invd_sharing ? CACHE_NO_INVD_SHARING : 0) |
263            (cache->inclusive ? CACHE_INCLUSIVE : 0) |
264            (cache->complex_indexing ? CACHE_COMPLEX_IDX : 0);
265 }
266 
267 /* Encode cache info for CPUID[0x80000005].ECX or CPUID[0x80000005].EDX */
268 static uint32_t encode_cache_cpuid80000005(CPUCacheInfo *cache)
269 {
270     assert(cache->size % 1024 == 0);
271     assert(cache->lines_per_tag > 0);
272     assert(cache->associativity > 0);
273     assert(cache->line_size > 0);
274     return ((cache->size / 1024) << 24) | (cache->associativity << 16) |
275            (cache->lines_per_tag << 8) | (cache->line_size);
276 }
277 
278 #define ASSOC_FULL 0xFF
279 
280 /* AMD associativity encoding used on CPUID Leaf 0x80000006: */
281 #define AMD_ENC_ASSOC(a) (a <=   1 ? a   : \
282                           a ==   2 ? 0x2 : \
283                           a ==   4 ? 0x4 : \
284                           a ==   8 ? 0x6 : \
285                           a ==  16 ? 0x8 : \
286                           a ==  32 ? 0xA : \
287                           a ==  48 ? 0xB : \
288                           a ==  64 ? 0xC : \
289                           a ==  96 ? 0xD : \
290                           a == 128 ? 0xE : \
291                           a == ASSOC_FULL ? 0xF : \
292                           0 /* invalid value */)
293 
294 /*
295  * Encode cache info for CPUID[0x80000006].ECX and CPUID[0x80000006].EDX
296  * @l3 can be NULL.
297  */
298 static void encode_cache_cpuid80000006(CPUCacheInfo *l2,
299                                        CPUCacheInfo *l3,
300                                        uint32_t *ecx, uint32_t *edx)
301 {
302     assert(l2->size % 1024 == 0);
303     assert(l2->associativity > 0);
304     assert(l2->lines_per_tag > 0);
305     assert(l2->line_size > 0);
306     *ecx = ((l2->size / 1024) << 16) |
307            (AMD_ENC_ASSOC(l2->associativity) << 12) |
308            (l2->lines_per_tag << 8) | (l2->line_size);
309 
310     if (l3) {
311         assert(l3->size % (512 * 1024) == 0);
312         assert(l3->associativity > 0);
313         assert(l3->lines_per_tag > 0);
314         assert(l3->line_size > 0);
315         *edx = ((l3->size / (512 * 1024)) << 18) |
316                (AMD_ENC_ASSOC(l3->associativity) << 12) |
317                (l3->lines_per_tag << 8) | (l3->line_size);
318     } else {
319         *edx = 0;
320     }
321 }
322 
323 /* Encode cache info for CPUID[8000001D] */
324 static void encode_cache_cpuid8000001d(CPUCacheInfo *cache,
325                                        X86CPUTopoInfo *topo_info,
326                                        uint32_t *eax, uint32_t *ebx,
327                                        uint32_t *ecx, uint32_t *edx)
328 {
329     uint32_t l3_threads;
330     assert(cache->size == cache->line_size * cache->associativity *
331                           cache->partitions * cache->sets);
332 
333     *eax = CACHE_TYPE(cache->type) | CACHE_LEVEL(cache->level) |
334                (cache->self_init ? CACHE_SELF_INIT_LEVEL : 0);
335 
336     /* L3 is shared among multiple cores */
337     if (cache->level == 3) {
338         l3_threads = topo_info->cores_per_die * topo_info->threads_per_core;
339         *eax |= (l3_threads - 1) << 14;
340     } else {
341         *eax |= ((topo_info->threads_per_core - 1) << 14);
342     }
343 
344     assert(cache->line_size > 0);
345     assert(cache->partitions > 0);
346     assert(cache->associativity > 0);
347     /* We don't implement fully-associative caches */
348     assert(cache->associativity < cache->sets);
349     *ebx = (cache->line_size - 1) |
350            ((cache->partitions - 1) << 12) |
351            ((cache->associativity - 1) << 22);
352 
353     assert(cache->sets > 0);
354     *ecx = cache->sets - 1;
355 
356     *edx = (cache->no_invd_sharing ? CACHE_NO_INVD_SHARING : 0) |
357            (cache->inclusive ? CACHE_INCLUSIVE : 0) |
358            (cache->complex_indexing ? CACHE_COMPLEX_IDX : 0);
359 }
360 
361 /* Encode cache info for CPUID[8000001E] */
362 static void encode_topo_cpuid8000001e(X86CPU *cpu, X86CPUTopoInfo *topo_info,
363                                       uint32_t *eax, uint32_t *ebx,
364                                       uint32_t *ecx, uint32_t *edx)
365 {
366     X86CPUTopoIDs topo_ids;
367 
368     x86_topo_ids_from_apicid(cpu->apic_id, topo_info, &topo_ids);
369 
370     *eax = cpu->apic_id;
371 
372     /*
373      * CPUID_Fn8000001E_EBX [Core Identifiers] (CoreId)
374      * Read-only. Reset: 0000_XXXXh.
375      * See Core::X86::Cpuid::ExtApicId.
376      * Core::X86::Cpuid::CoreId_lthree[1:0]_core[3:0]_thread[1:0];
377      * Bits Description
378      * 31:16 Reserved.
379      * 15:8 ThreadsPerCore: threads per core. Read-only. Reset: XXh.
380      *      The number of threads per core is ThreadsPerCore+1.
381      *  7:0 CoreId: core ID. Read-only. Reset: XXh.
382      *
383      *  NOTE: CoreId is already part of apic_id. Just use it. We can
384      *  use all the 8 bits to represent the core_id here.
385      */
386     *ebx = ((topo_info->threads_per_core - 1) << 8) | (topo_ids.core_id & 0xFF);
387 
388     /*
389      * CPUID_Fn8000001E_ECX [Node Identifiers] (NodeId)
390      * Read-only. Reset: 0000_0XXXh.
391      * Core::X86::Cpuid::NodeId_lthree[1:0]_core[3:0]_thread[1:0];
392      * Bits Description
393      * 31:11 Reserved.
394      * 10:8 NodesPerProcessor: Node per processor. Read-only. Reset: XXXb.
395      *      ValidValues:
396      *      Value Description
397      *      000b  1 node per processor.
398      *      001b  2 nodes per processor.
399      *      010b Reserved.
400      *      011b 4 nodes per processor.
401      *      111b-100b Reserved.
402      *  7:0 NodeId: Node ID. Read-only. Reset: XXh.
403      *
404      * NOTE: Hardware reserves 3 bits for number of nodes per processor.
405      * But users can create more nodes than the actual hardware can
406      * support. To genaralize we can use all the upper 8 bits for nodes.
407      * NodeId is combination of node and socket_id which is already decoded
408      * in apic_id. Just use it by shifting.
409      */
410     *ecx = ((topo_info->dies_per_pkg - 1) << 8) |
411            ((cpu->apic_id >> apicid_die_offset(topo_info)) & 0xFF);
412 
413     *edx = 0;
414 }
415 
416 /*
417  * Definitions of the hardcoded cache entries we expose:
418  * These are legacy cache values. If there is a need to change any
419  * of these values please use builtin_x86_defs
420  */
421 
422 /* L1 data cache: */
423 static CPUCacheInfo legacy_l1d_cache = {
424     .type = DATA_CACHE,
425     .level = 1,
426     .size = 32 * KiB,
427     .self_init = 1,
428     .line_size = 64,
429     .associativity = 8,
430     .sets = 64,
431     .partitions = 1,
432     .no_invd_sharing = true,
433 };
434 
435 /*FIXME: CPUID leaf 0x80000005 is inconsistent with leaves 2 & 4 */
436 static CPUCacheInfo legacy_l1d_cache_amd = {
437     .type = DATA_CACHE,
438     .level = 1,
439     .size = 64 * KiB,
440     .self_init = 1,
441     .line_size = 64,
442     .associativity = 2,
443     .sets = 512,
444     .partitions = 1,
445     .lines_per_tag = 1,
446     .no_invd_sharing = true,
447 };
448 
449 /* L1 instruction cache: */
450 static CPUCacheInfo legacy_l1i_cache = {
451     .type = INSTRUCTION_CACHE,
452     .level = 1,
453     .size = 32 * KiB,
454     .self_init = 1,
455     .line_size = 64,
456     .associativity = 8,
457     .sets = 64,
458     .partitions = 1,
459     .no_invd_sharing = true,
460 };
461 
462 /*FIXME: CPUID leaf 0x80000005 is inconsistent with leaves 2 & 4 */
463 static CPUCacheInfo legacy_l1i_cache_amd = {
464     .type = INSTRUCTION_CACHE,
465     .level = 1,
466     .size = 64 * KiB,
467     .self_init = 1,
468     .line_size = 64,
469     .associativity = 2,
470     .sets = 512,
471     .partitions = 1,
472     .lines_per_tag = 1,
473     .no_invd_sharing = true,
474 };
475 
476 /* Level 2 unified cache: */
477 static CPUCacheInfo legacy_l2_cache = {
478     .type = UNIFIED_CACHE,
479     .level = 2,
480     .size = 4 * MiB,
481     .self_init = 1,
482     .line_size = 64,
483     .associativity = 16,
484     .sets = 4096,
485     .partitions = 1,
486     .no_invd_sharing = true,
487 };
488 
489 /*FIXME: CPUID leaf 2 descriptor is inconsistent with CPUID leaf 4 */
490 static CPUCacheInfo legacy_l2_cache_cpuid2 = {
491     .type = UNIFIED_CACHE,
492     .level = 2,
493     .size = 2 * MiB,
494     .line_size = 64,
495     .associativity = 8,
496 };
497 
498 
499 /*FIXME: CPUID leaf 0x80000006 is inconsistent with leaves 2 & 4 */
500 static CPUCacheInfo legacy_l2_cache_amd = {
501     .type = UNIFIED_CACHE,
502     .level = 2,
503     .size = 512 * KiB,
504     .line_size = 64,
505     .lines_per_tag = 1,
506     .associativity = 16,
507     .sets = 512,
508     .partitions = 1,
509 };
510 
511 /* Level 3 unified cache: */
512 static CPUCacheInfo legacy_l3_cache = {
513     .type = UNIFIED_CACHE,
514     .level = 3,
515     .size = 16 * MiB,
516     .line_size = 64,
517     .associativity = 16,
518     .sets = 16384,
519     .partitions = 1,
520     .lines_per_tag = 1,
521     .self_init = true,
522     .inclusive = true,
523     .complex_indexing = true,
524 };
525 
526 /* TLB definitions: */
527 
528 #define L1_DTLB_2M_ASSOC       1
529 #define L1_DTLB_2M_ENTRIES   255
530 #define L1_DTLB_4K_ASSOC       1
531 #define L1_DTLB_4K_ENTRIES   255
532 
533 #define L1_ITLB_2M_ASSOC       1
534 #define L1_ITLB_2M_ENTRIES   255
535 #define L1_ITLB_4K_ASSOC       1
536 #define L1_ITLB_4K_ENTRIES   255
537 
538 #define L2_DTLB_2M_ASSOC       0 /* disabled */
539 #define L2_DTLB_2M_ENTRIES     0 /* disabled */
540 #define L2_DTLB_4K_ASSOC       4
541 #define L2_DTLB_4K_ENTRIES   512
542 
543 #define L2_ITLB_2M_ASSOC       0 /* disabled */
544 #define L2_ITLB_2M_ENTRIES     0 /* disabled */
545 #define L2_ITLB_4K_ASSOC       4
546 #define L2_ITLB_4K_ENTRIES   512
547 
548 /* CPUID Leaf 0x14 constants: */
549 #define INTEL_PT_MAX_SUBLEAF     0x1
550 /*
551  * bit[00]: IA32_RTIT_CTL.CR3 filter can be set to 1 and IA32_RTIT_CR3_MATCH
552  *          MSR can be accessed;
553  * bit[01]: Support Configurable PSB and Cycle-Accurate Mode;
554  * bit[02]: Support IP Filtering, TraceStop filtering, and preservation
555  *          of Intel PT MSRs across warm reset;
556  * bit[03]: Support MTC timing packet and suppression of COFI-based packets;
557  */
558 #define INTEL_PT_MINIMAL_EBX     0xf
559 /*
560  * bit[00]: Tracing can be enabled with IA32_RTIT_CTL.ToPA = 1 and
561  *          IA32_RTIT_OUTPUT_BASE and IA32_RTIT_OUTPUT_MASK_PTRS MSRs can be
562  *          accessed;
563  * bit[01]: ToPA tables can hold any number of output entries, up to the
564  *          maximum allowed by the MaskOrTableOffset field of
565  *          IA32_RTIT_OUTPUT_MASK_PTRS;
566  * bit[02]: Support Single-Range Output scheme;
567  */
568 #define INTEL_PT_MINIMAL_ECX     0x7
569 /* generated packets which contain IP payloads have LIP values */
570 #define INTEL_PT_IP_LIP          (1 << 31)
571 #define INTEL_PT_ADDR_RANGES_NUM 0x2 /* Number of configurable address ranges */
572 #define INTEL_PT_ADDR_RANGES_NUM_MASK 0x3
573 #define INTEL_PT_MTC_BITMAP      (0x0249 << 16) /* Support ART(0,3,6,9) */
574 #define INTEL_PT_CYCLE_BITMAP    0x1fff         /* Support 0,2^(0~11) */
575 #define INTEL_PT_PSB_BITMAP      (0x003f << 16) /* Support 2K,4K,8K,16K,32K,64K */
576 
577 void x86_cpu_vendor_words2str(char *dst, uint32_t vendor1,
578                               uint32_t vendor2, uint32_t vendor3)
579 {
580     int i;
581     for (i = 0; i < 4; i++) {
582         dst[i] = vendor1 >> (8 * i);
583         dst[i + 4] = vendor2 >> (8 * i);
584         dst[i + 8] = vendor3 >> (8 * i);
585     }
586     dst[CPUID_VENDOR_SZ] = '\0';
587 }
588 
589 #define I486_FEATURES (CPUID_FP87 | CPUID_VME | CPUID_PSE)
590 #define PENTIUM_FEATURES (I486_FEATURES | CPUID_DE | CPUID_TSC | \
591           CPUID_MSR | CPUID_MCE | CPUID_CX8 | CPUID_MMX | CPUID_APIC)
592 #define PENTIUM2_FEATURES (PENTIUM_FEATURES | CPUID_PAE | CPUID_SEP | \
593           CPUID_MTRR | CPUID_PGE | CPUID_MCA | CPUID_CMOV | CPUID_PAT | \
594           CPUID_PSE36 | CPUID_FXSR)
595 #define PENTIUM3_FEATURES (PENTIUM2_FEATURES | CPUID_SSE)
596 #define PPRO_FEATURES (CPUID_FP87 | CPUID_DE | CPUID_PSE | CPUID_TSC | \
597           CPUID_MSR | CPUID_MCE | CPUID_CX8 | CPUID_PGE | CPUID_CMOV | \
598           CPUID_PAT | CPUID_FXSR | CPUID_MMX | CPUID_SSE | CPUID_SSE2 | \
599           CPUID_PAE | CPUID_SEP | CPUID_APIC)
600 
601 #define TCG_FEATURES (CPUID_FP87 | CPUID_PSE | CPUID_TSC | CPUID_MSR | \
602           CPUID_PAE | CPUID_MCE | CPUID_CX8 | CPUID_APIC | CPUID_SEP | \
603           CPUID_MTRR | CPUID_PGE | CPUID_MCA | CPUID_CMOV | CPUID_PAT | \
604           CPUID_PSE36 | CPUID_CLFLUSH | CPUID_ACPI | CPUID_MMX | \
605           CPUID_FXSR | CPUID_SSE | CPUID_SSE2 | CPUID_SS | CPUID_DE)
606           /* partly implemented:
607           CPUID_MTRR, CPUID_MCA, CPUID_CLFLUSH (needed for Win64) */
608           /* missing:
609           CPUID_VME, CPUID_DTS, CPUID_SS, CPUID_HT, CPUID_TM, CPUID_PBE */
610 #define TCG_EXT_FEATURES (CPUID_EXT_SSE3 | CPUID_EXT_PCLMULQDQ | \
611           CPUID_EXT_MONITOR | CPUID_EXT_SSSE3 | CPUID_EXT_CX16 | \
612           CPUID_EXT_SSE41 | CPUID_EXT_SSE42 | CPUID_EXT_POPCNT | \
613           CPUID_EXT_XSAVE | /* CPUID_EXT_OSXSAVE is dynamic */   \
614           CPUID_EXT_MOVBE | CPUID_EXT_AES | CPUID_EXT_HYPERVISOR | \
615           CPUID_EXT_RDRAND)
616           /* missing:
617           CPUID_EXT_DTES64, CPUID_EXT_DSCPL, CPUID_EXT_VMX, CPUID_EXT_SMX,
618           CPUID_EXT_EST, CPUID_EXT_TM2, CPUID_EXT_CID, CPUID_EXT_FMA,
619           CPUID_EXT_XTPR, CPUID_EXT_PDCM, CPUID_EXT_PCID, CPUID_EXT_DCA,
620           CPUID_EXT_X2APIC, CPUID_EXT_TSC_DEADLINE_TIMER, CPUID_EXT_AVX,
621           CPUID_EXT_F16C */
622 
623 #ifdef TARGET_X86_64
624 #define TCG_EXT2_X86_64_FEATURES (CPUID_EXT2_SYSCALL | CPUID_EXT2_LM)
625 #else
626 #define TCG_EXT2_X86_64_FEATURES 0
627 #endif
628 
629 #define TCG_EXT2_FEATURES ((TCG_FEATURES & CPUID_EXT2_AMD_ALIASES) | \
630           CPUID_EXT2_NX | CPUID_EXT2_MMXEXT | CPUID_EXT2_RDTSCP | \
631           CPUID_EXT2_3DNOW | CPUID_EXT2_3DNOWEXT | CPUID_EXT2_PDPE1GB | \
632           TCG_EXT2_X86_64_FEATURES)
633 #define TCG_EXT3_FEATURES (CPUID_EXT3_LAHF_LM | CPUID_EXT3_SVM | \
634           CPUID_EXT3_CR8LEG | CPUID_EXT3_ABM | CPUID_EXT3_SSE4A)
635 #define TCG_EXT4_FEATURES 0
636 #define TCG_SVM_FEATURES (CPUID_SVM_NPT | CPUID_SVM_VGIF | \
637           CPUID_SVM_SVME_ADDR_CHK)
638 #define TCG_KVM_FEATURES 0
639 #define TCG_7_0_EBX_FEATURES (CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_SMAP | \
640           CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ADX | \
641           CPUID_7_0_EBX_PCOMMIT | CPUID_7_0_EBX_CLFLUSHOPT |            \
642           CPUID_7_0_EBX_CLWB | CPUID_7_0_EBX_MPX | CPUID_7_0_EBX_FSGSBASE | \
643           CPUID_7_0_EBX_ERMS)
644           /* missing:
645           CPUID_7_0_EBX_HLE, CPUID_7_0_EBX_AVX2,
646           CPUID_7_0_EBX_INVPCID, CPUID_7_0_EBX_RTM,
647           CPUID_7_0_EBX_RDSEED */
648 #define TCG_7_0_ECX_FEATURES (CPUID_7_0_ECX_PKU | \
649           /* CPUID_7_0_ECX_OSPKE is dynamic */ \
650           CPUID_7_0_ECX_LA57 | CPUID_7_0_ECX_PKS)
651 #define TCG_7_0_EDX_FEATURES 0
652 #define TCG_7_1_EAX_FEATURES 0
653 #define TCG_APM_FEATURES 0
654 #define TCG_6_EAX_FEATURES CPUID_6_EAX_ARAT
655 #define TCG_XSAVE_FEATURES (CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XGETBV1)
656           /* missing:
657           CPUID_XSAVE_XSAVEC, CPUID_XSAVE_XSAVES */
658 #define TCG_14_0_ECX_FEATURES 0
659 #define TCG_SGX_12_0_EAX_FEATURES 0
660 #define TCG_SGX_12_0_EBX_FEATURES 0
661 #define TCG_SGX_12_1_EAX_FEATURES 0
662 
663 FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
664     [FEAT_1_EDX] = {
665         .type = CPUID_FEATURE_WORD,
666         .feat_names = {
667             "fpu", "vme", "de", "pse",
668             "tsc", "msr", "pae", "mce",
669             "cx8", "apic", NULL, "sep",
670             "mtrr", "pge", "mca", "cmov",
671             "pat", "pse36", "pn" /* Intel psn */, "clflush" /* Intel clfsh */,
672             NULL, "ds" /* Intel dts */, "acpi", "mmx",
673             "fxsr", "sse", "sse2", "ss",
674             "ht" /* Intel htt */, "tm", "ia64", "pbe",
675         },
676         .cpuid = {.eax = 1, .reg = R_EDX, },
677         .tcg_features = TCG_FEATURES,
678     },
679     [FEAT_1_ECX] = {
680         .type = CPUID_FEATURE_WORD,
681         .feat_names = {
682             "pni" /* Intel,AMD sse3 */, "pclmulqdq", "dtes64", "monitor",
683             "ds-cpl", "vmx", "smx", "est",
684             "tm2", "ssse3", "cid", NULL,
685             "fma", "cx16", "xtpr", "pdcm",
686             NULL, "pcid", "dca", "sse4.1",
687             "sse4.2", "x2apic", "movbe", "popcnt",
688             "tsc-deadline", "aes", "xsave", NULL /* osxsave */,
689             "avx", "f16c", "rdrand", "hypervisor",
690         },
691         .cpuid = { .eax = 1, .reg = R_ECX, },
692         .tcg_features = TCG_EXT_FEATURES,
693     },
694     /* Feature names that are already defined on feature_name[] but
695      * are set on CPUID[8000_0001].EDX on AMD CPUs don't have their
696      * names on feat_names below. They are copied automatically
697      * to features[FEAT_8000_0001_EDX] if and only if CPU vendor is AMD.
698      */
699     [FEAT_8000_0001_EDX] = {
700         .type = CPUID_FEATURE_WORD,
701         .feat_names = {
702             NULL /* fpu */, NULL /* vme */, NULL /* de */, NULL /* pse */,
703             NULL /* tsc */, NULL /* msr */, NULL /* pae */, NULL /* mce */,
704             NULL /* cx8 */, NULL /* apic */, NULL, "syscall",
705             NULL /* mtrr */, NULL /* pge */, NULL /* mca */, NULL /* cmov */,
706             NULL /* pat */, NULL /* pse36 */, NULL, NULL /* Linux mp */,
707             "nx", NULL, "mmxext", NULL /* mmx */,
708             NULL /* fxsr */, "fxsr-opt", "pdpe1gb", "rdtscp",
709             NULL, "lm", "3dnowext", "3dnow",
710         },
711         .cpuid = { .eax = 0x80000001, .reg = R_EDX, },
712         .tcg_features = TCG_EXT2_FEATURES,
713     },
714     [FEAT_8000_0001_ECX] = {
715         .type = CPUID_FEATURE_WORD,
716         .feat_names = {
717             "lahf-lm", "cmp-legacy", "svm", "extapic",
718             "cr8legacy", "abm", "sse4a", "misalignsse",
719             "3dnowprefetch", "osvw", "ibs", "xop",
720             "skinit", "wdt", NULL, "lwp",
721             "fma4", "tce", NULL, "nodeid-msr",
722             NULL, "tbm", "topoext", "perfctr-core",
723             "perfctr-nb", NULL, NULL, NULL,
724             NULL, NULL, NULL, NULL,
725         },
726         .cpuid = { .eax = 0x80000001, .reg = R_ECX, },
727         .tcg_features = TCG_EXT3_FEATURES,
728         /*
729          * TOPOEXT is always allowed but can't be enabled blindly by
730          * "-cpu host", as it requires consistent cache topology info
731          * to be provided so it doesn't confuse guests.
732          */
733         .no_autoenable_flags = CPUID_EXT3_TOPOEXT,
734     },
735     [FEAT_C000_0001_EDX] = {
736         .type = CPUID_FEATURE_WORD,
737         .feat_names = {
738             NULL, NULL, "xstore", "xstore-en",
739             NULL, NULL, "xcrypt", "xcrypt-en",
740             "ace2", "ace2-en", "phe", "phe-en",
741             "pmm", "pmm-en", NULL, NULL,
742             NULL, NULL, NULL, NULL,
743             NULL, NULL, NULL, NULL,
744             NULL, NULL, NULL, NULL,
745             NULL, NULL, NULL, NULL,
746         },
747         .cpuid = { .eax = 0xC0000001, .reg = R_EDX, },
748         .tcg_features = TCG_EXT4_FEATURES,
749     },
750     [FEAT_KVM] = {
751         .type = CPUID_FEATURE_WORD,
752         .feat_names = {
753             "kvmclock", "kvm-nopiodelay", "kvm-mmu", "kvmclock",
754             "kvm-asyncpf", "kvm-steal-time", "kvm-pv-eoi", "kvm-pv-unhalt",
755             NULL, "kvm-pv-tlb-flush", NULL, "kvm-pv-ipi",
756             "kvm-poll-control", "kvm-pv-sched-yield", "kvm-asyncpf-int", "kvm-msi-ext-dest-id",
757             NULL, NULL, NULL, NULL,
758             NULL, NULL, NULL, NULL,
759             "kvmclock-stable-bit", NULL, NULL, NULL,
760             NULL, NULL, NULL, NULL,
761         },
762         .cpuid = { .eax = KVM_CPUID_FEATURES, .reg = R_EAX, },
763         .tcg_features = TCG_KVM_FEATURES,
764     },
765     [FEAT_KVM_HINTS] = {
766         .type = CPUID_FEATURE_WORD,
767         .feat_names = {
768             "kvm-hint-dedicated", NULL, NULL, NULL,
769             NULL, NULL, NULL, NULL,
770             NULL, NULL, NULL, NULL,
771             NULL, NULL, NULL, NULL,
772             NULL, NULL, NULL, NULL,
773             NULL, NULL, NULL, NULL,
774             NULL, NULL, NULL, NULL,
775             NULL, NULL, NULL, NULL,
776         },
777         .cpuid = { .eax = KVM_CPUID_FEATURES, .reg = R_EDX, },
778         .tcg_features = TCG_KVM_FEATURES,
779         /*
780          * KVM hints aren't auto-enabled by -cpu host, they need to be
781          * explicitly enabled in the command-line.
782          */
783         .no_autoenable_flags = ~0U,
784     },
785     [FEAT_SVM] = {
786         .type = CPUID_FEATURE_WORD,
787         .feat_names = {
788             "npt", "lbrv", "svm-lock", "nrip-save",
789             "tsc-scale", "vmcb-clean",  "flushbyasid", "decodeassists",
790             NULL, NULL, "pause-filter", NULL,
791             "pfthreshold", "avic", NULL, "v-vmsave-vmload",
792             "vgif", NULL, NULL, NULL,
793             NULL, NULL, NULL, NULL,
794             NULL, NULL, NULL, NULL,
795             "svme-addr-chk", NULL, NULL, NULL,
796         },
797         .cpuid = { .eax = 0x8000000A, .reg = R_EDX, },
798         .tcg_features = TCG_SVM_FEATURES,
799     },
800     [FEAT_7_0_EBX] = {
801         .type = CPUID_FEATURE_WORD,
802         .feat_names = {
803             "fsgsbase", "tsc-adjust", "sgx", "bmi1",
804             "hle", "avx2", NULL, "smep",
805             "bmi2", "erms", "invpcid", "rtm",
806             NULL, NULL, "mpx", NULL,
807             "avx512f", "avx512dq", "rdseed", "adx",
808             "smap", "avx512ifma", "pcommit", "clflushopt",
809             "clwb", "intel-pt", "avx512pf", "avx512er",
810             "avx512cd", "sha-ni", "avx512bw", "avx512vl",
811         },
812         .cpuid = {
813             .eax = 7,
814             .needs_ecx = true, .ecx = 0,
815             .reg = R_EBX,
816         },
817         .tcg_features = TCG_7_0_EBX_FEATURES,
818     },
819     [FEAT_7_0_ECX] = {
820         .type = CPUID_FEATURE_WORD,
821         .feat_names = {
822             NULL, "avx512vbmi", "umip", "pku",
823             NULL /* ospke */, "waitpkg", "avx512vbmi2", NULL,
824             "gfni", "vaes", "vpclmulqdq", "avx512vnni",
825             "avx512bitalg", NULL, "avx512-vpopcntdq", NULL,
826             "la57", NULL, NULL, NULL,
827             NULL, NULL, "rdpid", NULL,
828             "bus-lock-detect", "cldemote", NULL, "movdiri",
829             "movdir64b", NULL, "sgxlc", "pks",
830         },
831         .cpuid = {
832             .eax = 7,
833             .needs_ecx = true, .ecx = 0,
834             .reg = R_ECX,
835         },
836         .tcg_features = TCG_7_0_ECX_FEATURES,
837     },
838     [FEAT_7_0_EDX] = {
839         .type = CPUID_FEATURE_WORD,
840         .feat_names = {
841             NULL, NULL, "avx512-4vnniw", "avx512-4fmaps",
842             "fsrm", NULL, NULL, NULL,
843             "avx512-vp2intersect", NULL, "md-clear", NULL,
844             NULL, NULL, "serialize", NULL,
845             "tsx-ldtrk", NULL, NULL /* pconfig */, NULL,
846             NULL, NULL, NULL, "avx512-fp16",
847             NULL, NULL, "spec-ctrl", "stibp",
848             NULL, "arch-capabilities", "core-capability", "ssbd",
849         },
850         .cpuid = {
851             .eax = 7,
852             .needs_ecx = true, .ecx = 0,
853             .reg = R_EDX,
854         },
855         .tcg_features = TCG_7_0_EDX_FEATURES,
856     },
857     [FEAT_7_1_EAX] = {
858         .type = CPUID_FEATURE_WORD,
859         .feat_names = {
860             NULL, NULL, NULL, NULL,
861             "avx-vnni", "avx512-bf16", NULL, NULL,
862             NULL, NULL, NULL, NULL,
863             NULL, NULL, NULL, NULL,
864             NULL, NULL, NULL, NULL,
865             NULL, NULL, NULL, NULL,
866             NULL, NULL, NULL, NULL,
867             NULL, NULL, NULL, NULL,
868         },
869         .cpuid = {
870             .eax = 7,
871             .needs_ecx = true, .ecx = 1,
872             .reg = R_EAX,
873         },
874         .tcg_features = TCG_7_1_EAX_FEATURES,
875     },
876     [FEAT_8000_0007_EDX] = {
877         .type = CPUID_FEATURE_WORD,
878         .feat_names = {
879             NULL, NULL, NULL, NULL,
880             NULL, NULL, NULL, NULL,
881             "invtsc", NULL, NULL, NULL,
882             NULL, NULL, NULL, NULL,
883             NULL, NULL, NULL, NULL,
884             NULL, NULL, NULL, NULL,
885             NULL, NULL, NULL, NULL,
886             NULL, NULL, NULL, NULL,
887         },
888         .cpuid = { .eax = 0x80000007, .reg = R_EDX, },
889         .tcg_features = TCG_APM_FEATURES,
890         .unmigratable_flags = CPUID_APM_INVTSC,
891     },
892     [FEAT_8000_0008_EBX] = {
893         .type = CPUID_FEATURE_WORD,
894         .feat_names = {
895             "clzero", NULL, "xsaveerptr", NULL,
896             NULL, NULL, NULL, NULL,
897             NULL, "wbnoinvd", NULL, NULL,
898             "ibpb", NULL, "ibrs", "amd-stibp",
899             NULL, NULL, NULL, NULL,
900             NULL, NULL, NULL, NULL,
901             "amd-ssbd", "virt-ssbd", "amd-no-ssb", NULL,
902             NULL, NULL, NULL, NULL,
903         },
904         .cpuid = { .eax = 0x80000008, .reg = R_EBX, },
905         .tcg_features = 0,
906         .unmigratable_flags = 0,
907     },
908     [FEAT_XSAVE] = {
909         .type = CPUID_FEATURE_WORD,
910         .feat_names = {
911             "xsaveopt", "xsavec", "xgetbv1", "xsaves",
912             NULL, NULL, NULL, NULL,
913             NULL, NULL, NULL, NULL,
914             NULL, NULL, NULL, NULL,
915             NULL, NULL, NULL, NULL,
916             NULL, NULL, NULL, NULL,
917             NULL, NULL, NULL, NULL,
918             NULL, NULL, NULL, NULL,
919         },
920         .cpuid = {
921             .eax = 0xd,
922             .needs_ecx = true, .ecx = 1,
923             .reg = R_EAX,
924         },
925         .tcg_features = TCG_XSAVE_FEATURES,
926     },
927     [FEAT_6_EAX] = {
928         .type = CPUID_FEATURE_WORD,
929         .feat_names = {
930             NULL, NULL, "arat", NULL,
931             NULL, NULL, NULL, NULL,
932             NULL, NULL, NULL, NULL,
933             NULL, NULL, NULL, NULL,
934             NULL, NULL, NULL, NULL,
935             NULL, NULL, NULL, NULL,
936             NULL, NULL, NULL, NULL,
937             NULL, NULL, NULL, NULL,
938         },
939         .cpuid = { .eax = 6, .reg = R_EAX, },
940         .tcg_features = TCG_6_EAX_FEATURES,
941     },
942     [FEAT_XSAVE_COMP_LO] = {
943         .type = CPUID_FEATURE_WORD,
944         .cpuid = {
945             .eax = 0xD,
946             .needs_ecx = true, .ecx = 0,
947             .reg = R_EAX,
948         },
949         .tcg_features = ~0U,
950         .migratable_flags = XSTATE_FP_MASK | XSTATE_SSE_MASK |
951             XSTATE_YMM_MASK | XSTATE_BNDREGS_MASK | XSTATE_BNDCSR_MASK |
952             XSTATE_OPMASK_MASK | XSTATE_ZMM_Hi256_MASK | XSTATE_Hi16_ZMM_MASK |
953             XSTATE_PKRU_MASK,
954     },
955     [FEAT_XSAVE_COMP_HI] = {
956         .type = CPUID_FEATURE_WORD,
957         .cpuid = {
958             .eax = 0xD,
959             .needs_ecx = true, .ecx = 0,
960             .reg = R_EDX,
961         },
962         .tcg_features = ~0U,
963     },
964     /*Below are MSR exposed features*/
965     [FEAT_ARCH_CAPABILITIES] = {
966         .type = MSR_FEATURE_WORD,
967         .feat_names = {
968             "rdctl-no", "ibrs-all", "rsba", "skip-l1dfl-vmentry",
969             "ssb-no", "mds-no", "pschange-mc-no", "tsx-ctrl",
970             "taa-no", NULL, NULL, NULL,
971             NULL, NULL, NULL, NULL,
972             NULL, NULL, NULL, NULL,
973             NULL, NULL, NULL, NULL,
974             NULL, NULL, NULL, NULL,
975             NULL, NULL, NULL, NULL,
976         },
977         .msr = {
978             .index = MSR_IA32_ARCH_CAPABILITIES,
979         },
980     },
981     [FEAT_CORE_CAPABILITY] = {
982         .type = MSR_FEATURE_WORD,
983         .feat_names = {
984             NULL, NULL, NULL, NULL,
985             NULL, "split-lock-detect", NULL, NULL,
986             NULL, NULL, NULL, NULL,
987             NULL, NULL, NULL, NULL,
988             NULL, NULL, NULL, NULL,
989             NULL, NULL, NULL, NULL,
990             NULL, NULL, NULL, NULL,
991             NULL, NULL, NULL, NULL,
992         },
993         .msr = {
994             .index = MSR_IA32_CORE_CAPABILITY,
995         },
996     },
997     [FEAT_PERF_CAPABILITIES] = {
998         .type = MSR_FEATURE_WORD,
999         .feat_names = {
1000             NULL, NULL, NULL, NULL,
1001             NULL, NULL, NULL, NULL,
1002             NULL, NULL, NULL, NULL,
1003             NULL, "full-width-write", NULL, NULL,
1004             NULL, NULL, NULL, NULL,
1005             NULL, NULL, NULL, NULL,
1006             NULL, NULL, NULL, NULL,
1007             NULL, NULL, NULL, NULL,
1008         },
1009         .msr = {
1010             .index = MSR_IA32_PERF_CAPABILITIES,
1011         },
1012     },
1013 
1014     [FEAT_VMX_PROCBASED_CTLS] = {
1015         .type = MSR_FEATURE_WORD,
1016         .feat_names = {
1017             NULL, NULL, "vmx-vintr-pending", "vmx-tsc-offset",
1018             NULL, NULL, NULL, "vmx-hlt-exit",
1019             NULL, "vmx-invlpg-exit", "vmx-mwait-exit", "vmx-rdpmc-exit",
1020             "vmx-rdtsc-exit", NULL, NULL, "vmx-cr3-load-noexit",
1021             "vmx-cr3-store-noexit", NULL, NULL, "vmx-cr8-load-exit",
1022             "vmx-cr8-store-exit", "vmx-flexpriority", "vmx-vnmi-pending", "vmx-movdr-exit",
1023             "vmx-io-exit", "vmx-io-bitmap", NULL, "vmx-mtf",
1024             "vmx-msr-bitmap", "vmx-monitor-exit", "vmx-pause-exit", "vmx-secondary-ctls",
1025         },
1026         .msr = {
1027             .index = MSR_IA32_VMX_TRUE_PROCBASED_CTLS,
1028         }
1029     },
1030 
1031     [FEAT_VMX_SECONDARY_CTLS] = {
1032         .type = MSR_FEATURE_WORD,
1033         .feat_names = {
1034             "vmx-apicv-xapic", "vmx-ept", "vmx-desc-exit", "vmx-rdtscp-exit",
1035             "vmx-apicv-x2apic", "vmx-vpid", "vmx-wbinvd-exit", "vmx-unrestricted-guest",
1036             "vmx-apicv-register", "vmx-apicv-vid", "vmx-ple", "vmx-rdrand-exit",
1037             "vmx-invpcid-exit", "vmx-vmfunc", "vmx-shadow-vmcs", "vmx-encls-exit",
1038             "vmx-rdseed-exit", "vmx-pml", NULL, NULL,
1039             "vmx-xsaves", NULL, NULL, NULL,
1040             NULL, "vmx-tsc-scaling", NULL, NULL,
1041             NULL, NULL, NULL, NULL,
1042         },
1043         .msr = {
1044             .index = MSR_IA32_VMX_PROCBASED_CTLS2,
1045         }
1046     },
1047 
1048     [FEAT_VMX_PINBASED_CTLS] = {
1049         .type = MSR_FEATURE_WORD,
1050         .feat_names = {
1051             "vmx-intr-exit", NULL, NULL, "vmx-nmi-exit",
1052             NULL, "vmx-vnmi", "vmx-preemption-timer", "vmx-posted-intr",
1053             NULL, NULL, NULL, NULL,
1054             NULL, NULL, NULL, NULL,
1055             NULL, NULL, NULL, NULL,
1056             NULL, NULL, NULL, NULL,
1057             NULL, NULL, NULL, NULL,
1058             NULL, NULL, NULL, NULL,
1059         },
1060         .msr = {
1061             .index = MSR_IA32_VMX_TRUE_PINBASED_CTLS,
1062         }
1063     },
1064 
1065     [FEAT_VMX_EXIT_CTLS] = {
1066         .type = MSR_FEATURE_WORD,
1067         /*
1068          * VMX_VM_EXIT_HOST_ADDR_SPACE_SIZE is copied from
1069          * the LM CPUID bit.
