xref: /qemu/target/i386/cpu.c (revision e4a8e093dc74be049f4829831dce76e5edab0003) 
1 /*
2  *  i386 CPUID, CPU class, definitions, models
3  *
4  *  Copyright (c) 2003 Fabrice Bellard
5  *
6  * This library is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Lesser General Public
8  * License as published by the Free Software Foundation; either
9  * version 2.1 of the License, or (at your option) any later version.
10  *
11  * This library is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
14  * Lesser General Public License for more details.
15  *
16  * You should have received a copy of the GNU Lesser General Public
17  * License along with this library; if not, see <http://www.gnu.org/licenses/>.
18  */
19 
20 #include "qemu/osdep.h"
21 #include "qemu/units.h"
22 #include "qemu/cutils.h"
23 #include "qemu/qemu-print.h"
24 #include "qemu/hw-version.h"
25 #include "cpu.h"
26 #include "tcg/helper-tcg.h"
27 #include "exec/translation-block.h"
28 #include "system/hvf.h"
29 #include "hvf/hvf-i386.h"
30 #include "kvm/kvm_i386.h"
31 #include "sev.h"
32 #include "qapi/error.h"
33 #include "qemu/error-report.h"
34 #include "qapi/qapi-visit-machine.h"
35 #include "standard-headers/asm-x86/kvm_para.h"
36 #include "hw/qdev-properties.h"
37 #include "hw/i386/topology.h"
38 #ifndef CONFIG_USER_ONLY
39 #include "system/reset.h"
40 #include "qapi/qapi-commands-machine-target.h"
41 #include "exec/address-spaces.h"
42 #include "hw/boards.h"
43 #include "hw/i386/sgx-epc.h"
44 #endif
45 
46 #include "disas/capstone.h"
47 #include "cpu-internal.h"
48 
49 static void x86_cpu_realizefn(DeviceState *dev, Error **errp);
50 static void x86_cpu_get_supported_cpuid(uint32_t func, uint32_t index,
51                                         uint32_t *eax, uint32_t *ebx,
52                                         uint32_t *ecx, uint32_t *edx);
53 
54 /* Helpers for building CPUID[2] descriptors: */
55 
56 struct CPUID2CacheDescriptorInfo {
57     enum CacheType type;
58     int level;
59     int size;
60     int line_size;
61     int associativity;
62 };
63 
64 /*
65  * Known CPUID 2 cache descriptors.
66  * From Intel SDM Volume 2A, CPUID instruction
67  */
68 struct CPUID2CacheDescriptorInfo cpuid2_cache_descriptors[] = {
69     [0x06] = { .level = 1, .type = INSTRUCTION_CACHE, .size =   8 * KiB,
70                .associativity = 4,  .line_size = 32, },
71     [0x08] = { .level = 1, .type = INSTRUCTION_CACHE, .size =  16 * KiB,
72                .associativity = 4,  .line_size = 32, },
73     [0x09] = { .level = 1, .type = INSTRUCTION_CACHE, .size =  32 * KiB,
74                .associativity = 4,  .line_size = 64, },
75     [0x0A] = { .level = 1, .type = DATA_CACHE,        .size =   8 * KiB,
76                .associativity = 2,  .line_size = 32, },
77     [0x0C] = { .level = 1, .type = DATA_CACHE,        .size =  16 * KiB,
78                .associativity = 4,  .line_size = 32, },
79     [0x0D] = { .level = 1, .type = DATA_CACHE,        .size =  16 * KiB,
80                .associativity = 4,  .line_size = 64, },
81     [0x0E] = { .level = 1, .type = DATA_CACHE,        .size =  24 * KiB,
82                .associativity = 6,  .line_size = 64, },
83     [0x1D] = { .level = 2, .type = UNIFIED_CACHE,     .size = 128 * KiB,
84                .associativity = 2,  .line_size = 64, },
85     [0x21] = { .level = 2, .type = UNIFIED_CACHE,     .size = 256 * KiB,
86                .associativity = 8,  .line_size = 64, },
87     /* lines per sector is not supported cpuid2_cache_descriptor(),
88     * so descriptors 0x22, 0x23 are not included
89     */
90     [0x24] = { .level = 2, .type = UNIFIED_CACHE,     .size =   1 * MiB,
91                .associativity = 16, .line_size = 64, },
92     /* lines per sector is not supported cpuid2_cache_descriptor(),
93     * so descriptors 0x25, 0x20 are not included
94     */
95     [0x2C] = { .level = 1, .type = DATA_CACHE,        .size =  32 * KiB,
96                .associativity = 8,  .line_size = 64, },
97     [0x30] = { .level = 1, .type = INSTRUCTION_CACHE, .size =  32 * KiB,
98                .associativity = 8,  .line_size = 64, },
99     [0x41] = { .level = 2, .type = UNIFIED_CACHE,     .size = 128 * KiB,
100                .associativity = 4,  .line_size = 32, },
101     [0x42] = { .level = 2, .type = UNIFIED_CACHE,     .size = 256 * KiB,
102                .associativity = 4,  .line_size = 32, },
103     [0x43] = { .level = 2, .type = UNIFIED_CACHE,     .size = 512 * KiB,
104                .associativity = 4,  .line_size = 32, },
105     [0x44] = { .level = 2, .type = UNIFIED_CACHE,     .size =   1 * MiB,
106                .associativity = 4,  .line_size = 32, },
107     [0x45] = { .level = 2, .type = UNIFIED_CACHE,     .size =   2 * MiB,
108                .associativity = 4,  .line_size = 32, },
109     [0x46] = { .level = 3, .type = UNIFIED_CACHE,     .size =   4 * MiB,
110                .associativity = 4,  .line_size = 64, },
111     [0x47] = { .level = 3, .type = UNIFIED_CACHE,     .size =   8 * MiB,
112                .associativity = 8,  .line_size = 64, },
113     [0x48] = { .level = 2, .type = UNIFIED_CACHE,     .size =   3 * MiB,
114                .associativity = 12, .line_size = 64, },
115     /* Descriptor 0x49 depends on CPU family/model, so it is not included */
116     [0x4A] = { .level = 3, .type = UNIFIED_CACHE,     .size =   6 * MiB,
117                .associativity = 12, .line_size = 64, },
118     [0x4B] = { .level = 3, .type = UNIFIED_CACHE,     .size =   8 * MiB,
119                .associativity = 16, .line_size = 64, },
120     [0x4C] = { .level = 3, .type = UNIFIED_CACHE,     .size =  12 * MiB,
121                .associativity = 12, .line_size = 64, },
122     [0x4D] = { .level = 3, .type = UNIFIED_CACHE,     .size =  16 * MiB,
123                .associativity = 16, .line_size = 64, },
124     [0x4E] = { .level = 2, .type = UNIFIED_CACHE,     .size =   6 * MiB,
125                .associativity = 24, .line_size = 64, },
126     [0x60] = { .level = 1, .type = DATA_CACHE,        .size =  16 * KiB,
127                .associativity = 8,  .line_size = 64, },
128     [0x66] = { .level = 1, .type = DATA_CACHE,        .size =   8 * KiB,
129                .associativity = 4,  .line_size = 64, },
130     [0x67] = { .level = 1, .type = DATA_CACHE,        .size =  16 * KiB,
131                .associativity = 4,  .line_size = 64, },
132     [0x68] = { .level = 1, .type = DATA_CACHE,        .size =  32 * KiB,
133                .associativity = 4,  .line_size = 64, },
134     [0x78] = { .level = 2, .type = UNIFIED_CACHE,     .size =   1 * MiB,
135                .associativity = 4,  .line_size = 64, },
136     /* lines per sector is not supported cpuid2_cache_descriptor(),
137     * so descriptors 0x79, 0x7A, 0x7B, 0x7C are not included.
138     */
139     [0x7D] = { .level = 2, .type = UNIFIED_CACHE,     .size =   2 * MiB,
140                .associativity = 8,  .line_size = 64, },
141     [0x7F] = { .level = 2, .type = UNIFIED_CACHE,     .size = 512 * KiB,
142                .associativity = 2,  .line_size = 64, },
143     [0x80] = { .level = 2, .type = UNIFIED_CACHE,     .size = 512 * KiB,
144                .associativity = 8,  .line_size = 64, },
145     [0x82] = { .level = 2, .type = UNIFIED_CACHE,     .size = 256 * KiB,
146                .associativity = 8,  .line_size = 32, },
147     [0x83] = { .level = 2, .type = UNIFIED_CACHE,     .size = 512 * KiB,
148                .associativity = 8,  .line_size = 32, },
149     [0x84] = { .level = 2, .type = UNIFIED_CACHE,     .size =   1 * MiB,
150                .associativity = 8,  .line_size = 32, },
151     [0x85] = { .level = 2, .type = UNIFIED_CACHE,     .size =   2 * MiB,
152                .associativity = 8,  .line_size = 32, },
153     [0x86] = { .level = 2, .type = UNIFIED_CACHE,     .size = 512 * KiB,
154                .associativity = 4,  .line_size = 64, },
155     [0x87] = { .level = 2, .type = UNIFIED_CACHE,     .size =   1 * MiB,
156                .associativity = 8,  .line_size = 64, },
157     [0xD0] = { .level = 3, .type = UNIFIED_CACHE,     .size = 512 * KiB,
158                .associativity = 4,  .line_size = 64, },
159     [0xD1] = { .level = 3, .type = UNIFIED_CACHE,     .size =   1 * MiB,
160                .associativity = 4,  .line_size = 64, },
161     [0xD2] = { .level = 3, .type = UNIFIED_CACHE,     .size =   2 * MiB,
162                .associativity = 4,  .line_size = 64, },
163     [0xD6] = { .level = 3, .type = UNIFIED_CACHE,     .size =   1 * MiB,
164                .associativity = 8,  .line_size = 64, },
165     [0xD7] = { .level = 3, .type = UNIFIED_CACHE,     .size =   2 * MiB,
166                .associativity = 8,  .line_size = 64, },
167     [0xD8] = { .level = 3, .type = UNIFIED_CACHE,     .size =   4 * MiB,
168                .associativity = 8,  .line_size = 64, },
169     [0xDC] = { .level = 3, .type = UNIFIED_CACHE,     .size = 1.5 * MiB,
170                .associativity = 12, .line_size = 64, },
171     [0xDD] = { .level = 3, .type = UNIFIED_CACHE,     .size =   3 * MiB,
172                .associativity = 12, .line_size = 64, },
173     [0xDE] = { .level = 3, .type = UNIFIED_CACHE,     .size =   6 * MiB,
174                .associativity = 12, .line_size = 64, },
175     [0xE2] = { .level = 3, .type = UNIFIED_CACHE,     .size =   2 * MiB,
176                .associativity = 16, .line_size = 64, },
177     [0xE3] = { .level = 3, .type = UNIFIED_CACHE,     .size =   4 * MiB,
178                .associativity = 16, .line_size = 64, },
179     [0xE4] = { .level = 3, .type = UNIFIED_CACHE,     .size =   8 * MiB,
180                .associativity = 16, .line_size = 64, },
181     [0xEA] = { .level = 3, .type = UNIFIED_CACHE,     .size =  12 * MiB,
182                .associativity = 24, .line_size = 64, },
183     [0xEB] = { .level = 3, .type = UNIFIED_CACHE,     .size =  18 * MiB,
184                .associativity = 24, .line_size = 64, },
185     [0xEC] = { .level = 3, .type = UNIFIED_CACHE,     .size =  24 * MiB,
186                .associativity = 24, .line_size = 64, },
187 };
188 
189 /*
190  * "CPUID leaf 2 does not report cache descriptor information,
191  * use CPUID leaf 4 to query cache parameters"
192  */
193 #define CACHE_DESCRIPTOR_UNAVAILABLE 0xFF
194 
195 /*
196  * Return a CPUID 2 cache descriptor for a given cache.
197  * If no known descriptor is found, return CACHE_DESCRIPTOR_UNAVAILABLE
198  */
199 static uint8_t cpuid2_cache_descriptor(CPUCacheInfo *cache)
200 {
201     int i;
202 
203     assert(cache->size > 0);
204     assert(cache->level > 0);
205     assert(cache->line_size > 0);
206     assert(cache->associativity > 0);
207     for (i = 0; i < ARRAY_SIZE(cpuid2_cache_descriptors); i++) {
208         struct CPUID2CacheDescriptorInfo *d = &cpuid2_cache_descriptors[i];
209         if (d->level == cache->level && d->type == cache->type &&
210             d->size == cache->size && d->line_size == cache->line_size &&
211             d->associativity == cache->associativity) {
212                 return i;
213             }
214     }
215 
216     return CACHE_DESCRIPTOR_UNAVAILABLE;
217 }
218 
219 /* CPUID Leaf 4 constants: */
220 
221 /* EAX: */
222 #define CACHE_TYPE_D    1
223 #define CACHE_TYPE_I    2
224 #define CACHE_TYPE_UNIFIED   3
225 
226 #define CACHE_LEVEL(l)        (l << 5)
227 
228 #define CACHE_SELF_INIT_LEVEL (1 << 8)
229 
230 /* EDX: */
231 #define CACHE_NO_INVD_SHARING   (1 << 0)
232 #define CACHE_INCLUSIVE       (1 << 1)
233 #define CACHE_COMPLEX_IDX     (1 << 2)
234 
235 /* Encode CacheType for CPUID[4].EAX */
236 #define CACHE_TYPE(t) (((t) == DATA_CACHE) ? CACHE_TYPE_D : \
237                        ((t) == INSTRUCTION_CACHE) ? CACHE_TYPE_I : \
238                        ((t) == UNIFIED_CACHE) ? CACHE_TYPE_UNIFIED : \
239                        0 /* Invalid value */)
240 
241 static uint32_t max_thread_ids_for_cache(X86CPUTopoInfo *topo_info,
242                                          enum CpuTopologyLevel share_level)
243 {
244     uint32_t num_ids = 0;
245 
246     switch (share_level) {
247     case CPU_TOPOLOGY_LEVEL_CORE:
248         num_ids = 1 << apicid_core_offset(topo_info);
249         break;
250     case CPU_TOPOLOGY_LEVEL_DIE:
251         num_ids = 1 << apicid_die_offset(topo_info);
252         break;
253     case CPU_TOPOLOGY_LEVEL_SOCKET:
254         num_ids = 1 << apicid_pkg_offset(topo_info);
255         break;
256     default:
257         /*
258          * Currently there is no use case for THREAD and MODULE, so use
259          * assert directly to facilitate debugging.
260          */
261         g_assert_not_reached();
262     }
263 
264     return num_ids - 1;
265 }
266 
267 static uint32_t max_core_ids_in_package(X86CPUTopoInfo *topo_info)
268 {
269     uint32_t num_cores = 1 << (apicid_pkg_offset(topo_info) -
270                                apicid_core_offset(topo_info));
271     return num_cores - 1;
272 }
273 
274 /* Encode cache info for CPUID[4] */
275 static void encode_cache_cpuid4(CPUCacheInfo *cache,
276                                 X86CPUTopoInfo *topo_info,
277                                 uint32_t *eax, uint32_t *ebx,
278                                 uint32_t *ecx, uint32_t *edx)
279 {
280     assert(cache->size == cache->line_size * cache->associativity *
281                           cache->partitions * cache->sets);
282 
283     *eax = CACHE_TYPE(cache->type) |
284            CACHE_LEVEL(cache->level) |
285            (cache->self_init ? CACHE_SELF_INIT_LEVEL : 0) |
286            (max_core_ids_in_package(topo_info) << 26) |
287            (max_thread_ids_for_cache(topo_info, cache->share_level) << 14);
288 
289     assert(cache->line_size > 0);
290     assert(cache->partitions > 0);
291     assert(cache->associativity > 0);
292     /* We don't implement fully-associative caches */
293     assert(cache->associativity < cache->sets);
294     *ebx = (cache->line_size - 1) |
295            ((cache->partitions - 1) << 12) |
296            ((cache->associativity - 1) << 22);
297 
298     assert(cache->sets > 0);
299     *ecx = cache->sets - 1;
300 
301     *edx = (cache->no_invd_sharing ? CACHE_NO_INVD_SHARING : 0) |
302            (cache->inclusive ? CACHE_INCLUSIVE : 0) |
303            (cache->complex_indexing ? CACHE_COMPLEX_IDX : 0);
304 }
305 
306 static uint32_t num_threads_by_topo_level(X86CPUTopoInfo *topo_info,
307                                           enum CpuTopologyLevel topo_level)
308 {
309     switch (topo_level) {
310     case CPU_TOPOLOGY_LEVEL_THREAD:
311         return 1;
312     case CPU_TOPOLOGY_LEVEL_CORE:
313         return topo_info->threads_per_core;
314     case CPU_TOPOLOGY_LEVEL_MODULE:
315         return topo_info->threads_per_core * topo_info->cores_per_module;
316     case CPU_TOPOLOGY_LEVEL_DIE:
317         return topo_info->threads_per_core * topo_info->cores_per_module *
318                topo_info->modules_per_die;
319     case CPU_TOPOLOGY_LEVEL_SOCKET:
320         return topo_info->threads_per_core * topo_info->cores_per_module *
321                topo_info->modules_per_die * topo_info->dies_per_pkg;
322     default:
323         g_assert_not_reached();
324     }
325     return 0;
326 }
327 
328 static uint32_t apicid_offset_by_topo_level(X86CPUTopoInfo *topo_info,
329                                             enum CpuTopologyLevel topo_level)
330 {
331     switch (topo_level) {
332     case CPU_TOPOLOGY_LEVEL_THREAD:
333         return 0;
334     case CPU_TOPOLOGY_LEVEL_CORE:
335         return apicid_core_offset(topo_info);
336     case CPU_TOPOLOGY_LEVEL_MODULE:
337         return apicid_module_offset(topo_info);
338     case CPU_TOPOLOGY_LEVEL_DIE:
339         return apicid_die_offset(topo_info);
340     case CPU_TOPOLOGY_LEVEL_SOCKET:
341         return apicid_pkg_offset(topo_info);
342     default:
343         g_assert_not_reached();
344     }
345     return 0;
346 }
347 
348 static uint32_t cpuid1f_topo_type(enum CpuTopologyLevel topo_level)
349 {
350     switch (topo_level) {
351     case CPU_TOPOLOGY_LEVEL_INVALID:
352         return CPUID_1F_ECX_TOPO_LEVEL_INVALID;
353     case CPU_TOPOLOGY_LEVEL_THREAD:
354         return CPUID_1F_ECX_TOPO_LEVEL_SMT;
355     case CPU_TOPOLOGY_LEVEL_CORE:
356         return CPUID_1F_ECX_TOPO_LEVEL_CORE;
357     case CPU_TOPOLOGY_LEVEL_MODULE:
358         return CPUID_1F_ECX_TOPO_LEVEL_MODULE;
359     case CPU_TOPOLOGY_LEVEL_DIE:
360         return CPUID_1F_ECX_TOPO_LEVEL_DIE;
361     default:
362         /* Other types are not supported in QEMU. */
363         g_assert_not_reached();
364     }
365     return 0;
366 }
367 
368 static void encode_topo_cpuid1f(CPUX86State *env, uint32_t count,
369                                 X86CPUTopoInfo *topo_info,
370                                 uint32_t *eax, uint32_t *ebx,
371                                 uint32_t *ecx, uint32_t *edx)
372 {
373     X86CPU *cpu = env_archcpu(env);
374     unsigned long level, base_level, next_level;
375     uint32_t num_threads_next_level, offset_next_level;
376 
377     assert(count <= CPU_TOPOLOGY_LEVEL_SOCKET);
378 
379     /*
380      * Find the No.(count + 1) topology level in avail_cpu_topo bitmap.
381      * The search starts from bit 0 (CPU_TOPOLOGY_LEVEL_THREAD).
382      */
383     level = CPU_TOPOLOGY_LEVEL_THREAD;
384     base_level = level;
385     for (int i = 0; i <= count; i++) {
386         level = find_next_bit(env->avail_cpu_topo,
387                               CPU_TOPOLOGY_LEVEL_SOCKET,
388                               base_level);
389 
390         /*
391          * CPUID[0x1f] doesn't explicitly encode the package level,
392          * and it just encodes the invalid level (all fields are 0)
393          * into the last subleaf of 0x1f.
394          */
395         if (level == CPU_TOPOLOGY_LEVEL_SOCKET) {
396             level = CPU_TOPOLOGY_LEVEL_INVALID;
397             break;
398         }
399         /* Search the next level. */
400         base_level = level + 1;
401     }
402 
403     if (level == CPU_TOPOLOGY_LEVEL_INVALID) {
404         num_threads_next_level = 0;
405         offset_next_level = 0;
406     } else {
407         next_level = find_next_bit(env->avail_cpu_topo,
408                                    CPU_TOPOLOGY_LEVEL_SOCKET,
409                                    level + 1);
410         num_threads_next_level = num_threads_by_topo_level(topo_info,
411                                                            next_level);
412         offset_next_level = apicid_offset_by_topo_level(topo_info,
413                                                         next_level);
414     }
415 
416     *eax = offset_next_level;
417     /* The count (bits 15-00) doesn't need to be reliable. */
418     *ebx = num_threads_next_level & 0xffff;
419     *ecx = (count & 0xff) | (cpuid1f_topo_type(level) << 8);
420     *edx = cpu->apic_id;
421 
422     assert(!(*eax & ~0x1f));
423 }
424 
425 /* Encode cache info for CPUID[0x80000005].ECX or CPUID[0x80000005].EDX */
426 static uint32_t encode_cache_cpuid80000005(CPUCacheInfo *cache)
427 {
428     assert(cache->size % 1024 == 0);
429     assert(cache->lines_per_tag > 0);
430     assert(cache->associativity > 0);
431     assert(cache->line_size > 0);
432     return ((cache->size / 1024) << 24) | (cache->associativity << 16) |
433            (cache->lines_per_tag << 8) | (cache->line_size);
434 }
435 
436 #define ASSOC_FULL 0xFF
437 
438 /* AMD associativity encoding used on CPUID Leaf 0x80000006: */
439 #define AMD_ENC_ASSOC(a) (a <=   1 ? a   : \
440                           a ==   2 ? 0x2 : \
441                           a ==   4 ? 0x4 : \
442                           a ==   8 ? 0x6 : \
443                           a ==  16 ? 0x8 : \
444                           a ==  32 ? 0xA : \
445                           a ==  48 ? 0xB : \
446                           a ==  64 ? 0xC : \
447                           a ==  96 ? 0xD : \
448                           a == 128 ? 0xE : \
449                           a == ASSOC_FULL ? 0xF : \
450                           0 /* invalid value */)
451 
452 /*
453  * Encode cache info for CPUID[0x80000006].ECX and CPUID[0x80000006].EDX
454  * @l3 can be NULL.
455  */
456 static void encode_cache_cpuid80000006(CPUCacheInfo *l2,
457                                        CPUCacheInfo *l3,
458                                        uint32_t *ecx, uint32_t *edx)
459 {
460     assert(l2->size % 1024 == 0);
461     assert(l2->associativity > 0);
462     assert(l2->lines_per_tag > 0);
463     assert(l2->line_size > 0);
464     *ecx = ((l2->size / 1024) << 16) |
465            (AMD_ENC_ASSOC(l2->associativity) << 12) |
466            (l2->lines_per_tag << 8) | (l2->line_size);
467 
468     if (l3) {
469         assert(l3->size % (512 * 1024) == 0);
470         assert(l3->associativity > 0);
471         assert(l3->lines_per_tag > 0);
472         assert(l3->line_size > 0);
473         *edx = ((l3->size / (512 * 1024)) << 18) |
474                (AMD_ENC_ASSOC(l3->associativity) << 12) |
475                (l3->lines_per_tag << 8) | (l3->line_size);
476     } else {
477         *edx = 0;
478     }
479 }
480 
481 /* Encode cache info for CPUID[8000001D] */
482 static void encode_cache_cpuid8000001d(CPUCacheInfo *cache,
483                                        X86CPUTopoInfo *topo_info,
484                                        uint32_t *eax, uint32_t *ebx,
485                                        uint32_t *ecx, uint32_t *edx)
486 {
487     assert(cache->size == cache->line_size * cache->associativity *
488                           cache->partitions * cache->sets);
489 
490     *eax = CACHE_TYPE(cache->type) | CACHE_LEVEL(cache->level) |
491                (cache->self_init ? CACHE_SELF_INIT_LEVEL : 0);
492     *eax |= max_thread_ids_for_cache(topo_info, cache->share_level) << 14;
493 
494     assert(cache->line_size > 0);
495     assert(cache->partitions > 0);
496     assert(cache->associativity > 0);
497     /* We don't implement fully-associative caches */
498     assert(cache->associativity < cache->sets);
499     *ebx = (cache->line_size - 1) |
500            ((cache->partitions - 1) << 12) |
501            ((cache->associativity - 1) << 22);
502 
503     assert(cache->sets > 0);
504     *ecx = cache->sets - 1;
505 
506     *edx = (cache->no_invd_sharing ? CACHE_NO_INVD_SHARING : 0) |
507            (cache->inclusive ? CACHE_INCLUSIVE : 0) |
508            (cache->complex_indexing ? CACHE_COMPLEX_IDX : 0);
509 }
510 
511 /* Encode cache info for CPUID[8000001E] */
512 static void encode_topo_cpuid8000001e(X86CPU *cpu, X86CPUTopoInfo *topo_info,
513                                       uint32_t *eax, uint32_t *ebx,
514                                       uint32_t *ecx, uint32_t *edx)
515 {
516     X86CPUTopoIDs topo_ids;
517 
518     x86_topo_ids_from_apicid(cpu->apic_id, topo_info, &topo_ids);
519 
520     *eax = cpu->apic_id;
521 
522     /*
523      * CPUID_Fn8000001E_EBX [Core Identifiers] (CoreId)
524      * Read-only. Reset: 0000_XXXXh.
525      * See Core::X86::Cpuid::ExtApicId.
526      * Core::X86::Cpuid::CoreId_lthree[1:0]_core[3:0]_thread[1:0];
527      * Bits Description
528      * 31:16 Reserved.
529      * 15:8 ThreadsPerCore: threads per core. Read-only. Reset: XXh.
530      *      The number of threads per core is ThreadsPerCore+1.
531      *  7:0 CoreId: core ID. Read-only. Reset: XXh.
532      *
533      *  NOTE: CoreId is already part of apic_id. Just use it. We can
534      *  use all the 8 bits to represent the core_id here.
535      */
536     *ebx = ((topo_info->threads_per_core - 1) << 8) | (topo_ids.core_id & 0xFF);
537 
538     /*
539      * CPUID_Fn8000001E_ECX [Node Identifiers] (NodeId)
540      * Read-only. Reset: 0000_0XXXh.
541      * Core::X86::Cpuid::NodeId_lthree[1:0]_core[3:0]_thread[1:0];
542      * Bits Description
543      * 31:11 Reserved.
544      * 10:8 NodesPerProcessor: Node per processor. Read-only. Reset: XXXb.
545      *      ValidValues:
546      *      Value   Description
547      *      0h      1 node per processor.
548      *      7h-1h   Reserved.
549      *  7:0 NodeId: Node ID. Read-only. Reset: XXh.
550      *
551      * NOTE: Hardware reserves 3 bits for number of nodes per processor.
552      * But users can create more nodes than the actual hardware can
553      * support. To genaralize we can use all the upper 8 bits for nodes.
554      * NodeId is combination of node and socket_id which is already decoded
555      * in apic_id. Just use it by shifting.
556      */
557     if (cpu->legacy_multi_node) {
558         *ecx = ((topo_info->dies_per_pkg - 1) << 8) |
559                ((cpu->apic_id >> apicid_die_offset(topo_info)) & 0xFF);
560     } else {
561         *ecx = (cpu->apic_id >> apicid_pkg_offset(topo_info)) & 0xFF;
562     }
563 
564     *edx = 0;
565 }
566 
567 /*
568  * Definitions of the hardcoded cache entries we expose:
569  * These are legacy cache values. If there is a need to change any
570  * of these values please use builtin_x86_defs
571  */
572 
573 /* L1 data cache: */
574 static CPUCacheInfo legacy_l1d_cache = {
575     .type = DATA_CACHE,
576     .level = 1,
577     .size = 32 * KiB,
578     .self_init = 1,
579     .line_size = 64,
580     .associativity = 8,
581     .sets = 64,
582     .partitions = 1,
583     .no_invd_sharing = true,
584     .share_level = CPU_TOPOLOGY_LEVEL_CORE,
585 };
586 
587 /*FIXME: CPUID leaf 0x80000005 is inconsistent with leaves 2 & 4 */
588 static CPUCacheInfo legacy_l1d_cache_amd = {
589     .type = DATA_CACHE,
590     .level = 1,
591     .size = 64 * KiB,
592     .self_init = 1,
593     .line_size = 64,
594     .associativity = 2,
595     .sets = 512,
596     .partitions = 1,
597     .lines_per_tag = 1,
598     .no_invd_sharing = true,
599     .share_level = CPU_TOPOLOGY_LEVEL_CORE,
600 };
601 
602 /* L1 instruction cache: */
603 static CPUCacheInfo legacy_l1i_cache = {
604     .type = INSTRUCTION_CACHE,
605     .level = 1,
606     .size = 32 * KiB,
607     .self_init = 1,
608     .line_size = 64,
609     .associativity = 8,
610     .sets = 64,
611     .partitions = 1,
612     .no_invd_sharing = true,
613     .share_level = CPU_TOPOLOGY_LEVEL_CORE,
614 };
615 
616 /*FIXME: CPUID leaf 0x80000005 is inconsistent with leaves 2 & 4 */
617 static CPUCacheInfo legacy_l1i_cache_amd = {
618     .type = INSTRUCTION_CACHE,
619     .level = 1,
620     .size = 64 * KiB,
621     .self_init = 1,
622     .line_size = 64,
623     .associativity = 2,
624     .sets = 512,
625     .partitions = 1,
626     .lines_per_tag = 1,
627     .no_invd_sharing = true,
628     .share_level = CPU_TOPOLOGY_LEVEL_CORE,
629 };
630 
631 /* Level 2 unified cache: */
632 static CPUCacheInfo legacy_l2_cache = {
633     .type = UNIFIED_CACHE,
634     .level = 2,
635     .size = 4 * MiB,
636     .self_init = 1,
637     .line_size = 64,
638     .associativity = 16,
639     .sets = 4096,
640     .partitions = 1,
641     .no_invd_sharing = true,
642     .share_level = CPU_TOPOLOGY_LEVEL_CORE,
643 };
644 
645 /*FIXME: CPUID leaf 2 descriptor is inconsistent with CPUID leaf 4 */
646 static CPUCacheInfo legacy_l2_cache_cpuid2 = {
647     .type = UNIFIED_CACHE,
648     .level = 2,
649     .size = 2 * MiB,
650     .line_size = 64,
651     .associativity = 8,
652     .share_level = CPU_TOPOLOGY_LEVEL_INVALID,
653 };
654 
655 
656 /*FIXME: CPUID leaf 0x80000006 is inconsistent with leaves 2 & 4 */
657 static CPUCacheInfo legacy_l2_cache_amd = {
658     .type = UNIFIED_CACHE,
659     .level = 2,
660     .size = 512 * KiB,
661     .line_size = 64,
662     .lines_per_tag = 1,
663     .associativity = 16,
664     .sets = 512,
665     .partitions = 1,
666     .share_level = CPU_TOPOLOGY_LEVEL_CORE,
667 };
668 
669 /* Level 3 unified cache: */
670 static CPUCacheInfo legacy_l3_cache = {
671     .type = UNIFIED_CACHE,
672     .level = 3,
673     .size = 16 * MiB,
674     .line_size = 64,
675     .associativity = 16,
676     .sets = 16384,
677     .partitions = 1,
678     .lines_per_tag = 1,
679     .self_init = true,
680     .inclusive = true,
681     .complex_indexing = true,
682     .share_level = CPU_TOPOLOGY_LEVEL_DIE,
683 };
684 
685 /* TLB definitions: */
686 
687 #define L1_DTLB_2M_ASSOC       1
688 #define L1_DTLB_2M_ENTRIES   255
689 #define L1_DTLB_4K_ASSOC       1
690 #define L1_DTLB_4K_ENTRIES   255
691 
692 #define L1_ITLB_2M_ASSOC       1
693 #define L1_ITLB_2M_ENTRIES   255
694 #define L1_ITLB_4K_ASSOC       1
695 #define L1_ITLB_4K_ENTRIES   255
696 
697 #define L2_DTLB_2M_ASSOC       0 /* disabled */
698 #define L2_DTLB_2M_ENTRIES     0 /* disabled */
699 #define L2_DTLB_4K_ASSOC       4
700 #define L2_DTLB_4K_ENTRIES   512
701 
702 #define L2_ITLB_2M_ASSOC       0 /* disabled */
703 #define L2_ITLB_2M_ENTRIES     0 /* disabled */
704 #define L2_ITLB_4K_ASSOC       4
705 #define L2_ITLB_4K_ENTRIES   512
706 
707 /* CPUID Leaf 0x14 constants: */
708 #define INTEL_PT_MAX_SUBLEAF     0x1
709 /*
710  * bit[00]: IA32_RTIT_CTL.CR3 filter can be set to 1 and IA32_RTIT_CR3_MATCH
711  *          MSR can be accessed;
712  * bit[01]: Support Configurable PSB and Cycle-Accurate Mode;
713  * bit[02]: Support IP Filtering, TraceStop filtering, and preservation
714  *          of Intel PT MSRs across warm reset;
715  * bit[03]: Support MTC timing packet and suppression of COFI-based packets;
716  */
717 #define INTEL_PT_MINIMAL_EBX     0xf
718 /*
719  * bit[00]: Tracing can be enabled with IA32_RTIT_CTL.ToPA = 1 and
720  *          IA32_RTIT_OUTPUT_BASE and IA32_RTIT_OUTPUT_MASK_PTRS MSRs can be
721  *          accessed;
722  * bit[01]: ToPA tables can hold any number of output entries, up to the
723  *          maximum allowed by the MaskOrTableOffset field of
724  *          IA32_RTIT_OUTPUT_MASK_PTRS;
725  * bit[02]: Support Single-Range Output scheme;
726  */
727 #define INTEL_PT_MINIMAL_ECX     0x7
728 /* generated packets which contain IP payloads have LIP values */
729 #define INTEL_PT_IP_LIP          (1 << 31)
730 #define INTEL_PT_ADDR_RANGES_NUM 0x2 /* Number of configurable address ranges */
731 #define INTEL_PT_ADDR_RANGES_NUM_MASK 0x3
732 #define INTEL_PT_MTC_BITMAP      (0x0249 << 16) /* Support ART(0,3,6,9) */
733 #define INTEL_PT_CYCLE_BITMAP    0x1fff         /* Support 0,2^(0~11) */
734 #define INTEL_PT_PSB_BITMAP      (0x003f << 16) /* Support 2K,4K,8K,16K,32K,64K */
735 
736 /* CPUID Leaf 0x1D constants: */
737 #define INTEL_AMX_TILE_MAX_SUBLEAF     0x1
738 #define INTEL_AMX_TOTAL_TILE_BYTES     0x2000
739 #define INTEL_AMX_BYTES_PER_TILE       0x400
740 #define INTEL_AMX_BYTES_PER_ROW        0x40
741 #define INTEL_AMX_TILE_MAX_NAMES       0x8
742 #define INTEL_AMX_TILE_MAX_ROWS        0x10
743 
744 /* CPUID Leaf 0x1E constants: */
745 #define INTEL_AMX_TMUL_MAX_K           0x10
746 #define INTEL_AMX_TMUL_MAX_N           0x40
747 
748 void x86_cpu_vendor_words2str(char *dst, uint32_t vendor1,
749                               uint32_t vendor2, uint32_t vendor3)
750 {
751     int i;
752     for (i = 0; i < 4; i++) {
753         dst[i] = vendor1 >> (8 * i);
754         dst[i + 4] = vendor2 >> (8 * i);
755         dst[i + 8] = vendor3 >> (8 * i);
756     }
757     dst[CPUID_VENDOR_SZ] = '\0';
758 }
759 
760 #define I486_FEATURES (CPUID_FP87 | CPUID_VME | CPUID_PSE)
761 #define PENTIUM_FEATURES (I486_FEATURES | CPUID_DE | CPUID_TSC | \
762           CPUID_MSR | CPUID_MCE | CPUID_CX8 | CPUID_MMX | CPUID_APIC)
763 #define PENTIUM2_FEATURES (PENTIUM_FEATURES | CPUID_PAE | CPUID_SEP | \
764           CPUID_MTRR | CPUID_PGE | CPUID_MCA | CPUID_CMOV | CPUID_PAT | \
765           CPUID_PSE36 | CPUID_FXSR)
766 #define PENTIUM3_FEATURES (PENTIUM2_FEATURES | CPUID_SSE)
767 #define PPRO_FEATURES (CPUID_FP87 | CPUID_DE | CPUID_PSE | CPUID_TSC | \
768           CPUID_MSR | CPUID_MCE | CPUID_CX8 | CPUID_PGE | CPUID_CMOV | \
769           CPUID_PAT | CPUID_FXSR | CPUID_MMX | CPUID_SSE | CPUID_SSE2 | \
770           CPUID_PAE | CPUID_SEP | CPUID_APIC)
771 
772 #define TCG_FEATURES (CPUID_FP87 | CPUID_PSE | CPUID_TSC | CPUID_MSR | \
773           CPUID_PAE | CPUID_MCE | CPUID_CX8 | CPUID_APIC | CPUID_SEP | \
774           CPUID_MTRR | CPUID_PGE | CPUID_MCA | CPUID_CMOV | CPUID_PAT | \
775           CPUID_PSE36 | CPUID_CLFLUSH | CPUID_ACPI | CPUID_MMX | \
776           CPUID_FXSR | CPUID_SSE | CPUID_SSE2 | CPUID_SS | CPUID_DE)
777           /* partly implemented:
778           CPUID_MTRR, CPUID_MCA, CPUID_CLFLUSH (needed for Win64) */
779           /* missing:
780           CPUID_VME, CPUID_DTS, CPUID_SS, CPUID_HT, CPUID_TM, CPUID_PBE */
781 
782 /*
783  * Kernel-only features that can be shown to usermode programs even if
784  * they aren't actually supported by TCG, because qemu-user only runs
785  * in CPL=3; remove them if they are ever implemented for system emulation.
786  */
787 #if defined CONFIG_USER_ONLY
788 #define CPUID_EXT_KERNEL_FEATURES \
789           (CPUID_EXT_PCID | CPUID_EXT_TSC_DEADLINE_TIMER)
790 #else
791 #define CPUID_EXT_KERNEL_FEATURES 0
792 #endif
793 #define TCG_EXT_FEATURES (CPUID_EXT_SSE3 | CPUID_EXT_PCLMULQDQ | \
794           CPUID_EXT_MONITOR | CPUID_EXT_SSSE3 | CPUID_EXT_CX16 | \
795           CPUID_EXT_SSE41 | CPUID_EXT_SSE42 | CPUID_EXT_POPCNT | \
796           CPUID_EXT_XSAVE | /* CPUID_EXT_OSXSAVE is dynamic */   \
797           CPUID_EXT_MOVBE | CPUID_EXT_AES | CPUID_EXT_HYPERVISOR | \
798           CPUID_EXT_RDRAND | CPUID_EXT_AVX | CPUID_EXT_F16C | \
799           CPUID_EXT_FMA | CPUID_EXT_X2APIC | CPUID_EXT_KERNEL_FEATURES)
800           /* missing:
801           CPUID_EXT_DTES64, CPUID_EXT_DSCPL, CPUID_EXT_VMX, CPUID_EXT_SMX,
802           CPUID_EXT_EST, CPUID_EXT_TM2, CPUID_EXT_CID,
803           CPUID_EXT_XTPR, CPUID_EXT_PDCM, CPUID_EXT_PCID, CPUID_EXT_DCA,
804           CPUID_EXT_TSC_DEADLINE_TIMER
805           */
806 
807 #ifdef TARGET_X86_64
808 #define TCG_EXT2_X86_64_FEATURES CPUID_EXT2_LM
809 #else
810 #define TCG_EXT2_X86_64_FEATURES 0
811 #endif
812 
813 /*
814  * CPUID_*_KERNEL_FEATURES denotes bits and features that are not usable
815  * in usermode or by 32-bit programs.  Those are added to supported
816  * TCG features unconditionally in user-mode emulation mode.  This may
817  * indeed seem strange or incorrect, but it works because code running
818  * under usermode emulation cannot access them.
819  *
820  * Even for long mode, qemu-i386 is not running "a userspace program on a
821  * 32-bit CPU"; it's running "a userspace program with a 32-bit code segment"
822  * and therefore using the 32-bit ABI; the CPU itself might be 64-bit
823  * but again the difference is only visible in kernel mode.
824  */
825 #if defined CONFIG_LINUX_USER
826 #define CPUID_EXT2_KERNEL_FEATURES (CPUID_EXT2_LM | CPUID_EXT2_FFXSR)
827 #elif defined CONFIG_USER_ONLY
828 /* FIXME: Long mode not yet supported for i386 bsd-user */
829 #define CPUID_EXT2_KERNEL_FEATURES CPUID_EXT2_FFXSR
830 #else
831 #define CPUID_EXT2_KERNEL_FEATURES 0
832 #endif
833 
834 #define TCG_EXT2_FEATURES ((TCG_FEATURES & CPUID_EXT2_AMD_ALIASES) | \
835           CPUID_EXT2_NX | CPUID_EXT2_MMXEXT | CPUID_EXT2_RDTSCP | \
836           CPUID_EXT2_3DNOW | CPUID_EXT2_3DNOWEXT | CPUID_EXT2_PDPE1GB | \
837           CPUID_EXT2_SYSCALL | TCG_EXT2_X86_64_FEATURES | \
838           CPUID_EXT2_KERNEL_FEATURES)
839 
840 #if defined CONFIG_USER_ONLY
841 #define CPUID_EXT3_KERNEL_FEATURES CPUID_EXT3_OSVW
842 #else
843 #define CPUID_EXT3_KERNEL_FEATURES 0
844 #endif
845 
846 #define TCG_EXT3_FEATURES (CPUID_EXT3_LAHF_LM | CPUID_EXT3_SVM | \
847           CPUID_EXT3_CR8LEG | CPUID_EXT3_ABM | CPUID_EXT3_SSE4A | \
848           CPUID_EXT3_3DNOWPREFETCH | CPUID_EXT3_KERNEL_FEATURES)
849 
850 #define TCG_EXT4_FEATURES 0
851 
852 #if defined CONFIG_USER_ONLY
853 #define CPUID_SVM_KERNEL_FEATURES (CPUID_SVM_NRIPSAVE | CPUID_SVM_VNMI)
854 #else
855 #define CPUID_SVM_KERNEL_FEATURES 0
856 #endif
857 #define TCG_SVM_FEATURES (CPUID_SVM_NPT | CPUID_SVM_VGIF | \
858           CPUID_SVM_SVME_ADDR_CHK | CPUID_SVM_KERNEL_FEATURES)
859 
860 #define TCG_KVM_FEATURES 0
861 
862 #if defined CONFIG_USER_ONLY
863 #define CPUID_7_0_EBX_KERNEL_FEATURES CPUID_7_0_EBX_INVPCID
864 #else
865 #define CPUID_7_0_EBX_KERNEL_FEATURES 0
866 #endif
867 #define TCG_7_0_EBX_FEATURES (CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_SMAP | \
868           CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ADX | \
869           CPUID_7_0_EBX_CLFLUSHOPT |            \
870           CPUID_7_0_EBX_CLWB | CPUID_7_0_EBX_MPX | CPUID_7_0_EBX_FSGSBASE | \
871           CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_RDSEED | \
872           CPUID_7_0_EBX_SHA_NI | CPUID_7_0_EBX_KERNEL_FEATURES)
873           /* missing:
874           CPUID_7_0_EBX_HLE
875           CPUID_7_0_EBX_INVPCID, CPUID_7_0_EBX_RTM */
876 
877 #if !defined CONFIG_USER_ONLY || defined CONFIG_LINUX
878 #define TCG_7_0_ECX_RDPID CPUID_7_0_ECX_RDPID
879 #else
880 #define TCG_7_0_ECX_RDPID 0
881 #endif
882 #define TCG_7_0_ECX_FEATURES (CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_PKU | \
883           /* CPUID_7_0_ECX_OSPKE is dynamic */ \
884           CPUID_7_0_ECX_LA57 | CPUID_7_0_ECX_PKS | CPUID_7_0_ECX_VAES | \
885           TCG_7_0_ECX_RDPID)
886 
887 #if defined CONFIG_USER_ONLY
888 #define CPUID_7_0_EDX_KERNEL_FEATURES (CPUID_7_0_EDX_SPEC_CTRL | \
889           CPUID_7_0_EDX_ARCH_CAPABILITIES | CPUID_7_0_EDX_SPEC_CTRL_SSBD)
890 #else
891 #define CPUID_7_0_EDX_KERNEL_FEATURES 0
892 #endif
893 #define TCG_7_0_EDX_FEATURES (CPUID_7_0_EDX_FSRM | CPUID_7_0_EDX_KERNEL_FEATURES)
894 
895 #define TCG_7_1_EAX_FEATURES (CPUID_7_1_EAX_FZRM | CPUID_7_1_EAX_FSRS | \
896           CPUID_7_1_EAX_FSRC | CPUID_7_1_EAX_CMPCCXADD)
897 #define TCG_7_1_EDX_FEATURES 0
898 #define TCG_7_2_EDX_FEATURES 0
899 #define TCG_APM_FEATURES 0
900 #define TCG_6_EAX_FEATURES CPUID_6_EAX_ARAT
901 #define TCG_XSAVE_FEATURES (CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XGETBV1)
902           /* missing:
903           CPUID_XSAVE_XSAVEC, CPUID_XSAVE_XSAVES */
904 #define TCG_14_0_ECX_FEATURES 0
905 #define TCG_SGX_12_0_EAX_FEATURES 0
906 #define TCG_SGX_12_0_EBX_FEATURES 0
907 #define TCG_SGX_12_1_EAX_FEATURES 0
908 #define TCG_24_0_EBX_FEATURES 0
909 
910 #if defined CONFIG_USER_ONLY
911 #define CPUID_8000_0008_EBX_KERNEL_FEATURES (CPUID_8000_0008_EBX_IBPB | \
912           CPUID_8000_0008_EBX_IBRS | CPUID_8000_0008_EBX_STIBP | \
913           CPUID_8000_0008_EBX_STIBP_ALWAYS_ON | CPUID_8000_0008_EBX_AMD_SSBD | \
914           CPUID_8000_0008_EBX_AMD_PSFD)
915 #else
916 #define CPUID_8000_0008_EBX_KERNEL_FEATURES 0
917 #endif
918 
919 #define TCG_8000_0008_EBX  (CPUID_8000_0008_EBX_XSAVEERPTR | \
920           CPUID_8000_0008_EBX_WBNOINVD | CPUID_8000_0008_EBX_KERNEL_FEATURES)
921 
922 FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
923     [FEAT_1_EDX] = {
924         .type = CPUID_FEATURE_WORD,
925         .feat_names = {
926             "fpu", "vme", "de", "pse",
927             "tsc", "msr", "pae", "mce",
928             "cx8", "apic", NULL, "sep",
929             "mtrr", "pge", "mca", "cmov",
930             "pat", "pse36", "pn" /* Intel psn */, "clflush" /* Intel clfsh */,
931             NULL, "ds" /* Intel dts */, "acpi", "mmx",
932             "fxsr", "sse", "sse2", "ss",
933             "ht" /* Intel htt */, "tm", "ia64", "pbe",
934         },
935         .cpuid = {.eax = 1, .reg = R_EDX, },
936         .tcg_features = TCG_FEATURES,
937         .no_autoenable_flags = CPUID_HT,
938     },
939     [FEAT_1_ECX] = {
940         .type = CPUID_FEATURE_WORD,
941         .feat_names = {
942             "pni" /* Intel,AMD sse3 */, "pclmulqdq", "dtes64", "monitor",
943             "ds-cpl", "vmx", "smx", "est",
944             "tm2", "ssse3", "cid", NULL,
945             "fma", "cx16", "xtpr", "pdcm",
946             NULL, "pcid", "dca", "sse4.1",
947             "sse4.2", "x2apic", "movbe", "popcnt",
948             "tsc-deadline", "aes", "xsave", NULL /* osxsave */,
949             "avx", "f16c", "rdrand", "hypervisor",
950         },
951         .cpuid = { .eax = 1, .reg = R_ECX, },
952         .tcg_features = TCG_EXT_FEATURES,
953     },
954     /* Feature names that are already defined on feature_name[] but
955      * are set on CPUID[8000_0001].EDX on AMD CPUs don't have their
956      * names on feat_names below. They are copied automatically
957      * to features[FEAT_8000_0001_EDX] if and only if CPU vendor is AMD.
