Changeset 107703 in vbox

Timestamp:

Jan 11, 2025 10:55:53 PM (4 months ago)

Author:

vboxsync

svn:sync-xref-src-repo-rev:

166799

Message:

VMM/CPUM: Try consolidate the MSR_IA32_ARCH_CAPABILITIES handling in CPUM and do better sanitizing of what's exposed to the guest. jiraref:VBP-947

Location:

trunk

Files:

• include/VBox/vmm/cpum.h (modified) (1 diff)
• include/iprt/x86.h (modified) (3 diffs)
• src/VBox/VMM/VMMAll/CPUMAllCpuId.cpp (modified) (1 diff)
• src/VBox/VMM/VMMR0/CPUMR0.cpp (modified) (2 diffs)
• src/VBox/VMM/VMMR3/NEMR3Native-darwin.cpp (modified) (2 diffs)

trunk/include/VBox/vmm/cpum.h

@@ -1544 +1544 @@
 #if defined(RT_ARCH_X86) || defined(RT_ARCH_AMD64)
 VMMDECL(int)            CPUMCpuIdCollectLeavesFromX86Host(PCPUMCPUIDLEAF *ppaLeaves, uint32_t *pcLeaves);
+VMM_INT_DECL(void)      CPUMCpuIdApplyX86HostArchCapabilities(PVMCC pVM, bool fHasArchCap, uint64_t fHostArchVal);
 #endif
 #if defined(RT_ARCH_ARM64)

trunk/include/iprt/x86.h

@@ -1446 +1446 @@
  * Logical processor scope. Reset value 0, unaffected by SIPI & INIT. */
 #define MSR_IA32_SPEC_CTRL                  0x48
+/** @name MSR_IA32_SPEC_CTRL bits
+ * @{ */
 /** IBRS - Indirect branch restricted speculation. */
-#define MSR_IA32_SPEC_CTRL_F_IBRS           RT_BIT_32(0)
+#define MSR_IA32_SPEC_CTRL_F_IBRS                   RT_BIT_64(0)
 /** STIBP - Single thread indirect branch predictors. */
-#define MSR_IA32_SPEC_CTRL_F_STIBP          RT_BIT_32(1)
+#define MSR_IA32_SPEC_CTRL_F_STIBP                  RT_BIT_64(1)
 /** SSBD - Speculative Store Bypass Disable. */
-#define MSR_IA32_SPEC_CTRL_F_SSBD           RT_BIT_32(2)
+#define MSR_IA32_SPEC_CTRL_F_SSBD                   RT_BIT_64(2)
+#define MSR_IA32_SPEC_CTRL_F_IPRED_DIS_U            RT_BIT_64(3)
+#define MSR_IA32_SPEC_CTRL_F_IPRED_DIS_S            RT_BIT_64(4)
+#define MSR_IA32_SPEC_CTRL_F_RRSBA_DIS_U            RT_BIT_64(5)
+#define MSR_IA32_SPEC_CTRL_F_RRSBA_DIS_S            RT_BIT_64(6)
+#define MSR_IA32_SPEC_CTRL_F_PSFD                   RT_BIT_64(7)
+#define MSR_IA32_SPEC_CTRL_F_DDPD_U                 RT_BIT_64(8)
+/* 9 is reserved (for DDPD_S?) */
+#define MSR_IA32_SPEC_CTRL_F_BHI_DIS_S              RT_BIT_64(9)
+/** @} */
 
 /** Prediction command register.
@@ -1457 +1468 @@
 #define MSR_IA32_PRED_CMD                   0x49
 /** IBPB - Indirect branch prediction barrie when written as 1. */
-#define MSR_IA32_PRED_CMD_F_IBPB            RT_BIT_32(0)
+#define MSR_IA32_PRED_CMD_F_IBPB                    RT_BIT_64(0)
 
