From: Ewan Hai <ewandevelop@gmail.com>
To: seanjc@google.com, pbonzini@redhat.com, tglx@kernel.org,
mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com,
x86@kernel.org, hpa@zytor.com, kvm@vger.kernel.org,
linux-kernel@vger.kernel.org
Cc: binbin.wu@linux.intel.com, ewanhai@zhaoxin.com,
cobechen@zhaoxin.com, tonywwang@zhaoxin.com
Subject: [PATCH v2 0/5] KVM: x86: Expose Zhaoxin CPUID 0xC0000001 EDX cryptographic features
Date: Thu, 28 May 2026 11:22:29 +0800 [thread overview]
Message-ID: <20260528032234.1322565-1-ewandevelop@gmail.com> (raw)
This series exposes five groups of Zhaoxin-specific CPUID 0xC0000001 EDX
feature bits to KVM guests. Each group corresponds to a category of
unprivileged cryptographic or RNG instructions that have been present in
Zhaoxin processors but not yet advertised by KVM.
All instructions covered here are unprivileged (no CPL restriction) and
available in all CPU modes (real / V86 / compat / protected / long), with
no associated MSR control. Each feature is reported as a (X, X_EN) pair
where the two bits are redundant by hardware design (set or cleared
together), and both are CPUID-level reporting bits requiring no KVM
emulation.
The five feature groups:
1. SM2 (bits 0, 1): SM2 elliptic-curve public-key cryptography algorithm
per GM/T 0003-2012. Used for key generation, encryption/decryption,
digital signatures, and key exchange in Chinese cryptographic
standards.
2. CCS (bits 4, 5): SM3 hash algorithm per GM/T 0004-2012 and SM4 block
cipher per GM/T 0002-2012 (supports ECB / CBC / CFB / OFB / CTR plus
CBC-MAC / CFB-MAC). Foundational primitives for Chinese cryptographic
protocols.
3. RNG2 (bits 22, 23): Second-generation hardware RNG exposed via the
REP XRNG2 instruction. Two on-die RNG sources selectable per call,
with raw and post-processed output modes. Provides high-quality
entropy for cryptographic operations.
4. PHE2 (bits 25, 26): SHA-384 and SHA-512 hardware acceleration per
FIPS 180-3, exposed via REP XSHA384 and REP XSHA512. Used by TLS,
SSH, file integrity, and signature schemes.
5. RSA (bits 27, 28): Big-number modular exponentiation (REP XMODEXP,
A^B mod M) and modular multiplication (REP MONTMUL2, A*B mod M),
supporting operand sizes from 256 to 32768 bits. Used for RSA and
related public-key operations.
References:
The instruction encodings, control-word formats, and per-feature
semantics referenced in the individual patches are documented in:
- GMI Instruction Set Reference (SM2 / SM3 / SM4)
- PadLock Instruction Reference (XRNG2 / XSHA384 / XSHA512 /
XMODEXP / MONTMUL2)
Both available from https://kib.kiev.ua/x86docs/Zhaoxin/
Changes since v1:
- Move the X86_FEATURE_xx definitions from arch/x86/kvm/reverse_cpuid.h
into arch/x86/include/asm/cpufeatures.h, filling the unused bit
positions in word 5 (which is reserved for CPUID 0xC0000001 EDX),
per Sean's review feedback.
- Tighten wording in each commit message: "user-mode" -> "unprivileged
(no CPL restriction)", since the instructions execute at any CPL.
v1: https://lore.kernel.org/all/20260513124846.1622462-1-ewandevelop@gmail.com/
Ewan Hai (5):
KVM: x86: Expose Zhaoxin SM2 CPUID feature
KVM: x86: Expose Zhaoxin CCS (SM3 + SM4) CPUID feature
KVM: x86: Expose Zhaoxin RNG2 CPUID feature
KVM: x86: Expose Zhaoxin PHE2 CPUID feature
KVM: x86: Expose Zhaoxin RSA CPUID feature
arch/x86/include/asm/cpufeatures.h | 10 ++++++++++
arch/x86/kvm/cpuid.c | 10 ++++++++++
2 files changed, 20 insertions(+)
base-commit: 50897c955902c93ae71c38698abb910525ebdc89
--
2.34.1
next reply other threads:[~2026-05-28 3:22 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-28 3:22 Ewan Hai [this message]
2026-05-28 3:22 ` [PATCH v2 1/5] KVM: x86: Expose Zhaoxin SM2 CPUID feature Ewan Hai
2026-05-28 3:42 ` sashiko-bot
2026-05-28 7:09 ` Ewan Hai
2026-05-28 12:49 ` Sean Christopherson
2026-05-28 13:35 ` Ewan Hai
2026-05-28 3:22 ` [PATCH v2 2/5] KVM: x86: Expose Zhaoxin CCS (SM3 + SM4) " Ewan Hai
2026-06-02 7:30 ` Binbin Wu
2026-06-02 7:49 ` Ewan Hai
2026-05-28 3:22 ` [PATCH v2 3/5] KVM: x86: Expose Zhaoxin RNG2 " Ewan Hai
2026-05-28 3:22 ` [PATCH v2 4/5] KVM: x86: Expose Zhaoxin PHE2 " Ewan Hai
2026-06-02 7:29 ` Binbin Wu
2026-05-28 3:22 ` [PATCH v2 5/5] KVM: x86: Expose Zhaoxin RSA " Ewan Hai
2026-05-28 5:03 ` sashiko-bot
2026-05-28 7:14 ` Ewan Hai
2026-06-02 7:32 ` [PATCH v2 0/5] KVM: x86: Expose Zhaoxin CPUID 0xC0000001 EDX cryptographic features Binbin Wu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260528032234.1322565-1-ewandevelop@gmail.com \
--to=ewandevelop@gmail.com \
--cc=binbin.wu@linux.intel.com \
--cc=bp@alien8.de \
--cc=cobechen@zhaoxin.com \
--cc=dave.hansen@linux.intel.com \
--cc=ewanhai@zhaoxin.com \
--cc=hpa@zytor.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=pbonzini@redhat.com \
--cc=seanjc@google.com \
--cc=tglx@kernel.org \
--cc=tonywwang@zhaoxin.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.