958      */
959     [FEAT_8000_0001_EDX] = {
960         .type = CPUID_FEATURE_WORD,
961         .feat_names = {
962             NULL /* fpu */, NULL /* vme */, NULL /* de */, NULL /* pse */,
963             NULL /* tsc */, NULL /* msr */, NULL /* pae */, NULL /* mce */,
964             NULL /* cx8 */, NULL /* apic */, NULL, "syscall",
965             NULL /* mtrr */, NULL /* pge */, NULL /* mca */, NULL /* cmov */,
966             NULL /* pat */, NULL /* pse36 */, NULL, NULL /* Linux mp */,
967             "nx", NULL, "mmxext", NULL /* mmx */,
968             NULL /* fxsr */, "fxsr-opt", "pdpe1gb", "rdtscp",
969             NULL, "lm", "3dnowext", "3dnow",
970         },
971         .cpuid = { .eax = 0x80000001, .reg = R_EDX, },
972         .tcg_features = TCG_EXT2_FEATURES,
973     },
974     [FEAT_8000_0001_ECX] = {
975         .type = CPUID_FEATURE_WORD,
976         .feat_names = {
977             "lahf-lm", "cmp-legacy", "svm", "extapic",
978             "cr8legacy", "abm", "sse4a", "misalignsse",
979             "3dnowprefetch", "osvw", "ibs", "xop",
980             "skinit", "wdt", NULL, "lwp",
981             "fma4", "tce", NULL, "nodeid-msr",
982             NULL, "tbm", "topoext", "perfctr-core",
983             "perfctr-nb", NULL, NULL, NULL,
984             NULL, NULL, NULL, NULL,
985         },
986         .cpuid = { .eax = 0x80000001, .reg = R_ECX, },
987         .tcg_features = TCG_EXT3_FEATURES,
988         /*
989          * TOPOEXT is always allowed but can't be enabled blindly by
990          * "-cpu host", as it requires consistent cache topology info
991          * to be provided so it doesn't confuse guests.
992          */
993         .no_autoenable_flags = CPUID_EXT3_TOPOEXT,
994     },
995     [FEAT_C000_0001_EDX] = {
996         .type = CPUID_FEATURE_WORD,
997         .feat_names = {
998             NULL, NULL, "xstore", "xstore-en",
999             NULL, NULL, "xcrypt", "xcrypt-en",
1000             "ace2", "ace2-en", "phe", "phe-en",
1001             "pmm", "pmm-en", NULL, NULL,
1002             NULL, NULL, NULL, NULL,
1003             NULL, NULL, NULL, NULL,
1004             NULL, NULL, NULL, NULL,
1005             NULL, NULL, NULL, NULL,
1006         },
1007         .cpuid = { .eax = 0xC0000001, .reg = R_EDX, },
1008         .tcg_features = TCG_EXT4_FEATURES,
1009     },
1010     [FEAT_KVM] = {
1011         .type = CPUID_FEATURE_WORD,
1012         .feat_names = {
1013             "kvmclock", "kvm-nopiodelay", "kvm-mmu", "kvmclock",
1014             "kvm-asyncpf", "kvm-steal-time", "kvm-pv-eoi", "kvm-pv-unhalt",
1015             NULL, "kvm-pv-tlb-flush", "kvm-asyncpf-vmexit", "kvm-pv-ipi",
1016             "kvm-poll-control", "kvm-pv-sched-yield", "kvm-asyncpf-int", "kvm-msi-ext-dest-id",
1017             NULL, NULL, NULL, NULL,
1018             NULL, NULL, NULL, NULL,
1019             "kvmclock-stable-bit", NULL, NULL, NULL,
1020             NULL, NULL, NULL, NULL,
1021         },
1022         .cpuid = { .eax = KVM_CPUID_FEATURES, .reg = R_EAX, },
1023         .tcg_features = TCG_KVM_FEATURES,
1024     },
1025     [FEAT_KVM_HINTS] = {
1026         .type = CPUID_FEATURE_WORD,
1027         .feat_names = {
1028             "kvm-hint-dedicated", NULL, NULL, NULL,
1029             NULL, NULL, NULL, NULL,
1030             NULL, NULL, NULL, NULL,
1031             NULL, NULL, NULL, NULL,
1032             NULL, NULL, NULL, NULL,
1033             NULL, NULL, NULL, NULL,
1034             NULL, NULL, NULL, NULL,
1035             NULL, NULL, NULL, NULL,
1036         },
1037         .cpuid = { .eax = KVM_CPUID_FEATURES, .reg = R_EDX, },
1038         .tcg_features = TCG_KVM_FEATURES,
1039         /*
1040          * KVM hints aren't auto-enabled by -cpu host, they need to be
1041          * explicitly enabled in the command-line.
1042          */
1043         .no_autoenable_flags = ~0U,
1044     },
1045     [FEAT_SVM] = {
1046         .type = CPUID_FEATURE_WORD,
1047         .feat_names = {
1048             "npt", "lbrv", "svm-lock", "nrip-save",
1049             "tsc-scale", "vmcb-clean",  "flushbyasid", "decodeassists",
1050             NULL, NULL, "pause-filter", NULL,
1051             "pfthreshold", "avic", NULL, "v-vmsave-vmload",
1052             "vgif", NULL, NULL, NULL,
1053             NULL, NULL, NULL, NULL,
1054             NULL, "vnmi", NULL, NULL,
1055             "svme-addr-chk", NULL, NULL, NULL,
1056         },
1057         .cpuid = { .eax = 0x8000000A, .reg = R_EDX, },
1058         .tcg_features = TCG_SVM_FEATURES,
1059     },
1060     [FEAT_7_0_EBX] = {
1061         .type = CPUID_FEATURE_WORD,
1062         .feat_names = {
1063             "fsgsbase", "tsc-adjust", "sgx", "bmi1",
1064             "hle", "avx2", "fdp-excptn-only", "smep",
1065             "bmi2", "erms", "invpcid", "rtm",
1066             NULL, "zero-fcs-fds", "mpx", NULL,
1067             "avx512f", "avx512dq", "rdseed", "adx",
1068             "smap", "avx512ifma", "pcommit", "clflushopt",
1069             "clwb", "intel-pt", "avx512pf", "avx512er",
1070             "avx512cd", "sha-ni", "avx512bw", "avx512vl",
1071         },
1072         .cpuid = {
1073             .eax = 7,
1074             .needs_ecx = true, .ecx = 0,
1075             .reg = R_EBX,
1076         },
1077         .tcg_features = TCG_7_0_EBX_FEATURES,
1078     },
1079     [FEAT_7_0_ECX] = {
1080         .type = CPUID_FEATURE_WORD,
1081         .feat_names = {
1082             NULL, "avx512vbmi", "umip", "pku",
1083             NULL /* ospke */, "waitpkg", "avx512vbmi2", NULL,
1084             "gfni", "vaes", "vpclmulqdq", "avx512vnni",
1085             "avx512bitalg", NULL, "avx512-vpopcntdq", NULL,
1086             "la57", NULL, NULL, NULL,
1087             NULL, NULL, "rdpid", NULL,
1088             "bus-lock-detect", "cldemote", NULL, "movdiri",
1089             "movdir64b", NULL, "sgxlc", "pks",
1090         },
1091         .cpuid = {
1092             .eax = 7,
1093             .needs_ecx = true, .ecx = 0,
1094             .reg = R_ECX,
1095         },
1096         .tcg_features = TCG_7_0_ECX_FEATURES,
1097     },
1098     [FEAT_7_0_EDX] = {
1099         .type = CPUID_FEATURE_WORD,
1100         .feat_names = {
1101             NULL, NULL, "avx512-4vnniw", "avx512-4fmaps",
1102             "fsrm", NULL, NULL, NULL,
1103             "avx512-vp2intersect", NULL, "md-clear", NULL,
1104             NULL, NULL, "serialize", NULL,
1105             "tsx-ldtrk", NULL, NULL /* pconfig */, "arch-lbr",
1106             NULL, NULL, "amx-bf16", "avx512-fp16",
1107             "amx-tile", "amx-int8", "spec-ctrl", "stibp",
1108             "flush-l1d", "arch-capabilities", "core-capability", "ssbd",
1109         },
1110         .cpuid = {
1111             .eax = 7,
1112             .needs_ecx = true, .ecx = 0,
1113             .reg = R_EDX,
1114         },
1115         .tcg_features = TCG_7_0_EDX_FEATURES,
1116     },
1117     [FEAT_7_1_EAX] = {
1118         .type = CPUID_FEATURE_WORD,
1119         .feat_names = {
1120             "sha512", "sm3", "sm4", NULL,
1121             "avx-vnni", "avx512-bf16", NULL, "cmpccxadd",
1122             NULL, NULL, "fzrm", "fsrs",
1123             "fsrc", NULL, NULL, NULL,
1124             NULL, "fred", "lkgs", "wrmsrns",
1125             NULL, "amx-fp16", NULL, "avx-ifma",
1126             NULL, NULL, "lam", NULL,
1127             NULL, NULL, NULL, NULL,
1128         },
1129         .cpuid = {
1130             .eax = 7,
1131             .needs_ecx = true, .ecx = 1,
1132             .reg = R_EAX,
1133         },
1134         .tcg_features = TCG_7_1_EAX_FEATURES,
1135     },
1136     [FEAT_7_1_EDX] = {
1137         .type = CPUID_FEATURE_WORD,
1138         .feat_names = {
1139             NULL, NULL, NULL, NULL,
1140             "avx-vnni-int8", "avx-ne-convert", NULL, NULL,
1141             "amx-complex", NULL, "avx-vnni-int16", NULL,
1142             NULL, NULL, "prefetchiti", NULL,
1143             NULL, NULL, NULL, "avx10",
1144             NULL, NULL, NULL, NULL,
1145             NULL, NULL, NULL, NULL,
1146             NULL, NULL, NULL, NULL,
1147         },
1148         .cpuid = {
1149             .eax = 7,
1150             .needs_ecx = true, .ecx = 1,
1151             .reg = R_EDX,
1152         },
1153         .tcg_features = TCG_7_1_EDX_FEATURES,
1154     },
1155     [FEAT_7_2_EDX] = {
1156         .type = CPUID_FEATURE_WORD,
1157         .feat_names = {
1158             "intel-psfd", "ipred-ctrl", "rrsba-ctrl", "ddpd-u",
1159             "bhi-ctrl", "mcdt-no", NULL, NULL,
1160             NULL, NULL, NULL, NULL,
1161             NULL, NULL, NULL, NULL,
1162             NULL, NULL, NULL, NULL,
1163             NULL, NULL, NULL, NULL,
1164             NULL, NULL, NULL, NULL,
1165             NULL, NULL, NULL, NULL,
1166         },
1167         .cpuid = {
1168             .eax = 7,
1169             .needs_ecx = true, .ecx = 2,
1170             .reg = R_EDX,
1171         },
1172         .tcg_features = TCG_7_2_EDX_FEATURES,
1173     },
1174     [FEAT_24_0_EBX] = {
1175         .type = CPUID_FEATURE_WORD,
1176         .feat_names = {
1177             [16] = "avx10-128",
1178             [17] = "avx10-256",
1179             [18] = "avx10-512",
1180         },
1181         .cpuid = {
1182             .eax = 0x24,
1183             .needs_ecx = true, .ecx = 0,
1184             .reg = R_EBX,
1185         },
1186         .tcg_features = TCG_24_0_EBX_FEATURES,
1187     },
1188     [FEAT_8000_0007_EDX] = {
1189         .type = CPUID_FEATURE_WORD,
1190         .feat_names = {
1191             NULL, NULL, NULL, NULL,
1192             NULL, NULL, NULL, NULL,
1193             "invtsc", NULL, NULL, NULL,
1194             NULL, NULL, NULL, NULL,
1195             NULL, NULL, NULL, NULL,
1196             NULL, NULL, NULL, NULL,
1197             NULL, NULL, NULL, NULL,
1198             NULL, NULL, NULL, NULL,
1199         },
1200         .cpuid = { .eax = 0x80000007, .reg = R_EDX, },
1201         .tcg_features = TCG_APM_FEATURES,
1202         .unmigratable_flags = CPUID_APM_INVTSC,
1203     },
1204     [FEAT_8000_0007_EBX] = {
1205         .type = CPUID_FEATURE_WORD,
1206         .feat_names = {
1207             "overflow-recov", "succor", NULL, NULL,
1208             NULL, NULL, NULL, NULL,
1209             NULL, NULL, NULL, NULL,
1210             NULL, NULL, NULL, NULL,
1211             NULL, NULL, NULL, NULL,
1212             NULL, NULL, NULL, NULL,
1213             NULL, NULL, NULL, NULL,
1214             NULL, NULL, NULL, NULL,
1215         },
1216         .cpuid = { .eax = 0x80000007, .reg = R_EBX, },
1217         .tcg_features = 0,
1218         .unmigratable_flags = 0,
1219     },
1220     [FEAT_8000_0008_EBX] = {
1221         .type = CPUID_FEATURE_WORD,
1222         .feat_names = {
1223             "clzero", NULL, "xsaveerptr", NULL,
1224             NULL, NULL, NULL, NULL,
1225             NULL, "wbnoinvd", NULL, NULL,
1226             "ibpb", NULL, "ibrs", "amd-stibp",
1227             NULL, "stibp-always-on", NULL, NULL,
1228             NULL, NULL, NULL, NULL,
1229             "amd-ssbd", "virt-ssbd", "amd-no-ssb", NULL,
1230             "amd-psfd", NULL, NULL, NULL,
1231         },
1232         .cpuid = { .eax = 0x80000008, .reg = R_EBX, },
1233         .tcg_features = TCG_8000_0008_EBX,
1234         .unmigratable_flags = 0,
1235     },
1236     [FEAT_8000_0021_EAX] = {
1237         .type = CPUID_FEATURE_WORD,
1238         .feat_names = {
1239             "no-nested-data-bp", NULL, "lfence-always-serializing", NULL,
1240             NULL, NULL, "null-sel-clr-base", NULL,
1241             "auto-ibrs", NULL, NULL, NULL,
1242             NULL, NULL, NULL, NULL,
1243             NULL, NULL, NULL, NULL,
1244             NULL, NULL, NULL, NULL,
1245             "eraps", NULL, NULL, "sbpb",
1246             "ibpb-brtype", "srso-no", "srso-user-kernel-no", NULL,
1247         },
1248         .cpuid = { .eax = 0x80000021, .reg = R_EAX, },
1249         .tcg_features = 0,
1250         .unmigratable_flags = 0,
1251     },
1252     [FEAT_8000_0021_EBX] = {
1253         .type = CPUID_FEATURE_WORD,
1254         .cpuid = { .eax = 0x80000021, .reg = R_EBX, },
1255         .tcg_features = 0,
1256         .unmigratable_flags = 0,
1257     },
1258     [FEAT_8000_0022_EAX] = {
1259         .type = CPUID_FEATURE_WORD,
1260         .feat_names = {
1261             "perfmon-v2", NULL, NULL, NULL,
1262             NULL, NULL, NULL, NULL,
1263             NULL, NULL, NULL, NULL,
1264             NULL, NULL, NULL, NULL,
1265             NULL, NULL, NULL, NULL,
1266             NULL, NULL, NULL, NULL,
1267             NULL, NULL, NULL, NULL,
1268             NULL, NULL, NULL, NULL,
1269         },
1270         .cpuid = { .eax = 0x80000022, .reg = R_EAX, },
1271         .tcg_features = 0,
1272         .unmigratable_flags = 0,
1273     },
1274     [FEAT_XSAVE] = {
1275         .type = CPUID_FEATURE_WORD,
1276         .feat_names = {
1277             "xsaveopt", "xsavec", "xgetbv1", "xsaves",
1278             "xfd", NULL, NULL, NULL,
1279             NULL, NULL, NULL, NULL,
1280             NULL, NULL, NULL, NULL,
1281             NULL, NULL, NULL, NULL,
1282             NULL, NULL, NULL, NULL,
1283             NULL, NULL, NULL, NULL,
1284             NULL, NULL, NULL, NULL,
1285         },
1286         .cpuid = {
1287             .eax = 0xd,
1288             .needs_ecx = true, .ecx = 1,
1289             .reg = R_EAX,
1290         },
1291         .tcg_features = TCG_XSAVE_FEATURES,
1292     },
1293     [FEAT_XSAVE_XSS_LO] = {
1294         .type = CPUID_FEATURE_WORD,
1295         .feat_names = {
1296             NULL, NULL, NULL, NULL,
1297             NULL, NULL, NULL, NULL,
1298             NULL, NULL, NULL, NULL,
1299             NULL, NULL, NULL, NULL,
1300             NULL, NULL, NULL, NULL,
1301             NULL, NULL, NULL, NULL,
1302             NULL, NULL, NULL, NULL,
1303             NULL, NULL, NULL, NULL,
1304         },
1305         .cpuid = {
1306             .eax = 0xD,
1307             .needs_ecx = true,
1308             .ecx = 1,
1309             .reg = R_ECX,
1310         },
1311     },
1312     [FEAT_XSAVE_XSS_HI] = {
1313         .type = CPUID_FEATURE_WORD,
1314         .cpuid = {
1315             .eax = 0xD,
1316             .needs_ecx = true,
1317             .ecx = 1,
1318             .reg = R_EDX
1319         },
1320     },
1321     [FEAT_6_EAX] = {
1322         .type = CPUID_FEATURE_WORD,
1323         .feat_names = {
1324             NULL, NULL, "arat", NULL,
1325             NULL, NULL, NULL, NULL,
1326             NULL, NULL, NULL, NULL,
1327             NULL, NULL, NULL, NULL,
1328             NULL, NULL, NULL, NULL,
1329             NULL, NULL, NULL, NULL,
1330             NULL, NULL, NULL, NULL,
1331             NULL, NULL, NULL, NULL,
1332         },
1333         .cpuid = { .eax = 6, .reg = R_EAX, },
1334         .tcg_features = TCG_6_EAX_FEATURES,
1335     },
1336     [FEAT_XSAVE_XCR0_LO] = {
1337         .type = CPUID_FEATURE_WORD,
1338         .cpuid = {
1339             .eax = 0xD,
1340             .needs_ecx = true, .ecx = 0,
1341             .reg = R_EAX,
1342         },
1343         .tcg_features = XSTATE_FP_MASK | XSTATE_SSE_MASK |
1344             XSTATE_YMM_MASK | XSTATE_BNDREGS_MASK | XSTATE_BNDCSR_MASK |
1345             XSTATE_PKRU_MASK,
1346         .migratable_flags = XSTATE_FP_MASK | XSTATE_SSE_MASK |
1347             XSTATE_YMM_MASK | XSTATE_BNDREGS_MASK | XSTATE_BNDCSR_MASK |
1348             XSTATE_OPMASK_MASK | XSTATE_ZMM_Hi256_MASK | XSTATE_Hi16_ZMM_MASK |
1349             XSTATE_PKRU_MASK,
1350     },
1351     [FEAT_XSAVE_XCR0_HI] = {
1352         .type = CPUID_FEATURE_WORD,
1353         .cpuid = {
1354             .eax = 0xD,
1355             .needs_ecx = true, .ecx = 0,
1356             .reg = R_EDX,
1357         },
1358         .tcg_features = 0U,
1359     },
1360     /*Below are MSR exposed features*/
1361     [FEAT_ARCH_CAPABILITIES] = {
1362         .type = MSR_FEATURE_WORD,
1363         .feat_names = {
1364             "rdctl-no", "ibrs-all", "rsba", "skip-l1dfl-vmentry",
1365             "ssb-no", "mds-no", "pschange-mc-no", "tsx-ctrl",
1366             "taa-no", NULL, NULL, NULL,
1367             NULL, "sbdr-ssdp-no", "fbsdp-no", "psdp-no",
1368             NULL, "fb-clear", NULL, NULL,
1369             NULL, NULL, NULL, NULL,
1370             "pbrsb-no", NULL, "gds-no", "rfds-no",
1371             "rfds-clear", NULL, NULL, NULL,
1372         },
1373         .msr = {
1374             .index = MSR_IA32_ARCH_CAPABILITIES,
1375         },
1376         /*
1377          * FEAT_ARCH_CAPABILITIES only affects a read-only MSR, which
1378          * cannot be read from user mode.  Therefore, it has no impact
1379          > on any user-mode operation, and warnings about unsupported
1380          * features do not matter.
1381          */
1382         .tcg_features = ~0U,
1383     },
1384     [FEAT_CORE_CAPABILITY] = {
1385         .type = MSR_FEATURE_WORD,
1386         .feat_names = {
1387             NULL, NULL, NULL, NULL,
1388             NULL, "split-lock-detect", NULL, NULL,
1389             NULL, NULL, NULL, NULL,
1390             NULL, NULL, NULL, NULL,
1391             NULL, NULL, NULL, NULL,
1392             NULL, NULL, NULL, NULL,
1393             NULL, NULL, NULL, NULL,
1394             NULL, NULL, NULL, NULL,
1395         },
1396         .msr = {
1397             .index = MSR_IA32_CORE_CAPABILITY,
1398         },
1399     },
1400     [FEAT_PERF_CAPABILITIES] = {
1401         .type = MSR_FEATURE_WORD,
1402         .feat_names = {
1403             NULL, NULL, NULL, NULL,
1404             NULL, NULL, NULL, NULL,
1405             NULL, NULL, NULL, NULL,
1406             NULL, "full-width-write", NULL, NULL,
1407             NULL, NULL, NULL, NULL,
1408             NULL, NULL, NULL, NULL,
1409             NULL, NULL, NULL, NULL,
1410             NULL, NULL, NULL, NULL,
1411         },
1412         .msr = {
1413             .index = MSR_IA32_PERF_CAPABILITIES,
1414         },
1415     },
1416 
1417     [FEAT_VMX_PROCBASED_CTLS] = {
1418         .type = MSR_FEATURE_WORD,
1419         .feat_names = {
1420             NULL, NULL, "vmx-vintr-pending", "vmx-tsc-offset",
1421             NULL, NULL, NULL, "vmx-hlt-exit",
1422             NULL, "vmx-invlpg-exit", "vmx-mwait-exit", "vmx-rdpmc-exit",
1423             "vmx-rdtsc-exit", NULL, NULL, "vmx-cr3-load-noexit",
1424             "vmx-cr3-store-noexit", NULL, NULL, "vmx-cr8-load-exit",
1425             "vmx-cr8-store-exit", "vmx-flexpriority", "vmx-vnmi-pending", "vmx-movdr-exit",
1426             "vmx-io-exit", "vmx-io-bitmap", NULL, "vmx-mtf",
1427             "vmx-msr-bitmap", "vmx-monitor-exit", "vmx-pause-exit", "vmx-secondary-ctls",
1428         },
1429         .msr = {
1430             .index = MSR_IA32_VMX_TRUE_PROCBASED_CTLS,
1431         }
1432     },
1433 
1434     [FEAT_VMX_SECONDARY_CTLS] = {
1435         .type = MSR_FEATURE_WORD,
1436         .feat_names = {
1437             "vmx-apicv-xapic", "vmx-ept", "vmx-desc-exit", "vmx-rdtscp-exit",
1438             "vmx-apicv-x2apic", "vmx-vpid", "vmx-wbinvd-exit", "vmx-unrestricted-guest",
1439             "vmx-apicv-register", "vmx-apicv-vid", "vmx-ple", "vmx-rdrand-exit",
1440             "vmx-invpcid-exit", "vmx-vmfunc", "vmx-shadow-vmcs", "vmx-encls-exit",
1441             "vmx-rdseed-exit", "vmx-pml", NULL, NULL,
1442             "vmx-xsaves", NULL, NULL, NULL,
1443             NULL, "vmx-tsc-scaling", "vmx-enable-user-wait-pause", NULL,
1444             NULL, NULL, NULL, NULL,
1445         },
1446         .msr = {
1447             .index = MSR_IA32_VMX_PROCBASED_CTLS2,
1448         }
1449     },
1450 
1451     [FEAT_VMX_PINBASED_CTLS] = {
1452         .type = MSR_FEATURE_WORD,
1453         .feat_names = {
1454             "vmx-intr-exit", NULL, NULL, "vmx-nmi-exit",
1455             NULL, "vmx-vnmi", "vmx-preemption-timer", "vmx-posted-intr",
1456             NULL, NULL, NULL, NULL,
1457             NULL, NULL, NULL, NULL,
1458             NULL, NULL, NULL, NULL,
1459             NULL, NULL, NULL, NULL,
1460             NULL, NULL, NULL, NULL,
1461             NULL, NULL, NULL, NULL,
1462         },
1463         .msr = {
1464             .index = MSR_IA32_VMX_TRUE_PINBASED_CTLS,
1465         }
1466     },
1467 
1468     [FEAT_VMX_EXIT_CTLS] = {
1469         .type = MSR_FEATURE_WORD,
1470         /*
1471          * VMX_VM_EXIT_HOST_ADDR_SPACE_SIZE is copied from
1472          * the LM CPUID bit.
1473          */
1474         .feat_names = {
1475             NULL, NULL, "vmx-exit-nosave-debugctl", NULL,
1476             NULL, NULL, NULL, NULL,
1477             NULL, NULL /* vmx-exit-host-addr-space-size */, NULL, NULL,
1478             "vmx-exit-load-perf-global-ctrl", NULL, NULL, "vmx-exit-ack-intr",
1479             NULL, NULL, "vmx-exit-save-pat", "vmx-exit-load-pat",
1480             "vmx-exit-save-efer", "vmx-exit-load-efer",
1481                 "vmx-exit-save-preemption-timer", "vmx-exit-clear-bndcfgs",
1482             NULL, "vmx-exit-clear-rtit-ctl", NULL, NULL,
1483             NULL, "vmx-exit-load-pkrs", NULL, "vmx-exit-secondary-ctls",
1484         },
1485         .msr = {
1486             .index = MSR_IA32_VMX_TRUE_EXIT_CTLS,
1487         }
1488     },
1489 
1490     [FEAT_VMX_ENTRY_CTLS] = {
1491         .type = MSR_FEATURE_WORD,
1492         .feat_names = {
1493             NULL, NULL, "vmx-entry-noload-debugctl", NULL,
1494             NULL, NULL, NULL, NULL,
1495             NULL, "vmx-entry-ia32e-mode", NULL, NULL,
1496             NULL, "vmx-entry-load-perf-global-ctrl", "vmx-entry-load-pat", "vmx-entry-load-efer",
1497             "vmx-entry-load-bndcfgs", NULL, "vmx-entry-load-rtit-ctl", NULL,
1498             NULL, NULL, "vmx-entry-load-pkrs", "vmx-entry-load-fred",
1499             NULL, NULL, NULL, NULL,
1500             NULL, NULL, NULL, NULL,
1501         },
1502         .msr = {
1503             .index = MSR_IA32_VMX_TRUE_ENTRY_CTLS,
1504         }
1505     },
1506 
1507     [FEAT_VMX_MISC] = {
1508         .type = MSR_FEATURE_WORD,
1509         .feat_names = {
1510             NULL, NULL, NULL, NULL,
1511             NULL, "vmx-store-lma", "vmx-activity-hlt", "vmx-activity-shutdown",
1512             "vmx-activity-wait-sipi", NULL, NULL, NULL,
1513             NULL, NULL, NULL, NULL,
1514             NULL, NULL, NULL, NULL,
1515             NULL, NULL, NULL, NULL,
1516             NULL, NULL, NULL, NULL,
1517             NULL, "vmx-vmwrite-vmexit-fields", "vmx-zero-len-inject", NULL,
1518         },
1519         .msr = {
1520             .index = MSR_IA32_VMX_MISC,
1521         }
1522     },
1523 
1524     [FEAT_VMX_EPT_VPID_CAPS] = {
1525         .type = MSR_FEATURE_WORD,
1526         .feat_names = {
1527             "vmx-ept-execonly", NULL, NULL, NULL,
1528             NULL, NULL, "vmx-page-walk-4", "vmx-page-walk-5",
1529             NULL, NULL, NULL, NULL,
1530             NULL, NULL, NULL, NULL,
1531             "vmx-ept-2mb", "vmx-ept-1gb", NULL, NULL,
1532             "vmx-invept", "vmx-eptad", "vmx-ept-advanced-exitinfo", NULL,
1533             NULL, "vmx-invept-single-context", "vmx-invept-all-context", NULL,
1534             NULL, NULL, NULL, NULL,
1535             "vmx-invvpid", NULL, NULL, NULL,
1536             NULL, NULL, NULL, NULL,
1537             "vmx-invvpid-single-addr", "vmx-invept-single-context",
1538                 "vmx-invvpid-all-context", "vmx-invept-single-context-noglobals",
1539             NULL, NULL, NULL, NULL,
1540             NULL, NULL, NULL, NULL,
1541             NULL, NULL, NULL, NULL,
1542             NULL, NULL, NULL, NULL,
1543             NULL, NULL, NULL, NULL,
1544         },
1545         .msr = {
1546             .index = MSR_IA32_VMX_EPT_VPID_CAP,
1547         }
1548     },
1549 
1550     [FEAT_VMX_BASIC] = {
1551         .type = MSR_FEATURE_WORD,
1552         .feat_names = {
1553             [54] = "vmx-ins-outs",
1554             [55] = "vmx-true-ctls",
1555             [56] = "vmx-any-errcode",
1556             [58] = "vmx-nested-exception",
1557         },
1558         .msr = {
1559             .index = MSR_IA32_VMX_BASIC,
1560         },
1561         /* Just to be safe - we don't support setting the MSEG version field.  */
1562         .no_autoenable_flags = MSR_VMX_BASIC_DUAL_MONITOR,
1563     },
1564 
1565     [FEAT_VMX_VMFUNC] = {
1566         .type = MSR_FEATURE_WORD,
1567         .feat_names = {
1568             [0] = "vmx-eptp-switching",
1569         },
1570         .msr = {
1571             .index = MSR_IA32_VMX_VMFUNC,
1572         }
1573     },
1574 
1575     [FEAT_14_0_ECX] = {
1576         .type = CPUID_FEATURE_WORD,
1577         .feat_names = {
1578             NULL, NULL, NULL, NULL,
1579             NULL, NULL, NULL, NULL,
1580             NULL, NULL, NULL, NULL,
1581             NULL, NULL, NULL, NULL,
1582             NULL, NULL, NULL, NULL,
1583             NULL, NULL, NULL, NULL,
1584             NULL, NULL, NULL, NULL,
1585             NULL, NULL, NULL, "intel-pt-lip",
1586         },
1587         .cpuid = {
1588             .eax = 0x14,
1589             .needs_ecx = true, .ecx = 0,
1590             .reg = R_ECX,
1591         },
1592         .tcg_features = TCG_14_0_ECX_FEATURES,
1593      },
1594 
1595     [FEAT_SGX_12_0_EAX] = {
1596         .type = CPUID_FEATURE_WORD,
1597         .feat_names = {
1598             "sgx1", "sgx2", NULL, NULL,
1599             NULL, NULL, NULL, NULL,
1600             NULL, NULL, NULL, "sgx-edeccssa",
1601             NULL, NULL, NULL, NULL,
1602             NULL, NULL, NULL, NULL,
1603             NULL, NULL, NULL, NULL,
1604             NULL, NULL, NULL, NULL,
1605             NULL, NULL, NULL, NULL,
1606         },
1607         .cpuid = {
1608             .eax = 0x12,
1609             .needs_ecx = true, .ecx = 0,
1610             .reg = R_EAX,
1611         },
1612         .tcg_features = TCG_SGX_12_0_EAX_FEATURES,
1613     },
1614 
1615     [FEAT_SGX_12_0_EBX] = {
1616         .type = CPUID_FEATURE_WORD,
1617         .feat_names = {
1618             "sgx-exinfo" , NULL, NULL, NULL,
1619             NULL, NULL, NULL, NULL,
1620             NULL, NULL, NULL, NULL,
1621             NULL, NULL, NULL, NULL,
1622             NULL, NULL, NULL, NULL,
1623             NULL, NULL, NULL, NULL,
1624             NULL, NULL, NULL, NULL,
1625             NULL, NULL, NULL, NULL,
1626         },
1627         .cpuid = {
1628             .eax = 0x12,
1629             .needs_ecx = true, .ecx = 0,
1630             .reg = R_EBX,
1631         },
1632         .tcg_features = TCG_SGX_12_0_EBX_FEATURES,
1633     },
1634 
1635     [FEAT_SGX_12_1_EAX] = {
1636         .type = CPUID_FEATURE_WORD,
1637         .feat_names = {
1638             NULL, "sgx-debug", "sgx-mode64", NULL,
1639             "sgx-provisionkey", "sgx-tokenkey", NULL, "sgx-kss",
1640             NULL, NULL, "sgx-aex-notify", NULL,
1641             NULL, NULL, NULL, NULL,
1642             NULL, NULL, NULL, NULL,
1643             NULL, NULL, NULL, NULL,
1644             NULL, NULL, NULL, NULL,
1645             NULL, NULL, NULL, NULL,
1646         },
1647         .cpuid = {
1648             .eax = 0x12,
1649             .needs_ecx = true, .ecx = 1,
1650             .reg = R_EAX,
1651         },
1652         .tcg_features = TCG_SGX_12_1_EAX_FEATURES,
1653     },
1654 };
1655 
1656 typedef struct FeatureMask {
1657     FeatureWord index;
1658     uint64_t mask;
1659 } FeatureMask;
1660 
1661 typedef struct FeatureDep {
1662     FeatureMask from, to;
1663 } FeatureDep;
1664 
1665 static FeatureDep feature_dependencies[] = {
1666     {
1667         .from = { FEAT_7_0_EDX,             CPUID_7_0_EDX_ARCH_CAPABILITIES },
1668         .to = { FEAT_ARCH_CAPABILITIES,     ~0ull },
1669     },
1670     {
1671         .from = { FEAT_7_0_EDX,             CPUID_7_0_EDX_CORE_CAPABILITY },
1672         .to = { FEAT_CORE_CAPABILITY,       ~0ull },
1673     },
1674     {
1675         .from = { FEAT_1_ECX,             CPUID_EXT_PDCM },
1676         .to = { FEAT_PERF_CAPABILITIES,       ~0ull },
1677     },
1678     {
1679         .from = { FEAT_1_ECX,               CPUID_EXT_VMX },
1680         .to = { FEAT_VMX_PROCBASED_CTLS,    ~0ull },
1681     },
1682     {
1683         .from = { FEAT_1_ECX,               CPUID_EXT_VMX },
1684         .to = { FEAT_VMX_PINBASED_CTLS,     ~0ull },
1685     },
1686     {
1687         .from = { FEAT_1_ECX,               CPUID_EXT_VMX },
1688         .to = { FEAT_VMX_EXIT_CTLS,         ~0ull },
1689     },
1690     {
1691         .from = { FEAT_1_ECX,               CPUID_EXT_VMX },
1692         .to = { FEAT_VMX_ENTRY_CTLS,        ~0ull },
1693     },
1694     {
1695         .from = { FEAT_1_ECX,               CPUID_EXT_VMX },
1696         .to = { FEAT_VMX_MISC,              ~0ull },
1697     },
1698     {
1699         .from = { FEAT_1_ECX,               CPUID_EXT_VMX },
1700         .to = { FEAT_VMX_BASIC,             ~0ull },
1701     },
1702     {
1703         .from = { FEAT_8000_0001_EDX,       CPUID_EXT2_LM },
1704         .to = { FEAT_VMX_ENTRY_CTLS,        VMX_VM_ENTRY_IA32E_MODE },
1705     },
1706     {
1707         .from = { FEAT_VMX_PROCBASED_CTLS,  VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS },
1708         .to = { FEAT_VMX_SECONDARY_CTLS,    ~0ull },
1709     },
1710     {
1711         .from = { FEAT_XSAVE,               CPUID_XSAVE_XSAVES },
1712         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_XSAVES },
1713     },
1714     {
1715         .from = { FEAT_1_ECX,               CPUID_EXT_RDRAND },
1716         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_RDRAND_EXITING },
1717     },
1718     {
1719         .from = { FEAT_7_0_EBX,             CPUID_7_0_EBX_INVPCID },
1720         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_ENABLE_INVPCID },
1721     },
1722     {
1723         .from = { FEAT_7_0_EBX,             CPUID_7_0_EBX_MPX },
1724         .to = { FEAT_VMX_EXIT_CTLS,         VMX_VM_EXIT_CLEAR_BNDCFGS },
1725     },
1726     {
1727         .from = { FEAT_7_0_EBX,             CPUID_7_0_EBX_MPX },
1728         .to = { FEAT_VMX_ENTRY_CTLS,        VMX_VM_ENTRY_LOAD_BNDCFGS },
1729     },
1730     {
1731         .from = { FEAT_7_0_EBX,             CPUID_7_0_EBX_RDSEED },
1732         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_RDSEED_EXITING },
1733     },
1734     {
1735         .from = { FEAT_7_0_EBX,             CPUID_7_0_EBX_INTEL_PT },
1736         .to = { FEAT_14_0_ECX,              ~0ull },
1737     },
1738     {
1739         .from = { FEAT_8000_0001_EDX,       CPUID_EXT2_RDTSCP },
1740         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_RDTSCP },
1741     },
1742     {
1743         .from = { FEAT_VMX_SECONDARY_CTLS,  VMX_SECONDARY_EXEC_ENABLE_EPT },
1744         .to = { FEAT_VMX_EPT_VPID_CAPS,     0xffffffffull },
1745     },
1746     {
1747         .from = { FEAT_VMX_SECONDARY_CTLS,  VMX_SECONDARY_EXEC_ENABLE_EPT },
1748         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST },
1749     },
1750     {
1751         .from = { FEAT_VMX_SECONDARY_CTLS,  VMX_SECONDARY_EXEC_ENABLE_VPID },
1752         .to = { FEAT_VMX_EPT_VPID_CAPS,     0xffffffffull << 32 },
1753     },
1754     {
1755         .from = { FEAT_VMX_SECONDARY_CTLS,  VMX_SECONDARY_EXEC_ENABLE_VMFUNC },
1756         .to = { FEAT_VMX_VMFUNC,            ~0ull },
1757     },
1758     {
1759         .from = { FEAT_8000_0001_ECX,       CPUID_EXT3_SVM },
1760         .to = { FEAT_SVM,                   ~0ull },
1761     },
1762     {
1763         .from = { FEAT_7_0_ECX,             CPUID_7_0_ECX_WAITPKG },
1764         .to = { FEAT_VMX_SECONDARY_CTLS,    VMX_SECONDARY_EXEC_ENABLE_USER_WAIT_PAUSE },
1765     },
1766     {
1767         .from = { FEAT_8000_0001_EDX,       CPUID_EXT2_LM },
1768         .to = { FEAT_7_1_EAX,               CPUID_7_1_EAX_FRED },
1769     },
1770     {
1771         .from = { FEAT_7_1_EAX,             CPUID_7_1_EAX_LKGS },
1772         .to = { FEAT_7_1_EAX,               CPUID_7_1_EAX_FRED },
1773     },
1774     {
1775         .from = { FEAT_7_1_EAX,             CPUID_7_1_EAX_WRMSRNS },
1776         .to = { FEAT_7_1_EAX,               CPUID_7_1_EAX_FRED },
1777     },
1778     {
1779         .from = { FEAT_7_0_EBX,             CPUID_7_0_EBX_SGX },
1780         .to = { FEAT_7_0_ECX,               CPUID_7_0_ECX_SGX_LC },
1781     },
1782     {
1783         .from = { FEAT_7_0_EBX,             CPUID_7_0_EBX_SGX },
1784         .to = { FEAT_SGX_12_0_EAX,          ~0ull },
1785     },
1786     {
1787         .from = { FEAT_7_0_EBX,             CPUID_7_0_EBX_SGX },
1788         .to = { FEAT_SGX_12_0_EBX,          ~0ull },
1789     },
1790     {
1791         .from = { FEAT_7_0_EBX,             CPUID_7_0_EBX_SGX },
1792         .to = { FEAT_SGX_12_1_EAX,          ~0ull },
1793     },
1794     {
1795         .from = { FEAT_24_0_EBX,            CPUID_24_0_EBX_AVX10_128 },
1796         .to = { FEAT_24_0_EBX,              CPUID_24_0_EBX_AVX10_256 },
1797     },
1798     {
1799         .from = { FEAT_24_0_EBX,            CPUID_24_0_EBX_AVX10_256 },
1800         .to = { FEAT_24_0_EBX,              CPUID_24_0_EBX_AVX10_512 },
1801     },
1802     {
1803         .from = { FEAT_24_0_EBX,            CPUID_24_0_EBX_AVX10_VL_MASK },
1804         .to = { FEAT_7_1_EDX,               CPUID_7_1_EDX_AVX10 },
1805     },
1806     {
1807         .from = { FEAT_7_1_EDX,             CPUID_7_1_EDX_AVX10 },
1808         .to = { FEAT_24_0_EBX,              ~0ull },
1809     },
1810 };
1811 
1812 typedef struct X86RegisterInfo32 {
1813     /* Name of register */
1814     const char *name;
1815     /* QAPI enum value register */
1816     X86CPURegister32 qapi_enum;
1817 } X86RegisterInfo32;
1818 
1819 #define REGISTER(reg) \
1820     [R_##reg] = { .name = #reg, .qapi_enum = X86_CPU_REGISTER32_##reg }
1821 static const X86RegisterInfo32 x86_reg_info_32[CPU_NB_REGS32] = {
1822     REGISTER(EAX),
1823     REGISTER(ECX),
1824     REGISTER(EDX),
1825     REGISTER(EBX),
1826     REGISTER(ESP),
1827     REGISTER(EBP),
1828     REGISTER(ESI),
1829     REGISTER(EDI),
1830 };
1831 #undef REGISTER
1832 
1833 /* CPUID feature bits available in XSS */
1834 #define CPUID_XSTATE_XSS_MASK    (XSTATE_ARCH_LBR_MASK)
1835 
1836 ExtSaveArea x86_ext_save_areas[XSAVE_STATE_AREA_COUNT] = {
1837     [XSTATE_FP_BIT] = {
1838         /* x87 FP state component is always enabled if XSAVE is supported */
1839         .feature = FEAT_1_ECX, .bits = CPUID_EXT_XSAVE,
1840         .size = sizeof(X86LegacyXSaveArea) + sizeof(X86XSaveHeader),
1841     },
1842     [XSTATE_SSE_BIT] = {
1843         /* SSE state component is always enabled if XSAVE is supported */
1844         .feature = FEAT_1_ECX, .bits = CPUID_EXT_XSAVE,
1845         .size = sizeof(X86LegacyXSaveArea) + sizeof(X86XSaveHeader),
1846     },
1847     [XSTATE_YMM_BIT] =
1848           { .feature = FEAT_1_ECX, .bits = CPUID_EXT_AVX,
1849             .size = sizeof(XSaveAVX) },
1850     [XSTATE_BNDREGS_BIT] =
1851           { .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_MPX,
1852             .size = sizeof(XSaveBNDREG)  },
1853     [XSTATE_BNDCSR_BIT] =
1854           { .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_MPX,
1855             .size = sizeof(XSaveBNDCSR)  },
1856     [XSTATE_OPMASK_BIT] =
1857           { .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_AVX512F,
1858             .size = sizeof(XSaveOpmask) },
1859     [XSTATE_ZMM_Hi256_BIT] =
1860           { .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_AVX512F,
1861             .size = sizeof(XSaveZMM_Hi256) },
1862     [XSTATE_Hi16_ZMM_BIT] =
1863           { .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_AVX512F,
1864             .size = sizeof(XSaveHi16_ZMM) },
1865     [XSTATE_PKRU_BIT] =
1866           { .feature = FEAT_7_0_ECX, .bits = CPUID_7_0_ECX_PKU,
1867             .size = sizeof(XSavePKRU) },
1868     [XSTATE_ARCH_LBR_BIT] = {
1869             .feature = FEAT_7_0_EDX, .bits = CPUID_7_0_EDX_ARCH_LBR,
1870             .offset = 0 /*supervisor mode component, offset = 0 */,
1871             .size = sizeof(XSavesArchLBR) },
1872     [XSTATE_XTILE_CFG_BIT] = {
1873         .feature = FEAT_7_0_EDX, .bits = CPUID_7_0_EDX_AMX_TILE,
1874         .size = sizeof(XSaveXTILECFG),
1875     },
1876     [XSTATE_XTILE_DATA_BIT] = {
1877         .feature = FEAT_7_0_EDX, .bits = CPUID_7_0_EDX_AMX_TILE,
1878         .size = sizeof(XSaveXTILEDATA)
1879     },
1880 };
1881 
1882 uint32_t xsave_area_size(uint64_t mask, bool compacted)
1883 {
1884     uint64_t ret = x86_ext_save_areas[0].size;
1885     const ExtSaveArea *esa;
1886     uint32_t offset = 0;
1887     int i;
1888 
1889     for (i = 2; i < ARRAY_SIZE(x86_ext_save_areas); i++) {
1890         esa = &x86_ext_save_areas[i];
1891         if ((mask >> i) & 1) {
1892             offset = compacted ? ret : esa->offset;
1893             ret = MAX(ret, offset + esa->size);
1894         }
1895     }
1896     return ret;
1897 }
1898 
1899 static inline bool accel_uses_host_cpuid(void)
1900 {
1901     return kvm_enabled() || hvf_enabled();
1902 }
1903 
1904 static inline uint64_t x86_cpu_xsave_xcr0_components(X86CPU *cpu)
1905 {
1906     return ((uint64_t)cpu->env.features[FEAT_XSAVE_XCR0_HI]) << 32 |
1907            cpu->env.features[FEAT_XSAVE_XCR0_LO];
1908 }
1909 
1910 /* Return name of 32-bit register, from a R_* constant */
1911 static const char *get_register_name_32(unsigned int reg)
1912 {
1913     if (reg >= CPU_NB_REGS32) {
1914         return NULL;
1915     }
1916     return x86_reg_info_32[reg].name;
1917 }
1918 
1919 static inline uint64_t x86_cpu_xsave_xss_components(X86CPU *cpu)
1920 {
1921     return ((uint64_t)cpu->env.features[FEAT_XSAVE_XSS_HI]) << 32 |
1922            cpu->env.features[FEAT_XSAVE_XSS_LO];
1923 }
1924 
1925 /*
1926  * Returns the set of feature flags that are supported and migratable by
1927  * QEMU, for a given FeatureWord.
