* [PATCH 1/3] target/i386: add new AMD EPYC models for GMET enablement
[not found] <20260330193428.1663253-1-jon@nutanix.com>
@ 2026-03-30 19:34 ` Jon Kohler
2026-03-30 19:34 ` [PATCH 2/3] target/i386: add new Intel models for MMIO/GDS/RFDS mitigation status Jon Kohler
2026-03-30 19:34 ` [PATCH 3/3] target/i386: add new Intel models for MBEC enablement Jon Kohler
2 siblings, 0 replies; 3+ messages in thread
From: Jon Kohler @ 2026-03-30 19:34 UTC (permalink / raw)
To: Paolo Bonzini, Zhao Liu, open list:All patches CC here
Cc: Jon Kohler, Babu Moger, Nikunj A Dadhania
Add models to expose Guest Mode Execute Trap (GMET) support,
and add CPUID_SVM_GMET header definition so that future EPYC
models can easily add default support.
New models are:
AMD EPYC-Milan-v4
AMD EPYC-Genoa-v3
AMD EPYC-Turin-v2
Cc: Babu Moger <babu.moger@amd.com>
Cc: Nikunj A Dadhania <nikunj@amd.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jon Kohler <jon@nutanix.com>
---
target/i386/cpu.c | 34 ++++++++++++++++++++++++++++++++++
target/i386/cpu.h | 1 +
2 files changed, 35 insertions(+)
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index d02f6f0653..6b1a3a9b98 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -6836,6 +6836,16 @@ static const X86CPUDefinition builtin_x86_defs[] = {
},
.cache_info = &epyc_milan_v3_cache_info
},
+ {
+ .version = 4,
+ .props = (PropValue[]) {
+ { "gmet", "on" },
+ { "model-id",
+ "AMD EPYC-Milan-v4 Processor" },
+ { /* end of list */ }
+ },
+ .cache_info = &epyc_milan_v3_cache_info
+ },
{ /* end of list */ }
}
},
@@ -6933,6 +6943,16 @@ static const X86CPUDefinition builtin_x86_defs[] = {
},
.cache_info = &epyc_genoa_v2_cache_info
},
+ {
+ .version = 3,
+ .props = (PropValue[]) {
+ { "gmet", "on" },
+ { "model-id",
+ "AMD EPYC-Genoa-v3 Processor" },
+ { /* end of list */ }
+ },
+ .cache_info = &epyc_genoa_v2_cache_info
+ },
{ /* end of list */ }
}
},
@@ -7163,6 +7183,20 @@ static const X86CPUDefinition builtin_x86_defs[] = {
.xlevel = 0x80000022,
.model_id = "AMD EPYC-Turin Processor",
.cache_info = &epyc_turin_cache_info,
+ .versions = (X86CPUVersionDefinition[]) {
+ { .version = 1 },
+ {
+ .version = 2,
+ .props = (PropValue[]) {
+ { "gmet", "on" },
+ { "model-id",
+ "AMD EPYC-Turin-v2 Processor" },
+ { /* end of list */ }
+ },
+ .cache_info = &epyc_turin_cache_info
+ },
+ { /* end of list */ }
+ }
},
};
diff --git a/target/i386/cpu.h b/target/i386/cpu.h
index 0b539155c4..6401028e70 100644
--- a/target/i386/cpu.h
+++ b/target/i386/cpu.h
@@ -879,6 +879,7 @@ uint64_t x86_cpu_get_supported_feature_word(X86CPU *cpu, FeatureWord w);
#define CPUID_SVM_AVIC (1U << 13)
#define CPUID_SVM_V_VMSAVE_VMLOAD (1U << 15)
#define CPUID_SVM_VGIF (1U << 16)
+#define CPUID_SVM_GMET (1U << 17)
#define CPUID_SVM_VNMI (1U << 25)
#define CPUID_SVM_SVME_ADDR_CHK (1U << 28)
--
2.43.0
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [PATCH 2/3] target/i386: add new Intel models for MMIO/GDS/RFDS mitigation status
[not found] <20260330193428.1663253-1-jon@nutanix.com>
2026-03-30 19:34 ` [PATCH 1/3] target/i386: add new AMD EPYC models for GMET enablement Jon Kohler
@ 2026-03-30 19:34 ` Jon Kohler
2026-03-30 19:34 ` [PATCH 3/3] target/i386: add new Intel models for MBEC enablement Jon Kohler
2 siblings, 0 replies; 3+ messages in thread
From: Jon Kohler @ 2026-03-30 19:34 UTC (permalink / raw)
To: Paolo Bonzini, Zhao Liu, open list:All patches CC here
Cc: Jon Kohler, Pawan Gupta
Add new bits to ARCH_CAPABILITIES MSR to enumerate the status of the
MMIO/GDS/RFDS mitigations on Cascade Lake, Ice Lake, Sapphire Rapids,
and Granite Rapids processors.
