Some XSAVE components depend on multiple features. For example, Opmask/
ZMM_Hi256/Hi16_ZMM depend on avx512f OR avx10, and for CET (which will
be supported later), cet_u/cet_s will depend on shstk OR ibt.
Although previously there's the special check for the dependencies of
AVX512F OR AVX10 on their respective XSAVE components (in
cpuid_has_xsave_feature()), to make the code more general and avoid
adding more special cases, make ExtSaveArea store a features array
instead of a single feature, so that it can describe multiple
dependencies.
Tested-by: Farrah Chen <farrah.chen@intel.com>
Signed-off-by: Zhao Liu <zhao1.liu@intel.com>
---
target/i386/cpu.c | 71 ++++++++++++++++++++++++++++++++++-------------
target/i386/cpu.h | 9 +++++-
2 files changed, 59 insertions(+), 21 deletions(-)
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index b9a5a0400dea..cd269d15ce0b 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -2020,53 +2020,77 @@ static const X86RegisterInfo32 x86_reg_info_32[CPU_NB_REGS32] = {
ExtSaveArea x86_ext_save_areas[XSAVE_STATE_AREA_COUNT] = {
[XSTATE_FP_BIT] = {
/* x87 FP state component is always enabled if XSAVE is supported */
- .feature = FEAT_1_ECX, .bits = CPUID_EXT_XSAVE,
.size = sizeof(X86LegacyXSaveArea) + sizeof(X86XSaveHeader),
+ .features = {
+ { FEAT_1_ECX, CPUID_EXT_XSAVE },
+ },
},
[XSTATE_SSE_BIT] = {
/* SSE state component is always enabled if XSAVE is supported */
- .feature = FEAT_1_ECX, .bits = CPUID_EXT_XSAVE,
.size = sizeof(X86LegacyXSaveArea) + sizeof(X86XSaveHeader),
+ .features = {
+ { FEAT_1_ECX, CPUID_EXT_XSAVE },
+ },
},
[XSTATE_YMM_BIT] = {
- .feature = FEAT_1_ECX, .bits = CPUID_EXT_AVX,
.size = sizeof(XSaveAVX),
+ .features = {
+ { FEAT_1_ECX, CPUID_EXT_AVX },
+ },
},
[XSTATE_BNDREGS_BIT] = {
- .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_MPX,
.size = sizeof(XSaveBNDREG),
+ .features = {
+ { FEAT_7_0_EBX, CPUID_7_0_EBX_MPX },
+ },
},
[XSTATE_BNDCSR_BIT] = {
- .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_MPX,
.size = sizeof(XSaveBNDCSR),
+ .features = {
+ { FEAT_7_0_EBX, CPUID_7_0_EBX_MPX },
+ },
},
[XSTATE_OPMASK_BIT] = {
- .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_AVX512F,
.size = sizeof(XSaveOpmask),
+ .features = {
+ { FEAT_7_0_EBX, CPUID_7_0_EBX_AVX512F },
+ },
},
[XSTATE_ZMM_Hi256_BIT] = {
- .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_AVX512F,
.size = sizeof(XSaveZMM_Hi256),
+ .features = {
+ { FEAT_7_0_EBX, CPUID_7_0_EBX_AVX512F },
+ },
},
[XSTATE_Hi16_ZMM_BIT] = {
- .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_AVX512F,
.size = sizeof(XSaveHi16_ZMM),
+ .features = {
+ { FEAT_7_0_EBX, CPUID_7_0_EBX_AVX512F },
+ },
},
[XSTATE_PKRU_BIT] = {
- .feature = FEAT_7_0_ECX, .bits = CPUID_7_0_ECX_PKU,
.size = sizeof(XSavePKRU),
+ .features = {
+ { FEAT_7_0_ECX, CPUID_7_0_ECX_PKU },
+ },
},
[XSTATE_ARCH_LBR_BIT] = {
- .feature = FEAT_7_0_EDX, .bits = CPUID_7_0_EDX_ARCH_LBR,
.size = sizeof(XSaveArchLBR),
+ .features = {