1928  */
1929 static uint64_t x86_cpu_get_migratable_flags(X86CPU *cpu, FeatureWord w)
1930 {
1931     FeatureWordInfo *wi = &feature_word_info[w];
1932     CPUX86State *env = &cpu->env;
1933     uint64_t r = 0;
1934     int i;
1935 
1936     for (i = 0; i < 64; i++) {
1937         uint64_t f = 1ULL << i;
1938 
1939         /* If the feature name is known, it is implicitly considered migratable,
1940          * unless it is explicitly set in unmigratable_flags */
1941         if ((wi->migratable_flags & f) ||
1942             (wi->feat_names[i] && !(wi->unmigratable_flags & f))) {
1943             r |= f;
1944         }
1945     }
1946 
1947     /* when tsc-khz is set explicitly, invtsc is migratable */
1948     if ((w == FEAT_8000_0007_EDX) && env->user_tsc_khz) {
1949         r |= CPUID_APM_INVTSC;
1950     }
1951 
1952     return r;
1953 }
1954 
1955 void host_cpuid(uint32_t function, uint32_t count,
1956                 uint32_t *eax, uint32_t *ebx, uint32_t *ecx, uint32_t *edx)
1957 {
1958     uint32_t vec[4];
1959 
1960 #ifdef __x86_64__
1961     asm volatile("cpuid"
1962                  : "=a"(vec[0]), "=b"(vec[1]),
1963                    "=c"(vec[2]), "=d"(vec[3])
1964                  : "0"(function), "c"(count) : "cc");
1965 #elif defined(__i386__)
1966     asm volatile("pusha \n\t"
1967                  "cpuid \n\t"
1968                  "mov %%eax, 0(%2) \n\t"
1969                  "mov %%ebx, 4(%2) \n\t"
1970                  "mov %%ecx, 8(%2) \n\t"
1971                  "mov %%edx, 12(%2) \n\t"
1972                  "popa"
1973                  : : "a"(function), "c"(count), "S"(vec)
1974                  : "memory", "cc");
1975 #else
1976     abort();
1977 #endif
1978 
1979     if (eax)
1980         *eax = vec[0];
1981     if (ebx)
1982         *ebx = vec[1];
1983     if (ecx)
1984         *ecx = vec[2];
1985     if (edx)
1986         *edx = vec[3];
1987 }
1988 
1989 /* CPU class name definitions: */
1990 
1991 /* Return type name for a given CPU model name
1992  * Caller is responsible for freeing the returned string.
1993  */
1994 static char *x86_cpu_type_name(const char *model_name)
1995 {
1996     return g_strdup_printf(X86_CPU_TYPE_NAME("%s"), model_name);
1997 }
1998 
1999 static ObjectClass *x86_cpu_class_by_name(const char *cpu_model)
2000 {
2001     g_autofree char *typename = x86_cpu_type_name(cpu_model);
2002     return object_class_by_name(typename);
2003 }
2004 
2005 static char *x86_cpu_class_get_model_name(X86CPUClass *cc)
2006 {
2007     const char *class_name = object_class_get_name(OBJECT_CLASS(cc));
2008     assert(g_str_has_suffix(class_name, X86_CPU_TYPE_SUFFIX));
2009     return cpu_model_from_type(class_name);
2010 }
2011 
2012 typedef struct X86CPUVersionDefinition {
2013     X86CPUVersion version;
2014     const char *alias;
2015     const char *note;
2016     PropValue *props;
2017     const CPUCaches *const cache_info;
2018 } X86CPUVersionDefinition;
2019 
2020 /* Base definition for a CPU model */
2021 typedef struct X86CPUDefinition {
2022     const char *name;
2023     uint32_t level;
2024     uint32_t xlevel;
2025     /* vendor is zero-terminated, 12 character ASCII string */
2026     char vendor[CPUID_VENDOR_SZ + 1];
2027     int family;
2028     int model;
2029     int stepping;
2030     uint8_t avx10_version;
2031     FeatureWordArray features;
2032     const char *model_id;
2033     const CPUCaches *const cache_info;
2034     /*
2035      * Definitions for alternative versions of CPU model.
2036      * List is terminated by item with version == 0.
2037      * If NULL, version 1 will be registered automatically.
2038      */
2039     const X86CPUVersionDefinition *versions;
2040     const char *deprecation_note;
2041 } X86CPUDefinition;
2042 
2043 /* Reference to a specific CPU model version */
2044 struct X86CPUModel {
2045     /* Base CPU definition */
2046     const X86CPUDefinition *cpudef;
2047     /* CPU model version */
2048     X86CPUVersion version;
2049     const char *note;
2050     /*
2051      * If true, this is an alias CPU model.
2052      * This matters only for "-cpu help" and query-cpu-definitions
2053      */
2054     bool is_alias;
2055 };
2056 
2057 /* Get full model name for CPU version */
2058 static char *x86_cpu_versioned_model_name(const X86CPUDefinition *cpudef,
2059                                           X86CPUVersion version)
2060 {
2061     assert(version > 0);
2062     return g_strdup_printf("%s-v%d", cpudef->name, (int)version);
2063 }
2064 
2065 static const X86CPUVersionDefinition *
2066 x86_cpu_def_get_versions(const X86CPUDefinition *def)
2067 {
2068     /* When X86CPUDefinition::versions is NULL, we register only v1 */
2069     static const X86CPUVersionDefinition default_version_list[] = {
2070         { 1 },
2071         { /* end of list */ }
2072     };
2073 
2074     return def->versions ?: default_version_list;
2075 }
2076 
2077 static const CPUCaches epyc_cache_info = {
2078     .l1d_cache = &(CPUCacheInfo) {
2079         .type = DATA_CACHE,
2080         .level = 1,
2081         .size = 32 * KiB,
2082         .line_size = 64,
2083         .associativity = 8,
2084         .partitions = 1,
2085         .sets = 64,
2086         .lines_per_tag = 1,
2087         .self_init = 1,
2088         .no_invd_sharing = true,
2089         .share_level = CPU_TOPOLOGY_LEVEL_CORE,
2090     },
2091     .l1i_cache = &(CPUCacheInfo) {
2092         .type = INSTRUCTION_CACHE,
2093         .level = 1,
2094         .size = 64 * KiB,
2095         .line_size = 64,
2096         .associativity = 4,
2097         .partitions = 1,
2098         .sets = 256,
2099         .lines_per_tag = 1,
2100         .self_init = 1,
2101         .no_invd_sharing = true,
2102         .share_level = CPU_TOPOLOGY_LEVEL_CORE,
2103     },
2104     .l2_cache = &(CPUCacheInfo) {
2105         .type = UNIFIED_CACHE,
2106         .level = 2,
2107         .size = 512 * KiB,
2108         .line_size = 64,
2109         .associativity = 8,
2110         .partitions = 1,
2111         .sets = 1024,
2112         .lines_per_tag = 1,
2113         .share_level = CPU_TOPOLOGY_LEVEL_CORE,
2114     },
2115     .l3_cache = &(CPUCacheInfo) {
2116         .type = UNIFIED_CACHE,
2117         .level = 3,
2118         .size = 8 * MiB,
2119         .line_size = 64,
2120         .associativity = 16,
2121         .partitions = 1,
2122         .sets = 8192,
2123         .lines_per_tag = 1,
2124         .self_init = true,
2125         .inclusive = true,
2126         .complex_indexing = true,
2127         .share_level = CPU_TOPOLOGY_LEVEL_DIE,
2128     },
2129 };
2130 
2131 static CPUCaches epyc_v4_cache_info = {
2132     .l1d_cache = &(CPUCacheInfo) {
2133         .type = DATA_CACHE,
2134         .level = 1,
2135         .size = 32 * KiB,
2136         .line_size = 64,
2137         .associativity = 8,
2138         .partitions = 1,
2139         .sets = 64,
2140         .lines_per_tag = 1,
2141         .self_init = 1,
2142         .no_invd_sharing = true,
2143         .share_level = CPU_TOPOLOGY_LEVEL_CORE,
2144     },
2145     .l1i_cache = &(CPUCacheInfo) {
2146         .type = INSTRUCTION_CACHE,
2147         .level = 1,
2148         .size = 64 * KiB,
2149         .line_size = 64,
2150         .associativity = 4,
2151         .partitions = 1,
2152         .sets = 256,
2153         .lines_per_tag = 1,
2154         .self_init = 1,
2155         .no_invd_sharing = true,
2156         .share_level = CPU_TOPOLOGY_LEVEL_CORE,
2157     },
2158     .l2_cache = &(CPUCacheInfo) {
2159         .type = UNIFIED_CACHE,
2160         .level = 2,
2161         .size = 512 * KiB,
2162         .line_size = 64,
2163         .associativity = 8,
2164         .partitions = 1,
2165         .sets = 1024,
2166         .lines_per_tag = 1,
2167         .share_level = CPU_TOPOLOGY_LEVEL_CORE,
2168     },
2169     .l3_cache = &(CPUCacheInfo) {
2170         .type = UNIFIED_CACHE,
2171         .level = 3,
2172         .size = 8 * MiB,
2173         .line_size = 64,
2174         .associativity = 16,
2175         .partitions = 1,
2176         .sets = 8192,
2177         .lines_per_tag = 1,
2178         .self_init = true,
2179         .inclusive = true,
2180         .complex_indexing = false,
2181         .share_level = CPU_TOPOLOGY_LEVEL_DIE,
2182     },
2183 };
2184 
2185 static const CPUCaches epyc_rome_cache_info = {
2186     .l1d_cache = &(CPUCacheInfo) {
2187         .type = DATA_CACHE,
2188         .level = 1,
2189         .size = 32 * KiB,
2190         .line_size = 64,
2191         .associativity = 8,
2192         .partitions = 1,
2193         .sets = 64,
2194         .lines_per_tag = 1,
2195         .self_init = 1,
2196         .no_invd_sharing = true,
2197         .share_level = CPU_TOPOLOGY_LEVEL_CORE,
2198     },
2199     .l1i_cache = &(CPUCacheInfo) {
2200         .type = INSTRUCTION_CACHE,
2201         .level = 1,
2202         .size = 32 * KiB,
2203         .line_size = 64,
2204         .associativity = 8,
2205         .partitions = 1,
2206         .sets = 64,
2207         .lines_per_tag = 1,
2208         .self_init = 1,
2209         .no_invd_sharing = true,
2210         .share_level = CPU_TOPOLOGY_LEVEL_CORE,
2211     },
2212     .l2_cache = &(CPUCacheInfo) {
2213         .type = UNIFIED_CACHE,
2214         .level = 2,
2215         .size = 512 * KiB,
2216         .line_size = 64,
2217         .associativity = 8,
2218         .partitions = 1,
2219         .sets = 1024,
2220         .lines_per_tag = 1,
2221         .share_level = CPU_TOPOLOGY_LEVEL_CORE,
2222     },
2223     .l3_cache = &(CPUCacheInfo) {
2224         .type = UNIFIED_CACHE,
2225         .level = 3,
2226         .size = 16 * MiB,
2227         .line_size = 64,
2228         .associativity = 16,
2229         .partitions = 1,
2230         .sets = 16384,
2231         .lines_per_tag = 1,
2232         .self_init = true,
2233         .inclusive = true,
2234         .complex_indexing = true,
2235         .share_level = CPU_TOPOLOGY_LEVEL_DIE,
2236     },
2237 };
2238 
2239 static const CPUCaches epyc_rome_v3_cache_info = {
2240     .l1d_cache = &(CPUCacheInfo) {
2241         .type = DATA_CACHE,
2242         .level = 1,
2243         .size = 32 * KiB,
2244         .line_size = 64,
2245         .associativity = 8,
2246         .partitions = 1,
2247         .sets = 64,
2248         .lines_per_tag = 1,
2249         .self_init = 1,
2250         .no_invd_sharing = true,
2251         .share_level = CPU_TOPOLOGY_LEVEL_CORE,
2252     },
2253     .l1i_cache = &(CPUCacheInfo) {
2254         .type = INSTRUCTION_CACHE,
2255         .level = 1,
2256         .size = 32 * KiB,
2257         .line_size = 64,
2258         .associativity = 8,
2259         .partitions = 1,
2260         .sets = 64,
2261         .lines_per_tag = 1,
2262         .self_init = 1,
2263         .no_invd_sharing = true,
2264         .share_level = CPU_TOPOLOGY_LEVEL_CORE,
2265     },
2266     .l2_cache = &(CPUCacheInfo) {
2267         .type = UNIFIED_CACHE,
2268         .level = 2,
2269         .size = 512 * KiB,
2270         .line_size = 64,
2271         .associativity = 8,
2272         .partitions = 1,
2273         .sets = 1024,
2274         .lines_per_tag = 1,
2275         .share_level = CPU_TOPOLOGY_LEVEL_CORE,
2276     },
2277     .l3_cache = &(CPUCacheInfo) {
2278         .type = UNIFIED_CACHE,
2279         .level = 3,
2280         .size = 16 * MiB,
2281         .line_size = 64,
2282         .associativity = 16,
2283         .partitions = 1,
2284         .sets = 16384,
2285         .lines_per_tag = 1,
2286         .self_init = true,
2287         .inclusive = true,
2288         .complex_indexing = false,
2289         .share_level = CPU_TOPOLOGY_LEVEL_DIE,
2290     },
2291 };
2292 
2293 static const CPUCaches epyc_milan_cache_info = {
2294     .l1d_cache = &(CPUCacheInfo) {
2295         .type = DATA_CACHE,
2296         .level = 1,
2297         .size = 32 * KiB,
2298         .line_size = 64,
2299         .associativity = 8,
2300         .partitions = 1,
2301         .sets = 64,
2302         .lines_per_tag = 1,
2303         .self_init = 1,
2304         .no_invd_sharing = true,
2305         .share_level = CPU_TOPOLOGY_LEVEL_CORE,
2306     },
2307     .l1i_cache = &(CPUCacheInfo) {
2308         .type = INSTRUCTION_CACHE,
2309         .level = 1,
2310         .size = 32 * KiB,
2311         .line_size = 64,
2312         .associativity = 8,
2313         .partitions = 1,
2314         .sets = 64,
2315         .lines_per_tag = 1,
2316         .self_init = 1,
2317         .no_invd_sharing = true,
2318         .share_level = CPU_TOPOLOGY_LEVEL_CORE,
2319     },
2320     .l2_cache = &(CPUCacheInfo) {
2321         .type = UNIFIED_CACHE,
2322         .level = 2,
2323         .size = 512 * KiB,
2324         .line_size = 64,
2325         .associativity = 8,
2326         .partitions = 1,
2327         .sets = 1024,
2328         .lines_per_tag = 1,
2329         .share_level = CPU_TOPOLOGY_LEVEL_CORE,
2330     },
2331     .l3_cache = &(CPUCacheInfo) {
2332         .type = UNIFIED_CACHE,
2333         .level = 3,
2334         .size = 32 * MiB,
2335         .line_size = 64,
2336         .associativity = 16,
2337         .partitions = 1,
2338         .sets = 32768,
2339         .lines_per_tag = 1,
2340         .self_init = true,
2341         .inclusive = true,
2342         .complex_indexing = true,
2343         .share_level = CPU_TOPOLOGY_LEVEL_DIE,
2344     },
2345 };
2346 
2347 static const CPUCaches epyc_milan_v2_cache_info = {
2348     .l1d_cache = &(CPUCacheInfo) {
2349         .type = DATA_CACHE,
2350         .level = 1,
2351         .size = 32 * KiB,
2352         .line_size = 64,
2353         .associativity = 8,
2354         .partitions = 1,
2355         .sets = 64,
2356         .lines_per_tag = 1,
2357         .self_init = 1,
2358         .no_invd_sharing = true,
2359         .share_level = CPU_TOPOLOGY_LEVEL_CORE,
2360     },
2361     .l1i_cache = &(CPUCacheInfo) {
2362         .type = INSTRUCTION_CACHE,
2363         .level = 1,
2364         .size = 32 * KiB,
2365         .line_size = 64,
2366         .associativity = 8,
2367         .partitions = 1,
2368         .sets = 64,
2369         .lines_per_tag = 1,
2370         .self_init = 1,
2371         .no_invd_sharing = true,
2372         .share_level = CPU_TOPOLOGY_LEVEL_CORE,
2373     },
2374     .l2_cache = &(CPUCacheInfo) {
2375         .type = UNIFIED_CACHE,
2376         .level = 2,
2377         .size = 512 * KiB,
2378         .line_size = 64,
2379         .associativity = 8,
2380         .partitions = 1,
2381         .sets = 1024,
2382         .lines_per_tag = 1,
2383         .share_level = CPU_TOPOLOGY_LEVEL_CORE,
2384     },
2385     .l3_cache = &(CPUCacheInfo) {
2386         .type = UNIFIED_CACHE,
2387         .level = 3,
2388         .size = 32 * MiB,
2389         .line_size = 64,
2390         .associativity = 16,
2391         .partitions = 1,
2392         .sets = 32768,
2393         .lines_per_tag = 1,
2394         .self_init = true,
2395         .inclusive = true,
2396         .complex_indexing = false,
2397         .share_level = CPU_TOPOLOGY_LEVEL_DIE,
2398     },
2399 };
2400 
2401 static const CPUCaches epyc_genoa_cache_info = {
2402     .l1d_cache = &(CPUCacheInfo) {
2403         .type = DATA_CACHE,
2404         .level = 1,
2405         .size = 32 * KiB,
2406         .line_size = 64,
2407         .associativity = 8,
2408         .partitions = 1,
2409         .sets = 64,
2410         .lines_per_tag = 1,
2411         .self_init = 1,
2412         .no_invd_sharing = true,
2413         .share_level = CPU_TOPOLOGY_LEVEL_CORE,
2414     },
2415     .l1i_cache = &(CPUCacheInfo) {
2416         .type = INSTRUCTION_CACHE,
2417         .level = 1,
2418         .size = 32 * KiB,
2419         .line_size = 64,
2420         .associativity = 8,
2421         .partitions = 1,
2422         .sets = 64,
2423         .lines_per_tag = 1,
2424         .self_init = 1,
2425         .no_invd_sharing = true,
2426         .share_level = CPU_TOPOLOGY_LEVEL_CORE,
2427     },
2428     .l2_cache = &(CPUCacheInfo) {
2429         .type = UNIFIED_CACHE,
2430         .level = 2,
2431         .size = 1 * MiB,
2432         .line_size = 64,
2433         .associativity = 8,
2434         .partitions = 1,
2435         .sets = 2048,
2436         .lines_per_tag = 1,
2437         .share_level = CPU_TOPOLOGY_LEVEL_CORE,
2438     },
2439     .l3_cache = &(CPUCacheInfo) {
2440         .type = UNIFIED_CACHE,
2441         .level = 3,
2442         .size = 32 * MiB,
2443         .line_size = 64,
2444         .associativity = 16,
2445         .partitions = 1,
2446         .sets = 32768,
2447         .lines_per_tag = 1,
2448         .self_init = true,
2449         .inclusive = true,
2450         .complex_indexing = false,
2451         .share_level = CPU_TOPOLOGY_LEVEL_DIE,
2452     },
2453 };
2454 
2455 /* The following VMX features are not supported by KVM and are left out in the
2456  * CPU definitions:
2457  *
2458  *  Dual-monitor support (all processors)
2459  *  Entry to SMM
2460  *  Deactivate dual-monitor treatment
2461  *  Number of CR3-target values
2462  *  Shutdown activity state
2463  *  Wait-for-SIPI activity state
2464  *  PAUSE-loop exiting (Westmere and newer)
2465  *  EPT-violation #VE (Broadwell and newer)
2466  *  Inject event with insn length=0 (Skylake and newer)
2467  *  Conceal non-root operation from PT
2468  *  Conceal VM exits from PT
2469  *  Conceal VM entries from PT
2470  *  Enable ENCLS exiting
2471  *  Mode-based execute control (XS/XU)
2472  *  TSC scaling (Skylake Server and newer)
2473  *  GPA translation for PT (IceLake and newer)
2474  *  User wait and pause
2475  *  ENCLV exiting
2476  *  Load IA32_RTIT_CTL
2477  *  Clear IA32_RTIT_CTL
2478  *  Advanced VM-exit information for EPT violations
2479  *  Sub-page write permissions
2480  *  PT in VMX operation
2481  */
2482 
2483 static const X86CPUDefinition builtin_x86_defs[] = {
2484     {
2485         .name = "qemu64",
2486         .level = 0xd,
2487         .vendor = CPUID_VENDOR_AMD,
2488         .family = 15,
2489         .model = 107,
2490         .stepping = 1,
2491         .features[FEAT_1_EDX] =
2492             PPRO_FEATURES |
2493             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA |
2494             CPUID_PSE36,
2495         .features[FEAT_1_ECX] =
2496             CPUID_EXT_SSE3 | CPUID_EXT_CX16,
2497         .features[FEAT_8000_0001_EDX] =
2498             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX,
2499         .features[FEAT_8000_0001_ECX] =
2500             CPUID_EXT3_LAHF_LM | CPUID_EXT3_SVM,
2501         .xlevel = 0x8000000A,
2502         .model_id = "QEMU Virtual CPU version " QEMU_HW_VERSION,
2503     },
2504     {
2505         .name = "phenom",
2506         .level = 5,
2507         .vendor = CPUID_VENDOR_AMD,
2508         .family = 16,
2509         .model = 2,
2510         .stepping = 3,
2511         /* Missing: CPUID_HT */
2512         .features[FEAT_1_EDX] =
2513             PPRO_FEATURES |
2514             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA |
2515             CPUID_PSE36 | CPUID_VME,
2516         .features[FEAT_1_ECX] =
2517             CPUID_EXT_SSE3 | CPUID_EXT_MONITOR | CPUID_EXT_CX16 |
2518             CPUID_EXT_POPCNT,
2519         .features[FEAT_8000_0001_EDX] =
2520             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX |
2521             CPUID_EXT2_3DNOW | CPUID_EXT2_3DNOWEXT | CPUID_EXT2_MMXEXT |
2522             CPUID_EXT2_FFXSR | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP,
2523         /* Missing: CPUID_EXT3_CMP_LEG, CPUID_EXT3_EXTAPIC,
2524                     CPUID_EXT3_CR8LEG,
2525                     CPUID_EXT3_MISALIGNSSE, CPUID_EXT3_3DNOWPREFETCH,
2526                     CPUID_EXT3_OSVW, CPUID_EXT3_IBS */
2527         .features[FEAT_8000_0001_ECX] =
2528             CPUID_EXT3_LAHF_LM | CPUID_EXT3_SVM |
2529             CPUID_EXT3_ABM | CPUID_EXT3_SSE4A,
2530         /* Missing: CPUID_SVM_LBRV */
2531         .features[FEAT_SVM] =
2532             CPUID_SVM_NPT,
2533         .xlevel = 0x8000001A,
2534         .model_id = "AMD Phenom(tm) 9550 Quad-Core Processor"
2535     },
2536     {
2537         .name = "core2duo",
2538         .level = 10,
2539         .vendor = CPUID_VENDOR_INTEL,
2540         .family = 6,
2541         .model = 15,
2542         .stepping = 11,
2543         /* Missing: CPUID_DTS, CPUID_HT, CPUID_TM, CPUID_PBE */
2544         .features[FEAT_1_EDX] =
2545             PPRO_FEATURES |
2546             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA |
2547             CPUID_PSE36 | CPUID_VME | CPUID_ACPI | CPUID_SS,
2548         /* Missing: CPUID_EXT_DTES64, CPUID_EXT_DSCPL, CPUID_EXT_EST,
2549          * CPUID_EXT_TM2, CPUID_EXT_XTPR, CPUID_EXT_PDCM, CPUID_EXT_VMX */
2550         .features[FEAT_1_ECX] =
2551             CPUID_EXT_SSE3 | CPUID_EXT_MONITOR | CPUID_EXT_SSSE3 |
2552             CPUID_EXT_CX16,
2553         .features[FEAT_8000_0001_EDX] =
2554             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX,
2555         .features[FEAT_8000_0001_ECX] =
2556             CPUID_EXT3_LAHF_LM,
2557         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS,
2558         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE,
2559         .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT,
2560         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
2561         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2562              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS,
2563         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2564              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2565              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2566              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2567              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2568              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2569              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2570              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2571              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2572              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2573         .features[FEAT_VMX_SECONDARY_CTLS] =
2574              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES,
2575         .xlevel = 0x80000008,
2576         .model_id = "Intel(R) Core(TM)2 Duo CPU     T7700  @ 2.40GHz",
2577     },
2578     {
2579         .name = "kvm64",
2580         .level = 0xd,
2581         .vendor = CPUID_VENDOR_INTEL,
2582         .family = 15,
2583         .model = 6,
2584         .stepping = 1,
2585         /* Missing: CPUID_HT */
2586         .features[FEAT_1_EDX] =
2587             PPRO_FEATURES | CPUID_VME |
2588             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA |
2589             CPUID_PSE36,
2590         /* Missing: CPUID_EXT_POPCNT, CPUID_EXT_MONITOR */
2591         .features[FEAT_1_ECX] =
2592             CPUID_EXT_SSE3 | CPUID_EXT_CX16,
2593         /* Missing: CPUID_EXT2_PDPE1GB, CPUID_EXT2_RDTSCP */
2594         .features[FEAT_8000_0001_EDX] =
2595             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX,
2596         /* Missing: CPUID_EXT3_LAHF_LM, CPUID_EXT3_CMP_LEG, CPUID_EXT3_EXTAPIC,
2597                     CPUID_EXT3_CR8LEG, CPUID_EXT3_ABM, CPUID_EXT3_SSE4A,
2598                     CPUID_EXT3_MISALIGNSSE, CPUID_EXT3_3DNOWPREFETCH,
2599                     CPUID_EXT3_OSVW, CPUID_EXT3_IBS, CPUID_EXT3_SVM */
2600         .features[FEAT_8000_0001_ECX] =
2601             0,
2602         /* VMX features from Cedar Mill/Prescott */
2603         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE,
2604         .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT,
2605         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
2606         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2607              VMX_PIN_BASED_NMI_EXITING,
2608         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2609              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2610              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2611              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2612              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2613              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2614              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2615              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING,
2616         .xlevel = 0x80000008,
2617         .model_id = "Common KVM processor"
2618     },
2619     {
2620         .name = "qemu32",
2621         .level = 4,
2622         .vendor = CPUID_VENDOR_INTEL,
2623         .family = 6,
2624         .model = 6,
2625         .stepping = 3,
2626         .features[FEAT_1_EDX] =
2627             PPRO_FEATURES,
2628         .features[FEAT_1_ECX] =
2629             CPUID_EXT_SSE3,
2630         .xlevel = 0x80000004,
2631         .model_id = "QEMU Virtual CPU version " QEMU_HW_VERSION,
2632     },
2633     {
2634         .name = "kvm32",
2635         .level = 5,
2636         .vendor = CPUID_VENDOR_INTEL,
2637         .family = 15,
2638         .model = 6,
2639         .stepping = 1,
2640         .features[FEAT_1_EDX] =
2641             PPRO_FEATURES | CPUID_VME |
2642             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA | CPUID_PSE36,
2643         .features[FEAT_1_ECX] =
2644             CPUID_EXT_SSE3,
2645         .features[FEAT_8000_0001_ECX] =
2646             0,
2647         /* VMX features from Yonah */
2648         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE,
2649         .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT,
2650         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
2651         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2652              VMX_PIN_BASED_NMI_EXITING,
2653         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2654              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2655              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2656              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2657              VMX_CPU_BASED_MOV_DR_EXITING | VMX_CPU_BASED_UNCOND_IO_EXITING |
2658              VMX_CPU_BASED_USE_IO_BITMAPS | VMX_CPU_BASED_MONITOR_EXITING |
2659              VMX_CPU_BASED_PAUSE_EXITING | VMX_CPU_BASED_USE_MSR_BITMAPS,
2660         .xlevel = 0x80000008,
2661         .model_id = "Common 32-bit KVM processor"
2662     },
2663     {
2664         .name = "coreduo",
2665         .level = 10,
2666         .vendor = CPUID_VENDOR_INTEL,
2667         .family = 6,
2668         .model = 14,
2669         .stepping = 8,
2670         /* Missing: CPUID_DTS, CPUID_HT, CPUID_TM, CPUID_PBE */
2671         .features[FEAT_1_EDX] =
2672             PPRO_FEATURES | CPUID_VME |
2673             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA | CPUID_ACPI |
2674             CPUID_SS,
2675         /* Missing: CPUID_EXT_EST, CPUID_EXT_TM2 , CPUID_EXT_XTPR,
2676          * CPUID_EXT_PDCM, CPUID_EXT_VMX */
2677         .features[FEAT_1_ECX] =
2678             CPUID_EXT_SSE3 | CPUID_EXT_MONITOR,
2679         .features[FEAT_8000_0001_EDX] =
2680             CPUID_EXT2_NX,
2681         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE,
2682         .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT,
2683         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
2684         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2685              VMX_PIN_BASED_NMI_EXITING,
2686         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2687              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2688              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2689              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2690              VMX_CPU_BASED_MOV_DR_EXITING | VMX_CPU_BASED_UNCOND_IO_EXITING |
2691              VMX_CPU_BASED_USE_IO_BITMAPS | VMX_CPU_BASED_MONITOR_EXITING |
2692              VMX_CPU_BASED_PAUSE_EXITING | VMX_CPU_BASED_USE_MSR_BITMAPS,
2693         .xlevel = 0x80000008,
2694         .model_id = "Genuine Intel(R) CPU           T2600  @ 2.16GHz",
2695     },
2696     {
2697         .name = "486",
2698         .level = 1,
2699         .vendor = CPUID_VENDOR_INTEL,
2700         .family = 4,
2701         .model = 8,
2702         .stepping = 0,
2703         .features[FEAT_1_EDX] =
2704             I486_FEATURES,
2705         .xlevel = 0,
2706         .model_id = "",
2707     },
2708     {
2709         .name = "pentium",
2710         .level = 1,
2711         .vendor = CPUID_VENDOR_INTEL,
2712         .family = 5,
2713         .model = 4,
2714         .stepping = 3,
2715         .features[FEAT_1_EDX] =
2716             PENTIUM_FEATURES,
2717         .xlevel = 0,
2718         .model_id = "",
2719     },
2720     {
2721         .name = "pentium2",
2722         .level = 2,
2723         .vendor = CPUID_VENDOR_INTEL,
2724         .family = 6,
2725         .model = 5,
2726         .stepping = 2,
2727         .features[FEAT_1_EDX] =
2728             PENTIUM2_FEATURES,
2729         .xlevel = 0,
2730         .model_id = "",
2731     },
2732     {
2733         .name = "pentium3",
2734         .level = 3,
2735         .vendor = CPUID_VENDOR_INTEL,
2736         .family = 6,
2737         .model = 7,
2738         .stepping = 3,
2739         .features[FEAT_1_EDX] =
2740             PENTIUM3_FEATURES,
2741         .xlevel = 0,
2742         .model_id = "",
2743     },
2744     {
2745         .name = "athlon",
2746         .level = 2,
2747         .vendor = CPUID_VENDOR_AMD,
2748         .family = 6,
2749         .model = 2,
2750         .stepping = 3,
2751         .features[FEAT_1_EDX] =
2752             PPRO_FEATURES | CPUID_PSE36 | CPUID_VME | CPUID_MTRR |
2753             CPUID_MCA,
2754         .features[FEAT_8000_0001_EDX] =
2755             CPUID_EXT2_MMXEXT | CPUID_EXT2_3DNOW | CPUID_EXT2_3DNOWEXT,
2756         .xlevel = 0x80000008,
2757         .model_id = "QEMU Virtual CPU version " QEMU_HW_VERSION,
2758     },
2759     {
2760         .name = "n270",
2761         .level = 10,
2762         .vendor = CPUID_VENDOR_INTEL,
2763         .family = 6,
2764         .model = 28,
2765         .stepping = 2,
2766         /* Missing: CPUID_DTS, CPUID_HT, CPUID_TM, CPUID_PBE */
2767         .features[FEAT_1_EDX] =
2768             PPRO_FEATURES |
2769             CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA | CPUID_VME |
2770             CPUID_ACPI | CPUID_SS,
2771             /* Some CPUs got no CPUID_SEP */
2772         /* Missing: CPUID_EXT_DSCPL, CPUID_EXT_EST, CPUID_EXT_TM2,
2773          * CPUID_EXT_XTPR */
2774         .features[FEAT_1_ECX] =
2775             CPUID_EXT_SSE3 | CPUID_EXT_MONITOR | CPUID_EXT_SSSE3 |
2776             CPUID_EXT_MOVBE,
2777         .features[FEAT_8000_0001_EDX] =
2778             CPUID_EXT2_NX,
2779         .features[FEAT_8000_0001_ECX] =
2780             CPUID_EXT3_LAHF_LM,
2781         .xlevel = 0x80000008,
2782         .model_id = "Intel(R) Atom(TM) CPU N270   @ 1.60GHz",
2783     },
2784     {
2785         .name = "Conroe",
2786         .level = 10,
2787         .vendor = CPUID_VENDOR_INTEL,
2788         .family = 6,
2789         .model = 15,
2790         .stepping = 3,
2791         .features[FEAT_1_EDX] =
2792             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2793             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2794             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2795             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2796             CPUID_DE | CPUID_FP87,
2797         .features[FEAT_1_ECX] =
2798             CPUID_EXT_SSSE3 | CPUID_EXT_SSE3,
2799         .features[FEAT_8000_0001_EDX] =
2800             CPUID_EXT2_LM | CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
2801         .features[FEAT_8000_0001_ECX] =
2802             CPUID_EXT3_LAHF_LM,
2803         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS,
2804         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE,
2805         .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT,
2806         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
2807         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2808              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS,
2809         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2810              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2811              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2812              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2813              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2814              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2815              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2816              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2817              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2818              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2819         .features[FEAT_VMX_SECONDARY_CTLS] =
2820              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES,
2821         .xlevel = 0x80000008,
2822         .model_id = "Intel Celeron_4x0 (Conroe/Merom Class Core 2)",
2823     },
2824     {
2825         .name = "Penryn",
2826         .level = 10,
2827         .vendor = CPUID_VENDOR_INTEL,
2828         .family = 6,
2829         .model = 23,
2830         .stepping = 3,
2831         .features[FEAT_1_EDX] =
2832             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2833             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2834             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2835             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2836             CPUID_DE | CPUID_FP87,
2837         .features[FEAT_1_ECX] =
2838             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
2839             CPUID_EXT_SSE3,
2840         .features[FEAT_8000_0001_EDX] =
2841             CPUID_EXT2_LM | CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
2842         .features[FEAT_8000_0001_ECX] =
2843             CPUID_EXT3_LAHF_LM,
2844         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS,
2845         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2846              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL,
2847         .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT |
2848              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL,
2849         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
2850         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2851              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS,
2852         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2853              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2854              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2855              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2856              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2857              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2858              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2859              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2860              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2861              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2862         .features[FEAT_VMX_SECONDARY_CTLS] =
2863              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2864              VMX_SECONDARY_EXEC_WBINVD_EXITING,
2865         .xlevel = 0x80000008,
2866         .model_id = "Intel Core 2 Duo P9xxx (Penryn Class Core 2)",
2867     },
2868     {
2869         .name = "Nehalem",
2870         .level = 11,
2871         .vendor = CPUID_VENDOR_INTEL,
2872         .family = 6,
2873         .model = 26,
2874         .stepping = 3,
2875         .features[FEAT_1_EDX] =
2876             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2877             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2878             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2879             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2880             CPUID_DE | CPUID_FP87,
2881         .features[FEAT_1_ECX] =
2882             CPUID_EXT_POPCNT | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
2883             CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | CPUID_EXT_SSE3,
2884         .features[FEAT_8000_0001_EDX] =
2885             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX,
2886         .features[FEAT_8000_0001_ECX] =
2887             CPUID_EXT3_LAHF_LM,
2888         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2889              MSR_VMX_BASIC_TRUE_CTLS,
2890         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2891              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2892              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2893         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2894              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2895              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2896              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2897              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2898              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2899              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS,
2900         .features[FEAT_VMX_EXIT_CTLS] =
2901              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2902              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2903              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2904              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2905              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2906         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
2907         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2908              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2909              VMX_PIN_BASED_VMX_PREEMPTION_TIMER,
2910         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2911              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2912              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2913              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2914              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2915              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2916              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2917              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2918              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
2919              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
2920              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
2921              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
2922         .features[FEAT_VMX_SECONDARY_CTLS] =
2923              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
2924              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
2925              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
2926              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
2927              VMX_SECONDARY_EXEC_ENABLE_VPID,
2928         .xlevel = 0x80000008,
2929         .model_id = "Intel Core i7 9xx (Nehalem Class Core i7)",
2930         .versions = (X86CPUVersionDefinition[]) {
2931             { .version = 1 },
2932             {
2933                 .version = 2,
2934                 .alias = "Nehalem-IBRS",
2935                 .props = (PropValue[]) {
2936                     { "spec-ctrl", "on" },
2937                     { "model-id",
2938                       "Intel Core i7 9xx (Nehalem Core i7, IBRS update)" },
2939                     { /* end of list */ }
2940                 }
2941             },
2942             { /* end of list */ }
2943         }
2944     },
2945     {
2946         .name = "Westmere",
2947         .level = 11,
2948         .vendor = CPUID_VENDOR_INTEL,
2949         .family = 6,
2950         .model = 44,
2951         .stepping = 1,
2952         .features[FEAT_1_EDX] =
2953             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
2954             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
2955             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
2956             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
2957             CPUID_DE | CPUID_FP87,
2958         .features[FEAT_1_ECX] =
2959             CPUID_EXT_AES | CPUID_EXT_POPCNT | CPUID_EXT_SSE42 |
2960             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
2961             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3,
2962         .features[FEAT_8000_0001_EDX] =
2963             CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX,
2964         .features[FEAT_8000_0001_ECX] =
2965             CPUID_EXT3_LAHF_LM,
2966         .features[FEAT_6_EAX] =
2967             CPUID_6_EAX_ARAT,
2968         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
2969              MSR_VMX_BASIC_TRUE_CTLS,
2970         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
2971              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
2972              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
2973         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
2974              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
2975              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
2976              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
2977              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
2978              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
2979              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS,
2980         .features[FEAT_VMX_EXIT_CTLS] =
2981              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
2982              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
2983              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
2984              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
2985              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
2986         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
2987              MSR_VMX_MISC_STORE_LMA,
2988         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
2989              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
2990              VMX_PIN_BASED_VMX_PREEMPTION_TIMER,
2991         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
2992              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
2993              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
2994              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
2995              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
2996              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
2997              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
2998              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
2999              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3000              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3001              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3002              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3003         .features[FEAT_VMX_SECONDARY_CTLS] =
3004              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3005              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3006              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3007              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3008              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST,
3009         .xlevel = 0x80000008,
3010         .model_id = "Westmere E56xx/L56xx/X56xx (Nehalem-C)",
3011         .versions = (X86CPUVersionDefinition[]) {
3012             { .version = 1 },
3013             {
3014                 .version = 2,
3015                 .alias = "Westmere-IBRS",
3016                 .props = (PropValue[]) {
3017                     { "spec-ctrl", "on" },
3018                     { "model-id",
3019                       "Westmere E56xx/L56xx/X56xx (IBRS update)" },
3020                     { /* end of list */ }
3021                 }
3022             },
3023             { /* end of list */ }
3024         }
3025     },
3026     {
3027         .name = "SandyBridge",
3028         .level = 0xd,
3029         .vendor = CPUID_VENDOR_INTEL,
3030         .family = 6,
3031         .model = 42,
3032         .stepping = 1,
3033         .features[FEAT_1_EDX] =
3034             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3035             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3036             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3037             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3038             CPUID_DE | CPUID_FP87,
3039         .features[FEAT_1_ECX] =
3040             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
3041             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_POPCNT |
3042             CPUID_EXT_X2APIC | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
3043             CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | CPUID_EXT_PCLMULQDQ |
3044             CPUID_EXT_SSE3,
3045         .features[FEAT_8000_0001_EDX] =
3046             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
3047             CPUID_EXT2_SYSCALL,
3048         .features[FEAT_8000_0001_ECX] =
3049             CPUID_EXT3_LAHF_LM,
3050         .features[FEAT_XSAVE] =
3051             CPUID_XSAVE_XSAVEOPT,
3052         .features[FEAT_6_EAX] =
3053             CPUID_6_EAX_ARAT,
3054         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
3055              MSR_VMX_BASIC_TRUE_CTLS,
3056         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
3057              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
3058              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
3059         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
3060              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
3061              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
3062              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3063              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3064              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3065              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS,
3066         .features[FEAT_VMX_EXIT_CTLS] =
3067              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3068              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3069              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
3070              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3071              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3072         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
3073              MSR_VMX_MISC_STORE_LMA,
3074         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
3075              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
3076              VMX_PIN_BASED_VMX_PREEMPTION_TIMER,
3077         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3078              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3079              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3080              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3081              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3082              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3083              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3084              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3085              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3086              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3087              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3088              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3089         .features[FEAT_VMX_SECONDARY_CTLS] =
3090              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3091              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3092              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3093              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3094              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST,
3095         .xlevel = 0x80000008,
3096         .model_id = "Intel Xeon E312xx (Sandy Bridge)",
3097         .versions = (X86CPUVersionDefinition[]) {
3098             { .version = 1 },
3099             {
3100                 .version = 2,
3101                 .alias = "SandyBridge-IBRS",
3102                 .props = (PropValue[]) {
3103                     { "spec-ctrl", "on" },
3104                     { "model-id",
3105                       "Intel Xeon E312xx (Sandy Bridge, IBRS update)" },
3106                     { /* end of list */ }
3107                 }
3108             },
3109             { /* end of list */ }
3110         }
3111     },
3112     {
3113         .name = "IvyBridge",
3114         .level = 0xd,
3115         .vendor = CPUID_VENDOR_INTEL,
3116         .family = 6,
3117         .model = 58,
3118         .stepping = 9,
3119         .features[FEAT_1_EDX] =
3120             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3121             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3122             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3123             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3124             CPUID_DE | CPUID_FP87,
3125         .features[FEAT_1_ECX] =
3126             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
3127             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_POPCNT |
3128             CPUID_EXT_X2APIC | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
3129             CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | CPUID_EXT_PCLMULQDQ |
3130             CPUID_EXT_SSE3 | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
3131         .features[FEAT_7_0_EBX] =
3132             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_SMEP |
3133             CPUID_7_0_EBX_ERMS,
3134         .features[FEAT_8000_0001_EDX] =
3135             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
3136             CPUID_EXT2_SYSCALL,
3137         .features[FEAT_8000_0001_ECX] =
3138             CPUID_EXT3_LAHF_LM,
3139         .features[FEAT_XSAVE] =
3140             CPUID_XSAVE_XSAVEOPT,
3141         .features[FEAT_6_EAX] =
3142             CPUID_6_EAX_ARAT,
3143         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
3144              MSR_VMX_BASIC_TRUE_CTLS,
3145         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
3146              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
3147              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
3148         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
3149              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
3150              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
3151              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3152              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3153              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3154              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS,
3155         .features[FEAT_VMX_EXIT_CTLS] =
3156              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3157              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3158              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
3159              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3160              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3161         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
3162              MSR_VMX_MISC_STORE_LMA,
3163         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
3164              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
3165              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
3166         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3167              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3168              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3169              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3170              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3171              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3172              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3173              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3174              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3175              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3176              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3177              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3178         .features[FEAT_VMX_SECONDARY_CTLS] =
3179              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3180              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3181              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3182              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3183              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3184              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
3185              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
3186              VMX_SECONDARY_EXEC_RDRAND_EXITING,
3187         .xlevel = 0x80000008,
3188         .model_id = "Intel Xeon E3-12xx v2 (Ivy Bridge)",
3189         .versions = (X86CPUVersionDefinition[]) {
3190             { .version = 1 },
3191             {
3192                 .version = 2,
3193                 .alias = "IvyBridge-IBRS",
3194                 .props = (PropValue[]) {
3195                     { "spec-ctrl", "on" },
3196                     { "model-id",
3197                       "Intel Xeon E3-12xx v2 (Ivy Bridge, IBRS)" },
3198                     { /* end of list */ }
3199                 }
3200             },
3201             { /* end of list */ }
3202         }
3203     },
3204     {
3205         .name = "Haswell",
3206         .level = 0xd,
3207         .vendor = CPUID_VENDOR_INTEL,
3208         .family = 6,
3209         .model = 60,
3210         .stepping = 4,
3211         .features[FEAT_1_EDX] =
3212             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3213             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3214             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3215             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3216             CPUID_DE | CPUID_FP87,
3217         .features[FEAT_1_ECX] =
3218             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
3219             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
3220             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
3221             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
3222             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
3223             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
3224         .features[FEAT_8000_0001_EDX] =
3225             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
3226             CPUID_EXT2_SYSCALL,
3227         .features[FEAT_8000_0001_ECX] =
3228             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM,
3229         .features[FEAT_7_0_EBX] =
3230             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
3231             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
3232             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
3233             CPUID_7_0_EBX_RTM,
3234         .features[FEAT_XSAVE] =
3235             CPUID_XSAVE_XSAVEOPT,
3236         .features[FEAT_6_EAX] =
3237             CPUID_6_EAX_ARAT,
3238         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
3239              MSR_VMX_BASIC_TRUE_CTLS,
3240         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
3241              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
3242              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
3243         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
3244              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
3245              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
3246              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3247              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3248              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3249              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
3250         .features[FEAT_VMX_EXIT_CTLS] =
3251              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3252              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3253              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
3254              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3255              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3256         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
3257              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
3258         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
3259              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
3260              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
3261         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3262              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3263              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3264              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3265              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3266              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3267              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3268              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3269              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3270              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3271              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3272              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3273         .features[FEAT_VMX_SECONDARY_CTLS] =
3274              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3275              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3276              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3277              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3278              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3279              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
3280              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
3281              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3282              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS,
3283         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
3284         .xlevel = 0x80000008,
3285         .model_id = "Intel Core Processor (Haswell)",
3286         .versions = (X86CPUVersionDefinition[]) {
3287             { .version = 1 },
3288             {
3289                 .version = 2,
3290                 .alias = "Haswell-noTSX",
3291                 .props = (PropValue[]) {
3292                     { "hle", "off" },
3293                     { "rtm", "off" },
3294                     { "stepping", "1" },
3295                     { "model-id", "Intel Core Processor (Haswell, no TSX)", },
3296                     { /* end of list */ }
3297                 },
3298             },
3299             {
3300                 .version = 3,
3301                 .alias = "Haswell-IBRS",
3302                 .props = (PropValue[]) {
3303                     /* Restore TSX features removed by -v2 above */
3304                     { "hle", "on" },
3305                     { "rtm", "on" },
3306                     /*
3307                      * Haswell and Haswell-IBRS had stepping=4 in
3308                      * QEMU 4.0 and older
3309                      */
3310                     { "stepping", "4" },
3311                     { "spec-ctrl", "on" },
3312                     { "model-id",
3313                       "Intel Core Processor (Haswell, IBRS)" },
3314                     { /* end of list */ }
3315                 }
3316             },
3317             {
3318                 .version = 4,
3319                 .alias = "Haswell-noTSX-IBRS",
3320                 .props = (PropValue[]) {
3321                     { "hle", "off" },
3322                     { "rtm", "off" },
3323                     /* spec-ctrl was already enabled by -v3 above */
3324                     { "stepping", "1" },
3325                     { "model-id",
3326                       "Intel Core Processor (Haswell, no TSX, IBRS)" },
3327                     { /* end of list */ }
3328                 }
3329             },
3330             { /* end of list */ }
3331         }
3332     },
3333     {
3334         .name = "Broadwell",
3335         .level = 0xd,
3336         .vendor = CPUID_VENDOR_INTEL,