1070          */
1071         .feat_names = {
1072             NULL, NULL, "vmx-exit-nosave-debugctl", NULL,
1073             NULL, NULL, NULL, NULL,
1074             NULL, NULL /* vmx-exit-host-addr-space-size */, NULL, NULL,
1075             "vmx-exit-load-perf-global-ctrl", NULL, NULL, "vmx-exit-ack-intr",
1076             NULL, NULL, "vmx-exit-save-pat", "vmx-exit-load-pat",
1077             "vmx-exit-save-efer", "vmx-exit-load-efer",
1078                 "vmx-exit-save-preemption-timer", "vmx-exit-clear-bndcfgs",
1079             NULL, "vmx-exit-clear-rtit-ctl", NULL, NULL,
1080             NULL, "vmx-exit-load-pkrs", NULL, NULL,
1081         },
1082         .msr = {
1083             .index = MSR_IA32_VMX_TRUE_EXIT_CTLS,
1084         }
1085     },
1086 
1087     [FEAT_VMX_ENTRY_CTLS] = {
1088         .type = MSR_FEATURE_WORD,
1089         .feat_names = {
1090             NULL, NULL, "vmx-entry-noload-debugctl", NULL,
1091             NULL, NULL, NULL, NULL,
1092             NULL, "vmx-entry-ia32e-mode", NULL, NULL,
1093             NULL, "vmx-entry-load-perf-global-ctrl", "vmx-entry-load-pat", "vmx-entry-load-efer",
1094             "vmx-entry-load-bndcfgs", NULL, "vmx-entry-load-rtit-ctl", NULL,
1095             NULL, NULL, "vmx-entry-load-pkrs", NULL,
1096             NULL, NULL, NULL, NULL,
1097             NULL, NULL, NULL, NULL,
1098         },
1099         .msr = {
1100             .index = MSR_IA32_VMX_TRUE_ENTRY_CTLS,
1101         }
1102     },
1103 
1104     [FEAT_VMX_MISC] = {
1105         .type = MSR_FEATURE_WORD,
1106         .feat_names = {
1107             NULL, NULL, NULL, NULL,
1108             NULL, "vmx-store-lma", "vmx-activity-hlt", "vmx-activity-shutdown",
1109             "vmx-activity-wait-sipi", NULL, NULL, NULL,
1110             NULL, NULL, NULL, NULL,
1111             NULL, NULL, NULL, NULL,
1112             NULL, NULL, NULL, NULL,
1113             NULL, NULL, NULL, NULL,
1114             NULL, "vmx-vmwrite-vmexit-fields", "vmx-zero-len-inject", NULL,
1115         },
1116         .msr = {
1117             .index = MSR_IA32_VMX_MISC,
1118         }
1119     },
1120 
1121     [FEAT_VMX_EPT_VPID_CAPS] = {
1122         .type = MSR_FEATURE_WORD,
1123         .feat_names = {
1124             "vmx-ept-execonly", NULL, NULL, NULL,
1125             NULL, NULL, "vmx-page-walk-4", "vmx-page-walk-5",
1126             NULL, NULL, NULL, NULL,
1127             NULL, NULL, NULL, NULL,
1128             "vmx-ept-2mb", "vmx-ept-1gb", NULL, NULL,
1129             "vmx-invept", "vmx-eptad", "vmx-ept-advanced-exitinfo", NULL,
1130             NULL, "vmx-invept-single-context", "vmx-invept-all-context", NULL,
1131             NULL, NULL, NULL, NULL,
1132             "vmx-invvpid", NULL, NULL, NULL,
1133             NULL, NULL, NULL, NULL,
1134             "vmx-invvpid-single-addr", "vmx-invept-single-context",
1135                 "vmx-invvpid-all-context", "vmx-invept-single-context-noglobals",
1136             NULL, NULL, NULL, NULL,
1137             NULL, NULL, NULL, NULL,
1138             NULL, NULL, NULL, NULL,
1139             NULL, NULL, NULL, NULL,
1140             NULL, NULL, NULL, NULL,
1141         },
1142         .msr = {
1143             .index = MSR_IA32_VMX_EPT_VPID_CAP,
1144         }
1145     },
1146 
1147     [FEAT_VMX_BASIC] = {
1148         .type = MSR_FEATURE_WORD,
1149         .feat_names = {
1150             [54] = "vmx-ins-outs",
1151             [55] = "vmx-true-ctls",
1152         },
1153         .msr = {
1154             .index = MSR_IA32_VMX_BASIC,
1155         },
1156         /* Just to be safe - we don't support setting the MSEG version field.  */
1157         .no_autoenable_flags = MSR_VMX_BASIC_DUAL_MONITOR,
1158     },
1159 
1160     [FEAT_VMX_VMFUNC] = {
1161         .type = MSR_FEATURE_WORD,
1162         .feat_names = {
1163             [0] = "vmx-eptp-switching",
1164         },
1165         .msr = {
1166             .index = MSR_IA32_VMX_VMFUNC,
1167         }
1168     },
1169 
1170     [FEAT_14_0_ECX] = {
1171         .type = CPUID_FEATURE_WORD,
1172         .feat_names = {
1173             NULL, NULL, NULL, NULL,
1174             NULL, NULL, NULL, NULL,
1175             NULL, NULL, NULL, NULL,
1176             NULL, NULL, NULL, NULL,
1177             NULL, NULL, NULL, NULL,
1178             NULL, NULL, NULL, NULL,
1179             NULL, NULL, NULL, NULL,
1180             NULL, NULL, NULL, "intel-pt-lip",
1181         },
1182         .cpuid = {
1183             .eax = 0x14,
1184             .needs_ecx = true, .ecx = 0,
1185             .reg = R_ECX,
1186         },
1187         .tcg_features = TCG_14_0_ECX_FEATURES,
1188      },
1189 
1190     [FEAT_SGX_12_0_EAX] = {
1191         .type = CPUID_FEATURE_WORD,
1192         .feat_names = {
1193             "sgx1", "sgx2", NULL, NULL,
1194             NULL, NULL, NULL, NULL,
1195             NULL, NULL, NULL, NULL,
1196             NULL, NULL, NULL, NULL,
1197             NULL, NULL, NULL, NULL,
1198             NULL, NULL, NULL, NULL,
1199             NULL, NULL, NULL, NULL,
1200             NULL, NULL, NULL, NULL,
1201         },
1202         .cpuid = {
1203             .eax = 0x12,
1204             .needs_ecx = true, .ecx = 0,
1205             .reg = R_EAX,
1206         },
1207         .tcg_features = TCG_SGX_12_0_EAX_FEATURES,
1208     },
1209 
1210     [FEAT_SGX_12_0_EBX] = {
1211         .type = CPUID_FEATURE_WORD,
1212         .feat_names = {
1213             "sgx-exinfo" , NULL, NULL, NULL,
1214             NULL, NULL, NULL, NULL,
1215             NULL, NULL, NULL, NULL,
1216             NULL, NULL, NULL, NULL,
1217             NULL, NULL, NULL, NULL,
1218             NULL, NULL, NULL, NULL,
1219             NULL, NULL, NULL, NULL,
1220             NULL, NULL, NULL, NULL,
1221         },
1222         .cpuid = {
1223             .eax = 0x12,
1224             .needs_ecx = true, .ecx = 0,
1225             .reg = R_EBX,
1226         },
1227         .tcg_features = TCG_SGX_12_0_EBX_FEATURES,
1228     },
1229 
1230     [FEAT_SGX_12_1_EAX] = {
1231         .type = CPUID_FEATURE_WORD,
1232         .feat_names = {
1233             NULL, "sgx-debug", "sgx-mode64", NULL,
1234             "sgx-provisionkey", "sgx-tokenkey", NULL, "sgx-kss",
1235             NULL, NULL, NULL, NULL,
1236             NULL, NULL, NULL, NULL,
1237             NULL, NULL, NULL, NULL,
1238             NULL, NULL, NULL, NULL,
1239             NULL, NULL, NULL, NULL,
1240             NULL, NULL, NULL, NULL,
1241         },
1242         .cpuid = {
1243             .eax = 0x12,
1244             .needs_ecx = true, .ecx = 1,
1245             .reg = R_EAX,
1246         },
1247         .tcg_features = TCG_SGX_12_1_EAX_FEATURES,
1248     },
1249 };
1250 
1251 typedef struct FeatureMask {
1252     FeatureWord index;
1253     uint64_t mask;
1254 } FeatureMask;
1255 
1256 typedef struct FeatureDep {
1257     FeatureMask from, to;
1258 } FeatureDep;
1259 
1260 static FeatureDep feature_dependencies[] = {
1261     {
1262         .from = { FEAT_7_0_EDX,             CPUID_7_0_EDX_ARCH_CAPABILITIES },
1263         .to = { FEAT_ARCH_CAPABILITIES,     ~0ull },
1264     },
1265     {
1266         .from = { FEAT_7_0_EDX,             CPUID_7_0_EDX_CORE_CAPABILITY },
1267         .to = { FEAT_CORE_CAPABILITY,       ~0ull },
1268     },
1269     {
1270         .from = { FEAT_1_ECX,             CPUID_EXT_PDCM },
1271         .to = { FEAT_PERF_CAPABILITIES,       ~0ull },
1272     },
1273     {
1274         .from = { FEAT_1_ECX,               CPUID_EXT_VMX },
1275         .to = { FEAT_VMX_PROCBASED_CTLS,    ~0ull },
1276     },
1277     {
1278         .from = { FEAT_1_ECX,               CPUID_EXT_VMX },
1279         .to = { FEAT_VMX_PINBASED_CTLS,     ~0ull },
1280     },
1281     {
1282         .from = { FEAT_1_ECX,               CPUID_EXT_VMX },
1283         .to = { FEAT_VMX_EXIT_CTLS,         ~0ull },
1284     },
1285     {
1286         .from = { FEAT_1_ECX,               CPUID_EXT_VMX },
1287         .to = { FEAT_VMX_ENTRY_CTLS,        ~0ull },
1288     },
1289     {
1290         .from = { FEAT_1_ECX,               CPUID_EXT_VMX },
1291         .to = { FEAT_VMX_MISC,              ~0ull },
1292     },
1293     {
1294         .from = { FEAT_1_ECX,               CPUID_EXT_VMX },
1295         .to = { FEAT_VMX_BASIC,             ~0ull },
1296     },
1297     {
1298         .from = { FEAT_8000_0001_EDX,       CPUID_EXT2_LM },
1299         .to = { FEAT_VMX_ENTRY_CTLS,        VMX_VM_ENTRY_IA32E_MODE },
1300     },
1301     {
1302         .from = { FEAT_VMX_PROCBASED_CTLS,  VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS },
1303         .to = { FEAT_VMX_SECONDARY_CTLS,    ~0ull },
1304     },
1305     {
1306         .from = { FEAT_XSAVE,               CPUID_XSAVE_XSAVES },
1307         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_XSAVES },
1308     },
1309     {
1310         .from = { FEAT_1_ECX,               CPUID_EXT_RDRAND },
1311         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_RDRAND_EXITING },
1312     },
1313     {
1314         .from = { FEAT_7_0_EBX,             CPUID_7_0_EBX_INVPCID },
1315         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_ENABLE_INVPCID },
1316     },
1317     {
1318         .from = { FEAT_7_0_EBX,             CPUID_7_0_EBX_RDSEED },
1319         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_RDSEED_EXITING },
1320     },
1321     {
1322         .from = { FEAT_7_0_EBX,             CPUID_7_0_EBX_INTEL_PT },
1323         .to = { FEAT_14_0_ECX,              ~0ull },
1324     },
1325     {
1326         .from = { FEAT_8000_0001_EDX,       CPUID_EXT2_RDTSCP },
1327         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_RDTSCP },
1328     },
1329     {
1330         .from = { FEAT_VMX_SECONDARY_CTLS,  VMX_SECONDARY_EXEC_ENABLE_EPT },
1331         .to = { FEAT_VMX_EPT_VPID_CAPS,     0xffffffffull },
1332     },
1333     {
1334         .from = { FEAT_VMX_SECONDARY_CTLS,  VMX_SECONDARY_EXEC_ENABLE_EPT },
1335         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST },
1336     },
1337     {
1338         .from = { FEAT_VMX_SECONDARY_CTLS,  VMX_SECONDARY_EXEC_ENABLE_VPID },
1339         .to = { FEAT_VMX_EPT_VPID_CAPS,     0xffffffffull << 32 },
1340     },
1341     {
1342         .from = { FEAT_VMX_SECONDARY_CTLS,  VMX_SECONDARY_EXEC_ENABLE_VMFUNC },
1343         .to = { FEAT_VMX_VMFUNC,            ~0ull },
1344     },
1345     {
1346         .from = { FEAT_8000_0001_ECX,       CPUID_EXT3_SVM },
1347         .to = { FEAT_SVM,                   ~0ull },
1348     },
1349 };
1350 
1351 typedef struct X86RegisterInfo32 {
1352     /* Name of register */
1353     const char *name;
1354     /* QAPI enum value register */
1355     X86CPURegister32 qapi_enum;
1356 } X86RegisterInfo32;
1357 
1358 #define REGISTER(reg) \
1359     [R_##reg] = { .name = #reg, .qapi_enum = X86_CPU_REGISTER32_##reg }
1360 static const X86RegisterInfo32 x86_reg_info_32[CPU_NB_REGS32] = {
1361     REGISTER(EAX),
1362     REGISTER(ECX),
1363     REGISTER(EDX),
1364     REGISTER(EBX),
1365     REGISTER(ESP),
1366     REGISTER(EBP),
1367     REGISTER(ESI),
1368     REGISTER(EDI),
1369 };
1370 #undef REGISTER
1371 
1372 ExtSaveArea x86_ext_save_areas[XSAVE_STATE_AREA_COUNT] = {
1373     [XSTATE_FP_BIT] = {
1374         /* x87 FP state component is always enabled if XSAVE is supported */
1375         .feature = FEAT_1_ECX, .bits = CPUID_EXT_XSAVE,
1376         .size = sizeof(X86LegacyXSaveArea) + sizeof(X86XSaveHeader),
1377     },
1378     [XSTATE_SSE_BIT] = {
1379         /* SSE state component is always enabled if XSAVE is supported */
1380         .feature = FEAT_1_ECX, .bits = CPUID_EXT_XSAVE,
1381         .size = sizeof(X86LegacyXSaveArea) + sizeof(X86XSaveHeader),
1382     },
1383     [XSTATE_YMM_BIT] =
1384           { .feature = FEAT_1_ECX, .bits = CPUID_EXT_AVX,
1385             .size = sizeof(XSaveAVX) },
1386     [XSTATE_BNDREGS_BIT] =
1387           { .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_MPX,
1388             .size = sizeof(XSaveBNDREG)  },
1389     [XSTATE_BNDCSR_BIT] =
1390           { .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_MPX,
1391             .size = sizeof(XSaveBNDCSR)  },
1392     [XSTATE_OPMASK_BIT] =
1393           { .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_AVX512F,
1394             .size = sizeof(XSaveOpmask) },
1395     [XSTATE_ZMM_Hi256_BIT] =
1396           { .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_AVX512F,
1397             .size = sizeof(XSaveZMM_Hi256) },
1398     [XSTATE_Hi16_ZMM_BIT] =
1399           { .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_AVX512F,
1400             .size = sizeof(XSaveHi16_ZMM) },
1401     [XSTATE_PKRU_BIT] =
1402           { .feature = FEAT_7_0_ECX, .bits = CPUID_7_0_ECX_PKU,
1403             .size = sizeof(XSavePKRU) },
1404 };
1405 
1406 static uint32_t xsave_area_size(uint64_t mask)
1407 {
1408     int i;
1409     uint64_t ret = 0;
1410 
1411     for (i = 0; i < ARRAY_SIZE(x86_ext_save_areas); i++) {
1412         const ExtSaveArea *esa = &x86_ext_save_areas[i];
1413         if ((mask >> i) & 1) {
1414             ret = MAX(ret, esa->offset + esa->size);
1415         }
1416     }
1417     return ret;
1418 }
1419 
1420 static inline bool accel_uses_host_cpuid(void)
1421 {
1422     return kvm_enabled() || hvf_enabled();
1423 }
1424 
1425 static inline uint64_t x86_cpu_xsave_components(X86CPU *cpu)
1426 {
1427     return ((uint64_t)cpu->env.features[FEAT_XSAVE_COMP_HI]) << 32 |
1428            cpu->env.features[FEAT_XSAVE_COMP_LO];
1429 }
1430 
1431 /* Return name of 32-bit register, from a R_* constant */
1432 static const char *get_register_name_32(unsigned int reg)
1433 {
1434     if (reg >= CPU_NB_REGS32) {
1435         return NULL;
1436     }
1437     return x86_reg_info_32[reg].name;
1438 }
1439 
1440 /*
1441  * Returns the set of feature flags that are supported and migratable by
1442  * QEMU, for a given FeatureWord.
1443  */
1444 static uint64_t x86_cpu_get_migratable_flags(FeatureWord w)
1445 {
1446     FeatureWordInfo *wi = &feature_word_info[w];
1447     uint64_t r = 0;
1448     int i;
1449 
1450     for (i = 0; i < 64; i++) {
1451         uint64_t f = 1ULL << i;
1452 
1453         /* If the feature name is known, it is implicitly considered migratable,
1454          * unless it is explicitly set in unmigratable_flags */
1455         if ((wi->migratable_flags & f) ||
1456             (wi->feat_names[i] && !(wi->unmigratable_flags & f))) {
1457             r |= f;
1458         }
1459     }
1460     return r;
1461 }
1462 
1463 void host_cpuid(uint32_t function, uint32_t count,
1464                 uint32_t *eax, uint32_t *ebx, uint32_t *ecx, uint32_t *edx)
1465 {
1466     uint32_t vec[4];
1467 
1468 #ifdef __x86_64__
1469     asm volatile("cpuid"
1470                  : "=a"(vec[0]), "=b"(vec[1]),
1471                    "=c"(vec[2]), "=d"(vec[3])
1472                  : "0"(function), "c"(count) : "cc");
1473 #elif defined(__i386__)
1474     asm volatile("pusha \n\t"
1475                  "cpuid \n\t"
1476                  "mov %%eax, 0(%2) \n\t"
1477                  "mov %%ebx, 4(%2) \n\t"
1478                  "mov %%ecx, 8(%2) \n\t"
1479                  "mov %%edx, 12(%2) \n\t"
1480                  "popa"
1481                  : : "a"(function), "c"(count), "S"(vec)
1482                  : "memory", "cc");
1483 #else
1484     abort();
1485 #endif
1486 
1487     if (eax)
1488         *eax = vec[0];
1489     if (ebx)
1490         *ebx = vec[1];
1491     if (ecx)
1492         *ecx = vec[2];
1493     if (edx)
1494         *edx = vec[3];
1495 }
1496 
1497 /* CPU class name definitions: */
1498 
1499 /* Return type name for a given CPU model name
1500  * Caller is responsible for freeing the returned string.
1501  */
1502 static char *x86_cpu_type_name(const char *model_name)
1503 {
1504     return g_strdup_printf(X86_CPU_TYPE_NAME("%s"), model_name);
1505 }
1506 
1507 static ObjectClass *x86_cpu_class_by_name(const char *cpu_model)
1508 {
1509     g_autofree char *typename = x86_cpu_type_name(cpu_model);
1510     return object_class_by_name(typename);
1511 }
1512 
1513 static char *x86_cpu_class_get_model_name(X86CPUClass *cc)
1514 {
1515     const char *class_name = object_class_get_name(OBJECT_CLASS(cc));
1516     assert(g_str_has_suffix(class_name, X86_CPU_TYPE_SUFFIX));
1517     return g_strndup(class_name,
1518                      strlen(class_name) - strlen(X86_CPU_TYPE_SUFFIX));
1519 }
1520 
1521 typedef struct X86CPUVersionDefinition {
1522     X86CPUVersion version;
1523     const char *alias;
1524     const char *note;
1525     PropValue *props;
1526 } X86CPUVersionDefinition;
1527 
1528 /* Base definition for a CPU model */
1529 typedef struct X86CPUDefinition {
1530     const char *name;
1531     uint32_t level;
1532     uint32_t xlevel;
1533     /* vendor is zero-terminated, 12 character ASCII string */
1534     char vendor[CPUID_VENDOR_SZ + 1];
1535     int family;
1536     int model;
1537     int stepping;
1538     FeatureWordArray features;
1539     const char *model_id;
1540     const CPUCaches *const cache_info;
1541     /*
1542      * Definitions for alternative versions of CPU model.
1543      * List is terminated by item with version == 0.
1544      * If NULL, version 1 will be registered automatically.
1545      */
1546     const X86CPUVersionDefinition *versions;
1547     const char *deprecation_note;
1548 } X86CPUDefinition;
1549 
1550 /* Reference to a specific CPU model version */
1551 struct X86CPUModel {
1552     /* Base CPU definition */
1553     const X86CPUDefinition *cpudef;
1554     /* CPU model version */
1555     X86CPUVersion version;
1556     const char *note;
1557     /*
1558      * If true, this is an alias CPU model.