+ { FEAT_7_0_EDX, CPUID_7_0_EDX_ARCH_LBR },
+ },
},
[XSTATE_XTILE_CFG_BIT] = {
- .feature = FEAT_7_0_EDX, .bits = CPUID_7_0_EDX_AMX_TILE,
.size = sizeof(XSaveXTILECFG),
+ .features = {
+ { FEAT_7_0_EDX, CPUID_7_0_EDX_AMX_TILE },
+ },
},
[XSTATE_XTILE_DATA_BIT] = {
- .feature = FEAT_7_0_EDX, .bits = CPUID_7_0_EDX_AMX_TILE,
.size = sizeof(XSaveXTILEDATA),
+ .features = {
+ { FEAT_7_0_EDX, CPUID_7_0_EDX_AMX_TILE },
+ },
},
};
@@ -7137,10 +7161,13 @@ static const char *x86_cpu_feature_name(FeatureWord w, int bitnr)
if (w == FEAT_XSAVE_XCR0_LO || w == FEAT_XSAVE_XCR0_HI) {
int comp = (w == FEAT_XSAVE_XCR0_HI) ? bitnr + 32 : bitnr;
- if (comp < ARRAY_SIZE(x86_ext_save_areas) &&
- x86_ext_save_areas[comp].bits) {
- w = x86_ext_save_areas[comp].feature;
- bitnr = ctz32(x86_ext_save_areas[comp].bits);
+ if (comp < ARRAY_SIZE(x86_ext_save_areas)) {
+ /* Present the first feature as the default. */
+ const FeatureMask *fm = &x86_ext_save_areas[comp].features[0];
+ if (fm->mask != 0) {
+ w = fm->index;
+ bitnr = ctz32(fm->mask);
+ }
}
}
@@ -8610,11 +8637,15 @@ static bool cpuid_has_xsave_feature(CPUX86State *env, const ExtSaveArea *esa)
return false;
}
- if (env->features[esa->feature] & esa->bits) {
- return true;
+ for (int i = 0; i < ARRAY_SIZE(esa->features); i++) {
+ if (env->features[esa->features[i].index] & esa->features[i].mask) {
+ return true;
+ }
}
- if (esa->feature == FEAT_7_0_EBX && esa->bits == CPUID_7_0_EBX_AVX512F
- && (env->features[FEAT_7_1_EDX] & CPUID_7_1_EDX_AVX10)) {
+
+ if (esa->features[0].index == FEAT_7_0_EBX &&
+ esa->features[0].mask == CPUID_7_0_EBX_AVX512F &&
+ (env->features[FEAT_7_1_EDX] & CPUID_7_1_EDX_AVX10)) {
return true;
}
diff --git a/target/i386/cpu.h b/target/i386/cpu.h
index ac527971d8cd..6537affcf067 100644
--- a/target/i386/cpu.h
+++ b/target/i386/cpu.h
@@ -1769,9 +1769,16 @@ QEMU_BUILD_BUG_ON(sizeof(XSaveXTILECFG) != 0x40);
QEMU_BUILD_BUG_ON(sizeof(XSaveXTILEDATA) != 0x2000);
typedef struct ExtSaveArea {
- uint32_t feature, bits;
uint32_t offset, size;
uint32_t ecx;
+ /*
+ * The dependencies in the array work as OR relationships, which
+ * means having just one of those features is enough.
+ *
+ * At most two features are sharing the same xsave area.
+ * Number of features can be adjusted if necessary.
+ */
+ const FeatureMask features[2];
} ExtSaveArea;
#define XSAVE_STATE_AREA_COUNT (XSTATE_XTILE_DATA_BIT + 1)
--
2.34.1On 10/24/2025 2:56 PM, Zhao Liu wrote:
> Some XSAVE components depend on multiple features. For example, Opmask/
> ZMM_Hi256/Hi16_ZMM depend on avx512f OR avx10, and for CET (which will
> be supported later), cet_u/cet_s will depend on shstk OR ibt.
>
> Although previously there's the special check for the dependencies of
> AVX512F OR AVX10 on their respective XSAVE components (in
> cpuid_has_xsave_feature()), to make the code more general and avoid
> adding more special cases, make ExtSaveArea store a features array
> instead of a single feature, so that it can describe multiple
> dependencies.