3337         .family = 6,
3338         .model = 61,
3339         .stepping = 2,
3340         .features[FEAT_1_EDX] =
3341             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3342             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3343             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3344             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3345             CPUID_DE | CPUID_FP87,
3346         .features[FEAT_1_ECX] =
3347             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
3348             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
3349             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
3350             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
3351             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
3352             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
3353         .features[FEAT_8000_0001_EDX] =
3354             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
3355             CPUID_EXT2_SYSCALL,
3356         .features[FEAT_8000_0001_ECX] =
3357             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
3358         .features[FEAT_7_0_EBX] =
3359             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
3360             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
3361             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
3362             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
3363             CPUID_7_0_EBX_SMAP,
3364         .features[FEAT_XSAVE] =
3365             CPUID_XSAVE_XSAVEOPT,
3366         .features[FEAT_6_EAX] =
3367             CPUID_6_EAX_ARAT,
3368         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
3369              MSR_VMX_BASIC_TRUE_CTLS,
3370         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
3371              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
3372              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
3373         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
3374              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
3375              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
3376              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3377              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3378              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3379              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
3380         .features[FEAT_VMX_EXIT_CTLS] =
3381              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3382              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3383              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
3384              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3385              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3386         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
3387              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
3388         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
3389              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
3390              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
3391         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3392              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3393              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3394              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3395              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3396              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3397              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3398              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3399              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3400              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3401              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3402              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3403         .features[FEAT_VMX_SECONDARY_CTLS] =
3404              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3405              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3406              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3407              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3408              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3409              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
3410              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
3411              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3412              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
3413              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
3414         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
3415         .xlevel = 0x80000008,
3416         .model_id = "Intel Core Processor (Broadwell)",
3417         .versions = (X86CPUVersionDefinition[]) {
3418             { .version = 1 },
3419             {
3420                 .version = 2,
3421                 .alias = "Broadwell-noTSX",
3422                 .props = (PropValue[]) {
3423                     { "hle", "off" },
3424                     { "rtm", "off" },
3425                     { "model-id", "Intel Core Processor (Broadwell, no TSX)", },
3426                     { /* end of list */ }
3427                 },
3428             },
3429             {
3430                 .version = 3,
3431                 .alias = "Broadwell-IBRS",
3432                 .props = (PropValue[]) {
3433                     /* Restore TSX features removed by -v2 above */
3434                     { "hle", "on" },
3435                     { "rtm", "on" },
3436                     { "spec-ctrl", "on" },
3437                     { "model-id",
3438                       "Intel Core Processor (Broadwell, IBRS)" },
3439                     { /* end of list */ }
3440                 }
3441             },
3442             {
3443                 .version = 4,
3444                 .alias = "Broadwell-noTSX-IBRS",
3445                 .props = (PropValue[]) {
3446                     { "hle", "off" },
3447                     { "rtm", "off" },
3448                     /* spec-ctrl was already enabled by -v3 above */
3449                     { "model-id",
3450                       "Intel Core Processor (Broadwell, no TSX, IBRS)" },
3451                     { /* end of list */ }
3452                 }
3453             },
3454             { /* end of list */ }
3455         }
3456     },
3457     {
3458         .name = "Skylake-Client",
3459         .level = 0xd,
3460         .vendor = CPUID_VENDOR_INTEL,
3461         .family = 6,
3462         .model = 94,
3463         .stepping = 3,
3464         .features[FEAT_1_EDX] =
3465             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3466             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3467             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3468             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3469             CPUID_DE | CPUID_FP87,
3470         .features[FEAT_1_ECX] =
3471             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
3472             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
3473             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
3474             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
3475             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
3476             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
3477         .features[FEAT_8000_0001_EDX] =
3478             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX |
3479             CPUID_EXT2_SYSCALL,
3480         .features[FEAT_8000_0001_ECX] =
3481             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
3482         .features[FEAT_7_0_EBX] =
3483             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
3484             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
3485             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
3486             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
3487             CPUID_7_0_EBX_SMAP,
3488         /* XSAVES is added in version 4 */
3489         .features[FEAT_XSAVE] =
3490             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
3491             CPUID_XSAVE_XGETBV1,
3492         .features[FEAT_6_EAX] =
3493             CPUID_6_EAX_ARAT,
3494         /* Missing: Mode-based execute control (XS/XU), processor tracing, TSC scaling */
3495         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
3496              MSR_VMX_BASIC_TRUE_CTLS,
3497         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
3498              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
3499              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
3500         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
3501              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
3502              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
3503              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3504              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3505              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3506              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
3507         .features[FEAT_VMX_EXIT_CTLS] =
3508              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3509              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3510              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
3511              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3512              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3513         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
3514              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
3515         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
3516              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
3517              VMX_PIN_BASED_VMX_PREEMPTION_TIMER,
3518         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3519              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3520              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3521              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3522              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3523              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3524              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3525              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3526              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3527              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3528              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3529              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3530         .features[FEAT_VMX_SECONDARY_CTLS] =
3531              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3532              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3533              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3534              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3535              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3536              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
3537              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
3538         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
3539         .xlevel = 0x80000008,
3540         .model_id = "Intel Core Processor (Skylake)",
3541         .versions = (X86CPUVersionDefinition[]) {
3542             { .version = 1 },
3543             {
3544                 .version = 2,
3545                 .alias = "Skylake-Client-IBRS",
3546                 .props = (PropValue[]) {
3547                     { "spec-ctrl", "on" },
3548                     { "model-id",
3549                       "Intel Core Processor (Skylake, IBRS)" },
3550                     { /* end of list */ }
3551                 }
3552             },
3553             {
3554                 .version = 3,
3555                 .alias = "Skylake-Client-noTSX-IBRS",
3556                 .props = (PropValue[]) {
3557                     { "hle", "off" },
3558                     { "rtm", "off" },
3559                     { "model-id",
3560                       "Intel Core Processor (Skylake, IBRS, no TSX)" },
3561                     { /* end of list */ }
3562                 }
3563             },
3564             {
3565                 .version = 4,
3566                 .note = "IBRS, XSAVES, no TSX",
3567                 .props = (PropValue[]) {
3568                     { "xsaves", "on" },
3569                     { "vmx-xsaves", "on" },
3570                     { /* end of list */ }
3571                 }
3572             },
3573             { /* end of list */ }
3574         }
3575     },
3576     {
3577         .name = "Skylake-Server",
3578         .level = 0xd,
3579         .vendor = CPUID_VENDOR_INTEL,
3580         .family = 6,
3581         .model = 85,
3582         .stepping = 4,
3583         .features[FEAT_1_EDX] =
3584             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3585             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3586             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3587             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3588             CPUID_DE | CPUID_FP87,
3589         .features[FEAT_1_ECX] =
3590             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
3591             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
3592             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
3593             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
3594             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
3595             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
3596         .features[FEAT_8000_0001_EDX] =
3597             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
3598             CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
3599         .features[FEAT_8000_0001_ECX] =
3600             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
3601         .features[FEAT_7_0_EBX] =
3602             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
3603             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
3604             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
3605             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
3606             CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLWB |
3607             CPUID_7_0_EBX_AVX512F | CPUID_7_0_EBX_AVX512DQ |
3608             CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512CD |
3609             CPUID_7_0_EBX_AVX512VL | CPUID_7_0_EBX_CLFLUSHOPT,
3610         .features[FEAT_7_0_ECX] =
3611             CPUID_7_0_ECX_PKU,
3612         /* XSAVES is added in version 5 */
3613         .features[FEAT_XSAVE] =
3614             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
3615             CPUID_XSAVE_XGETBV1,
3616         .features[FEAT_6_EAX] =
3617             CPUID_6_EAX_ARAT,
3618         /* Missing: Mode-based execute control (XS/XU), processor tracing, TSC scaling */
3619         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
3620              MSR_VMX_BASIC_TRUE_CTLS,
3621         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
3622              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
3623              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
3624         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
3625              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
3626              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
3627              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3628              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3629              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3630              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
3631         .features[FEAT_VMX_EXIT_CTLS] =
3632              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3633              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3634              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
3635              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3636              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3637         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
3638              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
3639         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
3640              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
3641              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
3642         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3643              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3644              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3645              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3646              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3647              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3648              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3649              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3650              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3651              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3652              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3653              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3654         .features[FEAT_VMX_SECONDARY_CTLS] =
3655              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3656              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3657              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3658              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3659              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3660              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
3661              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
3662              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3663              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
3664              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
3665         .xlevel = 0x80000008,
3666         .model_id = "Intel Xeon Processor (Skylake)",
3667         .versions = (X86CPUVersionDefinition[]) {
3668             { .version = 1 },
3669             {
3670                 .version = 2,
3671                 .alias = "Skylake-Server-IBRS",
3672                 .props = (PropValue[]) {
3673                     /* clflushopt was not added to Skylake-Server-IBRS */
3674                     /* TODO: add -v3 including clflushopt */
3675                     { "clflushopt", "off" },
3676                     { "spec-ctrl", "on" },
3677                     { "model-id",
3678                       "Intel Xeon Processor (Skylake, IBRS)" },
3679                     { /* end of list */ }
3680                 }
3681             },
3682             {
3683                 .version = 3,
3684                 .alias = "Skylake-Server-noTSX-IBRS",
3685                 .props = (PropValue[]) {
3686                     { "hle", "off" },
3687                     { "rtm", "off" },
3688                     { "model-id",
3689                       "Intel Xeon Processor (Skylake, IBRS, no TSX)" },
3690                     { /* end of list */ }
3691                 }
3692             },
3693             {
3694                 .version = 4,
3695                 .props = (PropValue[]) {
3696                     { "vmx-eptp-switching", "on" },
3697                     { /* end of list */ }
3698                 }
3699             },
3700             {
3701                 .version = 5,
3702                 .note = "IBRS, XSAVES, EPT switching, no TSX",
3703                 .props = (PropValue[]) {
3704                     { "xsaves", "on" },
3705                     { "vmx-xsaves", "on" },
3706                     { /* end of list */ }
3707                 }
3708             },
3709             { /* end of list */ }
3710         }
3711     },
3712     {
3713         .name = "Cascadelake-Server",
3714         .level = 0xd,
3715         .vendor = CPUID_VENDOR_INTEL,
3716         .family = 6,
3717         .model = 85,
3718         .stepping = 6,
3719         .features[FEAT_1_EDX] =
3720             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3721             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3722             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3723             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3724             CPUID_DE | CPUID_FP87,
3725         .features[FEAT_1_ECX] =
3726             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
3727             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
3728             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
3729             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
3730             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
3731             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
3732         .features[FEAT_8000_0001_EDX] =
3733             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
3734             CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
3735         .features[FEAT_8000_0001_ECX] =
3736             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
3737         .features[FEAT_7_0_EBX] =
3738             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
3739             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
3740             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
3741             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
3742             CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLWB |
3743             CPUID_7_0_EBX_AVX512F | CPUID_7_0_EBX_AVX512DQ |
3744             CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512CD |
3745             CPUID_7_0_EBX_AVX512VL | CPUID_7_0_EBX_CLFLUSHOPT,
3746         .features[FEAT_7_0_ECX] =
3747             CPUID_7_0_ECX_PKU |
3748             CPUID_7_0_ECX_AVX512VNNI,
3749         .features[FEAT_7_0_EDX] =
3750             CPUID_7_0_EDX_SPEC_CTRL | CPUID_7_0_EDX_SPEC_CTRL_SSBD,
3751         /* XSAVES is added in version 5 */
3752         .features[FEAT_XSAVE] =
3753             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
3754             CPUID_XSAVE_XGETBV1,
3755         .features[FEAT_6_EAX] =
3756             CPUID_6_EAX_ARAT,
3757         /* Missing: Mode-based execute control (XS/XU), processor tracing, TSC scaling */
3758         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
3759              MSR_VMX_BASIC_TRUE_CTLS,
3760         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
3761              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
3762              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
3763         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
3764              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
3765              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
3766              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3767              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3768              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3769              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
3770         .features[FEAT_VMX_EXIT_CTLS] =
3771              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3772              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3773              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
3774              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3775              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3776         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
3777              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
3778         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
3779              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
3780              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
3781         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3782              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3783              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3784              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3785              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3786              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3787              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3788              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3789              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3790              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3791              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3792              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3793         .features[FEAT_VMX_SECONDARY_CTLS] =
3794              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3795              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3796              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3797              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3798              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3799              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
3800              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
3801              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3802              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
3803              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
3804         .xlevel = 0x80000008,
3805         .model_id = "Intel Xeon Processor (Cascadelake)",
3806         .versions = (X86CPUVersionDefinition[]) {
3807             { .version = 1 },
3808             { .version = 2,
3809               .note = "ARCH_CAPABILITIES",
3810               .props = (PropValue[]) {
3811                   { "arch-capabilities", "on" },
3812                   { "rdctl-no", "on" },
3813                   { "ibrs-all", "on" },
3814                   { "skip-l1dfl-vmentry", "on" },
3815                   { "mds-no", "on" },
3816                   { /* end of list */ }
3817               },
3818             },
3819             { .version = 3,
3820               .alias = "Cascadelake-Server-noTSX",
3821               .note = "ARCH_CAPABILITIES, no TSX",
3822               .props = (PropValue[]) {
3823                   { "hle", "off" },
3824                   { "rtm", "off" },
3825                   { /* end of list */ }
3826               },
3827             },
3828             { .version = 4,
3829               .note = "ARCH_CAPABILITIES, no TSX",
3830               .props = (PropValue[]) {
3831                   { "vmx-eptp-switching", "on" },
3832                   { /* end of list */ }
3833               },
3834             },
3835             { .version = 5,
3836               .note = "ARCH_CAPABILITIES, EPT switching, XSAVES, no TSX",
3837               .props = (PropValue[]) {
3838                   { "xsaves", "on" },
3839                   { "vmx-xsaves", "on" },
3840                   { /* end of list */ }
3841               },
3842             },
3843             { /* end of list */ }
3844         }
3845     },
3846     {
3847         .name = "Cooperlake",
3848         .level = 0xd,
3849         .vendor = CPUID_VENDOR_INTEL,
3850         .family = 6,
3851         .model = 85,
3852         .stepping = 10,
3853         .features[FEAT_1_EDX] =
3854             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3855             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3856             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3857             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3858             CPUID_DE | CPUID_FP87,
3859         .features[FEAT_1_ECX] =
3860             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
3861             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
3862             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
3863             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
3864             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
3865             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
3866         .features[FEAT_8000_0001_EDX] =
3867             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
3868             CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
3869         .features[FEAT_8000_0001_ECX] =
3870             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
3871         .features[FEAT_7_0_EBX] =
3872             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
3873             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
3874             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
3875             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
3876             CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLWB |
3877             CPUID_7_0_EBX_AVX512F | CPUID_7_0_EBX_AVX512DQ |
3878             CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512CD |
3879             CPUID_7_0_EBX_AVX512VL | CPUID_7_0_EBX_CLFLUSHOPT,
3880         .features[FEAT_7_0_ECX] =
3881             CPUID_7_0_ECX_PKU |
3882             CPUID_7_0_ECX_AVX512VNNI,
3883         .features[FEAT_7_0_EDX] =
3884             CPUID_7_0_EDX_SPEC_CTRL | CPUID_7_0_EDX_STIBP |
3885             CPUID_7_0_EDX_SPEC_CTRL_SSBD | CPUID_7_0_EDX_ARCH_CAPABILITIES,
3886         .features[FEAT_ARCH_CAPABILITIES] =
3887             MSR_ARCH_CAP_RDCL_NO | MSR_ARCH_CAP_IBRS_ALL |
3888             MSR_ARCH_CAP_SKIP_L1DFL_VMENTRY | MSR_ARCH_CAP_MDS_NO |
3889             MSR_ARCH_CAP_PSCHANGE_MC_NO | MSR_ARCH_CAP_TAA_NO,
3890         .features[FEAT_7_1_EAX] =
3891             CPUID_7_1_EAX_AVX512_BF16,
3892         /* XSAVES is added in version 2 */
3893         .features[FEAT_XSAVE] =
3894             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
3895             CPUID_XSAVE_XGETBV1,
3896         .features[FEAT_6_EAX] =
3897             CPUID_6_EAX_ARAT,
3898         /* Missing: Mode-based execute control (XS/XU), processor tracing, TSC scaling */
3899         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
3900              MSR_VMX_BASIC_TRUE_CTLS,
3901         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
3902              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
3903              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
3904         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
3905              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
3906              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
3907              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
3908              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
3909              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
3910              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
3911         .features[FEAT_VMX_EXIT_CTLS] =
3912              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
3913              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
3914              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
3915              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
3916              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
3917         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
3918              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
3919         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
3920              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
3921              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
3922         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
3923              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
3924              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
3925              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
3926              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
3927              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
3928              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
3929              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
3930              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
3931              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
3932              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
3933              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
3934         .features[FEAT_VMX_SECONDARY_CTLS] =
3935              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
3936              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
3937              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
3938              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
3939              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
3940              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
3941              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
3942              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
3943              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
3944              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
3945         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
3946         .xlevel = 0x80000008,
3947         .model_id = "Intel Xeon Processor (Cooperlake)",
3948         .versions = (X86CPUVersionDefinition[]) {
3949             { .version = 1 },
3950             { .version = 2,
3951               .note = "XSAVES",
3952               .props = (PropValue[]) {
3953                   { "xsaves", "on" },
3954                   { "vmx-xsaves", "on" },
3955                   { /* end of list */ }
3956               },
3957             },
3958             { /* end of list */ }
3959         }
3960     },
3961     {
3962         .name = "Icelake-Server",
3963         .level = 0xd,
3964         .vendor = CPUID_VENDOR_INTEL,
3965         .family = 6,
3966         .model = 134,
3967         .stepping = 0,
3968         .features[FEAT_1_EDX] =
3969             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
3970             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
3971             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
3972             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
3973             CPUID_DE | CPUID_FP87,
3974         .features[FEAT_1_ECX] =
3975             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
3976             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
3977             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
3978             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
3979             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
3980             CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
3981         .features[FEAT_8000_0001_EDX] =
3982             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
3983             CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
3984         .features[FEAT_8000_0001_ECX] =
3985             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
3986         .features[FEAT_8000_0008_EBX] =
3987             CPUID_8000_0008_EBX_WBNOINVD,
3988         .features[FEAT_7_0_EBX] =
3989             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 |
3990             CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
3991             CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
3992             CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
3993             CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLWB |
3994             CPUID_7_0_EBX_AVX512F | CPUID_7_0_EBX_AVX512DQ |
3995             CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512CD |
3996             CPUID_7_0_EBX_AVX512VL | CPUID_7_0_EBX_CLFLUSHOPT,
3997         .features[FEAT_7_0_ECX] =
3998             CPUID_7_0_ECX_AVX512_VBMI | CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_PKU |
3999             CPUID_7_0_ECX_AVX512_VBMI2 | CPUID_7_0_ECX_GFNI |
4000             CPUID_7_0_ECX_VAES | CPUID_7_0_ECX_VPCLMULQDQ |
4001             CPUID_7_0_ECX_AVX512VNNI | CPUID_7_0_ECX_AVX512BITALG |
4002             CPUID_7_0_ECX_AVX512_VPOPCNTDQ | CPUID_7_0_ECX_LA57,
4003         .features[FEAT_7_0_EDX] =
4004             CPUID_7_0_EDX_SPEC_CTRL | CPUID_7_0_EDX_SPEC_CTRL_SSBD,
4005         /* XSAVES is added in version 5 */
4006         .features[FEAT_XSAVE] =
4007             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
4008             CPUID_XSAVE_XGETBV1,
4009         .features[FEAT_6_EAX] =
4010             CPUID_6_EAX_ARAT,
4011         /* Missing: Mode-based execute control (XS/XU), processor tracing, TSC scaling */
4012         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
4013              MSR_VMX_BASIC_TRUE_CTLS,
4014         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
4015              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
4016              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
4017         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
4018              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
4019              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
4020              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
4021              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
4022              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
4023              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
4024         .features[FEAT_VMX_EXIT_CTLS] =
4025              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
4026              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
4027              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
4028              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
4029              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
4030         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
4031              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
4032         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
4033              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
4034              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
4035         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
4036              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
4037              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
4038              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
4039              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
4040              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
4041              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
4042              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
4043              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
4044              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
4045              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
4046              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
4047         .features[FEAT_VMX_SECONDARY_CTLS] =
4048              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
4049              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
4050              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
4051              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
4052              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
4053              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
4054              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
4055              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
4056              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS,
4057         .xlevel = 0x80000008,
4058         .model_id = "Intel Xeon Processor (Icelake)",
4059         .versions = (X86CPUVersionDefinition[]) {
4060             { .version = 1 },
4061             {
4062                 .version = 2,
4063                 .note = "no TSX",
4064                 .alias = "Icelake-Server-noTSX",
4065                 .props = (PropValue[]) {
4066                     { "hle", "off" },
4067                     { "rtm", "off" },
4068                     { /* end of list */ }
4069                 },
4070             },
4071             {
4072                 .version = 3,
4073                 .props = (PropValue[]) {
4074                     { "arch-capabilities", "on" },
4075                     { "rdctl-no", "on" },
4076                     { "ibrs-all", "on" },
4077                     { "skip-l1dfl-vmentry", "on" },
4078                     { "mds-no", "on" },
4079                     { "pschange-mc-no", "on" },
4080                     { "taa-no", "on" },
4081                     { /* end of list */ }
4082                 },
4083             },
4084             {
4085                 .version = 4,
4086                 .props = (PropValue[]) {
4087                     { "sha-ni", "on" },
4088                     { "avx512ifma", "on" },
4089                     { "rdpid", "on" },
4090                     { "fsrm", "on" },
4091                     { "vmx-rdseed-exit", "on" },
4092                     { "vmx-pml", "on" },
4093                     { "vmx-eptp-switching", "on" },
4094                     { "model", "106" },
4095                     { /* end of list */ }
4096                 },
4097             },
4098             {
4099                 .version = 5,
4100                 .note = "XSAVES",
4101                 .props = (PropValue[]) {
4102                     { "xsaves", "on" },
4103                     { "vmx-xsaves", "on" },
4104                     { /* end of list */ }
4105                 },
4106             },
4107             {
4108                 .version = 6,
4109                 .note = "5-level EPT",
4110                 .props = (PropValue[]) {
4111                     { "vmx-page-walk-5", "on" },
4112                     { /* end of list */ }
4113                 },
4114             },
4115             {
4116                 .version = 7,
4117                 .note = "TSX, taa-no",
4118                 .props = (PropValue[]) {
4119                     /* Restore TSX features removed by -v2 above */
4120                     { "hle", "on" },
4121                     { "rtm", "on" },
4122                     { /* end of list */ }
4123                 },
4124             },
4125             { /* end of list */ }
4126         }
4127     },
4128     {
4129         .name = "SapphireRapids",
4130         .level = 0x20,
4131         .vendor = CPUID_VENDOR_INTEL,
4132         .family = 6,
4133         .model = 143,
4134         .stepping = 4,
4135         /*
4136          * please keep the ascending order so that we can have a clear view of
4137          * bit position of each feature.
4138          */
4139         .features[FEAT_1_EDX] =
4140             CPUID_FP87 | CPUID_VME | CPUID_DE | CPUID_PSE | CPUID_TSC |
4141             CPUID_MSR | CPUID_PAE | CPUID_MCE | CPUID_CX8 | CPUID_APIC |
4142             CPUID_SEP | CPUID_MTRR | CPUID_PGE | CPUID_MCA | CPUID_CMOV |
4143             CPUID_PAT | CPUID_PSE36 | CPUID_CLFLUSH | CPUID_MMX | CPUID_FXSR |
4144             CPUID_SSE | CPUID_SSE2,
4145         .features[FEAT_1_ECX] =
4146             CPUID_EXT_SSE3 | CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSSE3 |
4147             CPUID_EXT_FMA | CPUID_EXT_CX16 | CPUID_EXT_PCID | CPUID_EXT_SSE41 |
4148             CPUID_EXT_SSE42 | CPUID_EXT_X2APIC | CPUID_EXT_MOVBE |
4149             CPUID_EXT_POPCNT | CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_AES |
4150             CPUID_EXT_XSAVE | CPUID_EXT_AVX | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
4151         .features[FEAT_8000_0001_EDX] =
4152             CPUID_EXT2_SYSCALL | CPUID_EXT2_NX | CPUID_EXT2_PDPE1GB |
4153             CPUID_EXT2_RDTSCP | CPUID_EXT2_LM,
4154         .features[FEAT_8000_0001_ECX] =
4155             CPUID_EXT3_LAHF_LM | CPUID_EXT3_ABM | CPUID_EXT3_3DNOWPREFETCH,
4156         .features[FEAT_8000_0008_EBX] =
4157             CPUID_8000_0008_EBX_WBNOINVD,
4158         .features[FEAT_7_0_EBX] =
4159             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_HLE |
4160             CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 |
4161             CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID | CPUID_7_0_EBX_RTM |
4162             CPUID_7_0_EBX_AVX512F | CPUID_7_0_EBX_AVX512DQ |
4163             CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_SMAP |
4164             CPUID_7_0_EBX_AVX512IFMA | CPUID_7_0_EBX_CLFLUSHOPT |
4165             CPUID_7_0_EBX_CLWB | CPUID_7_0_EBX_AVX512CD | CPUID_7_0_EBX_SHA_NI |
4166             CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512VL,
4167         .features[FEAT_7_0_ECX] =
4168             CPUID_7_0_ECX_AVX512_VBMI | CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_PKU |
4169             CPUID_7_0_ECX_AVX512_VBMI2 | CPUID_7_0_ECX_GFNI |
4170             CPUID_7_0_ECX_VAES | CPUID_7_0_ECX_VPCLMULQDQ |
4171             CPUID_7_0_ECX_AVX512VNNI | CPUID_7_0_ECX_AVX512BITALG |
4172             CPUID_7_0_ECX_AVX512_VPOPCNTDQ | CPUID_7_0_ECX_LA57 |
4173             CPUID_7_0_ECX_RDPID | CPUID_7_0_ECX_BUS_LOCK_DETECT,
4174         .features[FEAT_7_0_EDX] =
4175             CPUID_7_0_EDX_FSRM | CPUID_7_0_EDX_SERIALIZE |
4176             CPUID_7_0_EDX_TSX_LDTRK | CPUID_7_0_EDX_AMX_BF16 |
4177             CPUID_7_0_EDX_AVX512_FP16 | CPUID_7_0_EDX_AMX_TILE |
4178             CPUID_7_0_EDX_AMX_INT8 | CPUID_7_0_EDX_SPEC_CTRL |
4179             CPUID_7_0_EDX_ARCH_CAPABILITIES | CPUID_7_0_EDX_SPEC_CTRL_SSBD,
4180         .features[FEAT_ARCH_CAPABILITIES] =
4181             MSR_ARCH_CAP_RDCL_NO | MSR_ARCH_CAP_IBRS_ALL |
4182             MSR_ARCH_CAP_SKIP_L1DFL_VMENTRY | MSR_ARCH_CAP_MDS_NO |
4183             MSR_ARCH_CAP_PSCHANGE_MC_NO | MSR_ARCH_CAP_TAA_NO,
4184         .features[FEAT_XSAVE] =
4185             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
4186             CPUID_XSAVE_XGETBV1 | CPUID_XSAVE_XSAVES | CPUID_D_1_EAX_XFD,
4187         .features[FEAT_6_EAX] =
4188             CPUID_6_EAX_ARAT,
4189         .features[FEAT_7_1_EAX] =
4190             CPUID_7_1_EAX_AVX_VNNI | CPUID_7_1_EAX_AVX512_BF16 |
4191             CPUID_7_1_EAX_FZRM | CPUID_7_1_EAX_FSRS | CPUID_7_1_EAX_FSRC,
4192         .features[FEAT_VMX_BASIC] =
4193             MSR_VMX_BASIC_INS_OUTS | MSR_VMX_BASIC_TRUE_CTLS,
4194         .features[FEAT_VMX_ENTRY_CTLS] =
4195             VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_IA32E_MODE |
4196             VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL |
4197             VMX_VM_ENTRY_LOAD_IA32_PAT | VMX_VM_ENTRY_LOAD_IA32_EFER,
4198         .features[FEAT_VMX_EPT_VPID_CAPS] =
4199             MSR_VMX_EPT_EXECONLY |
4200             MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_PAGE_WALK_LENGTH_5 |
4201             MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB | MSR_VMX_EPT_1GB |
4202             MSR_VMX_EPT_INVEPT | MSR_VMX_EPT_AD_BITS |
4203             MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
4204             MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
4205             MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT |
4206             MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
4207             MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS,
4208         .features[FEAT_VMX_EXIT_CTLS] =
4209             VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
4210             VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
4211             VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_IA32_PAT |
4212             VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
4213             VMX_VM_EXIT_LOAD_IA32_EFER | VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
4214         .features[FEAT_VMX_MISC] =
4215             MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_ACTIVITY_HLT |
4216             MSR_VMX_MISC_VMWRITE_VMEXIT,
4217         .features[FEAT_VMX_PINBASED_CTLS] =
4218             VMX_PIN_BASED_EXT_INTR_MASK | VMX_PIN_BASED_NMI_EXITING |
4219             VMX_PIN_BASED_VIRTUAL_NMIS | VMX_PIN_BASED_VMX_PREEMPTION_TIMER |
4220             VMX_PIN_BASED_POSTED_INTR,
4221         .features[FEAT_VMX_PROCBASED_CTLS] =
4222             VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
4223             VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
4224             VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
4225             VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
4226             VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
4227             VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
4228             VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_VIRTUAL_NMI_PENDING |
4229             VMX_CPU_BASED_MOV_DR_EXITING | VMX_CPU_BASED_UNCOND_IO_EXITING |
4230             VMX_CPU_BASED_USE_IO_BITMAPS | VMX_CPU_BASED_MONITOR_TRAP_FLAG |
4231             VMX_CPU_BASED_USE_MSR_BITMAPS | VMX_CPU_BASED_MONITOR_EXITING |
4232             VMX_CPU_BASED_PAUSE_EXITING |
4233             VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
4234         .features[FEAT_VMX_SECONDARY_CTLS] =
4235             VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
4236             VMX_SECONDARY_EXEC_ENABLE_EPT | VMX_SECONDARY_EXEC_DESC |
4237             VMX_SECONDARY_EXEC_RDTSCP |
4238             VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
4239             VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_WBINVD_EXITING |
4240             VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
4241             VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
4242             VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
4243             VMX_SECONDARY_EXEC_RDRAND_EXITING |
4244             VMX_SECONDARY_EXEC_ENABLE_INVPCID |
4245             VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
4246             VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML |
4247             VMX_SECONDARY_EXEC_XSAVES,
4248         .features[FEAT_VMX_VMFUNC] =
4249             MSR_VMX_VMFUNC_EPT_SWITCHING,
4250         .xlevel = 0x80000008,
4251         .model_id = "Intel Xeon Processor (SapphireRapids)",
4252         .versions = (X86CPUVersionDefinition[]) {
4253             { .version = 1 },
4254             {
4255                 .version = 2,
4256                 .props = (PropValue[]) {
4257                     { "sbdr-ssdp-no", "on" },
4258                     { "fbsdp-no", "on" },
4259                     { "psdp-no", "on" },
4260                     { /* end of list */ }
4261                 }
4262             },
4263             {
4264                 .version = 3,
4265                 .props = (PropValue[]) {
4266                     { "ss", "on" },
4267                     { "tsc-adjust", "on" },
4268                     { "cldemote", "on" },
4269                     { "movdiri", "on" },
4270                     { "movdir64b", "on" },
4271                     { /* end of list */ }
4272                 }
4273             },
4274             { /* end of list */ }
4275         }
4276     },
4277     {
4278         .name = "GraniteRapids",
4279         .level = 0x20,
4280         .vendor = CPUID_VENDOR_INTEL,
4281         .family = 6,
4282         .model = 173,
4283         .stepping = 0,
4284         /*
4285          * please keep the ascending order so that we can have a clear view of
4286          * bit position of each feature.
4287          */
4288         .features[FEAT_1_EDX] =
4289             CPUID_FP87 | CPUID_VME | CPUID_DE | CPUID_PSE | CPUID_TSC |
4290             CPUID_MSR | CPUID_PAE | CPUID_MCE | CPUID_CX8 | CPUID_APIC |
4291             CPUID_SEP | CPUID_MTRR | CPUID_PGE | CPUID_MCA | CPUID_CMOV |
4292             CPUID_PAT | CPUID_PSE36 | CPUID_CLFLUSH | CPUID_MMX | CPUID_FXSR |
4293             CPUID_SSE | CPUID_SSE2,
4294         .features[FEAT_1_ECX] =
4295             CPUID_EXT_SSE3 | CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSSE3 |
4296             CPUID_EXT_FMA | CPUID_EXT_CX16 | CPUID_EXT_PCID | CPUID_EXT_SSE41 |
4297             CPUID_EXT_SSE42 | CPUID_EXT_X2APIC | CPUID_EXT_MOVBE |
4298             CPUID_EXT_POPCNT | CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_AES |
4299             CPUID_EXT_XSAVE | CPUID_EXT_AVX | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
4300         .features[FEAT_8000_0001_EDX] =
4301             CPUID_EXT2_SYSCALL | CPUID_EXT2_NX | CPUID_EXT2_PDPE1GB |
4302             CPUID_EXT2_RDTSCP | CPUID_EXT2_LM,
4303         .features[FEAT_8000_0001_ECX] =
4304             CPUID_EXT3_LAHF_LM | CPUID_EXT3_ABM | CPUID_EXT3_3DNOWPREFETCH,
4305         .features[FEAT_8000_0008_EBX] =
4306             CPUID_8000_0008_EBX_WBNOINVD,
4307         .features[FEAT_7_0_EBX] =
4308             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_HLE |
4309             CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 |
4310             CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID | CPUID_7_0_EBX_RTM |
4311             CPUID_7_0_EBX_AVX512F | CPUID_7_0_EBX_AVX512DQ |
4312             CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_SMAP |
4313             CPUID_7_0_EBX_AVX512IFMA | CPUID_7_0_EBX_CLFLUSHOPT |
4314             CPUID_7_0_EBX_CLWB | CPUID_7_0_EBX_AVX512CD | CPUID_7_0_EBX_SHA_NI |
4315             CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512VL,
4316         .features[FEAT_7_0_ECX] =
4317             CPUID_7_0_ECX_AVX512_VBMI | CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_PKU |
4318             CPUID_7_0_ECX_AVX512_VBMI2 | CPUID_7_0_ECX_GFNI |
4319             CPUID_7_0_ECX_VAES | CPUID_7_0_ECX_VPCLMULQDQ |
4320             CPUID_7_0_ECX_AVX512VNNI | CPUID_7_0_ECX_AVX512BITALG |
4321             CPUID_7_0_ECX_AVX512_VPOPCNTDQ | CPUID_7_0_ECX_LA57 |
4322             CPUID_7_0_ECX_RDPID | CPUID_7_0_ECX_BUS_LOCK_DETECT,
4323         .features[FEAT_7_0_EDX] =
4324             CPUID_7_0_EDX_FSRM | CPUID_7_0_EDX_SERIALIZE |
4325             CPUID_7_0_EDX_TSX_LDTRK | CPUID_7_0_EDX_AMX_BF16 |
4326             CPUID_7_0_EDX_AVX512_FP16 | CPUID_7_0_EDX_AMX_TILE |
4327             CPUID_7_0_EDX_AMX_INT8 | CPUID_7_0_EDX_SPEC_CTRL |
4328             CPUID_7_0_EDX_ARCH_CAPABILITIES | CPUID_7_0_EDX_SPEC_CTRL_SSBD,
4329         .features[FEAT_ARCH_CAPABILITIES] =
4330             MSR_ARCH_CAP_RDCL_NO | MSR_ARCH_CAP_IBRS_ALL |
4331             MSR_ARCH_CAP_SKIP_L1DFL_VMENTRY | MSR_ARCH_CAP_MDS_NO |
4332             MSR_ARCH_CAP_PSCHANGE_MC_NO | MSR_ARCH_CAP_TAA_NO |
4333             MSR_ARCH_CAP_SBDR_SSDP_NO | MSR_ARCH_CAP_FBSDP_NO |
4334             MSR_ARCH_CAP_PSDP_NO | MSR_ARCH_CAP_PBRSB_NO,
4335         .features[FEAT_XSAVE] =
4336             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
4337             CPUID_XSAVE_XGETBV1 | CPUID_XSAVE_XSAVES | CPUID_D_1_EAX_XFD,
4338         .features[FEAT_6_EAX] =
4339             CPUID_6_EAX_ARAT,
4340         .features[FEAT_7_1_EAX] =
4341             CPUID_7_1_EAX_AVX_VNNI | CPUID_7_1_EAX_AVX512_BF16 |
4342             CPUID_7_1_EAX_FZRM | CPUID_7_1_EAX_FSRS | CPUID_7_1_EAX_FSRC |
4343             CPUID_7_1_EAX_AMX_FP16,
4344         .features[FEAT_7_1_EDX] =
4345             CPUID_7_1_EDX_PREFETCHITI,
4346         .features[FEAT_7_2_EDX] =
4347             CPUID_7_2_EDX_MCDT_NO,
4348         .features[FEAT_VMX_BASIC] =
4349             MSR_VMX_BASIC_INS_OUTS | MSR_VMX_BASIC_TRUE_CTLS,
4350         .features[FEAT_VMX_ENTRY_CTLS] =
4351             VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_IA32E_MODE |
4352             VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL |
4353             VMX_VM_ENTRY_LOAD_IA32_PAT | VMX_VM_ENTRY_LOAD_IA32_EFER,
4354         .features[FEAT_VMX_EPT_VPID_CAPS] =
4355             MSR_VMX_EPT_EXECONLY |
4356             MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_PAGE_WALK_LENGTH_5 |
4357             MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB | MSR_VMX_EPT_1GB |
4358             MSR_VMX_EPT_INVEPT | MSR_VMX_EPT_AD_BITS |
4359             MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
4360             MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
4361             MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT |
4362             MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
4363             MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS,
4364         .features[FEAT_VMX_EXIT_CTLS] =
4365             VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
4366             VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
4367             VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_IA32_PAT |
4368             VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
4369             VMX_VM_EXIT_LOAD_IA32_EFER | VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
4370         .features[FEAT_VMX_MISC] =
4371             MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_ACTIVITY_HLT |
4372             MSR_VMX_MISC_VMWRITE_VMEXIT,
4373         .features[FEAT_VMX_PINBASED_CTLS] =
4374             VMX_PIN_BASED_EXT_INTR_MASK | VMX_PIN_BASED_NMI_EXITING |
4375             VMX_PIN_BASED_VIRTUAL_NMIS | VMX_PIN_BASED_VMX_PREEMPTION_TIMER |
4376             VMX_PIN_BASED_POSTED_INTR,
4377         .features[FEAT_VMX_PROCBASED_CTLS] =
4378             VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
4379             VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
4380             VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
4381             VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
4382             VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
4383             VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
4384             VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_VIRTUAL_NMI_PENDING |
4385             VMX_CPU_BASED_MOV_DR_EXITING | VMX_CPU_BASED_UNCOND_IO_EXITING |
4386             VMX_CPU_BASED_USE_IO_BITMAPS | VMX_CPU_BASED_MONITOR_TRAP_FLAG |
4387             VMX_CPU_BASED_USE_MSR_BITMAPS | VMX_CPU_BASED_MONITOR_EXITING |
4388             VMX_CPU_BASED_PAUSE_EXITING |
4389             VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
4390         .features[FEAT_VMX_SECONDARY_CTLS] =
4391             VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
4392             VMX_SECONDARY_EXEC_ENABLE_EPT | VMX_SECONDARY_EXEC_DESC |
4393             VMX_SECONDARY_EXEC_RDTSCP |
4394             VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
4395             VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_WBINVD_EXITING |
4396             VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
4397             VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
4398             VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
4399             VMX_SECONDARY_EXEC_RDRAND_EXITING |
4400             VMX_SECONDARY_EXEC_ENABLE_INVPCID |
4401             VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
4402             VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML |
4403             VMX_SECONDARY_EXEC_XSAVES,
4404         .features[FEAT_VMX_VMFUNC] =
4405             MSR_VMX_VMFUNC_EPT_SWITCHING,
4406         .xlevel = 0x80000008,
4407         .model_id = "Intel Xeon Processor (GraniteRapids)",
4408         .versions = (X86CPUVersionDefinition[]) {
4409             { .version = 1 },
4410             {
4411                 .version = 2,
4412                 .props = (PropValue[]) {
4413                     { "ss", "on" },
4414                     { "tsc-adjust", "on" },
4415                     { "cldemote", "on" },
4416                     { "movdiri", "on" },
4417                     { "movdir64b", "on" },
4418                     { "avx10", "on" },
4419                     { "avx10-128", "on" },
4420                     { "avx10-256", "on" },
4421                     { "avx10-512", "on" },
4422                     { "avx10-version", "1" },
4423                     { "stepping", "1" },
4424                     { /* end of list */ }
4425                 }
4426             },
4427             { /* end of list */ },
4428         },
4429     },
4430     {
4431         .name = "SierraForest",
4432         .level = 0x23,
4433         .vendor = CPUID_VENDOR_INTEL,
4434         .family = 6,
4435         .model = 175,
4436         .stepping = 0,
4437         /*
4438          * please keep the ascending order so that we can have a clear view of
4439          * bit position of each feature.
