diff -Nru cpuid-20220620/ChangeLog cpuid-20220812/ChangeLog --- cpuid-20220620/ChangeLog 2022-06-20 12:02:01.000000000 +0000 +++ cpuid-20220812/ChangeLog 2022-08-12 13:57:32.000000000 +0000 @@ -1,3 +1,94 @@ +Fri Aug 12 2022 Todd Allen + * Made new release. + +Fri Aug 12 2022 Todd Allen + * cpuid.c: Corrected (synth) decoding for (0,6),(8,6) Intel Snow + Ridge/Parker Ridge. It had been lumped in with Elkhart Lake, but only + because that had been the only known core name for the Tremont uarch. + These appear to be different cores. Also added steppings from SSG*. + +Fri Aug 5 2022 Todd Allen + * cpuid.c: Added 8000000a/edx X2AVIC flag, from Linux kernel patches + It appears to be undocumented, so far. + +Thu Aug 4 2022 Todd Allen + * cpuid.c: Improved (synth) decoding for (0,6),(9,7),2, adding + Added Alder Lake-HX. + +Wed Jul 27 2022 Todd Allen + * cpuid.c: Reverted May 27 2022 split of 7/0/ebx hack to report bit 22 + as RDPID on AMD architectures. The AMD documentation is inconsistent + on the location of this flag. In E.3.6, it claims 7/0/ebx. But in + section 3, the RDPID instruction itself claims 7/0/ecx, as does the + mention in Table 3-1. This also is consistent with Intel + architectures. Thanks to Stefan Kanthak for pointing this out. + +Mon Jul 25 2022 Todd Allen + * cpuid.c: Generalized (0,6),(8,14),9,YP stepping case to include + Pentium 4425Y, from instlatx64 sample. + +Thu Jul 14 2022 Todd Allen + * cpuid.c: Updated 7/0/edx comments to reflect original info source + for SRBDS mitigation MSR available, previously just marked LX*. + * cpuid.c: Updated 7/0/edx comments to reflect original info source + for RTM transaction always aborts, previously just marked LX*. + * cpuid.c: Added (vuln to branch type confusion synth) synthetic leaf + to correct for the one known inaccuracy. + * cpuid.man: Added those two original source web pages from Intel: + Intel Transactional Synchronization Extensions (Intel TSX) Memory and + Performance Monitoring Update for Intel Processors (Article ID + 000059422), Special Register Buffer Data Sampling. + +Wed Jul 13 2022 Todd Allen + * cpuid.c: Added 0x80000008/ebx not vulnerable to branch type confusion + flag from "Technical Guidance For Mitigating Branch Type Confusion + (White Paper)". Also added a synthetic flag to correct the special + case for Family 0x19, where the raw flag is documented to be wrong. + * cpuid.c: Added 7/2/edx indirect branch prediction related flags from + Intel's "Branch History Injection and Intra-mode Branch Target + Injection / CVE-2022-0001, CVE-2022-0002 / INTEL-SA-00598". + * cpuid.c: Added (uarch synth) decoding for (0,6),(6,14) Cougar + Mountain, mentioned as Airmont by Intel's "Retpoline: A Branch Target + Injection Mitigation". + * cpuid.man: Added "Branch History Injection and Intra-mode Branch Target + Injection / CVE-2022-0001, CVE-2022-0002 / INTEL-SA-00598" and + "Retpoline: A Branch Target Injection Mitigation". + +Tue Jul 12 2022 Todd Allen + * cpuid.c: Clarified (synth) for (0,6),(8,13) Tiger Lake-H from SSG*. + +Tue Jul 12 2022 Todd Allen + * cpuid.c: Added support for hypervisor+3/ecx (Microsoft) flags. + * cpuid.c: Added support for hypervisor+0xa/eax (Microsoft) VMCS + GuestIa32DebugCtl support flag. + * cpuid.c: Added support for hypervisor+0xa/ebx (Microsoft) VMCS + HvFlushGuestPhysicalAddress* flag. + +Wed Jun 29 2022 Todd Allen + * cpuid.c: Added (synth) for (0,6),(11,10),3 Raptor Lake-P Q0, from + Coreboot*. + +Sat Jun 25 2022 Todd Allen + * cpuid.c: Lionel Debroux's patch used MAX_CPUS all the time. But it + really was meaningful only for the USE_KERNEL_SCHED_SETAFFINITY case + (although, by happenstance, it may have been