From 052aaec83e84cc99a03e023eaaf58d289e0d5d05 Mon Sep 17 00:00:00 2001 From: Eduardo Habkost Date: Wed, 13 Dec 2017 15:47:38 -0200 Subject: [PATCH 3/3] target-i386: cpu: add new CPU models for indirect branch predictor restrictions RH-Author: Eduardo Habkost Message-id: <20171213174738.20852-4-ehabkost@redhat.com> Patchwork-id: n/a O-Subject: [CONFIDENTIAL][RHEL-7.5 qemu-kvm-rhev PATCH v2 3/3] target-i386: cpu: add new CPU models for indirect branch predictor restrictions Bugzilla: CVE-2017-5715 RH-Acked-by: Paolo Bonzini RH-Acked-by: Miroslav Rezanina To ensure the New CPU models won't introduce any unexpected changes except for the spec-ctrl feature (even if people are running older machine-types), copy all compat_props entries for existing CPU models to their *-IBRS versions. The only entries that are not being copied are the ones touching "(min-)level" and "(min-)xlevel" because it's an expected result of the CPU model change (otherwise the spec-ctrl feature would remain unavailable to the guest). The entries that had to be copied can be found using: $ git grep -E 'Nehalem|Westmere|SandyBridge|IvyBridge|Haswell-noTSX|Haswell|Broadwell-noTSX|Broadwell|Skylake-Client|Skylake-Server|EPYC' Note that the upstream-only PC_COMPAT_* macros are not being touched as they are not used by the RHEL machine-types Signed-off-by: Miroslav Rezanina . --- hw/i386/pc_piix.c | 100 ++++++++++++ include/hw/i386/pc.h | 75 +++++++++ target/i386/cpu.c | 425 ++++++++++++++++++++++++++++++++++++++++++++++++++- target/i386/cpu.h | 3 + 4 files changed, 602 insertions(+), 1 deletion(-) diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c index c10e462..7a205c4 100644 --- a/hw/i386/pc_piix.c +++ b/hw/i386/pc_piix.c @@ -1444,96 +1444,191 @@ DEFINE_PC_MACHINE(rhel700, "pc-i440fx-rhel7.0.0", pc_init_rhel700, .property = "x2apic",\ .value = "on",\ },\ + { /* PC_RHEL6_6_COMPAT (copied from the entry above) */ \ + .driver = "Nehalem-IBRS" "-" TYPE_X86_CPU,\ + .property = "x2apic",\ + .value = "on",\ + },\ {\ .driver = "Westmere" "-" TYPE_X86_CPU,\ .property = "x2apic",\ .value = "on",\ },\ + { /* PC_RHEL6_6_COMPAT (copied from the entry above) */ \ + .driver = "Westmere-IBRS" "-" TYPE_X86_CPU,\ + .property = "x2apic",\ + .value = "on",\ + },\ {\ .driver = "Westmere" "-" TYPE_X86_CPU,\ .property = "pclmulqdq",\ .value = "off",\ },\ + { /* PC_RHEL6_6_COMPAT (copied from the entry above) */ \ + .driver = "Westmere-IBRS" "-" TYPE_X86_CPU,\ + .property = "pclmulqdq",\ + .value = "off",\ + },\ {\ .driver = "Westmere" "-" TYPE_X86_CPU,\ .property = "fxsr",\ .value = "on",\ },\ + { /* PC_RHEL6_6_COMPAT (copied from the entry above) */ \ + .driver = "Westmere-IBRS" "-" TYPE_X86_CPU,\ + .property = "fxsr",\ + .value = "on",\ + },\ {\ .driver = "Westmere" "-" TYPE_X86_CPU,\ .property = "mmx",\ .value = "on",\ },\ + { /* PC_RHEL6_6_COMPAT (copied from the entry above) */ \ + .driver = "Westmere-IBRS" "-" TYPE_X86_CPU,\ + .property = "mmx",\ + .value = "on",\ + },\ {\ .driver = "Westmere" "-" TYPE_X86_CPU,\ .property = "pat",\ .value = "on",\ },\ + { /* PC_RHEL6_6_COMPAT (copied from the entry above) */ \ + .driver = "Westmere-IBRS" "-" TYPE_X86_CPU,\ + .property = "pat",\ + .value = "on",\ + },\ {\ .driver = "Westmere" "-" TYPE_X86_CPU,\ .property = "cmov",\ .value = "on",\ },\ + { /* PC_RHEL6_6_COMPAT (copied from the entry above) */ \ + .driver = "Westmere-IBRS" "-" TYPE_X86_CPU,\ + .property = "cmov",\ + .value = "on",\ + },\ {\ .driver = "Westmere" "-" TYPE_X86_CPU,\ .property = "pge",\ .value = "on",\ },\ + { /* PC_RHEL6_6_COMPAT (copied from the entry above) */ \ + .driver = "Westmere-IBRS" "-" TYPE_X86_CPU,\ + .property = "pge",\ + .value = "on",\ + },\ {\ .driver = "Westmere" "-" TYPE_X86_CPU,\ .property = "apic",\ .value = "on",\ },\ + { /* PC_RHEL6_6_COMPAT (copied from the entry above) */ \ + .driver = "Westmere-IBRS" "-" TYPE_X86_CPU,\ + .property = "apic",\ + .value = "on",\ + },\ {\ .driver = "Westmere" "-" TYPE_X86_CPU,\ .property = "cx8",\ .value = "on",\ },\ + { /* PC_RHEL6_6_COMPAT (copied from the entry above) */ \ + .driver = "Westmere-IBRS" "-" TYPE_X86_CPU,\ + .property = "cx8",\ + .value = "on",\ + },\ {\ .driver = "Westmere" "-" TYPE_X86_CPU,\ .property = "mce",\ .value = "on",\ },\ + { /* PC_RHEL6_6_COMPAT (copied from the entry above) */ \ + .driver = "Westmere-IBRS" "-" TYPE_X86_CPU,\ + .property = "mce",\ + .value = "on",\ + },\ {\ .driver = "Westmere" "-" TYPE_X86_CPU,\ .property = "pae",\ .value = "on",\ },\ + { /* PC_RHEL6_6_COMPAT (copied from the entry above) */ \ + .driver = "Westmere-IBRS" "-" TYPE_X86_CPU,\ + .property = "pae",\ + .value = "on",\ + },\ {\ .driver = "Westmere" "-" TYPE_X86_CPU,\ .property = "msr",\ .value = "on",\ },\ + { /* PC_RHEL6_6_COMPAT (copied from the entry above) */ \ + .driver = "Westmere-IBRS" "-" TYPE_X86_CPU,\ + .property = "msr",\ + .value = "on",\ + },\ {\ .driver = "Westmere" "-" TYPE_X86_CPU,\ .property = "tsc",\ .value = "on",\ },\ + { /* PC_RHEL6_6_COMPAT (copied from the entry above) */ \ + .driver = "Westmere-IBRS" "-" TYPE_X86_CPU,\ + .property = "tsc",\ + .value = "on",\ + },\ {\ .driver = "Westmere" "-" TYPE_X86_CPU,\ .property = "pse",\ .value = "on",\ },\ + { /* PC_RHEL6_6_COMPAT (copied from the entry above) */ \ + .driver = "Westmere-IBRS" "-" TYPE_X86_CPU,\ + .property = "pse",\ + .value = "on",\ + },\ {\ .driver = "Westmere" "-" TYPE_X86_CPU,\ .property = "de",\ .value = "on",\ },\ + { /* PC_RHEL6_6_COMPAT (copied from the entry above) */ \ + .driver = "Westmere-IBRS" "-" TYPE_X86_CPU,\ + .property = "de",\ + .value = "on",\ + },\ {\ .driver = "Westmere" "-" TYPE_X86_CPU,\ .property = "fpu",\ .value = "on",\ },\ + { /* PC_RHEL6_6_COMPAT (copied from the entry above) */ \ + .driver = "Westmere-IBRS" "-" TYPE_X86_CPU,\ + .property = "fpu",\ + .value = "on",\ + },\ {\ .driver = "Broadwell" "-" TYPE_X86_CPU,\ .property = "rdtscp",\ .value = "off",\ },\ + { /* PC_RHEL6_6_COMPAT (copied from the entry above) */ \ + .driver = "Broadwell-IBRS" "-" TYPE_X86_CPU,\ + .property = "rdtscp",\ + .value = "off",\ + },\ {\ .driver = "Broadwell" "-" TYPE_X86_CPU,\ .property = "smap",\ .value = "off",\ },\ + { /* PC_RHEL6_6_COMPAT (copied from the entry above) */ \ + .driver = "Broadwell-IBRS" "-" TYPE_X86_CPU,\ + .property = "smap",\ + .value = "off",\ + },\ {\ .driver = TYPE_X86_CPU,\ .property = "rdtscp",\ @@ -1752,6 +1847,11 @@ DEFINE_PC_MACHINE(rhel640, "rhel6.4.0", pc_init_rhel640, .driver = "SandyBridge" "-" TYPE_X86_CPU,\ .property = "tsc-deadline",\ .value = "off",\ + },\ + { /* PC_RHEL6_3_COMPAT (copied from the entry above) */ \ + .driver = "SandyBridge-IBRS" "-" TYPE_X86_CPU,\ + .property = "tsc-deadline",\ + .value = "off",\ }, static void pc_compat_rhel630(MachineState *machine) diff --git a/include/hw/i386/pc.h b/include/hw/i386/pc.h index f9b7998..d1b1320 100644 --- a/include/hw/i386/pc.h +++ b/include/hw/i386/pc.h @@ -1118,21 +1118,41 @@ extern void igd_passthrough_isa_bridge_create(PCIBus *bus, uint16_t gpu_dev_id); .property = "abm",\ .value = "off",\ },\ + { /* PC_RHEL7_2_COMPAT (copied from the entry above) */ \ + .driver = "Haswell-IBRS" "-" TYPE_X86_CPU,\ + .property = "abm",\ + .value = "off",\ + },\ { /* PC_RHEL7_2_COMPAT */ \ .driver = "Haswell-noTSX-" TYPE_X86_CPU,\ .property = "abm",\ .value = "off",\ },\ + { /* PC_RHEL7_2_COMPAT (copied from the entry above) */ \ + .driver = "Haswell-noTSX-IBRS" "-" TYPE_X86_CPU,\ + .property = "abm",\ + .value = "off",\ + },\ { /* PC_RHEL7_2_COMPAT */ \ .driver = "Broadwell-" TYPE_X86_CPU,\ .property = "abm",\ .value = "off",\ },\ + { /* PC_RHEL7_2_COMPAT (copied from the entry above) */ \ + .driver = "Broadwell-IBRS" "-" TYPE_X86_CPU,\ + .property = "abm",\ + .value = "off",\ + },\ { /* PC_RHEL7_2_COMPAT */ \ .driver = "Broadwell-noTSX-" TYPE_X86_CPU,\ .property = "abm",\ .value = "off",\ },\ + { /* PC_RHEL7_2_COMPAT (copied from the entry above) */ \ + .driver = "Broadwell-noTSX-IBRS" "-" TYPE_X86_CPU,\ + .property = "abm",\ + .value = "off",\ + },\ { /* PC_RHEL7_2_COMPAT */ \ .driver = "host" "-" TYPE_X86_CPU,\ .property = "host-cache-info",\ @@ -1198,26 +1218,51 @@ extern void igd_passthrough_isa_bridge_create(PCIBus *bus, uint16_t gpu_dev_id); .property = "vme",\ .value = "off",\ },\ + { /* PC_RHEL7_1_COMPAT (copied from the entry above) */ \ + .driver = "Nehalem-IBRS" "-" TYPE_X86_CPU,\ + .property = "vme",\ + .value = "off",\ + },\ {\ .driver = "Westmere" "-" TYPE_X86_CPU,\ .property = "vme",\ .value = "off",\ },\ + { /* PC_RHEL7_1_COMPAT (copied from the entry above) */ \ + .driver = "Westmere-IBRS" "-" TYPE_X86_CPU,\ + .property = "vme",\ + .value = "off",\ + },\ {\ .driver = "SandyBridge" "-" TYPE_X86_CPU,\ .property = "vme",\ .value = "off",\ },\ + { /* PC_RHEL7_1_COMPAT (copied from the entry above) */ \ + .driver = "SandyBridge-IBRS" "-" TYPE_X86_CPU,\ + .property = "vme",\ + .value = "off",\ + },\ {\ .driver = "Haswell" "-" TYPE_X86_CPU,\ .property = "vme",\ .value = "off",\ },\ + { /* PC_RHEL7_1_COMPAT (copied from the entry above) */ \ + .driver = "Haswell-IBRS" "-" TYPE_X86_CPU,\ + .property = "vme",\ + .value = "off",\ + },\ {\ .driver = "Broadwell" "-" TYPE_X86_CPU,\ .property = "vme",\ .value = "off",\ },\ + { /* PC_RHEL7_1_COMPAT (copied from the entry above) */ \ + .driver = "Broadwell-IBRS" "-" TYPE_X86_CPU,\ + .property = "vme",\ + .value = "off",\ + },\ {\ .driver = "Opteron_G1" "-" TYPE_X86_CPU,\ .property = "vme",\ @@ -1248,21 +1293,41 @@ extern void igd_passthrough_isa_bridge_create(PCIBus *bus, uint16_t gpu_dev_id); .property = "f16c",\ .value = "off",\ },\ + { /* PC_RHEL7_1_COMPAT (copied from the entry above) */ \ + .driver = "Haswell-IBRS" "-" TYPE_X86_CPU,\ + .property = "f16c",\ + .value = "off",\ + },\ {\ .driver = "Haswell" "-" TYPE_X86_CPU,\ .property = "rdrand",\ .value = "off",\ },\ + { /* PC_RHEL7_1_COMPAT (copied from the entry above) */ \ + .driver = "Haswell-IBRS" "-" TYPE_X86_CPU,\ + .property = "rdrand",\ + .value = "off",\ + },\ {\ .driver = "Broadwell" "-" TYPE_X86_CPU,\ .property = "f16c",\ .value = "off",\ },\ + { /* PC_RHEL7_1_COMPAT (copied from the entry above) */ \ + .driver = "Broadwell-IBRS" "-" TYPE_X86_CPU,\ + .property = "f16c",\ + .value = "off",\ + },\ {\ .driver = "Broadwell" "-" TYPE_X86_CPU,\ .property = "rdrand",\ .value = "off",\ },\ + { /* PC_RHEL7_1_COMPAT (copied from the entry above) */ \ + .driver = "Broadwell-IBRS" "-" TYPE_X86_CPU,\ + .property = "rdrand",\ + .value = "off",\ + },\ {\ .driver = "coreduo" "-" TYPE_X86_CPU,\ .property = "vmx",\ @@ -1431,11 +1496,21 @@ extern void igd_passthrough_isa_bridge_create(PCIBus *bus, uint16_t gpu_dev_id); .property = "x2apic",\ .value = "on",\ },\ + { /* PC_RHEL7_0_COMPAT (copied from the entry above) */ \ + .driver = "Nehalem-IBRS" "-" TYPE_X86_CPU,\ + .property = "x2apic",\ + .value = "on",\ + },\ {\ .driver = "Westmere" "-" TYPE_X86_CPU,\ .property = "x2apic",\ .value = "on",\ },\ + { /* PC_RHEL7_0_COMPAT (copied from the entry above) */ \ + .driver = "Westmere-IBRS" "-" TYPE_X86_CPU,\ + .property = "x2apic",\ + .value = "on",\ + },\ {\ .driver = "Opteron_G1" "-" TYPE_X86_CPU,\ .property = "x2apic",\ diff --git a/target/i386/cpu.c b/target/i386/cpu.c index 364e52e..da5a266 100644 --- a/target/i386/cpu.c +++ b/target/i386/cpu.c @@ -1102,6 +1102,31 @@ static X86CPUDefinition