1. Patchew
  2. linux
  3. View series

[PATCH v2 0/5] KVM: x86: Expose Zhaoxin CPUID 0xC0000001 EDX cryptographic features

Ewan Hai posted 5 patches 1 week, 4 days ago 
arch/x86/include/asm/cpufeatures.h | 10 ++++++++++
arch/x86/kvm/cpuid.c               | 10 ++++++++++
2 files changed, 20 insertions(+)
[PATCH v2 0/5] KVM: x86: Expose Zhaoxin CPUID 0xC0000001 EDX cryptographic features
Posted by Ewan Hai 1 week, 4 days ago 
This series exposes five groups of Zhaoxin-specific CPUID 0xC0000001 EDX
feature bits to KVM guests. Each group corresponds to a category of
unprivileged cryptographic or RNG instructions that have been present in
Zhaoxin processors but not yet advertised by KVM.

All instructions covered here are unprivileged (no CPL restriction) and
available in all CPU modes (real / V86 / compat / protected / long), with
no associated MSR control. Each feature is reported as a (X, X_EN) pair
where the two bits are redundant by hardware design (set or cleared
together), and both are CPUID-level reporting bits requiring no KVM
emulation.

The five feature groups:

1. SM2 (bits 0, 1): SM2 elliptic-curve public-key cryptography algorithm
   per GM/T 0003-2012. Used for key generation, encryption/decryption,
   digital signatures, and key exchange in Chinese cryptographic
   standards.

2. CCS (bits 4, 5): SM3 hash algorithm per GM/T 0004-2012 and SM4 block
   cipher per GM/T 0002-2012 (supports ECB / CBC / CFB / OFB / CTR plus
   CBC-MAC / CFB-MAC). Foundational primitives for Chinese cryptographic
   protocols.

3. RNG2 (bits 22, 23): Second-generation hardware RNG exposed via the
   REP XRNG2 instruction. Two on-die RNG sources selectable per call,
   with raw and post-processed output modes. Provides high-quality
   entropy for cryptographic operations.

4. PHE2 (bits 25, 26): SHA-384 and SHA-512 hardware acceleration per
   FIPS 180-3, exposed via REP XSHA384 and REP XSHA512. Used by TLS,
   SSH, file integrity, and signature schemes.

5. RSA (bits 27, 28): Big-number modular exponentiation (REP XMODEXP,
   A^B mod M) and modular multiplication (REP MONTMUL2, A*B mod M),
   supporting operand sizes from 256 to 32768 bits. Used for RSA and
   related public-key operations.

References:
  The instruction encodings, control-word formats, and per-feature
  semantics referenced in the individual patches are documented in:
    - GMI Instruction Set Reference (SM2 / SM3 / SM4)
    - PadLock Instruction Reference (XRNG2 / XSHA384 / XSHA512 /
      XMODEXP / MONTMUL2)
  Both available from https://kib.kiev.ua/x86docs/Zhaoxin/

Changes since v1:
- Move the X86_FEATURE_xx definitions from arch/x86/kvm/reverse_cpuid.h
  into arch/x86/include/asm/cpufeatures.h, filling the unused bit
  positions in word 5 (which is reserved for CPUID 0xC0000001 EDX),
  per Sean's review feedback.
- Tighten wording in each commit message: "user-mode" -> "unprivileged
  (no CPL restriction)", since the instructions execute at any CPL.

v1: https://lore.kernel.org/all/20260513124846.1622462-1-ewandevelop@gmail.com/

Ewan Hai (5):
  KVM: x86: Expose Zhaoxin SM2 CPUID feature
  KVM: x86: Expose Zhaoxin CCS (SM3 + SM4) CPUID feature
  KVM: x86: Expose Zhaoxin RNG2 CPUID feature
  KVM: x86: Expose Zhaoxin PHE2 CPUID feature
  KVM: x86: Expose Zhaoxin RSA CPUID feature

 arch/x86/include/asm/cpufeatures.h | 10 ++++++++++
 arch/x86/kvm/cpuid.c               | 10 ++++++++++
 2 files changed, 20 insertions(+)


base-commit: 50897c955902c93ae71c38698abb910525ebdc89
--
2.34.1
Re: [PATCH v2 0/5] KVM: x86: Expose Zhaoxin CPUID 0xC0000001 EDX cryptographic features
Posted by Binbin Wu 6 days, 8 hours ago 