4440          */
4441         .features[FEAT_1_EDX] =
4442             CPUID_FP87 | CPUID_VME | CPUID_DE | CPUID_PSE | CPUID_TSC |
4443             CPUID_MSR | CPUID_PAE | CPUID_MCE | CPUID_CX8 | CPUID_APIC |
4444             CPUID_SEP | CPUID_MTRR | CPUID_PGE | CPUID_MCA | CPUID_CMOV |
4445             CPUID_PAT | CPUID_PSE36 | CPUID_CLFLUSH | CPUID_MMX | CPUID_FXSR |
4446             CPUID_SSE | CPUID_SSE2,
4447         .features[FEAT_1_ECX] =
4448             CPUID_EXT_SSE3 | CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSSE3 |
4449             CPUID_EXT_FMA | CPUID_EXT_CX16 | CPUID_EXT_PCID | CPUID_EXT_SSE41 |
4450             CPUID_EXT_SSE42 | CPUID_EXT_X2APIC | CPUID_EXT_MOVBE |
4451             CPUID_EXT_POPCNT | CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_AES |
4452             CPUID_EXT_XSAVE | CPUID_EXT_AVX | CPUID_EXT_F16C | CPUID_EXT_RDRAND,
4453         .features[FEAT_8000_0001_EDX] =
4454             CPUID_EXT2_SYSCALL | CPUID_EXT2_NX | CPUID_EXT2_PDPE1GB |
4455             CPUID_EXT2_RDTSCP | CPUID_EXT2_LM,
4456         .features[FEAT_8000_0001_ECX] =
4457             CPUID_EXT3_LAHF_LM | CPUID_EXT3_ABM | CPUID_EXT3_3DNOWPREFETCH,
4458         .features[FEAT_8000_0008_EBX] =
4459             CPUID_8000_0008_EBX_WBNOINVD,
4460         .features[FEAT_7_0_EBX] =
4461             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_AVX2 |
4462             CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS |
4463             CPUID_7_0_EBX_INVPCID | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
4464             CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLFLUSHOPT | CPUID_7_0_EBX_CLWB |
4465             CPUID_7_0_EBX_SHA_NI,
4466         .features[FEAT_7_0_ECX] =
4467             CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_PKU | CPUID_7_0_ECX_GFNI |
4468             CPUID_7_0_ECX_VAES | CPUID_7_0_ECX_VPCLMULQDQ |
4469             CPUID_7_0_ECX_RDPID | CPUID_7_0_ECX_BUS_LOCK_DETECT,
4470         .features[FEAT_7_0_EDX] =
4471             CPUID_7_0_EDX_FSRM | CPUID_7_0_EDX_SERIALIZE |
4472             CPUID_7_0_EDX_SPEC_CTRL | CPUID_7_0_EDX_ARCH_CAPABILITIES |
4473             CPUID_7_0_EDX_SPEC_CTRL_SSBD,
4474         .features[FEAT_ARCH_CAPABILITIES] =
4475             MSR_ARCH_CAP_RDCL_NO | MSR_ARCH_CAP_IBRS_ALL |
4476             MSR_ARCH_CAP_SKIP_L1DFL_VMENTRY | MSR_ARCH_CAP_MDS_NO |
4477             MSR_ARCH_CAP_PSCHANGE_MC_NO | MSR_ARCH_CAP_SBDR_SSDP_NO |
4478             MSR_ARCH_CAP_FBSDP_NO | MSR_ARCH_CAP_PSDP_NO |
4479             MSR_ARCH_CAP_PBRSB_NO,
4480         .features[FEAT_XSAVE] =
4481             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
4482             CPUID_XSAVE_XGETBV1 | CPUID_XSAVE_XSAVES,
4483         .features[FEAT_6_EAX] =
4484             CPUID_6_EAX_ARAT,
4485         .features[FEAT_7_1_EAX] =
4486             CPUID_7_1_EAX_AVX_VNNI | CPUID_7_1_EAX_CMPCCXADD |
4487             CPUID_7_1_EAX_FSRS | CPUID_7_1_EAX_AVX_IFMA,
4488         .features[FEAT_7_1_EDX] =
4489             CPUID_7_1_EDX_AVX_VNNI_INT8 | CPUID_7_1_EDX_AVX_NE_CONVERT,
4490         .features[FEAT_7_2_EDX] =
4491             CPUID_7_2_EDX_MCDT_NO,
4492         .features[FEAT_VMX_BASIC] =
4493             MSR_VMX_BASIC_INS_OUTS | MSR_VMX_BASIC_TRUE_CTLS,
4494         .features[FEAT_VMX_ENTRY_CTLS] =
4495             VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_IA32E_MODE |
4496             VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL |
4497             VMX_VM_ENTRY_LOAD_IA32_PAT | VMX_VM_ENTRY_LOAD_IA32_EFER,
4498         .features[FEAT_VMX_EPT_VPID_CAPS] =
4499             MSR_VMX_EPT_EXECONLY | MSR_VMX_EPT_PAGE_WALK_LENGTH_4 |
4500             MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB | MSR_VMX_EPT_1GB |
4501             MSR_VMX_EPT_INVEPT | MSR_VMX_EPT_AD_BITS |
4502             MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
4503             MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
4504             MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT |
4505             MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
4506             MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS,
4507         .features[FEAT_VMX_EXIT_CTLS] =
4508             VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
4509             VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
4510             VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_IA32_PAT |
4511             VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
4512             VMX_VM_EXIT_LOAD_IA32_EFER | VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
4513         .features[FEAT_VMX_MISC] =
4514             MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_ACTIVITY_HLT |
4515             MSR_VMX_MISC_VMWRITE_VMEXIT,
4516         .features[FEAT_VMX_PINBASED_CTLS] =
4517             VMX_PIN_BASED_EXT_INTR_MASK | VMX_PIN_BASED_NMI_EXITING |
4518             VMX_PIN_BASED_VIRTUAL_NMIS | VMX_PIN_BASED_VMX_PREEMPTION_TIMER |
4519             VMX_PIN_BASED_POSTED_INTR,
4520         .features[FEAT_VMX_PROCBASED_CTLS] =
4521             VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
4522             VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
4523             VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
4524             VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
4525             VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
4526             VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
4527             VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_VIRTUAL_NMI_PENDING |
4528             VMX_CPU_BASED_MOV_DR_EXITING | VMX_CPU_BASED_UNCOND_IO_EXITING |
4529             VMX_CPU_BASED_USE_IO_BITMAPS | VMX_CPU_BASED_MONITOR_TRAP_FLAG |
4530             VMX_CPU_BASED_USE_MSR_BITMAPS | VMX_CPU_BASED_MONITOR_EXITING |
4531             VMX_CPU_BASED_PAUSE_EXITING |
4532             VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
4533         .features[FEAT_VMX_SECONDARY_CTLS] =
4534             VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
4535             VMX_SECONDARY_EXEC_ENABLE_EPT | VMX_SECONDARY_EXEC_DESC |
4536             VMX_SECONDARY_EXEC_RDTSCP |
4537             VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
4538             VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_WBINVD_EXITING |
4539             VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
4540             VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
4541             VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
4542             VMX_SECONDARY_EXEC_RDRAND_EXITING |
4543             VMX_SECONDARY_EXEC_ENABLE_INVPCID |
4544             VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
4545             VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML |
4546             VMX_SECONDARY_EXEC_XSAVES,
4547         .features[FEAT_VMX_VMFUNC] =
4548             MSR_VMX_VMFUNC_EPT_SWITCHING,
4549         .xlevel = 0x80000008,
4550         .model_id = "Intel Xeon Processor (SierraForest)",
4551         .versions = (X86CPUVersionDefinition[]) {
4552             { .version = 1 },
4553             { /* end of list */ },
4554         },
4555     },
4556     {
4557         .name = "Denverton",
4558         .level = 21,
4559         .vendor = CPUID_VENDOR_INTEL,
4560         .family = 6,
4561         .model = 95,
4562         .stepping = 1,
4563         .features[FEAT_1_EDX] =
4564             CPUID_FP87 | CPUID_VME | CPUID_DE | CPUID_PSE | CPUID_TSC |
4565             CPUID_MSR | CPUID_PAE | CPUID_MCE | CPUID_CX8 | CPUID_APIC |
4566             CPUID_SEP | CPUID_MTRR | CPUID_PGE | CPUID_MCA | CPUID_CMOV |
4567             CPUID_PAT | CPUID_PSE36 | CPUID_CLFLUSH | CPUID_MMX | CPUID_FXSR |
4568             CPUID_SSE | CPUID_SSE2,
4569         .features[FEAT_1_ECX] =
4570             CPUID_EXT_SSE3 | CPUID_EXT_PCLMULQDQ | CPUID_EXT_MONITOR |
4571             CPUID_EXT_SSSE3 | CPUID_EXT_CX16 | CPUID_EXT_SSE41 |
4572             CPUID_EXT_SSE42 | CPUID_EXT_X2APIC | CPUID_EXT_MOVBE |
4573             CPUID_EXT_POPCNT | CPUID_EXT_TSC_DEADLINE_TIMER |
4574             CPUID_EXT_AES | CPUID_EXT_XSAVE | CPUID_EXT_RDRAND,
4575         .features[FEAT_8000_0001_EDX] =
4576             CPUID_EXT2_SYSCALL | CPUID_EXT2_NX | CPUID_EXT2_PDPE1GB |
4577             CPUID_EXT2_RDTSCP | CPUID_EXT2_LM,
4578         .features[FEAT_8000_0001_ECX] =
4579             CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
4580         .features[FEAT_7_0_EBX] =
4581             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_ERMS |
4582             CPUID_7_0_EBX_MPX | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_SMAP |
4583             CPUID_7_0_EBX_CLFLUSHOPT | CPUID_7_0_EBX_SHA_NI,
4584         .features[FEAT_7_0_EDX] =
4585             CPUID_7_0_EDX_SPEC_CTRL | CPUID_7_0_EDX_ARCH_CAPABILITIES |
4586             CPUID_7_0_EDX_SPEC_CTRL_SSBD,
4587         /* XSAVES is added in version 3 */
4588         .features[FEAT_XSAVE] =
4589             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC | CPUID_XSAVE_XGETBV1,
4590         .features[FEAT_6_EAX] =
4591             CPUID_6_EAX_ARAT,
4592         .features[FEAT_ARCH_CAPABILITIES] =
4593             MSR_ARCH_CAP_RDCL_NO | MSR_ARCH_CAP_SKIP_L1DFL_VMENTRY,
4594         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
4595              MSR_VMX_BASIC_TRUE_CTLS,
4596         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
4597              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
4598              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
4599         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
4600              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
4601              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
4602              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
4603              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
4604              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
4605              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
4606         .features[FEAT_VMX_EXIT_CTLS] =
4607              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
4608              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
4609              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
4610              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
4611              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
4612         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
4613              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
4614         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
4615              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
4616              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
4617         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
4618              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
4619              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
4620              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
4621              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
4622              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
4623              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
4624              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
4625              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
4626              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
4627              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
4628              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
4629         .features[FEAT_VMX_SECONDARY_CTLS] =
4630              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
4631              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
4632              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
4633              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
4634              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
4635              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
4636              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
4637              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
4638              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
4639              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
4640         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
4641         .xlevel = 0x80000008,
4642         .model_id = "Intel Atom Processor (Denverton)",
4643         .versions = (X86CPUVersionDefinition[]) {
4644             { .version = 1 },
4645             {
4646                 .version = 2,
4647                 .note = "no MPX, no MONITOR",
4648                 .props = (PropValue[]) {
4649                     { "monitor", "off" },
4650                     { "mpx", "off" },
4651                     { /* end of list */ },
4652                 },
4653             },
4654             {
4655                 .version = 3,
4656                 .note = "XSAVES, no MPX, no MONITOR",
4657                 .props = (PropValue[]) {
4658                     { "xsaves", "on" },
4659                     { "vmx-xsaves", "on" },
4660                     { /* end of list */ },
4661                 },
4662             },
4663             { /* end of list */ },
4664         },
4665     },
4666     {
4667         .name = "Snowridge",
4668         .level = 27,
4669         .vendor = CPUID_VENDOR_INTEL,
4670         .family = 6,
4671         .model = 134,
4672         .stepping = 1,
4673         .features[FEAT_1_EDX] =
4674             /* missing: CPUID_PN CPUID_IA64 */
4675             /* missing: CPUID_DTS, CPUID_HT, CPUID_TM, CPUID_PBE */
4676             CPUID_FP87 | CPUID_VME | CPUID_DE | CPUID_PSE |
4677             CPUID_TSC | CPUID_MSR | CPUID_PAE | CPUID_MCE |
4678             CPUID_CX8 | CPUID_APIC | CPUID_SEP |
4679             CPUID_MTRR | CPUID_PGE | CPUID_MCA | CPUID_CMOV |
4680             CPUID_PAT | CPUID_PSE36 | CPUID_CLFLUSH |
4681             CPUID_MMX |
4682             CPUID_FXSR | CPUID_SSE | CPUID_SSE2,
4683         .features[FEAT_1_ECX] =
4684             CPUID_EXT_SSE3 | CPUID_EXT_PCLMULQDQ | CPUID_EXT_MONITOR |
4685             CPUID_EXT_SSSE3 |
4686             CPUID_EXT_CX16 |
4687             CPUID_EXT_SSE41 |
4688             CPUID_EXT_SSE42 | CPUID_EXT_X2APIC | CPUID_EXT_MOVBE |
4689             CPUID_EXT_POPCNT |
4690             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_AES | CPUID_EXT_XSAVE |
4691             CPUID_EXT_RDRAND,
4692         .features[FEAT_8000_0001_EDX] =
4693             CPUID_EXT2_SYSCALL |
4694             CPUID_EXT2_NX |
4695             CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
4696             CPUID_EXT2_LM,
4697         .features[FEAT_8000_0001_ECX] =
4698             CPUID_EXT3_LAHF_LM |
4699             CPUID_EXT3_3DNOWPREFETCH,
4700         .features[FEAT_7_0_EBX] =
4701             CPUID_7_0_EBX_FSGSBASE |
4702             CPUID_7_0_EBX_SMEP |
4703             CPUID_7_0_EBX_ERMS |
4704             CPUID_7_0_EBX_MPX |  /* missing bits 13, 15 */
4705             CPUID_7_0_EBX_RDSEED |
4706             CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLFLUSHOPT |
4707             CPUID_7_0_EBX_CLWB |
4708             CPUID_7_0_EBX_SHA_NI,
4709         .features[FEAT_7_0_ECX] =
4710             CPUID_7_0_ECX_UMIP |
4711             /* missing bit 5 */
4712             CPUID_7_0_ECX_GFNI |
4713             CPUID_7_0_ECX_MOVDIRI | CPUID_7_0_ECX_CLDEMOTE |
4714             CPUID_7_0_ECX_MOVDIR64B,
4715         .features[FEAT_7_0_EDX] =
4716             CPUID_7_0_EDX_SPEC_CTRL |
4717             CPUID_7_0_EDX_ARCH_CAPABILITIES | CPUID_7_0_EDX_SPEC_CTRL_SSBD |
4718             CPUID_7_0_EDX_CORE_CAPABILITY,
4719         .features[FEAT_CORE_CAPABILITY] =
4720             MSR_CORE_CAP_SPLIT_LOCK_DETECT,
4721         /* XSAVES is added in version 3 */
4722         .features[FEAT_XSAVE] =
4723             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
4724             CPUID_XSAVE_XGETBV1,
4725         .features[FEAT_6_EAX] =
4726             CPUID_6_EAX_ARAT,
4727         .features[FEAT_VMX_BASIC] = MSR_VMX_BASIC_INS_OUTS |
4728              MSR_VMX_BASIC_TRUE_CTLS,
4729         .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE |
4730              VMX_VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VMX_VM_ENTRY_LOAD_IA32_PAT |
4731              VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS | VMX_VM_ENTRY_LOAD_IA32_EFER,
4732         .features[FEAT_VMX_EPT_VPID_CAPS] = MSR_VMX_EPT_EXECONLY |
4733              MSR_VMX_EPT_PAGE_WALK_LENGTH_4 | MSR_VMX_EPT_WB | MSR_VMX_EPT_2MB |
4734              MSR_VMX_EPT_1GB | MSR_VMX_EPT_INVEPT |
4735              MSR_VMX_EPT_INVEPT_SINGLE_CONTEXT | MSR_VMX_EPT_INVEPT_ALL_CONTEXT |
4736              MSR_VMX_EPT_INVVPID | MSR_VMX_EPT_INVVPID_SINGLE_ADDR |
4737              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT | MSR_VMX_EPT_INVVPID_ALL_CONTEXT |
4738              MSR_VMX_EPT_INVVPID_SINGLE_CONTEXT_NOGLOBALS | MSR_VMX_EPT_AD_BITS,
4739         .features[FEAT_VMX_EXIT_CTLS] =
4740              VMX_VM_EXIT_ACK_INTR_ON_EXIT | VMX_VM_EXIT_SAVE_DEBUG_CONTROLS |
4741              VMX_VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL |
4742              VMX_VM_EXIT_LOAD_IA32_PAT | VMX_VM_EXIT_LOAD_IA32_EFER |
4743              VMX_VM_EXIT_SAVE_IA32_PAT | VMX_VM_EXIT_SAVE_IA32_EFER |
4744              VMX_VM_EXIT_SAVE_VMX_PREEMPTION_TIMER,
4745         .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT |
4746              MSR_VMX_MISC_STORE_LMA | MSR_VMX_MISC_VMWRITE_VMEXIT,
4747         .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
4748              VMX_PIN_BASED_NMI_EXITING | VMX_PIN_BASED_VIRTUAL_NMIS |
4749              VMX_PIN_BASED_VMX_PREEMPTION_TIMER | VMX_PIN_BASED_POSTED_INTR,
4750         .features[FEAT_VMX_PROCBASED_CTLS] = VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
4751              VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
4752              VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
4753              VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
4754              VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
4755              VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
4756              VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
4757              VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING |
4758              VMX_CPU_BASED_VIRTUAL_NMI_PENDING | VMX_CPU_BASED_USE_MSR_BITMAPS |
4759              VMX_CPU_BASED_CR3_LOAD_EXITING | VMX_CPU_BASED_CR3_STORE_EXITING |
4760              VMX_CPU_BASED_MONITOR_TRAP_FLAG |
4761              VMX_CPU_BASED_ACTIVATE_SECONDARY_CONTROLS,
4762         .features[FEAT_VMX_SECONDARY_CTLS] =
4763              VMX_SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
4764              VMX_SECONDARY_EXEC_WBINVD_EXITING | VMX_SECONDARY_EXEC_ENABLE_EPT |
4765              VMX_SECONDARY_EXEC_DESC | VMX_SECONDARY_EXEC_RDTSCP |
4766              VMX_SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
4767              VMX_SECONDARY_EXEC_ENABLE_VPID | VMX_SECONDARY_EXEC_UNRESTRICTED_GUEST |
4768              VMX_SECONDARY_EXEC_APIC_REGISTER_VIRT |
4769              VMX_SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
4770              VMX_SECONDARY_EXEC_RDRAND_EXITING | VMX_SECONDARY_EXEC_ENABLE_INVPCID |
4771              VMX_SECONDARY_EXEC_ENABLE_VMFUNC | VMX_SECONDARY_EXEC_SHADOW_VMCS |
4772              VMX_SECONDARY_EXEC_RDSEED_EXITING | VMX_SECONDARY_EXEC_ENABLE_PML,
4773         .features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
4774         .xlevel = 0x80000008,
4775         .model_id = "Intel Atom Processor (SnowRidge)",
4776         .versions = (X86CPUVersionDefinition[]) {
4777             { .version = 1 },
4778             {
4779                 .version = 2,
4780                 .props = (PropValue[]) {
4781                     { "mpx", "off" },
4782                     { "model-id", "Intel Atom Processor (Snowridge, no MPX)" },
4783                     { /* end of list */ },
4784                 },
4785             },
4786             {
4787                 .version = 3,
4788                 .note = "XSAVES, no MPX",
4789                 .props = (PropValue[]) {
4790                     { "xsaves", "on" },
4791                     { "vmx-xsaves", "on" },
4792                     { /* end of list */ },
4793                 },
4794             },
4795             {
4796                 .version = 4,
4797                 .note = "no split lock detect, no core-capability",
4798                 .props = (PropValue[]) {
4799                     { "split-lock-detect", "off" },
4800                     { "core-capability", "off" },
4801                     { /* end of list */ },
4802                 },
4803             },
4804             { /* end of list */ },
4805         },
4806     },
4807     {
4808         .name = "KnightsMill",
4809         .level = 0xd,
4810         .vendor = CPUID_VENDOR_INTEL,
4811         .family = 6,
4812         .model = 133,
4813         .stepping = 0,
4814         .features[FEAT_1_EDX] =
4815             CPUID_VME | CPUID_SS | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR |
4816             CPUID_MMX | CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV |
4817             CPUID_MCA | CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC |
4818             CPUID_CX8 | CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC |
4819             CPUID_PSE | CPUID_DE | CPUID_FP87,
4820         .features[FEAT_1_ECX] =
4821             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
4822             CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 |
4823             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 |
4824             CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
4825             CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE |
4826             CPUID_EXT_F16C | CPUID_EXT_RDRAND,
4827         .features[FEAT_8000_0001_EDX] =
4828             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP |
4829             CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
4830         .features[FEAT_8000_0001_ECX] =
4831             CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH,
4832         .features[FEAT_7_0_EBX] =
4833             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_AVX2 |
4834             CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS |
4835             CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_AVX512F |
4836             CPUID_7_0_EBX_AVX512CD | CPUID_7_0_EBX_AVX512PF |
4837             CPUID_7_0_EBX_AVX512ER,
4838         .features[FEAT_7_0_ECX] =
4839             CPUID_7_0_ECX_AVX512_VPOPCNTDQ,
4840         .features[FEAT_7_0_EDX] =
4841             CPUID_7_0_EDX_AVX512_4VNNIW | CPUID_7_0_EDX_AVX512_4FMAPS,
4842         .features[FEAT_XSAVE] =
4843             CPUID_XSAVE_XSAVEOPT,
4844         .features[FEAT_6_EAX] =
4845             CPUID_6_EAX_ARAT,
4846         .xlevel = 0x80000008,
4847         .model_id = "Intel Xeon Phi Processor (Knights Mill)",
4848     },
4849     {
4850         .name = "Opteron_G1",
4851         .level = 5,
4852         .vendor = CPUID_VENDOR_AMD,
4853         .family = 15,
4854         .model = 6,
4855         .stepping = 1,
4856         .features[FEAT_1_EDX] =
4857             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
4858             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
4859             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
4860             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
4861             CPUID_DE | CPUID_FP87,
4862         .features[FEAT_1_ECX] =
4863             CPUID_EXT_SSE3,
4864         .features[FEAT_8000_0001_EDX] =
4865             CPUID_EXT2_LM | CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
4866         .xlevel = 0x80000008,
4867         .model_id = "AMD Opteron 240 (Gen 1 Class Opteron)",
4868     },
4869     {
4870         .name = "Opteron_G2",
4871         .level = 5,
4872         .vendor = CPUID_VENDOR_AMD,
4873         .family = 15,
4874         .model = 6,
4875         .stepping = 1,
4876         .features[FEAT_1_EDX] =
4877             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
4878             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
4879             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
4880             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
4881             CPUID_DE | CPUID_FP87,
4882         .features[FEAT_1_ECX] =
4883             CPUID_EXT_CX16 | CPUID_EXT_SSE3,
4884         .features[FEAT_8000_0001_EDX] =
4885             CPUID_EXT2_LM | CPUID_EXT2_NX | CPUID_EXT2_SYSCALL,
4886         .features[FEAT_8000_0001_ECX] =
4887             CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM,
4888         .xlevel = 0x80000008,
4889         .model_id = "AMD Opteron 22xx (Gen 2 Class Opteron)",
4890     },
4891     {
4892         .name = "Opteron_G3",
4893         .level = 5,
4894         .vendor = CPUID_VENDOR_AMD,
4895         .family = 16,
4896         .model = 2,
4897         .stepping = 3,
4898         .features[FEAT_1_EDX] =
4899             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
4900             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
4901             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
4902             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
4903             CPUID_DE | CPUID_FP87,
4904         .features[FEAT_1_ECX] =
4905             CPUID_EXT_POPCNT | CPUID_EXT_CX16 | CPUID_EXT_MONITOR |
4906             CPUID_EXT_SSE3,
4907         .features[FEAT_8000_0001_EDX] =
4908             CPUID_EXT2_LM | CPUID_EXT2_NX | CPUID_EXT2_SYSCALL |
4909             CPUID_EXT2_RDTSCP,
4910         .features[FEAT_8000_0001_ECX] =
4911             CPUID_EXT3_MISALIGNSSE | CPUID_EXT3_SSE4A |
4912             CPUID_EXT3_ABM | CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM,
4913         .xlevel = 0x80000008,
4914         .model_id = "AMD Opteron 23xx (Gen 3 Class Opteron)",
4915     },
4916     {
4917         .name = "Opteron_G4",
4918         .level = 0xd,
4919         .vendor = CPUID_VENDOR_AMD,
4920         .family = 21,
4921         .model = 1,
4922         .stepping = 2,
4923         .features[FEAT_1_EDX] =
4924             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
4925             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
4926             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
4927             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
4928             CPUID_DE | CPUID_FP87,
4929         .features[FEAT_1_ECX] =
4930             CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES |
4931             CPUID_EXT_POPCNT | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
4932             CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | CPUID_EXT_PCLMULQDQ |
4933             CPUID_EXT_SSE3,
4934         .features[FEAT_8000_0001_EDX] =
4935             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_NX |
4936             CPUID_EXT2_SYSCALL | CPUID_EXT2_RDTSCP,
4937         .features[FEAT_8000_0001_ECX] =
4938             CPUID_EXT3_FMA4 | CPUID_EXT3_XOP |
4939             CPUID_EXT3_3DNOWPREFETCH | CPUID_EXT3_MISALIGNSSE |
4940             CPUID_EXT3_SSE4A | CPUID_EXT3_ABM | CPUID_EXT3_SVM |
4941             CPUID_EXT3_LAHF_LM,
4942         .features[FEAT_SVM] =
4943             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE,
4944         /* no xsaveopt! */
4945         .xlevel = 0x8000001A,
4946         .model_id = "AMD Opteron 62xx class CPU",
4947     },
4948     {
4949         .name = "Opteron_G5",
4950         .level = 0xd,
4951         .vendor = CPUID_VENDOR_AMD,
4952         .family = 21,
4953         .model = 2,
4954         .stepping = 0,
4955         .features[FEAT_1_EDX] =
4956             CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX |
4957             CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA |
4958             CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 |
4959             CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE |
4960             CPUID_DE | CPUID_FP87,
4961         .features[FEAT_1_ECX] =
4962             CPUID_EXT_F16C | CPUID_EXT_AVX | CPUID_EXT_XSAVE |
4963             CPUID_EXT_AES | CPUID_EXT_POPCNT | CPUID_EXT_SSE42 |
4964             CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_FMA |
4965             CPUID_EXT_SSSE3 | CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3,
4966         .features[FEAT_8000_0001_EDX] =
4967             CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_NX |
4968             CPUID_EXT2_SYSCALL | CPUID_EXT2_RDTSCP,
4969         .features[FEAT_8000_0001_ECX] =
4970             CPUID_EXT3_TBM | CPUID_EXT3_FMA4 | CPUID_EXT3_XOP |
4971             CPUID_EXT3_3DNOWPREFETCH | CPUID_EXT3_MISALIGNSSE |
4972             CPUID_EXT3_SSE4A | CPUID_EXT3_ABM | CPUID_EXT3_SVM |
4973             CPUID_EXT3_LAHF_LM,
4974         .features[FEAT_SVM] =
4975             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE,
4976         /* no xsaveopt! */
4977         .xlevel = 0x8000001A,
4978         .model_id = "AMD Opteron 63xx class CPU",
4979     },
4980     {
4981         .name = "EPYC",
4982         .level = 0xd,
4983         .vendor = CPUID_VENDOR_AMD,
4984         .family = 23,
4985         .model = 1,
4986         .stepping = 2,
4987         .features[FEAT_1_EDX] =
4988             CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | CPUID_CLFLUSH |
4989             CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | CPUID_PGE |
4990             CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | CPUID_MCE |
4991             CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | CPUID_DE |
4992             CPUID_VME | CPUID_FP87,
4993         .features[FEAT_1_ECX] =
4994             CPUID_EXT_RDRAND | CPUID_EXT_F16C | CPUID_EXT_AVX |
4995             CPUID_EXT_XSAVE | CPUID_EXT_AES |  CPUID_EXT_POPCNT |
4996             CPUID_EXT_MOVBE | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
4997             CPUID_EXT_CX16 | CPUID_EXT_FMA | CPUID_EXT_SSSE3 |
4998             CPUID_EXT_MONITOR | CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3,
4999         .features[FEAT_8000_0001_EDX] =
5000             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_PDPE1GB |
5001             CPUID_EXT2_FFXSR | CPUID_EXT2_MMXEXT | CPUID_EXT2_NX |
5002             CPUID_EXT2_SYSCALL,
5003         .features[FEAT_8000_0001_ECX] =
5004             CPUID_EXT3_OSVW | CPUID_EXT3_3DNOWPREFETCH |
5005             CPUID_EXT3_MISALIGNSSE | CPUID_EXT3_SSE4A | CPUID_EXT3_ABM |
5006             CPUID_EXT3_CR8LEG | CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM |
5007             CPUID_EXT3_TOPOEXT,
5008         .features[FEAT_7_0_EBX] =
5009             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_AVX2 |
5010             CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_RDSEED |
5011             CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLFLUSHOPT |
5012             CPUID_7_0_EBX_SHA_NI,
5013         .features[FEAT_XSAVE] =
5014             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
5015             CPUID_XSAVE_XGETBV1,
5016         .features[FEAT_6_EAX] =
5017             CPUID_6_EAX_ARAT,
5018         .features[FEAT_SVM] =
5019             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE,
5020         .xlevel = 0x8000001E,
5021         .model_id = "AMD EPYC Processor",
5022         .cache_info = &epyc_cache_info,
5023         .versions = (X86CPUVersionDefinition[]) {
5024             { .version = 1 },
5025             {
5026                 .version = 2,
5027                 .alias = "EPYC-IBPB",
5028                 .props = (PropValue[]) {
5029                     { "ibpb", "on" },
5030                     { "model-id",
5031                       "AMD EPYC Processor (with IBPB)" },
5032                     { /* end of list */ }
5033                 }
5034             },
5035             {
5036                 .version = 3,
5037                 .props = (PropValue[]) {
5038                     { "ibpb", "on" },
5039                     { "perfctr-core", "on" },
5040                     { "clzero", "on" },
5041                     { "xsaveerptr", "on" },
5042                     { "xsaves", "on" },
5043                     { "model-id",
5044                       "AMD EPYC Processor" },
5045                     { /* end of list */ }
5046                 }
5047             },
5048             {
5049                 .version = 4,
5050                 .props = (PropValue[]) {
5051                     { "model-id",
5052                       "AMD EPYC-v4 Processor" },
5053                     { /* end of list */ }
5054                 },
5055                 .cache_info = &epyc_v4_cache_info
5056             },
5057             { /* end of list */ }
5058         }
5059     },
5060     {
5061         .name = "Dhyana",
5062         .level = 0xd,
5063         .vendor = CPUID_VENDOR_HYGON,
5064         .family = 24,
5065         .model = 0,
5066         .stepping = 1,
5067         .features[FEAT_1_EDX] =
5068             CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | CPUID_CLFLUSH |
5069             CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | CPUID_PGE |
5070             CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | CPUID_MCE |
5071             CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | CPUID_DE |
5072             CPUID_VME | CPUID_FP87,
5073         .features[FEAT_1_ECX] =
5074             CPUID_EXT_RDRAND | CPUID_EXT_F16C | CPUID_EXT_AVX |
5075             CPUID_EXT_XSAVE | CPUID_EXT_POPCNT |
5076             CPUID_EXT_MOVBE | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
5077             CPUID_EXT_CX16 | CPUID_EXT_FMA | CPUID_EXT_SSSE3 |
5078             CPUID_EXT_MONITOR | CPUID_EXT_SSE3,
5079         .features[FEAT_8000_0001_EDX] =
5080             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_PDPE1GB |
5081             CPUID_EXT2_FFXSR | CPUID_EXT2_MMXEXT | CPUID_EXT2_NX |
5082             CPUID_EXT2_SYSCALL,
5083         .features[FEAT_8000_0001_ECX] =
5084             CPUID_EXT3_OSVW | CPUID_EXT3_3DNOWPREFETCH |
5085             CPUID_EXT3_MISALIGNSSE | CPUID_EXT3_SSE4A | CPUID_EXT3_ABM |
5086             CPUID_EXT3_CR8LEG | CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM |
5087             CPUID_EXT3_TOPOEXT,
5088         .features[FEAT_8000_0008_EBX] =
5089             CPUID_8000_0008_EBX_IBPB,
5090         .features[FEAT_7_0_EBX] =
5091             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_AVX2 |
5092             CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_RDSEED |
5093             CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLFLUSHOPT,
5094         /* XSAVES is added in version 2 */
5095         .features[FEAT_XSAVE] =
5096             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
5097             CPUID_XSAVE_XGETBV1,
5098         .features[FEAT_6_EAX] =
5099             CPUID_6_EAX_ARAT,
5100         .features[FEAT_SVM] =
5101             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE,
5102         .xlevel = 0x8000001E,
5103         .model_id = "Hygon Dhyana Processor",
5104         .cache_info = &epyc_cache_info,
5105         .versions = (X86CPUVersionDefinition[]) {
5106             { .version = 1 },
5107             { .version = 2,
5108               .note = "XSAVES",
5109               .props = (PropValue[]) {
5110                   { "xsaves", "on" },
5111                   { /* end of list */ }
5112               },
5113             },
5114             { /* end of list */ }
5115         }
5116     },
5117     {
5118         .name = "EPYC-Rome",
5119         .level = 0xd,
5120         .vendor = CPUID_VENDOR_AMD,
5121         .family = 23,
5122         .model = 49,
5123         .stepping = 0,
5124         .features[FEAT_1_EDX] =
5125             CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | CPUID_CLFLUSH |
5126             CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | CPUID_PGE |
5127             CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | CPUID_MCE |
5128             CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | CPUID_DE |
5129             CPUID_VME | CPUID_FP87,
5130         .features[FEAT_1_ECX] =
5131             CPUID_EXT_RDRAND | CPUID_EXT_F16C | CPUID_EXT_AVX |
5132             CPUID_EXT_XSAVE | CPUID_EXT_AES |  CPUID_EXT_POPCNT |
5133             CPUID_EXT_MOVBE | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
5134             CPUID_EXT_CX16 | CPUID_EXT_FMA | CPUID_EXT_SSSE3 |
5135             CPUID_EXT_MONITOR | CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3,
5136         .features[FEAT_8000_0001_EDX] =
5137             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_PDPE1GB |
5138             CPUID_EXT2_FFXSR | CPUID_EXT2_MMXEXT | CPUID_EXT2_NX |
5139             CPUID_EXT2_SYSCALL,
5140         .features[FEAT_8000_0001_ECX] =
5141             CPUID_EXT3_OSVW | CPUID_EXT3_3DNOWPREFETCH |
5142             CPUID_EXT3_MISALIGNSSE | CPUID_EXT3_SSE4A | CPUID_EXT3_ABM |
5143             CPUID_EXT3_CR8LEG | CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM |
5144             CPUID_EXT3_TOPOEXT | CPUID_EXT3_PERFCORE,
5145         .features[FEAT_8000_0008_EBX] =
5146             CPUID_8000_0008_EBX_CLZERO | CPUID_8000_0008_EBX_XSAVEERPTR |
5147             CPUID_8000_0008_EBX_WBNOINVD | CPUID_8000_0008_EBX_IBPB |
5148             CPUID_8000_0008_EBX_STIBP,
5149         .features[FEAT_7_0_EBX] =
5150             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_AVX2 |
5151             CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_RDSEED |
5152             CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLFLUSHOPT |
5153             CPUID_7_0_EBX_SHA_NI | CPUID_7_0_EBX_CLWB,
5154         .features[FEAT_7_0_ECX] =
5155             CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_RDPID,
5156         .features[FEAT_XSAVE] =
5157             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
5158             CPUID_XSAVE_XGETBV1 | CPUID_XSAVE_XSAVES,
5159         .features[FEAT_6_EAX] =
5160             CPUID_6_EAX_ARAT,
5161         .features[FEAT_SVM] =
5162             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE,
5163         .xlevel = 0x8000001E,
5164         .model_id = "AMD EPYC-Rome Processor",
5165         .cache_info = &epyc_rome_cache_info,
5166         .versions = (X86CPUVersionDefinition[]) {
5167             { .version = 1 },
5168             {
5169                 .version = 2,
5170                 .props = (PropValue[]) {
5171                     { "ibrs", "on" },
5172                     { "amd-ssbd", "on" },
5173                     { /* end of list */ }
5174                 }
5175             },
5176             {
5177                 .version = 3,
5178                 .props = (PropValue[]) {
5179                     { "model-id",
5180                       "AMD EPYC-Rome-v3 Processor" },
5181                     { /* end of list */ }
5182                 },
5183                 .cache_info = &epyc_rome_v3_cache_info
5184             },
5185             {
5186                 .version = 4,
5187                 .props = (PropValue[]) {
5188                     /* Erratum 1386 */
5189                     { "model-id",
5190                       "AMD EPYC-Rome-v4 Processor (no XSAVES)" },
5191                     { "xsaves", "off" },
5192                     { /* end of list */ }
5193                 },
5194             },
5195             { /* end of list */ }
5196         }
5197     },
5198     {
5199         .name = "EPYC-Milan",
5200         .level = 0xd,
5201         .vendor = CPUID_VENDOR_AMD,
5202         .family = 25,
5203         .model = 1,
5204         .stepping = 1,
5205         .features[FEAT_1_EDX] =
5206             CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | CPUID_CLFLUSH |
5207             CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | CPUID_PGE |
5208             CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | CPUID_MCE |
5209             CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | CPUID_DE |
5210             CPUID_VME | CPUID_FP87,
5211         .features[FEAT_1_ECX] =
5212             CPUID_EXT_RDRAND | CPUID_EXT_F16C | CPUID_EXT_AVX |
5213             CPUID_EXT_XSAVE | CPUID_EXT_AES |  CPUID_EXT_POPCNT |
5214             CPUID_EXT_MOVBE | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
5215             CPUID_EXT_CX16 | CPUID_EXT_FMA | CPUID_EXT_SSSE3 |
5216             CPUID_EXT_MONITOR | CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 |
5217             CPUID_EXT_PCID,
5218         .features[FEAT_8000_0001_EDX] =
5219             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_PDPE1GB |
5220             CPUID_EXT2_FFXSR | CPUID_EXT2_MMXEXT | CPUID_EXT2_NX |
5221             CPUID_EXT2_SYSCALL,
5222         .features[FEAT_8000_0001_ECX] =
5223             CPUID_EXT3_OSVW | CPUID_EXT3_3DNOWPREFETCH |
5224             CPUID_EXT3_MISALIGNSSE | CPUID_EXT3_SSE4A | CPUID_EXT3_ABM |
5225             CPUID_EXT3_CR8LEG | CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM |
5226             CPUID_EXT3_TOPOEXT | CPUID_EXT3_PERFCORE,
5227         .features[FEAT_8000_0008_EBX] =
5228             CPUID_8000_0008_EBX_CLZERO | CPUID_8000_0008_EBX_XSAVEERPTR |
5229             CPUID_8000_0008_EBX_WBNOINVD | CPUID_8000_0008_EBX_IBPB |
5230             CPUID_8000_0008_EBX_IBRS | CPUID_8000_0008_EBX_STIBP |
5231             CPUID_8000_0008_EBX_AMD_SSBD,
5232         .features[FEAT_7_0_EBX] =
5233             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_AVX2 |
5234             CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_RDSEED |
5235             CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLFLUSHOPT |
5236             CPUID_7_0_EBX_SHA_NI | CPUID_7_0_EBX_CLWB | CPUID_7_0_EBX_ERMS |
5237             CPUID_7_0_EBX_INVPCID,
5238         .features[FEAT_7_0_ECX] =
5239             CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_RDPID | CPUID_7_0_ECX_PKU,
5240         .features[FEAT_7_0_EDX] =
5241             CPUID_7_0_EDX_FSRM,
5242         .features[FEAT_XSAVE] =
5243             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
5244             CPUID_XSAVE_XGETBV1 | CPUID_XSAVE_XSAVES,
5245         .features[FEAT_6_EAX] =
5246             CPUID_6_EAX_ARAT,
5247         .features[FEAT_SVM] =
5248             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE | CPUID_SVM_SVME_ADDR_CHK,
5249         .xlevel = 0x8000001E,
5250         .model_id = "AMD EPYC-Milan Processor",
5251         .cache_info = &epyc_milan_cache_info,
5252         .versions = (X86CPUVersionDefinition[]) {
5253             { .version = 1 },
5254             {
5255                 .version = 2,
5256                 .props = (PropValue[]) {
5257                     { "model-id",
5258                       "AMD EPYC-Milan-v2 Processor" },
5259                     { "vaes", "on" },
5260                     { "vpclmulqdq", "on" },
5261                     { "stibp-always-on", "on" },
5262                     { "amd-psfd", "on" },
5263                     { "no-nested-data-bp", "on" },
5264                     { "lfence-always-serializing", "on" },
5265                     { "null-sel-clr-base", "on" },
5266                     { /* end of list */ }
5267                 },
5268                 .cache_info = &epyc_milan_v2_cache_info
5269             },
5270             { /* end of list */ }
5271         }
5272     },
5273     {
5274         .name = "EPYC-Genoa",
5275         .level = 0xd,
5276         .vendor = CPUID_VENDOR_AMD,
5277         .family = 25,
5278         .model = 17,
5279         .stepping = 0,
5280         .features[FEAT_1_EDX] =
5281             CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | CPUID_CLFLUSH |
5282             CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | CPUID_PGE |
5283             CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | CPUID_MCE |
5284             CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | CPUID_DE |
5285             CPUID_VME | CPUID_FP87,
5286         .features[FEAT_1_ECX] =
5287             CPUID_EXT_RDRAND | CPUID_EXT_F16C | CPUID_EXT_AVX |
5288             CPUID_EXT_XSAVE | CPUID_EXT_AES |  CPUID_EXT_POPCNT |
5289             CPUID_EXT_MOVBE | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
5290             CPUID_EXT_PCID | CPUID_EXT_CX16 | CPUID_EXT_FMA |
5291             CPUID_EXT_SSSE3 | CPUID_EXT_MONITOR | CPUID_EXT_PCLMULQDQ |
5292             CPUID_EXT_SSE3,
5293         .features[FEAT_8000_0001_EDX] =
5294             CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_PDPE1GB |
5295             CPUID_EXT2_FFXSR | CPUID_EXT2_MMXEXT | CPUID_EXT2_NX |
5296             CPUID_EXT2_SYSCALL,
5297         .features[FEAT_8000_0001_ECX] =
5298             CPUID_EXT3_OSVW | CPUID_EXT3_3DNOWPREFETCH |
5299             CPUID_EXT3_MISALIGNSSE | CPUID_EXT3_SSE4A | CPUID_EXT3_ABM |
5300             CPUID_EXT3_CR8LEG | CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM |
5301             CPUID_EXT3_TOPOEXT | CPUID_EXT3_PERFCORE,
5302         .features[FEAT_8000_0008_EBX] =
5303             CPUID_8000_0008_EBX_CLZERO | CPUID_8000_0008_EBX_XSAVEERPTR |
5304             CPUID_8000_0008_EBX_WBNOINVD | CPUID_8000_0008_EBX_IBPB |
5305             CPUID_8000_0008_EBX_IBRS | CPUID_8000_0008_EBX_STIBP |
5306             CPUID_8000_0008_EBX_STIBP_ALWAYS_ON |
5307             CPUID_8000_0008_EBX_AMD_SSBD | CPUID_8000_0008_EBX_AMD_PSFD,
5308         .features[FEAT_8000_0021_EAX] =
5309             CPUID_8000_0021_EAX_NO_NESTED_DATA_BP |
5310             CPUID_8000_0021_EAX_LFENCE_ALWAYS_SERIALIZING |
5311             CPUID_8000_0021_EAX_NULL_SEL_CLR_BASE |
5312             CPUID_8000_0021_EAX_AUTO_IBRS,
5313         .features[FEAT_7_0_EBX] =
5314             CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_AVX2 |
5315             CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS |
5316             CPUID_7_0_EBX_INVPCID | CPUID_7_0_EBX_AVX512F |
5317             CPUID_7_0_EBX_AVX512DQ | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
5318             CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_AVX512IFMA |
5319             CPUID_7_0_EBX_CLFLUSHOPT | CPUID_7_0_EBX_CLWB |
5320             CPUID_7_0_EBX_AVX512CD | CPUID_7_0_EBX_SHA_NI |
5321             CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512VL,
5322         .features[FEAT_7_0_ECX] =
5323             CPUID_7_0_ECX_AVX512_VBMI | CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_PKU |
5324             CPUID_7_0_ECX_AVX512_VBMI2 | CPUID_7_0_ECX_GFNI |
5325             CPUID_7_0_ECX_VAES | CPUID_7_0_ECX_VPCLMULQDQ |
5326             CPUID_7_0_ECX_AVX512VNNI | CPUID_7_0_ECX_AVX512BITALG |
5327             CPUID_7_0_ECX_AVX512_VPOPCNTDQ | CPUID_7_0_ECX_LA57 |
5328             CPUID_7_0_ECX_RDPID,
5329         .features[FEAT_7_0_EDX] =
5330             CPUID_7_0_EDX_FSRM,
5331         .features[FEAT_7_1_EAX] =
5332             CPUID_7_1_EAX_AVX512_BF16,
5333         .features[FEAT_XSAVE] =
5334             CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
5335             CPUID_XSAVE_XGETBV1 | CPUID_XSAVE_XSAVES,
5336         .features[FEAT_6_EAX] =
5337             CPUID_6_EAX_ARAT,
5338         .features[FEAT_SVM] =
5339             CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE | CPUID_SVM_VNMI |
5340             CPUID_SVM_SVME_ADDR_CHK,
5341         .xlevel = 0x80000022,
5342         .model_id = "AMD EPYC-Genoa Processor",
5343         .cache_info = &epyc_genoa_cache_info,
5344     },
5345 };
5346 
5347 /*
5348  * We resolve CPU model aliases using -v1 when using "-machine
5349  * none", but this is just for compatibility while libvirt isn't
5350  * adapted to resolve CPU model versions before creating VMs.
5351  * See "Runnability guarantee of CPU models" at
5352  * docs/about/deprecated.rst.
5353  */
5354 X86CPUVersion default_cpu_version = 1;
5355 
5356 void x86_cpu_set_default_version(X86CPUVersion version)
5357 {
5358     /* Translating CPU_VERSION_AUTO to CPU_VERSION_AUTO doesn't make sense */
5359     assert(version != CPU_VERSION_AUTO);
5360     default_cpu_version = version;
5361 }
5362 
5363 static X86CPUVersion x86_cpu_model_last_version(const X86CPUModel *model)
5364 {
5365     int v = 0;
5366     const X86CPUVersionDefinition *vdef =
5367         x86_cpu_def_get_versions(model->cpudef);
5368     while (vdef->version) {
5369         v = vdef->version;
5370         vdef++;
5371     }
5372     return v;
5373 }
5374 
5375 /* Return the actual version being used for a specific CPU model */
5376 static X86CPUVersion x86_cpu_model_resolve_version(const X86CPUModel *model)
5377 {
5378     X86CPUVersion v = model->version;
5379     if (v == CPU_VERSION_AUTO) {
5380         v = default_cpu_version;
5381     }
5382     if (v == CPU_VERSION_LATEST) {
5383         return x86_cpu_model_last_version(model);
5384     }
5385     return v;
5386 }
5387 
5388 static const Property max_x86_cpu_properties[] = {
5389     DEFINE_PROP_BOOL("migratable", X86CPU, migratable, true),
5390     DEFINE_PROP_BOOL("host-cache-info", X86CPU, cache_info_passthrough, false),
5391 };
5392 
5393 static void max_x86_cpu_realize(DeviceState *dev, Error **errp)
5394 {
5395     Object *obj = OBJECT(dev);
5396 
5397     if (!object_property_get_int(obj, "family", &error_abort)) {
5398         if (X86_CPU(obj)->env.features[FEAT_8000_0001_EDX] & CPUID_EXT2_LM) {
5399             object_property_set_int(obj, "family", 15, &error_abort);
5400             object_property_set_int(obj, "model", 107, &error_abort);
5401             object_property_set_int(obj, "stepping", 1, &error_abort);
5402         } else {
5403             object_property_set_int(obj, "family", 6, &error_abort);
5404             object_property_set_int(obj, "model", 6, &error_abort);
5405             object_property_set_int(obj, "stepping", 3, &error_abort);
5406         }
5407     }
5408 
5409     x86_cpu_realizefn(dev, errp);
5410 }
5411 
5412 static void max_x86_cpu_class_init(ObjectClass *oc, void *data)
5413 {
5414     DeviceClass *dc = DEVICE_CLASS(oc);
5415     X86CPUClass *xcc = X86_CPU_CLASS(oc);
5416 
5417     xcc->ordering = 9;
5418 
5419     xcc->model_description =
5420         "Enables all features supported by the accelerator in the current host";
5421 
5422     device_class_set_props(dc, max_x86_cpu_properties);
5423     dc->realize = max_x86_cpu_realize;
5424 }
5425 
5426 static void max_x86_cpu_initfn(Object *obj)
5427 {
5428     X86CPU *cpu = X86_CPU(obj);
5429 
5430     /* We can't fill the features array here because we don't know yet if
5431      * "migratable" is true or false.