These have been advertised in Intel microcode updates for a while now,
but require user space to opt in to advertise them to guests.
New models are:
- Cascadelake-Server-v6
- Icelake-Server-v8
- SapphireRapids-v7 (note, already got MMIO fixes on commit [1])
- GraniteRapids-v6
[1] 3baf7ae63505 ("target/i386: Add few security fix bits in
ARCH_CAPABILITIES into SapphireRapids CPU model")
Cc: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Cc: Zhao Liu <zhao1.liu@intel.com>
Signed-off-by: Jon Kohler <jon@nutanix.com>
---
target/i386/cpu.c | 41 +++++++++++++++++++++++++++++++++++++++++
1 file changed, 41 insertions(+)
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index 6b1a3a9b98..aa7a91c0e3 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -4901,6 +4901,17 @@ static const X86CPUDefinition builtin_x86_defs[] = {
{ /* end of list */ }
},
},
+ { .version = 6,
+ .note = "with MMIO/GDS/RFDS mitigation status",
+ .props = (PropValue[]) {
+ { "fb-clear", "on" },
+ { "gds-no", "on" },
+ { "psdp-no", "on" },
+ { "rfds-no", "on" },
+ { "sbdr-ssdp-no", "on" },
+ { /* end of list */ }
+ },
+ },
{ /* end of list */ }
}
},
@@ -5183,6 +5194,18 @@ static const X86CPUDefinition builtin_x86_defs[] = {
{ /* end of list */ }
},
},
+ {
+ .version = 8,
+ .note = "with MMIO/GDS/RFDS mitigation status",
+ .props = (PropValue[]) {
+ { "fb-clear", "on" },
+ { "gds-no", "on" },
+ { "psdp-no", "on" },
+ { "rfds-no", "on" },
+ { "sbdr-ssdp-no", "on" },
+ { /* end of list */ }
+ },
+ },
{ /* end of list */ }
}
},
@@ -5360,6 +5383,15 @@ static const X86CPUDefinition builtin_x86_defs[] = {
{ /* end of list */ },
}
},
+ {
+ .version = 7,
+ .note = "with GDS and RFDS mitigation status",
+ .props = (PropValue[]) {
+ { "gds-no", "on" },
+ { "rfds-no", "on" },
+ { /* end of list */ },
+ }
+ },
{ /* end of list */ }
}
},
@@ -5541,6 +5573,15 @@ static const X86CPUDefinition builtin_x86_defs[] = {
{ /* end of list */ },
}
},
+ {
+ .version = 6,
+ .note = "with GDS and RFDS mitigation status",
+ .props = (PropValue[]) {
+ { "gds-no", "on" },
+ { "rfds-no", "on" },
+ { /* end of list */ },
+ }
+ },
{ /* end of list */ },
},
},
--
2.43.0
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [PATCH 3/3] target/i386: add new Intel models for MBEC enablement
[not found] <20260330193428.1663253-1-jon@nutanix.com>
2026-03-30 19:34 ` [PATCH 1/3] target/i386: add new AMD EPYC models for GMET enablement Jon Kohler
2026-03-30 19:34 ` [PATCH 2/3] target/i386: add new Intel models for MMIO/GDS/RFDS mitigation status Jon Kohler
@ 2026-03-30 19:34 ` Jon Kohler
2 siblings, 0 replies; 3+ messages in thread
From: Jon Kohler @ 2026-03-30 19:34 UTC (permalink / raw)
To: Paolo Bonzini, Zhao Liu, open list:All patches CC here; +Cc: Jon Kohler
Add models to expose Mode Based Execute Control (MBEC) support, which
is a Skylake++ feature.
Note: Future models can use VMX_SECONDARY_EXEC_MODE_BASED_EPT_EXEC to
easily add default support.