builtin_x86_defs[] = { .model_id = "Intel Core i7 9xx (Nehalem Class Core i7)", }, { + .name = "Nehalem-IBRS", + .level = 11, + .vendor = CPUID_VENDOR_INTEL, + .family = 6, + .model = 26, + .stepping = 3, + .features[FEAT_1_EDX] = + CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | + CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | + CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | + CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | + CPUID_DE | CPUID_FP87, + .features[FEAT_1_ECX] = + CPUID_EXT_POPCNT | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 | + CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | CPUID_EXT_SSE3, + .features[FEAT_7_0_EDX] = + CPUID_7_0_EDX_SPEC_CTRL, + .features[FEAT_8000_0001_EDX] = + CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX, + .features[FEAT_8000_0001_ECX] = + CPUID_EXT3_LAHF_LM, + .xlevel = 0x80000008, + .model_id = "Intel Core i7 9xx (Nehalem Core i7, IBRS update)", + }, + { .name = "Westmere", .level = 11, .vendor = CPUID_VENDOR_INTEL, @@ -1128,6 +1153,34 @@ static X86CPUDefinition builtin_x86_defs[] = { .model_id = "Westmere E56xx/L56xx/X56xx (Nehalem-C)", }, { + .name = "Westmere-IBRS", + .level = 11, + .vendor = CPUID_VENDOR_INTEL, + .family = 6, + .model = 44, + .stepping = 1, + .features[FEAT_1_EDX] = + CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | + CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | + CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | + CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | + CPUID_DE | CPUID_FP87, + .features[FEAT_1_ECX] = + CPUID_EXT_AES | CPUID_EXT_POPCNT | CPUID_EXT_SSE42 | + CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | + CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3, + .features[FEAT_8000_0001_EDX] = + CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX, + .features[FEAT_8000_0001_ECX] = + CPUID_EXT3_LAHF_LM, + .features[FEAT_7_0_EDX] = + CPUID_7_0_EDX_SPEC_CTRL, + .features[FEAT_6_EAX] = + CPUID_6_EAX_ARAT, + .xlevel = 0x80000008, + .model_id = "Westmere E56xx/L56xx/X56xx (IBRS update)", + }, + { .name = "SandyBridge", .level = 0xd, .vendor = CPUID_VENDOR_INTEL, @@ -1159,6 +1212,39 @@ static X86CPUDefinition builtin_x86_defs[] = { .model_id = "Intel Xeon E312xx (Sandy Bridge)", }, { + .name = "SandyBridge-IBRS", + .level = 0xd, + .vendor = CPUID_VENDOR_INTEL, + .family = 6, + .model = 42, + .stepping = 1, + .features[FEAT_1_EDX] = + CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | + CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | + CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | + CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | + CPUID_DE | CPUID_FP87, + .features[FEAT_1_ECX] = + CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES | + CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_POPCNT | + CPUID_EXT_X2APIC | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 | + CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | CPUID_EXT_PCLMULQDQ | + CPUID_EXT_SSE3, + .features[FEAT_8000_0001_EDX] = + CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX | + CPUID_EXT2_SYSCALL, + .features[FEAT_8000_0001_ECX] = + CPUID_EXT3_LAHF_LM, + .features[FEAT_7_0_EDX] = + CPUID_7_0_EDX_SPEC_CTRL, + .features[FEAT_XSAVE] = + CPUID_XSAVE_XSAVEOPT, + .features[FEAT_6_EAX] = + CPUID_6_EAX_ARAT, + .xlevel = 0x80000008, + .model_id = "Intel Xeon E312xx (Sandy Bridge, IBRS update)", + }, + { .name = "IvyBridge", .level = 0xd, .vendor = CPUID_VENDOR_INTEL, @@ -1193,6 +1279,42 @@ static X86CPUDefinition builtin_x86_defs[] = { .model_id = "Intel Xeon E3-12xx v2 (Ivy Bridge)", }, { + .name = "IvyBridge-IBRS", + .level = 0xd, + .vendor = CPUID_VENDOR_INTEL, + .family = 6, + .model = 58, + .stepping = 