[PATCH v1 0/5] KVM: x86: Expose Zhaoxin CPUID 0xC0000001 EDX cryptographic features

[Ewan Hai <ewandevelop@gmail.com>]

NOTE: This is a clean repost. The original submission was sent through our
corporate SMTP relay, which appended a legal disclaimer and corrupted the
patch encoding, leaving the series unreadable. The previous thread has been
retracted:

  https://lore.kernel.org/all/20260513083042.1603237-1-ewanhai-oc@zhaoxin.com/

The patches below are functionally identical to that submission and have
not been technically modified; only the delivery path differs (and the
commit messages were lightly tidied up in the process).

---

This series exposes five groups of Zhaoxin-specific CPUID 0xC0000001 EDX
feature bits to KVM guests. Each group corresponds to a category of
user-mode cryptographic or RNG instructions that have been present in
Zhaoxin processors but not yet advertised by KVM.

All instructions covered here are user-mode and available in all CPU
modes (real / V86 / compat / protected / long), with no associated MSR
control. Each feature is reported as a (X, X_EN) pair where the two
bits are redundant by hardware design (set or cleared together), and both
are CPUID-level reporting bits requiring no KVM emulation.

The five feature groups:

1. SM2 (bits 0, 1): SM2 elliptic-curve public-key cryptography algorithm
   per GM/T 0003-2012. Used for key generation, encryption/decryption,
   digital signatures, and key exchange in Chinese cryptographic
   standards.

2. CCS (bits 4, 5): SM3 hash algorithm per GM/T 0004-2012 and SM4 block
   cipher per GM/T 0002-2012 (supports ECB / CBC / CFB / OFB / CTR plus
   CBC-MAC / CFB-MAC). Foundational primitives for Chinese cryptographic
   protocols.

3. RNG2 (bits 22, 23): Second-generation hardware RNG exposed via the
   REP XRNG2 instruction. Two on-die RNG sources selectable per call,
   with raw and post-processed output modes. Provides high-quality
   entropy for cryptographic operations.

4. PHE2 (bits 25, 26): SHA-384 and SHA-512 hardware acceleration per
   FIPS 180-3, exposed via REP XSHA384 and REP XSHA512. Used by TLS,
   SSH, file integrity, and signature schemes.

5. RSA (bits 27, 28): Big-number modular exponentiation (REP XMODEXP,
   A^B mod M) and modular multiplication (REP MONTMUL2, A*B mod M),
   supporting operand sizes from 256 to 32768 bits. Used for RSA and
   related public-key operations.

References:
  The instruction encodings, control-word formats, and per-feature
  semantics referenced in the individual patches are documented in:
    - GMI Instruction Set Reference (SM2 / SM3 / SM4)
    - PadLock Instruction Reference (XRNG2 / XSHA384 / XSHA512 /
      XMODEXP / MONTMUL2)
  Both available from https://kib.kiev.ua/x86docs/Zhaoxin/

Ewan Hai (5):
  KVM: x86: Expose Zhaoxin SM2 CPUID feature
  KVM: x86: Expose Zhaoxin CCS (SM3 + SM4) CPUID feature
  KVM: x86: Expose Zhaoxin RNG2 CPUID feature
  KVM: x86: Expose Zhaoxin PHE2 CPUID feature
  KVM: x86: Expose Zhaoxin RSA CPUID feature

 arch/x86/kvm/cpuid.c         | 10 ++++++++++
 arch/x86/kvm/reverse_cpuid.h | 12 ++++++++++++
 2 files changed, 22 insertions(+)


base-commit: 50897c955902c93ae71c38698abb910525ebdc89
--
2.34.1