Re: [PATCH v2 0/5] KVM: x86: Expose Zhaoxin CPUID 0xC0000001 EDX cryptographic features

[Binbin Wu <binbin.wu@linux.intel.com>]

On 5/28/2026 11:22 AM, Ewan Hai wrote:
> This series exposes five groups of Zhaoxin-specific CPUID 0xC0000001 EDX
> feature bits to KVM guests. Each group corresponds to a category of
> unprivileged cryptographic or RNG instructions that have been present in
> Zhaoxin processors but not yet advertised by KVM.
> 
> All instructions covered here are unprivileged (no CPL restriction) and
> available in all CPU modes (real / V86 / compat / protected / long), with
> no associated MSR control. Each feature is reported as a (X, X_EN) pair
> where the two bits are redundant by hardware design (set or cleared
> together), and both are CPUID-level reporting bits requiring no KVM
> emulation.
> 
> The five feature groups:
> 
> 1. SM2 (bits 0, 1): SM2 elliptic-curve public-key cryptography algorithm
>    per GM/T 0003-2012. Used for key generation, encryption/decryption,
>    digital signatures, and key exchange in Chinese cryptographic
>    standards.
> 
> 2. CCS (bits 4, 5): SM3 hash algorithm per GM/T 0004-2012 and SM4 block
>    cipher per GM/T 0002-2012 (supports ECB / CBC / CFB / OFB / CTR plus
>    CBC-MAC / CFB-MAC). Foundational primitives for Chinese cryptographic
>    protocols.
> 
> 3. RNG2 (bits 22, 23): Second-generation hardware RNG exposed via the
>    REP XRNG2 instruction. Two on-die RNG sources selectable per call,
>    with raw and post-processed output modes. Provides high-quality
>    entropy for cryptographic operations.
> 
> 4. PHE2 (bits 25, 26): SHA-384 and SHA-512 hardware acceleration per
>    FIPS 180-3, exposed via REP XSHA384 and REP XSHA512. Used by TLS,
>    SSH, file integrity, and signature schemes.
> 
> 5. RSA (bits 27, 28): Big-number modular exponentiation (REP XMODEXP,
>    A^B mod M) and modular multiplication (REP MONTMUL2, A*B mod M),
>    supporting operand sizes from 256 to 32768 bits. Used for RSA and
>    related public-key operations.
> 
> References:
>   The instruction encodings, control-word formats, and per-feature
>   semantics referenced in the individual patches are documented in:
>     - GMI Instruction Set Reference (SM2 / SM3 / SM4)
>     - PadLock Instruction Reference (XRNG2 / XSHA384 / XSHA512 /
>       XMODEXP / MONTMUL2)
>   Both available from https://kib.kiev.ua/x86docs/Zhaoxin/
> 
> Changes since v1:
> - Move the X86_FEATURE_xx definitions from arch/x86/kvm/reverse_cpuid.h
>   into arch/x86/include/asm/cpufeatures.h, filling the unused bit
>   positions in word 5 (which is reserved for CPUID 0xC0000001 EDX),
>   per Sean's review feedback.
> - Tighten wording in each commit message: "user-mode" -> "unprivileged
>   (no CPL restriction)", since the instructions execute at any CPL.
> 
> v1: https://lore.kernel.org/all/20260513124846.1622462-1-ewandevelop@gmail.com/
> 
> Ewan Hai (5):
>   KVM: x86: Expose Zhaoxin SM2 CPUID feature
>   KVM: x86: Expose Zhaoxin CCS (SM3 + SM4) CPUID feature
>   KVM: x86: Expose Zhaoxin RNG2 CPUID feature
>   KVM: x86: Expose Zhaoxin PHE2 CPUID feature
>   KVM: x86: Expose Zhaoxin RSA CPUID feature
> 
>  arch/x86/include/asm/cpufeatures.h | 10 ++++++++++
>  arch/x86/kvm/cpuid.c               | 10 ++++++++++
>  2 files changed, 20 insertions(+)

Two nits in patch 2 and patch 4.

Otherwise,
Reviewed-by: Binbin Wu <binbin.wu@linux.intel.com>
> 
> 
> base-commit: 50897c955902c93ae71c38698abb910525ebdc89
> --
> 2.34.1
>