>
> Tested-by: Farrah Chen <farrah.chen@intel.com>
> Signed-off-by: Zhao Liu <zhao1.liu@intel.com>
> ---> target/i386/cpu.c | 71
++++++++++++++++++++++++++++++++++-------------
> target/i386/cpu.h | 9 +++++-
> 2 files changed, 59 insertions(+), 21 deletions(-)
>
> diff --git a/target/i386/cpu.c b/target/i386/cpu.c
> index b9a5a0400dea..cd269d15ce0b 100644
> --- a/target/i386/cpu.c
> +++ b/target/i386/cpu.c
> @@ -2020,53 +2020,77 @@ static const X86RegisterInfo32 x86_reg_info_32[CPU_NB_REGS32] = {
> ExtSaveArea x86_ext_save_areas[XSAVE_STATE_AREA_COUNT] = {
> [XSTATE_FP_BIT] = {
> /* x87 FP state component is always enabled if XSAVE is supported */
> - .feature = FEAT_1_ECX, .bits = CPUID_EXT_XSAVE,
> .size = sizeof(X86LegacyXSaveArea) + sizeof(X86XSaveHeader),
> + .features = {
> + { FEAT_1_ECX, CPUID_EXT_XSAVE },
> + },
> },
> [XSTATE_SSE_BIT] = {
> /* SSE state component is always enabled if XSAVE is supported */
> - .feature = FEAT_1_ECX, .bits = CPUID_EXT_XSAVE,
> .size = sizeof(X86LegacyXSaveArea) + sizeof(X86XSaveHeader),
> + .features = {
> + { FEAT_1_ECX, CPUID_EXT_XSAVE },
> + },
> },
> [XSTATE_YMM_BIT] = {
> - .feature = FEAT_1_ECX, .bits = CPUID_EXT_AVX,
> .size = sizeof(XSaveAVX),
> + .features = {
> + { FEAT_1_ECX, CPUID_EXT_AVX },
> + },
> },
> [XSTATE_BNDREGS_BIT] = {
> - .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_MPX,
> .size = sizeof(XSaveBNDREG),
> + .features = {
> + { FEAT_7_0_EBX, CPUID_7_0_EBX_MPX },
> + },
> },
> [XSTATE_BNDCSR_BIT] = {
> - .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_MPX,
> .size = sizeof(XSaveBNDCSR),
> + .features = {
> + { FEAT_7_0_EBX, CPUID_7_0_EBX_MPX },
> + },
> },
> [XSTATE_OPMASK_BIT] = {
> - .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_AVX512F,
> .size = sizeof(XSaveOpmask),
> + .features = {
> + { FEAT_7_0_EBX, CPUID_7_0_EBX_AVX512F },
> + },
> },
> [XSTATE_ZMM_Hi256_BIT] = {
> - .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_AVX512F,
> .size = sizeof(XSaveZMM_Hi256),
> + .features = {
> + { FEAT_7_0_EBX, CPUID_7_0_EBX_AVX512F },
> + },
> },
> [XSTATE_Hi16_ZMM_BIT] = {
> - .feature = FEAT_7_0_EBX, .bits = CPUID_7_0_EBX_AVX512F,
> .size = sizeof(XSaveHi16_ZMM),
> + .features = {
> + { FEAT_7_0_EBX, CPUID_7_0_EBX_AVX512F },
> + },
> },
> [XSTATE_PKRU_BIT] = {
> - .feature = FEAT_7_0_ECX, .bits = CPUID_7_0_ECX_PKU,
> .size = sizeof(XSavePKRU),
> + .features = {
> + { FEAT_7_0_ECX, CPUID_7_0_ECX_PKU },
> + },
> },
> [XSTATE_ARCH_LBR_BIT] = {
> - .feature = FEAT_7_0_EDX, .bits = CPUID_7_0_EDX_ARCH_LBR,
> .size = sizeof(XSaveArchLBR),
> + .features = {
> + { FEAT_7_0_EDX, CPUID_7_0_EDX_ARCH_LBR },
> + },
> },
> [XSTATE_XTILE_CFG_BIT] = {
> - .feature = FEAT_7_0_EDX, .bits = CPUID_7_0_EDX_AMX_TILE,
> .size = sizeof(XSaveXTILECFG),
> + .features = {
> + { FEAT_7_0_EDX, CPUID_7_0_EDX_AMX_TILE },
> + },
> },
> [XSTATE_XTILE_DATA_BIT] = {
> - .feature = FEAT_7_0_EDX, .bits = CPUID_7_0_EDX_AMX_TILE,
> .size = sizeof(XSaveXTILEDATA),
> + .features = {
> + { FEAT_7_0_EDX, CPUID_7_0_EDX_AMX_TILE },
> + },
> },
> };
>
> @@ -7137,10 +7161,13 @@ static const char *x86_cpu_feature_name(FeatureWord w, int bitnr)
> if (w == FEAT_XSAVE_XCR0_LO || w == FEAT_XSAVE_XCR0_HI) {
> int comp = (w == FEAT_XSAVE_XCR0_HI) ? bitnr + 32 : bitnr;
>
> - if (comp < ARRAY_SIZE(x86_ext_save_areas) &&
> - x86_ext_save_areas[comp].bits) {
> - w = x86_ext_save_areas[comp].feature;
> - bitnr = ctz32(x86_ext_save_areas[comp].bits);
> + if (comp < ARRAY_SIZE(x86_ext_save_areas)) {
> + /* Present the first feature as the default. */
> + const FeatureMask *fm = &x86_ext_save_areas[comp].features[0];
It doesn't look right to me.
