From 99bea685f74bdebb8df0806149c82ae6fb55e7ae Mon Sep 17 00:00:00 2001 From: Eduardo Habkost Date: Wed, 13 Dec 2017 15:48:13 -0200 Subject: [PATCH 3/3] target-i386: cpu: add new CPU models for indirect branch predictor restrictions RH-Author: Eduardo Habkost Message-id: <20171213174813.21283-4-ehabkost@redhat.com> Patchwork-id: n/a O-Subject: [CONFIDENTIAL][RHEL-7.4.z qemu-kvm-rhev PATCH v2 3/3] target-i386: cpu: add new CPU models for indirect branch predictor restrictions Bugzilla: CVE-2017-5715 RH-Acked-by: Paolo Bonzini RH-Acked-by: Miroslav Rezanina RH-Acked-by: Wainer dos Santos Moschetta To ensure the New CPU models won't introduce any unexpected changes except for the spec-ctrl feature (even if people are running older machine-types), copy all compat_props entries for existing CPU models to their *-IBRS versions. The only entries that are not being copied are the ones touching "(min-)level" and "(min-)xlevel" because it's an expected result of the CPU model change (otherwise the spec-ctrl feature would remain unavailable to the guest). The entries that had to be copied can be found using: $ git grep -E 'Nehalem|Westmere|SandyBridge|IvyBridge|Haswell-noTSX|Haswell|Broadwell-noTSX|Broadwell|Skylake-Client|Skylake-Server|EPYC' Note that the upstream-only PC_COMPAT_* macros are not being touched as they are not used by the RHEL machine-types. --- hw/i386/pc_piix.c | 100 ++++++++++++++++ include/hw/i386/pc.h | 75 ++++++++++++ target/i386/cpu.c | 329 ++++++++++++++++++++++++++++++++++++++++++++++++++- target/i386/cpu.h | 3 + 4 files changed, 506 insertions(+), 1 deletion(-) diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c index a9d4769..bbc6e66 100644 --- a/hw/i386/pc_piix.c +++ b/hw/i386/pc_piix.c @@ -1423,96 +1423,191 @@ DEFINE_PC_MACHINE(rhel700, "pc-i440fx-rhel7.0.0", pc_init_rhel700, .property = "x2apic",\ .value = "on",\ },\ + { /* PC_RHEL6_6_COMPAT (copied from the entry above) */ \ + .driver = "Nehalem-IBRS" "-" TYPE_X86_CPU,\ + .property = "x2apic",\ + .value = "on",\ + },\ {\ .driver = "Westmere" "-" TYPE_X86_CPU,\ .property = "x2apic",\ .value = "on",\ },\ + { /* PC_RHEL6_6_COMPAT (copied from the entry above) */ \ + .driver = "Westmere-IBRS" "-" TYPE_X86_CPU,\ + .property = "x2apic",\ + .value = "on",\ + },\ {\ .driver = "Westmere" "-" TYPE_X86_CPU,\ .property = "pclmulqdq",\ .value = "off",\ },\ + { /* PC_RHEL6_6_COMPAT (copied from the entry above) */ \ + .driver = "Westmere-IBRS" "-" TYPE_X86_CPU,\ + .property = "pclmulqdq",\ + .value = "off",\ + },\ {\ .driver = "Westmere" "-" TYPE_X86_CPU,\ .property = "fxsr",\ .value = "on",\ },\ + { /* PC_RHEL6_6_COMPAT (copied from the entry above) */ \ + .driver = "Westmere-IBRS" "-" TYPE_X86_CPU,\ + .property = "fxsr",\ + .value = "on",\ + },\ {\ .driver = "Westmere" "-" TYPE_X86_CPU,\ .property = "mmx",\ .value = "on",\ },\ + { /* PC_RHEL6_6_COMPAT (copied from the entry above) */ \ + .driver = "Westmere-IBRS" "-" TYPE_X86_CPU,\ + .property = "mmx",\ + .value = "on",\ + },\ {\ .driver = "Westmere" "-" TYPE_X86_CPU,\ .property = "pat",\ .value = "on",\ },\ + { /* PC_RHEL6_6_COMPAT (copied from the entry above) */ \ + .driver = "Westmere-IBRS" "-" TYPE_X86_CPU,\ + .property = "pat",\ + .value = "on",\ + },\ {\ .driver = "Westmere" "-" TYPE_X86_CPU,\ .property = "cmov",\ .value = "on",\ },\ + { /* PC_RHEL6_6_COMPAT (copied from the entry above) */ \ + .driver = "Westmere-IBRS" "-" TYPE_X86_CPU,\ + .property = "cmov",\ + .value = "on",\ + },\ {\ .driver = "Westmere" "-" TYPE_X86_CPU,\ .property = "pge",\ .value = "on",\ },\ + { /* PC_RHEL6_6_COMPAT (copied from the entry above) */ \ + .driver = "Westmere-IBRS" "-" TYPE_X86_CPU,\ + .property = "pge",\ + .value = "on",\ + },\ {\ .driver = "Westmere" "-" TYPE_X86_CPU,\ .property = "apic",\ .value = "on",\ },\ + { /* PC_RHEL6_6_COMPAT (copied from the entry above) */ \ + .driver = "Westmere-IBRS" "-" TYPE_X86_CPU,\ + .property = "apic",\ + .value = "on",\ + },\ {\ .driver = "Westmere" "-" TYPE_X86_CPU,\ .property = "cx8",\ .value = "on",\ },\ + { /* PC_RHEL6_6_COMPAT (copied from the entry above) */ \ + .driver = "Westmere-IBRS" "-" TYPE_X86_CPU,\ + .property = "cx8",\ + .value = "on",\ + },\ {\ .driver = "Westmere" "-" TYPE_X86_CPU,\ .property = "mce",\ .value = "on",\ },\ + { /* PC_RHEL6_6_COMPAT (copied from the entry above) */ \ + .driver = "Westmere-IBRS" "-" TYPE_X86_CPU,\ + .property = "mce",\ + .value = "on",\ + },\ {\ .driver = "Westmere" "-" TYPE_X86_CPU,\ .property = "pae",\ .value = "on",\ },\ + { /* PC_RHEL6_6_COMPAT (copied from the entry above) */ \ + .driver = "Westmere-IBRS" "-" TYPE_X86_CPU,\ + .property = "pae",\ + .value = "on",\ + },\ {\ .driver = "Westmere" "-" TYPE_X86_CPU,\ .property = "msr",\ .value = "on",\ },\ + { /* PC_RHEL6_6_COMPAT (copied from the entry above) */ \ + .driver = "Westmere-IBRS" "-" TYPE_X86_CPU,\ + .property = "msr",\ + .value = "on",\ + },\ {\ .driver = "Westmere" "-" TYPE_X86_CPU,\ .property = "tsc",\ .value = "on",\ },\ + { /* PC_RHEL6_6_COMPAT (copied from the entry above) */ \ + .driver = "Westmere-IBRS" "-" TYPE_X86_CPU,\ + .property = "tsc",\ + .value = "on",\ + },\ {\ .driver = "Westmere" "-" TYPE_X86_CPU,\ .property = "pse",\ .value = "on",\ },\ + { /* PC_RHEL6_6_COMPAT (copied from the entry above) */ \ + .driver = "Westmere-IBRS" "-" TYPE_X86_CPU,\ + .property = "pse",\ + .value = "on",\ + },\ {\ .driver = "Westmere" "-" TYPE_X86_CPU,\ .property = "de",\ .value = "on",\ },\ + { /* PC_RHEL6_6_COMPAT (copied from the entry above) */ \ + .driver = "Westmere-IBRS" "-" TYPE_X86_CPU,\ + .property = "de",\ + .value = "on",\ + },\ {\ .driver = "Westmere" "-" TYPE_X86_CPU,\ .property = "fpu",\ .value = "on",\ },\ + { /* PC_RHEL6_6_COMPAT (copied from the entry above) */ \ + .driver = "Westmere-IBRS" "-" TYPE_X86_CPU,\ + .property = "fpu",\ + .value = "on",\ + },\ {\ .driver = "Broadwell" "-" TYPE_X86_CPU,\ .property = "rdtscp",\ .value = "off",\ },\ + { /* PC_RHEL6_6_COMPAT (copied from the entry above) */ \ + .driver = "Broadwell-IBRS" "-" TYPE_X86_CPU,\ + .property = "rdtscp",\ + .value = "off",\ + },\ {\ .driver = "Broadwell" "-" TYPE_X86_CPU,\ .property = "smap",\ .value = "off",\ },\ + { /* PC_RHEL6_6_COMPAT (copied from the entry above) */ \ + .driver = "Broadwell-IBRS" "-" TYPE_X86_CPU,\ + .property = "smap",\ + .value = "off",\ + },\ {\ .driver = TYPE_X86_CPU,\ .property = "rdtscp",\ @@ -1731,6 +1826,11 @@ DEFINE_PC_MACHINE(rhel640, "rhel6.4.0", pc_init_rhel640, .driver = "SandyBridge" "-" TYPE_X86_CPU,\ .property = "tsc-deadline",\ .value = "off",\ + },\ + { /* PC_RHEL6_3_COMPAT (copied from the entry above) */ \ + .driver = "SandyBridge-IBRS" "-" TYPE_X86_CPU,\ + .property = "tsc-deadline",\ + .value = "off",\ }, static void pc_compat_rhel630(MachineState *machine) diff --git a/include/hw/i386/pc.h b/include/hw/i386/pc.h index 3944e40..f9a5bca 100644 --- a/include/hw/i386/pc.h +++ b/include/hw/i386/pc.h @@ -1080,21 +1080,41 @@ extern void igd_passthrough_isa_bridge_create(PCIBus *bus, uint16_t gpu_dev_id); .property = "abm",\ .value = "off",\ },\ + { /* PC_RHEL7_2_COMPAT (copied from the entry above) */ \ + .driver = "Haswell-IBRS" "-" TYPE_X86_CPU,\ + .property = "abm",\ + .value = "off",\ + },\ { /* PC_RHEL7_2_COMPAT */ \ .driver = "Haswell-noTSX-" TYPE_X86_CPU,\ .property = "abm",\ .value = "off",\ },\ + { /* PC_RHEL7_2_COMPAT (copied from the entry above) */ \ + .driver = "Haswell-noTSX-IBRS" "-" TYPE_X86_CPU,\ + .property = "abm",\ + .value = "off",\ + },\ { /* PC_RHEL7_2_COMPAT */ \ .driver = "Broadwell-" TYPE_X86_CPU,\ .property = "abm",\ .value = "off",\ },\ + { /* PC_RHEL7_2_COMPAT (copied from the entry above) */ \ + .driver = "Broadwell-IBRS" "-" TYPE_X86_CPU,\ + .property = "abm",\ + .value = "off",\ + },\ { /* PC_RHEL7_2_COMPAT */ \ .driver = "Broadwell-noTSX-" TYPE_X86_CPU,\ .property = "abm",\ .value = "off",\ },\ + { /* PC_RHEL7_2_COMPAT (copied from the entry above) */ \ + .driver = "Broadwell-noTSX-IBRS" "-" TYPE_X86_CPU,\ + .property = "abm",\ + .value = "off",\ + },\ { /* PC_RHEL7_2_COMPAT */ \ .driver = "host" "-" TYPE_X86_CPU,\ .property = "host-cache-info",\ @@ -1160,26 +1180,51 @@ extern void igd_passthrough_isa_bridge_create(PCIBus *bus, uint16_t gpu_dev_id); .property = "vme",\ .value = "off",\ },\ + { /* PC_RHEL7_1_COMPAT (copied from the entry above) */ \ + .driver = "Nehalem-IBRS" "-" TYPE_X86_CPU,\ + .property = "vme",\ + .value = "off",\ + },\ {\ .driver = "Westmere" "-" TYPE_X86_CPU,\ .property = "vme",\ .value = "off",\ },\ + { /* PC_RHEL7_1_COMPAT (copied from the entry above) */ \ + .driver = "Westmere-IBRS" "-" TYPE_X86_CPU,\ + .property = "vme",\ + .value = "off",\ + },\ {\ .driver = "SandyBridge" "-" TYPE_X86_CPU,\ .property = "vme",\ .value = "off",\ },\ + { /* PC_RHEL7_1_COMPAT (copied from the entry above) */ \ + .driver = "SandyBridge-IBRS" "-" TYPE_X86_CPU,\ + .property = "vme",\ + .value = "off",\ + },\ {\ .driver = "Haswell" "-" TYPE_X86_CPU,\ .property = "vme",\ .value = "off",\ },\ + { /* PC_RHEL7_1_COMPAT (copied from the entry above) */ \ + .driver = "Haswell-IBRS" "-" TYPE_X86_CPU,\ + .property = "vme",\ + .value = "off",\ + },\ {\ .driver = "Broadwell" "-" TYPE_X86_CPU,\ .property = "vme",\ .value = "off",\ },\ + { /* PC_RHEL7_1_COMPAT (copied from the entry above) */ \ + .driver = "Broadwell-IBRS" "-" TYPE_X86_CPU,\ + .property = "vme",\ + .value = "off",\ + },\ {\ .driver = "Opteron_G1" "-" TYPE_X86_CPU,\ .property = "vme",\ @@ -1210,21 +1255,41 @@ extern void igd_passthrough_isa_bridge_create(PCIBus *bus, uint16_t gpu_dev_id); .property = "f16c",\ .value = "off",\ },\ + { /* PC_RHEL7_1_COMPAT (copied from the entry above) */ \ + .driver = "Haswell-IBRS" "-" TYPE_X86_CPU,\ + .property = "f16c",\ + .value = "off",\ + },\ {\ .driver = "Haswell" "-" TYPE_X86_CPU,\ .property = "rdrand",\ .value = "off",\ },\ + { /* PC_RHEL7_1_COMPAT (copied from the entry above) */ \ + .driver = "Haswell-IBRS" "-" TYPE_X86_CPU,\ + .property = "rdrand",\ + .value = "off",\ + },\ {\ .driver = "Broadwell" "-" TYPE_X86_CPU,\ .property = "f16c",\ .value = "off",\ },\ + { /* PC_RHEL7_1_COMPAT (copied from the entry above) */ \ + .driver = "Broadwell-IBRS" "-" TYPE_X86_CPU,\ + .property = "f16c",\ + .value = "off",\ + },\ {\ .driver = "Broadwell" "-" TYPE_X86_CPU,\ .property = "rdrand",\ .value = "off",\ },\ + { /* PC_RHEL7_1_COMPAT (copied from the entry above) */ \ + .driver = "Broadwell-IBRS" "-" TYPE_X86_CPU,\ + .property = "rdrand",\ + .value = "off",\ + },\ {\ .driver = "coreduo" "-" TYPE_X86_CPU,\ .property = "vmx",\ @@ -1393,11 +1458,21 @@ extern void igd_passthrough_isa_bridge_create(PCIBus *bus, uint16_t gpu_dev_id); .property = "x2apic",\ .value = "on",\ },\ + { /* PC_RHEL7_0_COMPAT (copied from the entry above) */ \ + .driver = "Nehalem-IBRS" "-" TYPE_X86_CPU,\ + .property = "x2apic",\ + .value = "on",\ + },\ {\ .driver = "Westmere" "-" TYPE_X86_CPU,\ .property = "x2apic",\ .value = "on",\ },\ + { /* PC_RHEL7_0_COMPAT (copied from the entry above) */ \ + .driver = "Westmere-IBRS" "-" TYPE_X86_CPU,\ + .property = "x2apic",\ + .value = "on",\ + },\ {\ .driver = "Opteron_G1" "-" TYPE_X86_CPU,\ .property = "x2apic",\ diff --git a/target/i386/cpu.c b/target/i386/cpu.c index 30abc47..18b3813 100644 --- a/target/i386/cpu.c +++ b/target/i386/cpu.c @@ -1106,6 +1106,31 @@ static X86CPUDefinition builtin_x86_defs[] = { .model_id = "Intel Core i7 9xx (Nehalem Class Core i7)", }, { + .name = "Nehalem-IBRS", + .level = 11, + .vendor = CPUID_VENDOR_INTEL, + .family = 6, + .model = 26, + .stepping = 3, + .features[FEAT_1_EDX] = + CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | + CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | + CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | + CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | + CPUID_DE | CPUID_FP87, + .features[FEAT_1_ECX] = + CPUID_EXT_POPCNT | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 | + CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | CPUID_EXT_SSE3, + .features[FEAT_7_0_EDX] = + CPUID_7_0_EDX_SPEC_CTRL, + .features[FEAT_8000_0001_EDX] = + CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX, + .features[FEAT_8000_0001_ECX] = + CPUID_EXT3_LAHF_LM, + .xlevel = 0x80000008, + .model_id = "Intel Core i7 9xx (Nehalem Core i7, IBRS update)", + }, + { .name = "Westmere", .level = 11, .vendor = CPUID_VENDOR_INTEL, @@ -1132,6 +1157,34 @@ static X86CPUDefinition builtin_x86_defs[] = { .model_id = "Westmere E56xx/L56xx/X56xx (Nehalem-C)", }, { + .name = "Westmere-IBRS", + .level = 11, + .vendor = CPUID_VENDOR_INTEL, + .family = 6, + .model = 44, + .stepping = 1, + .features[FEAT_1_EDX] = + CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | + CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | + CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | + CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | + CPUID_DE | CPUID_FP87, + .features[FEAT_1_ECX] = + CPUID_EXT_AES | CPUID_EXT_POPCNT | CPUID_EXT_SSE42 | + CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | + CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3, + .features[FEAT_8000_0001_EDX] = + CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX, + .features[FEAT_8000_0001_ECX] = + CPUID_EXT3_LAHF_LM, + .features[FEAT_7_0_EDX] = + CPUID_7_0_EDX_SPEC_CTRL, + .features[FEAT_6_EAX] = + CPUID_6_EAX_ARAT, + .xlevel = 0x80000008, + .model_id = "Westmere E56xx/L56xx/X56xx (IBRS update)", + }, + { .name = "SandyBridge", .level = 0xd, .vendor = CPUID_VENDOR_INTEL, @@ -1163,6 +1216,39 @@ static X86CPUDefinition builtin_x86_defs[] = { .model_id = "Intel Xeon E312xx (Sandy Bridge)", }, { + .name = "SandyBridge-IBRS", + .level = 0xd, + .vendor = CPUID_VENDOR_INTEL, + .family = 6, + .model = 42, + .stepping = 1, + .features[FEAT_1_EDX] = + CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | + CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | + CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | + CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | + CPUID_DE | CPUID_FP87, + .features[FEAT_1_ECX] = + CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES | + CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_POPCNT | + CPUID_EXT_X2APIC | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 | + CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | CPUID_EXT_PCLMULQDQ | + CPUID_EXT_SSE3, + .features[FEAT_8000_0001_EDX] = + CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX | + CPUID_EXT2_SYSCALL, + .features[FEAT_8000_0001_ECX] = + CPUID_EXT3_LAHF_LM, + .features[FEAT_7_0_EDX] = + CPUID_7_0_EDX_SPEC_CTRL, + .features[FEAT_XSAVE] = + CPUID_XSAVE_XSAVEOPT, + .features[FEAT_6_EAX] = + CPUID_6_EAX_ARAT, + .xlevel = 0x80000008, + .model_id = "Intel Xeon E312xx (Sandy Bridge, IBRS update)", + }, + { .name = "IvyBridge", .level = 0xd, .vendor = CPUID_VENDOR_INTEL, @@ -1197,6 +1283,42 @@ static X86CPUDefinition builtin_x86_defs[] = { .model_id = "Intel Xeon E3-12xx v2 (Ivy Bridge)", }, { + .name = "IvyBridge-IBRS", + .level = 0xd, + .vendor = CPUID_VENDOR_INTEL, + .family = 6, + .model = 58, + .stepping = 9, + .features[FEAT_1_EDX] = + CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | + CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | + CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | + CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | + CPUID_DE | CPUID_FP87, + .features[FEAT_1_ECX] = + CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES | + CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_POPCNT | + CPUID_EXT_X2APIC | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 | + CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | CPUID_EXT_PCLMULQDQ | + CPUID_EXT_SSE3 | CPUID_EXT_F16C | CPUID_EXT_RDRAND, + .features[FEAT_7_0_EBX] = + CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_SMEP | + CPUID_7_0_EBX_ERMS, + .features[FEAT_8000_0001_EDX] = + CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX | + CPUID_EXT2_SYSCALL, + .features[FEAT_8000_0001_ECX] = + CPUID_EXT3_LAHF_LM, + .features[FEAT_7_0_EDX] = + CPUID_7_0_EDX_SPEC_CTRL, + .features[FEAT_XSAVE] = + CPUID_XSAVE_XSAVEOPT, + .features[FEAT_6_EAX] = + CPUID_6_EAX_ARAT, + .xlevel = 0x80000008, + .model_id = "Intel Xeon E3-12xx v2 (Ivy Bridge, IBRS)", + }, + { .name = "Haswell-noTSX", .level = 0xd, .vendor = CPUID_VENDOR_INTEL, @@ -1231,7 +1353,46 @@ static X86CPUDefinition builtin_x86_defs[] = { CPUID_6_EAX_ARAT, .xlevel = 0x80000008, .model_id = "Intel Core Processor (Haswell, no TSX)", - }, { + }, + { + .name = "Haswell-noTSX-IBRS", + .level = 0xd, + .vendor = CPUID_VENDOR_INTEL, + .family = 6, + .model = 60, + .stepping = 1, + .features[FEAT_1_EDX] = + CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | + CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | + CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | + CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | + CPUID_DE | CPUID_FP87, + .features[FEAT_1_ECX] = + CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES | + CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 | + CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | + CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 | + CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE | + CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND, + .features[FEAT_8000_0001_EDX] = + CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX | + CPUID_EXT2_SYSCALL, + .features[FEAT_8000_0001_ECX] = + CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM, + .features[FEAT_7_0_EDX] = + CPUID_7_0_EDX_SPEC_CTRL, + .features[FEAT_7_0_EBX] = + CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | + CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP | + CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID, + .features[FEAT_XSAVE] = + CPUID_XSAVE_XSAVEOPT, + .features[FEAT_6_EAX] = + CPUID_6_EAX_ARAT, + .xlevel = 0x80000008, + .model_id = "Intel Core Processor (Haswell, no TSX, IBRS)", + }, + { .name = "Haswell", .level = 0xd, .vendor = CPUID_VENDOR_INTEL, @@ -1269,6 +1430,45 @@ static X86CPUDefinition builtin_x86_defs[] = { .model_id = "Intel Core Processor (Haswell)", }, { + .name = "Haswell-IBRS", + .level = 0xd, + .vendor = CPUID_VENDOR_INTEL, + .family = 6, + .model = 60, + .stepping = 4, + .features[FEAT_1_EDX] = + CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | + CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | + CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | + CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | + CPUID_DE | CPUID_FP87, + .features[FEAT_1_ECX] = + CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES | + CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 | + CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | + CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 | + CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE | + CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND, + .features[FEAT_8000_0001_EDX] = + CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX | + CPUID_EXT2_SYSCALL, + .features[FEAT_8000_0001_ECX] = + CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM, + .features[FEAT_7_0_EDX] = + CPUID_7_0_EDX_SPEC_CTRL, + .features[FEAT_7_0_EBX] = + CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | + CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP | + CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID | + CPUID_7_0_EBX_RTM, + .features[FEAT_XSAVE] = + CPUID_XSAVE_XSAVEOPT, + .features[FEAT_6_EAX] = + CPUID_6_EAX_ARAT, + .xlevel = 0x80000008, + .model_id = "Intel Core Processor (Haswell, IBRS)", + }, + { .name = "Broadwell-noTSX", .level = 0xd, .vendor = CPUID_VENDOR_INTEL, @@ -1307,6 +1507,46 @@ static X86CPUDefinition builtin_x86_defs[] = { .model_id = "Intel Core Processor (Broadwell, no TSX)", }, { + .name = "Broadwell-noTSX-IBRS", + .level = 0xd, + .vendor = CPUID_VENDOR_INTEL, + .family = 6, + .model = 61, + .stepping = 2, + .features[FEAT_1_EDX] = + CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | + CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | + CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | + CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | + CPUID_DE | CPUID_FP87, + .features[FEAT_1_ECX] = + CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES | + CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 | + CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | + CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 | + CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE | + CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND, + .features[FEAT_8000_0001_EDX] = + CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX | + CPUID_EXT2_SYSCALL, + .features[FEAT_8000_0001_ECX] = + CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH, + .features[FEAT_7_0_EDX] = + CPUID_7_0_EDX_SPEC_CTRL, + .features[FEAT_7_0_EBX] = + CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | + CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP | + CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID | + CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX | + CPUID_7_0_EBX_SMAP, + .features[FEAT_XSAVE] = + CPUID_XSAVE_XSAVEOPT, + .features[FEAT_6_EAX] = + CPUID_6_EAX_ARAT, + .xlevel = 0x80000008, + .model_id = "Intel Core Processor (Broadwell, no TSX, IBRS)", + }, + { .name = "Broadwell", .level = 0xd, .vendor = CPUID_VENDOR_INTEL, @@ -1345,6 +1585,46 @@ static X86CPUDefinition builtin_x86_defs[] = { .model_id = "Intel Core Processor (Broadwell)", }, { + .name = "Broadwell-IBRS", + .level = 0xd, + .vendor = CPUID_VENDOR_INTEL, + .family = 6, + .model = 61, + .stepping = 2, + .features[FEAT_1_EDX] = + CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | + CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | + CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | + CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | + CPUID_DE | CPUID_FP87, + .features[FEAT_1_ECX] = + CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES | + CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 | + CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | + CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 | + CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE | + CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND, + .features[FEAT_8000_0001_EDX] = + CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX | + CPUID_EXT2_SYSCALL, + .features[FEAT_8000_0001_ECX] = + CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH, + .features[FEAT_7_0_EDX] = + CPUID_7_0_EDX_SPEC_CTRL, + .features[FEAT_7_0_EBX] = + CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | + CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP | + CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID | + CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX | + CPUID_7_0_EBX_SMAP, + .features[FEAT_XSAVE] = + CPUID_XSAVE_XSAVEOPT, + .features[FEAT_6_EAX] = + CPUID_6_EAX_ARAT, + .xlevel = 0x80000008, + .model_id = "Intel Core Processor (Broadwell, IBRS)", + }, + { .name = "Skylake-Client", .level = 0xd, .vendor = CPUID_VENDOR_INTEL, @@ -1390,6 +1670,53 @@ static X86CPUDefinition builtin_x86_defs[] = { .model_id = "Intel Core Processor (Skylake)", }, { + .name = "Skylake-Client-IBRS", + .level = 0xd, + .vendor = CPUID_VENDOR_INTEL, + .family = 6, + .model = 94, + .stepping = 3, + .features[FEAT_1_EDX] = + CPUID_VME | CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | + CPUID_CLFLUSH | CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | + CPUID_PGE | CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | + CPUID_MCE | CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | + CPUID_DE | CPUID_FP87, + .features[FEAT_1_ECX] = + CPUID_EXT_AVX | CPUID_EXT_XSAVE | CPUID_EXT_AES | + CPUID_EXT_POPCNT | CPUID_EXT_X2APIC | CPUID_EXT_SSE42 | + CPUID_EXT_SSE41 | CPUID_EXT_CX16 | CPUID_EXT_SSSE3 | + CPUID_EXT_PCLMULQDQ | CPUID_EXT_SSE3 | + CPUID_EXT_TSC_DEADLINE_TIMER | CPUID_EXT_FMA | CPUID_EXT_MOVBE | + CPUID_EXT_PCID | CPUID_EXT_F16C | CPUID_EXT_RDRAND, + .features[FEAT_8000_0001_EDX] = + CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_NX | + CPUID_EXT2_SYSCALL, + .features[FEAT_8000_0001_ECX] = + CPUID_EXT3_ABM | CPUID_EXT3_LAHF_LM | CPUID_EXT3_3DNOWPREFETCH, + .features[FEAT_7_0_EDX] = + CPUID_7_0_EDX_SPEC_CTRL, + .features[FEAT_7_0_EBX] = + CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | + CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP | + CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID | + CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX | + CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_MPX, + /* Missing: XSAVES (not supported by some Linux versions, + * including v4.1 to v4.12). + * KVM doesn't yet expose any XSAVES state save component, + * and the only one defined in Skylake (processor tracing) + * probably will block migration anyway. + */ + .features[FEAT_XSAVE] = + CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC | + CPUID_XSAVE_XGETBV1, + .features[FEAT_6_EAX] = + CPUID_6_EAX_ARAT, + .xlevel = 0x80000008, + .model_id = "Intel Core Processor (Skylake, IBRS)", + }, + { .name = "Opteron_G1", .level = 5, .vendor = CPUID_VENDOR_AMD, diff --git a/target/i386/cpu.h b/target/i386/cpu.h index 5f69ad4..7f111d2 100644 --- a/target/i386/cpu.h +++ b/target/i386/cpu.h @@ -641,6 +641,9 @@ typedef uint32_t FeatureWordArray[FEATURE_WORDS]; #define CPUID_7_0_EDX_AVX512_4VNNIW (1U << 2) /* AVX512 Neural Network Instructions */ #define CPUID_7_0_EDX_AVX512_4FMAPS (1U << 3) /* AVX512 Multiply Accumulation Single Precision */ +#define CPUID_7_0_EDX_SPEC_CTRL (1U << 26) /* Indirect Branch - Restrict Speculation */ + +#define CPUID_8000_0008_EBX_IBPB (1U << 12) /* Indirect Branch Prediction Barrier */ #define CPUID_XSAVE_XSAVEOPT (1U << 0) #define CPUID_XSAVE_XSAVEC (1U << 1) -- 1.8.3.1