correct for all three + cases). Replace this with an nr_cpu_ids global, determined by + get_nr_cpu_ids(). The simplest version just returns + sysconf(_SC_NPROCESSORS_CONF), although that could be problematic on + systems with non-contiguous CPU numbers. + * cpuid.c: For USE_KERNEL_SCHED_SETAFFINITY, improve this, and also + support systems with > 1024 CPUs, by estimating nr_cpu_ids using a + power-of-2 walk through successively larger cpu_set_t sizes until + sched_getaffinity succeeds. + * cpuid.c: For systems using cpu_set_t (only Cygwin?), cap the + nr_cpu_ids to CPU_SETSIZE. + * cpuid.c: The _SC_NPROCESSORS_CONF check in real_setup() is removed + because it's redundant now. + +Wed Jun 22 2022 Lionel Debroux + * cpuid.c: In do_real() and do_real_one(), avoid breaking out of loop + because of downed CPUs. + Mon Jun 20 2022 Todd Allen * Made new release. diff -Nru cpuid-20220620/cpuid.c cpuid-20220812/cpuid.c --- cpuid-20220620/cpuid.c 2022-06-18 16:08:23.000000000 +0000 +++ cpuid-20220812/cpuid.c 2022-08-12 13:52:50.000000000 +0000 @@ -29,6 +29,12 @@ // Microcode Update Guidance). Its purpose is not to list CPUID values, but // it does so, and sometimes lists values that appear nowhere else. +// SSG* is the Software Security Guidance Processors Affected table. It +// replaces the MRG* circa 2022. Again, its purpose is not to list CPUID +// values, but it does so, and sometimes lists values that appear nowhere else. +// It appears to be available only in online HTML form: +// https://www.intel.com/content/www/us/en/developer/topic-technology/software-security-guidance/processors-affected-consolidated-product-cpu-model.html + // LX* indicates features that I have seen no documentation for, but which are // used by the Linux kernel (which is good evidence that they're correct). // The "hook" to find these generally is an X86_FEATURE_* flag in: @@ -183,7 +189,7 @@ size_t size = regerror(status, &re, NULL, 0); char* buffer = malloc(size + 1); if (buffer == NULL || size + 1 == 0) { - fprintf(stderr, "%s: out of memory\n", program); + fprintf(stderr, "%s: out of memory (strregexp 1)\n", program); exit(1); } regerror(status, &re, buffer, size); @@ -196,7 +202,7 @@ size_t size = regerror(status, &re, NULL, 0); char* buffer = malloc(size + 1); if (buffer == NULL || size + 1 == 0) { - fprintf(stderr, "%s: out of memory\n", program); + fprintf(stderr, "%s: out of memory (strregexp 2)\n", program); exit(1); } regerror(status, &re, buffer, size); @@ -2138,6 +2144,7 @@ FM ( 0, 6, 6, 7, *u = "Palm Cove", *f = "Skylake", *p = "10nm"); // DPTF* FM ( 0, 6, 6,10, *u = "Sunny Cove", *f = "Sunny Cove", *p = "10nm+"); FM ( 0, 6, 6,12, *u = "Sunny Cove", *f = "Sunny Cove", *p = "10nm+"); // no spec update; only MSR_CPUID_table* so far; DPTF* claims this is Meteor Lake S => Redwood Cove + FM ( 0, 6, 6,14, *u = "Airmont", *p = "14nm"); // no spec update; only Intel's "Retpoline: A Branch Target Injection Mitigation" FM ( 0, 6, 7, 5, *u = "Airmont", *p = "14nm"); // no spec update; whispers & rumors FM ( 0, 6, 7,10, *u = "Goldmont Plus", *p = "14nm"); FM ( 0, 6, 7,13, *u = "Sunny Cove", *f = "Sunny Cove", *p = "10nm+"); // no spec update; only MSR_CPUID_table* so far @@ -3277,6 +3284,9 @@ // MRG* 2019-11-13 mentions stepping 3, but doesn't mention stepping name. // geekbench.com has an "Intel Xeon Gold 6230" example of a stepping 5, but // no stepping name. + // Intel's "Retpoline: A Branch Target Injection Mitigation" mentions + // steppings 11 & 12, but no stepping names (or even + // Skylake/Cascade Lake/Cooper Lake differentiation). FMSQ( 0, 6, 5, 5, 2, sS, "Intel Scalable Bronze/Silver/Gold/Platinum (Skylake B0/L0)"); FMSQ( 0, 6, 5, 5, 