1559      * This matters only for "-cpu help" and query-cpu-definitions
1560      */
1561     bool is_alias;
1562 };
1563 
1564 /* Get full model name for CPU version */
1565 static char *x86_cpu_versioned_model_name(const X86CPUDefinition *cpudef,
1566                                           X86CPUVersion version)
1567 {
1568     assert(version > 0);
1569     return g_strdup_printf("%s-v%d", cpudef->name, (int)version);
1570 }
1571 
1572 static const X86CPUVersionDefinition *
1573 x86_cpu_def_get_versions(const X86CPUDefinition *def)
1574 {
1575     /* When X86CPUDefinition::versions is NULL, we register only v1 */
1576     static const X86CPUVersionDefinition default_version_list[] = {
1577         { 1 },
1578         { /* end of list */ }
1579     };
1580 
1581     return def->versions ?: default_version_list;
1582 }
1583 
1584 static const CPUCaches epyc_cache_info = {
1585     .l1d_cache = &(CPUCacheInfo) {
1586         .type = DATA_CACHE,
1587         .level = 1,
1588         .size = 32 * KiB,
1589         .line_size = 64,
1590         .associativity = 8,
1591         .partitions = 1,
1592         .sets = 64,
1593         .lines_per_tag = 1,
1594         .self_init = 1,
1595         .no_invd_sharing = true,
1596     },
1597     .l1i_cache = &(CPUCacheInfo) {
1598         .type = INSTRUCTION_CACHE,
1599         .level = 1,
1600         .size = 64 * KiB,
1601         .line_size = 64,
1602         .associativity = 4,
1603         .partitions = 1,
1604         .sets = 256,
1605         .lines_per_tag = 1,
1606         .self_init = 1,
1607         .no_invd_sharing = true,
1608     },
1609     .l2_cache = &(CPUCacheInfo) {
1610         .type = UNIFIED_CACHE,
1611         .level = 2,
1612         .size = 512 * KiB,
1613         .line_size = 64,
1614         .associativity = 8,
1615         .partitions = 1,
1616         .sets = 1024,
1617         .lines_per_tag = 1,
1618     },
1619     .l3_cache = &(CPUCacheInfo) {
1620         .type = UNIFIED_CACHE,
1621         .level = 3,
1622         .size = 8 * MiB,
1623         .line_size = 64,
1624         .associativity = 16,
1625         .partitions = 1,
1626         .sets = 8192,
1627         .lines_per_tag = 1,
1628         .self_init = true,
1629         .inclusive = true,
1630         .complex_indexing = true,
1631     },
1632 };
1633 
1634 static const CPUCaches epyc_rome_cache_info = {
1635     .l1d_cache = &(CPUCacheInfo) {
1636         .type = DATA_CACHE,
1637         .level = 1,
1638         .size = 32 * KiB,
1639         .line_size = 64,
1640         .associativity = 8,
1641         .partitions = 1,
1642         .sets = 64,
1643         .lines_per_tag = 1,
1644         .self_init = 1,
1645         .no_invd_sharing = true,
1646     },
1647     .l1i_cache = &(CPUCacheInfo) {
1648         .type = INSTRUCTION_CACHE,
1649         .level = 1,
1650         .size = 32 * KiB,
1651         .line_size = 64,
1652         .associativity = 8,
1653         .partitions = 1,
1654         .sets = 64,
1655         .lines_per_tag = 1,
1656         .self_init = 1,
1657         .no_invd_sharing = true,
1658     },
1659     .l2_cache = &(CPUCacheInfo) {
1660         .type = UNIFIED_CACHE,
1661         .level = 2,
1662         .size = 512 * KiB,
1663         .line_size = 64,
1664         .associativity = 8,
1665         .partitions = 1,
1666         .sets = 1024,
1667         .lines_per_tag = 1,
1668     },
1669     .l3_cache = &(CPUCacheInfo) {
1670         .type = UNIFIED_CACHE,
1671         .level = 3,
1672         .size = 16 * MiB,
1673         .line_size = 64,
1674         .associativity = 16,
1675         .partitions = 1,
1676         .sets = 16384,
1677         .lines_per_tag = 1,
1678         .self_init = true,
1679         .inclusive = true,
1680         .complex_indexing = true,
1681     },
1682 };
1683 
1684 static const CPUCaches epyc_milan_cache_info = {
1685     .l1d_cache = &(CPUCacheInfo) {
1686         .type = DATA_CACHE,
1687         .level = 1,
1688         .size = 32 * KiB,
1689         .line_size = 64,
1690         .associativity = 8,
1691         .partitions = 1,
1692         .sets = 64,
1693         .lines_per_tag = 1,
1694         .self_init = 1,
1695         .no_invd_sharing = true,
1696     },
1697     .l1i_cache = &(CPUCacheInfo) {
1698         .type = INSTRUCTION_CACHE,
1699         .level = 1,
1700         .size = 32 * KiB,
1701         .line_size = 64,
1702         .associativity = 8,
1703         .partitions = 1,
1704         .sets = 64,
1705         .lines_per_tag = 1,
1706         .self_init = 1,
1707         .no_invd_sharing = true,
1708     },
1709     .l2_cache = &(CPUCacheInfo) {
1710         .type = UNIFIED_CACHE,
1711         .level = 2,
1712         .size = 512 * KiB,
1713         .line_size = 64,
1714         .associativity = 8,
1715         .partitions = 1,
1716         .sets = 1024,
1717         .lines_per_tag = 1,
1718     },
1719     .l3_cache = &(CPUCacheInfo) {
1720         .type = UNIFIED_CACHE,
1721         .level = 3,
1722         .size = 32 * MiB,
1723         .line_size = 64,
1724         .associativity = 16,
1725         .partitions = 1,
1726         .sets = 32768,
1727         .lines_per_tag = 1,
1728         .self_init = true,
1729         .inclusive = true,
1730         .complex_indexing = true,
1731     },
1732 };
1733 
1734 /* The following VMX features are not supported by KVM and are left out in the
1735  * CPU definitions:
1736  *
1737  *  Dual-monitor support (all processors)
1738  *  Entry to SMM
1739  *  Deactivate dual-monitor treatment
1740  *  Number of CR3-target values
1741  *  Shutdown activity state
1742  *  Wait-for-SIPI activity state
1743  *  PAUSE-loop exiting (Westmere and newer)
1744  *  EPT-violation #VE (Broadwell and newer)
1745  *  Inject event with insn length=0 (Skylake and newer)
1746  *  Conceal non-root operation from PT
1747  *  Conceal VM exits from PT
1748  *  Conceal VM entries from PT
1749  *  Enable ENCLS exiting
1750  *  Mode-based execute control (XS/XU)
1751  s  TSC scaling (Skylake Server and newer)
1752  *  GPA translation for PT (IceLake and newer)
1753  *  User wait and pause
1754  *  ENCLV exiting
1755  *  Load IA32_RTIT_CTL
1756  *  Clear IA32_RTIT_CTL
1757  *  Advanced VM-exit information for EPT violations
1758  *  Sub-page write permissions
1759  *  PT in VMX operation
1760  */
1761 
1762 static const X86CPUDefinition builtin_x86_defs[] = {
1763     {
1764         .name = "qemu64",
1765         .level = 0xd,
1766         .vendor = CPUID_VENDOR_AMD,
1767         .family = 15,
1768         .model = 107,
1769         .stepping = 1,
1770         .features[FEAT_1_EDX] =
1771             PPRO_FEATURES |
1772             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA |
1773             CPUID_PSE36,
1774         .features[FEAT_1_ECX] =
1775             CPUID_EXT_SSE3 | CPUID_EXT_CX16,
1776         .features[FEAT_8000_0001_EDX] =
1777             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX,
1778         .features[FEAT_8000_0001_ECX] =
1779             CPUID_EXT3_LAHF_LM | CPUID_EXT3_SVM,
1780         .xlevel = 0x8000000A,
1781         .model_id = "QEMU Virtual CPU version " QEMU_HW_VERSION,
1782     },
1783     {
1784         .name = "phenom",
1785         .level = 5,
1786         .vendor = CPUID_VENDOR_AMD,
1787         .family = 16,
1788         .model = 2,
1789         .stepping = 3,
1790         /* Missing: CPUID_HT */
1791         .features[FEAT_1_EDX] =
1792             PPRO_FEATURES |
1793             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA |
1794             CPUID_PSE36 | CPUID_VME,
1795         .features[FEAT_1_ECX] =
1796             CPUID_EXT_SSE3 | CPUID_EXT_MONITOR | CPUID_EXT_CX16 |
1797             CPUID_EXT_POPCNT,
1798         .features[FEAT_8000_0001_EDX] =
1799             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX |
1800             CPUID_EXT2_3DNOW | CPUID_EXT2_3DNOWEXT | CPUID_EXT2_MMXEXT |
1801             CPUID_EXT2_FFXSR | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP,
1802         /* Missing: CPUID_EXT3_CMP_LEG, CPUID_EXT3_EXTAPIC,
1803                     CPUID_EXT3_CR8LEG,
1804                     CPUID_EXT3_MISALIGNSSE, CPUID_EXT3_3DNOWPREFETCH,
1805                     CPUID_EXT3_OSVW, CPUID_EXT3_IBS */
1806         .features[FEAT_8000_0001_ECX] =
1807             CPUID_EXT3_LAHF_LM | CPUID_EXT3_SVM |
1808             CPUID_EXT3_ABM | CPUID_EXT3_SSE4A,
1809         /* Missing: CPUID_SVM_LBRV */
1810         .features[FEAT_SVM] =
1811             CPUID_SVM_NPT,
1812         .xlevel = 0x8000001A,
1813         .model_id = "AMD Phenom(tm) 9550 Quad-Core Processor"
1814     },
1815     {
1816         .name = "core2duo",
1817         .level = 10,
1818         .vendor = CPUID_VENDOR_INTEL,
1819         .family = 6,
1820         .model = 15,
1821         .stepping = 11,
1822         /* Missing: CPUID_DTS, CPUID_HT, CPUID_TM, CPUID_PBE */
1823         .features[FEAT_1_EDX] =
1824             PPRO_FEATURES |
1825             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA |
1826             CPUID_PSE36 | CPUID_VME | CPUID_ACPI | CPUID_SS,
1827         /* Missing: CPUID_EXT_DTES64, CPUID_EXT_DSCPL, CPUID_EXT_EST,
1828          * CPUID_EXT_TM2, CPUID_EXT_XTPR, CPUID_EXT_PDCM, CPUID_EXT_VMX */
1829         .features[FEAT_1_ECX] =
1830             CPUID_EXT_SSE3 | CPUID_EXT_MONITOR | CPUID_EXT_SSSE3 |
1831             CPUID_EXT_CX16,
1832         .features[FEAT_8000_0001_EDX] =
1833             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX,
1834         .features[FEAT_8000_0001_ECX] =
1835             CPUID_EXT3_LAHF_LM,
1836         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS,
1837         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE,
1838         .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT,
1839         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
1840         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
1841              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS,
1842         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
1843              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
1844              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
1845              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
1846              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
1847              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
1848              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
1849              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
1850              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
1851              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
1852         .features[FEAT_VMX_SECONDARY_CTLS] =
1853              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES,
1854         .xlevel = 0x80000008,
1855         .model_id = "Intel(R) Core(TM)2 Duo CPU     T7700  @ 2.40GHz",
1856     },
1857     {
1858         .name = "kvm64",
1859         .level = 0xd,
1860         .vendor = CPUID_VENDOR_INTEL,
1861         .family = 15,
1862         .model = 6,
1863         .stepping = 1,
1864         /* Missing: CPUID_HT */
1865         .features[FEAT_1_EDX] =
1866             PPRO_FEATURES | CPUID_VME |
1867             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA |
1868             CPUID_PSE36,
1869         /* Missing: CPUID_EXT_POPCNT, CPUID_EXT_MONITOR */
1870         .features[FEAT_1_ECX] =
1871             CPUID_EXT_SSE3 | CPUID_EXT_CX16,
1872         /* Missing: CPUID_EXT2_PDPE1GB, CPUID_EXT2_RDTSCP */
1873         .features[FEAT_8000_0001_EDX] =
1874             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX,
1875         /* Missing: CPUID_EXT3_LAHF_LM, CPUID_EXT3_CMP_LEG, CPUID_EXT3_EXTAPIC,
1876                     CPUID_EXT3_CR8LEG, CPUID_EXT3_ABM, CPUID_EXT3_SSE4A,
1877                     CPUID_EXT3_MISALIGNSSE, CPUID_EXT3_3DNOWPREFETCH,
1878                     CPUID_EXT3_OSVW, CPUID_EXT3_IBS, CPUID_EXT3_SVM */
1879         .features[FEAT_8000_0001_ECX] =
1880             0,
1881         /* VMX features from Cedar Mill/Prescott */
1882         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE,
1883         .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT,
1884         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
1885         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
1886              VMX_PIN_BASED_NMI_EXITING,
1887         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
1888              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
1889              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
1890              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
1891              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
1892              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
1893              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
1894              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING,
1895         .xlevel = 0x80000008,
1896         .model_id = "Common KVM processor"
1897     },
1898     {
1899         .name = "qemu32",
1900         .level = 4,
1901         .vendor = CPUID_VENDOR_INTEL,
1902         .family = 6,
1903         .model = 6,
1904         .stepping = 3,
1905         .features[FEAT_1_EDX] =
1906             PPRO_FEATURES,
1907         .features[FEAT_1_ECX] =
1908             CPUID_EXT_SSE3,
1909         .xlevel = 0x80000004,
1910         .model_id = "QEMU Virtual CPU version " QEMU_HW_VERSION,
1911     },
1912     {
1913         .name = "kvm32",
1914         .level = 5,
1915         .vendor = CPUID_VENDOR_INTEL,
1916         .family = 15,
1917         .model = 6,
1918         .stepping = 1,
1919         .features[FEAT_1_EDX] =
1920             PPRO_FEATURES | CPUID_VME |
1921             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA | CPUID_PSE36,
1922         .features[FEAT_1_ECX] =
1923             CPUID_EXT_SSE3,
1924         .features[FEAT_8000_0001_ECX] =
1925             0,
1926         /* VMX features from Yonah */
1927         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE,
1928         .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT,
1929         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
1930         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
1931              VMX_PIN_BASED_NMI_EXITING,
1932         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
1933              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
1934              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
1935              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
1936              VMX_CPU_BASED_MOV_DR_EXITING | VMX_CPU_BASED_UNCOND_IO_EXITING |
1937              VMX_CPU_BASED_USE_IO_BITMAPS | VMX_CPU_BASED_MONITOR_EXITING |
1938              VMX_CPU_BASED_PAUSE_EXITING | VMX_CPU_BASED_USE_MSR_BITMAPS,
1939         .xlevel = 0x80000008,
1940         .model_id = "Common 32-bit KVM processor"
1941     },
1942     {
1943         .name = "coreduo",
1944         .level = 10,
1945         .vendor = CPUID_VENDOR_INTEL,
1946         .family = 6,
1947         .model = 14,
1948         .stepping = 8,
1949         /* Missing: CPUID_DTS, CPUID_HT, CPUID_TM, CPUID_PBE */
1950         .features[FEAT_1_EDX] =
1951             PPRO_FEATURES | CPUID_VME |
1952             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA | CPUID_ACPI |
1953             CPUID_SS,
1954         /* Missing: CPUID_EXT_EST, CPUID_EXT_TM2 , CPUID_EXT_XTPR,
1955          * CPUID_EXT_PDCM, CPUID_EXT_VMX */
1956         .features[FEAT_1_ECX] =
1957             CPUID_EXT_SSE3 | CPUID_EXT_MONITOR,
1958         .features[FEAT_8000_0001_EDX] =
1959             CPUID_EXT2_NX,
1960         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE,
1961         .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT,
1962         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
1963         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
1964              VMX_PIN_BASED_NMI_EXITING,
1965         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
1966              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
1967              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
1968              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
1969              VMX_CPU_BASED_MOV_DR_EXITING | VMX_CPU_BASED_UNCOND_IO_EXITING |
1970              VMX_CPU_BASED_USE_IO_BITMAPS | VMX_CPU_BASED_MONITOR_EXITING |
1971              VMX_CPU_BASED_PAUSE_EXITING | VMX_CPU_BASED_USE_MSR_BITMAPS,
1972         .xlevel = 0x80000008,
1973         .model_id = "Genuine Intel(R) CPU           T2600  @ 2.16GHz",
1974     },
1975     {
1976         .name = "486",
1977         .level = 1,
1978         .vendor = CPUID_VENDOR_INTEL,
1979         .family = 4,
1980         .model = 8,
1981         .stepping = 0,
1982         .features[FEAT_1_EDX] =
1983             I486_FEATURES,
1984         .xlevel = 0,
1985         .model_id = "",
1986     },
1987     {
1988         .name = "pentium",
1989         .level = 1,
1990         .vendor = CPUID_VENDOR_INTEL,
1991         .family = 5,
1992         .model = 4,
1993         .stepping = 3,
1994         .features[FEAT_1_EDX] =
1995             PENTIUM_FEATURES,
1996         .xlevel = 0,
1997         .model_id = "",
1998     },
1999     {
2000         .name = "pentium2",
2001         .level = 2,
2002         .vendor = CPUID_VENDOR_INTEL,
2003         .family = 6,
2004         .model = 5,
2005         .stepping = 2,
2006         .features[FEAT_1_EDX] =
2007             PENTIUM2_FEATURES,
2008         .xlevel = 0,
2009         .model_id = "",
2010     },
2011     {
2012         .name = "pentium3",
2013         .level = 3,
2014         .vendor = CPUID_VENDOR_INTEL,
2015         .family = 6,
2016         .model = 7,
2017         .stepping = 3,
2018         .features[FEAT_1_EDX] =
2019             PENTIUM3_FEATURES,
2020         .xlevel = 0,
2021         .model_id = "",
2022     },
2023     {
2024         .name = "athlon",
2025         .level = 2,
2026         .vendor = CPUID_VENDOR_AMD,
2027         .family = 6,
2028         .model = 2,
2029         .stepping = 3,
2030         .features[FEAT_1_EDX] =
2031             PPRO_FEATURES | CPUID_PSE36 | CPUID_VME | CPUID_MTRR |
2032             CPUID_MCA,
2033         .features[FEAT_8000_0001_EDX] =
2034             CPUID_EXT2_MMXEXT | CPUID_EXT2_3DNOW | CPUID_EXT2_3DNOWEXT,
2035         .xlevel = 0x80000008,
2036         .model_id = "QEMU Virtual CPU version " QEMU_HW_VERSION,
2037     },
2038     {
2039         .name = "n270",
2040         .level = 10,
2041         .vendor = CPUID_VENDOR_INTEL,
2042         .family = 6,
2043         .model = 28,
2044         .stepping = 2,
2045         /* Missing: CPUID_DTS, CPUID_HT, CPUID_TM, CPUID_PBE */
2046         .features[FEAT_1_EDX] =
2047             PPRO_FEATURES |
2048             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA | CPUID_VME |
2049             CPUID_ACPI | CPUID_SS,
2050             /* Some CPUs got no CPUID_SEP */
2051         /* Missing: CPUID_EXT_DSCPL, CPUID_EXT_EST, CPUID_EXT_TM2,
2052          * CPUID_EXT_XTPR */
2053         .features[FEAT_1_ECX] =
2054             CPUID_EXT_SSE3 | CPUID_EXT_MONITOR | CPUID_EXT_SSSE3 |
2055             CPUID_EXT_MOVBE,
2056         .features[FEAT_8000_0001_EDX] =
2057             CPUID_EXT2_NX,
2058         .features[FEAT_8000_0001_ECX] =
2059             CPUID_EXT3_LAHF_LM,
2060         .xlevel = 0x80000008,
2061         .model_id = "Intel(R) Atom(TM) CPU N270   @ 1.60GHz",
2062     },
2063     {
2064         .name = "Conroe",
2065         .level = 10,
2066         .vendor = CPUID_VENDOR_INTEL,
2067         .family = 6,
2068         .model = 15,
2069         .stepping = 3,
2070         .features[FEAT_1_EDX] =
2071             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2072             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2073             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2074             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2075             CPUID_DE | CPUID_FP87,
2076         .features[FEAT_1_ECX] =
2077             CPUID_EXT_SSSE3 | CPUID_EXT_SSE3,
2078         .features[FEAT_8000_0001_EDX] =
2079             CPUID_EXT2_LM | CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
2080         .features[FEAT_8000_0001_ECX] =
2081             CPUID_EXT3_LAHF_LM,
2082         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS,
2083         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE,
2084         .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT,
2085         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
2086         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2087              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS,
2088         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2089              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2090              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2091              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2092              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2093              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2094              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2095              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2096              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2097              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2098         .features[FEAT_VMX_SECONDARY_CTLS] =
2099              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES,
2100         .xlevel = 0x80000008,
2101         .model_id = "Intel Celeron_4x0 (Conroe/Merom Class Core 2)",
2102     },
2103     {
2104         .name = "Penryn",
2105         .level = 10,
2106         .vendor = CPUID_VENDOR_INTEL,
2107         .family = 6,
2108         .model = 23,
2109         .stepping = 3,
2110         .features[FEAT_1_EDX] =
2111             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2112             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2113             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2114             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2115             CPUID_DE | CPUID_FP87,
2116         .features[FEAT_1_ECX] =
2117             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
2118             CPUID_EXT_SSE3,
2119         .features[FEAT_8000_0001_EDX] =
2120             CPUID_EXT2_LM | CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
2121         .features[FEAT_8000_0001_ECX] =
2122             CPUID_EXT3_LAHF_LM,
2123         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS,
2124         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2125              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL,
2126         .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT |
2127              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL,
2128         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
2129         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2130              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS,
2131         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2132              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2133              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2134              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2135              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2136              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2137              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2138              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2139              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2140              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2141         .features[FEAT_VMX_SECONDARY_CTLS] =
2142              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2143              VMX_SECONDARY_EXEC_WBINVD_EXITING,
2144         .xlevel = 0x80000008,
2145         .model_id = "Intel Core 2 Duo P9xxx (Penryn Class Core 2)",
2146     },
2147     {
2148         .name = "Nehalem",
2149         .level = 11,
2150         .vendor = CPUID_VENDOR_INTEL,
2151         .family = 6,
2152         .model = 26,
2153         .stepping = 3,
2154         .features[FEAT_1_EDX] =
2155             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2156             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2157             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2158             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2159             CPUID_DE | CPUID_FP87,
2160         .features[FEAT_1_ECX] =
2161             CPUID_EXT_POPCNT | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
2162             CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | CPUID_EXT_SSE3,
2163         .features[FEAT_8000_0001_EDX] =
2164             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX,
2165         .features[FEAT_8000_0001_ECX] =
2166             CPUID_EXT3_LAHF_LM,
2167         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2168              MSR_VMX_BASIC_TRUE_CTLS,
2169         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2170              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2171              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2172         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2173              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2174              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2175              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2176              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2177              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2178              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS,
2179         .features[FEAT_VMX_EXIT_CTLS] =
2180              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2181              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2182              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2183              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2184              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2185         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
2186         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2187              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2188              VMX_PIN_BASED_VMX_PREEMPTION_TIMER,
2189         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2190              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2191              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2192              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2193              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2194              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2195              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2196              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2197              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2198              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2199              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2200              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2201         .features[FEAT_VMX_SECONDARY_CTLS] =
2202              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2203              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2204              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2205              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
2206              VMX_SECONDARY_EXEC_ENABLE_VPID,
2207         .xlevel = 0x80000008,
2208         .model_id = "Intel Core i7 9xx (Nehalem Class Core i7)",
2209         .versions = (X86CPUVersionDefinition[]) {
2210             { .version = 1 },
2211             {
2212                 .version = 2,
2213                 .alias = "Nehalem-IBRS",
2214                 .props = (PropValue[]) {
2215                     { "spec-ctrl", "on" },
2216                     { "model-id",
2217                       "Intel Core i7 9xx (Nehalem Core i7, IBRS update)" },
2218                     { /* end of list */ }
2219                 }
2220             },
2221             { /* end of list */ }
2222         }
2223     },
2224     {
2225         .name = "Westmere",
2226         .level = 11,
2227         .vendor = CPUID_VENDOR_INTEL,
2228         .family = 6,
2229         .model = 44,
2230         .stepping = 1,
2231         .features[FEAT_1_EDX] =
2232             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2233             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2234             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2235             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2236             CPUID_DE | CPUID_FP87,
2237         .features[FEAT_1_ECX] =
2238             CPUID_EXT_AES | CPUID_EXT_POPCNT | CPUID_EXT_SSE42 |
2239             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
2240             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3,
2241         .features[FEAT_8000_0001_EDX] =
2242             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX,
2243         .features[FEAT_8000_0001_ECX] =
2244             CPUID_EXT3_LAHF_LM,
2245         .features[FEAT_6_EAX] =
2246             CPUID_6_EAX_ARAT,
2247         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2248              MSR_VMX_BASIC_TRUE_CTLS,
2249         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2250              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2251              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2252         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2253              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2254              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2255              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2256              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2257              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2258              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS,
2259         .features[FEAT_VMX_EXIT_CTLS] =
2260              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2261              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2262              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2263              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2264              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2265         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
2266              MSR_VMX_MISC_STORE_LMA,
2267         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2268              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2269              VMX_PIN_BASED_VMX_PREEMPTION_TIMER,
2270         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2271              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2272              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2273              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2274              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2275              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2276              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2277              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2278              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2279              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2280              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2281              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2282         .features[FEAT_VMX_SECONDARY_CTLS] =
2283              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2284              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2285              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2286              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
2287              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST,
2288         .xlevel = 0x80000008,
2289         .model_id = "Westmere E56xx/L56xx/X56xx (Nehalem-C)",
2290         .versions = (X86CPUVersionDefinition[]) {
2291             { .version = 1 },
2292             {
2293                 .version = 2,
2294                 .alias = "Westmere-IBRS",
2295                 .props = (PropValue[]) {
2296                     { "spec-ctrl", "on" },
2297                     { "model-id",
2298                       "Westmere E56xx/L56xx/X56xx (IBRS update)" },
2299                     { /* end of list */ }
2300                 }
2301             },
2302             { /* end of list */ }
2303         }
2304     },
2305     {
2306         .name = "SandyBridge",
2307         .level = 0xd,
2308         .vendor = CPUID_VENDOR_INTEL,
2309         .family = 6,
2310         .model = 42,
2311         .stepping = 1,
2312         .features[FEAT_1_EDX] =
2313             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2314             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2315             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2316             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2317             CPUID_DE | CPUID_FP87,
2318         .features[FEAT_1_ECX] =
2319             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
2320             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_POPCNT |
2321             CPUID_EXT_X2APIC | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
2322             CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | CPUID_EXT_PCLMULQDQ |
2323             CPUID_EXT_SSE3,
2324         .features[FEAT_8000_0001_EDX] =
2325             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
2326             CPUID_EXT2_SYSCALL,
2327         .features[FEAT_8000_0001_ECX] =
2328             CPUID_EXT3_LAHF_LM,
2329         .features[FEAT_XSAVE] =
2330             CPUID_XSAVE_XSAVEOPT,
2331         .features[FEAT_6_EAX] =
2332             CPUID_6_EAX_ARAT,
2333         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2334              MSR_VMX_BASIC_TRUE_CTLS,
2335         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2336              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2337              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2338         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2339              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2340              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2341              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2342              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2343              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2344              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS,
2345         .features[FEAT_VMX_EXIT_CTLS] =
2346              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2347              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2348              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2349              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2350              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2351         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
2352              MSR_VMX_MISC_STORE_LMA,
2353         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2354              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2355              VMX_PIN_BASED_VMX_PREEMPTION_TIMER,
2356         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2357              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2358              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2359              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2360              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2361              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2362              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2363              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2364              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2365              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2366              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2367              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2368         .features[FEAT_VMX_SECONDARY_CTLS] =
2369              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2370              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2371              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2372              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
2373              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST,
2374         .xlevel = 0x80000008,
2375         .model_id = "Intel Xeon E312xx (Sandy Bridge)",
2376         .versions = (X86CPUVersionDefinition[]) {
2377             { .version = 1 },
2378             {
2379                 .version = 2,
2380                 .alias = "SandyBridge-IBRS",
2381                 .props = (PropValue[]) {
2382                     { "spec-ctrl", "on" },
2383                     { "model-id",
2384                       "Intel Xeon E312xx (Sandy Bridge, IBRS update)" },
2385                     { /* end of list */ }
2386                 }
2387             },
2388             { /* end of list */ }
2389         }
2390     },
2391     {
2392         .name = "IvyBridge",
2393         .level = 0xd,
2394         .vendor = CPUID_VENDOR_INTEL,
2395         .family = 6,
2396         .model = 58,
2397         .stepping = 9,
2398         .features[FEAT_1_EDX] =
2399             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2400             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2401             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2402             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2403             CPUID_DE | CPUID_FP87,
2404         .features[FEAT_1_ECX] =
2405             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
2406             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_POPCNT |
2407             CPUID_EXT_X2APIC | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
2408             CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | CPUID_EXT_PCLMULQDQ |
2409             CPUID_EXT_SSE3 | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
2410         .features[FEAT_7_0_EBX] =
2411             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_SMEP |
2412             CPUID_7_0_EBX_ERMS,
2413         .features[FEAT_8000_0001_EDX] =
2414             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
2415             CPUID_EXT2_SYSCALL,
2416         .features[FEAT_8000_0001_ECX] =
2417             CPUID_EXT3_LAHF_LM,
2418         .features[FEAT_XSAVE] =
2419             CPUID_XSAVE_XSAVEOPT,
2420         .features[FEAT_6_EAX] =
2421             CPUID_6_EAX_ARAT,
2422         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2423              MSR_VMX_BASIC_TRUE_CTLS,
2424         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2425              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2426              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2427         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2428              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2429              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2430              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2431              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2432              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2433              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS,
2434         .features[FEAT_VMX_EXIT_CTLS] =
2435              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2436              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2437              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2438              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2439              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2440         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
2441              MSR_VMX_MISC_STORE_LMA,
2442         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2443              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2444              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
2445         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2446              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2447              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2448              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2449              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2450              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2451              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2452              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2453              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2454              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2455              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2456              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2457         .features[FEAT_VMX_SECONDARY_CTLS] =
2458              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2459              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2460              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2461              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
2462              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
2463              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
2464              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
2465              VMX_SECONDARY_EXEC_RDRAND_EXITING,
2466         .xlevel = 0x80000008,
2467         .model_id = "Intel Xeon E3-12xx v2 (Ivy Bridge)",
2468         .versions = (X86CPUVersionDefinition[]) {
2469             { .version = 1 },
2470             {
2471                 .version = 2,
2472                 .alias = "IvyBridge-IBRS",
2473                 .props = (PropValue[]) {
2474                     { "spec-ctrl", "on" },
2475                     { "model-id",
2476                       "Intel Xeon E3-12xx v2 (Ivy Bridge, IBRS)" },
2477                     { /* end of list */ }
2478                 }
2479             },
2480             { /* end of list */ }
2481         }
2482     },
2483     {
2484         .name = "Haswell",
2485         .level = 0xd,
2486         .vendor = CPUID_VENDOR_INTEL,
2487         .family = 6,
2488         .model = 60,
2489         .stepping = 4,
2490         .features[FEAT_1_EDX] =
2491             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2492             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2493             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2494             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2495             CPUID_DE | CPUID_FP87,
2496         .features[FEAT_1_ECX] =
2497             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
2498             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
2499             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
2500             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
2501             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
2502             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
2503         .features[FEAT_8000_0001_EDX] =
2504             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
2505             CPUID_EXT2_SYSCALL,
2506         .features[FEAT_8000_0001_ECX] =
2507             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM,
2508         .features[FEAT_7_0_EBX] =
2509             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
2510             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
2511             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
2512             CPUID_7_0_EBX_RTM,
2513         .features[FEAT_XSAVE] =
2514             CPUID_XSAVE_XSAVEOPT,
2515         .features[FEAT_6_EAX] =
2516             CPUID_6_EAX_ARAT,
2517         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2518              MSR_VMX_BASIC_TRUE_CTLS,
2519         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2520              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2521              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2522         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2523              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2524              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2525              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2526              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2527              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2528              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
2529         .features[FEAT_VMX_EXIT_CTLS] =
2530              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2531              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2532              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2533              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2534              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2535         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
2536              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
2537         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2538              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2539              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
2540         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2541              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2542              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2543              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2544              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2545              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2546              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2547              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2548              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2549              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2550              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2551              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2552         .features[FEAT_VMX_SECONDARY_CTLS] =
2553              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2554              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2555              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2556              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
2557              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
2558              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
2559              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
2560              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
2561              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS,
2562         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
2563         .xlevel = 0x80000008,
2564         .model_id = "Intel Core Processor (Haswell)",
2565         .versions = (X86CPUVersionDefinition[]) {
2566             { .version = 1 },
2567             {
2568                 .version = 2,
2569                 .alias = "Haswell-noTSX",
2570                 .props = (PropValue[]) {
2571                     { "hle", "off" },
2572                     { "rtm", "off" },
2573                     { "stepping", "1" },
2574                     { "model-id", "Intel Core Processor (Haswell, no TSX)", },
2575                     { /* end of list */ }
2576                 },
2577             },
2578             {
2579                 .version = 3,
2580                 .alias = "Haswell-IBRS",
2581                 .props = (PropValue[]) {
2582                     /* Restore TSX features removed by -v2 above */
2583                     { "hle", "on" },
2584                     { "rtm", "on" },
2585                     /*
2586                      * Haswell and Haswell-IBRS had stepping=4 in
2587                      * QEMU 4.0 and older
2588                      */
2589                     { "stepping", "4" },
2590                     { "spec-ctrl", "on" },
2591                     { "model-id",
2592                       "Intel Core Processor (Haswell, IBRS)" },
2593                     { /* end of list */ }
2594                 }
2595             },
2596             {
2597                 .version = 4,
2598                 .alias = "Haswell-noTSX-IBRS",
2599                 .props = (PropValue[]) {
2600                     { "hle", "off" },
2601                     { "rtm", "off" },
2602                     /* spec-ctrl was already enabled by -v3 above */
2603                     { "stepping", "1" },
2604                     { "model-id",
2605                       "Intel Core Processor (Haswell, no TSX, IBRS)" },
2606                     { /* end of list */ }
2607                 }
2608             },
2609             { /* end of list */ }
2610         }
2611     },
2612     {
2613         .name = "Broadwell",
2614         .level = 0xd,
2615         .vendor = CPUID_VENDOR_INTEL,
2616         .family = 6,
2617         .model = 61,
2618         .stepping = 2,
2619         .features[FEAT_1_EDX] =
2620             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2621             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2622             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2623             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2624             CPUID_DE | CPUID_FP87,
2625         .features[FEAT_1_ECX] =
2626             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
2627             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
2628             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
2629             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
2630             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
2631             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
2632         .features[FEAT_8000_0001_EDX] =
2633             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
2634             CPUID_EXT2_SYSCALL,
2635         .features[FEAT_8000_0001_ECX] =
2636             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
2637         .features[FEAT_7_0_EBX] =
2638             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
2639             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
2640             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
2641             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
2642             CPUID_7_0_EBX_SMAP,
2643         .features[FEAT_XSAVE] =
2644             CPUID_XSAVE_XSAVEOPT,