5432      */
5433     cpu->max_features = true;
5434     object_property_set_bool(OBJECT(cpu), "pmu", true, &error_abort);
5435 
5436     /*
5437      * these defaults are used for TCG and all other accelerators
5438      * besides KVM and HVF, which overwrite these values
5439      */
5440     object_property_set_str(OBJECT(cpu), "vendor", CPUID_VENDOR_AMD,
5441                             &error_abort);
5442     object_property_set_str(OBJECT(cpu), "model-id",
5443                             "QEMU TCG CPU version " QEMU_HW_VERSION,
5444                             &error_abort);
5445 }
5446 
5447 static const TypeInfo max_x86_cpu_type_info = {
5448     .name = X86_CPU_TYPE_NAME("max"),
5449     .parent = TYPE_X86_CPU,
5450     .instance_init = max_x86_cpu_initfn,
5451     .class_init = max_x86_cpu_class_init,
5452 };
5453 
5454 static char *feature_word_description(FeatureWordInfo *f, uint32_t bit)
5455 {
5456     assert(f->type == CPUID_FEATURE_WORD || f->type == MSR_FEATURE_WORD);
5457 
5458     switch (f->type) {
5459     case CPUID_FEATURE_WORD:
5460         {
5461             const char *reg = get_register_name_32(f->cpuid.reg);
5462             assert(reg);
5463             return g_strdup_printf("CPUID.%02XH:%s",
5464                                    f->cpuid.eax, reg);
5465         }
5466     case MSR_FEATURE_WORD:
5467         return g_strdup_printf("MSR(%02XH)",
5468                                f->msr.index);
5469     }
5470 
5471     return NULL;
5472 }
5473 
5474 static bool x86_cpu_have_filtered_features(X86CPU *cpu)
5475 {
5476     FeatureWord w;
5477 
5478     for (w = 0; w < FEATURE_WORDS; w++) {
5479         if (cpu->filtered_features[w]) {
5480             return true;
5481         }
5482     }
5483 
5484     return false;
5485 }
5486 
5487 static void mark_unavailable_features(X86CPU *cpu, FeatureWord w, uint64_t mask,
5488                                       const char *verbose_prefix)
5489 {
5490     CPUX86State *env = &cpu->env;
5491     FeatureWordInfo *f = &feature_word_info[w];
5492     int i;
5493 
5494     if (!cpu->force_features) {
5495         env->features[w] &= ~mask;
5496     }
5497     cpu->filtered_features[w] |= mask;
5498 
5499     if (!verbose_prefix) {
5500         return;
5501     }
5502 
5503     for (i = 0; i < 64; ++i) {
5504         if ((1ULL << i) & mask) {
5505             g_autofree char *feat_word_str = feature_word_description(f, i);
5506             warn_report("%s: %s%s%s [bit %d]",
5507                         verbose_prefix,
5508                         feat_word_str,
5509                         f->feat_names[i] ? "." : "",
5510                         f->feat_names[i] ? f->feat_names[i] : "", i);
5511         }
5512     }
5513 }
5514 
5515 static void x86_cpuid_version_get_family(Object *obj, Visitor *v,
5516                                          const char *name, void *opaque,
5517                                          Error **errp)
5518 {
5519     X86CPU *cpu = X86_CPU(obj);
5520     CPUX86State *env = &cpu->env;
5521     uint64_t value;
5522 
5523     value = (env->cpuid_version >> 8) & 0xf;
5524     if (value == 0xf) {
5525         value += (env->cpuid_version >> 20) & 0xff;
5526     }
5527     visit_type_uint64(v, name, &value, errp);
5528 }
5529 
5530 static void x86_cpuid_version_set_family(Object *obj, Visitor *v,
5531                                          const char *name, void *opaque,
5532                                          Error **errp)
5533 {
5534     X86CPU *cpu = X86_CPU(obj);
5535     CPUX86State *env = &cpu->env;
5536     const uint64_t max = 0xff + 0xf;
5537     uint64_t value;
5538 
5539     if (!visit_type_uint64(v, name, &value, errp)) {
5540         return;
5541     }
5542     if (value > max) {
5543         error_setg(errp, "parameter '%s' can be at most %" PRIu64,
5544                    name ? name : "null", max);
5545         return;
5546     }
5547 
5548     env->cpuid_version &= ~0xff00f00;
5549     if (value > 0x0f) {
5550         env->cpuid_version |= 0xf00 | ((value - 0x0f) << 20);
5551     } else {
5552         env->cpuid_version |= value << 8;
5553     }
5554 }
5555 
5556 static void x86_cpuid_version_get_model(Object *obj, Visitor *v,
5557                                         const char *name, void *opaque,
5558                                         Error **errp)
5559 {
5560     X86CPU *cpu = X86_CPU(obj);
5561     CPUX86State *env = &cpu->env;
5562     uint64_t value;
5563 
5564     value = (env->cpuid_version >> 4) & 0xf;
5565     value |= ((env->cpuid_version >> 16) & 0xf) << 4;
5566     visit_type_uint64(v, name, &value, errp);
5567 }
5568 
5569 static void x86_cpuid_version_set_model(Object *obj, Visitor *v,
5570                                         const char *name, void *opaque,
5571                                         Error **errp)
5572 {
5573     X86CPU *cpu = X86_CPU(obj);
5574     CPUX86State *env = &cpu->env;
5575     const uint64_t max = 0xff;
5576     uint64_t value;
5577 
5578     if (!visit_type_uint64(v, name, &value, errp)) {
5579         return;
5580     }
5581     if (value > max) {
5582         error_setg(errp, "parameter '%s' can be at most %" PRIu64,
5583                    name ? name : "null", max);
5584         return;
5585     }
5586 
5587     env->cpuid_version &= ~0xf00f0;
5588     env->cpuid_version |= ((value & 0xf) << 4) | ((value >> 4) << 16);
5589 }
5590 
5591 static void x86_cpuid_version_get_stepping(Object *obj, Visitor *v,
5592                                            const char *name, void *opaque,
5593                                            Error **errp)
5594 {
5595     X86CPU *cpu = X86_CPU(obj);
5596     CPUX86State *env = &cpu->env;
5597     uint64_t value;
5598 
5599     value = env->cpuid_version & 0xf;
5600     visit_type_uint64(v, name, &value, errp);
5601 }
5602 
5603 static void x86_cpuid_version_set_stepping(Object *obj, Visitor *v,
5604                                            const char *name, void *opaque,
5605                                            Error **errp)
5606 {
5607     X86CPU *cpu = X86_CPU(obj);
5608     CPUX86State *env = &cpu->env;
5609     const uint64_t max = 0xf;
5610     uint64_t value;
5611 
5612     if (!visit_type_uint64(v, name, &value, errp)) {
5613         return;
5614     }
5615     if (value > max) {
5616         error_setg(errp, "parameter '%s' can be at most %" PRIu64,
5617                    name ? name : "null", max);
5618         return;
5619     }
5620 
5621     env->cpuid_version &= ~0xf;
5622     env->cpuid_version |= value & 0xf;
5623 }
5624 
5625 static char *x86_cpuid_get_vendor(Object *obj, Error **errp)
5626 {
5627     X86CPU *cpu = X86_CPU(obj);
5628     CPUX86State *env = &cpu->env;
5629     char *value;
5630 
5631     value = g_malloc(CPUID_VENDOR_SZ + 1);
5632     x86_cpu_vendor_words2str(value, env->cpuid_vendor1, env->cpuid_vendor2,
5633                              env->cpuid_vendor3);
5634     return value;
5635 }
5636 
5637 static void x86_cpuid_set_vendor(Object *obj, const char *value,
5638                                  Error **errp)
5639 {
5640     X86CPU *cpu = X86_CPU(obj);
5641     CPUX86State *env = &cpu->env;
5642     int i;
5643 
5644     if (strlen(value) != CPUID_VENDOR_SZ) {
5645         error_setg(errp, "value of property 'vendor' must consist of"
5646                    " exactly " stringify(CPUID_VENDOR_SZ) " characters");
5647         return;
5648     }
5649 
5650     env->cpuid_vendor1 = 0;
5651     env->cpuid_vendor2 = 0;
5652     env->cpuid_vendor3 = 0;
5653     for (i = 0; i < 4; i++) {
5654         env->cpuid_vendor1 |= ((uint8_t)value[i    ]) << (8 * i);
5655         env->cpuid_vendor2 |= ((uint8_t)value[i + 4]) << (8 * i);
5656         env->cpuid_vendor3 |= ((uint8_t)value[i + 8]) << (8 * i);
5657     }
5658 }
5659 
5660 static char *x86_cpuid_get_model_id(Object *obj, Error **errp)
5661 {
5662     X86CPU *cpu = X86_CPU(obj);
5663     CPUX86State *env = &cpu->env;
5664     char *value;
5665     int i;
5666 
5667     value = g_malloc(48 + 1);
5668     for (i = 0; i < 48; i++) {
5669         value[i] = env->cpuid_model[i >> 2] >> (8 * (i & 3));
5670     }
5671     value[48] = '\0';
5672     return value;
5673 }
5674 
5675 static void x86_cpuid_set_model_id(Object *obj, const char *model_id,
5676                                    Error **errp)
5677 {
5678     X86CPU *cpu = X86_CPU(obj);
5679     CPUX86State *env = &cpu->env;
5680     int c, len, i;
5681 
5682     if (model_id == NULL) {
5683         model_id = "";
5684     }
5685     len = strlen(model_id);
5686     memset(env->cpuid_model, 0, 48);
5687     for (i = 0; i < 48; i++) {
5688         if (i >= len) {
5689             c = '\0';
5690         } else {
5691             c = (uint8_t)model_id[i];
5692         }
5693         env->cpuid_model[i >> 2] |= c << (8 * (i & 3));
5694     }
5695 }
5696 
5697 static void x86_cpuid_get_tsc_freq(Object *obj, Visitor *v, const char *name,
5698                                    void *opaque, Error **errp)
5699 {
5700     X86CPU *cpu = X86_CPU(obj);
5701     int64_t value;
5702 
5703     value = cpu->env.tsc_khz * 1000;
5704     visit_type_int(v, name, &value, errp);
5705 }
5706 
5707 static void x86_cpuid_set_tsc_freq(Object *obj, Visitor *v, const char *name,
5708                                    void *opaque, Error **errp)
5709 {
5710     X86CPU *cpu = X86_CPU(obj);
5711     const int64_t max = INT64_MAX;
5712     int64_t value;
5713 
5714     if (!visit_type_int(v, name, &value, errp)) {
5715         return;
5716     }
5717     if (value < 0 || value > max) {
5718         error_setg(errp, "parameter '%s' can be at most %" PRId64,
5719                    name ? name : "null", max);
5720         return;
5721     }
5722 
5723     cpu->env.tsc_khz = cpu->env.user_tsc_khz = value / 1000;
5724 }
5725 
5726 /* Generic getter for "feature-words" and "filtered-features" properties */
5727 static void x86_cpu_get_feature_words(Object *obj, Visitor *v,
5728                                       const char *name, void *opaque,
5729                                       Error **errp)
5730 {
5731     uint64_t *array = (uint64_t *)opaque;
5732     FeatureWord w;
5733     X86CPUFeatureWordInfo word_infos[FEATURE_WORDS] = { };
5734     X86CPUFeatureWordInfoList list_entries[FEATURE_WORDS] = { };
5735     X86CPUFeatureWordInfoList *list = NULL;
5736 
5737     for (w = 0; w < FEATURE_WORDS; w++) {
5738         FeatureWordInfo *wi = &feature_word_info[w];
5739         /*
5740                 * We didn't have MSR features when "feature-words" was
5741                 *  introduced. Therefore skipped other type entries.
5742                 */
5743         if (wi->type != CPUID_FEATURE_WORD) {
5744             continue;
5745         }
5746         X86CPUFeatureWordInfo *qwi = &word_infos[w];
5747         qwi->cpuid_input_eax = wi->cpuid.eax;
5748         qwi->has_cpuid_input_ecx = wi->cpuid.needs_ecx;
5749         qwi->cpuid_input_ecx = wi->cpuid.ecx;
5750         qwi->cpuid_register = x86_reg_info_32[wi->cpuid.reg].qapi_enum;
5751         qwi->features = array[w];
5752 
5753         /* List will be in reverse order, but order shouldn't matter */
5754         list_entries[w].next = list;
5755         list_entries[w].value = &word_infos[w];
5756         list = &list_entries[w];
5757     }
5758 
5759     visit_type_X86CPUFeatureWordInfoList(v, "feature-words", &list, errp);
5760 }
5761 
5762 /* Convert all '_' in a feature string option name to '-', to make feature
5763  * name conform to QOM property naming rule, which uses '-' instead of '_'.
5764  */
5765 static inline void feat2prop(char *s)
5766 {
5767     while ((s = strchr(s, '_'))) {
5768         *s = '-';
5769     }
5770 }
5771 
5772 /* Return the feature property name for a feature flag bit */
5773 static const char *x86_cpu_feature_name(FeatureWord w, int bitnr)
5774 {
5775     const char *name;
5776     /* XSAVE components are automatically enabled by other features,
5777      * so return the original feature name instead
5778      */
5779     if (w == FEAT_XSAVE_XCR0_LO || w == FEAT_XSAVE_XCR0_HI) {
5780         int comp = (w == FEAT_XSAVE_XCR0_HI) ? bitnr + 32 : bitnr;
5781 
5782         if (comp < ARRAY_SIZE(x86_ext_save_areas) &&
5783             x86_ext_save_areas[comp].bits) {
5784             w = x86_ext_save_areas[comp].feature;
5785             bitnr = ctz32(x86_ext_save_areas[comp].bits);
5786         }
5787     }
5788 
5789     assert(bitnr < 64);
5790     assert(w < FEATURE_WORDS);
5791     name = feature_word_info[w].feat_names[bitnr];
5792     assert(bitnr < 32 || !(name && feature_word_info[w].type == CPUID_FEATURE_WORD));
5793     return name;
5794 }
5795 
5796 /* Compatibility hack to maintain legacy +-feat semantic,
5797  * where +-feat overwrites any feature set by
5798  * feat=on|feat even if the later is parsed after +-feat
5799  * (i.e. "-x2apic,x2apic=on" will result in x2apic disabled)
5800  */
5801 static GList *plus_features, *minus_features;
5802 
5803 static gint compare_string(gconstpointer a, gconstpointer b)
5804 {
5805     return g_strcmp0(a, b);
5806 }
5807 
5808 /* Parse "+feature,-feature,feature=foo" CPU feature string
5809  */
5810 static void x86_cpu_parse_featurestr(const char *typename, char *features,
5811                                      Error **errp)
5812 {
5813     char *featurestr; /* Single 'key=value" string being parsed */
5814     static bool cpu_globals_initialized;
5815     bool ambiguous = false;
5816 
5817     if (cpu_globals_initialized) {
5818         return;
5819     }
5820     cpu_globals_initialized = true;
5821 
5822     if (!features) {
5823         return;
5824     }
5825 
5826     for (featurestr = strtok(features, ",");
5827          featurestr;
5828          featurestr = strtok(NULL, ",")) {
5829         const char *name;
5830         const char *val = NULL;
5831         char *eq = NULL;
5832         char num[32];
5833         GlobalProperty *prop;
5834 
5835         /* Compatibility syntax: */
5836         if (featurestr[0] == '+') {
5837             plus_features = g_list_append(plus_features,
5838                                           g_strdup(featurestr + 1));
5839             continue;
5840         } else if (featurestr[0] == '-') {
5841             minus_features = g_list_append(minus_features,
5842                                            g_strdup(featurestr + 1));
5843             continue;
5844         }
5845 
5846         eq = strchr(featurestr, '=');
5847         if (eq) {
5848             *eq++ = 0;
5849             val = eq;
5850         } else {
5851             val = "on";
5852         }
5853 
5854         feat2prop(featurestr);
5855         name = featurestr;
5856 
5857         if (g_list_find_custom(plus_features, name, compare_string)) {
5858             warn_report("Ambiguous CPU model string. "
5859                         "Don't mix both \"+%s\" and \"%s=%s\"",
5860                         name, name, val);
5861             ambiguous = true;
5862         }
5863         if (g_list_find_custom(minus_features, name, compare_string)) {
5864             warn_report("Ambiguous CPU model string. "
5865                         "Don't mix both \"-%s\" and \"%s=%s\"",
5866                         name, name, val);
5867             ambiguous = true;
5868         }
5869 
5870         /* Special case: */
5871         if (!strcmp(name, "tsc-freq")) {
5872             int ret;
5873             uint64_t tsc_freq;
5874 
5875             ret = qemu_strtosz_metric(val, NULL, &tsc_freq);
5876             if (ret < 0 || tsc_freq > INT64_MAX) {
5877                 error_setg(errp, "bad numerical value %s", val);
5878                 return;
5879             }
5880             snprintf(num, sizeof(num), "%" PRId64, tsc_freq);
5881             val = num;
5882             name = "tsc-frequency";
5883         }
5884 
5885         prop = g_new0(typeof(*prop), 1);
5886         prop->driver = typename;
5887         prop->property = g_strdup(name);
5888         prop->value = g_strdup(val);
5889         qdev_prop_register_global(prop);
5890     }
5891 
5892     if (ambiguous) {
5893         warn_report("Compatibility of ambiguous CPU model "
5894                     "strings won't be kept on future QEMU versions");
5895     }
5896 }
5897 
5898 static bool x86_cpu_filter_features(X86CPU *cpu, bool verbose);
5899 
5900 /* Build a list with the name of all features on a feature word array */
5901 static void x86_cpu_list_feature_names(FeatureWordArray features,
5902                                        strList **list)
5903 {
5904     strList **tail = list;
5905     FeatureWord w;
5906 
5907     for (w = 0; w < FEATURE_WORDS; w++) {
5908         uint64_t filtered = features[w];
5909         int i;
5910         for (i = 0; i < 64; i++) {
5911             if (filtered & (1ULL << i)) {
5912                 QAPI_LIST_APPEND(tail, g_strdup(x86_cpu_feature_name(w, i)));
5913             }
5914         }
5915     }
5916 }
5917 
5918 static void x86_cpu_get_unavailable_features(Object *obj, Visitor *v,
5919                                              const char *name, void *opaque,
5920                                              Error **errp)
5921 {
5922     X86CPU *xc = X86_CPU(obj);
5923     strList *result = NULL;
5924 
5925     x86_cpu_list_feature_names(xc->filtered_features, &result);
5926     visit_type_strList(v, "unavailable-features", &result, errp);
5927 }
5928 
5929 /* Print all cpuid feature names in featureset
5930  */
5931 static void listflags(GList *features)
5932 {
5933     size_t len = 0;
5934     GList *tmp;
5935 
5936     for (tmp = features; tmp; tmp = tmp->next) {
5937         const char *name = tmp->data;
5938         if ((len + strlen(name) + 1) >= 75) {
5939             qemu_printf("\n");
5940             len = 0;
5941         }
5942         qemu_printf("%s%s", len == 0 ? "  " : " ", name);
5943         len += strlen(name) + 1;
5944     }
5945     qemu_printf("\n");
5946 }
5947 
5948 /* Sort alphabetically by type name, respecting X86CPUClass::ordering. */
5949 static gint x86_cpu_list_compare(gconstpointer a, gconstpointer b)
5950 {
5951     ObjectClass *class_a = (ObjectClass *)a;
5952     ObjectClass *class_b = (ObjectClass *)b;
5953     X86CPUClass *cc_a = X86_CPU_CLASS(class_a);
5954     X86CPUClass *cc_b = X86_CPU_CLASS(class_b);
5955     int ret;
5956 
5957     if (cc_a->ordering != cc_b->ordering) {
5958         ret = cc_a->ordering - cc_b->ordering;
5959     } else {
5960         g_autofree char *name_a = x86_cpu_class_get_model_name(cc_a);
5961         g_autofree char *name_b = x86_cpu_class_get_model_name(cc_b);
5962         ret = strcmp(name_a, name_b);
5963     }
5964     return ret;
5965 }
5966 
5967 static GSList *get_sorted_cpu_model_list(void)
5968 {
5969     GSList *list = object_class_get_list(TYPE_X86_CPU, false);
5970     list = g_slist_sort(list, x86_cpu_list_compare);
5971     return list;
5972 }
5973 
5974 static char *x86_cpu_class_get_model_id(X86CPUClass *xc)
5975 {
5976     Object *obj = object_new_with_class(OBJECT_CLASS(xc));
5977     char *r = object_property_get_str(obj, "model-id", &error_abort);
5978     object_unref(obj);
5979     return r;
5980 }
5981 
5982 static char *x86_cpu_class_get_alias_of(X86CPUClass *cc)
5983 {
5984     X86CPUVersion version;
5985 
5986     if (!cc->model || !cc->model->is_alias) {
5987         return NULL;
5988     }
5989     version = x86_cpu_model_resolve_version(cc->model);
5990     if (version <= 0) {
5991         return NULL;
5992     }
5993     return x86_cpu_versioned_model_name(cc->model->cpudef, version);
5994 }
5995 
5996 static void x86_cpu_list_entry(gpointer data, gpointer user_data)
5997 {
5998     ObjectClass *oc = data;
5999     X86CPUClass *cc = X86_CPU_CLASS(oc);
6000     g_autofree char *name = x86_cpu_class_get_model_name(cc);
6001     g_autofree char *desc = g_strdup(cc->model_description);
6002     g_autofree char *alias_of = x86_cpu_class_get_alias_of(cc);
6003     g_autofree char *model_id = x86_cpu_class_get_model_id(cc);
6004 
6005     if (!desc && alias_of) {
6006         if (cc->model && cc->model->version == CPU_VERSION_AUTO) {
6007             desc = g_strdup("(alias configured by machine type)");
6008         } else {
6009             desc = g_strdup_printf("(alias of %s)", alias_of);
6010         }
6011     }
6012     if (!desc && cc->model && cc->model->note) {
6013         desc = g_strdup_printf("%s [%s]", model_id, cc->model->note);
6014     }
6015     if (!desc) {
6016         desc = g_strdup_printf("%s", model_id);
6017     }
6018 
6019     if (cc->model && cc->model->cpudef->deprecation_note) {
6020         g_autofree char *olddesc = desc;
6021         desc = g_strdup_printf("%s (deprecated)", olddesc);
6022     }
6023 
6024     qemu_printf("  %-20s  %s\n", name, desc);
6025 }
6026 
6027 /* list available CPU models and flags */
6028 void x86_cpu_list(void)
6029 {
6030     int i, j;
6031     GSList *list;
6032     GList *names = NULL;
6033 
6034     qemu_printf("Available CPUs:\n");
6035     list = get_sorted_cpu_model_list();
6036     g_slist_foreach(list, x86_cpu_list_entry, NULL);
6037     g_slist_free(list);
6038 
6039     names = NULL;
6040     for (i = 0; i < ARRAY_SIZE(feature_word_info); i++) {
6041         FeatureWordInfo *fw = &feature_word_info[i];
6042         for (j = 0; j < 64; j++) {
6043             if (fw->feat_names[j]) {
6044                 names = g_list_append(names, (gpointer)fw->feat_names[j]);
6045             }
6046         }
6047     }
6048 
6049     names = g_list_sort(names, (GCompareFunc)strcmp);
6050 
6051     qemu_printf("\nRecognized CPUID flags:\n");
6052     listflags(names);
6053     qemu_printf("\n");
6054     g_list_free(names);
6055 }
6056 
6057 #ifndef CONFIG_USER_ONLY
6058 
6059 /* Check for missing features that may prevent the CPU class from
6060  * running using the current machine and accelerator.
6061  */
6062 static void x86_cpu_class_check_missing_features(X86CPUClass *xcc,
6063                                                  strList **list)
6064 {
6065     strList **tail = list;
6066     X86CPU *xc;
6067     Error *err = NULL;
6068 
6069     if (xcc->host_cpuid_required && !accel_uses_host_cpuid()) {
6070         QAPI_LIST_APPEND(tail, g_strdup("kvm"));
6071         return;
6072     }
6073 
6074     xc = X86_CPU(object_new_with_class(OBJECT_CLASS(xcc)));
6075 
6076     x86_cpu_expand_features(xc, &err);
6077     if (err) {
6078         /* Errors at x86_cpu_expand_features should never happen,
6079          * but in case it does, just report the model as not
6080          * runnable at all using the "type" property.
6081          */
6082         QAPI_LIST_APPEND(tail, g_strdup("type"));
6083         error_free(err);
6084     }
6085 
6086     x86_cpu_filter_features(xc, false);
6087 
6088     x86_cpu_list_feature_names(xc->filtered_features, tail);
6089 
6090     object_unref(OBJECT(xc));
6091 }
6092 
6093 static void x86_cpu_definition_entry(gpointer data, gpointer user_data)
6094 {
6095     ObjectClass *oc = data;
6096     X86CPUClass *cc = X86_CPU_CLASS(oc);
6097     CpuDefinitionInfoList **cpu_list = user_data;
6098     CpuDefinitionInfo *info;
6099 
6100     info = g_malloc0(sizeof(*info));
6101     info->name = x86_cpu_class_get_model_name(cc);
6102     x86_cpu_class_check_missing_features(cc, &info->unavailable_features);
6103     info->has_unavailable_features = true;
6104     info->q_typename = g_strdup(object_class_get_name(oc));
6105     info->migration_safe = cc->migration_safe;
6106     info->has_migration_safe = true;
6107     info->q_static = cc->static_model;
6108     if (cc->model && cc->model->cpudef->deprecation_note) {
6109         info->deprecated = true;
6110     } else {
6111         info->deprecated = false;
6112     }
6113     /*
6114      * Old machine types won't report aliases, so that alias translation
6115      * doesn't break compatibility with previous QEMU versions.
6116      */
6117     if (default_cpu_version != CPU_VERSION_LEGACY) {
6118         info->alias_of = x86_cpu_class_get_alias_of(cc);
6119     }
6120 
6121     QAPI_LIST_PREPEND(*cpu_list, info);
6122 }
6123 
6124 CpuDefinitionInfoList *qmp_query_cpu_definitions(Error **errp)
6125 {
6126     CpuDefinitionInfoList *cpu_list = NULL;
6127     GSList *list = get_sorted_cpu_model_list();
6128     g_slist_foreach(list, x86_cpu_definition_entry, &cpu_list);
6129     g_slist_free(list);
6130     return cpu_list;
6131 }
6132 
6133 #endif /* !CONFIG_USER_ONLY */
6134 
6135 uint64_t x86_cpu_get_supported_feature_word(X86CPU *cpu, FeatureWord w)
6136 {
6137     FeatureWordInfo *wi = &feature_word_info[w];
6138     uint64_t r = 0;
6139     uint64_t unavail = 0;
6140 
6141     if (kvm_enabled()) {
6142         switch (wi->type) {
6143         case CPUID_FEATURE_WORD:
6144             r = kvm_arch_get_supported_cpuid(kvm_state, wi->cpuid.eax,
6145                                                         wi->cpuid.ecx,
6146                                                         wi->cpuid.reg);
6147             break;
6148         case MSR_FEATURE_WORD:
6149             r = kvm_arch_get_supported_msr_feature(kvm_state,
6150                         wi->msr.index);
6151             break;
6152         }
6153     } else if (hvf_enabled()) {
6154         if (wi->type != CPUID_FEATURE_WORD) {
6155             return 0;
6156         }
6157         r = hvf_get_supported_cpuid(wi->cpuid.eax,
6158                                     wi->cpuid.ecx,
6159                                     wi->cpuid.reg);
6160     } else if (tcg_enabled()) {
6161         r = wi->tcg_features;
6162     } else {
6163         return ~0;
6164     }
6165 
6166     switch (w) {
6167 #ifndef TARGET_X86_64
6168     case FEAT_8000_0001_EDX:
6169         /*
6170          * 32-bit TCG can emulate 64-bit compatibility mode.  If there is no
6171          * way for userspace to get out of its 32-bit jail, we can leave
6172          * the LM bit set.
6173          */
6174         unavail = tcg_enabled()
6175             ? CPUID_EXT2_LM & ~CPUID_EXT2_KERNEL_FEATURES
6176             : CPUID_EXT2_LM;
6177         break;
6178 #endif
6179 
6180     case FEAT_8000_0007_EBX:
6181         if (cpu && !IS_AMD_CPU(&cpu->env)) {
6182             /* Disable AMD machine check architecture for Intel CPU.  */
6183             unavail = ~0;
6184         }
6185         break;
6186 
6187     case FEAT_7_0_EBX:
6188 #ifndef CONFIG_USER_ONLY
6189         if (!check_sgx_support()) {
6190             unavail = CPUID_7_0_EBX_SGX;
6191         }
6192 #endif
6193         break;
6194     case FEAT_7_0_ECX:
6195 #ifndef CONFIG_USER_ONLY
6196         if (!check_sgx_support()) {
6197             unavail = CPUID_7_0_ECX_SGX_LC;
6198         }
6199 #endif
6200         break;
6201 
6202     default:
6203         break;
6204     }
6205 
6206     r &= ~unavail;
6207     if (cpu && cpu->migratable) {
6208         r &= x86_cpu_get_migratable_flags(cpu, w);
6209     }
6210     return r;
6211 }
6212 
6213 static void x86_cpu_get_supported_cpuid(uint32_t func, uint32_t index,
6214                                         uint32_t *eax, uint32_t *ebx,
6215                                         uint32_t *ecx, uint32_t *edx)
6216 {
6217     if (kvm_enabled()) {
6218         *eax = kvm_arch_get_supported_cpuid(kvm_state, func, index, R_EAX);
6219         *ebx = kvm_arch_get_supported_cpuid(kvm_state, func, index, R_EBX);
6220         *ecx = kvm_arch_get_supported_cpuid(kvm_state, func, index, R_ECX);
6221         *edx = kvm_arch_get_supported_cpuid(kvm_state, func, index, R_EDX);
6222     } else if (hvf_enabled()) {
6223         *eax = hvf_get_supported_cpuid(func, index, R_EAX);
6224         *ebx = hvf_get_supported_cpuid(func, index, R_EBX);
6225         *ecx = hvf_get_supported_cpuid(func, index, R_ECX);
6226         *edx = hvf_get_supported_cpuid(func, index, R_EDX);
6227     } else {
6228         *eax = 0;
6229         *ebx = 0;
6230         *ecx = 0;
6231         *edx = 0;
6232     }
6233 }
6234 
6235 static void x86_cpu_get_cache_cpuid(uint32_t func, uint32_t index,
6236                                     uint32_t *eax, uint32_t *ebx,
6237                                     uint32_t *ecx, uint32_t *edx)
6238 {
6239     uint32_t level, unused;
6240 
6241     /* Only return valid host leaves.  */
6242     switch (func) {
6243     case 2:
6244     case 4:
6245         host_cpuid(0, 0, &level, &unused, &unused, &unused);
6246         break;
6247     case 0x80000005:
6248     case 0x80000006:
6249     case 0x8000001d:
6250         host_cpuid(0x80000000, 0, &level, &unused, &unused, &unused);
6251         break;
6252     default:
6253         return;
6254     }
6255 
6256     if (func > level) {
6257         *eax = 0;
6258         *ebx = 0;
6259         *ecx = 0;
6260         *edx = 0;
6261     } else {
6262         host_cpuid(func, index, eax, ebx, ecx, edx);
6263     }
6264 }
6265 
6266 /*
6267  * Only for builtin_x86_defs models initialized with x86_register_cpudef_types.
6268  */
6269 void x86_cpu_apply_props(X86CPU *cpu, PropValue *props)
6270 {
6271     PropValue *pv;
6272     for (pv = props; pv->prop; pv++) {
6273         if (!pv->value) {
6274             continue;
6275         }
6276         object_property_parse(OBJECT(cpu), pv->prop, pv->value,
6277                               &error_abort);
6278     }
6279 }
6280 
6281 /*
6282  * Apply properties for the CPU model version specified in model.
6283  * Only for builtin_x86_defs models initialized with x86_register_cpudef_types.
6284  */
6285 
6286 static void x86_cpu_apply_version_props(X86CPU *cpu, X86CPUModel *model)
6287 {
6288     const X86CPUVersionDefinition *vdef;
6289     X86CPUVersion version = x86_cpu_model_resolve_version(model);
6290 
6291     if (version == CPU_VERSION_LEGACY) {
6292         return;
6293     }
6294 
6295     for (vdef = x86_cpu_def_get_versions(model->cpudef); vdef->version; vdef++) {
6296         PropValue *p;
6297 
6298         for (p = vdef->props; p && p->prop; p++) {
6299             object_property_parse(OBJECT(cpu), p->prop, p->value,
6300                                   &error_abort);
6301         }
6302 
6303         if (vdef->version == version) {
6304             break;
6305         }
6306     }
6307 
6308     /*
6309      * If we reached the end of the list, version number was invalid
6310      */
6311     assert(vdef->version == version);
6312 }
6313 
6314 static const CPUCaches *x86_cpu_get_versioned_cache_info(X86CPU *cpu,
6315                                                          X86CPUModel *model)
6316 {
6317     const X86CPUVersionDefinition *vdef;
6318     X86CPUVersion version = x86_cpu_model_resolve_version(model);
6319     const CPUCaches *cache_info = model->cpudef->cache_info;
6320 
6321     if (version == CPU_VERSION_LEGACY) {
6322         return cache_info;
6323     }
6324 
6325     for (vdef = x86_cpu_def_get_versions(model->cpudef); vdef->version; vdef++) {
6326         if (vdef->cache_info) {
6327             cache_info = vdef->cache_info;
6328         }
6329 
6330         if (vdef->version == version) {
6331             break;
6332         }
6333     }
6334 
6335     assert(vdef->version == version);
6336     return cache_info;
6337 }
6338 
6339 /*
6340  * Load data from X86CPUDefinition into a X86CPU object.
6341  * Only for builtin_x86_defs models initialized with x86_register_cpudef_types.
6342  */
6343 static void x86_cpu_load_model(X86CPU *cpu, X86CPUModel *model)
6344 {
6345     const X86CPUDefinition *def = model->cpudef;
6346     CPUX86State *env = &cpu->env;
6347     FeatureWord w;
6348 
6349     /*NOTE: any property set by this function should be returned by
6350      * x86_cpu_static_props(), so static expansion of
6351      * query-cpu-model-expansion is always complete.
6352      */
6353 
6354     /* CPU models only set _minimum_ values for level/xlevel: */
6355     object_property_set_uint(OBJECT(cpu), "min-level", def->level,
6356                              &error_abort);
6357     object_property_set_uint(OBJECT(cpu), "min-xlevel", def->xlevel,
6358                              &error_abort);
6359 
6360     object_property_set_int(OBJECT(cpu), "family", def->family, &error_abort);
6361     object_property_set_int(OBJECT(cpu), "model", def->model, &error_abort);
6362     object_property_set_int(OBJECT(cpu), "stepping", def->stepping,
6363                             &error_abort);
6364     object_property_set_str(OBJECT(cpu), "model-id", def->model_id,
6365                             &error_abort);
6366     for (w = 0; w < FEATURE_WORDS; w++) {
6367         env->features[w] = def->features[w];
6368     }
6369 
6370     /* legacy-cache defaults to 'off' if CPU model provides cache info */
6371     cpu->legacy_cache = !x86_cpu_get_versioned_cache_info(cpu, model);
6372 
6373     env->features[FEAT_1_ECX] |= CPUID_EXT_HYPERVISOR;
6374 
6375     /* sysenter isn't supported in compatibility mode on AMD,
6376      * syscall isn't supported in compatibility mode on Intel.
6377      * Normally we advertise the actual CPU vendor, but you can
6378      * override this using the 'vendor' property if you want to use
6379      * KVM's sysenter/syscall emulation in compatibility mode and
6380      * when doing cross vendor migration
6381      */
6382 
6383     /*
6384      * vendor property is set here but then overloaded with the
6385      * host cpu vendor for KVM and HVF.
6386      */
6387     object_property_set_str(OBJECT(cpu), "vendor", def->vendor, &error_abort);
6388 
6389     object_property_set_uint(OBJECT(cpu), "avx10-version", def->avx10_version,
6390                              &error_abort);
6391 
6392     x86_cpu_apply_version_props(cpu, model);
6393 
6394     /*
6395      * Properties in versioned CPU model are not user specified features.
6396      * We can simply clear env->user_features here since it will be filled later
6397      * in x86_cpu_expand_features() based on plus_features and minus_features.
6398      */
6399     memset(&env->user_features, 0, sizeof(env->user_features));
6400 }
6401 
6402 static const gchar *x86_gdb_arch_name(CPUState *cs)
6403 {
6404 #ifdef TARGET_X86_64
6405     return "i386:x86-64";
6406 #else
6407     return "i386";
6408 #endif
6409 }
6410 
6411 static void x86_cpu_cpudef_class_init(ObjectClass *oc, void *data)
6412 {
6413     X86CPUModel *model = data;
6414     X86CPUClass *xcc = X86_CPU_CLASS(oc);
6415     CPUClass *cc = CPU_CLASS(oc);
6416 
6417     xcc->model = model;
6418     xcc->migration_safe = true;
6419     cc->deprecation_note = model->cpudef->deprecation_note;
6420 }
6421 
6422 static void x86_register_cpu_model_type(const char *name, X86CPUModel *model)
6423 {
6424     g_autofree char *typename = x86_cpu_type_name(name);
6425     TypeInfo ti = {
6426         .name = typename,
6427         .parent = TYPE_X86_CPU,
6428         .class_init = x86_cpu_cpudef_class_init,
6429         .class_data = model,
6430     };
6431 
6432     type_register_static(&ti);
6433 }
6434 
6435 
6436 /*
6437  * register builtin_x86_defs;
6438  * "max", "base" and subclasses ("host") are not registered here.
6439  * See x86_cpu_register_types for all model registrations.
6440  */
6441 static void x86_register_cpudef_types(const X86CPUDefinition *def)
6442 {
6443     X86CPUModel *m;
6444     const X86CPUVersionDefinition *vdef;
6445 
6446     /* AMD aliases are handled at runtime based on CPUID vendor, so
6447      * they shouldn't be set on the CPU model table.
6448      */
6449     assert(!(def->features[FEAT_8000_0001_EDX] & CPUID_EXT2_AMD_ALIASES));
6450     /* catch mistakes instead of silently truncating model_id when too long */
6451     assert(def->model_id && strlen(def->model_id) <= 48);
6452 
6453     /* Unversioned model: */
6454     m = g_new0(X86CPUModel, 1);
6455     m->cpudef = def;
6456     m->version = CPU_VERSION_AUTO;
6457     m->is_alias = true;
6458     x86_register_cpu_model_type(def->name, m);
6459 
6460     /* Versioned models: */
6461 
6462     for (vdef = x86_cpu_def_get_versions(def); vdef->version; vdef++) {
6463         g_autofree char *name =
6464             x86_cpu_versioned_model_name(def, vdef->version);
6465 
6466         m = g_new0(X86CPUModel, 1);
6467         m->cpudef = def;
6468         m->version = vdef->version;
6469         m->note = vdef->note;
6470         x86_register_cpu_model_type(name, m);
6471 
6472         if (vdef->alias) {
6473             X86CPUModel *am = g_new0(X86CPUModel, 1);
6474             am->cpudef = def;
6475             am->version = vdef->version;
6476             am->is_alias = true;
6477             x86_register_cpu_model_type(vdef->alias, am);
6478         }
6479     }
6480 
6481 }
6482 
6483 uint32_t cpu_x86_virtual_addr_width(CPUX86State *env)
6484 {
6485     if  (env->features[FEAT_7_0_ECX] & CPUID_7_0_ECX_LA57) {
6486         return 57; /* 57 bits virtual */
6487     } else {
6488         return 48; /* 48 bits virtual */
6489     }
6490 }
6491 
6492 void cpu_x86_cpuid(CPUX86State *env, uint32_t index, uint32_t count,
6493                    uint32_t *eax, uint32_t *ebx,
6494                    uint32_t *ecx, uint32_t *edx)
6495 {
6496     X86CPU *cpu = env_archcpu(env);
6497     CPUState *cs = env_cpu(env);
6498     uint32_t limit;
6499     uint32_t signature[3];
6500     X86CPUTopoInfo topo_info;
6501     uint32_t cores_per_pkg;
6502     uint32_t threads_per_pkg;
6503 
6504     topo_info.dies_per_pkg = env->nr_dies;
6505     topo_info.modules_per_die = env->nr_modules;
6506     topo_info.cores_per_module = cs->nr_cores / env->nr_dies / env->nr_modules;
6507     topo_info.threads_per_core = cs->nr_threads;
6508 
6509     cores_per_pkg = topo_info.cores_per_module * topo_info.modules_per_die *
6510                     topo_info.dies_per_pkg;
6511     threads_per_pkg = cores_per_pkg * topo_info.threads_per_core;
6512 
6513     /* Calculate & apply limits for different index ranges */
6514     if (index >= 0xC0000000) {
6515         limit = env->cpuid_xlevel2;
6516     } else if (index >= 0x80000000) {
6517         limit = env->cpuid_xlevel;
6518     } else if (index >= 0x40000000) {
6519         limit = 0x40000001;
6520     } else {
6521         limit = env->cpuid_level;
6522     }
6523 
6524     if (index > limit) {
6525         /* Intel documentation states that invalid EAX input will
6526          * return the same information as EAX=cpuid_level
6527          * (Intel SDM Vol. 2A - Instruction Set Reference - CPUID)
6528          */
6529         index = env->cpuid_level;
6530     }
6531 
6532     switch(index) {
6533     case 0:
6534         *eax = env->cpuid_level;
6535         *ebx = env->cpuid_vendor1;
6536         *edx = env->cpuid_vendor2;
6537         *ecx = env->cpuid_vendor3;
6538         break;
6539     case 1:
6540         *eax = env->cpuid_version;
6541         *ebx = (cpu->apic_id << 24) |
6542                8 << 8; /* CLFLUSH size in quad words, Linux wants it. */
6543         *ecx = env->features[FEAT_1_ECX];
6544         if ((*ecx & CPUID_EXT_XSAVE) && (env->cr[4] & CR4_OSXSAVE_MASK)) {
6545             *ecx |= CPUID_EXT_OSXSAVE;
6546         }
6547         *edx = env->features[FEAT_1_EDX];
6548         if (threads_per_pkg > 1) {
6549             *ebx |= threads_per_pkg << 16;
6550             *edx |= CPUID_HT;
6551         }
6552         if (!cpu->enable_pmu) {
6553             *ecx &= ~CPUID_EXT_PDCM;
6554         }
6555         break;
6556     case 2:
6557         /* cache info: needed for Pentium Pro compatibility */
6558         if (cpu->cache_info_passthrough) {
6559             x86_cpu_get_cache_cpuid(index, 0, eax, ebx, ecx, edx);
6560             break;
6561         } else if (cpu->vendor_cpuid_only && IS_AMD_CPU(env)) {
6562             *eax = *ebx = *ecx = *edx = 0;
6563             break;
6564         }
6565         *eax = 1; /* Number of CPUID[EAX=2] calls required */
6566         *ebx = 0;
6567         if (!cpu->enable_l3_cache) {
6568             *ecx = 0;
6569         } else {
6570             *ecx = cpuid2_cache_descriptor(env->cache_info_cpuid2.l3_cache);
6571         }
6572         *edx = (cpuid2_cache_descriptor(env->cache_info_cpuid2.l1d_cache) << 16) |
6573                (cpuid2_cache_descriptor(env->cache_info_cpuid2.l1i_cache) <<  8) |
6574                (cpuid2_cache_descriptor(env->cache_info_cpuid2.l2_cache));
6575         break;
6576     case 4:
6577         /* cache info: needed for Core compatibility */
6578         if (cpu->cache_info_passthrough) {
6579             x86_cpu_get_cache_cpuid(index, count, eax, ebx, ecx, edx);
6580             /*
6581              * QEMU has its own number of cores/logical cpus,
6582              * set 24..14, 31..26 bit to configured values
6583              */
6584             if (*eax & 31) {
6585                 int host_vcpus_per_cache = 1 + ((*eax & 0x3FFC000) >> 14);
6586 
6587                 *eax &= ~0xFC000000;
6588                 *eax |= max_core_ids_in_package(&topo_info) << 26;
6589                 if (host_vcpus_per_cache > threads_per_pkg) {
6590                     *eax &= ~0x3FFC000;
6591 
6592                     /* Share the cache at package level. */
6593                     *eax |= max_thread_ids_for_cache(&topo_info,
6594                                 CPU_TOPOLOGY_LEVEL_SOCKET) << 14;
6595                 }
6596             }
6597         } else if (cpu->vendor_cpuid_only && IS_AMD_CPU(env)) {
6598             *eax = *ebx = *ecx = *edx = 0;
6599         } else {
6600             *eax = 0;
6601 
6602             switch (count) {
6603             case 0: /* L1 dcache info */
6604                 encode_cache_cpuid4(env->cache_info_cpuid4.l1d_cache,
6605                                     &topo_info,
6606                                     eax, ebx, ecx, edx);
6607                 if (!cpu->l1_cache_per_core) {
6608                     *eax &= ~MAKE_64BIT_MASK(14, 12);
6609                 }
6610                 break;
6611             case 1: /* L1 icache info */
6612                 encode_cache_cpuid4(env->cache_info_cpuid4.l1i_cache,
6613                                     &topo_info,
6614                                     eax, ebx, ecx, edx);
6615                 if (!cpu->l1_cache_per_core) {
6616                     *eax &= ~MAKE_64BIT_MASK(14, 12);
6617                 }
6618                 break;
6619             case 2: /* L2 cache info */
6620                 encode_cache_cpuid4(env->cache_info_cpuid4.l2_cache,
6621                                     &topo_info,
6622                                     eax, ebx, ecx, edx);
6623                 break;
6624             case 3: /* L3 cache info */
6625                 if (cpu->enable_l3_cache) {
6626                     encode_cache_cpuid4(env->cache_info_cpuid4.l3_cache,
6627                                         &topo_info,
6628                                         eax, ebx, ecx, edx);
6629                     break;
6630                 }
6631                 /* fall through */
6632             default: /* end of info */
6633                 *eax = *ebx = *ecx = *edx = 0;
6634                 break;
6635             }
6636         }
6637         break;
6638     case 5:
6639         /* MONITOR/MWAIT Leaf */
6640         *eax = cpu->mwait.eax; /* Smallest monitor-line size in bytes */
6641         *ebx = cpu->mwait.ebx; /* Largest monitor-line size in bytes */
6642         *ecx = cpu->mwait.ecx; /* flags */
6643         *edx = cpu->mwait.edx; /* mwait substates */
6644         break;
6645     case 6:
6646         /* Thermal and Power Leaf */
6647         *eax = env->features[FEAT_6_EAX];
6648         *ebx = 0;
6649         *ecx = 0;
6650         *edx = 0;
6651         break;
6652     case 7:
6653         /* Structured Extended Feature Flags Enumeration Leaf */
6654         if (count == 0) {
6655             /* Maximum ECX value for sub-leaves */
6656             *eax = env->cpuid_level_func7;
6657             *ebx = env->features[FEAT_7_0_EBX]; /* Feature flags */
6658             *ecx = env->features[FEAT_7_0_ECX]; /* Feature flags */
6659             if ((*ecx & CPUID_7_0_ECX_PKU) && env->cr[4] & CR4_PKE_MASK) {
6660                 *ecx |= CPUID_7_0_ECX_OSPKE;
6661             }
6662             *edx = env->features[FEAT_7_0_EDX]; /* Feature flags */
6663         } else if (count == 1) {
6664             *eax = env->features[FEAT_7_1_EAX];
6665             *edx = env->features[FEAT_7_1_EDX];
6666             *ebx = 0;
6667             *ecx = 0;
6668         } else if (count == 2) {
6669             *edx = env->features[FEAT_7_2_EDX];
6670             *eax = 0;
6671             *ebx = 0;
6672             *ecx = 0;
6673         } else {
6674             *eax = 0;
6675             *ebx = 0;
6676             *ecx = 0;
6677             *edx = 0;
6678         }
6679         break;
6680     case 9:
6681         /* Direct Cache Access Information Leaf */
6682         *eax = 0; /* Bits 0-31 in DCA_CAP MSR */
6683         *ebx = 0;
6684         *ecx = 0;
6685         *edx = 0;
6686         break;
6687     case 0xA:
6688         /* Architectural Performance Monitoring Leaf */
6689         if (cpu->enable_pmu) {
6690             x86_cpu_get_supported_cpuid(0xA, count, eax, ebx, ecx, edx);
6691         } else {
6692             *eax = 0;
6693             *ebx = 0;
6694             *ecx = 0;
6695             *edx = 0;
6696         }
6697         break;
6698     case 0xB:
6699         /* Extended Topology Enumeration Leaf */
6700         if (!cpu->enable_cpuid_0xb) {
6701                 *eax = *ebx = *ecx = *edx = 0;
6702                 break;
6703         }
6704 
6705         *ecx = count & 0xff;
6706         *edx = cpu->apic_id;
6707 
6708         switch (count) {
6709         case 0:
6710             *eax = apicid_core_offset(&topo_info);
6711             *ebx = topo_info.threads_per_core;
6712             *ecx |= CPUID_B_ECX_TOPO_LEVEL_SMT << 8;
6713             break;
6714         case 1:
6715             *eax = apicid_pkg_offset(&topo_info);
6716             *ebx = threads_per_pkg;
6717             *ecx |= CPUID_B_ECX_TOPO_LEVEL_CORE << 8;
6718             break;
6719         default:
6720             *eax = 0;
6721             *ebx = 0;
6722             *ecx |= CPUID_B_ECX_TOPO_LEVEL_INVALID << 8;
6723         }
6724 
6725         assert(!(*eax & ~0x1f));
6726         *ebx &= 0xffff; /* The count doesn't need to be reliable. */
6727         break;
6728     case 0x1C:
6729         if (cpu->enable_pmu && (env->features[FEAT_7_0_EDX] & CPUID_7_0_EDX_ARCH_LBR)) {
6730             x86_cpu_get_supported_cpuid(0x1C, 0, eax, ebx, ecx, edx);
6731             *edx = 0;
6732         }
6733         break;
6734     case 0x1F:
6735         /* V2 Extended Topology Enumeration Leaf */
6736         if (!x86_has_extended_topo(env->avail_cpu_topo)) {
6737             *eax = *ebx = *ecx = *edx = 0;
6738             break;
6739         }
6740 
6741         encode_topo_cpuid1f(env, count, &topo_info, eax, ebx, ecx, edx);
6742         break;
6743     case 0xD: {
6744         /* Processor Extended State */
6745         *eax = 0;
6746         *ebx = 0;
6747         *ecx = 0;
6748         *edx = 0;
6749         if (!(env->features[FEAT_1_ECX] & CPUID_EXT_XSAVE)) {
6750             break;
6751         }
6752 
6753         if (count == 0) {
6754             *ecx = xsave_area_size(x86_cpu_xsave_xcr0_components(cpu), false);
6755             *eax = env->features[FEAT_XSAVE_XCR0_LO];
6756             *edx = env->features[FEAT_XSAVE_XCR0_HI];
6757             /*
6758              * The initial value of xcr0 and ebx == 0, On host without kvm
6759              * commit 412a3c41(e.g., CentOS 6), the ebx's value always == 0
6760              * even through guest update xcr0, this will crash some legacy guest
6761              * (e.g., CentOS 6), So set ebx == ecx to workaround it.
