[PATCH v2 0/5] KVM: x86: Expose Zhaoxin CPUID 0xC0000001 EDX cryptographic features

[Ewan Hai]

This series exposes five groups of Zhaoxin-specific CPUID 0xC0000001 EDX
feature bits to KVM guests. Each group corresponds to a category of
unprivileged cryptographic or RNG instructions that have been present in
Zhaoxin processors but not yet advertised by KVM.

All instructions covered here are unprivileged (no CPL restriction) and
available in all CPU modes (real / V86 / compat / protected / long), with
no associated MSR control. Each feature is reported as a (X, X_EN) pair
where the two bits are redundant by hardware design (set or cleared
together), and both are CPUID-level reporting bits requiring no KVM
emulation.

The five feature groups:

1. SM2 (bits 0, 1): SM2 elliptic-curve public-key cryptography algorithm
   per GM/T 0003-2012. Used for key generation, encryption/decryption,
   digital signatures, and key exchange in Chinese cryptographic
   standards.

2. CCS (bits 4, 5): SM3 hash algorithm per GM/T 0004-2012 and SM4 block
   cipher per GM/T 0002-2012 (supports ECB / CBC / CFB / OFB / CTR plus
   CBC-MAC / CFB-MAC). Foundational primitives for Chinese cryptographic
   protocols.

3. RNG2 (bits 22, 23): Second-generation hardware RNG exposed via the
   REP XRNG2 instruction. Two on-die RNG sources selectable per call,
   with raw and post-processed output modes. Provides high-quality
   entropy for cryptographic operations.

4. PHE2 (bits 25, 26): SHA-384 and SHA-512 hardware acceleration per
   FIPS 180-3, exposed via REP XSHA384 and REP XSHA512. Used by TLS,
   SSH, file integrity, and signature schemes.

5. RSA (bits 27, 28): Big-number modular exponentiation (REP XMODEXP,
   A^B mod M) and modular multiplication (REP MONTMUL2, A*B mod M),
   supporting operand sizes from 256 to 32768 bits. Used for RSA and
   related public-key operations.

References:
  The instruction encodings, control-word formats, and per-feature
  semantics referenced in the individual patches are documented in:
    - GMI Instruction Set Reference (SM2 / SM3 / SM4)
    - PadLock Instruction Reference (XRNG2 / XSHA384 / XSHA512 /
      XMODEXP / MONTMUL2)
  Both available from https://kib.kiev.ua/x86docs/Zhaoxin/

Changes since v1:
- Move the X86_FEATURE_xx definitions from arch/x86/kvm/reverse_cpuid.h
  into arch/x86/include/asm/cpufeatures.h, filling the unused bit
  positions in word 5 (which is reserved for CPUID 0xC0000001 EDX),
  per Sean's review feedback.
- Tighten wording in each commit message: "user-mode" -> "unprivileged
  (no CPL restriction)", since the instructions execute at any CPL.

v1: https://lore.kernel.org/all/20260513124846.1622462-1-ewandevelop@xxxxxxxxx/

Ewan Hai (5):
  KVM: x86: Expose Zhaoxin SM2 CPUID feature
  KVM: x86: Expose Zhaoxin CCS (SM3 + SM4) CPUID feature
  KVM: x86: Expose Zhaoxin RNG2 CPUID feature
  KVM: x86: Expose Zhaoxin PHE2 CPUID feature
  KVM: x86: Expose Zhaoxin RSA CPUID feature

 arch/x86/include/asm/cpufeatures.h | 10 ++++++++++
 arch/x86/kvm/cpuid.c               | 10 ++++++++++
 2 files changed, 20 insertions(+)


base-commit: 50897c955902c93ae71c38698abb910525ebdc89
--
2.34.1