2645         .features[FEAT_6_EAX] =
2646             CPUID_6_EAX_ARAT,
2647         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2648              MSR_VMX_BASIC_TRUE_CTLS,
2649         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2650              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2651              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2652         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2653              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2654              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2655              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2656              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2657              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2658              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
2659         .features[FEAT_VMX_EXIT_CTLS] =
2660              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2661              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2662              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2663              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2664              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2665         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
2666              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
2667         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2668              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2669              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
2670         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2671              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2672              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2673              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2674              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2675              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2676              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2677              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2678              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2679              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2680              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2681              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2682         .features[FEAT_VMX_SECONDARY_CTLS] =
2683              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2684              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2685              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2686              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
2687              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
2688              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
2689              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
2690              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
2691              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
2692              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
2693         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
2694         .xlevel = 0x80000008,
2695         .model_id = "Intel Core Processor (Broadwell)",
2696         .versions = (X86CPUVersionDefinition[]) {
2697             { .version = 1 },
2698             {
2699                 .version = 2,
2700                 .alias = "Broadwell-noTSX",
2701                 .props = (PropValue[]) {
2702                     { "hle", "off" },
2703                     { "rtm", "off" },
2704                     { "model-id", "Intel Core Processor (Broadwell, no TSX)", },
2705                     { /* end of list */ }
2706                 },
2707             },
2708             {
2709                 .version = 3,
2710                 .alias = "Broadwell-IBRS",
2711                 .props = (PropValue[]) {
2712                     /* Restore TSX features removed by -v2 above */
2713                     { "hle", "on" },
2714                     { "rtm", "on" },
2715                     { "spec-ctrl", "on" },
2716                     { "model-id",
2717                       "Intel Core Processor (Broadwell, IBRS)" },
2718                     { /* end of list */ }
2719                 }
2720             },
2721             {
2722                 .version = 4,
2723                 .alias = "Broadwell-noTSX-IBRS",
2724                 .props = (PropValue[]) {
2725                     { "hle", "off" },
2726                     { "rtm", "off" },
2727                     /* spec-ctrl was already enabled by -v3 above */
2728                     { "model-id",
2729                       "Intel Core Processor (Broadwell, no TSX, IBRS)" },
2730                     { /* end of list */ }
2731                 }
2732             },
2733             { /* end of list */ }
2734         }
2735     },
2736     {
2737         .name = "Skylake-Client",
2738         .level = 0xd,
2739         .vendor = CPUID_VENDOR_INTEL,
2740         .family = 6,
2741         .model = 94,
2742         .stepping = 3,
2743         .features[FEAT_1_EDX] =
2744             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2745             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2746             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2747             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2748             CPUID_DE | CPUID_FP87,
2749         .features[FEAT_1_ECX] =
2750             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
2751             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
2752             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
2753             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
2754             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
2755             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
2756         .features[FEAT_8000_0001_EDX] =
2757             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
2758             CPUID_EXT2_SYSCALL,
2759         .features[FEAT_8000_0001_ECX] =
2760             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
2761         .features[FEAT_7_0_EBX] =
2762             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
2763             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
2764             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
2765             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
2766             CPUID_7_0_EBX_SMAP,
2767         /* XSAVES is added in version 4 */
2768         .features[FEAT_XSAVE] =
2769             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
2770             CPUID_XSAVE_XGETBV1,
2771         .features[FEAT_6_EAX] =
2772             CPUID_6_EAX_ARAT,
2773         /* Missing: Mode-based execute control (XS/XU), processor tracing, TSC scaling */
2774         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2775              MSR_VMX_BASIC_TRUE_CTLS,
2776         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2777              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2778              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2779         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2780              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2781              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2782              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2783              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2784              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2785              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
2786         .features[FEAT_VMX_EXIT_CTLS] =
2787              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2788              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2789              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2790              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2791              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2792         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
2793              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
2794         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2795              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2796              VMX_PIN_BASED_VMX_PREEMPTION_TIMER,
2797         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2798              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2799              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2800              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2801              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2802              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2803              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2804              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2805              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2806              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2807              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2808              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2809         .features[FEAT_VMX_SECONDARY_CTLS] =
2810              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2811              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2812              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2813              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
2814              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
2815              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
2816              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
2817         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
2818         .xlevel = 0x80000008,
2819         .model_id = "Intel Core Processor (Skylake)",
2820         .versions = (X86CPUVersionDefinition[]) {
2821             { .version = 1 },
2822             {
2823                 .version = 2,
2824                 .alias = "Skylake-Client-IBRS",
2825                 .props = (PropValue[]) {
2826                     { "spec-ctrl", "on" },
2827                     { "model-id",
2828                       "Intel Core Processor (Skylake, IBRS)" },
2829                     { /* end of list */ }
2830                 }
2831             },
2832             {
2833                 .version = 3,
2834                 .alias = "Skylake-Client-noTSX-IBRS",
2835                 .props = (PropValue[]) {
2836                     { "hle", "off" },
2837                     { "rtm", "off" },
2838                     { "model-id",
2839                       "Intel Core Processor (Skylake, IBRS, no TSX)" },
2840                     { /* end of list */ }
2841                 }
2842             },
2843             {
2844                 .version = 4,
2845                 .note = "IBRS, XSAVES, no TSX",
2846                 .props = (PropValue[]) {
2847                     { "xsaves", "on" },
2848                     { "vmx-xsaves", "on" },
2849                     { /* end of list */ }
2850                 }
2851             },
2852             { /* end of list */ }
2853         }
2854     },
2855     {
2856         .name = "Skylake-Server",
2857         .level = 0xd,
2858         .vendor = CPUID_VENDOR_INTEL,
2859         .family = 6,
2860         .model = 85,
2861         .stepping = 4,
2862         .features[FEAT_1_EDX] =
2863             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2864             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2865             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2866             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2867             CPUID_DE | CPUID_FP87,
2868         .features[FEAT_1_ECX] =
2869             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
2870             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
2871             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
2872             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
2873             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
2874             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
2875         .features[FEAT_8000_0001_EDX] =
2876             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
2877             CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
2878         .features[FEAT_8000_0001_ECX] =
2879             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
2880         .features[FEAT_7_0_EBX] =
2881             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
2882             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
2883             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
2884             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
2885             CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLWB |
2886             CPUID_7_0_EBX_AVX512F | CPUID_7_0_EBX_AVX512DQ |
2887             CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512CD |
2888             CPUID_7_0_EBX_AVX512VL | CPUID_7_0_EBX_CLFLUSHOPT,
2889         .features[FEAT_7_0_ECX] =
2890             CPUID_7_0_ECX_PKU,
2891         /* XSAVES is added in version 5 */
2892         .features[FEAT_XSAVE] =
2893             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
2894             CPUID_XSAVE_XGETBV1,
2895         .features[FEAT_6_EAX] =
2896             CPUID_6_EAX_ARAT,
2897         /* Missing: Mode-based execute control (XS/XU), processor tracing, TSC scaling */
2898         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2899              MSR_VMX_BASIC_TRUE_CTLS,
2900         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2901              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2902              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2903         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2904              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2905              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2906              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2907              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2908              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2909              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
2910         .features[FEAT_VMX_EXIT_CTLS] =
2911              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2912              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2913              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2914              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2915              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2916         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
2917              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
2918         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2919              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2920              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
2921         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2922              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2923              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2924              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2925              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2926              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2927              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2928              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2929              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2930              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2931              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2932              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2933         .features[FEAT_VMX_SECONDARY_CTLS] =
2934              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2935              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2936              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2937              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
2938              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
2939              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
2940              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
2941              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
2942              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
2943              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
2944         .xlevel = 0x80000008,
2945         .model_id = "Intel Xeon Processor (Skylake)",
2946         .versions = (X86CPUVersionDefinition[]) {
2947             { .version = 1 },
2948             {
2949                 .version = 2,
2950                 .alias = "Skylake-Server-IBRS",
2951                 .props = (PropValue[]) {
2952                     /* clflushopt was not added to Skylake-Server-IBRS */
2953                     /* TODO: add -v3 including clflushopt */
2954                     { "clflushopt", "off" },
2955                     { "spec-ctrl", "on" },
2956                     { "model-id",
2957                       "Intel Xeon Processor (Skylake, IBRS)" },
2958                     { /* end of list */ }
2959                 }
2960             },
2961             {
2962                 .version = 3,
2963                 .alias = "Skylake-Server-noTSX-IBRS",
2964                 .props = (PropValue[]) {
2965                     { "hle", "off" },
2966                     { "rtm", "off" },
2967                     { "model-id",
2968                       "Intel Xeon Processor (Skylake, IBRS, no TSX)" },
2969                     { /* end of list */ }
2970                 }
2971             },
2972             {
2973                 .version = 4,
2974                 .props = (PropValue[]) {
2975                     { "vmx-eptp-switching", "on" },
2976                     { /* end of list */ }
2977                 }
2978             },
2979             {
2980                 .version = 5,
2981                 .note = "IBRS, XSAVES, EPT switching, no TSX",
2982                 .props = (PropValue[]) {
2983                     { "xsaves", "on" },
2984                     { "vmx-xsaves", "on" },
2985                     { /* end of list */ }
2986                 }
2987             },
2988             { /* end of list */ }
2989         }
2990     },
2991     {
2992         .name = "Cascadelake-Server",
2993         .level = 0xd,
2994         .vendor = CPUID_VENDOR_INTEL,
2995         .family = 6,
2996         .model = 85,
2997         .stepping = 6,
2998         .features[FEAT_1_EDX] =
2999             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3000             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3001             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3002             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3003             CPUID_DE | CPUID_FP87,
3004         .features[FEAT_1_ECX] =
3005             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
3006             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
3007             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
3008             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
3009             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
3010             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
3011         .features[FEAT_8000_0001_EDX] =
3012             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
3013             CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
3014         .features[FEAT_8000_0001_ECX] =
3015             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
3016         .features[FEAT_7_0_EBX] =
3017             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
3018             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
3019             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
3020             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
3021             CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLWB |
3022             CPUID_7_0_EBX_AVX512F | CPUID_7_0_EBX_AVX512DQ |
3023             CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512CD |
3024             CPUID_7_0_EBX_AVX512VL | CPUID_7_0_EBX_CLFLUSHOPT,
3025         .features[FEAT_7_0_ECX] =
3026             CPUID_7_0_ECX_PKU |
3027             CPUID_7_0_ECX_AVX512VNNI,
3028         .features[FEAT_7_0_EDX] =
3029             CPUID_7_0_EDX_SPEC_CTRL | CPUID_7_0_EDX_SPEC_CTRL_SSBD,
3030         /* XSAVES is added in version 5 */
3031         .features[FEAT_XSAVE] =
3032             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
3033             CPUID_XSAVE_XGETBV1,
3034         .features[FEAT_6_EAX] =
3035             CPUID_6_EAX_ARAT,
3036         /* Missing: Mode-based execute control (XS/XU), processor tracing, TSC scaling */
3037         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
3038              MSR_VMX_BASIC_TRUE_CTLS,
3039         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
3040              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
3041              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
3042         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
3043              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
3044              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
3045              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3046              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3047              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3048              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
3049         .features[FEAT_VMX_EXIT_CTLS] =
3050              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3051              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3052              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
3053              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3054              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3055         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
3056              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
3057         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
3058              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
3059              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
3060         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3061              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3062              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3063              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3064              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3065              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3066              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3067              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3068              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3069              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3070              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3071              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3072         .features[FEAT_VMX_SECONDARY_CTLS] =
3073              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3074              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3075              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3076              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3077              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3078              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
3079              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
3080              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3081              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
3082              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
3083         .xlevel = 0x80000008,
3084         .model_id = "Intel Xeon Processor (Cascadelake)",
3085         .versions = (X86CPUVersionDefinition[]) {
3086             { .version = 1 },
3087             { .version = 2,
3088               .note = "ARCH_CAPABILITIES",
3089               .props = (PropValue[]) {
3090                   { "arch-capabilities", "on" },
3091                   { "rdctl-no", "on" },
3092                   { "ibrs-all", "on" },
3093                   { "skip-l1dfl-vmentry", "on" },
3094                   { "mds-no", "on" },
3095                   { /* end of list */ }
3096               },
3097             },
3098             { .version = 3,
3099               .alias = "Cascadelake-Server-noTSX",
3100               .note = "ARCH_CAPABILITIES, no TSX",
3101               .props = (PropValue[]) {
3102                   { "hle", "off" },
3103                   { "rtm", "off" },
3104                   { /* end of list */ }
3105               },
3106             },
3107             { .version = 4,
3108               .note = "ARCH_CAPABILITIES, no TSX",
3109               .props = (PropValue[]) {
3110                   { "vmx-eptp-switching", "on" },
3111                   { /* end of list */ }
3112               },
3113             },
3114             { .version = 5,
3115               .note = "ARCH_CAPABILITIES, EPT switching, XSAVES, no TSX",
3116               .props = (PropValue[]) {
3117                   { "xsaves", "on" },
3118                   { "vmx-xsaves", "on" },
3119                   { /* end of list */ }
3120               },
3121             },
3122             { /* end of list */ }
3123         }
3124     },
3125     {
3126         .name = "Cooperlake",
3127         .level = 0xd,
3128         .vendor = CPUID_VENDOR_INTEL,
3129         .family = 6,
3130         .model = 85,
3131         .stepping = 10,
3132         .features[FEAT_1_EDX] =
3133             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3134             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3135             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3136             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3137             CPUID_DE | CPUID_FP87,
3138         .features[FEAT_1_ECX] =
3139             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
3140             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
3141             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
3142             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
3143             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
3144             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
3145         .features[FEAT_8000_0001_EDX] =
3146             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
3147             CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
3148         .features[FEAT_8000_0001_ECX] =
3149             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
3150         .features[FEAT_7_0_EBX] =
3151             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
3152             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
3153             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
3154             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
3155             CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLWB |
3156             CPUID_7_0_EBX_AVX512F | CPUID_7_0_EBX_AVX512DQ |
3157             CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512CD |
3158             CPUID_7_0_EBX_AVX512VL | CPUID_7_0_EBX_CLFLUSHOPT,
3159         .features[FEAT_7_0_ECX] =
3160             CPUID_7_0_ECX_PKU |
3161             CPUID_7_0_ECX_AVX512VNNI,
3162         .features[FEAT_7_0_EDX] =
3163             CPUID_7_0_EDX_SPEC_CTRL | CPUID_7_0_EDX_STIBP |
3164             CPUID_7_0_EDX_SPEC_CTRL_SSBD | CPUID_7_0_EDX_ARCH_CAPABILITIES,
3165         .features[FEAT_ARCH_CAPABILITIES] =
3166             MSR_ARCH_CAP_RDCL_NO | MSR_ARCH_CAP_IBRS_ALL |
3167             MSR_ARCH_CAP_SKIP_L1DFL_VMENTRY | MSR_ARCH_CAP_MDS_NO |
3168             MSR_ARCH_CAP_PSCHANGE_MC_NO | MSR_ARCH_CAP_TAA_NO,
3169         .features[FEAT_7_1_EAX] =
3170             CPUID_7_1_EAX_AVX512_BF16,
3171         /* XSAVES is added in version 2 */
3172         .features[FEAT_XSAVE] =
3173             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
3174             CPUID_XSAVE_XGETBV1,
3175         .features[FEAT_6_EAX] =
3176             CPUID_6_EAX_ARAT,
3177         /* Missing: Mode-based execute control (XS/XU), processor tracing, TSC scaling */
3178         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
3179              MSR_VMX_BASIC_TRUE_CTLS,
3180         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
3181              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
3182              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
3183         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
3184              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
3185              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
3186              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3187              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3188              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3189              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
3190         .features[FEAT_VMX_EXIT_CTLS] =
3191              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3192              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3193              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
3194              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3195              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3196         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
3197              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
3198         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
3199              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
3200              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
3201         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3202              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3203              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3204              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3205              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3206              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3207              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3208              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3209              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3210              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3211              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3212              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3213         .features[FEAT_VMX_SECONDARY_CTLS] =
3214              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3215              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3216              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3217              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3218              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3219              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
3220              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
3221              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3222              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
3223              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
3224         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
3225         .xlevel = 0x80000008,
3226         .model_id = "Intel Xeon Processor (Cooperlake)",
3227         .versions = (X86CPUVersionDefinition[]) {
3228             { .version = 1 },
3229             { .version = 2,
3230               .note = "XSAVES",
3231               .props = (PropValue[]) {
3232                   { "xsaves", "on" },
3233                   { "vmx-xsaves", "on" },
3234                   { /* end of list */ }
3235               },
3236             },
3237             { /* end of list */ }
3238         }
3239     },
3240     {
3241         .name = "Icelake-Client",
3242         .level = 0xd,
3243         .vendor = CPUID_VENDOR_INTEL,
3244         .family = 6,
3245         .model = 126,
3246         .stepping = 0,
3247         .features[FEAT_1_EDX] =
3248             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3249             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3250             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3251             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3252             CPUID_DE | CPUID_FP87,
3253         .features[FEAT_1_ECX] =
3254             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
3255             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
3256             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
3257             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
3258             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
3259             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
3260         .features[FEAT_8000_0001_EDX] =
3261             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
3262             CPUID_EXT2_SYSCALL,
3263         .features[FEAT_8000_0001_ECX] =
3264             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
3265         .features[FEAT_8000_0008_EBX] =
3266             CPUID_8000_0008_EBX_WBNOINVD,
3267         .features[FEAT_7_0_EBX] =
3268             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
3269             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
3270             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
3271             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
3272             CPUID_7_0_EBX_SMAP,
3273         .features[FEAT_7_0_ECX] =
3274             CPUID_7_0_ECX_AVX512_VBMI | CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_PKU |
3275             CPUID_7_0_ECX_AVX512_VBMI2 | CPUID_7_0_ECX_GFNI |
3276             CPUID_7_0_ECX_VAES | CPUID_7_0_ECX_VPCLMULQDQ |
3277             CPUID_7_0_ECX_AVX512VNNI | CPUID_7_0_ECX_AVX512BITALG |
3278             CPUID_7_0_ECX_AVX512_VPOPCNTDQ,
3279         .features[FEAT_7_0_EDX] =
3280             CPUID_7_0_EDX_SPEC_CTRL | CPUID_7_0_EDX_SPEC_CTRL_SSBD,
3281         /* XSAVES is added in version 3 */
3282         .features[FEAT_XSAVE] =
3283             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
3284             CPUID_XSAVE_XGETBV1,
3285         .features[FEAT_6_EAX] =
3286             CPUID_6_EAX_ARAT,
3287         /* Missing: Mode-based execute control (XS/XU), processor tracing, TSC scaling */
3288         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
3289              MSR_VMX_BASIC_TRUE_CTLS,
3290         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
3291              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
3292              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
3293         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
3294              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
3295              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
3296              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3297              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3298              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3299              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
3300         .features[FEAT_VMX_EXIT_CTLS] =
3301              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3302              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3303              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
3304              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3305              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3306         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
3307              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
3308         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
3309              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
3310              VMX_PIN_BASED_VMX_PREEMPTION_TIMER,
3311         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3312              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3313              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3314              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3315              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3316              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3317              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3318              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3319              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3320              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3321              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3322              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3323         .features[FEAT_VMX_SECONDARY_CTLS] =
3324              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3325              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3326              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3327              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3328              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3329              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
3330              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
3331         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
3332         .xlevel = 0x80000008,
3333         .model_id = "Intel Core Processor (Icelake)",
3334         .versions = (X86CPUVersionDefinition[]) {
3335             {
3336                 .version = 1,
3337                 .note = "deprecated"
3338             },
3339             {
3340                 .version = 2,
3341                 .note = "no TSX, deprecated",
3342                 .alias = "Icelake-Client-noTSX",
3343                 .props = (PropValue[]) {
3344                     { "hle", "off" },
3345                     { "rtm", "off" },
3346                     { /* end of list */ }
3347                 },
3348             },
3349             {
3350                 .version = 3,
3351                 .note = "no TSX, XSAVES, deprecated",
3352                 .props = (PropValue[]) {
3353                     { "xsaves", "on" },
3354                     { "vmx-xsaves", "on" },
3355                     { /* end of list */ }
3356                 },
3357             },
3358             { /* end of list */ }
3359         },
3360         .deprecation_note = "use Icelake-Server instead"
3361     },
3362     {
3363         .name = "Icelake-Server",
3364         .level = 0xd,
3365         .vendor = CPUID_VENDOR_INTEL,
3366         .family = 6,
3367         .model = 134,
3368         .stepping = 0,
3369         .features[FEAT_1_EDX] =
3370             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3371             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3372             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3373             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3374             CPUID_DE | CPUID_FP87,
3375         .features[FEAT_1_ECX] =
3376             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
3377             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
3378             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
3379             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
3380             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
3381             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
3382         .features[FEAT_8000_0001_EDX] =
3383             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
3384             CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
3385         .features[FEAT_8000_0001_ECX] =
3386             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
3387         .features[FEAT_8000_0008_EBX] =
3388             CPUID_8000_0008_EBX_WBNOINVD,
3389         .features[FEAT_7_0_EBX] =
3390             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
3391             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
3392             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
3393             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
3394             CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLWB |
3395             CPUID_7_0_EBX_AVX512F | CPUID_7_0_EBX_AVX512DQ |
3396             CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512CD |
3397             CPUID_7_0_EBX_AVX512VL | CPUID_7_0_EBX_CLFLUSHOPT,
3398         .features[FEAT_7_0_ECX] =
3399             CPUID_7_0_ECX_AVX512_VBMI | CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_PKU |
3400             CPUID_7_0_ECX_AVX512_VBMI2 | CPUID_7_0_ECX_GFNI |
3401             CPUID_7_0_ECX_VAES | CPUID_7_0_ECX_VPCLMULQDQ |
3402             CPUID_7_0_ECX_AVX512VNNI | CPUID_7_0_ECX_AVX512BITALG |
3403             CPUID_7_0_ECX_AVX512_VPOPCNTDQ | CPUID_7_0_ECX_LA57,
3404         .features[FEAT_7_0_EDX] =
3405             CPUID_7_0_EDX_SPEC_CTRL | CPUID_7_0_EDX_SPEC_CTRL_SSBD,
3406         /* XSAVES is added in version 5 */
3407         .features[FEAT_XSAVE] =
3408             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
3409             CPUID_XSAVE_XGETBV1,
3410         .features[FEAT_6_EAX] =
3411             CPUID_6_EAX_ARAT,
3412         /* Missing: Mode-based execute control (XS/XU), processor tracing, TSC scaling */
3413         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
3414              MSR_VMX_BASIC_TRUE_CTLS,
3415         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
3416              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
3417              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
3418         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
3419              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
3420              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
3421              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3422              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3423              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3424              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
3425         .features[FEAT_VMX_EXIT_CTLS] =
3426              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3427              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3428              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
3429              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3430              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3431         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
3432              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
3433         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
3434              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
3435              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
3436         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3437              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3438              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3439              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3440              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3441              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3442              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3443              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3444              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3445              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3446              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3447              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3448         .features[FEAT_VMX_SECONDARY_CTLS] =
3449              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3450              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3451              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3452              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3453              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3454              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
3455              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
3456              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3457              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS,
3458         .xlevel = 0x80000008,
3459         .model_id = "Intel Xeon Processor (Icelake)",
3460         .versions = (X86CPUVersionDefinition[]) {
3461             { .version = 1 },
3462             {
3463                 .version = 2,
3464                 .note = "no TSX",
3465                 .alias = "Icelake-Server-noTSX",
3466                 .props = (PropValue[]) {
3467                     { "hle", "off" },
3468                     { "rtm", "off" },
3469                     { /* end of list */ }
3470                 },
3471             },
3472             {
3473                 .version = 3,
3474                 .props = (PropValue[]) {
3475                     { "arch-capabilities", "on" },
3476                     { "rdctl-no", "on" },
3477                     { "ibrs-all", "on" },
3478                     { "skip-l1dfl-vmentry", "on" },
3479                     { "mds-no", "on" },
3480                     { "pschange-mc-no", "on" },
3481                     { "taa-no", "on" },
3482                     { /* end of list */ }
3483                 },
3484             },
3485             {
3486                 .version = 4,
3487                 .props = (PropValue[]) {
3488                     { "sha-ni", "on" },
3489                     { "avx512ifma", "on" },
3490                     { "rdpid", "on" },
3491                     { "fsrm", "on" },
3492                     { "vmx-rdseed-exit", "on" },
3493                     { "vmx-pml", "on" },
3494                     { "vmx-eptp-switching", "on" },
3495                     { "model", "106" },
3496                     { /* end of list */ }
3497                 },
3498             },
3499             {
3500                 .version = 5,
3501                 .note = "XSAVES",
3502                 .props = (PropValue[]) {
3503                     { "xsaves", "on" },
3504                     { "vmx-xsaves", "on" },
3505                     { /* end of list */ }
3506                 },
3507             },
3508             { /* end of list */ }
3509         }
3510     },
3511     {
3512         .name = "Denverton",
3513         .level = 21,
3514         .vendor = CPUID_VENDOR_INTEL,
3515         .family = 6,
3516         .model = 95,
3517         .stepping = 1,
3518         .features[FEAT_1_EDX] =
3519             CPUID_FP87 | CPUID_VME | CPUID_DE | CPUID_PSE | CPUID_TSC |
3520             CPUID_MSR | CPUID_PAE | CPUID_MCE | CPUID_CX8 | CPUID_APIC |
3521             CPUID_SEP | CPUID_MTRR | CPUID_PGE | CPUID_MCA | CPUID_CMOV |
3522             CPUID_PAT | CPUID_PSE36 | CPUID_CLFLUSH | CPUID_MMX | CPUID_FXSR |
3523             CPUID_SSE | CPUID_SSE2,
3524         .features[FEAT_1_ECX] =
3525             CPUID_EXT_SSE3 | CPUID_EXT_PCLMULQDQ | CPUID_EXT_MONITOR |
3526             CPUID_EXT_SSSE3 | CPUID_EXT_CX16 | CPUID_EXT_SSE41 |
3527             CPUID_EXT_SSE42 | CPUID_EXT_X2APIC | CPUID_EXT_MOVBE |
3528             CPUID_EXT_POPCNT | CPUID_EXT_TSC_DEADLINE_TIMER |
3529             CPUID_EXT_AES | CPUID_EXT_XSAVE | CPUID_EXT_RDRAND,
3530         .features[FEAT_8000_0001_EDX] =
3531             CPUID_EXT2_SYSCALL | CPUID_EXT2_NX | CPUID_EXT2_PDPE1GB |
3532             CPUID_EXT2_RDTSCP | CPUID_EXT2_LM,
3533         .features[FEAT_8000_0001_ECX] =
3534             CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
3535         .features[FEAT_7_0_EBX] =
3536             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_ERMS |
3537             CPUID_7_0_EBX_MPX | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_SMAP |
3538             CPUID_7_0_EBX_CLFLUSHOPT | CPUID_7_0_EBX_SHA_NI,
3539         .features[FEAT_7_0_EDX] =
3540             CPUID_7_0_EDX_SPEC_CTRL | CPUID_7_0_EDX_ARCH_CAPABILITIES |
3541             CPUID_7_0_EDX_SPEC_CTRL_SSBD,
3542         /* XSAVES is added in version 3 */
3543         .features[FEAT_XSAVE] =
3544             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC | CPUID_XSAVE_XGETBV1,
3545         .features[FEAT_6_EAX] =
3546             CPUID_6_EAX_ARAT,
3547         .features[FEAT_ARCH_CAPABILITIES] =
3548             MSR_ARCH_CAP_RDCL_NO | MSR_ARCH_CAP_SKIP_L1DFL_VMENTRY,
3549         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
3550              MSR_VMX_BASIC_TRUE_CTLS,
3551         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
3552              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
3553              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
3554         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
3555              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
3556              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
3557              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3558              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3559              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3560              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
3561         .features[FEAT_VMX_EXIT_CTLS] =
3562              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3563              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3564              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
3565              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3566              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3567         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
3568              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
3569         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
3570              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
3571              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