9, + .features[FEAT_1_EDX] = + CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | + CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | + CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | + CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | + CPUID_DE | CPUID_FP87, + .features[FEAT_1_ECX] = + CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES | + CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_POPCNT | + CPUID_EXT_X2APIC | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 | + CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | CPUID_EXT_PCLMULQDQ | + CPUID_EXT_SSE3 | CPUID_EXT_F16C | CPUID_EXT_RDRAND, + .features[FEAT_7_0_EBX] = + CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_SMEP | + CPUID_7_0_EBX_ERMS, + .features[FEAT_8000_0001_EDX] = + CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX | + CPUID_EXT2_SYSCALL, + .features[FEAT_8000_0001_ECX] = + CPUID_EXT3_LAHF_LM, + .features[FEAT_7_0_EDX] = + CPUID_7_0_EDX_SPEC_CTRL, + .features[FEAT_XSAVE] = + CPUID_XSAVE_XSAVEOPT, + .features[FEAT_6_EAX] = + CPUID_6_EAX_ARAT, + .xlevel = 0x80000008, + .model_id = "Intel Xeon E3-12xx v2 (Ivy Bridge, IBRS)", + }, + { .name = "Haswell-noTSX", .level = 0xd, .vendor = CPUID_VENDOR_INTEL, @@ -1227,7 +1349,46 @@ static X86CPUDefinition builtin_x86_defs[] = { CPUID_6_EAX_ARAT, .xlevel = 0x80000008, .model_id = "Intel Core Processor (Haswell, no TSX)", - }, { + }, + { + .name = "Haswell-noTSX-IBRS", + .level = 0xd, + .vendor = CPUID_VENDOR_INTEL, + .family = 6, + .model = 60, + .stepping = 1, + .features[FEAT_1_EDX] = + CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | + CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | + CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | + CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | + CPUID_DE | CPUID_FP87, + .features[FEAT_1_ECX] = + CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES | + CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 | + CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | + CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 | + CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE | + CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND, + .features[FEAT_8000_0001_EDX] = + CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX | + CPUID_EXT2_SYSCALL, + .features[FEAT_8000_0001_ECX] = + CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM, + .features[FEAT_7_0_EDX] = + CPUID_7_0_EDX_SPEC_CTRL, + .features[FEAT_7_0_EBX] = + CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | + CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP | + CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID, + .features[FEAT_XSAVE] = + CPUID_XSAVE_XSAVEOPT, + .features[FEAT_6_EAX] = + CPUID_6_EAX_ARAT, + .xlevel = 0x80000008, + .model_id = "Intel Core Processor (Haswell, no TSX, IBRS)", + }, + { .name = "Haswell", .level = 0xd, .vendor = CPUID_VENDOR_INTEL, @@ -1265,6 +1426,45 @@ static X86CPUDefinition builtin_x86_defs[] = { .model_id = "Intel Core Processor (Haswell)", }, { + .name = "Haswell-IBRS", + .level = 0xd, + .vendor = CPUID_VENDOR_INTEL, + .family = 6, + .model = 60, + .stepping = 4, + .features[FEAT_1_EDX] = + CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | + CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | + CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | + CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | + CPUID_DE | CPUID_FP87, + .features[FEAT_1_ECX] = + CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES | + CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 | + CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | + CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 | + CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE | + CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND, + .features[FEAT_8000_0001_EDX] = + CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX | + CPUID_EXT2_SYSCALL, + .features[FEAT_8000_0001_ECX] = + CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM, + .features[FEAT_7_0_EDX] = + CPUID_7_0_EDX_SPEC_CTRL, + .features[FEAT_7_0_EBX] = + CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | + CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP | + CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID | + CPUID_7_0_EBX_RTM, + .features[FEAT_XSAVE] = + CPUID_XSAVE_XSAVEOPT, + .features[FEAT_6_EAX] = + CPUID_6_EAX_ARAT, + .xlevel = 0x80000008, + .model_id = "Intel Core Processor (Haswell, IBRS)", + }, + { .name = "Broadwell-noTSX", .level = 0xd, .vendor = CPUID_VENDOR_INTEL, @@ -1303,6 +1503,46 @@ static X86CPUDefinition builtin_x86_defs[] = { .model_id = "Intel Core Processor (Broadwell, no TSX)", }, { + .name = "Broadwell-noTSX-IBRS", + .level = 0xd, + .vendor = CPUID_VENDOR_INTEL, + .family = 6, + .model = 61, + .stepping = 2, + .features[FEAT_1_EDX] = + CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | + CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | + CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | + CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | + CPUID_DE | CPUID_FP87, + .features[FEAT_1_ECX] = + CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES | + CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 | + CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | + CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 | + CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE | + CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND, + .features[FEAT_8000_0001_EDX] = + CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX | + CPUID_EXT2_SYSCALL, + .features[FEAT_8000_0001_ECX] = + CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH, + .features[FEAT_7_0_EDX] = + CPUID_7_0_EDX_SPEC_CTRL, + .features[FEAT_7_0_EBX] = + CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | + CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP | + CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID | + CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX | + CPUID_7_0_EBX_SMAP, + .features[FEAT_XSAVE] = + CPUID_XSAVE_XSAVEOPT, + .features[FEAT_6_EAX] = + CPUID_6_EAX_ARAT, + .xlevel = 0x80000008, + .model_id = "Intel Core Processor (Broadwell, no TSX, IBRS)", + }, + { .name = "Broadwell", .level = 0xd, .vendor = CPUID_VENDOR_INTEL, @@ -1341,6 +1581,46 @@ static X86CPUDefinition builtin_x86_defs[] = { .model_id = "Intel Core Processor (Broadwell)", }, { + .name = "Broadwell-IBRS", + .level = 0xd, + .vendor = CPUID_VENDOR_INTEL, + .family = 6, + .model = 61, + .stepping = 2, + .features[FEAT_1_EDX] = + CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | + CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | + CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | + CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | + CPUID_DE | CPUID_FP87, + .features[FEAT_1_ECX] = + CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES | + CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 | + CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | + CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 | + CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE | + CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND, + .features[FEAT_8000_0001_EDX] = + CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX | + CPUID_EXT2_SYSCALL, + .features[FEAT_8000_0001_ECX] = + CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH, + .features[FEAT_7_0_EDX] = + CPUID_7_0_EDX_SPEC_CTRL, + .features[FEAT_7_0_EBX] = + CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | + CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP | + CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID | + CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX | + CPUID_7_0_EBX_SMAP, + .features[FEAT_XSAVE] = + CPUID_XSAVE_XSAVEOPT, + .features[FEAT_6_EAX] = + CPUID_6_EAX_ARAT, + .xlevel = 0x80000008, + .model_id = "Intel Core Processor (Broadwell, IBRS)", + }, + { .name = "Skylake-Client", .level = 0xd, .vendor = CPUID_VENDOR_INTEL, @@ -1386,6 +1666,53 @@ static X86CPUDefinition builtin_x86_defs[] = { .model_id = "Intel Core Processor (Skylake)", }, { + .name = "Skylake-Client-IBRS", + .level = 0xd, + .vendor = CPUID_VENDOR_INTEL, + .family = 6, + .model = 94, + .stepping = 3, + .features[FEAT_1_EDX] = + CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | + CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | + CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | + CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | + CPUID_DE | CPUID_FP87, + .features[FEAT_1_ECX] = + CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES | + CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 | + CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | + CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 | + CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE | + CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND, + .features[FEAT_8000_0001_EDX] = + CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX | + CPUID_EXT2_SYSCALL, + .features[FEAT_8000_0001_ECX] = + CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH, + .features[FEAT_7_0_EDX] = + CPUID_7_0_EDX_SPEC_CTRL, + .features[FEAT_7_0_EBX] = + CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | + CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP | + CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID | + CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX | + CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_MPX, + /* Missing: XSAVES (not supported by some Linux versions, + * including v4.1 to v4.12). + * KVM doesn't yet expose any XSAVES state save component, + * and the only one defined in Skylake (processor tracing) + * probably will block migration anyway. + */ + .features[FEAT_XSAVE] = + CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC | + CPUID_XSAVE_XGETBV1, + .features[FEAT_6_EAX] = + CPUID_6_EAX_ARAT, + .xlevel = 0x80000008, + .model_id = "Intel Core Processor (Skylake, IBRS)", + }, + { .name = "Skylake-Server", .level = 0xd, .vendor = CPUID_VENDOR_INTEL, @@ -1434,6 +1761,56 @@ static X86CPUDefinition builtin_x86_defs[] = { .model_id = "Intel Xeon Processor (Skylake)", }, { + .name = "Skylake-Server-IBRS", + .level = 0xd, + .vendor = CPUID_VENDOR_INTEL, + .family = 6, + .model = 85, + .stepping = 4, + .features[FEAT_1_EDX] = + CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | + CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | + CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | + CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | + CPUID_DE | CPUID_FP87, + .features[FEAT_1_ECX] = + CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES | + CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 | + CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | + CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 | + CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE | + CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND, + .features[FEAT_8000_0001_EDX] = + CPUID_EXT2_LM | CPUID_EXT2_PDPE1GB | CPUID_EXT2_RDTSCP | + CPUID_EXT2_NX | CPUID_EXT2_SYSCALL, + .features[FEAT_8000_0001_ECX] = + CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH, + .features[FEAT_7_0_EDX] = + CPUID_7_0_EDX_SPEC_CTRL, + .features[FEAT_7_0_EBX] = + CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | + CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP | + CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID | + CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX | + CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_MPX | CPUID_7_0_EBX_CLWB | + CPUID_7_0_EBX_AVX512F | CPUID_7_0_EBX_AVX512DQ | + CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512CD | + CPUID_7_0_EBX_AVX512VL, + /* Missing: XSAVES (not supported by some Linux versions, + * including v4.1 to v4.12). + * KVM doesn't yet expose any XSAVES state save component, + * and the only one defined in Skylake (processor tracing) + * probably will block migration anyway. + */ + .features[FEAT_XSAVE] = + CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC | + CPUID_XSAVE_XGETBV1, + .features[FEAT_6_EAX] = + CPUID_6_EAX_ARAT, + .xlevel = 0x80000008, + .model_id = "Intel Xeon Processor (Skylake, IBRS)", + }, + { .name = "Opteron_G1", .level = 5, .vendor = CPUID_VENDOR_AMD, @@ -1607,6 +1984,52 @@ static X86CPUDefinition builtin_x86_defs[] = { .xlevel = 0x8000000A, .model_id = "AMD EPYC Processor", }, + { + .name = "EPYC-IBPB", + .level = 0xd, + .vendor = CPUID_VENDOR_AMD, + .family = 23, + .model = 1, + .stepping = 2, + .features[FEAT_1_EDX] = + CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | CPUID_CLFLUSH | + CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | CPUID_PGE | + CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | CPUID_MCE | + CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | CPUID_DE | + CPUID_VME | CPUID_FP87, + .features[FEAT_1_ECX] = + CPUID_EXT_RDRAND | CPUID_EXT_F16C | CPUID_EXT_AVX | + CPUID_EXT_XSAVE | CPUID_EXT_AES | CPUID_EXT_POPCNT | + CPUID_EXT_MOVBE | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 | + CPUID_EXT_CX16 | CPUID_EXT_FMA | CPUID_EXT_SSSE3 | + CPUID_EXT_MONITOR | CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3, + .features[FEAT_8000_0001_EDX] = + CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_PDPE1GB | + CPUID_EXT2_FFXSR | CPUID_EXT2_MMXEXT | CPUID_EXT2_NX | + CPUID_EXT2_SYSCALL, + .features[FEAT_8000_0001_ECX] = + CPUID_EXT3_OSVW | CPUID_EXT3_3DNOWPREFETCH | + CPUID_EXT3_MISALIGNSSE | CPUID_EXT3_SSE4A | CPUID_EXT3_ABM | + CPUID_EXT3_CR8LEG | CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM, + .features[FEAT_8000_0008_EBX] = + CPUID_8000_0008_EBX_IBPB, + .features[FEAT_7_0_EBX] = + CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_AVX2 | + CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_RDSEED | + CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLFLUSHOPT | + CPUID_7_0_EBX_SHA_NI, + /* Missing: XSAVES (not supported by some Linux versions, + * including v4.1 to v4.12). + * KVM doesn't yet expose any XSAVES state save component. + */ + .features[FEAT_XSAVE] = + CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC | + CPUID_XSAVE_XGETBV1, + .features[FEAT_6_EAX] = + CPUID_6_EAX_ARAT, + .xlevel = 0x8000000A, + .model_id = "AMD EPYC Processor (with IBPB)", + }, }; typedef struct PropValue { diff --git a/target/i386/cpu.h b/target/i386/cpu.h index f2686d5..eb77e85 100644 --- a/target/i386/cpu.h +++ b/target/i386/cpu.h @@ -643,6 +643,9 @@ typedef uint32_t FeatureWordArray[FEATURE_WORDS]; #define CPUID_7_0_EDX_AVX512_4VNNIW (1U << 2) /* AVX512 Neural Network Instructions */ #define CPUID_7_0_EDX_AVX512_4FMAPS (1U << 3) /* AVX512 Multiply Accumulation Single Precision */ +#define CPUID_7_0_EDX_SPEC_CTRL (1U << 26) /* Indirect Branch - Restrict Speculation */ + +#define CPUID_8000_0008_EBX_IBPB (1U << 12) /* Indirect Branch Prediction Barrier */ #define CPUID_XSAVE_XSAVEOPT (1U << 0) #define CPUID_XSAVE_XSAVEC (1U << 1) -- 1.8.3.1