6762              */
6763             *ebx = kvm_enabled() ? *ecx : xsave_area_size(env->xcr0, false);
6764         } else if (count == 1) {
6765             uint64_t xstate = x86_cpu_xsave_xcr0_components(cpu) |
6766                               x86_cpu_xsave_xss_components(cpu);
6767 
6768             *eax = env->features[FEAT_XSAVE];
6769             *ebx = xsave_area_size(xstate, true);
6770             *ecx = env->features[FEAT_XSAVE_XSS_LO];
6771             *edx = env->features[FEAT_XSAVE_XSS_HI];
6772             if (kvm_enabled() && cpu->enable_pmu &&
6773                 (env->features[FEAT_7_0_EDX] & CPUID_7_0_EDX_ARCH_LBR) &&
6774                 (*eax & CPUID_XSAVE_XSAVES)) {
6775                 *ecx |= XSTATE_ARCH_LBR_MASK;
6776             } else {
6777                 *ecx &= ~XSTATE_ARCH_LBR_MASK;
6778             }
6779         } else if (count == 0xf && cpu->enable_pmu
6780                    && (env->features[FEAT_7_0_EDX] & CPUID_7_0_EDX_ARCH_LBR)) {
6781             x86_cpu_get_supported_cpuid(0xD, count, eax, ebx, ecx, edx);
6782         } else if (count < ARRAY_SIZE(x86_ext_save_areas)) {
6783             const ExtSaveArea *esa = &x86_ext_save_areas[count];
6784 
6785             if (x86_cpu_xsave_xcr0_components(cpu) & (1ULL << count)) {
6786                 *eax = esa->size;
6787                 *ebx = esa->offset;
6788                 *ecx = esa->ecx &
6789                        (ESA_FEATURE_ALIGN64_MASK | ESA_FEATURE_XFD_MASK);
6790             } else if (x86_cpu_xsave_xss_components(cpu) & (1ULL << count)) {
6791                 *eax = esa->size;
6792                 *ebx = 0;
6793                 *ecx = 1;
6794             }
6795         }
6796         break;
6797     }
6798     case 0x12:
6799 #ifndef CONFIG_USER_ONLY
6800         if (!kvm_enabled() ||
6801             !(env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_SGX)) {
6802             *eax = *ebx = *ecx = *edx = 0;
6803             break;
6804         }
6805 
6806         /*
6807          * SGX sub-leafs CPUID.0x12.{0x2..N} enumerate EPC sections.  Retrieve
6808          * the EPC properties, e.g. confidentiality and integrity, from the
6809          * host's first EPC section, i.e. assume there is one EPC section or
6810          * that all EPC sections have the same security properties.
6811          */
6812         if (count > 1) {
6813             uint64_t epc_addr, epc_size;
6814 
6815             if (sgx_epc_get_section(count - 2, &epc_addr, &epc_size)) {
6816                 *eax = *ebx = *ecx = *edx = 0;
6817                 break;
6818             }
6819             host_cpuid(index, 2, eax, ebx, ecx, edx);
6820             *eax = (uint32_t)(epc_addr & 0xfffff000) | 0x1;
6821             *ebx = (uint32_t)(epc_addr >> 32);
6822             *ecx = (uint32_t)(epc_size & 0xfffff000) | (*ecx & 0xf);
6823             *edx = (uint32_t)(epc_size >> 32);
6824             break;
6825         }
6826 
6827         /*
6828          * SGX sub-leafs CPUID.0x12.{0x0,0x1} are heavily dependent on hardware
6829          * and KVM, i.e. QEMU cannot emulate features to override what KVM
6830          * supports.  Features can be further restricted by userspace, but not
6831          * made more permissive.
6832          */
6833         x86_cpu_get_supported_cpuid(0x12, count, eax, ebx, ecx, edx);
6834 
6835         if (count == 0) {
6836             *eax &= env->features[FEAT_SGX_12_0_EAX];
6837             *ebx &= env->features[FEAT_SGX_12_0_EBX];
6838         } else {
6839             *eax &= env->features[FEAT_SGX_12_1_EAX];
6840             *ebx &= 0; /* ebx reserve */
6841             *ecx &= env->features[FEAT_XSAVE_XCR0_LO];
6842             *edx &= env->features[FEAT_XSAVE_XCR0_HI];
6843 
6844             /* FP and SSE are always allowed regardless of XSAVE/XCR0. */
6845             *ecx |= XSTATE_FP_MASK | XSTATE_SSE_MASK;
6846 
6847             /* Access to PROVISIONKEY requires additional credentials. */
6848             if ((*eax & (1U << 4)) &&
6849                 !kvm_enable_sgx_provisioning(cs->kvm_state)) {
6850                 *eax &= ~(1U << 4);
6851             }
6852         }
6853 #endif
6854         break;
6855     case 0x14: {
6856         /* Intel Processor Trace Enumeration */
6857         *eax = 0;
6858         *ebx = 0;
6859         *ecx = 0;
6860         *edx = 0;
6861         if (!(env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_INTEL_PT) ||
6862             !kvm_enabled()) {
6863             break;
6864         }
6865 
6866         /*
6867          * If these are changed, they should stay in sync with
6868          * x86_cpu_filter_features().
6869          */
6870         if (count == 0) {
6871             *eax = INTEL_PT_MAX_SUBLEAF;
6872             *ebx = INTEL_PT_MINIMAL_EBX;
6873             *ecx = INTEL_PT_MINIMAL_ECX;
6874             if (env->features[FEAT_14_0_ECX] & CPUID_14_0_ECX_LIP) {
6875                 *ecx |= CPUID_14_0_ECX_LIP;
6876             }
6877         } else if (count == 1) {
6878             *eax = INTEL_PT_MTC_BITMAP | INTEL_PT_ADDR_RANGES_NUM;
6879             *ebx = INTEL_PT_PSB_BITMAP | INTEL_PT_CYCLE_BITMAP;
6880         }
6881         break;
6882     }
6883     case 0x1D: {
6884         /* AMX TILE, for now hardcoded for Sapphire Rapids*/
6885         *eax = 0;
6886         *ebx = 0;
6887         *ecx = 0;
6888         *edx = 0;
6889         if (!(env->features[FEAT_7_0_EDX] & CPUID_7_0_EDX_AMX_TILE)) {
6890             break;
6891         }
6892 
6893         if (count == 0) {
6894             /* Highest numbered palette subleaf */
6895             *eax = INTEL_AMX_TILE_MAX_SUBLEAF;
6896         } else if (count == 1) {
6897             *eax = INTEL_AMX_TOTAL_TILE_BYTES |
6898                    (INTEL_AMX_BYTES_PER_TILE << 16);
6899             *ebx = INTEL_AMX_BYTES_PER_ROW | (INTEL_AMX_TILE_MAX_NAMES << 16);
6900             *ecx = INTEL_AMX_TILE_MAX_ROWS;
6901         }
6902         break;
6903     }
6904     case 0x1E: {
6905         /* AMX TMUL, for now hardcoded for Sapphire Rapids */
6906         *eax = 0;
6907         *ebx = 0;
6908         *ecx = 0;
6909         *edx = 0;
6910         if (!(env->features[FEAT_7_0_EDX] & CPUID_7_0_EDX_AMX_TILE)) {
6911             break;
6912         }
6913 
6914         if (count == 0) {
6915             /* Highest numbered palette subleaf */
6916             *ebx = INTEL_AMX_TMUL_MAX_K | (INTEL_AMX_TMUL_MAX_N << 8);
6917         }
6918         break;
6919     }
6920     case 0x24: {
6921         *eax = 0;
6922         *ebx = 0;
6923         *ecx = 0;
6924         *edx = 0;
6925         if ((env->features[FEAT_7_1_EDX] & CPUID_7_1_EDX_AVX10) && count == 0) {
6926             *ebx = env->features[FEAT_24_0_EBX] | env->avx10_version;
6927         }
6928         break;
6929     }
6930     case 0x40000000:
6931         /*
6932          * CPUID code in kvm_arch_init_vcpu() ignores stuff
6933          * set here, but we restrict to TCG none the less.
6934          */
6935         if (tcg_enabled() && cpu->expose_tcg) {
6936             memcpy(signature, "TCGTCGTCGTCG", 12);
6937             *eax = 0x40000001;
6938             *ebx = signature[0];
6939             *ecx = signature[1];
6940             *edx = signature[2];
6941         } else {
6942             *eax = 0;
6943             *ebx = 0;
6944             *ecx = 0;
6945             *edx = 0;
6946         }
6947         break;
6948     case 0x40000001:
6949         *eax = 0;
6950         *ebx = 0;
6951         *ecx = 0;
6952         *edx = 0;
6953         break;
6954     case 0x80000000:
6955         *eax = env->cpuid_xlevel;
6956         *ebx = env->cpuid_vendor1;
6957         *edx = env->cpuid_vendor2;
6958         *ecx = env->cpuid_vendor3;
6959         break;
6960     case 0x80000001:
6961         *eax = env->cpuid_version;
6962         *ebx = 0;
6963         *ecx = env->features[FEAT_8000_0001_ECX];
6964         *edx = env->features[FEAT_8000_0001_EDX];
6965 
6966         /* The Linux kernel checks for the CMPLegacy bit and
6967          * discards multiple thread information if it is set.
6968          * So don't set it here for Intel to make Linux guests happy.
6969          */
6970         if (threads_per_pkg > 1) {
6971             if (env->cpuid_vendor1 != CPUID_VENDOR_INTEL_1 ||
6972                 env->cpuid_vendor2 != CPUID_VENDOR_INTEL_2 ||
6973                 env->cpuid_vendor3 != CPUID_VENDOR_INTEL_3) {
6974                 *ecx |= 1 << 1;    /* CmpLegacy bit */
6975             }
6976         }
6977         if (tcg_enabled() && env->cpuid_vendor1 == CPUID_VENDOR_INTEL_1 &&
6978             !(env->hflags & HF_LMA_MASK)) {
6979             *edx &= ~CPUID_EXT2_SYSCALL;
6980         }
6981         break;
6982     case 0x80000002:
6983     case 0x80000003:
6984     case 0x80000004:
6985         *eax = env->cpuid_model[(index - 0x80000002) * 4 + 0];
6986         *ebx = env->cpuid_model[(index - 0x80000002) * 4 + 1];
6987         *ecx = env->cpuid_model[(index - 0x80000002) * 4 + 2];
6988         *edx = env->cpuid_model[(index - 0x80000002) * 4 + 3];
6989         break;
6990     case 0x80000005:
6991         /* cache info (L1 cache) */
6992         if (cpu->cache_info_passthrough) {
6993             x86_cpu_get_cache_cpuid(index, 0, eax, ebx, ecx, edx);
6994             break;
6995         }
6996         *eax = (L1_DTLB_2M_ASSOC << 24) | (L1_DTLB_2M_ENTRIES << 16) |
6997                (L1_ITLB_2M_ASSOC <<  8) | (L1_ITLB_2M_ENTRIES);
6998         *ebx = (L1_DTLB_4K_ASSOC << 24) | (L1_DTLB_4K_ENTRIES << 16) |
6999                (L1_ITLB_4K_ASSOC <<  8) | (L1_ITLB_4K_ENTRIES);
7000         *ecx = encode_cache_cpuid80000005(env->cache_info_amd.l1d_cache);
7001         *edx = encode_cache_cpuid80000005(env->cache_info_amd.l1i_cache);
7002         break;
7003     case 0x80000006:
7004         /* cache info (L2 cache) */
7005         if (cpu->cache_info_passthrough) {
7006             x86_cpu_get_cache_cpuid(index, 0, eax, ebx, ecx, edx);
7007             break;
7008         }
7009         *eax = (AMD_ENC_ASSOC(L2_DTLB_2M_ASSOC) << 28) |
7010                (L2_DTLB_2M_ENTRIES << 16) |
7011                (AMD_ENC_ASSOC(L2_ITLB_2M_ASSOC) << 12) |
7012                (L2_ITLB_2M_ENTRIES);
7013         *ebx = (AMD_ENC_ASSOC(L2_DTLB_4K_ASSOC) << 28) |
7014                (L2_DTLB_4K_ENTRIES << 16) |
7015                (AMD_ENC_ASSOC(L2_ITLB_4K_ASSOC) << 12) |
7016                (L2_ITLB_4K_ENTRIES);
7017         encode_cache_cpuid80000006(env->cache_info_amd.l2_cache,
7018                                    cpu->enable_l3_cache ?
7019                                    env->cache_info_amd.l3_cache : NULL,
7020                                    ecx, edx);
7021         break;
7022     case 0x80000007:
7023         *eax = 0;
7024         *ebx = env->features[FEAT_8000_0007_EBX];
7025         *ecx = 0;
7026         *edx = env->features[FEAT_8000_0007_EDX];
7027         break;
7028     case 0x80000008:
7029         /* virtual & phys address size in low 2 bytes. */
7030         *eax = cpu->phys_bits;
7031         if (env->features[FEAT_8000_0001_EDX] & CPUID_EXT2_LM) {
7032             /* 64 bit processor */
7033              *eax |= (cpu_x86_virtual_addr_width(env) << 8);
7034              *eax |= (cpu->guest_phys_bits << 16);
7035         }
7036         *ebx = env->features[FEAT_8000_0008_EBX];
7037         if (threads_per_pkg > 1) {
7038             /*
7039              * Bits 15:12 is "The number of bits in the initial
7040              * Core::X86::Apic::ApicId[ApicId] value that indicate
7041              * thread ID within a package".
7042              * Bits 7:0 is "The number of threads in the package is NC+1"
7043              */
7044             *ecx = (apicid_pkg_offset(&topo_info) << 12) |
7045                    (threads_per_pkg - 1);
7046         } else {
7047             *ecx = 0;
7048         }
7049         *edx = 0;
7050         break;
7051     case 0x8000000A:
7052         if (env->features[FEAT_8000_0001_ECX] & CPUID_EXT3_SVM) {
7053             *eax = 0x00000001; /* SVM Revision */
7054             *ebx = 0x00000010; /* nr of ASIDs */
7055             *ecx = 0;
7056             *edx = env->features[FEAT_SVM]; /* optional features */
7057         } else {
7058             *eax = 0;
7059             *ebx = 0;
7060             *ecx = 0;
7061             *edx = 0;
7062         }
7063         break;
7064     case 0x8000001D:
7065         *eax = 0;
7066         if (cpu->cache_info_passthrough) {
7067             x86_cpu_get_cache_cpuid(index, count, eax, ebx, ecx, edx);
7068             break;
7069         }
7070         switch (count) {
7071         case 0: /* L1 dcache info */
7072             encode_cache_cpuid8000001d(env->cache_info_amd.l1d_cache,
7073                                        &topo_info, eax, ebx, ecx, edx);
7074             break;
7075         case 1: /* L1 icache info */
7076             encode_cache_cpuid8000001d(env->cache_info_amd.l1i_cache,
7077                                        &topo_info, eax, ebx, ecx, edx);
7078             break;
7079         case 2: /* L2 cache info */
7080             encode_cache_cpuid8000001d(env->cache_info_amd.l2_cache,
7081                                        &topo_info, eax, ebx, ecx, edx);
7082             break;
7083         case 3: /* L3 cache info */
7084             encode_cache_cpuid8000001d(env->cache_info_amd.l3_cache,
7085                                        &topo_info, eax, ebx, ecx, edx);
7086             break;
7087         default: /* end of info */
7088             *eax = *ebx = *ecx = *edx = 0;
7089             break;
7090         }
7091         if (cpu->amd_topoext_features_only) {
7092             *edx &= CACHE_NO_INVD_SHARING | CACHE_INCLUSIVE;
7093         }
7094         break;
7095     case 0x8000001E:
7096         if (cpu->core_id <= 255) {
7097             encode_topo_cpuid8000001e(cpu, &topo_info, eax, ebx, ecx, edx);
7098         } else {
7099             *eax = 0;
7100             *ebx = 0;
7101             *ecx = 0;
7102             *edx = 0;
7103         }
7104         break;
7105     case 0x80000022:
7106         *eax = *ebx = *ecx = *edx = 0;
7107         /* AMD Extended Performance Monitoring and Debug */
7108         if (kvm_enabled() && cpu->enable_pmu &&
7109             (env->features[FEAT_8000_0022_EAX] & CPUID_8000_0022_EAX_PERFMON_V2)) {
7110             *eax |= CPUID_8000_0022_EAX_PERFMON_V2;
7111             *ebx |= kvm_arch_get_supported_cpuid(cs->kvm_state, index, count,
7112                                                  R_EBX) & 0xf;
7113         }
7114         break;
7115     case 0xC0000000:
7116         *eax = env->cpuid_xlevel2;
7117         *ebx = 0;
7118         *ecx = 0;
7119         *edx = 0;
7120         break;
7121     case 0xC0000001:
7122         /* Support for VIA CPU's CPUID instruction */
7123         *eax = env->cpuid_version;
7124         *ebx = 0;
7125         *ecx = 0;
7126         *edx = env->features[FEAT_C000_0001_EDX];
7127         break;
7128     case 0xC0000002:
7129     case 0xC0000003:
7130     case 0xC0000004:
7131         /* Reserved for the future, and now filled with zero */
7132         *eax = 0;
7133         *ebx = 0;
7134         *ecx = 0;
7135         *edx = 0;
7136         break;
7137     case 0x8000001F:
7138         *eax = *ebx = *ecx = *edx = 0;
7139         if (sev_enabled()) {
7140             *eax = 0x2;
7141             *eax |= sev_es_enabled() ? 0x8 : 0;
7142             *eax |= sev_snp_enabled() ? 0x10 : 0;
7143             *ebx = sev_get_cbit_position() & 0x3f; /* EBX[5:0] */
7144             *ebx |= (sev_get_reduced_phys_bits() & 0x3f) << 6; /* EBX[11:6] */
7145         }
7146         break;
7147     case 0x80000021:
7148         *eax = *ebx = *ecx = *edx = 0;
7149         *eax = env->features[FEAT_8000_0021_EAX];
7150         *ebx = env->features[FEAT_8000_0021_EBX];
7151         break;
7152     default:
7153         /* reserved values: zero */
7154         *eax = 0;
7155         *ebx = 0;
7156         *ecx = 0;
7157         *edx = 0;
7158         break;
7159     }
7160 }
7161 
7162 static void x86_cpu_set_sgxlepubkeyhash(CPUX86State *env)
7163 {
7164 #ifndef CONFIG_USER_ONLY
7165     /* Those default values are defined in Skylake HW */
7166     env->msr_ia32_sgxlepubkeyhash[0] = 0xa6053e051270b7acULL;
7167     env->msr_ia32_sgxlepubkeyhash[1] = 0x6cfbe8ba8b3b413dULL;
7168     env->msr_ia32_sgxlepubkeyhash[2] = 0xc4916d99f2b3735dULL;
7169     env->msr_ia32_sgxlepubkeyhash[3] = 0xd4f8c05909f9bb3bULL;
7170 #endif
7171 }
7172 
7173 static bool cpuid_has_xsave_feature(CPUX86State *env, const ExtSaveArea *esa)
7174 {
7175     if (!esa->size) {
7176         return false;
7177     }
7178 
7179     if (env->features[esa->feature] & esa->bits) {
7180         return true;
7181     }
7182     if (esa->feature == FEAT_7_0_EBX && esa->bits == CPUID_7_0_EBX_AVX512F
7183         && (env->features[FEAT_7_1_EDX] & CPUID_7_1_EDX_AVX10)) {
7184         return true;
7185     }
7186 
7187     return false;
7188 }
7189 
7190 static void x86_cpu_reset_hold(Object *obj, ResetType type)
7191 {
7192     CPUState *cs = CPU(obj);
7193     X86CPU *cpu = X86_CPU(cs);
7194     X86CPUClass *xcc = X86_CPU_GET_CLASS(obj);
7195     CPUX86State *env = &cpu->env;
7196     target_ulong cr4;
7197     uint64_t xcr0;
7198     int i;
7199 
7200     if (xcc->parent_phases.hold) {
7201         xcc->parent_phases.hold(obj, type);
7202     }
7203 
7204     memset(env, 0, offsetof(CPUX86State, end_reset_fields));
7205 
7206     if (tcg_enabled()) {
7207         cpu_init_fp_statuses(env);
7208     }
7209 
7210     env->old_exception = -1;
7211 
7212     /* init to reset state */
7213     env->int_ctl = 0;
7214     env->hflags2 |= HF2_GIF_MASK;
7215     env->hflags2 |= HF2_VGIF_MASK;
7216     env->hflags &= ~HF_GUEST_MASK;
7217 
7218     cpu_x86_update_cr0(env, 0x60000010);
7219     env->a20_mask = ~0x0;
7220     env->smbase = 0x30000;
7221     env->msr_smi_count = 0;
7222 
7223     env->idt.limit = 0xffff;
7224     env->gdt.limit = 0xffff;
7225     env->ldt.limit = 0xffff;
7226     env->ldt.flags = DESC_P_MASK | (2 << DESC_TYPE_SHIFT);
7227     env->tr.limit = 0xffff;
7228     env->tr.flags = DESC_P_MASK | (11 << DESC_TYPE_SHIFT);
7229 
7230     cpu_x86_load_seg_cache(env, R_CS, 0xf000, 0xffff0000, 0xffff,
7231                            DESC_P_MASK | DESC_S_MASK | DESC_CS_MASK |
7232                            DESC_R_MASK | DESC_A_MASK);
7233     cpu_x86_load_seg_cache(env, R_DS, 0, 0, 0xffff,
7234                            DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
7235                            DESC_A_MASK);
7236     cpu_x86_load_seg_cache(env, R_ES, 0, 0, 0xffff,
7237                            DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
7238                            DESC_A_MASK);
7239     cpu_x86_load_seg_cache(env, R_SS, 0, 0, 0xffff,
7240                            DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
7241                            DESC_A_MASK);
7242     cpu_x86_load_seg_cache(env, R_FS, 0, 0, 0xffff,
7243                            DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
7244                            DESC_A_MASK);
7245     cpu_x86_load_seg_cache(env, R_GS, 0, 0, 0xffff,
7246                            DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
7247                            DESC_A_MASK);
7248 
7249     env->eip = 0xfff0;
7250     env->regs[R_EDX] = env->cpuid_version;
7251 
7252     env->eflags = 0x2;
7253 
7254     /* FPU init */
7255     for (i = 0; i < 8; i++) {
7256         env->fptags[i] = 1;
7257     }
7258     cpu_set_fpuc(env, 0x37f);
7259 
7260     env->mxcsr = 0x1f80;
7261     /* All units are in INIT state.  */
7262     env->xstate_bv = 0;
7263 
7264     env->pat = 0x0007040600070406ULL;
7265 
7266     if (kvm_enabled()) {
7267         /*
7268          * KVM handles TSC = 0 specially and thinks we are hot-plugging
7269          * a new CPU, use 1 instead to force a reset.
7270          */
7271         if (env->tsc != 0) {
7272             env->tsc = 1;
7273         }
7274     } else {
7275         env->tsc = 0;
7276     }
7277 
7278     env->msr_ia32_misc_enable = MSR_IA32_MISC_ENABLE_DEFAULT;
7279     if (env->features[FEAT_1_ECX] & CPUID_EXT_MONITOR) {
7280         env->msr_ia32_misc_enable |= MSR_IA32_MISC_ENABLE_MWAIT;
7281     }
7282 
7283     memset(env->dr, 0, sizeof(env->dr));
7284     env->dr[6] = DR6_FIXED_1;
7285     env->dr[7] = DR7_FIXED_1;
7286     cpu_breakpoint_remove_all(cs, BP_CPU);
7287     cpu_watchpoint_remove_all(cs, BP_CPU);
7288 
7289     cr4 = 0;
7290     xcr0 = XSTATE_FP_MASK;
7291 
7292 #ifdef CONFIG_USER_ONLY
7293     /* Enable all the features for user-mode.  */
7294     if (env->features[FEAT_1_EDX] & CPUID_SSE) {
7295         xcr0 |= XSTATE_SSE_MASK;
7296     }
7297     for (i = 2; i < ARRAY_SIZE(x86_ext_save_areas); i++) {
7298         const ExtSaveArea *esa = &x86_ext_save_areas[i];
7299         if (!((1 << i) & CPUID_XSTATE_XCR0_MASK)) {
7300             continue;
7301         }
7302         if (cpuid_has_xsave_feature(env, esa)) {
7303             xcr0 |= 1ull << i;
7304         }
7305     }
7306 
7307     if (env->features[FEAT_1_ECX] & CPUID_EXT_XSAVE) {
7308         cr4 |= CR4_OSFXSR_MASK | CR4_OSXSAVE_MASK;
7309     }
7310     if (env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_FSGSBASE) {
7311         cr4 |= CR4_FSGSBASE_MASK;
7312     }
7313 #endif
7314 
7315     env->xcr0 = xcr0;
7316     cpu_x86_update_cr4(env, cr4);
7317 
7318     /*
7319      * SDM 11.11.5 requires:
7320      *  - IA32_MTRR_DEF_TYPE MSR.E = 0
7321      *  - IA32_MTRR_PHYSMASKn.V = 0
7322      * All other bits are undefined.  For simplification, zero it all.
7323      */
7324     env->mtrr_deftype = 0;
7325     memset(env->mtrr_var, 0, sizeof(env->mtrr_var));
7326     memset(env->mtrr_fixed, 0, sizeof(env->mtrr_fixed));
7327 
7328     env->interrupt_injected = -1;
7329     env->exception_nr = -1;
7330     env->exception_pending = 0;
7331     env->exception_injected = 0;
7332     env->exception_has_payload = false;
7333     env->exception_payload = 0;
7334     env->nmi_injected = false;
7335     env->triple_fault_pending = false;
7336 #if !defined(CONFIG_USER_ONLY)
7337     /* We hard-wire the BSP to the first CPU. */
7338     apic_designate_bsp(cpu->apic_state, cs->cpu_index == 0);
7339 
7340     cs->halted = !cpu_is_bsp(cpu);
7341 
7342     if (kvm_enabled()) {
7343         kvm_arch_reset_vcpu(cpu);
7344     }
7345 
7346     x86_cpu_set_sgxlepubkeyhash(env);
7347 
7348     env->amd_tsc_scale_msr =  MSR_AMD64_TSC_RATIO_DEFAULT;
7349 
7350 #endif
7351 }
7352 
7353 void x86_cpu_after_reset(X86CPU *cpu)
7354 {
7355 #ifndef CONFIG_USER_ONLY
7356     if (kvm_enabled()) {
7357         kvm_arch_after_reset_vcpu(cpu);
7358     }
7359 
7360     if (cpu->apic_state) {
7361         device_cold_reset(cpu->apic_state);
7362     }
7363 #endif
7364 }
7365 
7366 static void mce_init(X86CPU *cpu)
7367 {
7368     CPUX86State *cenv = &cpu->env;
7369     unsigned int bank;
7370 
7371     if (((cenv->cpuid_version >> 8) & 0xf) >= 6
7372         && (cenv->features[FEAT_1_EDX] & (CPUID_MCE | CPUID_MCA)) ==
7373             (CPUID_MCE | CPUID_MCA)) {
7374         cenv->mcg_cap = MCE_CAP_DEF | MCE_BANKS_DEF |
7375                         (cpu->enable_lmce ? MCG_LMCE_P : 0);
7376         cenv->mcg_ctl = ~(uint64_t)0;
7377         for (bank = 0; bank < MCE_BANKS_DEF; bank++) {
7378             cenv->mce_banks[bank * 4] = ~(uint64_t)0;
7379         }
7380     }
7381 }
7382 
7383 static void x86_cpu_adjust_level(X86CPU *cpu, uint32_t *min, uint32_t value)
7384 {
7385     if (*min < value) {
7386         *min = value;
7387     }
7388 }
7389 
7390 /* Increase cpuid_min_{level,xlevel,xlevel2} automatically, if appropriate */
7391 static void x86_cpu_adjust_feat_level(X86CPU *cpu, FeatureWord w)
7392 {
7393     CPUX86State *env = &cpu->env;
7394     FeatureWordInfo *fi = &feature_word_info[w];
7395     uint32_t eax = fi->cpuid.eax;
7396     uint32_t region = eax & 0xF0000000;
7397 
7398     assert(feature_word_info[w].type == CPUID_FEATURE_WORD);
7399     if (!env->features[w]) {
7400         return;
7401     }
7402 
7403     switch (region) {
7404     case 0x00000000:
7405         x86_cpu_adjust_level(cpu, &env->cpuid_min_level, eax);
7406     break;
7407     case 0x80000000:
7408         x86_cpu_adjust_level(cpu, &env->cpuid_min_xlevel, eax);
7409     break;
7410     case 0xC0000000:
7411         x86_cpu_adjust_level(cpu, &env->cpuid_min_xlevel2, eax);
7412     break;
7413     }
7414 
7415     if (eax == 7) {
7416         x86_cpu_adjust_level(cpu, &env->cpuid_min_level_func7,
7417                              fi->cpuid.ecx);
7418     }
7419 }
7420 
7421 /* Calculate XSAVE components based on the configured CPU feature flags */
7422 static void x86_cpu_enable_xsave_components(X86CPU *cpu)
7423 {
7424     CPUX86State *env = &cpu->env;
7425     int i;
7426     uint64_t mask;
7427     static bool request_perm;
7428 
7429     if (!(env->features[FEAT_1_ECX] & CPUID_EXT_XSAVE)) {
7430         env->features[FEAT_XSAVE_XCR0_LO] = 0;
7431         env->features[FEAT_XSAVE_XCR0_HI] = 0;
7432         env->features[FEAT_XSAVE_XSS_LO] = 0;
7433         env->features[FEAT_XSAVE_XSS_HI] = 0;
7434         return;
7435     }
7436 
7437     mask = 0;
7438     for (i = 0; i < ARRAY_SIZE(x86_ext_save_areas); i++) {
7439         const ExtSaveArea *esa = &x86_ext_save_areas[i];
7440         if (cpuid_has_xsave_feature(env, esa)) {
7441             mask |= (1ULL << i);
7442         }
7443     }
7444 
7445     /* Only request permission for first vcpu */
7446     if (kvm_enabled() && !request_perm) {
7447         kvm_request_xsave_components(cpu, mask);
7448         request_perm = true;
7449     }
7450 
7451     env->features[FEAT_XSAVE_XCR0_LO] = mask & CPUID_XSTATE_XCR0_MASK;
7452     env->features[FEAT_XSAVE_XCR0_HI] = (mask & CPUID_XSTATE_XCR0_MASK) >> 32;
7453     env->features[FEAT_XSAVE_XSS_LO] = mask & CPUID_XSTATE_XSS_MASK;
7454     env->features[FEAT_XSAVE_XSS_HI] = (mask & CPUID_XSTATE_XSS_MASK) >> 32;
7455 }
7456 
7457 /***** Steps involved on loading and filtering CPUID data
7458  *
7459  * When initializing and realizing a CPU object, the steps
7460  * involved in setting up CPUID data are:
7461  *
7462  * 1) Loading CPU model definition (X86CPUDefinition). This is
7463  *    implemented by x86_cpu_load_model() and should be completely
7464  *    transparent, as it is done automatically by instance_init.
7465  *    No code should need to look at X86CPUDefinition structs
7466  *    outside instance_init.
7467  *
7468  * 2) CPU expansion. This is done by realize before CPUID
7469  *    filtering, and will make sure host/accelerator data is
7470  *    loaded for CPU models that depend on host capabilities
7471  *    (e.g. "host"). Done by x86_cpu_expand_features().
7472  *
7473  * 3) CPUID filtering. This initializes extra data related to
7474  *    CPUID, and checks if the host supports all capabilities
7475  *    required by the CPU. Runnability of a CPU model is
7476  *    determined at this step. Done by x86_cpu_filter_features().
7477  *
7478  * Some operations don't require all steps to be performed.
7479  * More precisely:
7480  *
7481  * - CPU instance creation (instance_init) will run only CPU
7482  *   model loading. CPU expansion can't run at instance_init-time
7483  *   because host/accelerator data may be not available yet.
7484  * - CPU realization will perform both CPU model expansion and CPUID
7485  *   filtering, and return an error in case one of them fails.
7486  * - query-cpu-definitions needs to run all 3 steps. It needs
7487  *   to run CPUID filtering, as the 'unavailable-features'
7488  *   field is set based on the filtering results.
7489  * - The query-cpu-model-expansion QMP command only needs to run
7490  *   CPU model loading and CPU expansion. It should not filter
7491  *   any CPUID data based on host capabilities.
7492  */
7493 
7494 /* Expand CPU configuration data, based on configured features
7495  * and host/accelerator capabilities when appropriate.
7496  */
7497 void x86_cpu_expand_features(X86CPU *cpu, Error **errp)
7498 {
7499     CPUX86State *env = &cpu->env;
7500     FeatureWord w;
7501     int i;
7502     GList *l;
7503 
7504     for (l = plus_features; l; l = l->next) {
7505         const char *prop = l->data;
7506         if (!object_property_set_bool(OBJECT(cpu), prop, true, errp)) {
7507             return;
7508         }
7509     }
7510 
7511     for (l = minus_features; l; l = l->next) {
7512         const char *prop = l->data;
7513         if (!object_property_set_bool(OBJECT(cpu), prop, false, errp)) {
7514             return;
7515         }
7516     }
7517 
7518     /*TODO: Now cpu->max_features doesn't overwrite features
7519      * set using QOM properties, and we can convert
7520      * plus_features & minus_features to global properties
7521      * inside x86_cpu_parse_featurestr() too.
7522      */
7523     if (cpu->max_features) {
7524         for (w = 0; w < FEATURE_WORDS; w++) {
7525             /* Override only features that weren't set explicitly
7526              * by the user.
7527              */
7528             env->features[w] |=
7529                 x86_cpu_get_supported_feature_word(cpu, w) &
7530                 ~env->user_features[w] &
7531                 ~feature_word_info[w].no_autoenable_flags;
7532         }
7533 
7534         if ((env->features[FEAT_7_1_EDX] & CPUID_7_1_EDX_AVX10) && !env->avx10_version) {
7535             uint32_t eax, ebx, ecx, edx;
7536             x86_cpu_get_supported_cpuid(0x24, 0, &eax, &ebx, &ecx, &edx);
7537             env->avx10_version = ebx & 0xff;
7538         }
7539     }
7540 
7541     for (i = 0; i < ARRAY_SIZE(feature_dependencies); i++) {
7542         FeatureDep *d = &feature_dependencies[i];
7543         if (!(env->features[d->from.index] & d->from.mask)) {
7544             uint64_t unavailable_features = env->features[d->to.index] & d->to.mask;
7545 
7546             /* Not an error unless the dependent feature was added explicitly.  */
7547             mark_unavailable_features(cpu, d->to.index,
7548                                       unavailable_features & env->user_features[d->to.index],
7549                                       "This feature depends on other features that were not requested");
7550 
7551             env->features[d->to.index] &= ~unavailable_features;
7552         }
7553     }
7554 
7555     if (!kvm_enabled() || !cpu->expose_kvm) {
7556         env->features[FEAT_KVM] = 0;
7557     }
7558 
7559     x86_cpu_enable_xsave_components(cpu);
7560 
7561     /* CPUID[EAX=7,ECX=0].EBX always increased level automatically: */
7562     x86_cpu_adjust_feat_level(cpu, FEAT_7_0_EBX);
7563     if (cpu->full_cpuid_auto_level) {
7564         x86_cpu_adjust_feat_level(cpu, FEAT_1_EDX);
7565         x86_cpu_adjust_feat_level(cpu, FEAT_1_ECX);
7566         x86_cpu_adjust_feat_level(cpu, FEAT_6_EAX);
7567         x86_cpu_adjust_feat_level(cpu, FEAT_7_0_ECX);
7568         x86_cpu_adjust_feat_level(cpu, FEAT_7_1_EAX);
7569         x86_cpu_adjust_feat_level(cpu, FEAT_7_1_EDX);
7570         x86_cpu_adjust_feat_level(cpu, FEAT_7_2_EDX);
7571         x86_cpu_adjust_feat_level(cpu, FEAT_8000_0001_EDX);
7572         x86_cpu_adjust_feat_level(cpu, FEAT_8000_0001_ECX);
7573         x86_cpu_adjust_feat_level(cpu, FEAT_8000_0007_EDX);
7574         x86_cpu_adjust_feat_level(cpu, FEAT_8000_0008_EBX);
7575         x86_cpu_adjust_feat_level(cpu, FEAT_C000_0001_EDX);
7576         x86_cpu_adjust_feat_level(cpu, FEAT_SVM);
7577         x86_cpu_adjust_feat_level(cpu, FEAT_XSAVE);
7578 
7579         /* Intel Processor Trace requires CPUID[0x14] */
7580         if ((env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_INTEL_PT)) {
7581             if (cpu->intel_pt_auto_level) {
7582                 x86_cpu_adjust_level(cpu, &cpu->env.cpuid_min_level, 0x14);
7583             } else if (cpu->env.cpuid_min_level < 0x14) {
7584                 mark_unavailable_features(cpu, FEAT_7_0_EBX,
7585                     CPUID_7_0_EBX_INTEL_PT,
7586                     "Intel PT need CPUID leaf 0x14, please set by \"-cpu ...,intel-pt=on,min-level=0x14\"");
7587             }
7588         }
7589 
7590         /*
7591          * Intel CPU topology with multi-dies support requires CPUID[0x1F].
7592          * For AMD Rome/Milan, cpuid level is 0x10, and guest OS should detect
7593          * extended toplogy by leaf 0xB. Only adjust it for Intel CPU, unless
7594          * cpu->vendor_cpuid_only has been unset for compatibility with older
7595          * machine types.
7596          */
7597         if (x86_has_extended_topo(env->avail_cpu_topo) &&
7598             (IS_INTEL_CPU(env) || !cpu->vendor_cpuid_only)) {
7599             x86_cpu_adjust_level(cpu, &env->cpuid_min_level, 0x1F);
7600         }
7601 
7602         /* Advanced Vector Extensions 10 (AVX10) requires CPUID[0x24] */
7603         if (env->features[FEAT_7_1_EDX] & CPUID_7_1_EDX_AVX10) {
7604             x86_cpu_adjust_level(cpu, &env->cpuid_min_level, 0x24);
7605         }
7606 
7607         /* SVM requires CPUID[0x8000000A] */
7608         if (env->features[FEAT_8000_0001_ECX] & CPUID_EXT3_SVM) {
7609             x86_cpu_adjust_level(cpu, &env->cpuid_min_xlevel, 0x8000000A);
7610         }
7611 
7612         /* SEV requires CPUID[0x8000001F] */
7613         if (sev_enabled()) {
7614             x86_cpu_adjust_level(cpu, &env->cpuid_min_xlevel, 0x8000001F);
7615         }
7616 
7617         if (env->features[FEAT_8000_0021_EAX]) {
7618             x86_cpu_adjust_level(cpu, &env->cpuid_min_xlevel, 0x80000021);
7619         }
7620 
7621         /* SGX requires CPUID[0x12] for EPC enumeration */
7622         if (env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_SGX) {
7623             x86_cpu_adjust_level(cpu, &env->cpuid_min_level, 0x12);
7624         }
7625     }
7626 
7627     /* Set cpuid_*level* based on cpuid_min_*level, if not explicitly set */
7628     if (env->cpuid_level_func7 == UINT32_MAX) {
7629         env->cpuid_level_func7 = env->cpuid_min_level_func7;
7630     }
7631     if (env->cpuid_level == UINT32_MAX) {
7632         env->cpuid_level = env->cpuid_min_level;
7633     }
7634     if (env->cpuid_xlevel == UINT32_MAX) {
7635         env->cpuid_xlevel = env->cpuid_min_xlevel;
7636     }
7637     if (env->cpuid_xlevel2 == UINT32_MAX) {
7638         env->cpuid_xlevel2 = env->cpuid_min_xlevel2;
7639     }
7640 
7641     if (kvm_enabled() && !kvm_hyperv_expand_features(cpu, errp)) {
7642         return;
7643     }
7644 }
7645 
7646 /*
7647  * Finishes initialization of CPUID data, filters CPU feature
7648  * words based on host availability of each feature.
7649  *
7650  * Returns: true if any flag is not supported by the host, false otherwise.
7651  */
7652 static bool x86_cpu_filter_features(X86CPU *cpu, bool verbose)
7653 {
7654     CPUX86State *env = &cpu->env;
7655     FeatureWord w;
7656     const char *prefix = NULL;
7657     bool have_filtered_features;
7658 
7659     uint32_t eax_0, ebx_0, ecx_0, edx_0;
7660     uint32_t eax_1, ebx_1, ecx_1, edx_1;
7661 
7662     if (verbose) {
7663         prefix = accel_uses_host_cpuid()
7664                  ? "host doesn't support requested feature"
7665                  : "TCG doesn't support requested feature";
7666     }
7667 
7668     for (w = 0; w < FEATURE_WORDS; w++) {
7669         uint64_t host_feat =
7670             x86_cpu_get_supported_feature_word(NULL, w);
7671         uint64_t requested_features = env->features[w];
7672         uint64_t unavailable_features = requested_features & ~host_feat;
7673         mark_unavailable_features(cpu, w, unavailable_features, prefix);
7674     }
7675 
7676     /*
7677      * Check that KVM actually allows the processor tracing features that
7678      * are advertised by cpu_x86_cpuid().  Keep these two in sync.
7679      */
7680     if ((env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_INTEL_PT) &&
7681         kvm_enabled()) {
7682         x86_cpu_get_supported_cpuid(0x14, 0,
7683                                     &eax_0, &ebx_0, &ecx_0, &edx_0);
7684         x86_cpu_get_supported_cpuid(0x14, 1,
7685                                     &eax_1, &ebx_1, &ecx_1, &edx_1);
7686 
7687         if (!eax_0 ||
7688            ((ebx_0 & INTEL_PT_MINIMAL_EBX) != INTEL_PT_MINIMAL_EBX) ||
7689            ((ecx_0 & INTEL_PT_MINIMAL_ECX) != INTEL_PT_MINIMAL_ECX) ||
7690            ((eax_1 & INTEL_PT_MTC_BITMAP) != INTEL_PT_MTC_BITMAP) ||
7691            ((eax_1 & INTEL_PT_ADDR_RANGES_NUM_MASK) <
7692                                            INTEL_PT_ADDR_RANGES_NUM) ||
7693            ((ebx_1 & (INTEL_PT_PSB_BITMAP | INTEL_PT_CYCLE_BITMAP)) !=
7694                 (INTEL_PT_PSB_BITMAP | INTEL_PT_CYCLE_BITMAP)) ||
7695            ((ecx_0 & CPUID_14_0_ECX_LIP) !=
7696                 (env->features[FEAT_14_0_ECX] & CPUID_14_0_ECX_LIP))) {
7697             /*
7698              * Processor Trace capabilities aren't configurable, so if the
7699              * host can't emulate the capabilities we report on
7700              * cpu_x86_cpuid(), intel-pt can't be enabled on the current host.
7701              */
7702             mark_unavailable_features(cpu, FEAT_7_0_EBX, CPUID_7_0_EBX_INTEL_PT, prefix);
7703         }
7704     }
7705 
7706     have_filtered_features = x86_cpu_have_filtered_features(cpu);
7707 
7708     if (env->features[FEAT_7_1_EDX] & CPUID_7_1_EDX_AVX10) {
7709         x86_cpu_get_supported_cpuid(0x24, 0,
7710                                     &eax_0, &ebx_0, &ecx_0, &edx_0);
7711         uint8_t version = ebx_0 & 0xff;
7712 
7713         if (version < env->avx10_version) {
7714             if (prefix) {
7715                 warn_report("%s: avx10.%d. Adjust to avx10.%d",
7716                             prefix, env->avx10_version, version);
7717             }
7718             env->avx10_version = version;
7719             have_filtered_features = true;
7720         }
7721     } else if (env->avx10_version && prefix) {
7722         warn_report("%s: avx10.%d.", prefix, env->avx10_version);
7723         have_filtered_features = true;
7724     }
7725 
7726     return have_filtered_features;
7727 }
7728 
7729 static void x86_cpu_hyperv_realize(X86CPU *cpu)
7730 {
7731     size_t len;
7732 
7733     /* Hyper-V vendor id */
7734     if (!cpu->hyperv_vendor) {
7735         object_property_set_str(OBJECT(cpu), "hv-vendor-id", "Microsoft Hv",
7736                                 &error_abort);
7737     }
7738     len = strlen(cpu->hyperv_vendor);
7739     if (len > 12) {
7740         warn_report("hv-vendor-id truncated to 12 characters");
7741         len = 12;
7742     }
7743     memset(cpu->hyperv_vendor_id, 0, 12);
7744     memcpy(cpu->hyperv_vendor_id, cpu->hyperv_vendor, len);
7745 
7746     /* 'Hv#1' interface identification*/
7747     cpu->hyperv_interface_id[0] = 0x31237648;
7748     cpu->hyperv_interface_id[1] = 0;
7749     cpu->hyperv_interface_id[2] = 0;
7750     cpu->hyperv_interface_id[3] = 0;
7751 
7752     /* Hypervisor implementation limits */
7753     cpu->hyperv_limits[0] = 64;
7754     cpu->hyperv_limits[1] = 0;
7755     cpu->hyperv_limits[2] = 0;
7756 }
7757 
7758 static void x86_cpu_realizefn(DeviceState *dev, Error **errp)
7759 {
7760     CPUState *cs = CPU(dev);
7761     X86CPU *cpu = X86_CPU(dev);
7762     X86CPUClass *xcc = X86_CPU_GET_CLASS(dev);
7763     CPUX86State *env = &cpu->env;
7764     Error *local_err = NULL;
7765     unsigned requested_lbr_fmt;
7766 
7767 #if defined(CONFIG_TCG) && !defined(CONFIG_USER_ONLY)
7768     /* Use pc-relative instructions in system-mode */
7769     tcg_cflags_set(cs, CF_PCREL);
7770 #endif
7771 
7772     if (cpu->apic_id == UNASSIGNED_APIC_ID) {
7773         error_setg(errp, "apic-id property was not initialized properly");
7774         return;
7775     }
7776 
7777     /*
7778      * Process Hyper-V enlightenments.