3572         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3573              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3574              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3575              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3576              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3577              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3578              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3579              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3580              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3581              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3582              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3583              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3584         .features[FEAT_VMX_SECONDARY_CTLS] =
3585              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3586              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3587              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3588              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3589              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3590              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
3591              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
3592              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3593              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
3594              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
3595         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
3596         .xlevel = 0x80000008,
3597         .model_id = "Intel Atom Processor (Denverton)",
3598         .versions = (X86CPUVersionDefinition[]) {
3599             { .version = 1 },
3600             {
3601                 .version = 2,
3602                 .note = "no MPX, no MONITOR",
3603                 .props = (PropValue[]) {
3604                     { "monitor", "off" },
3605                     { "mpx", "off" },
3606                     { /* end of list */ },
3607                 },
3608             },
3609             {
3610                 .version = 3,
3611                 .note = "XSAVES, no MPX, no MONITOR",
3612                 .props = (PropValue[]) {
3613                     { "xsaves", "on" },
3614                     { "vmx-xsaves", "on" },
3615                     { /* end of list */ },
3616                 },
3617             },
3618             { /* end of list */ },
3619         },
3620     },
3621     {
3622         .name = "Snowridge",
3623         .level = 27,
3624         .vendor = CPUID_VENDOR_INTEL,
3625         .family = 6,
3626         .model = 134,
3627         .stepping = 1,
3628         .features[FEAT_1_EDX] =
3629             /* missing: CPUID_PN CPUID_IA64 */
3630             /* missing: CPUID_DTS, CPUID_HT, CPUID_TM, CPUID_PBE */
3631             CPUID_FP87 | CPUID_VME | CPUID_DE | CPUID_PSE |
3632             CPUID_TSC | CPUID_MSR | CPUID_PAE | CPUID_MCE |
3633             CPUID_CX8 | CPUID_APIC | CPUID_SEP |
3634             CPUID_MTRR | CPUID_PGE | CPUID_MCA | CPUID_CMOV |
3635             CPUID_PAT | CPUID_PSE36 | CPUID_CLFLUSH |
3636             CPUID_MMX |
3637             CPUID_FXSR | CPUID_SSE | CPUID_SSE2,
3638         .features[FEAT_1_ECX] =
3639             CPUID_EXT_SSE3 | CPUID_EXT_PCLMULQDQ | CPUID_EXT_MONITOR |
3640             CPUID_EXT_SSSE3 |
3641             CPUID_EXT_CX16 |
3642             CPUID_EXT_SSE41 |
3643             CPUID_EXT_SSE42 | CPUID_EXT_X2APIC | CPUID_EXT_MOVBE |
3644             CPUID_EXT_POPCNT |
3645             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_AES | CPUID_EXT_XSAVE |
3646             CPUID_EXT_RDRAND,
3647         .features[FEAT_8000_0001_EDX] =
3648             CPUID_EXT2_SYSCALL |
3649             CPUID_EXT2_NX |
3650             CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
3651             CPUID_EXT2_LM,
3652         .features[FEAT_8000_0001_ECX] =
3653             CPUID_EXT3_LAHF_LM |
3654             CPUID_EXT3_3DNOWPREFETCH,
3655         .features[FEAT_7_0_EBX] =
3656             CPUID_7_0_EBX_FSGSBASE |
3657             CPUID_7_0_EBX_SMEP |
3658             CPUID_7_0_EBX_ERMS |
3659             CPUID_7_0_EBX_MPX |  /* missing bits 13, 15 */
3660             CPUID_7_0_EBX_RDSEED |
3661             CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLFLUSHOPT |
3662             CPUID_7_0_EBX_CLWB |
3663             CPUID_7_0_EBX_SHA_NI,
3664         .features[FEAT_7_0_ECX] =
3665             CPUID_7_0_ECX_UMIP |
3666             /* missing bit 5 */
3667             CPUID_7_0_ECX_GFNI |
3668             CPUID_7_0_ECX_MOVDIRI | CPUID_7_0_ECX_CLDEMOTE |
3669             CPUID_7_0_ECX_MOVDIR64B,
3670         .features[FEAT_7_0_EDX] =
3671             CPUID_7_0_EDX_SPEC_CTRL |
3672             CPUID_7_0_EDX_ARCH_CAPABILITIES | CPUID_7_0_EDX_SPEC_CTRL_SSBD |
3673             CPUID_7_0_EDX_CORE_CAPABILITY,
3674         .features[FEAT_CORE_CAPABILITY] =
3675             MSR_CORE_CAP_SPLIT_LOCK_DETECT,
3676         /* XSAVES is is added in version 3 */
3677         .features[FEAT_XSAVE] =
3678             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
3679             CPUID_XSAVE_XGETBV1,
3680         .features[FEAT_6_EAX] =
3681             CPUID_6_EAX_ARAT,
3682         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
3683              MSR_VMX_BASIC_TRUE_CTLS,
3684         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
3685              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
3686              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
3687         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
3688              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
3689              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
3690              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3691              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3692              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3693              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
3694         .features[FEAT_VMX_EXIT_CTLS] =
3695              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3696              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3697              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
3698              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3699              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3700         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
3701              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
3702         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
3703              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
3704              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
3705         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3706              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3707              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3708              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3709              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3710              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3711              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3712              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3713              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3714              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3715              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3716              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3717         .features[FEAT_VMX_SECONDARY_CTLS] =
3718              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3719              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3720              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3721              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3722              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3723              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
3724              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
3725              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3726              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
3727              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
3728         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
3729         .xlevel = 0x80000008,
3730         .model_id = "Intel Atom Processor (SnowRidge)",
3731         .versions = (X86CPUVersionDefinition[]) {
3732             { .version = 1 },
3733             {
3734                 .version = 2,
3735                 .props = (PropValue[]) {
3736                     { "mpx", "off" },
3737                     { "model-id", "Intel Atom Processor (Snowridge, no MPX)" },
3738                     { /* end of list */ },
3739                 },
3740             },
3741             {
3742                 .version = 3,
3743                 .note = "XSAVES, no MPX",
3744                 .props = (PropValue[]) {
3745                     { "xsaves", "on" },
3746                     { "vmx-xsaves", "on" },
3747                     { /* end of list */ },
3748                 },
3749             },
3750             {
3751                 .version = 4,
3752                 .note = "no split lock detect",
3753                 .props = (PropValue[]) {
3754                     { "split-lock-detect", "off" },
3755                     { /* end of list */ },
3756                 },
3757             },
3758             { /* end of list */ },
3759         },
3760     },
3761     {
3762         .name = "KnightsMill",
3763         .level = 0xd,
3764         .vendor = CPUID_VENDOR_INTEL,
3765         .family = 6,
3766         .model = 133,
3767         .stepping = 0,
3768         .features[FEAT_1_EDX] =
3769             CPUID_VME | CPUID_SS | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR |
3770             CPUID_MMX | CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV |
3771             CPUID_MCA | CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC |
3772             CPUID_CX8 | CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC |
3773             CPUID_PSE | CPUID_DE | CPUID_FP87,
3774         .features[FEAT_1_ECX] =
3775             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
3776             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
3777             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
3778             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
3779             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
3780             CPUID_EXT_F16C | CPUID_EXT_RDRAND,
3781         .features[FEAT_8000_0001_EDX] =
3782             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
3783             CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
3784         .features[FEAT_8000_0001_ECX] =
3785             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
3786         .features[FEAT_7_0_EBX] =
3787             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_AVX2 |
3788             CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS |
3789             CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_AVX512F |
3790             CPUID_7_0_EBX_AVX512CD | CPUID_7_0_EBX_AVX512PF |
3791             CPUID_7_0_EBX_AVX512ER,
3792         .features[FEAT_7_0_ECX] =
3793             CPUID_7_0_ECX_AVX512_VPOPCNTDQ,
3794         .features[FEAT_7_0_EDX] =
3795             CPUID_7_0_EDX_AVX512_4VNNIW | CPUID_7_0_EDX_AVX512_4FMAPS,
3796         .features[FEAT_XSAVE] =
3797             CPUID_XSAVE_XSAVEOPT,
3798         .features[FEAT_6_EAX] =
3799             CPUID_6_EAX_ARAT,
3800         .xlevel = 0x80000008,
3801         .model_id = "Intel Xeon Phi Processor (Knights Mill)",
3802     },
3803     {
3804         .name = "Opteron_G1",
3805         .level = 5,
3806         .vendor = CPUID_VENDOR_AMD,
3807         .family = 15,
3808         .model = 6,
3809         .stepping = 1,
3810         .features[FEAT_1_EDX] =
3811             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3812             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3813             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3814             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3815             CPUID_DE | CPUID_FP87,
3816         .features[FEAT_1_ECX] =
3817             CPUID_EXT_SSE3,
3818         .features[FEAT_8000_0001_EDX] =
3819             CPUID_EXT2_LM | CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
3820         .xlevel = 0x80000008,
3821         .model_id = "AMD Opteron 240 (Gen 1 Class Opteron)",
3822     },
3823     {
3824         .name = "Opteron_G2",
3825         .level = 5,
3826         .vendor = CPUID_VENDOR_AMD,
3827         .family = 15,
3828         .model = 6,
3829         .stepping = 1,
3830         .features[FEAT_1_EDX] =
3831             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3832             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3833             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3834             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3835             CPUID_DE | CPUID_FP87,
3836         .features[FEAT_1_ECX] =
3837             CPUID_EXT_CX16 | CPUID_EXT_SSE3,
3838         .features[FEAT_8000_0001_EDX] =
3839             CPUID_EXT2_LM | CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
3840         .features[FEAT_8000_0001_ECX] =
3841             CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM,
3842         .xlevel = 0x80000008,
3843         .model_id = "AMD Opteron 22xx (Gen 2 Class Opteron)",
3844     },
3845     {
3846         .name = "Opteron_G3",
3847         .level = 5,
3848         .vendor = CPUID_VENDOR_AMD,
3849         .family = 16,
3850         .model = 2,
3851         .stepping = 3,
3852         .features[FEAT_1_EDX] =
3853             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3854             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3855             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3856             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3857             CPUID_DE | CPUID_FP87,
3858         .features[FEAT_1_ECX] =
3859             CPUID_EXT_POPCNT | CPUID_EXT_CX16 | CPUID_EXT_MONITOR |
3860             CPUID_EXT_SSE3,
3861         .features[FEAT_8000_0001_EDX] =
3862             CPUID_EXT2_LM | CPUID_EXT2_NX | CPUID_EXT2_SYSCALL |
3863             CPUID_EXT2_RDTSCP,
3864         .features[FEAT_8000_0001_ECX] =
3865             CPUID_EXT3_MISALIGNSSE | CPUID_EXT3_SSE4A |
3866             CPUID_EXT3_ABM | CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM,
3867         .xlevel = 0x80000008,
3868         .model_id = "AMD Opteron 23xx (Gen 3 Class Opteron)",
3869     },
3870     {
3871         .name = "Opteron_G4",
3872         .level = 0xd,
3873         .vendor = CPUID_VENDOR_AMD,
3874         .family = 21,
3875         .model = 1,
3876         .stepping = 2,
3877         .features[FEAT_1_EDX] =
3878             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3879             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3880             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3881             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3882             CPUID_DE | CPUID_FP87,
3883         .features[FEAT_1_ECX] =
3884             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
3885             CPUID_EXT_POPCNT | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
3886             CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | CPUID_EXT_PCLMULQDQ |
3887             CPUID_EXT_SSE3,
3888         .features[FEAT_8000_0001_EDX] =
3889             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_NX |
3890             CPUID_EXT2_SYSCALL | CPUID_EXT2_RDTSCP,
3891         .features[FEAT_8000_0001_ECX] =
3892             CPUID_EXT3_FMA4 | CPUID_EXT3_XOP |
3893             CPUID_EXT3_3DNOWPREFETCH | CPUID_EXT3_MISALIGNSSE |
3894             CPUID_EXT3_SSE4A | CPUID_EXT3_ABM | CPUID_EXT3_SVM |
3895             CPUID_EXT3_LAHF_LM,
3896         .features[FEAT_SVM] =
3897             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE,
3898         /* no xsaveopt! */
3899         .xlevel = 0x8000001A,
3900         .model_id = "AMD Opteron 62xx class CPU",
3901     },
3902     {
3903         .name = "Opteron_G5",
3904         .level = 0xd,
3905         .vendor = CPUID_VENDOR_AMD,
3906         .family = 21,
3907         .model = 2,
3908         .stepping = 0,
3909         .features[FEAT_1_EDX] =
3910             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3911             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3912             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3913             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3914             CPUID_DE | CPUID_FP87,
3915         .features[FEAT_1_ECX] =
3916             CPUID_EXT_F16C | CPUID_EXT_AVX | CPUID_EXT_XSAVE |
3917             CPUID_EXT_AES | CPUID_EXT_POPCNT | CPUID_EXT_SSE42 |
3918             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_FMA |
3919             CPUID_EXT_SSSE3 | CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3,
3920         .features[FEAT_8000_0001_EDX] =
3921             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_NX |
3922             CPUID_EXT2_SYSCALL | CPUID_EXT2_RDTSCP,
3923         .features[FEAT_8000_0001_ECX] =
3924             CPUID_EXT3_TBM | CPUID_EXT3_FMA4 | CPUID_EXT3_XOP |
3925             CPUID_EXT3_3DNOWPREFETCH | CPUID_EXT3_MISALIGNSSE |
3926             CPUID_EXT3_SSE4A | CPUID_EXT3_ABM | CPUID_EXT3_SVM |
3927             CPUID_EXT3_LAHF_LM,
3928         .features[FEAT_SVM] =
3929             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE,
3930         /* no xsaveopt! */
3931         .xlevel = 0x8000001A,
3932         .model_id = "AMD Opteron 63xx class CPU",
3933     },
3934     {
3935         .name = "EPYC",
3936         .level = 0xd,
3937         .vendor = CPUID_VENDOR_AMD,
3938         .family = 23,
3939         .model = 1,
3940         .stepping = 2,
3941         .features[FEAT_1_EDX] =
3942             CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | CPUID_CLFLUSH |
3943             CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | CPUID_PGE |
3944             CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | CPUID_MCE |
3945             CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | CPUID_DE |
3946             CPUID_VME | CPUID_FP87,
3947         .features[FEAT_1_ECX] =
3948             CPUID_EXT_RDRAND | CPUID_EXT_F16C | CPUID_EXT_AVX |
3949             CPUID_EXT_XSAVE | CPUID_EXT_AES |  CPUID_EXT_POPCNT |
3950             CPUID_EXT_MOVBE | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
3951             CPUID_EXT_CX16 | CPUID_EXT_FMA | CPUID_EXT_SSSE3 |
3952             CPUID_EXT_MONITOR | CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3,
3953         .features[FEAT_8000_0001_EDX] =
3954             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_PDPE1GB |
3955             CPUID_EXT2_FFXSR | CPUID_EXT2_MMXEXT | CPUID_EXT2_NX |
3956             CPUID_EXT2_SYSCALL,
3957         .features[FEAT_8000_0001_ECX] =
3958             CPUID_EXT3_OSVW | CPUID_EXT3_3DNOWPREFETCH |
3959             CPUID_EXT3_MISALIGNSSE | CPUID_EXT3_SSE4A | CPUID_EXT3_ABM |
3960             CPUID_EXT3_CR8LEG | CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM |
3961             CPUID_EXT3_TOPOEXT,
3962         .features[FEAT_7_0_EBX] =
3963             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_AVX2 |
3964             CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_RDSEED |
3965             CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLFLUSHOPT |
3966             CPUID_7_0_EBX_SHA_NI,
3967         .features[FEAT_XSAVE] =
3968             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
3969             CPUID_XSAVE_XGETBV1,
3970         .features[FEAT_6_EAX] =
3971             CPUID_6_EAX_ARAT,
3972         .features[FEAT_SVM] =
3973             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE,
3974         .xlevel = 0x8000001E,
3975         .model_id = "AMD EPYC Processor",
3976         .cache_info = &epyc_cache_info,
3977         .versions = (X86CPUVersionDefinition[]) {
3978             { .version = 1 },
3979             {
3980                 .version = 2,
3981                 .alias = "EPYC-IBPB",
3982                 .props = (PropValue[]) {
3983                     { "ibpb", "on" },
3984                     { "model-id",
3985                       "AMD EPYC Processor (with IBPB)" },
3986                     { /* end of list */ }
3987                 }
3988             },
3989             {
3990                 .version = 3,
3991                 .props = (PropValue[]) {
3992                     { "ibpb", "on" },
3993                     { "perfctr-core", "on" },
3994                     { "clzero", "on" },
3995                     { "xsaveerptr", "on" },
3996                     { "xsaves", "on" },
3997                     { "model-id",
3998                       "AMD EPYC Processor" },
3999                     { /* end of list */ }
4000                 }
4001             },
4002             { /* end of list */ }
4003         }
4004     },
4005     {
4006         .name = "Dhyana",
4007         .level = 0xd,
4008         .vendor = CPUID_VENDOR_HYGON,
4009         .family = 24,
4010         .model = 0,
4011         .stepping = 1,
4012         .features[FEAT_1_EDX] =
4013             CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | CPUID_CLFLUSH |
4014             CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | CPUID_PGE |
4015             CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | CPUID_MCE |
4016             CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | CPUID_DE |
4017             CPUID_VME | CPUID_FP87,
4018         .features[FEAT_1_ECX] =
4019             CPUID_EXT_RDRAND | CPUID_EXT_F16C | CPUID_EXT_AVX |
4020             CPUID_EXT_XSAVE | CPUID_EXT_POPCNT |
4021             CPUID_EXT_MOVBE | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
4022             CPUID_EXT_CX16 | CPUID_EXT_FMA | CPUID_EXT_SSSE3 |
4023             CPUID_EXT_MONITOR | CPUID_EXT_SSE3,
4024         .features[FEAT_8000_0001_EDX] =
4025             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_PDPE1GB |
4026             CPUID_EXT2_FFXSR | CPUID_EXT2_MMXEXT | CPUID_EXT2_NX |
4027             CPUID_EXT2_SYSCALL,
4028         .features[FEAT_8000_0001_ECX] =
4029             CPUID_EXT3_OSVW | CPUID_EXT3_3DNOWPREFETCH |
4030             CPUID_EXT3_MISALIGNSSE | CPUID_EXT3_SSE4A | CPUID_EXT3_ABM |
4031             CPUID_EXT3_CR8LEG | CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM |
4032             CPUID_EXT3_TOPOEXT,
4033         .features[FEAT_8000_0008_EBX] =
4034             CPUID_8000_0008_EBX_IBPB,
4035         .features[FEAT_7_0_EBX] =
4036             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_AVX2 |
4037             CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_RDSEED |
4038             CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLFLUSHOPT,
4039         /* XSAVES is added in version 2 */
4040         .features[FEAT_XSAVE] =
4041             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
4042             CPUID_XSAVE_XGETBV1,
4043         .features[FEAT_6_EAX] =
4044             CPUID_6_EAX_ARAT,
4045         .features[FEAT_SVM] =
4046             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE,
4047         .xlevel = 0x8000001E,
4048         .model_id = "Hygon Dhyana Processor",
4049         .cache_info = &epyc_cache_info,
4050         .versions = (X86CPUVersionDefinition[]) {
4051             { .version = 1 },
4052             { .version = 2,
4053               .note = "XSAVES",
4054               .props = (PropValue[]) {
4055                   { "xsaves", "on" },
4056                   { /* end of list */ }
4057               },
4058             },
4059             { /* end of list */ }
4060         }
4061     },
4062     {
4063         .name = "EPYC-Rome",
4064         .level = 0xd,
4065         .vendor = CPUID_VENDOR_AMD,
4066         .family = 23,
4067         .model = 49,
4068         .stepping = 0,
4069         .features[FEAT_1_EDX] =
4070             CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | CPUID_CLFLUSH |
4071             CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | CPUID_PGE |
4072             CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | CPUID_MCE |
4073             CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | CPUID_DE |
4074             CPUID_VME | CPUID_FP87,
4075         .features[FEAT_1_ECX] =
4076             CPUID_EXT_RDRAND | CPUID_EXT_F16C | CPUID_EXT_AVX |
4077             CPUID_EXT_XSAVE | CPUID_EXT_AES |  CPUID_EXT_POPCNT |
4078             CPUID_EXT_MOVBE | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
4079             CPUID_EXT_CX16 | CPUID_EXT_FMA | CPUID_EXT_SSSE3 |
4080             CPUID_EXT_MONITOR | CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3,
4081         .features[FEAT_8000_0001_EDX] =
4082             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_PDPE1GB |
4083             CPUID_EXT2_FFXSR | CPUID_EXT2_MMXEXT | CPUID_EXT2_NX |
4084             CPUID_EXT2_SYSCALL,
4085         .features[FEAT_8000_0001_ECX] =
4086             CPUID_EXT3_OSVW | CPUID_EXT3_3DNOWPREFETCH |
4087             CPUID_EXT3_MISALIGNSSE | CPUID_EXT3_SSE4A | CPUID_EXT3_ABM |
4088             CPUID_EXT3_CR8LEG | CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM |
4089             CPUID_EXT3_TOPOEXT | CPUID_EXT3_PERFCORE,
4090         .features[FEAT_8000_0008_EBX] =
4091             CPUID_8000_0008_EBX_CLZERO | CPUID_8000_0008_EBX_XSAVEERPTR |
4092             CPUID_8000_0008_EBX_WBNOINVD | CPUID_8000_0008_EBX_IBPB |
4093             CPUID_8000_0008_EBX_STIBP,
4094         .features[FEAT_7_0_EBX] =
4095             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_AVX2 |
4096             CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_RDSEED |
4097             CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLFLUSHOPT |
4098             CPUID_7_0_EBX_SHA_NI | CPUID_7_0_EBX_CLWB,
4099         .features[FEAT_7_0_ECX] =
4100             CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_RDPID,
4101         .features[FEAT_XSAVE] =
4102             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
4103             CPUID_XSAVE_XGETBV1 | CPUID_XSAVE_XSAVES,
4104         .features[FEAT_6_EAX] =
4105             CPUID_6_EAX_ARAT,
4106         .features[FEAT_SVM] =
4107             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE,
4108         .xlevel = 0x8000001E,
4109         .model_id = "AMD EPYC-Rome Processor",
4110         .cache_info = &epyc_rome_cache_info,
4111         .versions = (X86CPUVersionDefinition[]) {
4112             { .version = 1 },
4113             {
4114                 .version = 2,
4115                 .props = (PropValue[]) {
4116                     { "ibrs", "on" },
4117                     { "amd-ssbd", "on" },
4118                     { /* end of list */ }
4119                 }
4120             },
4121             { /* end of list */ }
4122         }
4123     },
4124     {
4125         .name = "EPYC-Milan",
4126         .level = 0xd,
4127         .vendor = CPUID_VENDOR_AMD,
4128         .family = 25,
4129         .model = 1,
4130         .stepping = 1,
4131         .features[FEAT_1_EDX] =
4132             CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | CPUID_CLFLUSH |
4133             CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | CPUID_PGE |
4134             CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | CPUID_MCE |
4135             CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | CPUID_DE |
4136             CPUID_VME | CPUID_FP87,
4137         .features[FEAT_1_ECX] =
4138             CPUID_EXT_RDRAND | CPUID_EXT_F16C | CPUID_EXT_AVX |
4139             CPUID_EXT_XSAVE | CPUID_EXT_AES |  CPUID_EXT_POPCNT |
4140             CPUID_EXT_MOVBE | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
4141             CPUID_EXT_CX16 | CPUID_EXT_FMA | CPUID_EXT_SSSE3 |
4142             CPUID_EXT_MONITOR | CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
4143             CPUID_EXT_PCID,
4144         .features[FEAT_8000_0001_EDX] =
4145             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_PDPE1GB |
4146             CPUID_EXT2_FFXSR | CPUID_EXT2_MMXEXT | CPUID_EXT2_NX |
4147             CPUID_EXT2_SYSCALL,
4148         .features[FEAT_8000_0001_ECX] =
4149             CPUID_EXT3_OSVW | CPUID_EXT3_3DNOWPREFETCH |
4150             CPUID_EXT3_MISALIGNSSE | CPUID_EXT3_SSE4A | CPUID_EXT3_ABM |
4151             CPUID_EXT3_CR8LEG | CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM |
4152             CPUID_EXT3_TOPOEXT | CPUID_EXT3_PERFCORE,
4153         .features[FEAT_8000_0008_EBX] =
4154             CPUID_8000_0008_EBX_CLZERO | CPUID_8000_0008_EBX_XSAVEERPTR |
4155             CPUID_8000_0008_EBX_WBNOINVD | CPUID_8000_0008_EBX_IBPB |
4156             CPUID_8000_0008_EBX_IBRS | CPUID_8000_0008_EBX_STIBP |
4157             CPUID_8000_0008_EBX_AMD_SSBD,
4158         .features[FEAT_7_0_EBX] =
4159             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_AVX2 |
4160             CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_RDSEED |
4161             CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLFLUSHOPT |
4162             CPUID_7_0_EBX_SHA_NI | CPUID_7_0_EBX_CLWB | CPUID_7_0_EBX_ERMS |
4163             CPUID_7_0_EBX_INVPCID,
4164         .features[FEAT_7_0_ECX] =
4165             CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_RDPID | CPUID_7_0_ECX_PKU,
4166         .features[FEAT_7_0_EDX] =
4167             CPUID_7_0_EDX_FSRM,
4168         .features[FEAT_XSAVE] =
4169             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
4170             CPUID_XSAVE_XGETBV1 | CPUID_XSAVE_XSAVES,
4171         .features[FEAT_6_EAX] =
4172             CPUID_6_EAX_ARAT,
4173         .features[FEAT_SVM] =
4174             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE | CPUID_SVM_SVME_ADDR_CHK,
4175         .xlevel = 0x8000001E,
4176         .model_id = "AMD EPYC-Milan Processor",
4177         .cache_info = &epyc_milan_cache_info,
4178     },
4179 };
4180 
4181 /*
4182  * We resolve CPU model aliases using -v1 when using "-machine
4183  * none", but this is just for compatibility while libvirt isn't
4184  * adapted to resolve CPU model versions before creating VMs.
4185  * See "Runnability guarantee of CPU models" at
4186  * docs/about/deprecated.rst.
4187  */
4188 X86CPUVersion default_cpu_version = 1;
4189 
4190 void x86_cpu_set_default_version(X86CPUVersion version)
4191 {
4192     /* Translating CPU_VERSION_AUTO to CPU_VERSION_AUTO doesn't make sense */
4193     assert(version != CPU_VERSION_AUTO);
4194     default_cpu_version = version;
4195 }
4196 
4197 static X86CPUVersion x86_cpu_model_last_version(const X86CPUModel *model)
4198 {
4199     int v = 0;
4200     const X86CPUVersionDefinition *vdef =
4201         x86_cpu_def_get_versions(model->cpudef);
4202     while (vdef->version) {
4203         v = vdef->version;
4204         vdef++;
4205     }
4206     return v;
4207 }
4208 
4209 /* Return the actual version being used for a specific CPU model */
4210 static X86CPUVersion x86_cpu_model_resolve_version(const X86CPUModel *model)
4211 {
4212     X86CPUVersion v = model->version;
4213     if (v == CPU_VERSION_AUTO) {
4214         v = default_cpu_version;
4215     }
4216     if (v == CPU_VERSION_LATEST) {
4217         return x86_cpu_model_last_version(model);
4218     }
4219     return v;
4220 }
4221 
4222 static Property max_x86_cpu_properties[] = {
4223     DEFINE_PROP_BOOL("migratable", X86CPU, migratable, true),
4224     DEFINE_PROP_BOOL("host-cache-info", X86CPU, cache_info_passthrough, false),
4225     DEFINE_PROP_END_OF_LIST()
4226 };
4227 
4228 static void max_x86_cpu_class_init(ObjectClass *oc, void *data)
4229 {
4230     DeviceClass *dc = DEVICE_CLASS(oc);
4231     X86CPUClass *xcc = X86_CPU_CLASS(oc);
4232 
4233     xcc->ordering = 9;
4234 
4235     xcc->model_description =
4236         "Enables all features supported by the accelerator in the current host";
4237 
4238     device_class_set_props(dc, max_x86_cpu_properties);
4239 }
4240 
4241 static void max_x86_cpu_initfn(Object *obj)
4242 {
4243     X86CPU *cpu = X86_CPU(obj);
4244 
4245     /* We can't fill the features array here because we don't know yet if
4246      * "migratable" is true or false.
4247      */
4248     cpu->max_features = true;
4249     object_property_set_bool(OBJECT(cpu), "pmu", true, &error_abort);
4250 
4251     /*
4252      * these defaults are used for TCG and all other accelerators
4253      * besides KVM and HVF, which overwrite these values
4254      */
4255     object_property_set_str(OBJECT(cpu), "vendor", CPUID_VENDOR_AMD,
4256                             &error_abort);
4257 #ifdef TARGET_X86_64
4258     object_property_set_int(OBJECT(cpu), "family", 15, &error_abort);
4259     object_property_set_int(OBJECT(cpu), "model", 107, &error_abort);
4260     object_property_set_int(OBJECT(cpu), "stepping", 1, &error_abort);
4261 #else
4262     object_property_set_int(OBJECT(cpu), "family", 6, &error_abort);
4263     object_property_set_int(OBJECT(cpu), "model", 6, &error_abort);
4264     object_property_set_int(OBJECT(cpu), "stepping", 3, &error_abort);
4265 #endif
4266     object_property_set_str(OBJECT(cpu), "model-id",
4267                             "QEMU TCG CPU version " QEMU_HW_VERSION,
4268                             &error_abort);
4269 }
4270 
4271 static const TypeInfo max_x86_cpu_type_info = {
4272     .name = X86_CPU_TYPE_NAME("max"),
4273     .parent = TYPE_X86_CPU,
4274     .instance_init = max_x86_cpu_initfn,
4275     .class_init = max_x86_cpu_class_init,
4276 };
4277 
4278 static char *feature_word_description(FeatureWordInfo *f, uint32_t bit)
4279 {
4280     assert(f->type == CPUID_FEATURE_WORD || f->type == MSR_FEATURE_WORD);
4281 
4282     switch (f->type) {
4283     case CPUID_FEATURE_WORD:
4284         {
4285             const char *reg = get_register_name_32(f->cpuid.reg);
4286             assert(reg);
4287             return g_strdup_printf("CPUID.%02XH:%s",
4288                                    f->cpuid.eax, reg);
4289         }
4290     case MSR_FEATURE_WORD:
4291         return g_strdup_printf("MSR(%02XH)",
4292                                f->msr.index);
4293     }
4294 
4295     return NULL;
4296 }
4297 
4298 static bool x86_cpu_have_filtered_features(X86CPU *cpu)
4299 {
4300     FeatureWord w;
4301 
4302     for (w = 0; w < FEATURE_WORDS; w++) {
4303         if (cpu->filtered_features[w]) {
4304             return true;
4305         }
4306     }
4307 
4308     return false;
4309 }
4310 
4311 static void mark_unavailable_features(X86CPU *cpu, FeatureWord w, uint64_t mask,
4312                                       const char *verbose_prefix)
4313 {
4314     CPUX86State *env = &cpu->env;
4315     FeatureWordInfo *f = &feature_word_info[w];
4316     int i;
4317 
4318     if (!cpu->force_features) {
4319         env->features[w] &= ~mask;
4320     }
4321     cpu->filtered_features[w] |= mask;
4322 
4323     if (!verbose_prefix) {
4324         return;
4325     }
4326 
4327     for (i = 0; i < 64; ++i) {
4328         if ((1ULL << i) & mask) {
4329             g_autofree char *feat_word_str = feature_word_description(f, i);
4330             warn_report("%s: %s%s%s [bit %d]",
4331                         verbose_prefix,
4332                         feat_word_str,
4333                         f->feat_names[i] ? "." : "",
4334                         f->feat_names[i] ? f->feat_names[i] : "", i);
4335         }
4336     }
4337 }
4338 
4339 static void x86_cpuid_version_get_family(Object *obj, Visitor *v,
4340                                          const char *name, void *opaque,
4341                                          Error **errp)
4342 {
4343     X86CPU *cpu = X86_CPU(obj);
4344     CPUX86State *env = &cpu->env;
4345     int64_t value;
4346 
4347     value = (env->cpuid_version >> 8) & 0xf;
4348     if (value == 0xf) {
4349         value += (env->cpuid_version >> 20) & 0xff;
4350     }
4351     visit_type_int(v, name, &value, errp);
4352 }
4353 
4354 static void x86_cpuid_version_set_family(Object *obj, Visitor *v,
4355                                          const char *name, void *opaque,
4356                                          Error **errp)
4357 {
4358     X86CPU *cpu = X86_CPU(obj);
4359     CPUX86State *env = &cpu->env;
4360     const int64_t min = 0;
4361     const int64_t max = 0xff + 0xf;
4362     int64_t value;
4363 
4364     if (!visit_type_int(v, name, &value, errp)) {
4365         return;
4366     }
4367     if (value < min || value > max) {
4368         error_setg(errp, QERR_PROPERTY_VALUE_OUT_OF_RANGE, "",
4369                    name ? name : "null", value, min, max);
4370         return;
4371     }
4372 
4373     env->cpuid_version &= ~0xff00f00;
4374     if (value > 0x0f) {
4375         env->cpuid_version |= 0xf00 | ((value - 0x0f) << 20);
4376     } else {
4377         env->cpuid_version |= value << 8;
4378     }
4379 }
4380 
4381 static void x86_cpuid_version_get_model(Object *obj, Visitor *v,
4382                                         const char *name, void *opaque,
4383                                         Error **errp)
4384 {
4385     X86CPU *cpu = X86_CPU(obj);
4386     CPUX86State *env = &cpu->env;
4387     int64_t value;
4388 
4389     value = (env->cpuid_version >> 4) & 0xf;
4390     value |= ((env->cpuid_version >> 16) & 0xf) << 4;
4391     visit_type_int(v, name, &value, errp);
4392 }
4393 
4394 static void x86_cpuid_version_set_model(Object *obj, Visitor *v,
4395                                         const char *name, void *opaque,
4396                                         Error **errp)
4397 {
4398     X86CPU *cpu = X86_CPU(obj);
4399     CPUX86State *env = &cpu->env;
4400     const int64_t min = 0;
4401     const int64_t max = 0xff;
4402     int64_t value;
4403 
4404     if (!visit_type_int(v, name, &value, errp)) {
4405         return;
4406     }
4407     if (value < min || value > max) {
4408         error_setg(errp, QERR_PROPERTY_VALUE_OUT_OF_RANGE, "",
4409                    name ? name : "null", value, min, max);
4410         return;
4411     }
4412 
4413     env->cpuid_version &= ~0xf00f0;
4414     env->cpuid_version |= ((value & 0xf) << 4) | ((value >> 4) << 16);
4415 }
4416 
4417 static void x86_cpuid_version_get_stepping(Object *obj, Visitor *v,
4418                                            const char *name, void *opaque,
4419                                            Error **errp)
4420 {
4421     X86CPU *cpu = X86_CPU(obj);
4422     CPUX86State *env = &cpu->env;
4423     int64_t value;
4424 
4425     value = env->cpuid_version & 0xf;
4426     visit_type_int(v, name, &value, errp);
4427 }
4428 
4429 static void x86_cpuid_version_set_stepping(Object *obj, Visitor *v,
4430                                            const char *name, void *opaque,
4431                                            Error **errp)
4432 {
4433     X86CPU *cpu = X86_CPU(obj);
4434     CPUX86State *env = &cpu->env;
4435     const int64_t min = 0;
4436     const int64_t max = 0xf;
4437     int64_t value;
4438 
4439     if (!visit_type_int(v, name, &value, errp)) {
4440         return;
4441     }
4442     if (value < min || value > max) {
4443         error_setg(errp, QERR_PROPERTY_VALUE_OUT_OF_RANGE, "",
4444                    name ? name : "null", value, min, max);
4445         return;
4446     }
4447 
4448     env->cpuid_version &= ~0xf;
4449     env->cpuid_version |= value & 0xf;
4450 }
4451 
4452 static char *x86_cpuid_get_vendor(Object *obj, Error **errp)
4453 {
4454     X86CPU *cpu = X86_CPU(obj);
4455     CPUX86State *env = &cpu->env;
4456     char *value;
4457 
4458     value = g_malloc(CPUID_VENDOR_SZ + 1);
4459     x86_cpu_vendor_words2str(value, env->cpuid_vendor1, env->cpuid_vendor2,
4460                              env->cpuid_vendor3);
4461     return value;
4462 }
4463 
4464 static void x86_cpuid_set_vendor(Object *obj, const char *value,
4465                                  Error **errp)
4466 {
4467     X86CPU *cpu = X86_CPU(obj);
4468     CPUX86State *env = &cpu->env;
4469     int i;
4470 
4471     if (strlen(value) != CPUID_VENDOR_SZ) {
4472         error_setg(errp, QERR_PROPERTY_VALUE_BAD, "", "vendor", value);
4473         return;
4474     }
4475 
4476     env->cpuid_vendor1 = 0;
4477     env->cpuid_vendor2 = 0;
4478     env->cpuid_vendor3 = 0;
4479     for (i = 0; i < 4; i++) {
4480         env->cpuid_vendor1 |= ((uint8_t)value[i    ]) << (8 * i);
4481         env->cpuid_vendor2 |= ((uint8_t)value[i + 4]) << (8 * i);
4482         env->cpuid_vendor3 |= ((uint8_t)value[i + 8]) << (8 * i);
4483     }
4484 }
4485 
4486 static char *x86_cpuid_get_model_id(Object *obj, Error **errp)
4487 {
4488     X86CPU *cpu = X86_CPU(obj);
4489     CPUX86State *env = &cpu->env;
4490     char *value;
4491     int i;
4492 
4493     value = g_malloc(48 + 1);
4494     for (i = 0; i < 48; i++) {
4495         value[i] = env->cpuid_model[i >> 2] >> (8 * (i & 3));
4496     }
4497     value[48] = '\0';
4498     return value;
4499 }
4500 
4501 static void x86_cpuid_set_model_id(Object *obj, const char *model_id,
4502                                    Error **errp)
4503 {
4504     X86CPU *cpu = X86_CPU(obj);
4505     CPUX86State *env = &cpu->env;
4506     int c, len, i;
4507 
4508     if (model_id == NULL) {
4509         model_id = "";
4510     }
4511     len = strlen(model_id);
4512     memset(env->cpuid_model, 0, 48);
4513     for (i = 0; i < 48; i++) {
4514         if (i >= len) {
4515             c = '\0';
4516         } else {
4517             c = (uint8_t)model_id[i];
4518         }
4519         env->cpuid_model[i >> 2] |= c << (8 * (i & 3));
4520     }
4521 }
4522 
4523 static void x86_cpuid_get_tsc_freq(Object *obj, Visitor *v, const char *name,
4524                                    void *opaque, Error **errp)
4525 {
4526     X86CPU *cpu = X86_CPU(obj);
4527     int64_t value;
4528 
4529     value = cpu->env.tsc_khz * 1000;
4530     visit_type_int(v, name, &value, errp);
4531 }
4532 
4533 static void x86_cpuid_set_tsc_freq(Object *obj, Visitor *v, const char *name,
4534                                    void *opaque, Error **errp)
4535 {
4536     X86CPU *cpu = X86_CPU(obj);
4537     const int64_t min = 0;
4538     const int64_t max = INT64_MAX;
4539     int64_t value;
4540 
4541     if (!visit_type_int(v, name, &value, errp)) {
4542         return;
4543     }
4544     if (value < min || value > max) {
4545         error_setg(errp, QERR_PROPERTY_VALUE_OUT_OF_RANGE, "",
4546                    name ? name : "null", value, min, max);
4547         return;
4548     }
4549 
4550     cpu->env.tsc_khz = cpu->env.user_tsc_khz = value / 1000;
4551 }
4552 
4553 /* Generic getter for "feature-words" and "filtered-features" properties */
4554 static void x86_cpu_get_feature_words(Object *obj, Visitor *v,
4555                                       const char *name, void *opaque,
4556                                       Error **errp)
4557 {
4558     uint64_t *array = (uint64_t *)opaque;
4559     FeatureWord w;
4560     X86CPUFeatureWordInfo word_infos[FEATURE_WORDS] = { };
4561     X86CPUFeatureWordInfoList list_entries[FEATURE_WORDS] = { };
4562     X86CPUFeatureWordInfoList *list = NULL;
4563 
4564     for (w = 0; w < FEATURE_WORDS; w++) {
4565         FeatureWordInfo *wi = &feature_word_info[w];
4566         /*
4567                 * We didn't have MSR features when "feature-words" was
4568                 *  introduced. Therefore skipped other type entries.
4569                 */
4570         if (wi->type != CPUID_FEATURE_WORD) {
4571             continue;
4572         }
4573         X86CPUFeatureWordInfo *qwi = &word_infos[w];
4574         qwi->cpuid_input_eax = wi->cpuid.eax;
4575         qwi->has_cpuid_input_ecx = wi->cpuid.needs_ecx;
4576         qwi->cpuid_input_ecx = wi->cpuid.ecx;
4577         qwi->cpuid_register = x86_reg_info_32[wi->cpuid.reg].qapi_enum;
4578         qwi->features = array[w];
4579 
4580         /* List will be in reverse order, but order shouldn't matter */
4581         list_entries[w].next = list;
4582         list_entries[w].value = &word_infos[w];
4583         list = &list_entries[w];
4584     }
4585 
4586     visit_type_X86CPUFeatureWordInfoList(v, "feature-words", &list, errp);
4587 }
4588 
4589 /* Convert all '_' in a feature string option name to '-', to make feature
4590  * name conform to QOM property naming rule, which uses '-' instead of '_'.
4591  */
4592 static inline void feat2prop(char *s)
4593 {
4594     while ((s = strchr(s, '_'))) {
4595         *s = '-';
4596     }
4597 }
4598 
4599 /* Return the feature property name for a feature flag bit */
4600 static const char *x86_cpu_feature_name(FeatureWord w, int bitnr)
4601 {
4602     const char *name;
4603     /* XSAVE components are automatically enabled by other features,
4604      * so return the original feature name instead
4605      */
4606     if (w == FEAT_XSAVE_COMP_LO || w == FEAT_XSAVE_COMP_HI) {
4607         int comp = (w == FEAT_XSAVE_COMP_HI) ? bitnr + 32 : bitnr;
4608 
4609         if (comp < ARRAY_SIZE(x86_ext_save_areas) &&
4610             x86_ext_save_areas[comp].bits) {
4611             w = x86_ext_save_areas[comp].feature;
4612             bitnr = ctz32(x86_ext_save_areas[comp].bits);
4613         }
4614     }
4615 
4616     assert(bitnr < 64);
4617     assert(w < FEATURE_WORDS);
4618     name = feature_word_info[w].feat_names[bitnr];
4619     assert(bitnr < 32 || !(name && feature_word_info[w].type == CPUID_FEATURE_WORD));
4620     return name;
4621 }
4622 
4623 /* Compatibily hack to maintain legacy +-feat semantic,
4624  * where +-feat overwrites any feature set by
4625  * feat=on|feat even if the later is parsed after +-feat
4626  * (i.e. "-x2apic,x2apic=on" will result in x2apic disabled)
4627  */
4628 static GList *plus_features, *minus_features;
4629 
4630 static gint compare_string(gconstpointer a, gconstpointer b)
4631 {
4632     return g_strcmp0(a, b);
4633 }
4634 
4635 /* Parse "+feature,-feature,feature=foo" CPU feature string
4636  */
4637 static void x86_cpu_parse_featurestr(const char *typename, char *features,
4638                                      Error **errp)
4639 {
4640     char *featurestr; /* Single 'key=value" string being parsed */
4641     static bool cpu_globals_initialized;
4642     bool ambiguous = false;
4643 
4644     if (cpu_globals_initialized) {
4645         return;
4646     }
4647     cpu_globals_initialized = true;
4648 
4649     if (!features) {
4650         return;
4651     }
4652 
4653     for (featurestr = strtok(features, ",");
4654          featurestr;
4655          featurestr = strtok(NULL, ",")) {
4656         const char *name;
4657         const char *val = NULL;
4658         char *eq = NULL;
4659         char num[32];
4660         GlobalProperty *prop;
4661 
4662         /* Compatibility syntax: */
4663         if (featurestr[0] == '+') {
4664             plus_features = g_list_append(plus_features,
4665                                           g_strdup(featurestr + 1));
4666             continue;
4667         } else if (featurestr[0] == '-') {
4668             minus_features = g_list_append(minus_features,
4669                                            g_strdup(featurestr + 1));
4670             continue;
4671         }
4672 
4673         eq = strchr(featurestr, '=');
4674         if (eq) {
4675             *eq++ = 0;
4676             val = eq;
4677         } else {
4678             val = "on";
4679         }
4680 
4681         feat2prop(featurestr);
4682         name = featurestr;
4683 
4684         if (g_list_find_custom(plus_features, name, compare_string)) {
4685             warn_report("Ambiguous CPU model string. "
4686                         "Don't mix both \"+%s\" and \"%s=%s\"",
4687                         name, name, val);
4688             ambiguous = true;
4689         }
4690         if (g_list_find_custom(minus_features, name, compare_string)) {
4691             warn_report("Ambiguous CPU model string. "
4692                         "Don't mix both \"-%s\" and \"%s=%s\"",
4693                         name, name, val);
4694             ambiguous = true;
4695         }
4696 
4697         /* Special case: */
4698         if (!strcmp(name, "tsc-freq")) {
4699             int ret;
4700             uint64_t tsc_freq;
4701 
4702             ret = qemu_strtosz_metric(val, NULL, &tsc_freq);
4703             if (ret < 0 || tsc_freq > INT64_MAX) {
4704                 error_setg(errp, "bad numerical value %s", val);
4705                 return;
4706             }
4707             snprintf(num, sizeof(num), "%" PRId64, tsc_freq);
4708             val = num;
4709             name = "tsc-frequency";
4710         }
4711 
4712         prop = g_new0(typeof(*prop), 1);
4713         prop->driver = typename;
4714         prop->property = g_strdup(name);
4715         prop->value = g_strdup(val);
4716         qdev_prop_register_global(prop);
4717     }
4718 
4719     if (ambiguous) {
4720         warn_report("Compatibility of ambiguous CPU model "
4721                     "strings won't be kept on future QEMU versions");
4722     }
4723 }
4724 
4725 static void x86_cpu_filter_features(X86CPU *cpu, bool verbose);
4726 
4727 /* Build a list with the name of all features on a feature word array */
4728 static void x86_cpu_list_feature_names(FeatureWordArray features,
4729                                        strList **list)
4730 {
4731     strList **tail = list;
4732     FeatureWord w;
4733 
4734     for (w = 0; w < FEATURE_WORDS; w++) {
4735         uint64_t filtered = features[w];
4736         int i;
4737         for (i = 0; i < 64; i++) {
4738             if (filtered & (1ULL << i)) {
4739                 QAPI_LIST_APPEND(tail, g_strdup(x86_cpu_feature_name(w, i)));
4740             }
4741         }
4742     }
4743 }
4744 
4745 static void x86_cpu_get_unavailable_features(Object *obj, Visitor *v,
4746                                              const char *name, void *opaque,
4747                                              Error **errp)
4748 {
4749     X86CPU *xc = X86_CPU(obj);
4750     strList *result = NULL;
4751 
4752     x86_cpu_list_feature_names(xc->filtered_features, &result);
4753     visit_type_strList(v, "unavailable-features", &result, errp);
4754 }
4755 
4756 /* Check for missing features that may prevent the CPU class from
4757  * running using the current machine and accelerator.
4758  */
4759 static void x86_cpu_class_check_missing_features(X86CPUClass *xcc,
4760                                                  strList **list)
4761 {
4762     strList **tail = list;
4763     X86CPU *xc;
4764     Error *err = NULL;
4765 
4766     if (xcc->host_cpuid_required && !accel_uses_host_cpuid()) {
4767         QAPI_LIST_APPEND(tail, g_strdup("kvm"));
4768         return;
4769     }
4770 
4771     xc = X86_CPU(object_new_with_class(OBJECT_CLASS(xcc)));
4772 
4773     x86_cpu_expand_features(xc, &err);
4774     if (err) {
4775         /* Errors at x86_cpu_expand_features should never happen,
4776          * but in case it does, just report the model as not
4777          * runnable at all using the "type" property.