E.g., when users are requesting IBT, thus CET_U and CET_S, they might
get "shstk" not avaiable.
> + if (fm->mask != 0) {
Nit: if (fm->mask) is enough
> + w = fm->index;
> + bitnr = ctz32(fm->mask);
> + }
> }
> }
>
> @@ -8610,11 +8637,15 @@ static bool cpuid_has_xsave_feature(CPUX86State *env, const ExtSaveArea *esa)
> return false;
> }
>
> - if (env->features[esa->feature] & esa->bits) {
> - return true;
> + for (int i = 0; i < ARRAY_SIZE(esa->features); i++) {
> + if (env->features[esa->features[i].index] & esa->features[i].mask) {
> + return true;
> + }
> }
> - if (esa->feature == FEAT_7_0_EBX && esa->bits == CPUID_7_0_EBX_AVX512F
> - && (env->features[FEAT_7_1_EDX] & CPUID_7_1_EDX_AVX10)) {
> +
> + if (esa->features[0].index == FEAT_7_0_EBX &&
> + esa->features[0].mask == CPUID_7_0_EBX_AVX512F &&
> + (env->features[FEAT_7_1_EDX] & CPUID_7_1_EDX_AVX10)) {
> return true;
> }
>
> diff --git a/target/i386/cpu.h b/target/i386/cpu.h
> index ac527971d8cd..6537affcf067 100644
> --- a/target/i386/cpu.h
> +++ b/target/i386/cpu.h
> @@ -1769,9 +1769,16 @@ QEMU_BUILD_BUG_ON(sizeof(XSaveXTILECFG) != 0x40);
> QEMU_BUILD_BUG_ON(sizeof(XSaveXTILEDATA) != 0x2000);
>
> typedef struct ExtSaveArea {
> - uint32_t feature, bits;
> uint32_t offset, size;
> uint32_t ecx;
> + /*
> + * The dependencies in the array work as OR relationships, which
> + * means having just one of those features is enough.
> + *
> + * At most two features are sharing the same xsave area.
> + * Number of features can be adjusted if necessary.
> + */
> + const FeatureMask features[2];
> } ExtSaveArea;
>
> #define XSAVE_STATE_AREA_COUNT (XSTATE_XTILE_DATA_BIT + 1)
> > @@ -7137,10 +7161,13 @@ static const char *x86_cpu_feature_name(FeatureWord w, int bitnr)
> > if (w == FEAT_XSAVE_XCR0_LO || w == FEAT_XSAVE_XCR0_HI) {
> > int comp = (w == FEAT_XSAVE_XCR0_HI) ? bitnr + 32 : bitnr;
> > - if (comp < ARRAY_SIZE(x86_ext_save_areas) &&
> > - x86_ext_save_areas[comp].bits) {
> > - w = x86_ext_save_areas[comp].feature;
> > - bitnr = ctz32(x86_ext_save_areas[comp].bits);
> > + if (comp < ARRAY_SIZE(x86_ext_save_areas)) {
> > + /* Present the first feature as the default. */
> > + const FeatureMask *fm = &x86_ext_save_areas[comp].features[0];
>
> It doesn't look right to me.
>
> E.g., when users are requesting IBT, thus CET_U and CET_S, they might get
> "shstk" not avaiable.
This was intentional. This patch only introduces a new dependency array
without attempting to change the existing state. The series is already
quite large, so I didn't include all the cleanup within it.
© 2016 - 2025 Red Hat, Inc.