2, sX, "Intel Xeon W 2000 / D-2100 (Skylake B0/L0)"); FMSQ( 0, 6, 5, 5, 4, sS, "Intel Scalable Bronze/Silver/Gold/Platinum (Skylake H0/M0/U0)"); @@ -3394,8 +3404,14 @@ // no spec update; only MSR_CPUID_table* so far // MRG* 2018-03-06 mentions stepping 0, but doesn't specify which stepping name it is. FM ( 0, 6, 8, 5, "Intel Xeon Phi (Knights Mill)"); - FM ( 0, 6, 8, 6, "Intel Atom (Elkhart Lake)"); // no spec update; only MSR_CPUID_table* so far + // no spec update; only MSR_CPUID_table* & SSG* so far. + // SSG* provides the 4,5,7 steppings. + FMS ( 0, 6, 8, 6, 4, "Intel Atom P5900 (Snow Ridge)"); + FMS ( 0, 6, 8, 6, 5, "Intel Atom P5900 (Snow Ridge)"); + FMS ( 0, 6, 8, 6, 7, "Intel Atom P5300 / P5700 (Snow Ridge) / C5000 (Parker Ridge)"); + FM ( 0, 6, 8, 6, "Intel Atom (Snow Ridge/Parker Ridge)"); // instlatx64 sample has stepping 1, but has no name. + // SSG* 2022 also mentions it, but does so ambiguously. FM ( 0, 6, 8,10, "Intel Atom (Lakefield)"); // no spec update; LX* // Coreboot* provides steppings. FMS ( 0, 6, 8,12, 0, "Intel Core (Tiger Lake-U A0)"); @@ -3407,17 +3423,17 @@ FMQ ( 0, 6, 8,12, dP, "Intel Pentium (Tiger Lake-U)"); FMQ ( 0, 6, 8,12, dc, "Intel Core (Tiger Lake-U)"); FM ( 0, 6, 8,12, "Intel (unknown type) (Tiger Lake-U)"); - // no spec update; only MSR_CPUID_table* so far + // no spec update; only MSR_CPUID_table* and SSG* so far. SSG* provides H suffix. // Coreboot* provides stepping. - FMS ( 0, 6, 8,13, 1, "Intel Core (Tiger Lake R0)"); - FM ( 0, 6, 8,13, "Intel Core (Tiger Lake)"); + FMS ( 0, 6, 8,13, 1, "Intel Core (Tiger Lake-H R0)"); + FM ( 0, 6, 8,13, "Intel Core (Tiger Lake-H)"); // Intel docs (334663) omit the stepping numbers for (0,6),(8,14) // H0, J1 & Y0, but (338025, 615213) provide some. // Coreboot* provides the 9 (H0) & 10 (Y0) stepping, but not J1. FMSQ( 0, 6, 8,14, 9, UC, "Intel Celeron 3x65U (Kaby Lake H0)"); // MRG* 2019-08-31 pinned down stepping FMSQ( 0, 6, 8,14, 9, UP, "Intel Celeron 4415U (Kaby Lake H0)"); // MRG* 2019-08-31 pinned down stepping FMSQ( 0, 6, 8,14, 9, YC, "Intel Celeron 3x65Y (Kaby Lake H0)"); // MRG* 2019-08-31 pinned down stepping - FMSQ( 0, 6, 8,14, 9, YP, "Intel Celeron 4410Y (Kaby Lake H0)"); // MRG* 2019-08-31 pinned down stepping + FMSQ( 0, 6, 8,14, 9, YP, "Intel Pentium / Celeron 4400Y (Kaby Lake H0)"); // MRG* 2019-08-31 pinned down stepping FMSQ( 0, 6, 8,14, 9, Y8, "Intel i*-8000Y / m*-8000Y (Amber Lake-Y H0)"); // no spec update; only MRG* 2019-08-31 & instlatx64 examples FMSQ( 0, 6, 8,14, 9, LY, "Intel Core i*-7000Y (Kaby Lake H0)"); // no spec update; only MRG* 2019-08-31 & instlatx64 examples FMSQ( 0, 6, 8,14, 9, dc, "Intel Core i*-7000U (Kaby Lake H0)"); // no docs on stepping; MRG* 2018-03-06, 2019-08-31 @@ -3457,8 +3473,8 @@ FMS ( 0, 6, 9, 7, 0, "Intel (unknown type) (Alder Lake-S A0)"); FMSQ( 0, 6, 9, 7, 1, dc, "Intel Core i*-12000 (Alder Lake-S B0)"); FMS ( 0, 6, 9, 7, 1, "Intel (unknown type) (Alder Lake-S B0)"); - FMSQ( 0, 6, 9, 7, 2, dc, "Intel Core i*-12000 (Alder Lake-S C0)"); - FMS ( 0, 6, 9, 7, 2, "Intel (unknown type) (Alder Lake-S C0)"); + FMSQ( 0, 6, 9, 7, 2, dc, "Intel Core i*-12000 (Alder Lake-S/HX C0)"); + FMS ( 0, 6, 9, 7, 2, "Intel (unknown type) (Alder Lake-S/HX C0)"); FMSQ( 0, 6, 9, 7, 3, dc, "Intel Core i*-12000 / i*-1200P (Alder Lake-P/H)"); FMS ( 0, 6, 9, 7, 3, "Intel (unknown type) (Alder Lake-P/H)"); FMSQ( 0, 6, 9, 7, 4, dc, "Intel Core i*-1200U (Alder Lake-U G0)"); @@ -3574,6 +3590,7 @@ FM ( 0, 6, 10,15, "Intel (unknown type) (Sierra Forest)"); // undocumented, but (engr?) sample via instlatx64 from Komachi_ENSAKA FM ( 0, 6, 11, 7, "Intel (unknown type) (Raptor Lake)"); // LX*; DPTF* (which also says Raptor Lake-S) FMS ( 