4778          */
4779         QAPI_LIST_APPEND(tail, g_strdup("type"));
4780         error_free(err);
4781     }
4782 
4783     x86_cpu_filter_features(xc, false);
4784 
4785     x86_cpu_list_feature_names(xc->filtered_features, tail);
4786 
4787     object_unref(OBJECT(xc));
4788 }
4789 
4790 /* Print all cpuid feature names in featureset
4791  */
4792 static void listflags(GList *features)
4793 {
4794     size_t len = 0;
4795     GList *tmp;
4796 
4797     for (tmp = features; tmp; tmp = tmp->next) {
4798         const char *name = tmp->data;
4799         if ((len + strlen(name) + 1) >= 75) {
4800             qemu_printf("\n");
4801             len = 0;
4802         }
4803         qemu_printf("%s%s", len == 0 ? "  " : " ", name);
4804         len += strlen(name) + 1;
4805     }
4806     qemu_printf("\n");
4807 }
4808 
4809 /* Sort alphabetically by type name, respecting X86CPUClass::ordering. */
4810 static gint x86_cpu_list_compare(gconstpointer a, gconstpointer b)
4811 {
4812     ObjectClass *class_a = (ObjectClass *)a;
4813     ObjectClass *class_b = (ObjectClass *)b;
4814     X86CPUClass *cc_a = X86_CPU_CLASS(class_a);
4815     X86CPUClass *cc_b = X86_CPU_CLASS(class_b);
4816     int ret;
4817 
4818     if (cc_a->ordering != cc_b->ordering) {
4819         ret = cc_a->ordering - cc_b->ordering;
4820     } else {
4821         g_autofree char *name_a = x86_cpu_class_get_model_name(cc_a);
4822         g_autofree char *name_b = x86_cpu_class_get_model_name(cc_b);
4823         ret = strcmp(name_a, name_b);
4824     }
4825     return ret;
4826 }
4827 
4828 static GSList *get_sorted_cpu_model_list(void)
4829 {
4830     GSList *list = object_class_get_list(TYPE_X86_CPU, false);
4831     list = g_slist_sort(list, x86_cpu_list_compare);
4832     return list;
4833 }
4834 
4835 static char *x86_cpu_class_get_model_id(X86CPUClass *xc)
4836 {
4837     Object *obj = object_new_with_class(OBJECT_CLASS(xc));
4838     char *r = object_property_get_str(obj, "model-id", &error_abort);
4839     object_unref(obj);
4840     return r;
4841 }
4842 
4843 static char *x86_cpu_class_get_alias_of(X86CPUClass *cc)
4844 {
4845     X86CPUVersion version;
4846 
4847     if (!cc->model || !cc->model->is_alias) {
4848         return NULL;
4849     }
4850     version = x86_cpu_model_resolve_version(cc->model);
4851     if (version <= 0) {
4852         return NULL;
4853     }
4854     return x86_cpu_versioned_model_name(cc->model->cpudef, version);
4855 }
4856 
4857 static void x86_cpu_list_entry(gpointer data, gpointer user_data)
4858 {
4859     ObjectClass *oc = data;
4860     X86CPUClass *cc = X86_CPU_CLASS(oc);
4861     g_autofree char *name = x86_cpu_class_get_model_name(cc);
4862     g_autofree char *desc = g_strdup(cc->model_description);
4863     g_autofree char *alias_of = x86_cpu_class_get_alias_of(cc);
4864     g_autofree char *model_id = x86_cpu_class_get_model_id(cc);
4865 
4866     if (!desc && alias_of) {
4867         if (cc->model && cc->model->version == CPU_VERSION_AUTO) {
4868             desc = g_strdup("(alias configured by machine type)");
4869         } else {
4870             desc = g_strdup_printf("(alias of %s)", alias_of);
4871         }
4872     }
4873     if (!desc && cc->model && cc->model->note) {
4874         desc = g_strdup_printf("%s [%s]", model_id, cc->model->note);
4875     }
4876     if (!desc) {
4877         desc = g_strdup_printf("%s", model_id);
4878     }
4879 
4880     qemu_printf("x86 %-20s  %-58s\n", name, desc);
4881 }
4882 
4883 /* list available CPU models and flags */
4884 void x86_cpu_list(void)
4885 {
4886     int i, j;
4887     GSList *list;
4888     GList *names = NULL;
4889 
4890     qemu_printf("Available CPUs:\n");
4891     list = get_sorted_cpu_model_list();
4892     g_slist_foreach(list, x86_cpu_list_entry, NULL);
4893     g_slist_free(list);
4894 
4895     names = NULL;
4896     for (i = 0; i < ARRAY_SIZE(feature_word_info); i++) {
4897         FeatureWordInfo *fw = &feature_word_info[i];
4898         for (j = 0; j < 64; j++) {
4899             if (fw->feat_names[j]) {
4900                 names = g_list_append(names, (gpointer)fw->feat_names[j]);
4901             }
4902         }
4903     }
4904 
4905     names = g_list_sort(names, (GCompareFunc)strcmp);
4906 
4907     qemu_printf("\nRecognized CPUID flags:\n");
4908     listflags(names);
4909     qemu_printf("\n");
4910     g_list_free(names);
4911 }
4912 
4913 static void x86_cpu_definition_entry(gpointer data, gpointer user_data)
4914 {
4915     ObjectClass *oc = data;
4916     X86CPUClass *cc = X86_CPU_CLASS(oc);
4917     CpuDefinitionInfoList **cpu_list = user_data;
4918     CpuDefinitionInfo *info;
4919 
4920     info = g_malloc0(sizeof(*info));
4921     info->name = x86_cpu_class_get_model_name(cc);
4922     x86_cpu_class_check_missing_features(cc, &info->unavailable_features);
4923     info->has_unavailable_features = true;
4924     info->q_typename = g_strdup(object_class_get_name(oc));
4925     info->migration_safe = cc->migration_safe;
4926     info->has_migration_safe = true;
4927     info->q_static = cc->static_model;
4928     if (cc->model && cc->model->cpudef->deprecation_note) {
4929         info->deprecated = true;
4930     } else {
4931         info->deprecated = false;
4932     }
4933     /*
4934      * Old machine types won't report aliases, so that alias translation
4935      * doesn't break compatibility with previous QEMU versions.
4936      */
4937     if (default_cpu_version != CPU_VERSION_LEGACY) {
4938         info->alias_of = x86_cpu_class_get_alias_of(cc);
4939         info->has_alias_of = !!info->alias_of;
4940     }
4941 
4942     QAPI_LIST_PREPEND(*cpu_list, info);
4943 }
4944 
4945 CpuDefinitionInfoList *qmp_query_cpu_definitions(Error **errp)
4946 {
4947     CpuDefinitionInfoList *cpu_list = NULL;
4948     GSList *list = get_sorted_cpu_model_list();
4949     g_slist_foreach(list, x86_cpu_definition_entry, &cpu_list);
4950     g_slist_free(list);
4951     return cpu_list;
4952 }
4953 
4954 static uint64_t x86_cpu_get_supported_feature_word(FeatureWord w,
4955                                                    bool migratable_only)
4956 {
4957     FeatureWordInfo *wi = &feature_word_info[w];
4958     uint64_t r = 0;
4959 
4960     if (kvm_enabled()) {
4961         switch (wi->type) {
4962         case CPUID_FEATURE_WORD:
4963             r = kvm_arch_get_supported_cpuid(kvm_state, wi->cpuid.eax,
4964                                                         wi->cpuid.ecx,
4965                                                         wi->cpuid.reg);
4966             break;
4967         case MSR_FEATURE_WORD:
4968             r = kvm_arch_get_supported_msr_feature(kvm_state,
4969                         wi->msr.index);
4970             break;
4971         }
4972     } else if (hvf_enabled()) {
4973         if (wi->type != CPUID_FEATURE_WORD) {
4974             return 0;
4975         }
4976         r = hvf_get_supported_cpuid(wi->cpuid.eax,
4977                                     wi->cpuid.ecx,
4978                                     wi->cpuid.reg);
4979     } else if (tcg_enabled()) {
4980         r = wi->tcg_features;
4981     } else {
4982         return ~0;
4983     }
4984 #ifndef TARGET_X86_64
4985     if (w == FEAT_8000_0001_EDX) {
4986         r &= ~CPUID_EXT2_LM;
4987     }
4988 #endif
4989     if (migratable_only) {
4990         r &= x86_cpu_get_migratable_flags(w);
4991     }
4992     return r;
4993 }
4994 
4995 /*
4996  * Only for builtin_x86_defs models initialized with x86_register_cpudef_types.
4997  */
4998 void x86_cpu_apply_props(X86CPU *cpu, PropValue *props)
4999 {
5000     PropValue *pv;
5001     for (pv = props; pv->prop; pv++) {
5002         if (!pv->value) {
5003             continue;
5004         }
5005         object_property_parse(OBJECT(cpu), pv->prop, pv->value,
5006                               &error_abort);
5007     }
5008 }
5009 
5010 /*
5011  * Apply properties for the CPU model version specified in model.
5012  * Only for builtin_x86_defs models initialized with x86_register_cpudef_types.
5013  */
5014 
5015 static void x86_cpu_apply_version_props(X86CPU *cpu, X86CPUModel *model)
5016 {
5017     const X86CPUVersionDefinition *vdef;
5018     X86CPUVersion version = x86_cpu_model_resolve_version(model);
5019 
5020     if (version == CPU_VERSION_LEGACY) {
5021         return;
5022     }
5023 
5024     for (vdef = x86_cpu_def_get_versions(model->cpudef); vdef->version; vdef++) {
5025         PropValue *p;
5026 
5027         for (p = vdef->props; p && p->prop; p++) {
5028             object_property_parse(OBJECT(cpu), p->prop, p->value,
5029                                   &error_abort);
5030         }
5031 
5032         if (vdef->version == version) {
5033             break;
5034         }
5035     }
5036 
5037     /*
5038      * If we reached the end of the list, version number was invalid
5039      */
5040     assert(vdef->version == version);
5041 }
5042 
5043 /*
5044  * Load data from X86CPUDefinition into a X86CPU object.
5045  * Only for builtin_x86_defs models initialized with x86_register_cpudef_types.
5046  */
5047 static void x86_cpu_load_model(X86CPU *cpu, X86CPUModel *model)
5048 {
5049     const X86CPUDefinition *def = model->cpudef;
5050     CPUX86State *env = &cpu->env;
5051     FeatureWord w;
5052 
5053     /*NOTE: any property set by this function should be returned by
5054      * x86_cpu_static_props(), so static expansion of
5055      * query-cpu-model-expansion is always complete.
5056      */
5057 
5058     /* CPU models only set _minimum_ values for level/xlevel: */
5059     object_property_set_uint(OBJECT(cpu), "min-level", def->level,
5060                              &error_abort);
5061     object_property_set_uint(OBJECT(cpu), "min-xlevel", def->xlevel,
5062                              &error_abort);
5063 
5064     object_property_set_int(OBJECT(cpu), "family", def->family, &error_abort);
5065     object_property_set_int(OBJECT(cpu), "model", def->model, &error_abort);
5066     object_property_set_int(OBJECT(cpu), "stepping", def->stepping,
5067                             &error_abort);
5068     object_property_set_str(OBJECT(cpu), "model-id", def->model_id,
5069                             &error_abort);
5070     for (w = 0; w < FEATURE_WORDS; w++) {
5071         env->features[w] = def->features[w];
5072     }
5073 
5074     /* legacy-cache defaults to 'off' if CPU model provides cache info */
5075     cpu->legacy_cache = !def->cache_info;
5076 
5077     env->features[FEAT_1_ECX] |= CPUID_EXT_HYPERVISOR;
5078 
5079     /* sysenter isn't supported in compatibility mode on AMD,
5080      * syscall isn't supported in compatibility mode on Intel.
5081      * Normally we advertise the actual CPU vendor, but you can
5082      * override this using the 'vendor' property if you want to use
5083      * KVM's sysenter/syscall emulation in compatibility mode and
5084      * when doing cross vendor migration
5085      */
5086 
5087     /*
5088      * vendor property is set here but then overloaded with the
5089      * host cpu vendor for KVM and HVF.
5090      */
5091     object_property_set_str(OBJECT(cpu), "vendor", def->vendor, &error_abort);
5092 
5093     x86_cpu_apply_version_props(cpu, model);
5094 
5095     /*
5096      * Properties in versioned CPU model are not user specified features.
5097      * We can simply clear env->user_features here since it will be filled later
5098      * in x86_cpu_expand_features() based on plus_features and minus_features.
5099      */
5100     memset(&env->user_features, 0, sizeof(env->user_features));
5101 }
5102 
5103 static gchar *x86_gdb_arch_name(CPUState *cs)
5104 {
5105 #ifdef TARGET_X86_64
5106     return g_strdup("i386:x86-64");
5107 #else
5108     return g_strdup("i386");
5109 #endif
5110 }
5111 
5112 static void x86_cpu_cpudef_class_init(ObjectClass *oc, void *data)
5113 {
5114     X86CPUModel *model = data;
5115     X86CPUClass *xcc = X86_CPU_CLASS(oc);
5116     CPUClass *cc = CPU_CLASS(oc);
5117 
5118     xcc->model = model;
5119     xcc->migration_safe = true;
5120     cc->deprecation_note = model->cpudef->deprecation_note;
5121 }
5122 
5123 static void x86_register_cpu_model_type(const char *name, X86CPUModel *model)
5124 {
5125     g_autofree char *typename = x86_cpu_type_name(name);
5126     TypeInfo ti = {
5127         .name = typename,
5128         .parent = TYPE_X86_CPU,
5129         .class_init = x86_cpu_cpudef_class_init,
5130         .class_data = model,
5131     };
5132 
5133     type_register(&ti);
5134 }
5135 
5136 
5137 /*
5138  * register builtin_x86_defs;
5139  * "max", "base" and subclasses ("host") are not registered here.
5140  * See x86_cpu_register_types for all model registrations.
5141  */
5142 static void x86_register_cpudef_types(const X86CPUDefinition *def)
5143 {
5144     X86CPUModel *m;
5145     const X86CPUVersionDefinition *vdef;
5146 
5147     /* AMD aliases are handled at runtime based on CPUID vendor, so
5148      * they shouldn't be set on the CPU model table.
5149      */
5150     assert(!(def->features[FEAT_8000_0001_EDX] & CPUID_EXT2_AMD_ALIASES));
5151     /* catch mistakes instead of silently truncating model_id when too long */
5152     assert(def->model_id && strlen(def->model_id) <= 48);
5153 
5154     /* Unversioned model: */
5155     m = g_new0(X86CPUModel, 1);
5156     m->cpudef = def;
5157     m->version = CPU_VERSION_AUTO;
5158     m->is_alias = true;
5159     x86_register_cpu_model_type(def->name, m);
5160 
5161     /* Versioned models: */
5162 
5163     for (vdef = x86_cpu_def_get_versions(def); vdef->version; vdef++) {
5164         X86CPUModel *m = g_new0(X86CPUModel, 1);
5165         g_autofree char *name =
5166             x86_cpu_versioned_model_name(def, vdef->version);
5167         m->cpudef = def;
5168         m->version = vdef->version;
5169         m->note = vdef->note;
5170         x86_register_cpu_model_type(name, m);
5171 
5172         if (vdef->alias) {
5173             X86CPUModel *am = g_new0(X86CPUModel, 1);
5174             am->cpudef = def;
5175             am->version = vdef->version;
5176             am->is_alias = true;
5177             x86_register_cpu_model_type(vdef->alias, am);
5178         }
5179     }
5180 
5181 }
5182 
5183 uint32_t cpu_x86_virtual_addr_width(CPUX86State *env)
5184 {
5185     if  (env->features[FEAT_7_0_ECX] & CPUID_7_0_ECX_LA57) {
5186         return 57; /* 57 bits virtual */
5187     } else {
5188         return 48; /* 48 bits virtual */
5189     }
5190 }
5191 
5192 void cpu_x86_cpuid(CPUX86State *env, uint32_t index, uint32_t count,
5193                    uint32_t *eax, uint32_t *ebx,
5194                    uint32_t *ecx, uint32_t *edx)
5195 {
5196     X86CPU *cpu = env_archcpu(env);
5197     CPUState *cs = env_cpu(env);
5198     uint32_t die_offset;
5199     uint32_t limit;
5200     uint32_t signature[3];
5201     X86CPUTopoInfo topo_info;
5202 
5203     topo_info.dies_per_pkg = env->nr_dies;
5204     topo_info.cores_per_die = cs->nr_cores;
5205     topo_info.threads_per_core = cs->nr_threads;
5206 
5207     /* Calculate & apply limits for different index ranges */
5208     if (index >= 0xC0000000) {
5209         limit = env->cpuid_xlevel2;
5210     } else if (index >= 0x80000000) {
5211         limit = env->cpuid_xlevel;
5212     } else if (index >= 0x40000000) {
5213         limit = 0x40000001;
5214     } else {
5215         limit = env->cpuid_level;
5216     }
5217 
5218     if (index > limit) {
5219         /* Intel documentation states that invalid EAX input will
5220          * return the same information as EAX=cpuid_level
5221          * (Intel SDM Vol. 2A - Instruction Set Reference - CPUID)
5222          */
5223         index = env->cpuid_level;
5224     }
5225 
5226     switch(index) {
5227     case 0:
5228         *eax = env->cpuid_level;
5229         *ebx = env->cpuid_vendor1;
5230         *edx = env->cpuid_vendor2;
5231         *ecx = env->cpuid_vendor3;
5232         break;
5233     case 1:
5234         *eax = env->cpuid_version;
5235         *ebx = (cpu->apic_id << 24) |
5236                8 << 8; /* CLFLUSH size in quad words, Linux wants it. */
5237         *ecx = env->features[FEAT_1_ECX];
5238         if ((*ecx & CPUID_EXT_XSAVE) && (env->cr[4] & CR4_OSXSAVE_MASK)) {
5239             *ecx |= CPUID_EXT_OSXSAVE;
5240         }
5241         *edx = env->features[FEAT_1_EDX];
5242         if (cs->nr_cores * cs->nr_threads > 1) {
5243             *ebx |= (cs->nr_cores * cs->nr_threads) << 16;
5244             *edx |= CPUID_HT;
5245         }
5246         if (!cpu->enable_pmu) {
5247             *ecx &= ~CPUID_EXT_PDCM;
5248         }
5249         break;
5250     case 2:
5251         /* cache info: needed for Pentium Pro compatibility */
5252         if (cpu->cache_info_passthrough) {
5253             host_cpuid(index, 0, eax, ebx, ecx, edx);
5254             break;
5255         } else if (cpu->vendor_cpuid_only && IS_AMD_CPU(env)) {
5256             *eax = *ebx = *ecx = *edx = 0;
5257             break;
5258         }
5259         *eax = 1; /* Number of CPUID[EAX=2] calls required */
5260         *ebx = 0;
5261         if (!cpu->enable_l3_cache) {
5262             *ecx = 0;
5263         } else {
5264             *ecx = cpuid2_cache_descriptor(env->cache_info_cpuid2.l3_cache);
5265         }
5266         *edx = (cpuid2_cache_descriptor(env->cache_info_cpuid2.l1d_cache) << 16) |
5267                (cpuid2_cache_descriptor(env->cache_info_cpuid2.l1i_cache) <<  8) |
5268                (cpuid2_cache_descriptor(env->cache_info_cpuid2.l2_cache));
5269         break;
5270     case 4:
5271         /* cache info: needed for Core compatibility */
5272         if (cpu->cache_info_passthrough) {
5273             host_cpuid(index, count, eax, ebx, ecx, edx);
5274             /* QEMU gives out its own APIC IDs, never pass down bits 31..26.  */
5275             *eax &= ~0xFC000000;
5276             if ((*eax & 31) && cs->nr_cores > 1) {
5277                 *eax |= (cs->nr_cores - 1) << 26;
5278             }
5279         } else if (cpu->vendor_cpuid_only && IS_AMD_CPU(env)) {
5280             *eax = *ebx = *ecx = *edx = 0;
5281         } else {
5282             *eax = 0;
5283             switch (count) {
5284             case 0: /* L1 dcache info */
5285                 encode_cache_cpuid4(env->cache_info_cpuid4.l1d_cache,
5286                                     1, cs->nr_cores,
5287                                     eax, ebx, ecx, edx);
5288                 break;
5289             case 1: /* L1 icache info */
5290                 encode_cache_cpuid4(env->cache_info_cpuid4.l1i_cache,
5291                                     1, cs->nr_cores,
5292                                     eax, ebx, ecx, edx);
5293                 break;
5294             case 2: /* L2 cache info */
5295                 encode_cache_cpuid4(env->cache_info_cpuid4.l2_cache,
5296                                     cs->nr_threads, cs->nr_cores,
5297                                     eax, ebx, ecx, edx);
5298                 break;
5299             case 3: /* L3 cache info */
5300                 die_offset = apicid_die_offset(&topo_info);
5301                 if (cpu->enable_l3_cache) {
5302                     encode_cache_cpuid4(env->cache_info_cpuid4.l3_cache,
5303                                         (1 << die_offset), cs->nr_cores,
5304                                         eax, ebx, ecx, edx);
5305                     break;
5306                 }
5307                 /* fall through */
5308             default: /* end of info */
5309                 *eax = *ebx = *ecx = *edx = 0;
5310                 break;
5311             }
5312         }
5313         break;
5314     case 5:
5315         /* MONITOR/MWAIT Leaf */
5316         *eax = cpu->mwait.eax; /* Smallest monitor-line size in bytes */
5317         *ebx = cpu->mwait.ebx; /* Largest monitor-line size in bytes */
5318         *ecx = cpu->mwait.ecx; /* flags */
5319         *edx = cpu->mwait.edx; /* mwait substates */
5320         break;
5321     case 6:
5322         /* Thermal and Power Leaf */
5323         *eax = env->features[FEAT_6_EAX];
5324         *ebx = 0;
5325         *ecx = 0;
5326         *edx = 0;
5327         break;
5328     case 7:
5329         /* Structured Extended Feature Flags Enumeration Leaf */
5330         if (count == 0) {
5331             /* Maximum ECX value for sub-leaves */
5332             *eax = env->cpuid_level_func7;
5333             *ebx = env->features[FEAT_7_0_EBX]; /* Feature flags */
5334             *ecx = env->features[FEAT_7_0_ECX]; /* Feature flags */
5335             if ((*ecx & CPUID_7_0_ECX_PKU) && env->cr[4] & CR4_PKE_MASK) {
5336                 *ecx |= CPUID_7_0_ECX_OSPKE;
5337             }
5338             *edx = env->features[FEAT_7_0_EDX]; /* Feature flags */
5339 
5340             /*
5341              * SGX cannot be emulated in software.  If hardware does not
5342              * support enabling SGX and/or SGX flexible launch control,
5343              * then we need to update the VM's CPUID values accordingly.
5344              */
5345             if ((*ebx & CPUID_7_0_EBX_SGX) &&
5346                 (!kvm_enabled() ||
5347                  !(kvm_arch_get_supported_cpuid(cs->kvm_state, 0x7, 0, R_EBX) &
5348                     CPUID_7_0_EBX_SGX))) {
5349                 *ebx &= ~CPUID_7_0_EBX_SGX;
5350             }
5351 
5352             if ((*ecx & CPUID_7_0_ECX_SGX_LC) &&
5353                 (!(*ebx & CPUID_7_0_EBX_SGX) || !kvm_enabled() ||
5354                  !(kvm_arch_get_supported_cpuid(cs->kvm_state, 0x7, 0, R_ECX) &
5355                     CPUID_7_0_ECX_SGX_LC))) {
5356                 *ecx &= ~CPUID_7_0_ECX_SGX_LC;
5357             }
5358         } else if (count == 1) {
5359             *eax = env->features[FEAT_7_1_EAX];
5360             *ebx = 0;
5361             *ecx = 0;
5362             *edx = 0;
5363         } else {
5364             *eax = 0;
5365             *ebx = 0;
5366             *ecx = 0;
5367             *edx = 0;
5368         }
5369         break;
5370     case 9:
5371         /* Direct Cache Access Information Leaf */
5372         *eax = 0; /* Bits 0-31 in DCA_CAP MSR */
5373         *ebx = 0;
5374         *ecx = 0;
5375         *edx = 0;
5376         break;
5377     case 0xA:
5378         /* Architectural Performance Monitoring Leaf */
5379         if (kvm_enabled() && cpu->enable_pmu) {
5380             KVMState *s = cs->kvm_state;
5381 
5382             *eax = kvm_arch_get_supported_cpuid(s, 0xA, count, R_EAX);
5383             *ebx = kvm_arch_get_supported_cpuid(s, 0xA, count, R_EBX);
5384             *ecx = kvm_arch_get_supported_cpuid(s, 0xA, count, R_ECX);
5385             *edx = kvm_arch_get_supported_cpuid(s, 0xA, count, R_EDX);
5386         } else if (hvf_enabled() && cpu->enable_pmu) {
5387             *eax = hvf_get_supported_cpuid(0xA, count, R_EAX);
5388             *ebx = hvf_get_supported_cpuid(0xA, count, R_EBX);
5389             *ecx = hvf_get_supported_cpuid(0xA, count, R_ECX);
5390             *edx = hvf_get_supported_cpuid(0xA, count, R_EDX);
5391         } else {
5392             *eax = 0;
5393             *ebx = 0;
5394             *ecx = 0;
5395             *edx = 0;
5396         }
5397         break;
5398     case 0xB:
5399         /* Extended Topology Enumeration Leaf */
5400         if (!cpu->enable_cpuid_0xb) {
5401                 *eax = *ebx = *ecx = *edx = 0;
5402                 break;
5403         }
5404 
5405         *ecx = count & 0xff;
5406         *edx = cpu->apic_id;
5407 
5408         switch (count) {
5409         case 0:
5410             *eax = apicid_core_offset(&topo_info);
5411             *ebx = cs->nr_threads;
5412             *ecx |= CPUID_TOPOLOGY_LEVEL_SMT;
5413             break;
5414         case 1:
5415             *eax = apicid_pkg_offset(&topo_info);
5416             *ebx = cs->nr_cores * cs->nr_threads;
5417             *ecx |= CPUID_TOPOLOGY_LEVEL_CORE;
5418             break;
5419         default:
5420             *eax = 0;
5421             *ebx = 0;
5422             *ecx |= CPUID_TOPOLOGY_LEVEL_INVALID;
5423         }
5424 
5425         assert(!(*eax & ~0x1f));
5426         *ebx &= 0xffff; /* The count doesn't need to be reliable. */
5427         break;
5428     case 0x1F:
5429         /* V2 Extended Topology Enumeration Leaf */
5430         if (env->nr_dies < 2) {
5431             *eax = *ebx = *ecx = *edx = 0;
5432             break;
5433         }
5434 
5435         *ecx = count & 0xff;
5436         *edx = cpu->apic_id;
5437         switch (count) {
5438         case 0:
5439             *eax = apicid_core_offset(&topo_info);
5440             *ebx = cs->nr_threads;
5441             *ecx |= CPUID_TOPOLOGY_LEVEL_SMT;
5442             break;
5443         case 1:
5444             *eax = apicid_die_offset(&topo_info);
5445             *ebx = cs->nr_cores * cs->nr_threads;
5446             *ecx |= CPUID_TOPOLOGY_LEVEL_CORE;
5447             break;
5448         case 2:
5449             *eax = apicid_pkg_offset(&topo_info);
5450             *ebx = env->nr_dies * cs->nr_cores * cs->nr_threads;
5451             *ecx |= CPUID_TOPOLOGY_LEVEL_DIE;
5452             break;
5453         default:
5454             *eax = 0;
5455             *ebx = 0;
5456             *ecx |= CPUID_TOPOLOGY_LEVEL_INVALID;
5457         }
5458         assert(!(*eax & ~0x1f));
5459         *ebx &= 0xffff; /* The count doesn't need to be reliable. */
5460         break;
5461     case 0xD: {
5462         /* Processor Extended State */
5463         *eax = 0;
5464         *ebx = 0;
5465         *ecx = 0;
5466         *edx = 0;
5467         if (!(env->features[FEAT_1_ECX] & CPUID_EXT_XSAVE)) {
5468             break;
5469         }
5470 
5471         if (count == 0) {
5472             *ecx = xsave_area_size(x86_cpu_xsave_components(cpu));
5473             *eax = env->features[FEAT_XSAVE_COMP_LO];
5474             *edx = env->features[FEAT_XSAVE_COMP_HI];
5475             /*
5476              * The initial value of xcr0 and ebx == 0, On host without kvm
5477              * commit 412a3c41(e.g., CentOS 6), the ebx's value always == 0
5478              * even through guest update xcr0, this will crash some legacy guest
5479              * (e.g., CentOS 6), So set ebx == ecx to workaroud it.
5480              */
5481             *ebx = kvm_enabled() ? *ecx : xsave_area_size(env->xcr0);
5482         } else if (count == 1) {
5483             *eax = env->features[FEAT_XSAVE];
5484         } else if (count < ARRAY_SIZE(x86_ext_save_areas)) {
5485             if ((x86_cpu_xsave_components(cpu) >> count) & 1) {
5486                 const ExtSaveArea *esa = &x86_ext_save_areas[count];
5487                 *eax = esa->size;
5488                 *ebx = esa->offset;
5489             }
5490         }
5491         break;
5492     }
5493     case 0x12:
5494 #ifndef CONFIG_USER_ONLY
5495         if (!kvm_enabled() ||
5496             !(env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_SGX)) {
5497             *eax = *ebx = *ecx = *edx = 0;
5498             break;
5499         }
5500 
5501         /*
5502          * SGX sub-leafs CPUID.0x12.{0x2..N} enumerate EPC sections.  Retrieve
5503          * the EPC properties, e.g. confidentiality and integrity, from the
5504          * host's first EPC section, i.e. assume there is one EPC section or
5505          * that all EPC sections have the same security properties.
5506          */
5507         if (count > 1) {
5508             uint64_t epc_addr, epc_size;
5509 
5510             if (sgx_epc_get_section(count - 2, &epc_addr, &epc_size)) {
5511                 *eax = *ebx = *ecx = *edx = 0;
5512                 break;
5513             }
5514             host_cpuid(index, 2, eax, ebx, ecx, edx);
5515             *eax = (uint32_t)(epc_addr & 0xfffff000) | 0x1;
5516             *ebx = (uint32_t)(epc_addr >> 32);
5517             *ecx = (uint32_t)(epc_size & 0xfffff000) | (*ecx & 0xf);
5518             *edx = (uint32_t)(epc_size >> 32);
5519             break;
5520         }
5521 
5522         /*
5523          * SGX sub-leafs CPUID.0x12.{0x0,0x1} are heavily dependent on hardware
5524          * and KVM, i.e. QEMU cannot emulate features to override what KVM
5525          * supports.  Features can be further restricted by userspace, but not
5526          * made more permissive.
5527          */
5528         *eax = kvm_arch_get_supported_cpuid(cs->kvm_state, 0x12, count, R_EAX);
5529         *ebx = kvm_arch_get_supported_cpuid(cs->kvm_state, 0x12, count, R_EBX);
5530         *ecx = kvm_arch_get_supported_cpuid(cs->kvm_state, 0x12, count, R_ECX);
5531         *edx = kvm_arch_get_supported_cpuid(cs->kvm_state, 0x12, count, R_EDX);
5532 
5533         if (count == 0) {
5534             *eax &= env->features[FEAT_SGX_12_0_EAX];
5535             *ebx &= env->features[FEAT_SGX_12_0_EBX];
5536         } else {
5537             *eax &= env->features[FEAT_SGX_12_1_EAX];
5538             *ebx &= 0; /* ebx reserve */
5539             *ecx &= env->features[FEAT_XSAVE_COMP_LO];
5540             *edx &= env->features[FEAT_XSAVE_COMP_HI];
5541 
5542             /* FP and SSE are always allowed regardless of XSAVE/XCR0. */
5543             *ecx |= XSTATE_FP_MASK | XSTATE_SSE_MASK;
5544 
5545             /* Access to PROVISIONKEY requires additional credentials. */
5546             if ((*eax & (1U << 4)) &&
5547                 !kvm_enable_sgx_provisioning(cs->kvm_state)) {
5548                 *eax &= ~(1U << 4);
5549             }
5550         }
5551 #endif
5552         break;
5553     case 0x14: {
5554         /* Intel Processor Trace Enumeration */
5555         *eax = 0;
5556         *ebx = 0;
5557         *ecx = 0;
5558         *edx = 0;
5559         if (!(env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_INTEL_PT) ||
5560             !kvm_enabled()) {
5561             break;
5562         }
5563 
5564         if (count == 0) {
5565             *eax = INTEL_PT_MAX_SUBLEAF;
5566             *ebx = INTEL_PT_MINIMAL_EBX;
5567             *ecx = INTEL_PT_MINIMAL_ECX;
5568             if (env->features[FEAT_14_0_ECX] & CPUID_14_0_ECX_LIP) {
5569                 *ecx |= CPUID_14_0_ECX_LIP;
5570             }
5571         } else if (count == 1) {
5572             *eax = INTEL_PT_MTC_BITMAP | INTEL_PT_ADDR_RANGES_NUM;
5573             *ebx = INTEL_PT_PSB_BITMAP | INTEL_PT_CYCLE_BITMAP;
5574         }
5575         break;
5576     }
5577     case 0x40000000:
5578         /*
5579          * CPUID code in kvm_arch_init_vcpu() ignores stuff
5580          * set here, but we restrict to TCG none the less.
5581          */
5582         if (tcg_enabled() && cpu->expose_tcg) {
5583             memcpy(signature, "TCGTCGTCGTCG", 12);
5584             *eax = 0x40000001;
5585             *ebx = signature[0];
5586             *ecx = signature[1];
5587             *edx = signature[2];
5588         } else {
5589             *eax = 0;
5590             *ebx = 0;
5591             *ecx = 0;
5592             *edx = 0;
5593         }
5594         break;
5595     case 0x40000001:
5596         *eax = 0;
5597         *ebx = 0;
5598         *ecx = 0;
5599         *edx = 0;
5600         break;
5601     case 0x80000000:
5602         *eax = env->cpuid_xlevel;
5603         *ebx = env->cpuid_vendor1;
5604         *edx = env->cpuid_vendor2;
5605         *ecx = env->cpuid_vendor3;
5606         break;
5607     case 0x80000001:
5608         *eax = env->cpuid_version;
5609         *ebx = 0;
5610         *ecx = env->features[FEAT_8000_0001_ECX];
5611         *edx = env->features[FEAT_8000_0001_EDX];
5612 
5613         /* The Linux kernel checks for the CMPLegacy bit and
5614          * discards multiple thread information if it is set.
5615          * So don't set it here for Intel to make Linux guests happy.