7779      * Note: this currently has to happen before the expansion of CPU features.
7780      */
7781     x86_cpu_hyperv_realize(cpu);
7782 
7783     x86_cpu_expand_features(cpu, &local_err);
7784     if (local_err) {
7785         goto out;
7786     }
7787 
7788     /*
7789      * Override env->features[FEAT_PERF_CAPABILITIES].LBR_FMT
7790      * with user-provided setting.
7791      */
7792     if (cpu->lbr_fmt != ~PERF_CAP_LBR_FMT) {
7793         if ((cpu->lbr_fmt & PERF_CAP_LBR_FMT) != cpu->lbr_fmt) {
7794             error_setg(errp, "invalid lbr-fmt");
7795             return;
7796         }
7797         env->features[FEAT_PERF_CAPABILITIES] &= ~PERF_CAP_LBR_FMT;
7798         env->features[FEAT_PERF_CAPABILITIES] |= cpu->lbr_fmt;
7799     }
7800 
7801     /*
7802      * vPMU LBR is supported when 1) KVM is enabled 2) Option pmu=on and
7803      * 3)vPMU LBR format matches that of host setting.
7804      */
7805     requested_lbr_fmt =
7806         env->features[FEAT_PERF_CAPABILITIES] & PERF_CAP_LBR_FMT;
7807     if (requested_lbr_fmt && kvm_enabled()) {
7808         uint64_t host_perf_cap =
7809             x86_cpu_get_supported_feature_word(NULL, FEAT_PERF_CAPABILITIES);
7810         unsigned host_lbr_fmt = host_perf_cap & PERF_CAP_LBR_FMT;
7811 
7812         if (!cpu->enable_pmu) {
7813             error_setg(errp, "vPMU: LBR is unsupported without pmu=on");
7814             return;
7815         }
7816         if (requested_lbr_fmt != host_lbr_fmt) {
7817             error_setg(errp, "vPMU: the lbr-fmt value (0x%x) does not match "
7818                         "the host value (0x%x).",
7819                         requested_lbr_fmt, host_lbr_fmt);
7820             return;
7821         }
7822     }
7823 
7824     if (x86_cpu_filter_features(cpu, cpu->check_cpuid || cpu->enforce_cpuid)) {
7825         if (cpu->enforce_cpuid) {
7826             error_setg(&local_err,
7827                        accel_uses_host_cpuid() ?
7828                        "Host doesn't support requested features" :
7829                        "TCG doesn't support requested features");
7830             goto out;
7831         }
7832     }
7833 
7834     /* On AMD CPUs, some CPUID[8000_0001].EDX bits must match the bits on
7835      * CPUID[1].EDX.
7836      */
7837     if (IS_AMD_CPU(env)) {
7838         env->features[FEAT_8000_0001_EDX] &= ~CPUID_EXT2_AMD_ALIASES;
7839         env->features[FEAT_8000_0001_EDX] |= (env->features[FEAT_1_EDX]
7840            & CPUID_EXT2_AMD_ALIASES);
7841     }
7842 
7843     x86_cpu_set_sgxlepubkeyhash(env);
7844 
7845     /*
7846      * note: the call to the framework needs to happen after feature expansion,
7847      * but before the checks/modifications to ucode_rev, mwait, phys_bits.
7848      * These may be set by the accel-specific code,
7849      * and the results are subsequently checked / assumed in this function.
7850      */
7851     cpu_exec_realizefn(cs, &local_err);
7852     if (local_err != NULL) {
7853         error_propagate(errp, local_err);
7854         return;
7855     }
7856 
7857     if (xcc->host_cpuid_required && !accel_uses_host_cpuid()) {
7858         g_autofree char *name = x86_cpu_class_get_model_name(xcc);
7859         error_setg(&local_err, "CPU model '%s' requires KVM or HVF", name);
7860         goto out;
7861     }
7862 
7863     if (cpu->guest_phys_bits == -1) {
7864         /*
7865          * If it was not set by the user, or by the accelerator via
7866          * cpu_exec_realizefn, clear.
7867          */
7868         cpu->guest_phys_bits = 0;
7869     }
7870 
7871     if (cpu->ucode_rev == 0) {
7872         /*
7873          * The default is the same as KVM's. Note that this check
7874          * needs to happen after the evenual setting of ucode_rev in
7875          * accel-specific code in cpu_exec_realizefn.
7876          */
7877         if (IS_AMD_CPU(env)) {
7878             cpu->ucode_rev = 0x01000065;
7879         } else {
7880             cpu->ucode_rev = 0x100000000ULL;
7881         }
7882     }
7883 
7884     /*
7885      * mwait extended info: needed for Core compatibility
7886      * We always wake on interrupt even if host does not have the capability.
7887      *
7888      * requires the accel-specific code in cpu_exec_realizefn to
7889      * have already acquired the CPUID data into cpu->mwait.
7890      */
7891     cpu->mwait.ecx |= CPUID_MWAIT_EMX | CPUID_MWAIT_IBE;
7892 
7893     /* For 64bit systems think about the number of physical bits to present.
7894      * ideally this should be the same as the host; anything other than matching
7895      * the host can cause incorrect guest behaviour.
7896      * QEMU used to pick the magic value of 40 bits that corresponds to
7897      * consumer AMD devices but nothing else.
7898      *
7899      * Note that this code assumes features expansion has already been done
7900      * (as it checks for CPUID_EXT2_LM), and also assumes that potential
7901      * phys_bits adjustments to match the host have been already done in
7902      * accel-specific code in cpu_exec_realizefn.
7903      */
7904     if (env->features[FEAT_8000_0001_EDX] & CPUID_EXT2_LM) {
7905         if (cpu->phys_bits &&
7906             (cpu->phys_bits > TARGET_PHYS_ADDR_SPACE_BITS ||
7907             cpu->phys_bits < 32)) {
7908             error_setg(errp, "phys-bits should be between 32 and %u "
7909                              " (but is %u)",
7910                              TARGET_PHYS_ADDR_SPACE_BITS, cpu->phys_bits);
7911             return;
7912         }
7913         /*
7914          * 0 means it was not explicitly set by the user (or by machine
7915          * compat_props or by the host code in host-cpu.c).
7916          * In this case, the default is the value used by TCG (40).
7917          */
7918         if (cpu->phys_bits == 0) {
7919             cpu->phys_bits = TCG_PHYS_ADDR_BITS;
7920         }
7921         if (cpu->guest_phys_bits &&
7922             (cpu->guest_phys_bits > cpu->phys_bits ||
7923             cpu->guest_phys_bits < 32)) {
7924             error_setg(errp, "guest-phys-bits should be between 32 and %u "
7925                              " (but is %u)",
7926                              cpu->phys_bits, cpu->guest_phys_bits);
7927             return;
7928         }
7929     } else {
7930         /* For 32 bit systems don't use the user set value, but keep
7931          * phys_bits consistent with what we tell the guest.
7932          */
7933         if (cpu->phys_bits != 0) {
7934             error_setg(errp, "phys-bits is not user-configurable in 32 bit");
7935             return;
7936         }
7937         if (cpu->guest_phys_bits != 0) {
7938             error_setg(errp, "guest-phys-bits is not user-configurable in 32 bit");
7939             return;
7940         }
7941 
7942         if (env->features[FEAT_1_EDX] & (CPUID_PSE36 | CPUID_PAE)) {
7943             cpu->phys_bits = 36;
7944         } else {
7945             cpu->phys_bits = 32;
7946         }
7947     }
7948 
7949     /* Cache information initialization */
7950     if (!cpu->legacy_cache) {
7951         const CPUCaches *cache_info =
7952             x86_cpu_get_versioned_cache_info(cpu, xcc->model);
7953 
7954         if (!xcc->model || !cache_info) {
7955             g_autofree char *name = x86_cpu_class_get_model_name(xcc);
7956             error_setg(errp,
7957                        "CPU model '%s' doesn't support legacy-cache=off", name);
7958             return;
7959         }
7960         env->cache_info_cpuid2 = env->cache_info_cpuid4 = env->cache_info_amd =
7961             *cache_info;
7962     } else {
7963         /* Build legacy cache information */
7964         env->cache_info_cpuid2.l1d_cache = &legacy_l1d_cache;
7965         env->cache_info_cpuid2.l1i_cache = &legacy_l1i_cache;
7966         env->cache_info_cpuid2.l2_cache = &legacy_l2_cache_cpuid2;
7967         env->cache_info_cpuid2.l3_cache = &legacy_l3_cache;
7968 
7969         env->cache_info_cpuid4.l1d_cache = &legacy_l1d_cache;
7970         env->cache_info_cpuid4.l1i_cache = &legacy_l1i_cache;
7971         env->cache_info_cpuid4.l2_cache = &legacy_l2_cache;
7972         env->cache_info_cpuid4.l3_cache = &legacy_l3_cache;
7973 
7974         env->cache_info_amd.l1d_cache = &legacy_l1d_cache_amd;
7975         env->cache_info_amd.l1i_cache = &legacy_l1i_cache_amd;
7976         env->cache_info_amd.l2_cache = &legacy_l2_cache_amd;
7977         env->cache_info_amd.l3_cache = &legacy_l3_cache;
7978     }
7979 
7980 #ifndef CONFIG_USER_ONLY
7981     MachineState *ms = MACHINE(qdev_get_machine());
7982     qemu_register_reset(x86_cpu_machine_reset_cb, cpu);
7983 
7984     if (cpu->env.features[FEAT_1_EDX] & CPUID_APIC || ms->smp.cpus > 1) {
7985         x86_cpu_apic_create(cpu, &local_err);
7986         if (local_err != NULL) {
7987             goto out;
7988         }
7989     }
7990 #endif
7991 
7992     mce_init(cpu);
7993 
7994     x86_cpu_gdb_init(cs);
7995     qemu_init_vcpu(cs);
7996 
7997     /*
7998      * Most Intel and certain AMD CPUs support hyperthreading. Even though QEMU
7999      * fixes this issue by adjusting CPUID_0000_0001_EBX and CPUID_8000_0008_ECX
8000      * based on inputs (sockets,cores,threads), it is still better to give
8001      * users a warning.
8002      *
8003      * NOTE: the following code has to follow qemu_init_vcpu(). Otherwise
8004      * cs->nr_threads hasn't be populated yet and the checking is incorrect.
8005      */
8006     if (IS_AMD_CPU(env) &&
8007         !(env->features[FEAT_8000_0001_ECX] & CPUID_EXT3_TOPOEXT) &&
8008         cs->nr_threads > 1) {
8009             warn_report_once("This family of AMD CPU doesn't support "
8010                              "hyperthreading(%d). Please configure -smp "
8011                              "options properly or try enabling topoext "
8012                              "feature.", cs->nr_threads);
8013     }
8014 
8015 #ifndef CONFIG_USER_ONLY
8016     x86_cpu_apic_realize(cpu, &local_err);
8017     if (local_err != NULL) {
8018         goto out;
8019     }
8020 #endif /* !CONFIG_USER_ONLY */
8021     cpu_reset(cs);
8022 
8023     xcc->parent_realize(dev, &local_err);
8024 
8025 out:
8026     if (local_err != NULL) {
8027         error_propagate(errp, local_err);
8028         return;
8029     }
8030 }
8031 
8032 static void x86_cpu_unrealizefn(DeviceState *dev)
8033 {
8034     X86CPU *cpu = X86_CPU(dev);
8035     X86CPUClass *xcc = X86_CPU_GET_CLASS(dev);
8036 
8037 #ifndef CONFIG_USER_ONLY
8038     cpu_remove_sync(CPU(dev));
8039     qemu_unregister_reset(x86_cpu_machine_reset_cb, dev);
8040 #endif
8041 
8042     if (cpu->apic_state) {
8043         object_unparent(OBJECT(cpu->apic_state));
8044         cpu->apic_state = NULL;
8045     }
8046 
8047     xcc->parent_unrealize(dev);
8048 }
8049 
8050 typedef struct BitProperty {
8051     FeatureWord w;
8052     uint64_t mask;
8053 } BitProperty;
8054 
8055 static void x86_cpu_get_bit_prop(Object *obj, Visitor *v, const char *name,
8056                                  void *opaque, Error **errp)
8057 {
8058     X86CPU *cpu = X86_CPU(obj);
8059     BitProperty *fp = opaque;
8060     uint64_t f = cpu->env.features[fp->w];
8061     bool value = (f & fp->mask) == fp->mask;
8062     visit_type_bool(v, name, &value, errp);
8063 }
8064 
8065 static void x86_cpu_set_bit_prop(Object *obj, Visitor *v, const char *name,
8066                                  void *opaque, Error **errp)
8067 {
8068     DeviceState *dev = DEVICE(obj);
8069     X86CPU *cpu = X86_CPU(obj);
8070     BitProperty *fp = opaque;
8071     bool value;
8072 
8073     if (dev->realized) {
8074         qdev_prop_set_after_realize(dev, name, errp);
8075         return;
8076     }
8077 
8078     if (!visit_type_bool(v, name, &value, errp)) {
8079         return;
8080     }
8081 
8082     if (value) {
8083         cpu->env.features[fp->w] |= fp->mask;
8084     } else {
8085         cpu->env.features[fp->w] &= ~fp->mask;
8086     }
8087     cpu->env.user_features[fp->w] |= fp->mask;
8088 }
8089 
8090 /* Register a boolean property to get/set a single bit in a uint32_t field.
8091  *
8092  * The same property name can be registered multiple times to make it affect
8093  * multiple bits in the same FeatureWord. In that case, the getter will return
8094  * true only if all bits are set.
8095  */
8096 static void x86_cpu_register_bit_prop(X86CPUClass *xcc,
8097                                       const char *prop_name,
8098                                       FeatureWord w,
8099                                       int bitnr)
8100 {
8101     ObjectClass *oc = OBJECT_CLASS(xcc);
8102     BitProperty *fp;
8103     ObjectProperty *op;
8104     uint64_t mask = (1ULL << bitnr);
8105 
8106     op = object_class_property_find(oc, prop_name);
8107     if (op) {
8108         fp = op->opaque;
8109         assert(fp->w == w);
8110         fp->mask |= mask;
8111     } else {
8112         fp = g_new0(BitProperty, 1);
8113         fp->w = w;
8114         fp->mask = mask;
8115         object_class_property_add(oc, prop_name, "bool",
8116                                   x86_cpu_get_bit_prop,
8117                                   x86_cpu_set_bit_prop,
8118                                   NULL, fp);
8119     }
8120 }
8121 
8122 static void x86_cpu_register_feature_bit_props(X86CPUClass *xcc,
8123                                                FeatureWord w,
8124                                                int bitnr)
8125 {
8126     FeatureWordInfo *fi = &feature_word_info[w];
8127     const char *name = fi->feat_names[bitnr];
8128 
8129     if (!name) {
8130         return;
8131     }
8132 
8133     /* Property names should use "-" instead of "_".
8134      * Old names containing underscores are registered as aliases
8135      * using object_property_add_alias()
8136      */
8137     assert(!strchr(name, '_'));
8138     /* aliases don't use "|" delimiters anymore, they are registered
8139      * manually using object_property_add_alias() */
8140     assert(!strchr(name, '|'));
8141     x86_cpu_register_bit_prop(xcc, name, w, bitnr);
8142 }
8143 
8144 static void x86_cpu_post_initfn(Object *obj)
8145 {
8146     static bool first = true;
8147     uint64_t supported_xcr0;
8148     int i;
8149 
8150     if (first) {
8151         first = false;
8152 
8153         supported_xcr0 =
8154             ((uint64_t) x86_cpu_get_supported_feature_word(NULL, FEAT_XSAVE_XCR0_HI) << 32) |
8155             x86_cpu_get_supported_feature_word(NULL, FEAT_XSAVE_XCR0_LO);
8156 
8157         for (i = XSTATE_SSE_BIT + 1; i < XSAVE_STATE_AREA_COUNT; i++) {
8158             ExtSaveArea *esa = &x86_ext_save_areas[i];
8159 
8160             if (!(supported_xcr0 & (1 << i))) {
8161                 esa->size = 0;
8162             }
8163         }
8164     }
8165 
8166     accel_cpu_instance_init(CPU(obj));
8167 }
8168 
8169 static void x86_cpu_init_default_topo(X86CPU *cpu)
8170 {
8171     CPUX86State *env = &cpu->env;
8172 
8173     env->nr_modules = 1;
8174     env->nr_dies = 1;
8175 
8176     /* thread, core and socket levels are set by default. */
8177     set_bit(CPU_TOPOLOGY_LEVEL_THREAD, env->avail_cpu_topo);
8178     set_bit(CPU_TOPOLOGY_LEVEL_CORE, env->avail_cpu_topo);
8179     set_bit(CPU_TOPOLOGY_LEVEL_SOCKET, env->avail_cpu_topo);
8180 }
8181 
8182 static void x86_cpu_initfn(Object *obj)
8183 {
8184     X86CPU *cpu = X86_CPU(obj);
8185     X86CPUClass *xcc = X86_CPU_GET_CLASS(obj);
8186     CPUX86State *env = &cpu->env;
8187 
8188     x86_cpu_init_default_topo(cpu);
8189 
8190     object_property_add(obj, "feature-words", "X86CPUFeatureWordInfo",
8191                         x86_cpu_get_feature_words,
8192                         NULL, NULL, (void *)env->features);
8193     object_property_add(obj, "filtered-features", "X86CPUFeatureWordInfo",
8194                         x86_cpu_get_feature_words,
8195                         NULL, NULL, (void *)cpu->filtered_features);
8196 
8197     object_property_add_alias(obj, "sse3", obj, "pni");
8198     object_property_add_alias(obj, "pclmuldq", obj, "pclmulqdq");
8199     object_property_add_alias(obj, "sse4-1", obj, "sse4.1");
8200     object_property_add_alias(obj, "sse4-2", obj, "sse4.2");
8201     object_property_add_alias(obj, "xd", obj, "nx");
8202     object_property_add_alias(obj, "ffxsr", obj, "fxsr-opt");
8203     object_property_add_alias(obj, "i64", obj, "lm");
8204 
8205     object_property_add_alias(obj, "ds_cpl", obj, "ds-cpl");
8206     object_property_add_alias(obj, "tsc_adjust", obj, "tsc-adjust");
8207     object_property_add_alias(obj, "fxsr_opt", obj, "fxsr-opt");
8208     object_property_add_alias(obj, "lahf_lm", obj, "lahf-lm");
8209     object_property_add_alias(obj, "cmp_legacy", obj, "cmp-legacy");
8210     object_property_add_alias(obj, "nodeid_msr", obj, "nodeid-msr");
8211     object_property_add_alias(obj, "perfctr_core", obj, "perfctr-core");
8212     object_property_add_alias(obj, "perfctr_nb", obj, "perfctr-nb");
8213     object_property_add_alias(obj, "kvm_nopiodelay", obj, "kvm-nopiodelay");
8214     object_property_add_alias(obj, "kvm_mmu", obj, "kvm-mmu");
8215     object_property_add_alias(obj, "kvm_asyncpf", obj, "kvm-asyncpf");
8216     object_property_add_alias(obj, "kvm_asyncpf_int", obj, "kvm-asyncpf-int");
8217     object_property_add_alias(obj, "kvm_steal_time", obj, "kvm-steal-time");
8218     object_property_add_alias(obj, "kvm_pv_eoi", obj, "kvm-pv-eoi");
8219     object_property_add_alias(obj, "kvm_pv_unhalt", obj, "kvm-pv-unhalt");
8220     object_property_add_alias(obj, "kvm_poll_control", obj, "kvm-poll-control");
8221     object_property_add_alias(obj, "svm_lock", obj, "svm-lock");
8222     object_property_add_alias(obj, "nrip_save", obj, "nrip-save");
8223     object_property_add_alias(obj, "tsc_scale", obj, "tsc-scale");
8224     object_property_add_alias(obj, "vmcb_clean", obj, "vmcb-clean");
8225     object_property_add_alias(obj, "pause_filter", obj, "pause-filter");
8226     object_property_add_alias(obj, "sse4_1", obj, "sse4.1");
8227     object_property_add_alias(obj, "sse4_2", obj, "sse4.2");
8228 
8229     object_property_add_alias(obj, "hv-apicv", obj, "hv-avic");
8230     cpu->lbr_fmt = ~PERF_CAP_LBR_FMT;
8231     object_property_add_alias(obj, "lbr_fmt", obj, "lbr-fmt");
8232 
8233     if (xcc->model) {
8234         x86_cpu_load_model(cpu, xcc->model);
8235     }
8236 }
8237 
8238 static int64_t x86_cpu_get_arch_id(CPUState *cs)
8239 {
8240     X86CPU *cpu = X86_CPU(cs);
8241 
8242     return cpu->apic_id;
8243 }
8244 
8245 #if !defined(CONFIG_USER_ONLY)
8246 static bool x86_cpu_get_paging_enabled(const CPUState *cs)
8247 {
8248     X86CPU *cpu = X86_CPU(cs);
8249 
8250     return cpu->env.cr[0] & CR0_PG_MASK;
8251 }
8252 #endif /* !CONFIG_USER_ONLY */
8253 
8254 static void x86_cpu_set_pc(CPUState *cs, vaddr value)
8255 {
8256     X86CPU *cpu = X86_CPU(cs);
8257 
8258     cpu->env.eip = value;
8259 }
8260 
8261 static vaddr x86_cpu_get_pc(CPUState *cs)
8262 {
8263     X86CPU *cpu = X86_CPU(cs);
8264 
8265     /* Match cpu_get_tb_cpu_state. */
8266     return cpu->env.eip + cpu->env.segs[R_CS].base;
8267 }
8268 
8269 int x86_cpu_pending_interrupt(CPUState *cs, int interrupt_request)
8270 {
8271     X86CPU *cpu = X86_CPU(cs);
8272     CPUX86State *env = &cpu->env;
8273 
8274 #if !defined(CONFIG_USER_ONLY)
8275     if (interrupt_request & CPU_INTERRUPT_POLL) {
8276         return CPU_INTERRUPT_POLL;
8277     }
8278 #endif
8279     if (interrupt_request & CPU_INTERRUPT_SIPI) {
8280         return CPU_INTERRUPT_SIPI;
8281     }
8282 
8283     if (env->hflags2 & HF2_GIF_MASK) {
8284         if ((interrupt_request & CPU_INTERRUPT_SMI) &&
8285             !(env->hflags & HF_SMM_MASK)) {
8286             return CPU_INTERRUPT_SMI;
8287         } else if ((interrupt_request & CPU_INTERRUPT_NMI) &&
8288                    !(env->hflags2 & HF2_NMI_MASK)) {
8289             return CPU_INTERRUPT_NMI;
8290         } else if (interrupt_request & CPU_INTERRUPT_MCE) {
8291             return CPU_INTERRUPT_MCE;
8292         } else if ((interrupt_request & CPU_INTERRUPT_HARD) &&
8293                    (((env->hflags2 & HF2_VINTR_MASK) &&
8294                      (env->hflags2 & HF2_HIF_MASK)) ||
8295                     (!(env->hflags2 & HF2_VINTR_MASK) &&
8296                      (env->eflags & IF_MASK &&
8297                       !(env->hflags & HF_INHIBIT_IRQ_MASK))))) {
8298             return CPU_INTERRUPT_HARD;
8299 #if !defined(CONFIG_USER_ONLY)
8300         } else if (env->hflags2 & HF2_VGIF_MASK) {
8301             if((interrupt_request & CPU_INTERRUPT_VIRQ) &&
8302                    (env->eflags & IF_MASK) &&
8303                    !(env->hflags & HF_INHIBIT_IRQ_MASK)) {
8304                         return CPU_INTERRUPT_VIRQ;
8305             }
8306 #endif
8307         }
8308     }
8309 
8310     return 0;
8311 }
8312 
8313 static bool x86_cpu_has_work(CPUState *cs)
8314 {
8315     return x86_cpu_pending_interrupt(cs, cs->interrupt_request) != 0;
8316 }
8317 
8318 int x86_mmu_index_pl(CPUX86State *env, unsigned pl)
8319 {
8320     int mmu_index_32 = (env->hflags & HF_CS64_MASK) ? 0 : 1;
8321     int mmu_index_base =
8322         pl == 3 ? MMU_USER64_IDX :
8323         !(env->hflags & HF_SMAP_MASK) ? MMU_KNOSMAP64_IDX :
8324         (env->eflags & AC_MASK) ? MMU_KNOSMAP64_IDX : MMU_KSMAP64_IDX;
8325 
8326     return mmu_index_base + mmu_index_32;
8327 }
8328 
8329 static int x86_cpu_mmu_index(CPUState *cs, bool ifetch)
8330 {
8331     CPUX86State *env = cpu_env(cs);
8332     return x86_mmu_index_pl(env, env->hflags & HF_CPL_MASK);
8333 }
8334 
8335 static int x86_mmu_index_kernel_pl(CPUX86State *env, unsigned pl)
8336 {
8337     int mmu_index_32 = (env->hflags & HF_LMA_MASK) ? 0 : 1;
8338     int mmu_index_base =
8339         !(env->hflags & HF_SMAP_MASK) ? MMU_KNOSMAP64_IDX :
8340         (pl < 3 && (env->eflags & AC_MASK)
8341          ? MMU_KNOSMAP64_IDX : MMU_KSMAP64_IDX);
8342 
8343     return mmu_index_base + mmu_index_32;
8344 }
8345 
8346 int cpu_mmu_index_kernel(CPUX86State *env)
8347 {
8348     return x86_mmu_index_kernel_pl(env, env->hflags & HF_CPL_MASK);
8349 }
8350 
8351 static void x86_disas_set_info(CPUState *cs, disassemble_info *info)
8352 {
8353     X86CPU *cpu = X86_CPU(cs);
8354     CPUX86State *env = &cpu->env;
8355 
8356     info->mach = (env->hflags & HF_CS64_MASK ? bfd_mach_x86_64
8357                   : env->hflags & HF_CS32_MASK ? bfd_mach_i386_i386
8358                   : bfd_mach_i386_i8086);
8359 
8360     info->cap_arch = CS_ARCH_X86;
8361     info->cap_mode = (env->hflags & HF_CS64_MASK ? CS_MODE_64
8362                       : env->hflags & HF_CS32_MASK ? CS_MODE_32
8363                       : CS_MODE_16);
8364     info->cap_insn_unit = 1;
8365     info->cap_insn_split = 8;
8366 }
8367 
8368 void x86_update_hflags(CPUX86State *env)
8369 {
8370    uint32_t hflags;
8371 #define HFLAG_COPY_MASK \
8372     ~( HF_CPL_MASK | HF_PE_MASK | HF_MP_MASK | HF_EM_MASK | \
8373        HF_TS_MASK | HF_TF_MASK | HF_VM_MASK | HF_IOPL_MASK | \
8374        HF_OSFXSR_MASK | HF_LMA_MASK | HF_CS32_MASK | \
8375        HF_SS32_MASK | HF_CS64_MASK | HF_ADDSEG_MASK)
8376 
8377     hflags = env->hflags & HFLAG_COPY_MASK;
8378     hflags |= (env->segs[R_SS].flags >> DESC_DPL_SHIFT) & HF_CPL_MASK;
8379     hflags |= (env->cr[0] & CR0_PE_MASK) << (HF_PE_SHIFT - CR0_PE_SHIFT);
8380     hflags |= (env->cr[0] << (HF_MP_SHIFT - CR0_MP_SHIFT)) &
8381                 (HF_MP_MASK | HF_EM_MASK | HF_TS_MASK);
8382     hflags |= (env->eflags & (HF_TF_MASK | HF_VM_MASK | HF_IOPL_MASK));
8383 
8384     if (env->cr[4] & CR4_OSFXSR_MASK) {
8385         hflags |= HF_OSFXSR_MASK;
8386     }
8387 
8388     if (env->efer & MSR_EFER_LMA) {
8389         hflags |= HF_LMA_MASK;
8390     }
8391 
8392     if ((hflags & HF_LMA_MASK) && (env->segs[R_CS].flags & DESC_L_MASK)) {
8393         hflags |= HF_CS32_MASK | HF_SS32_MASK | HF_CS64_MASK;
8394     } else {
8395         hflags |= (env->segs[R_CS].flags & DESC_B_MASK) >>
8396                     (DESC_B_SHIFT - HF_CS32_SHIFT);
8397         hflags |= (env->segs[R_SS].flags & DESC_B_MASK) >>
8398                     (DESC_B_SHIFT - HF_SS32_SHIFT);
8399         if (!(env->cr[0] & CR0_PE_MASK) || (env->eflags & VM_MASK) ||
8400             !(hflags & HF_CS32_MASK)) {
8401             hflags |= HF_ADDSEG_MASK;
8402         } else {
8403             hflags |= ((env->segs[R_DS].base | env->segs[R_ES].base |
8404                         env->segs[R_SS].base) != 0) << HF_ADDSEG_SHIFT;
8405         }
8406     }
8407     env->hflags = hflags;
8408 }
8409 
8410 static const Property x86_cpu_properties[] = {
8411 #ifdef CONFIG_USER_ONLY
8412     /* apic_id = 0 by default for *-user, see commit 9886e834 */
8413     DEFINE_PROP_UINT32("apic-id", X86CPU, apic_id, 0),
8414     DEFINE_PROP_INT32("thread-id", X86CPU, thread_id, 0),
8415     DEFINE_PROP_INT32("core-id", X86CPU, core_id, 0),
8416     DEFINE_PROP_INT32("module-id", X86CPU, module_id, 0),
8417     DEFINE_PROP_INT32("die-id", X86CPU, die_id, 0),
8418     DEFINE_PROP_INT32("socket-id", X86CPU, socket_id, 0),
8419 #else
8420     DEFINE_PROP_UINT32("apic-id", X86CPU, apic_id, UNASSIGNED_APIC_ID),
8421     DEFINE_PROP_INT32("thread-id", X86CPU, thread_id, -1),
8422     DEFINE_PROP_INT32("core-id", X86CPU, core_id, -1),
8423     DEFINE_PROP_INT32("module-id", X86CPU, module_id, -1),
8424     DEFINE_PROP_INT32("die-id", X86CPU, die_id, -1),
8425     DEFINE_PROP_INT32("socket-id", X86CPU, socket_id, -1),
8426 #endif
8427     DEFINE_PROP_INT32("node-id", X86CPU, node_id, CPU_UNSET_NUMA_NODE_ID),
8428     DEFINE_PROP_BOOL("pmu", X86CPU, enable_pmu, false),
8429     DEFINE_PROP_UINT64_CHECKMASK("lbr-fmt", X86CPU, lbr_fmt, PERF_CAP_LBR_FMT),
8430 
8431     DEFINE_PROP_UINT32("hv-spinlocks", X86CPU, hyperv_spinlock_attempts,
8432                        HYPERV_SPINLOCK_NEVER_NOTIFY),
8433     DEFINE_PROP_BIT64("hv-relaxed", X86CPU, hyperv_features,
8434                       HYPERV_FEAT_RELAXED, 0),
8435     DEFINE_PROP_BIT64("hv-vapic", X86CPU, hyperv_features,
8436                       HYPERV_FEAT_VAPIC, 0),
8437     DEFINE_PROP_BIT64("hv-time", X86CPU, hyperv_features,
8438                       HYPERV_FEAT_TIME, 0),
8439     DEFINE_PROP_BIT64("hv-crash", X86CPU, hyperv_features,
8440                       HYPERV_FEAT_CRASH, 0),
8441     DEFINE_PROP_BIT64("hv-reset", X86CPU, hyperv_features,
8442                       HYPERV_FEAT_RESET, 0),
8443     DEFINE_PROP_BIT64("hv-vpindex", X86CPU, hyperv_features,
8444                       HYPERV_FEAT_VPINDEX, 0),
8445     DEFINE_PROP_BIT64("hv-runtime", X86CPU, hyperv_features,
8446                       HYPERV_FEAT_RUNTIME, 0),
8447     DEFINE_PROP_BIT64("hv-synic", X86CPU, hyperv_features,
8448                       HYPERV_FEAT_SYNIC, 0),
8449     DEFINE_PROP_BIT64("hv-stimer", X86CPU, hyperv_features,
8450                       HYPERV_FEAT_STIMER, 0),
8451     DEFINE_PROP_BIT64("hv-frequencies", X86CPU, hyperv_features,
8452                       HYPERV_FEAT_FREQUENCIES, 0),
8453     DEFINE_PROP_BIT64("hv-reenlightenment", X86CPU, hyperv_features,
8454                       HYPERV_FEAT_REENLIGHTENMENT, 0),
8455     DEFINE_PROP_BIT64("hv-tlbflush", X86CPU, hyperv_features,
8456                       HYPERV_FEAT_TLBFLUSH, 0),
8457     DEFINE_PROP_BIT64("hv-evmcs", X86CPU, hyperv_features,
8458                       HYPERV_FEAT_EVMCS, 0),
8459     DEFINE_PROP_BIT64("hv-ipi", X86CPU, hyperv_features,
8460                       HYPERV_FEAT_IPI, 0),
8461     DEFINE_PROP_BIT64("hv-stimer-direct", X86CPU, hyperv_features,
8462                       HYPERV_FEAT_STIMER_DIRECT, 0),
8463     DEFINE_PROP_BIT64("hv-avic", X86CPU, hyperv_features,
8464                       HYPERV_FEAT_AVIC, 0),
8465     DEFINE_PROP_BIT64("hv-emsr-bitmap", X86CPU, hyperv_features,
8466                       HYPERV_FEAT_MSR_BITMAP, 0),
8467     DEFINE_PROP_BIT64("hv-xmm-input", X86CPU, hyperv_features,
8468                       HYPERV_FEAT_XMM_INPUT, 0),
8469     DEFINE_PROP_BIT64("hv-tlbflush-ext", X86CPU, hyperv_features,
8470                       HYPERV_FEAT_TLBFLUSH_EXT, 0),
8471     DEFINE_PROP_BIT64("hv-tlbflush-direct", X86CPU, hyperv_features,
8472                       HYPERV_FEAT_TLBFLUSH_DIRECT, 0),
8473     DEFINE_PROP_ON_OFF_AUTO("hv-no-nonarch-coresharing", X86CPU,
8474                             hyperv_no_nonarch_cs, ON_OFF_AUTO_OFF),
8475 #ifdef CONFIG_SYNDBG
8476     DEFINE_PROP_BIT64("hv-syndbg", X86CPU, hyperv_features,
8477                       HYPERV_FEAT_SYNDBG, 0),
8478 #endif
8479     DEFINE_PROP_BOOL("hv-passthrough", X86CPU, hyperv_passthrough, false),
8480     DEFINE_PROP_BOOL("hv-enforce-cpuid", X86CPU, hyperv_enforce_cpuid, false),
8481 
8482     /* WS2008R2 identify by default */
8483     DEFINE_PROP_UINT32("hv-version-id-build", X86CPU, hyperv_ver_id_build,
8484                        0x3839),
8485     DEFINE_PROP_UINT16("hv-version-id-major", X86CPU, hyperv_ver_id_major,
8486                        0x000A),
8487     DEFINE_PROP_UINT16("hv-version-id-minor", X86CPU, hyperv_ver_id_minor,
8488                        0x0000),
8489     DEFINE_PROP_UINT32("hv-version-id-spack", X86CPU, hyperv_ver_id_sp, 0),
8490     DEFINE_PROP_UINT8("hv-version-id-sbranch", X86CPU, hyperv_ver_id_sb, 0),
8491     DEFINE_PROP_UINT32("hv-version-id-snumber", X86CPU, hyperv_ver_id_sn, 0),
8492 
8493     DEFINE_PROP_BOOL("check", X86CPU, check_cpuid, true),
8494     DEFINE_PROP_BOOL("enforce", X86CPU, enforce_cpuid, false),
8495     DEFINE_PROP_BOOL("x-force-features", X86CPU, force_features, false),
8496     DEFINE_PROP_BOOL("kvm", X86CPU, expose_kvm, true),
8497     DEFINE_PROP_UINT32("phys-bits", X86CPU, phys_bits, 0),
8498     DEFINE_PROP_UINT32("guest-phys-bits", X86CPU, guest_phys_bits, -1),
8499     DEFINE_PROP_BOOL("host-phys-bits", X86CPU, host_phys_bits, false),
8500     DEFINE_PROP_UINT8("host-phys-bits-limit", X86CPU, host_phys_bits_limit, 0),
8501     DEFINE_PROP_BOOL("fill-mtrr-mask", X86CPU, fill_mtrr_mask, true),
8502     DEFINE_PROP_UINT32("level-func7", X86CPU, env.cpuid_level_func7,
8503                        UINT32_MAX),
8504     DEFINE_PROP_UINT32("level", X86CPU, env.cpuid_level, UINT32_MAX),
8505     DEFINE_PROP_UINT32("xlevel", X86CPU, env.cpuid_xlevel, UINT32_MAX),
8506     DEFINE_PROP_UINT32("xlevel2", X86CPU, env.cpuid_xlevel2, UINT32_MAX),
8507     DEFINE_PROP_UINT32("min-level", X86CPU, env.cpuid_min_level, 0),
8508     DEFINE_PROP_UINT32("min-xlevel", X86CPU, env.cpuid_min_xlevel, 0),
8509     DEFINE_PROP_UINT32("min-xlevel2", X86CPU, env.cpuid_min_xlevel2, 0),
8510     DEFINE_PROP_UINT8("avx10-version", X86CPU, env.avx10_version, 0),
8511     DEFINE_PROP_UINT64("ucode-rev", X86CPU, ucode_rev, 0),
8512     DEFINE_PROP_BOOL("full-cpuid-auto-level", X86CPU, full_cpuid_auto_level, true),
8513     DEFINE_PROP_STRING("hv-vendor-id", X86CPU, hyperv_vendor),
8514     DEFINE_PROP_BOOL("cpuid-0xb", X86CPU, enable_cpuid_0xb, true),
8515     DEFINE_PROP_BOOL("x-vendor-cpuid-only", X86CPU, vendor_cpuid_only, true),
8516     DEFINE_PROP_BOOL("x-amd-topoext-features-only", X86CPU, amd_topoext_features_only, true),
8517     DEFINE_PROP_BOOL("lmce", X86CPU, enable_lmce, false),
8518     DEFINE_PROP_BOOL("l3-cache", X86CPU, enable_l3_cache, true),
8519     DEFINE_PROP_BOOL("kvm-pv-enforce-cpuid", X86CPU, kvm_pv_enforce_cpuid,
8520                      false),
8521     DEFINE_PROP_BOOL("vmware-cpuid-freq", X86CPU, vmware_cpuid_freq, true),
8522     DEFINE_PROP_BOOL("tcg-cpuid", X86CPU, expose_tcg, true),
8523     DEFINE_PROP_BOOL("x-migrate-smi-count", X86CPU, migrate_smi_count,
8524                      true),
8525     /*
8526      * lecacy_cache defaults to true unless the CPU model provides its
8527      * own cache information (see x86_cpu_load_def()).
8528      */
8529     DEFINE_PROP_BOOL("legacy-cache", X86CPU, legacy_cache, true),
8530     DEFINE_PROP_BOOL("legacy-multi-node", X86CPU, legacy_multi_node, false),
8531     DEFINE_PROP_BOOL("xen-vapic", X86CPU, xen_vapic, false),
8532 
8533     /*
8534      * From "Requirements for Implementing the Microsoft
8535      * Hypervisor Interface":
8536      * https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/reference/tlfs
8537      *
8538      * "Starting with Windows Server 2012 and Windows 8, if
8539      * CPUID.40000005.EAX contains a value of -1, Windows assumes that
8540      * the hypervisor imposes no specific limit to the number of VPs.
8541      * In this case, Windows Server 2012 guest VMs may use more than
8542      * 64 VPs, up to the maximum supported number of processors applicable
8543      * to the specific Windows version being used."
8544      */
8545     DEFINE_PROP_INT32("x-hv-max-vps", X86CPU, hv_max_vps, -1),
8546     DEFINE_PROP_BOOL("x-hv-synic-kvm-only", X86CPU, hyperv_synic_kvm_only,
8547                      false),
8548     DEFINE_PROP_BOOL("x-intel-pt-auto-level", X86CPU, intel_pt_auto_level,
8549                      true),
8550     DEFINE_PROP_BOOL("x-l1-cache-per-thread", X86CPU, l1_cache_per_core, true),
8551 };
8552 
8553 #ifndef CONFIG_USER_ONLY
8554 #include "hw/core/sysemu-cpu-ops.h"
8555 
8556 static const struct SysemuCPUOps i386_sysemu_ops = {
8557     .get_memory_mapping = x86_cpu_get_memory_mapping,
8558     .get_paging_enabled = x86_cpu_get_paging_enabled,
8559     .get_phys_page_attrs_debug = x86_cpu_get_phys_page_attrs_debug,
8560     .asidx_from_attrs = x86_asidx_from_attrs,
8561     .get_crash_info = x86_cpu_get_crash_info,
8562     .write_elf32_note = x86_cpu_write_elf32_note,
8563     .write_elf64_note = x86_cpu_write_elf64_note,
8564     .write_elf32_qemunote = x86_cpu_write_elf32_qemunote,
8565     .write_elf64_qemunote = x86_cpu_write_elf64_qemunote,
8566     .legacy_vmsd = &vmstate_x86_cpu,
8567 };
8568 #endif
8569 
8570 static void x86_cpu_common_class_init(ObjectClass *oc, void *data)
8571 {
8572     X86CPUClass *xcc = X86_CPU_CLASS(oc);
8573     CPUClass *cc = CPU_CLASS(oc);
8574     DeviceClass *dc = DEVICE_CLASS(oc);
8575     ResettableClass *rc = RESETTABLE_CLASS(oc);
8576     FeatureWord w;
8577 
8578     device_class_set_parent_realize(dc, x86_cpu_realizefn,
8579                                     &xcc->parent_realize);
8580     device_class_set_parent_unrealize(dc, x86_cpu_unrealizefn,
8581                                       &xcc->parent_unrealize);
8582     device_class_set_props(dc, x86_cpu_properties);
8583 
8584     resettable_class_set_parent_phases(rc, NULL, x86_cpu_reset_hold, NULL,
8585                                        &xcc->parent_phases);
8586     cc->reset_dump_flags = CPU_DUMP_FPU | CPU_DUMP_CCOP;
8587 
8588     cc->class_by_name = x86_cpu_class_by_name;
8589     cc->parse_features = x86_cpu_parse_featurestr;
8590     cc->has_work = x86_cpu_has_work;
8591     cc->mmu_index = x86_cpu_mmu_index;
8592     cc->dump_state = x86_cpu_dump_state;
8593     cc->set_pc = x86_cpu_set_pc;
8594     cc->get_pc = x86_cpu_get_pc;
8595     cc->gdb_read_register = x86_cpu_gdb_read_register;
8596     cc->gdb_write_register = x86_cpu_gdb_write_register;
8597     cc->get_arch_id = x86_cpu_get_arch_id;
8598 
8599 #ifndef CONFIG_USER_ONLY
8600     cc->sysemu_ops = &i386_sysemu_ops;
8601 #endif /* !CONFIG_USER_ONLY */
8602 
8603     cc->gdb_arch_name = x86_gdb_arch_name;
8604 #ifdef TARGET_X86_64
8605     cc->gdb_core_xml_file = "i386-64bit.xml";
8606 #else
8607     cc->gdb_core_xml_file = "i386-32bit.xml";
8608 #endif
8609     cc->disas_set_info = x86_disas_set_info;
8610 
8611     dc->user_creatable = true;
8612 
8613     object_class_property_add(oc, "family", "int",
8614                               x86_cpuid_version_get_family,
8615                               x86_cpuid_version_set_family, NULL, NULL);
8616     object_class_property_add(oc, "model", "int",
8617                               x86_cpuid_version_get_model,
8618                               x86_cpuid_version_set_model, NULL, NULL);
8619     object_class_property_add(oc, "stepping", "int",
8620                               x86_cpuid_version_get_stepping,
8621                               x86_cpuid_version_set_stepping, NULL, NULL);
8622     object_class_property_add_str(oc, "vendor",
8623                                   x86_cpuid_get_vendor,
8624                                   x86_cpuid_set_vendor);
8625     object_class_property_add_str(oc, "model-id",
8626                                   x86_cpuid_get_model_id,
8627                                   x86_cpuid_set_model_id);
8628     object_class_property_add(oc, "tsc-frequency", "int",
8629                               x86_cpuid_get_tsc_freq,
8630                               x86_cpuid_set_tsc_freq, NULL, NULL);
8631     /*
8632      * The "unavailable-features" property has the same semantics as
8633      * CpuDefinitionInfo.unavailable-features on the "query-cpu-definitions"
8634      * QMP command: they list the features that would have prevented the
8635      * CPU from running if the "enforce" flag was set.
8636      */
8637     object_class_property_add(oc, "unavailable-features", "strList",
8638                               x86_cpu_get_unavailable_features,
8639                               NULL, NULL, NULL);
8640 
8641 #if !defined(CONFIG_USER_ONLY)
8642     object_class_property_add(oc, "crash-information", "GuestPanicInformation",
8643                               x86_cpu_get_crash_info_qom, NULL, NULL, NULL);
8644 #endif
8645 
8646     for (w = 0; w < FEATURE_WORDS; w++) {
8647         int bitnr;
8648         for (bitnr = 0; bitnr < 64; bitnr++) {
8649             x86_cpu_register_feature_bit_props(xcc, w, bitnr);
8650         }
8651     }
8652 }
8653 
8654 static const TypeInfo x86_cpu_type_info = {
8655     .name = TYPE_X86_CPU,
8656     .parent = TYPE_CPU,
8657     .instance_size = sizeof(X86CPU),
8658     .instance_align = __alignof(X86CPU),
8659     .instance_init = x86_cpu_initfn,
8660     .instance_post_init = x86_cpu_post_initfn,
8661 
8662     .abstract = true,
8663     .class_size = sizeof(X86CPUClass),
8664     .class_init = x86_cpu_common_class_init,
8665 };
8666 
8667 /* "base" CPU model, used by query-cpu-model-expansion */
8668 static void x86_cpu_base_class_init(ObjectClass *oc, void *data)
8669 {
8670     X86CPUClass *xcc = X86_CPU_CLASS(oc);
8671 
8672     xcc->static_model = true;
8673     xcc->migration_safe = true;
8674     xcc->model_description = "base CPU model type with no features enabled";
8675     xcc->ordering = 8;
8676 }
8677 
8678 static const TypeInfo x86_base_cpu_type_info = {
8679         .name = X86_CPU_TYPE_NAME("base"),
8680         .parent = TYPE_X86_CPU,
8681         .class_init = x86_cpu_base_class_init,
8682 };
8683 
8684 static void x86_cpu_register_types(void)
8685 {
8686     int i;
8687 
8688     type_register_static(&x86_cpu_type_info);
8689     for (i = 0; i < ARRAY_SIZE(builtin_x86_defs); i++) {
8690         x86_register_cpudef_types(&builtin_x86_defs[i]);
8691     }
8692     type_register_static(&max_x86_cpu_type_info);
8693     type_register_static(&x86_base_cpu_type_info);
8694 }
8695 
8696 type_init(x86_cpu_register_types)
8697