From 81f5cad3858f27623b1b14467926032d229b76cc Mon Sep 17 00:00:00 2001 From: Xiaoyao Li Date: Mon, 15 Jan 2024 04:13:24 -0500 Subject: i386/cpu: Clear FEAT_XSAVE_XSS_LO/HI leafs when CPUID_EXT_XSAVE is not available Leaf FEAT_XSAVE_XSS_LO and FEAT_XSAVE_XSS_HI also need to be cleared when CPUID_EXT_XSAVE is not set. Fixes: 301e90675c3f ("target/i386: Enable support for XSAVES based features") Signed-off-by: Xiaoyao Li Reviewed-by: Yang Weijiang Message-ID: <20240115091325.1904229-2-xiaoyao.li@intel.com> Cc: qemu-stable@nongnu.org Signed-off-by: Paolo Bonzini --- target/i386/cpu.c | 2 ++ 1 file changed, 2 insertions(+) (limited to 'target') diff --git a/target/i386/cpu.c b/target/i386/cpu.c index 0cd32a6fce..800caeb593 100644 --- a/target/i386/cpu.c +++ b/target/i386/cpu.c @@ -6927,6 +6927,8 @@ static void x86_cpu_enable_xsave_components(X86CPU *cpu) if (!(env->features[FEAT_1_ECX] & CPUID_EXT_XSAVE)) { env->features[FEAT_XSAVE_XCR0_LO] = 0; env->features[FEAT_XSAVE_XCR0_HI] = 0; + env->features[FEAT_XSAVE_XSS_LO] = 0; + env->features[FEAT_XSAVE_XSS_HI] = 0; return; } -- cgit 1.4.1 From a11a365159b944e05be76f3ec3b98c8b38cb70fd Mon Sep 17 00:00:00 2001 From: Xiaoyao Li Date: Mon, 15 Jan 2024 04:13:25 -0500 Subject: i386/cpu: Mask with XCR0/XSS mask for FEAT_XSAVE_XCR0_HI and FEAT_XSAVE_XSS_HI leafs The value of FEAT_XSAVE_XCR0_HI leaf and FEAT_XSAVE_XSS_HI leaf also need to be masked by XCR0 and XSS mask respectively, to make it logically correct. Fixes: 301e90675c3f ("target/i386: Enable support for XSAVES based features") Signed-off-by: Xiaoyao Li Reviewed-by: Yang Weijiang Message-ID: <20240115091325.1904229-3-xiaoyao.li@intel.com> Cc: qemu-stable@nongnu.org Signed-off-by: Paolo Bonzini --- target/i386/cpu.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'target') diff --git a/target/i386/cpu.c b/target/i386/cpu.c index 800caeb593..3ce138fecb 100644 --- a/target/i386/cpu.c +++ b/target/i386/cpu.c @@ -6947,9 +6947,9 @@ static void x86_cpu_enable_xsave_components(X86CPU *cpu) } env->features[FEAT_XSAVE_XCR0_LO] = mask & CPUID_XSTATE_XCR0_MASK; - env->features[FEAT_XSAVE_XCR0_HI] = mask >> 32; + env->features[FEAT_XSAVE_XCR0_HI] = (mask & CPUID_XSTATE_XCR0_MASK) >> 32; env->features[FEAT_XSAVE_XSS_LO] = mask & CPUID_XSTATE_XSS_MASK; - env->features[FEAT_XSAVE_XSS_HI] = mask >> 32; + env->features[FEAT_XSAVE_XSS_HI] = (mask & CPUID_XSTATE_XSS_MASK) >> 32; } /***** Steps involved on loading and filtering CPUID data -- cgit 1.4.1 From eba978061ee5b19059db9603b97b007144617dc3 Mon Sep 17 00:00:00 2001 From: Xiaoyao Li Date: Tue, 24 Oct 2023 04:33:54 -0400 Subject: target/i386: Add support of KVM_FEATURE_ASYNC_PF_VMEXIT for guest KVM_FEATURE_ASYNC_PF_VMEXIT has been introduced for years, however QEMU doesn't support expose it to guest. Add support for it. Signed-off-by: Xiaoyao Li Message-ID: <20231024083354.1171308-1-xiaoyao.li@intel.com> Signed-off-by: Paolo Bonzini --- target/i386/cpu.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'target') diff --git a/target/i386/cpu.c b/target/i386/cpu.c index 3ce138fecb..bca776e1fe 100644 --- a/target/i386/cpu.c +++ b/target/i386/cpu.c @@ -857,7 +857,7 @@ FeatureWordInfo feature_word_info[FEATURE_WORDS] = { .feat_names = { "kvmclock", "kvm-nopiodelay", "kvm-mmu", "kvmclock", "kvm-asyncpf", "kvm-steal-time", "kvm-pv-eoi", "kvm-pv-unhalt", - NULL, "kvm-pv-tlb-flush", NULL, "kvm-pv-ipi", + NULL, "kvm-pv-tlb-flush", "kvm-asyncpf-vmexit", "kvm-pv-ipi", "kvm-poll-control", "kvm-pv-sched-yield", "kvm-asyncpf-int", "kvm-msi-ext-dest-id", NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, -- cgit 1.4.1 From 10f92799af8ba3c3cef2352adcd4780f13fbab31 Mon Sep 17 00:00:00 2001 From: Xiaoyao Li Date: Wed, 24 Jan 2024 21:40:14 -0500 Subject: i386/cpuid: Decrease cpuid_i when skipping CPUID leaf 1F Existing code misses a decrement of cpuid_i when skip leaf 0x1F. There's a blank CPUID entry(with leaf, subleaf as 0, and all fields stuffed 0s) left in the CPUID array. It conflicts with correct CPUID leaf 0. Signed-off-by: Xiaoyao Li Reviewed-by:Yang Weijiang Message-ID: <20240125024016.2521244-2-xiaoyao.li@intel.com> Cc: qemu-stable@nongnu.org Signed-off-by: Paolo Bonzini --- target/i386/kvm/kvm.c | 1 + 1 file changed, 1 insertion(+) (limited to 'target') diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c index 76a66246eb..dff9dedbd7 100644 --- a/target/i386/kvm/kvm.c +++ b/target/i386/kvm/kvm.c @@ -1914,6 +1914,7 @@ int kvm_arch_init_vcpu(CPUState *cs) } case 0x1f: if (env->nr_dies < 2) { + cpuid_i--; break; } /* fallthrough */ -- cgit 1.4.1 From a3b5376521a0de898440e8d0942b54e628f0949f Mon Sep 17 00:00:00 2001 From: Xiaoyao Li Date: Wed, 24 Jan 2024 21:40:15 -0500 Subject: i386/cpuid: Remove subleaf constraint on CPUID leaf 1F No such constraint that subleaf index needs to be less than 64. Signed-off-by: Xiaoyao Li Reviewed-by:Yang Weijiang Message-ID: <20240125024016.2521244-3-xiaoyao.li@intel.com> Signed-off-by: Paolo Bonzini --- target/i386/kvm/kvm.c | 4 ---- 1 file changed, 4 deletions(-) (limited to 'target') diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c index dff9dedbd7..9758c83693 100644 --- a/target/i386/kvm/kvm.c +++ b/target/i386/kvm/kvm.c @@ -1926,10 +1926,6 @@ int kvm_arch_init_vcpu(CPUState *cs) break; } - if (i == 0x1f && j == 64) { - break; - } - c->function = i; c->flags = KVM_CPUID_FLAG_SIGNIFCANT_INDEX; c->index = j; -- cgit 1.4.1 From 0729857c707535847d7fe31d3d91eb8b2a118e3c Mon Sep 17 00:00:00 2001 From: Xiaoyao Li Date: Wed, 24 Jan 2024 21:40:16 -0500 Subject: i386/cpuid: Move leaf 7 to correct group CPUID leaf 7 was grouped together with SGX leaf 0x12 by commit b9edbadefb9e ("i386: Propagate SGX CPUID sub-leafs to KVM") by mistake. SGX leaf 0x12 has its specific logic to check if subleaf (starting from 2) is valid or not by checking the bit 0:3 of corresponding EAX is 1 or not. Leaf 7 follows the logic that EAX of subleaf 0 enumerates the maximum valid subleaf. Fixes: b9edbadefb9e ("i386: Propagate SGX CPUID sub-leafs to KVM") Signed-off-by: Xiaoyao Li Message-ID: <20240125024016.2521244-4-xiaoyao.li@intel.com> Cc: qemu-stable@nongnu.org Signed-off-by: Paolo Bonzini --- target/i386/kvm/kvm.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'target') diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c index 9758c83693..42970ab046 100644 --- a/target/i386/kvm/kvm.c +++ b/target/i386/kvm/kvm.c @@ -1951,7 +1951,6 @@ int kvm_arch_init_vcpu(CPUState *cs) c = &cpuid_data.entries[cpuid_i++]; } break; - case 0x7: case 0x12: for (j = 0; ; j++) { c->function = i; @@ -1971,6 +1970,7 @@ int kvm_arch_init_vcpu(CPUState *cs) c = &cpuid_data.entries[cpuid_i++]; } break; + case 0x7: case 0x14: case 0x1d: case 0x1e: { -- cgit 1.4.1 From 99d0dcd7f102c07a510200d768cae65e5db25d23 Mon Sep 17 00:00:00 2001 From: Ziqiao Kong Date: Thu, 15 Feb 2024 17:50:17 +0800 Subject: target/i386: Generate an illegal opcode exception on cmp instructions with lock prefix target/i386: As specified by Intel Manual Vol2 3-180, cmp instructions are not allowed to have lock prefix and a `UD` should be raised. Without this patch, s1->T0 will be uninitialized and used in the case OP_CMPL. Signed-off-by: Ziqiao Kong Message-ID: <20240215095015.570748-2-ziqiaokong@gmail.com> Cc: qemu-stable@nongnu.org Signed-off-by: Paolo Bonzini --- target/i386/tcg/translate.c | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) (limited to 'target') diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c index 10cba16256..07f642dc9e 100644 --- a/target/i386/tcg/translate.c +++ b/target/i386/tcg/translate.c @@ -1507,12 +1507,13 @@ static bool check_iopl(DisasContext *s) /* if d == OR_TMP0, it means memory operand (address in A0) */ static void gen_op(DisasContext *s1, int op, MemOp ot, int d) { + /* Invalid lock prefix when destination is not memory or OP_CMPL. */ + if ((d != OR_TMP0 || op == OP_CMPL) && s1->prefix & PREFIX_LOCK) { + gen_illegal_opcode(s1); + return; + } + if (d != OR_TMP0) { - if (s1->prefix & PREFIX_LOCK) { - /* Lock prefix when destination is not memory. */ - gen_illegal_opcode(s1); - return; - } gen_op_mov_v_reg(s1, ot, s1->T0, d); } else if (!(s1->prefix & PREFIX_LOCK)) { gen_op_ld_v(s1, ot, s1->T0, s1->A0); -- cgit 1.4.1