5616          */
5617         if (cs->nr_cores * cs->nr_threads > 1) {
5618             if (env->cpuid_vendor1 != CPUID_VENDOR_INTEL_1 ||
5619                 env->cpuid_vendor2 != CPUID_VENDOR_INTEL_2 ||
5620                 env->cpuid_vendor3 != CPUID_VENDOR_INTEL_3) {
5621                 *ecx |= 1 << 1;    /* CmpLegacy bit */
5622             }
5623         }
5624         break;
5625     case 0x80000002:
5626     case 0x80000003:
5627     case 0x80000004:
5628         *eax = env->cpuid_model[(index - 0x80000002) * 4 + 0];
5629         *ebx = env->cpuid_model[(index - 0x80000002) * 4 + 1];
5630         *ecx = env->cpuid_model[(index - 0x80000002) * 4 + 2];
5631         *edx = env->cpuid_model[(index - 0x80000002) * 4 + 3];
5632         break;
5633     case 0x80000005:
5634         /* cache info (L1 cache) */
5635         if (cpu->cache_info_passthrough) {
5636             host_cpuid(index, 0, eax, ebx, ecx, edx);
5637             break;
5638         }
5639         *eax = (L1_DTLB_2M_ASSOC << 24) | (L1_DTLB_2M_ENTRIES << 16) |
5640                (L1_ITLB_2M_ASSOC <<  8) | (L1_ITLB_2M_ENTRIES);
5641         *ebx = (L1_DTLB_4K_ASSOC << 24) | (L1_DTLB_4K_ENTRIES << 16) |
5642                (L1_ITLB_4K_ASSOC <<  8) | (L1_ITLB_4K_ENTRIES);
5643         *ecx = encode_cache_cpuid80000005(env->cache_info_amd.l1d_cache);
5644         *edx = encode_cache_cpuid80000005(env->cache_info_amd.l1i_cache);
5645         break;
5646     case 0x80000006:
5647         /* cache info (L2 cache) */
5648         if (cpu->cache_info_passthrough) {
5649             host_cpuid(index, 0, eax, ebx, ecx, edx);
5650             break;
5651         }
5652         *eax = (AMD_ENC_ASSOC(L2_DTLB_2M_ASSOC) << 28) |
5653                (L2_DTLB_2M_ENTRIES << 16) |
5654                (AMD_ENC_ASSOC(L2_ITLB_2M_ASSOC) << 12) |
5655                (L2_ITLB_2M_ENTRIES);
5656         *ebx = (AMD_ENC_ASSOC(L2_DTLB_4K_ASSOC) << 28) |
5657                (L2_DTLB_4K_ENTRIES << 16) |
5658                (AMD_ENC_ASSOC(L2_ITLB_4K_ASSOC) << 12) |
5659                (L2_ITLB_4K_ENTRIES);
5660         encode_cache_cpuid80000006(env->cache_info_amd.l2_cache,
5661                                    cpu->enable_l3_cache ?
5662                                    env->cache_info_amd.l3_cache : NULL,
5663                                    ecx, edx);
5664         break;
5665     case 0x80000007:
5666         *eax = 0;
5667         *ebx = 0;
5668         *ecx = 0;
5669         *edx = env->features[FEAT_8000_0007_EDX];
5670         break;
5671     case 0x80000008:
5672         /* virtual & phys address size in low 2 bytes. */
5673         *eax = cpu->phys_bits;
5674         if (env->features[FEAT_8000_0001_EDX] & CPUID_EXT2_LM) {
5675             /* 64 bit processor */
5676              *eax |= (cpu_x86_virtual_addr_width(env) << 8);
5677         }
5678         *ebx = env->features[FEAT_8000_0008_EBX];
5679         if (cs->nr_cores * cs->nr_threads > 1) {
5680             /*
5681              * Bits 15:12 is "The number of bits in the initial
5682              * Core::X86::Apic::ApicId[ApicId] value that indicate
5683              * thread ID within a package".
5684              * Bits 7:0 is "The number of threads in the package is NC+1"
5685              */
5686             *ecx = (apicid_pkg_offset(&topo_info) << 12) |
5687                    ((cs->nr_cores * cs->nr_threads) - 1);
5688         } else {
5689             *ecx = 0;
5690         }
5691         *edx = 0;
5692         break;
5693     case 0x8000000A:
5694         if (env->features[FEAT_8000_0001_ECX] & CPUID_EXT3_SVM) {
5695             *eax = 0x00000001; /* SVM Revision */
5696             *ebx = 0x00000010; /* nr of ASIDs */
5697             *ecx = 0;
5698             *edx = env->features[FEAT_SVM]; /* optional features */
5699         } else {
5700             *eax = 0;
5701             *ebx = 0;
5702             *ecx = 0;
5703             *edx = 0;
5704         }
5705         break;
5706     case 0x8000001D:
5707         *eax = 0;
5708         if (cpu->cache_info_passthrough) {
5709             host_cpuid(index, count, eax, ebx, ecx, edx);
5710             break;
5711         }
5712         switch (count) {
5713         case 0: /* L1 dcache info */
5714             encode_cache_cpuid8000001d(env->cache_info_amd.l1d_cache,
5715                                        &topo_info, eax, ebx, ecx, edx);
5716             break;
5717         case 1: /* L1 icache info */
5718             encode_cache_cpuid8000001d(env->cache_info_amd.l1i_cache,
5719                                        &topo_info, eax, ebx, ecx, edx);
5720             break;
5721         case 2: /* L2 cache info */
5722             encode_cache_cpuid8000001d(env->cache_info_amd.l2_cache,
5723                                        &topo_info, eax, ebx, ecx, edx);
5724             break;
5725         case 3: /* L3 cache info */
5726             encode_cache_cpuid8000001d(env->cache_info_amd.l3_cache,
5727                                        &topo_info, eax, ebx, ecx, edx);
5728             break;
5729         default: /* end of info */
5730             *eax = *ebx = *ecx = *edx = 0;
5731             break;
5732         }
5733         break;
5734     case 0x8000001E:
5735         if (cpu->core_id <= 255) {
5736             encode_topo_cpuid8000001e(cpu, &topo_info, eax, ebx, ecx, edx);
5737         } else {
5738             *eax = 0;
5739             *ebx = 0;
5740             *ecx = 0;
5741             *edx = 0;
5742         }
5743         break;
5744     case 0xC0000000:
5745         *eax = env->cpuid_xlevel2;
5746         *ebx = 0;
5747         *ecx = 0;
5748         *edx = 0;
5749         break;
5750     case 0xC0000001:
5751         /* Support for VIA CPU's CPUID instruction */
5752         *eax = env->cpuid_version;
5753         *ebx = 0;
5754         *ecx = 0;
5755         *edx = env->features[FEAT_C000_0001_EDX];
5756         break;
5757     case 0xC0000002:
5758     case 0xC0000003:
5759     case 0xC0000004:
5760         /* Reserved for the future, and now filled with zero */
5761         *eax = 0;
5762         *ebx = 0;
5763         *ecx = 0;
5764         *edx = 0;
5765         break;
5766     case 0x8000001F:
5767         *eax = *ebx = *ecx = *edx = 0;
5768         if (sev_enabled()) {
5769             *eax = 0x2;
5770             *eax |= sev_es_enabled() ? 0x8 : 0;
5771             *ebx = sev_get_cbit_position();
5772             *ebx |= sev_get_reduced_phys_bits() << 6;
5773         }
5774         break;
5775     default:
5776         /* reserved values: zero */
5777         *eax = 0;
5778         *ebx = 0;
5779         *ecx = 0;
5780         *edx = 0;
5781         break;
5782     }
5783 }
5784 
5785 static void x86_cpu_set_sgxlepubkeyhash(CPUX86State *env)
5786 {
5787 #ifndef CONFIG_USER_ONLY
5788     /* Those default values are defined in Skylake HW */
5789     env->msr_ia32_sgxlepubkeyhash[0] = 0xa6053e051270b7acULL;
5790     env->msr_ia32_sgxlepubkeyhash[1] = 0x6cfbe8ba8b3b413dULL;
5791     env->msr_ia32_sgxlepubkeyhash[2] = 0xc4916d99f2b3735dULL;
5792     env->msr_ia32_sgxlepubkeyhash[3] = 0xd4f8c05909f9bb3bULL;
5793 #endif
5794 }
5795 
5796 static void x86_cpu_reset(DeviceState *dev)
5797 {
5798     CPUState *s = CPU(dev);
5799     X86CPU *cpu = X86_CPU(s);
5800     X86CPUClass *xcc = X86_CPU_GET_CLASS(cpu);
5801     CPUX86State *env = &cpu->env;
5802     target_ulong cr4;
5803     uint64_t xcr0;
5804     int i;
5805 
5806     xcc->parent_reset(dev);
5807 
5808     memset(env, 0, offsetof(CPUX86State, end_reset_fields));
5809 
5810     env->old_exception = -1;
5811 
5812     /* init to reset state */
5813     env->int_ctl = 0;
5814     env->hflags2 |= HF2_GIF_MASK;
5815     env->hflags2 |= HF2_VGIF_MASK;
5816     env->hflags &= ~HF_GUEST_MASK;
5817 
5818     cpu_x86_update_cr0(env, 0x60000010);
5819     env->a20_mask = ~0x0;
5820     env->smbase = 0x30000;
5821     env->msr_smi_count = 0;
5822 
5823     env->idt.limit = 0xffff;
5824     env->gdt.limit = 0xffff;
5825     env->ldt.limit = 0xffff;
5826     env->ldt.flags = DESC_P_MASK | (2 << DESC_TYPE_SHIFT);
5827     env->tr.limit = 0xffff;
5828     env->tr.flags = DESC_P_MASK | (11 << DESC_TYPE_SHIFT);
5829 
5830     cpu_x86_load_seg_cache(env, R_CS, 0xf000, 0xffff0000, 0xffff,
5831                            DESC_P_MASK | DESC_S_MASK | DESC_CS_MASK |
5832                            DESC_R_MASK | DESC_A_MASK);
5833     cpu_x86_load_seg_cache(env, R_DS, 0, 0, 0xffff,
5834                            DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
5835                            DESC_A_MASK);
5836     cpu_x86_load_seg_cache(env, R_ES, 0, 0, 0xffff,
5837                            DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
5838                            DESC_A_MASK);
5839     cpu_x86_load_seg_cache(env, R_SS, 0, 0, 0xffff,
5840                            DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
5841                            DESC_A_MASK);
5842     cpu_x86_load_seg_cache(env, R_FS, 0, 0, 0xffff,
5843                            DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
5844                            DESC_A_MASK);
5845     cpu_x86_load_seg_cache(env, R_GS, 0, 0, 0xffff,
5846                            DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
5847                            DESC_A_MASK);
5848 
5849     env->eip = 0xfff0;
5850     env->regs[R_EDX] = env->cpuid_version;
5851 
5852     env->eflags = 0x2;
5853 
5854     /* FPU init */
5855     for (i = 0; i < 8; i++) {
5856         env->fptags[i] = 1;
5857     }
5858     cpu_set_fpuc(env, 0x37f);
5859 
5860     env->mxcsr = 0x1f80;
5861     /* All units are in INIT state.  */
5862     env->xstate_bv = 0;
5863 
5864     env->pat = 0x0007040600070406ULL;
5865     env->msr_ia32_misc_enable = MSR_IA32_MISC_ENABLE_DEFAULT;
5866     if (env->features[FEAT_1_ECX] & CPUID_EXT_MONITOR) {
5867         env->msr_ia32_misc_enable |= MSR_IA32_MISC_ENABLE_MWAIT;
5868     }
5869 
5870     memset(env->dr, 0, sizeof(env->dr));
5871     env->dr[6] = DR6_FIXED_1;
5872     env->dr[7] = DR7_FIXED_1;
5873     cpu_breakpoint_remove_all(s, BP_CPU);
5874     cpu_watchpoint_remove_all(s, BP_CPU);
5875 
5876     cr4 = 0;
5877     xcr0 = XSTATE_FP_MASK;
5878 
5879 #ifdef CONFIG_USER_ONLY
5880     /* Enable all the features for user-mode.  */
5881     if (env->features[FEAT_1_EDX] & CPUID_SSE) {
5882         xcr0 |= XSTATE_SSE_MASK;
5883     }
5884     for (i = 2; i < ARRAY_SIZE(x86_ext_save_areas); i++) {
5885         const ExtSaveArea *esa = &x86_ext_save_areas[i];
5886         if (env->features[esa->feature] & esa->bits) {
5887             xcr0 |= 1ull << i;
5888         }
5889     }
5890 
5891     if (env->features[FEAT_1_ECX] & CPUID_EXT_XSAVE) {
5892         cr4 |= CR4_OSFXSR_MASK | CR4_OSXSAVE_MASK;
5893     }
5894     if (env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_FSGSBASE) {
5895         cr4 |= CR4_FSGSBASE_MASK;
5896     }
5897 #endif
5898 
5899     env->xcr0 = xcr0;
5900     cpu_x86_update_cr4(env, cr4);
5901 
5902     /*
5903      * SDM 11.11.5 requires:
5904      *  - IA32_MTRR_DEF_TYPE MSR.E = 0
5905      *  - IA32_MTRR_PHYSMASKn.V = 0
5906      * All other bits are undefined.  For simplification, zero it all.
5907      */
5908     env->mtrr_deftype = 0;
5909     memset(env->mtrr_var, 0, sizeof(env->mtrr_var));
5910     memset(env->mtrr_fixed, 0, sizeof(env->mtrr_fixed));
5911 
5912     env->interrupt_injected = -1;
5913     env->exception_nr = -1;
5914     env->exception_pending = 0;
5915     env->exception_injected = 0;
5916     env->exception_has_payload = false;
5917     env->exception_payload = 0;
5918     env->nmi_injected = false;
5919 #if !defined(CONFIG_USER_ONLY)
5920     /* We hard-wire the BSP to the first CPU. */
5921     apic_designate_bsp(cpu->apic_state, s->cpu_index == 0);
5922 
5923     s->halted = !cpu_is_bsp(cpu);
5924 
5925     if (kvm_enabled()) {
5926         kvm_arch_reset_vcpu(cpu);
5927     }
5928 
5929     x86_cpu_set_sgxlepubkeyhash(env);
5930 #endif
5931 }
5932 
5933 static void mce_init(X86CPU *cpu)
5934 {
5935     CPUX86State *cenv = &cpu->env;
5936     unsigned int bank;
5937 
5938     if (((cenv->cpuid_version >> 8) & 0xf) >= 6
5939         && (cenv->features[FEAT_1_EDX] & (CPUID_MCE | CPUID_MCA)) ==
5940             (CPUID_MCE | CPUID_MCA)) {
5941         cenv->mcg_cap = MCE_CAP_DEF | MCE_BANKS_DEF |
5942                         (cpu->enable_lmce ? MCG_LMCE_P : 0);
5943         cenv->mcg_ctl = ~(uint64_t)0;
5944         for (bank = 0; bank < MCE_BANKS_DEF; bank++) {
5945             cenv->mce_banks[bank * 4] = ~(uint64_t)0;
5946         }
5947     }
5948 }
5949 
5950 static void x86_cpu_adjust_level(X86CPU *cpu, uint32_t *min, uint32_t value)
5951 {
5952     if (*min < value) {
5953         *min = value;
5954     }
5955 }
5956 
5957 /* Increase cpuid_min_{level,xlevel,xlevel2} automatically, if appropriate */
5958 static void x86_cpu_adjust_feat_level(X86CPU *cpu, FeatureWord w)
5959 {
5960     CPUX86State *env = &cpu->env;
5961     FeatureWordInfo *fi = &feature_word_info[w];
5962     uint32_t eax = fi->cpuid.eax;
5963     uint32_t region = eax & 0xF0000000;
5964 
5965     assert(feature_word_info[w].type == CPUID_FEATURE_WORD);
5966     if (!env->features[w]) {
5967         return;
5968     }
5969 
5970     switch (region) {
5971     case 0x00000000:
5972         x86_cpu_adjust_level(cpu, &env->cpuid_min_level, eax);
5973     break;
5974     case 0x80000000:
5975         x86_cpu_adjust_level(cpu, &env->cpuid_min_xlevel, eax);
5976     break;
5977     case 0xC0000000:
5978         x86_cpu_adjust_level(cpu, &env->cpuid_min_xlevel2, eax);
5979     break;
5980     }
5981 
5982     if (eax == 7) {
5983         x86_cpu_adjust_level(cpu, &env->cpuid_min_level_func7,
5984                              fi->cpuid.ecx);
5985     }
5986 }
5987 
5988 /* Calculate XSAVE components based on the configured CPU feature flags */
5989 static void x86_cpu_enable_xsave_components(X86CPU *cpu)
5990 {
5991     CPUX86State *env = &cpu->env;
5992     int i;
5993     uint64_t mask;
5994 
5995     if (!(env->features[FEAT_1_ECX] & CPUID_EXT_XSAVE)) {
5996         env->features[FEAT_XSAVE_COMP_LO] = 0;
5997         env->features[FEAT_XSAVE_COMP_HI] = 0;
5998         return;
5999     }
6000 
6001     mask = 0;
6002     for (i = 0; i < ARRAY_SIZE(x86_ext_save_areas); i++) {
6003         const ExtSaveArea *esa = &x86_ext_save_areas[i];
6004         if (env->features[esa->feature] & esa->bits) {
6005             mask |= (1ULL << i);
6006         }
6007     }
6008 
6009     env->features[FEAT_XSAVE_COMP_LO] = mask;
6010     env->features[FEAT_XSAVE_COMP_HI] = mask >> 32;
6011 }
6012 
6013 /***** Steps involved on loading and filtering CPUID data
6014  *
6015  * When initializing and realizing a CPU object, the steps
6016  * involved in setting up CPUID data are:
6017  *
6018  * 1) Loading CPU model definition (X86CPUDefinition). This is
6019  *    implemented by x86_cpu_load_model() and should be completely
6020  *    transparent, as it is done automatically by instance_init.
6021  *    No code should need to look at X86CPUDefinition structs
6022  *    outside instance_init.
6023  *
6024  * 2) CPU expansion. This is done by realize before CPUID
6025  *    filtering, and will make sure host/accelerator data is
6026  *    loaded for CPU models that depend on host capabilities
6027  *    (e.g. "host"). Done by x86_cpu_expand_features().
6028  *
6029  * 3) CPUID filtering. This initializes extra data related to
6030  *    CPUID, and checks if the host supports all capabilities
6031  *    required by the CPU. Runnability of a CPU model is
6032  *    determined at this step. Done by x86_cpu_filter_features().
6033  *
6034  * Some operations don't require all steps to be performed.
6035  * More precisely:
6036  *
6037  * - CPU instance creation (instance_init) will run only CPU
6038  *   model loading. CPU expansion can't run at instance_init-time
6039  *   because host/accelerator data may be not available yet.
6040  * - CPU realization will perform both CPU model expansion and CPUID
6041  *   filtering, and return an error in case one of them fails.
6042  * - query-cpu-definitions needs to run all 3 steps. It needs
6043  *   to run CPUID filtering, as the 'unavailable-features'
6044  *   field is set based on the filtering results.
6045  * - The query-cpu-model-expansion QMP command only needs to run
6046  *   CPU model loading and CPU expansion. It should not filter
6047  *   any CPUID data based on host capabilities.
6048  */
6049 
6050 /* Expand CPU configuration data, based on configured features
6051  * and host/accelerator capabilities when appropriate.
6052  */
6053 void x86_cpu_expand_features(X86CPU *cpu, Error **errp)
6054 {
6055     CPUX86State *env = &cpu->env;
6056     FeatureWord w;
6057     int i;
6058     GList *l;
6059 
6060     for (l = plus_features; l; l = l->next) {
6061         const char *prop = l->data;
6062         if (!object_property_set_bool(OBJECT(cpu), prop, true, errp)) {
6063             return;
6064         }
6065     }
6066 
6067     for (l = minus_features; l; l = l->next) {
6068         const char *prop = l->data;
6069         if (!object_property_set_bool(OBJECT(cpu), prop, false, errp)) {
6070             return;
6071         }
6072     }
6073 
6074     /*TODO: Now cpu->max_features doesn't overwrite features
6075      * set using QOM properties, and we can convert
6076      * plus_features & minus_features to global properties
6077      * inside x86_cpu_parse_featurestr() too.
6078      */
6079     if (cpu->max_features) {
6080         for (w = 0; w < FEATURE_WORDS; w++) {
6081             /* Override only features that weren't set explicitly
6082              * by the user.
6083              */
6084             env->features[w] |=
6085                 x86_cpu_get_supported_feature_word(w, cpu->migratable) &
6086                 ~env->user_features[w] &
6087                 ~feature_word_info[w].no_autoenable_flags;
6088         }
6089     }
6090 
6091     for (i = 0; i < ARRAY_SIZE(feature_dependencies); i++) {
6092         FeatureDep *d = &feature_dependencies[i];
6093         if (!(env->features[d->from.index] & d->from.mask)) {
6094             uint64_t unavailable_features = env->features[d->to.index] & d->to.mask;
6095 
6096             /* Not an error unless the dependent feature was added explicitly.  */
6097             mark_unavailable_features(cpu, d->to.index,
6098                                       unavailable_features & env->user_features[d->to.index],
6099                                       "This feature depends on other features that were not requested");
6100 
6101             env->features[d->to.index] &= ~unavailable_features;
6102         }
6103     }
6104 
6105     if (!kvm_enabled() || !cpu->expose_kvm) {
6106         env->features[FEAT_KVM] = 0;
6107     }
6108 
6109     x86_cpu_enable_xsave_components(cpu);
6110 
6111     /* CPUID[EAX=7,ECX=0].EBX always increased level automatically: */
6112     x86_cpu_adjust_feat_level(cpu, FEAT_7_0_EBX);
6113     if (cpu->full_cpuid_auto_level) {
6114         x86_cpu_adjust_feat_level(cpu, FEAT_1_EDX);
6115         x86_cpu_adjust_feat_level(cpu, FEAT_1_ECX);
6116         x86_cpu_adjust_feat_level(cpu, FEAT_6_EAX);
6117         x86_cpu_adjust_feat_level(cpu, FEAT_7_0_ECX);
6118         x86_cpu_adjust_feat_level(cpu, FEAT_7_1_EAX);
6119         x86_cpu_adjust_feat_level(cpu, FEAT_8000_0001_EDX);
6120         x86_cpu_adjust_feat_level(cpu, FEAT_8000_0001_ECX);
6121         x86_cpu_adjust_feat_level(cpu, FEAT_8000_0007_EDX);
6122         x86_cpu_adjust_feat_level(cpu, FEAT_8000_0008_EBX);
6123         x86_cpu_adjust_feat_level(cpu, FEAT_C000_0001_EDX);
6124         x86_cpu_adjust_feat_level(cpu, FEAT_SVM);
6125         x86_cpu_adjust_feat_level(cpu, FEAT_XSAVE);
6126 
6127         /* Intel Processor Trace requires CPUID[0x14] */
6128         if ((env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_INTEL_PT)) {
6129             if (cpu->intel_pt_auto_level) {
6130                 x86_cpu_adjust_level(cpu, &cpu->env.cpuid_min_level, 0x14);
6131             } else if (cpu->env.cpuid_min_level < 0x14) {
6132                 mark_unavailable_features(cpu, FEAT_7_0_EBX,
6133                     CPUID_7_0_EBX_INTEL_PT,
6134                     "Intel PT need CPUID leaf 0x14, please set by \"-cpu ...,intel-pt=on,min-level=0x14\"");
6135             }
6136         }
6137 
6138         /*
6139          * Intel CPU topology with multi-dies support requires CPUID[0x1F].
6140          * For AMD Rome/Milan, cpuid level is 0x10, and guest OS should detect
6141          * extended toplogy by leaf 0xB. Only adjust it for Intel CPU, unless
6142          * cpu->vendor_cpuid_only has been unset for compatibility with older
6143          * machine types.
6144          */
6145         if ((env->nr_dies > 1) &&
6146             (IS_INTEL_CPU(env) || !cpu->vendor_cpuid_only)) {
6147             x86_cpu_adjust_level(cpu, &env->cpuid_min_level, 0x1F);
6148         }
6149 
6150         /* SVM requires CPUID[0x8000000A] */
6151         if (env->features[FEAT_8000_0001_ECX] & CPUID_EXT3_SVM) {
6152             x86_cpu_adjust_level(cpu, &env->cpuid_min_xlevel, 0x8000000A);
6153         }
6154 
6155         /* SEV requires CPUID[0x8000001F] */
6156         if (sev_enabled()) {
6157             x86_cpu_adjust_level(cpu, &env->cpuid_min_xlevel, 0x8000001F);
6158         }
6159 
6160         /* SGX requires CPUID[0x12] for EPC enumeration */
6161         if (env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_SGX) {
6162             x86_cpu_adjust_level(cpu, &env->cpuid_min_level, 0x12);
6163         }
6164     }
6165 
6166     /* Set cpuid_*level* based on cpuid_min_*level, if not explicitly set */
6167     if (env->cpuid_level_func7 == UINT32_MAX) {
6168         env->cpuid_level_func7 = env->cpuid_min_level_func7;
6169     }
6170     if (env->cpuid_level == UINT32_MAX) {
6171         env->cpuid_level = env->cpuid_min_level;
6172     }
6173     if (env->cpuid_xlevel == UINT32_MAX) {
6174         env->cpuid_xlevel = env->cpuid_min_xlevel;
6175     }
6176     if (env->cpuid_xlevel2 == UINT32_MAX) {
6177         env->cpuid_xlevel2 = env->cpuid_min_xlevel2;
6178     }
6179 
6180     if (kvm_enabled()) {
6181         kvm_hyperv_expand_features(cpu, errp);
6182     }
6183 }
6184 
6185 /*
6186  * Finishes initialization of CPUID data, filters CPU feature
6187  * words based on host availability of each feature.
6188  *
6189  * Returns: 0 if all flags are supported by the host, non-zero otherwise.
6190  */
6191 static void x86_cpu_filter_features(X86CPU *cpu, bool verbose)
6192 {
6193     CPUX86State *env = &cpu->env;
6194     FeatureWord w;
6195     const char *prefix = NULL;
6196 
6197     if (verbose) {
6198         prefix = accel_uses_host_cpuid()
6199                  ? "host doesn't support requested feature"
6200                  : "TCG doesn't support requested feature";
6201     }
6202 
6203     for (w = 0; w < FEATURE_WORDS; w++) {
6204         uint64_t host_feat =
6205             x86_cpu_get_supported_feature_word(w, false);
6206         uint64_t requested_features = env->features[w];
6207         uint64_t unavailable_features = requested_features & ~host_feat;
6208         mark_unavailable_features(cpu, w, unavailable_features, prefix);
6209     }
6210 
6211     if ((env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_INTEL_PT) &&
6212         kvm_enabled()) {
6213         KVMState *s = CPU(cpu)->kvm_state;
6214         uint32_t eax_0 = kvm_arch_get_supported_cpuid(s, 0x14, 0, R_EAX);
6215         uint32_t ebx_0 = kvm_arch_get_supported_cpuid(s, 0x14, 0, R_EBX);
6216         uint32_t ecx_0 = kvm_arch_get_supported_cpuid(s, 0x14, 0, R_ECX);
6217         uint32_t eax_1 = kvm_arch_get_supported_cpuid(s, 0x14, 1, R_EAX);
6218         uint32_t ebx_1 = kvm_arch_get_supported_cpuid(s, 0x14, 1, R_EBX);
6219 
6220         if (!eax_0 ||
6221            ((ebx_0 & INTEL_PT_MINIMAL_EBX) != INTEL_PT_MINIMAL_EBX) ||
6222            ((ecx_0 & INTEL_PT_MINIMAL_ECX) != INTEL_PT_MINIMAL_ECX) ||
6223            ((eax_1 & INTEL_PT_MTC_BITMAP) != INTEL_PT_MTC_BITMAP) ||
6224            ((eax_1 & INTEL_PT_ADDR_RANGES_NUM_MASK) <
6225                                            INTEL_PT_ADDR_RANGES_NUM) ||
6226            ((ebx_1 & (INTEL_PT_PSB_BITMAP | INTEL_PT_CYCLE_BITMAP)) !=
6227                 (INTEL_PT_PSB_BITMAP | INTEL_PT_CYCLE_BITMAP)) ||
6228            ((ecx_0 & CPUID_14_0_ECX_LIP) !=
6229                 (env->features[FEAT_14_0_ECX] & CPUID_14_0_ECX_LIP))) {
6230             /*
6231              * Processor Trace capabilities aren't configurable, so if the
6232              * host can't emulate the capabilities we report on
6233              * cpu_x86_cpuid(), intel-pt can't be enabled on the current host.
6234              */
6235             mark_unavailable_features(cpu, FEAT_7_0_EBX, CPUID_7_0_EBX_INTEL_PT, prefix);
6236         }
6237     }
6238 }
6239 
6240 static void x86_cpu_hyperv_realize(X86CPU *cpu)
6241 {
6242     size_t len;
6243 
6244     /* Hyper-V vendor id */
6245     if (!cpu->hyperv_vendor) {
6246         object_property_set_str(OBJECT(cpu), "hv-vendor-id", "Microsoft Hv",
6247                                 &error_abort);
6248     }
6249     len = strlen(cpu->hyperv_vendor);
6250     if (len > 12) {
6251         warn_report("hv-vendor-id truncated to 12 characters");
6252         len = 12;
6253     }
6254     memset(cpu->hyperv_vendor_id, 0, 12);
6255     memcpy(cpu->hyperv_vendor_id, cpu->hyperv_vendor, len);
6256 
6257     /* 'Hv#1' interface identification*/
6258     cpu->hyperv_interface_id[0] = 0x31237648;
6259     cpu->hyperv_interface_id[1] = 0;
6260     cpu->hyperv_interface_id[2] = 0;
6261     cpu->hyperv_interface_id[3] = 0;
6262 
6263     /* Hypervisor implementation limits */
6264     cpu->hyperv_limits[0] = 64;
6265     cpu->hyperv_limits[1] = 0;
6266     cpu->hyperv_limits[2] = 0;
6267 }
6268 
6269 static void x86_cpu_realizefn(DeviceState *dev, Error **errp)
6270 {
6271     CPUState *cs = CPU(dev);
6272     X86CPU *cpu = X86_CPU(dev);
6273     X86CPUClass *xcc = X86_CPU_GET_CLASS(dev);
6274     CPUX86State *env = &cpu->env;
6275     Error *local_err = NULL;
6276     static bool ht_warned;
6277 
6278     if (cpu->apic_id == UNASSIGNED_APIC_ID) {
6279         error_setg(errp, "apic-id property was not initialized properly");
6280         return;
6281     }
6282 
6283     /*
6284      * Process Hyper-V enlightenments.
6285      * Note: this currently has to happen before the expansion of CPU features.
6286      */
6287     x86_cpu_hyperv_realize(cpu);
6288 
6289     x86_cpu_expand_features(cpu, &local_err);
6290     if (local_err) {
6291         goto out;
6292     }
6293 
6294     x86_cpu_filter_features(cpu, cpu->check_cpuid || cpu->enforce_cpuid);
6295 
6296     if (cpu->enforce_cpuid && x86_cpu_have_filtered_features(cpu)) {
6297         error_setg(&local_err,
6298                    accel_uses_host_cpuid() ?
6299                        "Host doesn't support requested features" :
6300                        "TCG doesn't support requested features");
6301         goto out;
6302     }
6303 
6304     /* On AMD CPUs, some CPUID[8000_0001].EDX bits must match the bits on
6305      * CPUID[1].EDX.
6306      */
6307     if (IS_AMD_CPU(env)) {
6308         env->features[FEAT_8000_0001_EDX] &= ~CPUID_EXT2_AMD_ALIASES;
6309         env->features[FEAT_8000_0001_EDX] |= (env->features[FEAT_1_EDX]
6310            & CPUID_EXT2_AMD_ALIASES);
6311     }
6312 
6313     x86_cpu_set_sgxlepubkeyhash(env);
6314 
6315     /*
6316      * note: the call to the framework needs to happen after feature expansion,
6317      * but before the checks/modifications to ucode_rev, mwait, phys_bits.
6318      * These may be set by the accel-specific code,
6319      * and the results are subsequently checked / assumed in this function.
6320      */
6321     cpu_exec_realizefn(cs, &local_err);
6322     if (local_err != NULL) {
6323         error_propagate(errp, local_err);
6324         return;
6325     }
6326 
6327     if (xcc->host_cpuid_required && !accel_uses_host_cpuid()) {
6328         g_autofree char *name = x86_cpu_class_get_model_name(xcc);
6329         error_setg(&local_err, "CPU model '%s' requires KVM or HVF", name);
6330         goto out;
6331     }
6332 
6333     if (cpu->ucode_rev == 0) {
6334         /*
6335          * The default is the same as KVM's. Note that this check
6336          * needs to happen after the evenual setting of ucode_rev in
6337          * accel-specific code in cpu_exec_realizefn.
6338          */
6339         if (IS_AMD_CPU(env)) {
6340             cpu->ucode_rev = 0x01000065;
6341         } else {
6342             cpu->ucode_rev = 0x100000000ULL;
6343         }
6344     }
6345 
6346     /*
6347      * mwait extended info: needed for Core compatibility
6348      * We always wake on interrupt even if host does not have the capability.
6349      *
6350      * requires the accel-specific code in cpu_exec_realizefn to
6351      * have already acquired the CPUID data into cpu->mwait.
6352      */
6353     cpu->mwait.ecx |= CPUID_MWAIT_EMX | CPUID_MWAIT_IBE;
6354 
6355     /* For 64bit systems think about the number of physical bits to present.
6356      * ideally this should be the same as the host; anything other than matching
6357      * the host can cause incorrect guest behaviour.
6358      * QEMU used to pick the magic value of 40 bits that corresponds to
6359      * consumer AMD devices but nothing else.
6360      *
6361      * Note that this code assumes features expansion has already been done
6362      * (as it checks for CPUID_EXT2_LM), and also assumes that potential
6363      * phys_bits adjustments to match the host have been already done in
6364      * accel-specific code in cpu_exec_realizefn.
6365      */
6366     if (env->features[FEAT_8000_0001_EDX] & CPUID_EXT2_LM) {
6367         if (cpu->phys_bits &&
6368             (cpu->phys_bits > TARGET_PHYS_ADDR_SPACE_BITS ||
6369             cpu->phys_bits < 32)) {
6370             error_setg(errp, "phys-bits should be between 32 and %u "
6371                              " (but is %u)",
6372                              TARGET_PHYS_ADDR_SPACE_BITS, cpu->phys_bits);
6373             return;
6374         }
6375         /*
6376          * 0 means it was not explicitly set by the user (or by machine
6377          * compat_props or by the host code in host-cpu.c).
6378          * In this case, the default is the value used by TCG (40).
6379          */
6380         if (cpu->phys_bits == 0) {
6381             cpu->phys_bits = TCG_PHYS_ADDR_BITS;
6382         }
6383     } else {
6384         /* For 32 bit systems don't use the user set value, but keep
6385          * phys_bits consistent with what we tell the guest.