0, 6, 11,10, 2, "Intel (unknown type) (Raptor Lake-P J0)"); // Coreboot* + FMS ( 0, 6, 11,10, 3, "Intel (unknown type) (Raptor Lake-P Q0)"); // Coreboot* FM ( 0, 6, 11,10, "Intel (unknown type) (Raptor Lake-P)"); // LX*; DPTF*; Coreboot* FMS ( 0, 6, 11,14, 0, "Intel (unknown type) (Alder Lake-N A0)"); // Coreboot* FM ( 0, 6, 11,14, "Intel (unknown type) (Alder Lake-N)"); // Coreboot*, LX* @@ -5014,9 +5031,13 @@ } } -#define Synth_Family(value) \ +// Synth_Family reflects AMD's "Family" definition: +// the sum of the extended family and basic family +#define Synth_Family(value) \ (BIT_EXTRACT_LE(value, 20, 28) \ + BIT_EXTRACT_LE(value, 8, 12)) +// Synth_Model reflects AMD's "Model" definition: +// the bitwise catenation of the extended model and basic model #define Synth_Model(value) \ ((BIT_EXTRACT_LE(value, 16, 20) << 4) \ + BIT_EXTRACT_LE(value, 4, 8)) @@ -5959,77 +5980,50 @@ /* max_len => */ 39); } -#define PRINT_7_0_EBX(suffix,bit22descr) \ -static void \ -print_7_0_ebx_##suffix(unsigned int value) \ -{ \ - static named_item names[] \ - = { { "FSGSBASE instructions" , 0, 0, bools }, \ - { "IA32_TSC_ADJUST MSR supported" , 1, 1, bools }, \ - { "SGX: Software Guard Extensions supported", 2, 2, bools }, \ - { "BMI1 instructions" , 3, 3, bools }, \ - { "HLE hardware lock elision" , 4, 4, bools }, \ - { "AVX2: advanced vector extensions 2" , 5, 5, bools }, \ - { "FDP_EXCPTN_ONLY" , 6, 6, bools }, \ - { "SMEP supervisor mode exec protection" , 7, 7, bools }, \ - { "BMI2 instructions" , 8, 8, bools }, \ - { "enhanced REP MOVSB/STOSB" , 9, 9, bools }, \ - { "INVPCID instruction" , 10, 10, bools }, \ - { "RTM: restricted transactional memory" , 11, 11, bools }, \ - { "RDT-CMT/PQoS cache monitoring" , 12, 12, bools }, \ - { "deprecated FPU CS/DS" , 13, 13, bools }, \ - { "MPX: intel memory protection extensions" , 14, 14, bools }, \ - { "RDT-CAT/PQE cache allocation" , 15, 15, bools }, \ - { "AVX512F: AVX-512 foundation instructions", 16, 16, bools }, \ - { "AVX512DQ: double & quadword instructions", 17, 17, bools }, \ - { "RDSEED instruction" , 18, 18, bools }, \ - { "ADX instructions" , 19, 19, bools }, \ - { "SMAP: supervisor mode access prevention" , 20, 20, bools }, \ - { "AVX512IFMA: fused multiply add" , 21, 21, bools }, \ - { bit22descr , 22, 22, bools }, \ - { "CLFLUSHOPT instruction" , 23, 23, bools }, \ - { "CLWB instruction" , 24, 24, bools }, \ - { "Intel processor trace" , 25, 25, bools }, \ - { "AVX512PF: prefetch instructions" , 26, 26, bools }, \ - { "AVX512ER: exponent & reciprocal instrs" , 27, 27, bools }, \ - { "AVX512CD: conflict detection instrs" , 28, 28, bools }, \ - { "SHA instructions" , 29, 29, bools }, \ - { "AVX512BW: byte & word instructions" , 30, 30, bools }, \ - { "AVX512VL: vector length" , 31, 31, bools }, \ - }; \ - \ - print_names(value, names, LENGTH(names), \ - /* max_len => */ 40); \ -} - -PRINT_7_0_EBX(intel, "PCOMMIT instruction") -PRINT_7_0_EBX(amd, "RDPID & TSC_AUX MSR support") - static void -print_7_0_ebx(unsigned int value, - vendor_t vendor) +print_7_0_ebx(unsigned int value) { - switch (vendor) { - case VENDOR_INTEL: - case VENDOR_CYRIX: - case VENDOR_VIA: - case VENDOR_TRANSMETA: - case VENDOR_UMC: - case VENDOR_NEXGEN: - case VENDOR_RISE: - case VENDOR_SIS: - case VENDOR_NSC: - case VENDOR_VORTEX: - case VENDOR_RDC: - case VENDOR_ZHAOXIN: - case VENDOR_UNKNOWN: - print_7_0_ebx_intel(value); - break; - case VENDOR_AMD: - case VENDOR_HYGON: - print_7_0_ebx_amd(value); - break; - } + static named_item names[] + = { { "FSGSBASE instructions" , 0, 0, bools }, + { "IA32_TSC_ADJUST MSR supported" , 1, 1, bools }, + { "SGX: Software Guard Extensions supported", 2, 2, bools }, + { "BMI1 instructions" , 3, 3, bools }, + { "HLE hardware lock elision" , 4, 4, bools }, + { "AVX2: advanced vector extensions 2" , 5, 5, bools }, + { "FDP_EXCPTN_ONLY" , 6, 6, bools }, + { "SMEP supervisor mode exec protection" , 7, 7, bools }, + { "BMI2 instructions" , 8, 8, bools }, + { "enhanced REP MOVSB/STOSB" , 9, 9, bools }, + { "INVPCID instruction" , 10, 10, bools }, + { "RTM: restricted transactional memory" , 11, 11, bools }, + { "RDT-CMT/PQoS cache monitoring" , 12, 12, bools }, + { "deprecated FPU CS/DS" , 13, 13, bools }, + { "MPX: intel memory protection extensions" , 14, 14, bools }, + { "RDT-CAT/PQE cache allocation" , 15, 15, bools }, + { "AVX512F: AVX-512 foundation instructions", 16, 16, bools }, + { "AVX512DQ: double & quadword instructions", 17, 17, bools }, + { "RDSEED instruction" , 18, 18, bools }, + { "ADX instructions" , 19, 19, bools }, + { "SMAP: supervisor mode access prevention" , 20, 20, bools }, + { "AVX512IFMA: fused multiply add" , 21, 21, bools }, + // NOTE: AMD Appendix E.3.6 claims bit 22 is RDPID support, but this + // almost certainly is an error. Section 3 RDPID description says it + // is 7/0/ecx, as does Table 3-1. And this is consistent with Intel + // architectures. + { "PCOMMIT instruction" , 22, 22, bools }, + { "CLFLUSHOPT instruction" , 23, 23, bools }, + { "CLWB instruction" , 24, 24, bools }, + { "Intel processor trace" , 25, 25, bools }, + { "AVX512PF: prefetch instructions" , 26, 26, bools }, + { "AVX512ER: exponent & reciprocal instrs" , 27, 27, bools }, + { "AVX512CD: conflict detection instrs" , 28, 28, bools }, + { "SHA instructions" , 29, 29, bools }, + { "AVX512BW: byte & word instructions" , 30, 30, bools }, + { "AVX512VL: vector length" , 31, 31, bools }, + }; + + print_names(value, names, LENGTH(names), + /* max_len => */ 40); } static void @@ -6071,15 +6065,20 @@ static void print_7_0_edx(unsigned int value) { + // Bit 9 (SRBDS_CTRL) described in Intel's "Special Register Buffer Data + // Sampling", Last Updated 06/09/2020. + // Bit 11 (RTM_ALWAYS_ABORT) described in "Intel Transactional + // Synchronization Extensions (Intel TSX) Memory and Performance Monitoring + // Update for Intel Processors", Last Reviewed 02/09/2022. static named_item names[] = { { "AVX512_4VNNIW: neural network instrs" , 2, 2, bools }, { "AVX512_4FMAPS: multiply acc single prec" , 3, 3, bools }, { "fast short REP MOV" , 4, 4, bools }, { "UINTR: user interrupts" , 5, 5, bools }, { "AVX512_VP2INTERSECT: intersect mask regs", 8, 8, bools }, - { "SRBDS mitigation MSR available" , 9, 9, bools }, // LX* + { "SRBDS mitigation MSR available" , 9, 9, bools }, { "VERW MD_CLEAR microcode support" , 10, 10, bools }, - { "RTM transaction always aborts" , 11, 11, bools }, // LX* + { "RTM transaction always aborts" , 11, 11, bools }, { "TSX_FORCE_ABORT" , 13, 13, bools }, // LX* { "SERIALIZE instruction" , 14, 14, bools }, { "hybrid part" , 15, 15, bools }, @@ -6129,6 +6128,21 @@ } static void +print_7_2_edx(unsigned int value) +{ + // Described in Intel's "Branch History Injection and Intra-mode Branch Target + // Injection / CVE-2022-0001, CVE-2022-0002 / INTEL-SA-00598", Last Updated + // 07/12/2022. + static named_item names[] + = { { "IPRED_CTRL: IBP disable" , 1, 1, bools }, + { "RRSBA_CTRL: IBP bottomless RSB disable" , 2, 2, bools }, + { "BHI_CTRL: IBP BHB-focused disable" , 4, 4, bools }, + }; + print_names(value, names, LENGTH(names), + /* max_len => */ 40); +} + +static void print_a_eax(unsigned int value) { static named_item names[] @@ -7230,6 +7244,10 @@ { static named_item names[] = { { "maximum process power state" , 0, 3, NIL_IMAGES }, + { "invariant Mperf" , 5, 5, bools }, + { "supervisor