New models are:
- Skylake-Server-v6
- Cascadelake-Server-v7
- Icelake-Server-v9
- SapphireRapids-v8
- GraniteRapids-v7
- DiamondRapids-v2
- SierraForest-v6
- ClearwaterForest-v4
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Zhao Liu <zhao1.liu@intel.com>
Signed-off-by: Jon Kohler <jon@nutanix.com>
---
target/i386/cpu.c | 67 +++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 67 insertions(+)
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index aa7a91c0e3..0fc7132ef3 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -4767,6 +4767,14 @@ static const X86CPUDefinition builtin_x86_defs[] = {
{ /* end of list */ }
}
},
+ {
+ .version = 6,
+ .note = "with MBEC enabled",
+ .props = (PropValue[]) {
+ { "vmx-mbec", "on" },
+ { /* end of list */ }
+ }
+ },
{ /* end of list */ }
}
},
@@ -4912,6 +4920,13 @@ static const X86CPUDefinition builtin_x86_defs[] = {
{ /* end of list */ }
},
},
+ { .version = 7,
+ .note = "with MBEC enabled",
+ .props = (PropValue[]) {
+ { "vmx-mbec", "on" },
+ { /* end of list */ }
+ },
+ },
{ /* end of list */ }
}
},
@@ -5206,6 +5221,14 @@ static const X86CPUDefinition builtin_x86_defs[] = {
{ /* end of list */ }
},
},
+ {
+ .version = 9,
+ .note = "with MBEC enabled",
+ .props = (PropValue[]) {
+ { "vmx-mbec", "on" },
+ { /* end of list */ }
+ }
+ },
{ /* end of list */ }
}
},
@@ -5392,6 +5415,14 @@ static const X86CPUDefinition builtin_x86_defs[] = {
{ /* end of list */ },
}
},
+ {
+ .version = 8,
+ .note = "with MBEC enabled",
+ .props = (PropValue[]) {
+ { "vmx-mbec", "on" },
+ { /* end of list */ },
+ }
+ },
{ /* end of list */ }
}
},
@@ -5582,6 +5613,14 @@ static const X86CPUDefinition builtin_x86_defs[] = {
{ /* end of list */ },
}
},
+ {
+ .version = 7,
+ .note = "with MBEC enabled",
+ .props = (PropValue[]) {
+ { "vmx-mbec", "on" },
+ { /* end of list */ },
+ }
+ },
{ /* end of list */ },
},
},
@@ -5776,6 +5815,18 @@ static const X86CPUDefinition builtin_x86_defs[] = {
.features[FEAT_VMX_VMFUNC] = MSR_VMX_VMFUNC_EPT_SWITCHING,
.xlevel = 0x80000008,
.model_id = "Intel Xeon Processor (DiamondRapids)",
+ .versions = (X86CPUVersionDefinition[]) {
+ { .version = 1 },
+ {
+ .version = 2,
+ .note = "with MBEC enabled",
+ .props = (PropValue[]) {
+ { "vmx-mbec", "on" },
+ { /* end of list */ },
+ }
+ },
+ { /* end of list */ },
+ },
},
{
.name = "SierraForest",
@@ -5947,6 +5998,14 @@ static const X86CPUDefinition builtin_x86_defs[] = {
{ /* end of list */ },
}
},
+ {
+ .version = 6,
+ .note = "with MBEC enabled",
+ .props = (PropValue[]) {
+ { "vmx-mbec", "on" },
+ { /* end of list */ },
+ }
+ },
{ /* end of list */ },
},
},
@@ -6103,6 +6162,14 @@ static const X86CPUDefinition builtin_x86_defs[] = {
{ /* end of list */ },
}
},
+ {
+ .version = 4,
+ .note = "with MBEC enabled",
+ .props = (PropValue[]) {
+ { "vmx-mbec", "on" },
+ { /* end of list */ },
+ }
+ },
{ /* end of list */ },
},
},
--
2.43.0
^ permalink raw reply related [flat|nested] 3+ messages in thread
end of thread, other threads:[~2026-03-30 18:47 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <20260330193428.1663253-1-jon@nutanix.com>
2026-03-30 19:34 ` [PATCH 1/3] target/i386: add new AMD EPYC models for GMET enablement Jon Kohler
2026-03-30 19:34 ` [PATCH 2/3] target/i386: add new Intel models for MMIO/GDS/RFDS mitigation status Jon Kohler
2026-03-30 19:34 ` [PATCH 3/3] target/i386: add new Intel models for MBEC enablement Jon Kohler
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.