On 5/28/2026 11:22 AM, Ewan Hai wrote:
> This series exposes five groups of Zhaoxin-specific CPUID 0xC0000001 EDX
> feature bits to KVM guests. Each group corresponds to a category of
> unprivileged cryptographic or RNG instructions that have been present in
> Zhaoxin processors but not yet advertised by KVM.
> 
> All instructions covered here are unprivileged (no CPL restriction) and
> available in all CPU modes (real / V86 / compat / protected / long), with
> no associated MSR control. Each feature is reported as a (X, X_EN) pair
> where the two bits are redundant by hardware design (set or cleared
> together), and both are CPUID-level reporting bits requiring no KVM
> emulation.
> 
> The five feature groups:
> 
> 1. SM2 (bits 0, 1): SM2 elliptic-curve public-key cryptography algorithm
>    per GM/T 0003-2012. Used for key generation, encryption/decryption,
>    digital signatures, and key exchange in Chinese cryptographic
>    standards.
> 
> 2. CCS (bits 4, 5): SM3 hash algorithm per GM/T 0004-2012 and SM4 block
>    cipher per GM/T 0002-2012 (supports ECB / CBC / CFB / OFB / CTR plus
>    CBC-MAC / CFB-MAC). Foundational primitives for Chinese cryptographic
>    protocols.
> 
> 3. RNG2 (bits 22, 23): Second-generation hardware RNG exposed via the
>    REP XRNG2 instruction. Two on-die RNG sources selectable per call,
>    with raw and post-processed output modes. Provides high-quality
>    entropy for cryptographic operations.
> 
> 4. PHE2 (bits 25, 26): SHA-384 and SHA-512 hardware acceleration per
>    FIPS 180-3, exposed via REP XSHA384 and REP XSHA512. Used by TLS,
>    SSH, file integrity, and signature schemes.
> 
> 5. RSA (bits 27, 28): Big-number modular exponentiation (REP XMODEXP,
>    A^B mod M) and modular multiplication (REP MONTMUL2, A*B mod M),
>    supporting operand sizes from 256 to 32768 bits. Used for RSA and
>    related public-key operations.
> 
> References:
>   The instruction encodings, control-word formats, and per-feature
>   semantics referenced in the individual patches are documented in:
>     - GMI Instruction Set Reference (SM2 / SM3 / SM4)
>     - PadLock Instruction Reference (XRNG2 / XSHA384 / XSHA512 /
>       XMODEXP / MONTMUL2)
>   Both available from https://kib.kiev.ua/x86docs/Zhaoxin/
> 
> Changes since v1:
> - Move the X86_FEATURE_xx definitions from arch/x86/kvm/reverse_cpuid.h
>   into arch/x86/include/asm/cpufeatures.h, filling the unused bit
>   positions in word 5 (which is reserved for CPUID 0xC0000001 EDX),
>   per Sean's review feedback.
> - Tighten wording in each commit message: "user-mode" -> "unprivileged
>   (no CPL restriction)", since the instructions execute at any CPL.
> 
> v1: https://lore.kernel.org/all/20260513124846.1622462-1-ewandevelop@gmail.com/
> 
> Ewan Hai (5):
>   KVM: x86: Expose Zhaoxin SM2 CPUID feature
>   KVM: x86: Expose Zhaoxin CCS (SM3 + SM4) CPUID feature
>   KVM: x86: Expose Zhaoxin RNG2 CPUID feature
>   KVM: x86: Expose Zhaoxin PHE2 CPUID feature
>   KVM: x86: Expose Zhaoxin RSA CPUID feature
> 
>  arch/x86/include/asm/cpufeatures.h | 10 ++++++++++
>  arch/x86/kvm/cpuid.c               | 10 ++++++++++
>  2 files changed, 20 insertions(+)

Two nits in patch 2 and patch 4.

Otherwise,
Reviewed-by: Binbin Wu <binbin.wu@linux.intel.com>
> 
> 
> base-commit: 50897c955902c93ae71c38698abb910525ebdc89
> --
> 2.34.1
>

Patchew 2.1-devel-ea86937

© 2016 - 2026 Red Hat, Inc.