6386          */
6387         if (cpu->phys_bits != 0) {
6388             error_setg(errp, "phys-bits is not user-configurable in 32 bit");
6389             return;
6390         }
6391 
6392         if (env->features[FEAT_1_EDX] & CPUID_PSE36) {
6393             cpu->phys_bits = 36;
6394         } else {
6395             cpu->phys_bits = 32;
6396         }
6397     }
6398 
6399     /* Cache information initialization */
6400     if (!cpu->legacy_cache) {
6401         if (!xcc->model || !xcc->model->cpudef->cache_info) {
6402             g_autofree char *name = x86_cpu_class_get_model_name(xcc);
6403             error_setg(errp,
6404                        "CPU model '%s' doesn't support legacy-cache=off", name);
6405             return;
6406         }
6407         env->cache_info_cpuid2 = env->cache_info_cpuid4 = env->cache_info_amd =
6408             *xcc->model->cpudef->cache_info;
6409     } else {
6410         /* Build legacy cache information */
6411         env->cache_info_cpuid2.l1d_cache = &legacy_l1d_cache;
6412         env->cache_info_cpuid2.l1i_cache = &legacy_l1i_cache;
6413         env->cache_info_cpuid2.l2_cache = &legacy_l2_cache_cpuid2;
6414         env->cache_info_cpuid2.l3_cache = &legacy_l3_cache;
6415 
6416         env->cache_info_cpuid4.l1d_cache = &legacy_l1d_cache;
6417         env->cache_info_cpuid4.l1i_cache = &legacy_l1i_cache;
6418         env->cache_info_cpuid4.l2_cache = &legacy_l2_cache;
6419         env->cache_info_cpuid4.l3_cache = &legacy_l3_cache;
6420 
6421         env->cache_info_amd.l1d_cache = &legacy_l1d_cache_amd;
6422         env->cache_info_amd.l1i_cache = &legacy_l1i_cache_amd;
6423         env->cache_info_amd.l2_cache = &legacy_l2_cache_amd;
6424         env->cache_info_amd.l3_cache = &legacy_l3_cache;
6425     }
6426 
6427 #ifndef CONFIG_USER_ONLY
6428     MachineState *ms = MACHINE(qdev_get_machine());
6429     qemu_register_reset(x86_cpu_machine_reset_cb, cpu);
6430 
6431     if (cpu->env.features[FEAT_1_EDX] & CPUID_APIC || ms->smp.cpus > 1) {
6432         x86_cpu_apic_create(cpu, &local_err);
6433         if (local_err != NULL) {
6434             goto out;
6435         }
6436     }
6437 #endif
6438 
6439     mce_init(cpu);
6440 
6441     qemu_init_vcpu(cs);
6442 
6443     /*
6444      * Most Intel and certain AMD CPUs support hyperthreading. Even though QEMU
6445      * fixes this issue by adjusting CPUID_0000_0001_EBX and CPUID_8000_0008_ECX
6446      * based on inputs (sockets,cores,threads), it is still better to give
6447      * users a warning.
6448      *
6449      * NOTE: the following code has to follow qemu_init_vcpu(). Otherwise
6450      * cs->nr_threads hasn't be populated yet and the checking is incorrect.
6451      */
6452     if (IS_AMD_CPU(env) &&
6453         !(env->features[FEAT_8000_0001_ECX] & CPUID_EXT3_TOPOEXT) &&
6454         cs->nr_threads > 1 && !ht_warned) {
6455             warn_report("This family of AMD CPU doesn't support "
6456                         "hyperthreading(%d)",
6457                         cs->nr_threads);
6458             error_printf("Please configure -smp options properly"
6459                          " or try enabling topoext feature.\n");
6460             ht_warned = true;
6461     }
6462 
6463 #ifndef CONFIG_USER_ONLY
6464     x86_cpu_apic_realize(cpu, &local_err);
6465     if (local_err != NULL) {
6466         goto out;
6467     }
6468 #endif /* !CONFIG_USER_ONLY */
6469     cpu_reset(cs);
6470 
6471     xcc->parent_realize(dev, &local_err);
6472 
6473 out:
6474     if (local_err != NULL) {
6475         error_propagate(errp, local_err);
6476         return;
6477     }
6478 }
6479 
6480 static void x86_cpu_unrealizefn(DeviceState *dev)
6481 {
6482     X86CPU *cpu = X86_CPU(dev);
6483     X86CPUClass *xcc = X86_CPU_GET_CLASS(dev);
6484 
6485 #ifndef CONFIG_USER_ONLY
6486     cpu_remove_sync(CPU(dev));
6487     qemu_unregister_reset(x86_cpu_machine_reset_cb, dev);
6488 #endif
6489 
6490     if (cpu->apic_state) {
6491         object_unparent(OBJECT(cpu->apic_state));
6492         cpu->apic_state = NULL;
6493     }
6494 
6495     xcc->parent_unrealize(dev);
6496 }
6497 
6498 typedef struct BitProperty {
6499     FeatureWord w;
6500     uint64_t mask;
6501 } BitProperty;
6502 
6503 static void x86_cpu_get_bit_prop(Object *obj, Visitor *v, const char *name,
6504                                  void *opaque, Error **errp)
6505 {
6506     X86CPU *cpu = X86_CPU(obj);
6507     BitProperty *fp = opaque;
6508     uint64_t f = cpu->env.features[fp->w];
6509     bool value = (f & fp->mask) == fp->mask;
6510     visit_type_bool(v, name, &value, errp);
6511 }
6512 
6513 static void x86_cpu_set_bit_prop(Object *obj, Visitor *v, const char *name,
6514                                  void *opaque, Error **errp)
6515 {
6516     DeviceState *dev = DEVICE(obj);
6517     X86CPU *cpu = X86_CPU(obj);
6518     BitProperty *fp = opaque;
6519     bool value;
6520 
6521     if (dev->realized) {
6522         qdev_prop_set_after_realize(dev, name, errp);
6523         return;
6524     }
6525 
6526     if (!visit_type_bool(v, name, &value, errp)) {
6527         return;
6528     }
6529 
6530     if (value) {
6531         cpu->env.features[fp->w] |= fp->mask;
6532     } else {
6533         cpu->env.features[fp->w] &= ~fp->mask;
6534     }
6535     cpu->env.user_features[fp->w] |= fp->mask;
6536 }
6537 
6538 /* Register a boolean property to get/set a single bit in a uint32_t field.
6539  *
6540  * The same property name can be registered multiple times to make it affect
6541  * multiple bits in the same FeatureWord. In that case, the getter will return
6542  * true only if all bits are set.
6543  */
6544 static void x86_cpu_register_bit_prop(X86CPUClass *xcc,
6545                                       const char *prop_name,
6546                                       FeatureWord w,
6547                                       int bitnr)
6548 {
6549     ObjectClass *oc = OBJECT_CLASS(xcc);
6550     BitProperty *fp;
6551     ObjectProperty *op;
6552     uint64_t mask = (1ULL << bitnr);
6553 
6554     op = object_class_property_find(oc, prop_name);
6555     if (op) {
6556         fp = op->opaque;
6557         assert(fp->w == w);
6558         fp->mask |= mask;
6559     } else {
6560         fp = g_new0(BitProperty, 1);
6561         fp->w = w;
6562         fp->mask = mask;
6563         object_class_property_add(oc, prop_name, "bool",
6564                                   x86_cpu_get_bit_prop,
6565                                   x86_cpu_set_bit_prop,
6566                                   NULL, fp);
6567     }
6568 }
6569 
6570 static void x86_cpu_register_feature_bit_props(X86CPUClass *xcc,
6571                                                FeatureWord w,
6572                                                int bitnr)
6573 {
6574     FeatureWordInfo *fi = &feature_word_info[w];
6575     const char *name = fi->feat_names[bitnr];
6576 
6577     if (!name) {
6578         return;
6579     }
6580 
6581     /* Property names should use "-" instead of "_".
6582      * Old names containing underscores are registered as aliases
6583      * using object_property_add_alias()
6584      */
6585     assert(!strchr(name, '_'));
6586     /* aliases don't use "|" delimiters anymore, they are registered
6587      * manually using object_property_add_alias() */
6588     assert(!strchr(name, '|'));
6589     x86_cpu_register_bit_prop(xcc, name, w, bitnr);
6590 }
6591 
6592 static void x86_cpu_post_initfn(Object *obj)
6593 {
6594     accel_cpu_instance_init(CPU(obj));
6595 }
6596 
6597 static void x86_cpu_initfn(Object *obj)
6598 {
6599     X86CPU *cpu = X86_CPU(obj);
6600     X86CPUClass *xcc = X86_CPU_GET_CLASS(obj);
6601     CPUX86State *env = &cpu->env;
6602 
6603     env->nr_dies = 1;
6604     cpu_set_cpustate_pointers(cpu);
6605 
6606     object_property_add(obj, "feature-words", "X86CPUFeatureWordInfo",
6607                         x86_cpu_get_feature_words,
6608                         NULL, NULL, (void *)env->features);
6609     object_property_add(obj, "filtered-features", "X86CPUFeatureWordInfo",
6610                         x86_cpu_get_feature_words,
6611                         NULL, NULL, (void *)cpu->filtered_features);
6612 
6613     object_property_add_alias(obj, "sse3", obj, "pni");
6614     object_property_add_alias(obj, "pclmuldq", obj, "pclmulqdq");
6615     object_property_add_alias(obj, "sse4-1", obj, "sse4.1");
6616     object_property_add_alias(obj, "sse4-2", obj, "sse4.2");
6617     object_property_add_alias(obj, "xd", obj, "nx");
6618     object_property_add_alias(obj, "ffxsr", obj, "fxsr-opt");
6619     object_property_add_alias(obj, "i64", obj, "lm");
6620 
6621     object_property_add_alias(obj, "ds_cpl", obj, "ds-cpl");
6622     object_property_add_alias(obj, "tsc_adjust", obj, "tsc-adjust");
6623     object_property_add_alias(obj, "fxsr_opt", obj, "fxsr-opt");
6624     object_property_add_alias(obj, "lahf_lm", obj, "lahf-lm");
6625     object_property_add_alias(obj, "cmp_legacy", obj, "cmp-legacy");
6626     object_property_add_alias(obj, "nodeid_msr", obj, "nodeid-msr");
6627     object_property_add_alias(obj, "perfctr_core", obj, "perfctr-core");
6628     object_property_add_alias(obj, "perfctr_nb", obj, "perfctr-nb");
6629     object_property_add_alias(obj, "kvm_nopiodelay", obj, "kvm-nopiodelay");
6630     object_property_add_alias(obj, "kvm_mmu", obj, "kvm-mmu");
6631     object_property_add_alias(obj, "kvm_asyncpf", obj, "kvm-asyncpf");
6632     object_property_add_alias(obj, "kvm_asyncpf_int", obj, "kvm-asyncpf-int");
6633     object_property_add_alias(obj, "kvm_steal_time", obj, "kvm-steal-time");
6634     object_property_add_alias(obj, "kvm_pv_eoi", obj, "kvm-pv-eoi");
6635     object_property_add_alias(obj, "kvm_pv_unhalt", obj, "kvm-pv-unhalt");
6636     object_property_add_alias(obj, "kvm_poll_control", obj, "kvm-poll-control");
6637     object_property_add_alias(obj, "svm_lock", obj, "svm-lock");
6638     object_property_add_alias(obj, "nrip_save", obj, "nrip-save");
6639     object_property_add_alias(obj, "tsc_scale", obj, "tsc-scale");
6640     object_property_add_alias(obj, "vmcb_clean", obj, "vmcb-clean");
6641     object_property_add_alias(obj, "pause_filter", obj, "pause-filter");
6642     object_property_add_alias(obj, "sse4_1", obj, "sse4.1");
6643     object_property_add_alias(obj, "sse4_2", obj, "sse4.2");
6644 
6645     object_property_add_alias(obj, "hv-apicv", obj, "hv-avic");
6646 
6647     if (xcc->model) {
6648         x86_cpu_load_model(cpu, xcc->model);
6649     }
6650 }
6651 
6652 static int64_t x86_cpu_get_arch_id(CPUState *cs)
6653 {
6654     X86CPU *cpu = X86_CPU(cs);
6655 
6656     return cpu->apic_id;
6657 }
6658 
6659 #if !defined(CONFIG_USER_ONLY)
6660 static bool x86_cpu_get_paging_enabled(const CPUState *cs)
6661 {
6662     X86CPU *cpu = X86_CPU(cs);
6663 
6664     return cpu->env.cr[0] & CR0_PG_MASK;
6665 }
6666 #endif /* !CONFIG_USER_ONLY */
6667 
6668 static void x86_cpu_set_pc(CPUState *cs, vaddr value)
6669 {
6670     X86CPU *cpu = X86_CPU(cs);
6671 
6672     cpu->env.eip = value;
6673 }
6674 
6675 int x86_cpu_pending_interrupt(CPUState *cs, int interrupt_request)
6676 {
6677     X86CPU *cpu = X86_CPU(cs);
6678     CPUX86State *env = &cpu->env;
6679 
6680 #if !defined(CONFIG_USER_ONLY)
6681     if (interrupt_request & CPU_INTERRUPT_POLL) {
6682         return CPU_INTERRUPT_POLL;
6683     }
6684 #endif
6685     if (interrupt_request & CPU_INTERRUPT_SIPI) {
6686         return CPU_INTERRUPT_SIPI;
6687     }
6688 
6689     if (env->hflags2 & HF2_GIF_MASK) {
6690         if ((interrupt_request & CPU_INTERRUPT_SMI) &&
6691             !(env->hflags & HF_SMM_MASK)) {
6692             return CPU_INTERRUPT_SMI;
6693         } else if ((interrupt_request & CPU_INTERRUPT_NMI) &&
6694                    !(env->hflags2 & HF2_NMI_MASK)) {
6695             return CPU_INTERRUPT_NMI;
6696         } else if (interrupt_request & CPU_INTERRUPT_MCE) {
6697             return CPU_INTERRUPT_MCE;
6698         } else if ((interrupt_request & CPU_INTERRUPT_HARD) &&
6699                    (((env->hflags2 & HF2_VINTR_MASK) &&
6700                      (env->hflags2 & HF2_HIF_MASK)) ||
6701                     (!(env->hflags2 & HF2_VINTR_MASK) &&
6702                      (env->eflags & IF_MASK &&
6703                       !(env->hflags & HF_INHIBIT_IRQ_MASK))))) {
6704             return CPU_INTERRUPT_HARD;
6705 #if !defined(CONFIG_USER_ONLY)
6706         } else if (env->hflags2 & HF2_VGIF_MASK) {
6707             if((interrupt_request & CPU_INTERRUPT_VIRQ) &&
6708                    (env->eflags & IF_MASK) &&
6709                    !(env->hflags & HF_INHIBIT_IRQ_MASK)) {
6710                         return CPU_INTERRUPT_VIRQ;
6711             }
6712 #endif
6713         }
6714     }
6715 
6716     return 0;
6717 }
6718 
6719 static bool x86_cpu_has_work(CPUState *cs)
6720 {
6721     return x86_cpu_pending_interrupt(cs, cs->interrupt_request) != 0;
6722 }
6723 
6724 static void x86_disas_set_info(CPUState *cs, disassemble_info *info)
6725 {
6726     X86CPU *cpu = X86_CPU(cs);
6727     CPUX86State *env = &cpu->env;
6728 
6729     info->mach = (env->hflags & HF_CS64_MASK ? bfd_mach_x86_64
6730                   : env->hflags & HF_CS32_MASK ? bfd_mach_i386_i386
6731                   : bfd_mach_i386_i8086);
6732     info->print_insn = print_insn_i386;
6733 
6734     info->cap_arch = CS_ARCH_X86;
6735     info->cap_mode = (env->hflags & HF_CS64_MASK ? CS_MODE_64
6736                       : env->hflags & HF_CS32_MASK ? CS_MODE_32
6737                       : CS_MODE_16);
6738     info->cap_insn_unit = 1;
6739     info->cap_insn_split = 8;
6740 }
6741 
6742 void x86_update_hflags(CPUX86State *env)
6743 {
6744    uint32_t hflags;
6745 #define HFLAG_COPY_MASK \
6746     ~( HF_CPL_MASK | HF_PE_MASK | HF_MP_MASK | HF_EM_MASK | \
6747        HF_TS_MASK | HF_TF_MASK | HF_VM_MASK | HF_IOPL_MASK | \
6748        HF_OSFXSR_MASK | HF_LMA_MASK | HF_CS32_MASK | \
6749        HF_SS32_MASK | HF_CS64_MASK | HF_ADDSEG_MASK)
6750 
6751     hflags = env->hflags & HFLAG_COPY_MASK;
6752     hflags |= (env->segs[R_SS].flags >> DESC_DPL_SHIFT) & HF_CPL_MASK;
6753     hflags |= (env->cr[0] & CR0_PE_MASK) << (HF_PE_SHIFT - CR0_PE_SHIFT);
6754     hflags |= (env->cr[0] << (HF_MP_SHIFT - CR0_MP_SHIFT)) &
6755                 (HF_MP_MASK | HF_EM_MASK | HF_TS_MASK);
6756     hflags |= (env->eflags & (HF_TF_MASK | HF_VM_MASK | HF_IOPL_MASK));
6757 
6758     if (env->cr[4] & CR4_OSFXSR_MASK) {
6759         hflags |= HF_OSFXSR_MASK;
6760     }
6761 
6762     if (env->efer & MSR_EFER_LMA) {
6763         hflags |= HF_LMA_MASK;
6764     }
6765 
6766     if ((hflags & HF_LMA_MASK) && (env->segs[R_CS].flags & DESC_L_MASK)) {
6767         hflags |= HF_CS32_MASK | HF_SS32_MASK | HF_CS64_MASK;
6768     } else {
6769         hflags |= (env->segs[R_CS].flags & DESC_B_MASK) >>
6770                     (DESC_B_SHIFT - HF_CS32_SHIFT);
6771         hflags |= (env->segs[R_SS].flags & DESC_B_MASK) >>
6772                     (DESC_B_SHIFT - HF_SS32_SHIFT);
6773         if (!(env->cr[0] & CR0_PE_MASK) || (env->eflags & VM_MASK) ||
6774             !(hflags & HF_CS32_MASK)) {
6775             hflags |= HF_ADDSEG_MASK;
6776         } else {
6777             hflags |= ((env->segs[R_DS].base | env->segs[R_ES].base |
6778                         env->segs[R_SS].base) != 0) << HF_ADDSEG_SHIFT;
6779         }
6780     }
6781     env->hflags = hflags;
6782 }
6783 
6784 static Property x86_cpu_properties[] = {
6785 #ifdef CONFIG_USER_ONLY
6786     /* apic_id = 0 by default for *-user, see commit 9886e834 */
6787     DEFINE_PROP_UINT32("apic-id", X86CPU, apic_id, 0),
6788     DEFINE_PROP_INT32("thread-id", X86CPU, thread_id, 0),
6789     DEFINE_PROP_INT32("core-id", X86CPU, core_id, 0),
6790     DEFINE_PROP_INT32("die-id", X86CPU, die_id, 0),
6791     DEFINE_PROP_INT32("socket-id", X86CPU, socket_id, 0),
6792 #else
6793     DEFINE_PROP_UINT32("apic-id", X86CPU, apic_id, UNASSIGNED_APIC_ID),
6794     DEFINE_PROP_INT32("thread-id", X86CPU, thread_id, -1),
6795     DEFINE_PROP_INT32("core-id", X86CPU, core_id, -1),
6796     DEFINE_PROP_INT32("die-id", X86CPU, die_id, -1),
6797     DEFINE_PROP_INT32("socket-id", X86CPU, socket_id, -1),
6798 #endif
6799     DEFINE_PROP_INT32("node-id", X86CPU, node_id, CPU_UNSET_NUMA_NODE_ID),
6800     DEFINE_PROP_BOOL("pmu", X86CPU, enable_pmu, false),
6801 
6802     DEFINE_PROP_UINT32("hv-spinlocks", X86CPU, hyperv_spinlock_attempts,
6803                        HYPERV_SPINLOCK_NEVER_NOTIFY),
6804     DEFINE_PROP_BIT64("hv-relaxed", X86CPU, hyperv_features,
6805                       HYPERV_FEAT_RELAXED, 0),
6806     DEFINE_PROP_BIT64("hv-vapic", X86CPU, hyperv_features,
6807                       HYPERV_FEAT_VAPIC, 0),
6808     DEFINE_PROP_BIT64("hv-time", X86CPU, hyperv_features,
6809                       HYPERV_FEAT_TIME, 0),
6810     DEFINE_PROP_BIT64("hv-crash", X86CPU, hyperv_features,
6811                       HYPERV_FEAT_CRASH, 0),
6812     DEFINE_PROP_BIT64("hv-reset", X86CPU, hyperv_features,
6813                       HYPERV_FEAT_RESET, 0),
6814     DEFINE_PROP_BIT64("hv-vpindex", X86CPU, hyperv_features,
6815                       HYPERV_FEAT_VPINDEX, 0),
6816     DEFINE_PROP_BIT64("hv-runtime", X86CPU, hyperv_features,
6817                       HYPERV_FEAT_RUNTIME, 0),
6818     DEFINE_PROP_BIT64("hv-synic", X86CPU, hyperv_features,
6819                       HYPERV_FEAT_SYNIC, 0),
6820     DEFINE_PROP_BIT64("hv-stimer", X86CPU, hyperv_features,
6821                       HYPERV_FEAT_STIMER, 0),
6822     DEFINE_PROP_BIT64("hv-frequencies", X86CPU, hyperv_features,
6823                       HYPERV_FEAT_FREQUENCIES, 0),
6824     DEFINE_PROP_BIT64("hv-reenlightenment", X86CPU, hyperv_features,
6825                       HYPERV_FEAT_REENLIGHTENMENT, 0),
6826     DEFINE_PROP_BIT64("hv-tlbflush", X86CPU, hyperv_features,
6827                       HYPERV_FEAT_TLBFLUSH, 0),
6828     DEFINE_PROP_BIT64("hv-evmcs", X86CPU, hyperv_features,
6829                       HYPERV_FEAT_EVMCS, 0),
6830     DEFINE_PROP_BIT64("hv-ipi", X86CPU, hyperv_features,
6831                       HYPERV_FEAT_IPI, 0),
6832     DEFINE_PROP_BIT64("hv-stimer-direct", X86CPU, hyperv_features,
6833                       HYPERV_FEAT_STIMER_DIRECT, 0),
6834     DEFINE_PROP_BIT64("hv-avic", X86CPU, hyperv_features,
6835                       HYPERV_FEAT_AVIC, 0),
6836     DEFINE_PROP_ON_OFF_AUTO("hv-no-nonarch-coresharing", X86CPU,
6837                             hyperv_no_nonarch_cs, ON_OFF_AUTO_OFF),
6838     DEFINE_PROP_BOOL("hv-passthrough", X86CPU, hyperv_passthrough, false),
6839     DEFINE_PROP_BOOL("hv-enforce-cpuid", X86CPU, hyperv_enforce_cpuid, false),
6840 
6841     /* WS2008R2 identify by default */
6842     DEFINE_PROP_UINT32("hv-version-id-build", X86CPU, hyperv_ver_id_build,
6843                        0x3839),
6844     DEFINE_PROP_UINT16("hv-version-id-major", X86CPU, hyperv_ver_id_major,
6845                        0x000A),
6846     DEFINE_PROP_UINT16("hv-version-id-minor", X86CPU, hyperv_ver_id_minor,
6847                        0x0000),
6848     DEFINE_PROP_UINT32("hv-version-id-spack", X86CPU, hyperv_ver_id_sp, 0),
6849     DEFINE_PROP_UINT8("hv-version-id-sbranch", X86CPU, hyperv_ver_id_sb, 0),
6850     DEFINE_PROP_UINT32("hv-version-id-snumber", X86CPU, hyperv_ver_id_sn, 0),
6851 
6852     DEFINE_PROP_BOOL("check", X86CPU, check_cpuid, true),
6853     DEFINE_PROP_BOOL("enforce", X86CPU, enforce_cpuid, false),
6854     DEFINE_PROP_BOOL("x-force-features", X86CPU, force_features, false),
6855     DEFINE_PROP_BOOL("kvm", X86CPU, expose_kvm, true),
6856     DEFINE_PROP_UINT32("phys-bits", X86CPU, phys_bits, 0),
6857     DEFINE_PROP_BOOL("host-phys-bits", X86CPU, host_phys_bits, false),
6858     DEFINE_PROP_UINT8("host-phys-bits-limit", X86CPU, host_phys_bits_limit, 0),
6859     DEFINE_PROP_BOOL("fill-mtrr-mask", X86CPU, fill_mtrr_mask, true),
6860     DEFINE_PROP_UINT32("level-func7", X86CPU, env.cpuid_level_func7,
6861                        UINT32_MAX),
6862     DEFINE_PROP_UINT32("level", X86CPU, env.cpuid_level, UINT32_MAX),
6863     DEFINE_PROP_UINT32("xlevel", X86CPU, env.cpuid_xlevel, UINT32_MAX),
6864     DEFINE_PROP_UINT32("xlevel2", X86CPU, env.cpuid_xlevel2, UINT32_MAX),
6865     DEFINE_PROP_UINT32("min-level", X86CPU, env.cpuid_min_level, 0),
6866     DEFINE_PROP_UINT32("min-xlevel", X86CPU, env.cpuid_min_xlevel, 0),
6867     DEFINE_PROP_UINT32("min-xlevel2", X86CPU, env.cpuid_min_xlevel2, 0),
6868     DEFINE_PROP_UINT64("ucode-rev", X86CPU, ucode_rev, 0),
6869     DEFINE_PROP_BOOL("full-cpuid-auto-level", X86CPU, full_cpuid_auto_level, true),
6870     DEFINE_PROP_STRING("hv-vendor-id", X86CPU, hyperv_vendor),
6871     DEFINE_PROP_BOOL("cpuid-0xb", X86CPU, enable_cpuid_0xb, true),
6872     DEFINE_PROP_BOOL("x-vendor-cpuid-only", X86CPU, vendor_cpuid_only, true),
6873     DEFINE_PROP_BOOL("lmce", X86CPU, enable_lmce, false),
6874     DEFINE_PROP_BOOL("l3-cache", X86CPU, enable_l3_cache, true),
6875     DEFINE_PROP_BOOL("kvm-no-smi-migration", X86CPU, kvm_no_smi_migration,
6876                      false),
6877     DEFINE_PROP_BOOL("kvm-pv-enforce-cpuid", X86CPU, kvm_pv_enforce_cpuid,
6878                      false),
6879     DEFINE_PROP_BOOL("vmware-cpuid-freq", X86CPU, vmware_cpuid_freq, true),
6880     DEFINE_PROP_BOOL("tcg-cpuid", X86CPU, expose_tcg, true),
6881     DEFINE_PROP_BOOL("x-migrate-smi-count", X86CPU, migrate_smi_count,
6882                      true),
6883     /*
6884      * lecacy_cache defaults to true unless the CPU model provides its
6885      * own cache information (see x86_cpu_load_def()).
6886      */
6887     DEFINE_PROP_BOOL("legacy-cache", X86CPU, legacy_cache, true),
6888 
6889     /*
6890      * From "Requirements for Implementing the Microsoft
6891      * Hypervisor Interface":
6892      * https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/reference/tlfs
6893      *
6894      * "Starting with Windows Server 2012 and Windows 8, if
6895      * CPUID.40000005.EAX contains a value of -1, Windows assumes that
6896      * the hypervisor imposes no specific limit to the number of VPs.
6897      * In this case, Windows Server 2012 guest VMs may use more than
6898      * 64 VPs, up to the maximum supported number of processors applicable
6899      * to the specific Windows version being used."
6900      */
6901     DEFINE_PROP_INT32("x-hv-max-vps", X86CPU, hv_max_vps, -1),
6902     DEFINE_PROP_BOOL("x-hv-synic-kvm-only", X86CPU, hyperv_synic_kvm_only,
6903                      false),
6904     DEFINE_PROP_BOOL("x-intel-pt-auto-level", X86CPU, intel_pt_auto_level,
6905                      true),
6906     DEFINE_PROP_END_OF_LIST()
6907 };
6908 
6909 #ifndef CONFIG_USER_ONLY
6910 #include "hw/core/sysemu-cpu-ops.h"
6911 
6912 static const struct SysemuCPUOps i386_sysemu_ops = {
6913     .get_memory_mapping = x86_cpu_get_memory_mapping,
6914     .get_paging_enabled = x86_cpu_get_paging_enabled,
6915     .get_phys_page_attrs_debug = x86_cpu_get_phys_page_attrs_debug,
6916     .asidx_from_attrs = x86_asidx_from_attrs,
6917     .get_crash_info = x86_cpu_get_crash_info,
6918     .write_elf32_note = x86_cpu_write_elf32_note,
6919     .write_elf64_note = x86_cpu_write_elf64_note,
6920     .write_elf32_qemunote = x86_cpu_write_elf32_qemunote,
6921     .write_elf64_qemunote = x86_cpu_write_elf64_qemunote,
6922     .legacy_vmsd = &vmstate_x86_cpu,
6923 };
6924 #endif
6925 
6926 static void x86_cpu_common_class_init(ObjectClass *oc, void *data)
6927 {
6928     X86CPUClass *xcc = X86_CPU_CLASS(oc);
6929     CPUClass *cc = CPU_CLASS(oc);
6930     DeviceClass *dc = DEVICE_CLASS(oc);
6931     FeatureWord w;
6932 
6933     device_class_set_parent_realize(dc, x86_cpu_realizefn,
6934                                     &xcc->parent_realize);
6935     device_class_set_parent_unrealize(dc, x86_cpu_unrealizefn,
6936                                       &xcc->parent_unrealize);
6937     device_class_set_props(dc, x86_cpu_properties);
6938 
6939     device_class_set_parent_reset(dc, x86_cpu_reset, &xcc->parent_reset);
6940     cc->reset_dump_flags = CPU_DUMP_FPU | CPU_DUMP_CCOP;
6941 
6942     cc->class_by_name = x86_cpu_class_by_name;
6943     cc->parse_features = x86_cpu_parse_featurestr;
6944     cc->has_work = x86_cpu_has_work;
6945     cc->dump_state = x86_cpu_dump_state;
6946     cc->set_pc = x86_cpu_set_pc;
6947     cc->gdb_read_register = x86_cpu_gdb_read_register;
6948     cc->gdb_write_register = x86_cpu_gdb_write_register;
6949     cc->get_arch_id = x86_cpu_get_arch_id;
6950 
6951 #ifndef CONFIG_USER_ONLY
6952     cc->sysemu_ops = &i386_sysemu_ops;
6953 #endif /* !CONFIG_USER_ONLY */
6954 
6955     cc->gdb_arch_name = x86_gdb_arch_name;
6956 #ifdef TARGET_X86_64
6957     cc->gdb_core_xml_file = "i386-64bit.xml";
6958     cc->gdb_num_core_regs = 66;
6959 #else
6960     cc->gdb_core_xml_file = "i386-32bit.xml";
6961     cc->gdb_num_core_regs = 50;
6962 #endif
6963     cc->disas_set_info = x86_disas_set_info;
6964 
6965     dc->user_creatable = true;
6966 
6967     object_class_property_add(oc, "family", "int",
6968                               x86_cpuid_version_get_family,
6969                               x86_cpuid_version_set_family, NULL, NULL);
6970     object_class_property_add(oc, "model", "int",
6971                               x86_cpuid_version_get_model,
6972                               x86_cpuid_version_set_model, NULL, NULL);
6973     object_class_property_add(oc, "stepping", "int",
6974                               x86_cpuid_version_get_stepping,
6975                               x86_cpuid_version_set_stepping, NULL, NULL);
6976     object_class_property_add_str(oc, "vendor",
6977                                   x86_cpuid_get_vendor,
6978                                   x86_cpuid_set_vendor);
6979     object_class_property_add_str(oc, "model-id",
6980                                   x86_cpuid_get_model_id,
6981                                   x86_cpuid_set_model_id);
6982     object_class_property_add(oc, "tsc-frequency", "int",
6983                               x86_cpuid_get_tsc_freq,
6984                               x86_cpuid_set_tsc_freq, NULL, NULL);
6985     /*
6986      * The "unavailable-features" property has the same semantics as
6987      * CpuDefinitionInfo.unavailable-features on the "query-cpu-definitions"
6988      * QMP command: they list the features that would have prevented the
6989      * CPU from running if the "enforce" flag was set.
6990      */
6991     object_class_property_add(oc, "unavailable-features", "strList",
6992                               x86_cpu_get_unavailable_features,
6993                               NULL, NULL, NULL);
6994 
6995 #if !defined(CONFIG_USER_ONLY)
6996     object_class_property_add(oc, "crash-information", "GuestPanicInformation",
6997                               x86_cpu_get_crash_info_qom, NULL, NULL, NULL);
6998 #endif
6999 
7000     for (w = 0; w < FEATURE_WORDS; w++) {
7001         int bitnr;
7002         for (bitnr = 0; bitnr < 64; bitnr++) {
7003             x86_cpu_register_feature_bit_props(xcc, w, bitnr);
7004         }
7005     }
7006 }
7007 
7008 static const TypeInfo x86_cpu_type_info = {
7009     .name = TYPE_X86_CPU,
7010     .parent = TYPE_CPU,
7011     .instance_size = sizeof(X86CPU),
7012     .instance_init = x86_cpu_initfn,
7013     .instance_post_init = x86_cpu_post_initfn,
7014 
7015     .abstract = true,
7016     .class_size = sizeof(X86CPUClass),
7017     .class_init = x86_cpu_common_class_init,
7018 };
7019 
7020 /* "base" CPU model, used by query-cpu-model-expansion */
7021 static void x86_cpu_base_class_init(ObjectClass *oc, void *data)
7022 {
7023     X86CPUClass *xcc = X86_CPU_CLASS(oc);
7024 
7025     xcc->static_model = true;
7026     xcc->migration_safe = true;
7027     xcc->model_description = "base CPU model type with no features enabled";
7028     xcc->ordering = 8;
7029 }
7030 
7031 static const TypeInfo x86_base_cpu_type_info = {
7032         .name = X86_CPU_TYPE_NAME("base"),
7033         .parent = TYPE_X86_CPU,
7034         .class_init = x86_cpu_base_class_init,
7035 };
7036 
7037 static void x86_cpu_register_types(void)
7038 {
7039     int i;
7040 
7041     type_register_static(&x86_cpu_type_info);
7042     for (i = 0; i < ARRAY_SIZE(builtin_x86_defs); i++) {
7043         x86_register_cpudef_types(&builtin_x86_defs[i]);
7044     }
7045     type_register_static(&max_x86_cpu_type_info);
7046     type_register_static(&x86_base_cpu_type_info);
7047 }
7048 
7049 type_init(x86_cpu_register_types)
7050