shadow stack" , 6, 6, bools }, + { "architectural PMU" , 7, 7, bools }, + { "exception trap intercept" , 8, 8, bools }, }; printf(" hypervisor power management features (0x%08x/ecx):\n", reg); @@ -7437,7 +7455,7 @@ }; print_names(value, names, LENGTH(names), - /* max_len => */ 0); + /* max_len => */ 37); } static void @@ -7450,7 +7468,7 @@ }; print_names(value, names, LENGTH(names), - /* max_len => */ 0); + /* max_len => */ 37); } static void @@ -7463,11 +7481,23 @@ { "HvFlushGuestPhysicalAddress* hypercalls" , 18, 18, bools }, { "enlightened MSR bitmap support" , 19, 19, bools }, { "page fault combining virtual exceptions" , 20, 20, bools }, + { "VMCS GuestIa32DebugCtl support" , 21, 21, bools }, { "nested enlightened TLB flush support" , 22, 22, bools }, }; print_names(value, names, LENGTH(names), - /* max_len => */ 0); + /* max_len => */ 39); +} + +static void +print_hypervisor_a_ebx_microsoft(unsigned int value) +{ + static named_item names[] + = { { "VMCS HvFlushGuestPhysicalAddress*" , 0, 0, bools }, + }; + + print_names(value, names, LENGTH(names), + /* max_len => */ 39); } static void @@ -8291,7 +8321,8 @@ } static void -print_80000008_ebx(unsigned int value) +print_80000008_ebx(unsigned int value, + const code_stash_t* stash) { static named_item names[] = { { "CLZERO instruction" , 0, 0, bools }, @@ -8318,12 +8349,18 @@ { "SSBD fixed in hardware" , 26, 26, bools }, { "CPPC: collaborative processor perf ctrl" , 27, 27, bools }, { "PSFD: predictive store forward disable" , 28, 28, bools }, + { "not vulnerable to branch type confusion" , 29, 29, bools }, { "branch sampling feature support" , 31, 31, bools }, }; printf(" Extended Feature Extensions ID (0x80000008/ebx):\n"); print_names(value, names, LENGTH(names), /* max_len => */ 0); + + boolean not_vuln_BTC = (BIT_EXTRACT_LE(value, 29, 30) + || Synth_Family(stash->val_80000001_eax) == 0x19); + printf(" (vuln to branch type confusion synth) = %s\n", + bools[!not_vuln_BTC]); } static void @@ -8388,6 +8425,7 @@ { "virtualized VMLOAD/VMSAVE" , 15, 15, bools }, { "virtualized global interrupt flag (GIF)" , 16, 16, bools }, { "GMET: guest mode execute trap" , 17, 17, bools }, + { "X2AVIC: virtualized X2APIC" , 18, 18, bools }, // LX* { "supervisor shadow stack" , 19, 19, bools }, { "guest Spec_ctl support" , 20, 20, bools }, { "host MCE override" , 23, 23, bools }, @@ -9345,12 +9383,14 @@ } else if (reg == 7) { if (try == 0) { printf(" extended feature flags (7):\n"); - print_7_0_ebx(words[WORD_EBX], stash->vendor); + print_7_0_ebx(words[WORD_EBX]); print_7_0_ecx(words[WORD_ECX]); print_7_0_edx(words[WORD_EDX]); } else if (try == 1) { print_7_1_eax(words[WORD_EAX]); print_7_1_ebx(words[WORD_EBX]); + } else if (try == 2) { + print_7_2_edx(words[WORD_EDX]); } else { /* Reserved: DO NOTHING */ } @@ -9722,6 +9762,7 @@ && stash->hypervisor == HYPERVISOR_MICROSOFT) { printf(" hypervisor nested virtualization features (0x%08x):\n", reg); print_hypervisor_a_eax_microsoft(words[WORD_EAX]); + print_hypervisor_a_ebx_microsoft(words[WORD_EBX]); } else if (IS_HYPERVISOR_LEAF(reg, 0xc) && stash->hypervisor == HYPERVISOR_MICROSOFT) { printf(" hypervisor isolation configuration (0x%08x):\n", reg); @@ -9787,7 +9828,7 @@ print_80000007_edx(words[WORD_EDX]); } else if (reg == 0x80000008) { print_80000008_eax(words[WORD_EAX]); - print_80000008_ebx(words[WORD_EBX]); + print_80000008_ebx(words[WORD_EBX], stash); printf(" Size Identifiers (0x80000008/ecx):\n"); unsigned int num_thrs = BIT_EXTRACT_LE(stash->val_80000008_ecx, 0, 8); if (Synth_Family(stash->val_80000001_eax) > 0x16) { @@ -9958,40 +9999,82 @@ } } -#define USE_INSTRUCTION (-2) +// Return nr_cpu_ids, one more than the maximum CPU number. (This term is used +// within the linux kernel.) For systems with contiguous CPU numbers, this is +// the total number of CPUs. But it may be larger for systems with potentially +// non-contiguous CPU numbers. +static unsigned long get_nr_cpu_ids(void) +{ +#if defined(USE_KERNEL_SCHED_SETAFFINITY) + static unsigned long result = 0; + if (result == 0) { + unsigned long attempt = 1024; + for (;;) { + size_t setsize = attempt / 8; + char* set = malloc(setsize); + if (set == NULL) { + fprintf(stderr, "%s: out of memory (get_nr_cpu_ids)\n", program); + exit(1); + } + int status; + status = syscall(__NR_sched_getaffinity, 0, setsize, set); + free(set); + if (status >= 0) { + // The setsize is big enough + result = attempt; + break; + } else if (status == -1 && errno != EINVAL) { + fprintf(stderr, + "%s: unable to getaffinity to determine nr_cpu_ids" + "; errno = %d (%s)\n", + program, errno, strerror(errno)); + fprintf(stderr, + "%s: using -1 will run on an arbitrary CPU, which does" + " not require nr_cpu_ids.\n", + program); + exit(1); + } + // The setsize is not big enough: make another attempt + attempt *= 2; + } + } + return result; +#elif defined(USE_PROCESSOR_BIND) + return sysconf(_SC_NPROCESSORS_CONF); +#else + unsigned long result = sysconf(_SC_NPROCESSORS_CONF); + if (result > CPU_SETSIZE) result = CPU_SETSIZE; +#endif +} -#define MAX_CPUS 1024 +unsigned int nr_cpu_ids; -static int -real_setup(unsigned int cpu, - boolean one_cpu, - boolean inst) +static void real_prepare(void) +{ + nr_cpu_ids = get_nr_cpu_ids(); +} + +#define USE_INSTRUCTION (-2) + +static int real_setup(unsigned int cpu, + boolean one_cpu, + boolean inst) { if (inst) { if (!one_cpu) { - /* - ** This test is necessary because some versions of Linux will accept - ** a sched_setaffinity mask that includes only nonexistent CPUs. - */ - static unsigned int num_cpus = 0; - if (num_cpus == 0) { - num_cpus = sysconf(_SC_NPROCESSORS_CONF); - } - if (cpu >= num_cpus) return -1; - #if defined(USE_KERNEL_SCHED_SETAFFINITY) /* ** The interface for sched_setaffinity and cpusets has changed many ** times. Insulate this tool from all that by calling the system ** service directly. */ - unsigned int mask[MAX_CPUS / (sizeof(unsigned int)*8)]; - bzero(&mask, sizeof(mask)); - mask[cpu / (sizeof(unsigned int)*8)] - = (1 << cpu % (sizeof(unsigned int)*8)); + unsigned char* mask = malloc(nr_cpu_ids/8); + bzero(mask, nr_cpu_ids/8); + mask[cpu / 8] = (1 << (cpu % 8)); int status; - status = syscall(__NR_sched_setaffinity, 0, sizeof(mask), &mask); + status = syscall(__NR_sched_setaffinity, 0, nr_cpu_ids/8, mask); + free(mask); #elif defined(USE_PROCESSOR_BIND) pthread_t thread = pthread_self(); int status = processor_bind(P_LWPID, thread, cpu, NULL); @@ -10194,16 +10277,18 @@ boolean raw, boolean debug UNUSED) { + real_prepare(); + unsigned int cpu; - for (cpu = 0;; cpu++) { + for (cpu = 0; cpu < nr_cpu_ids; cpu++) { int cpuid_fd = -1; code_stash_t stash = NIL_STASH; if (one_cpu && cpu > 0) break; cpuid_fd = real_setup(cpu, one_cpu, inst); - if (cpuid_fd == -1) break; + if (cpuid_fd == -1) continue; if (inst && one_cpu) { printf("CPU:\n"); @@ -10223,9 +10308,11 @@ boolean raw, boolean debug) { + real_prepare(); + unsigned int cpu; - for (cpu = 0;; cpu++) { + for (cpu = 0; cpu < nr_cpu_ids; cpu++) { int cpuid_fd = -1; code_stash_t stash = NIL_STASH; unsigned int max; @@ -10234,7 +10321,7 @@ if (one_cpu && cpu > 0) break; cpuid_fd = real_setup(cpu, one_cpu, inst); - if (cpuid_fd == -1) break; + if (cpuid_fd == -1) continue; if (inst && one_cpu) { printf("CPU:\n"); diff -Nru cpuid-20220620/cpuid.man cpuid-20220812/cpuid.man --- cpuid-20220620/cpuid.man 2022-06-20 12:01:11.000000000 +0000 +++ cpuid-20220812/cpuid.man 2022-08-12 13:56:51.000000000 +0000 @@ -1,7 +1,7 @@ .\" -.\" $Id: cpuid.man,v 20220620 2022/06/20 06:01:00 todd $ +.\" $Id: cpuid.man,v 20220812 2022/08/12 07:56:29 todd $ .\" -.TH CPUID 1 "20 Jun 2022" "20220620" +.TH CPUID 1 "12 Aug 2022" "20220812" .SH NAME cpuid \- Dump CPUID information for each CPU .SH SYNOPSIS @@ -470,7 +470,8 @@ .br 335252: 5-Level Paging and 5-Level EPT White Paper .br -335718: Intel Xeon Processor E3-1200 v6 Product Family Specification Update +335718/730694: Intel Xeon Processor E3-1200 v6 Product Family +Specification Update .br 335864: Intel Celeron Processor J1800, J1900, N2807, and N2930 for Internet of Things Specification Update Addendum @@ -523,6 +524,16 @@ formerly known as Alder Lake .br Intel Microcode Update Guidance +.br +Branch History Injection and Intra-mode Branch Target Injection / +CVE-2022-0001, CVE-2022-0002 / INTEL-SA-00598 +.br +Intel Transactional Synchronization Extensions (Intel TSX) Memory and +Performance Monitoring Update for Intel Processors (Article ID 000059422) +.br +Retpoline: A Branch Target Injection Mitigation +.br +Special Register Buffer Data Sampling .RE Information on the CPUID instruction and on specific CPUs is available from @@ -623,6 +634,9 @@ Revision 4.10.18 .br AMD64 Technology Speculative Store Bypass Disable (White Paper), Revision 5.21.18 +.br +Technical Guidance For Mitigating Branch Type Confusion (White Paper), +Revision 2022-07-12 .RE Information on the CPUID instruction and on specific CPUs is available diff -Nru cpuid-20220620/cpuid.spec cpuid-20220812/cpuid.spec --- cpuid-20220620/cpuid.spec 2022-06-20 12:04:17.000000000 +0000 +++ cpuid-20220812/cpuid.spec 2022-08-12 13:58:09.000000000 +0000 @@ -1,4 +1,4 @@ -%define version 20220620 +%define version 20220812 %define release 1 Summary: dumps CPUID information about the CPU(s) Name: cpuid diff -Nru cpuid-20220620/debian/changelog cpuid-20220812/debian/changelog --- cpuid-20220620/debian/changelog 2022-07-02 10:38:50.000000000 +0000 +++ cpuid-20220812/debian/changelog 2022-08-20 14:48:38.000000000 +0000 @@ -1,3 +1,10 @@ +cpuid (20220812-1) unstable; urgency=medium + + * New upstream version. + * Bump Standards-Version to 4.6.1. + + -- Andrey Rahmatullin Sat, 20 Aug 2022 19:48:38 +0500 + cpuid (20220620-1) unstable; urgency=medium * New upstream version. diff -Nru cpuid-20220620/debian/control cpuid-20220812/debian/control --- cpuid-20220620/debian/control 2022-07-02 10:38:50.000000000 +0000 +++ cpuid-20220812/debian/control 2022-08-20 14:48:38.000000000 +0000 @@ -3,7 +3,7 @@ Priority: optional Maintainer: Andrey Rahmatullin Build-Depends: debhelper-compat (= 13) -Standards-Version: 4.6.0 +Standards-Version: 4.6.1 Vcs-Git: https://salsa.debian.org/debian/cpuid.git Vcs-Browser: https://salsa.debian.org/debian/cpuid Homepage: http://www.etallen.com/cpuid.html diff -Nru cpuid-20220620/FAMILY.NOTES cpuid-20220812/FAMILY.NOTES --- cpuid-20220620/FAMILY.NOTES 2022-06-13 10:53:01.000000000 +0000 +++ cpuid-20220812/FAMILY.NOTES 2022-08-12 13:25:33.000000000 +0000 @@ -180,7 +180,7 @@ ----------------------------------------------------- Silvermont Rangeley ? Rangeley ----------------------------------------------------- - Tremont ? ? Snow Ridge + Tremont Snow Ridge ? Snow Ridge ----------------------------------------------------- * Canceled core diff -Nru cpuid-20220620/Makefile cpuid-20220812/Makefile --- cpuid-20220620/Makefile 2022-06-20 12:00:37.000000000 +0000 +++ cpuid-20220812/Makefile 2022-08-12 13:38:01.000000000 +0000 @@ -8,7 +8,7 @@ INSTALL_STRIP=-s PACKAGE=cpuid -VERSION=20220620 +VERSION=20220812 RELEASE=1 PROG=$(PACKAGE)