 /** BIOS update trigger (microcode update). */
@@ -1574 +1585 @@
 /** Architecture capabilities (bugfixes). */
 #define MSR_IA32_ARCH_CAPABILITIES          UINT32_C(0x10a)
+/** @name MSR_IA32_ARCH_CAPABILITIES bits
+ * @{ */
 /** CPU is no subject to meltdown problems. */
-#define MSR_IA32_ARCH_CAP_F_RDCL_NO                 RT_BIT_32(0)
+#define MSR_IA32_ARCH_CAP_F_RDCL_NO                 RT_BIT_64(0)
 /** CPU has better IBRS and you can leave it on all the time. */
-#define MSR_IA32_ARCH_CAP_F_IBRS_ALL                RT_BIT_32(1)
+#define MSR_IA32_ARCH_CAP_F_IBRS_ALL                RT_BIT_64(1)
 /** CPU has return stack buffer (RSB) override. */
-#define MSR_IA32_ARCH_CAP_F_RSBO                    RT_BIT_32(2)
+#define MSR_IA32_ARCH_CAP_F_RSBO                    RT_BIT_64(2)
 /** Virtual machine monitors need not flush the level 1 data cache on VM entry.
  * This is also the case when MSR_IA32_ARCH_CAP_F_RDCL_NO is set. */
-#define MSR_IA32_ARCH_CAP_F_VMM_NEED_NOT_FLUSH_L1D  RT_BIT_32(3)
+#define MSR_IA32_ARCH_CAP_F_VMM_NEED_NOT_FLUSH_L1D  RT_BIT_64(3)
 /** CPU does not suffer from speculative store bypass (SSB) issues.   */
-#define MSR_IA32_ARCH_CAP_F_SSB_NO                  RT_BIT_32(4)
+#define MSR_IA32_ARCH_CAP_F_SSB_NO                  RT_BIT_64(4)
 /** CPU does not suffer from microarchitectural data sampling (MDS) issues. */
-#define MSR_IA32_ARCH_CAP_F_MDS_NO                  RT_BIT_32(5)
+#define MSR_IA32_ARCH_CAP_F_MDS_NO                  RT_BIT_64(5)
 /** CPU does not suffer MCE after change code page size w/o invlpg issues. */
-#define MSR_IA32_ARCH_CAP_F_IF_PSCHANGE_MC_NO       RT_BIT_32(6)
+#define MSR_IA32_ARCH_CAP_F_IF_PSCHANGE_MC_NO       RT_BIT_64(6)
 /** CPU has RTM_DISABLE and TXS_CPUID_CLEAR support. */
-#define MSR_IA32_ARCH_CAP_F_TSX_CTRL                RT_BIT_32(7)
+#define MSR_IA32_ARCH_CAP_F_TSX_CTRL                RT_BIT_64(7)
 /** CPU does not suffer from transaction synchronization extensions (TSX)
  *  asyncrhonous abort (TAA) issues. */
-#define MSR_IA32_ARCH_CAP_F_TAA_NO                  RT_BIT_32(8)
+#define MSR_IA32_ARCH_CAP_F_TAA_NO                  RT_BIT_64(8)
 /* 9 is 'reserved' */
-#define MSR_IA32_ARCH_CAP_F_MISC_PACKAGE_CTRLS      RT_BIT_32(10)
-#define MSR_IA32_ARCH_CAP_F_ENERGY_FILTERING_CTL    RT_BIT_32(11)
-#define MSR_IA32_ARCH_CAP_F_DOITM                   RT_BIT_32(12)
-#define MSR_IA32_ARCH_CAP_F_SBDR_SSDP_NO            RT_BIT_32(13)
-#define MSR_IA32_ARCH_CAP_F_FBSDP_NO                RT_BIT_32(14)
-#define MSR_IA32_ARCH_CAP_F_PSDP_NO                 RT_BIT_32(15)
+#define MSR_IA32_ARCH_CAP_F_MISC_PACKAGE_CTRLS      RT_BIT_64(10)
+#define MSR_IA32_ARCH_CAP_F_ENERGY_FILTERING_CTL    RT_BIT_64(11)
+#define MSR_IA32_ARCH_CAP_F_DOITM                   RT_BIT_64(12)
+#define MSR_IA32_ARCH_CAP_F_SBDR_SSDP_NO            RT_BIT_64(13)
+#define MSR_IA32_ARCH_CAP_F_FBSDP_NO                RT_BIT_64(14)
+#define MSR_IA32_ARCH_CAP_F_PSDP_NO                 RT_BIT_64(15)
 /* 16 is 'reserved' */
-#define MSR_IA32_ARCH_CAP_F_FB_CLEAR                RT_BIT_32(17)
-#define MSR_IA32_ARCH_CAP_F_FB_CLEAR_CTRL           RT_BIT_32(18)
-#define MSR_IA32_ARCH_CAP_F_RRSBA                   RT_BIT_32(19)
-#define MSR_IA32_ARCH_CAP_F_BHI_NO                  RT_BIT_32(20)
-#define MSR_IA32_ARCH_CAP_F_XAPIC_DISABLE_STATUS    RT_BIT_32(21)
+#define MSR_IA32_ARCH_CAP_F_FB_CLEAR                RT_BIT_64(17)
+#define MSR_IA32_ARCH_CAP_F_FB_CLEAR_CTRL           RT_BIT_64(18)
+#define MSR_IA32_ARCH_CAP_F_RRSBA                   RT_BIT_64(19)
+#define MSR_IA32_ARCH_CAP_F_BHI_NO                  RT_BIT_64(20)
+#define MSR_IA32_ARCH_CAP_F_XAPIC_DISABLE_STATUS    RT_BIT_64(21)
 /* 22 is 'reserved' */
-#define MSR_IA32_ARCH_CAP_F_OVERCLOCKING_STATUS     RT_BIT_32(22)
-#define MSR_IA32_ARCH_CAP_F_PBRSB_NO                RT_BIT_32(23)
-#define MSR_IA32_ARCH_CAP_F_GDS_CTRL                RT_BIT_32(24)
-#define MSR_IA32_ARCH_CAP_F_GDS_NO                  RT_BIT_32(25)
-#define MSR_IA32_ARCH_CAP_F_RFDS_NO                 RT_BIT_32(26)
-#define MSR_IA32_ARCH_CAP_F_RFDS_CLEAR              RT_BIT_32(27)
+#define MSR_IA32_ARCH_CAP_F_OVERCLOCKING_STATUS     RT_BIT_64(23)
+#define MSR_IA32_ARCH_CAP_F_PBRSB_NO                RT_BIT_64(24)
+#define MSR_IA32_ARCH_CAP_F_GDS_CTRL                RT_BIT_64(25)
+#define MSR_IA32_ARCH_CAP_F_GDS_NO                  RT_BIT_64(26)
+#define MSR_IA32_ARCH_CAP_F_RFDS_NO                 RT_BIT_64(27)
+#define MSR_IA32_ARCH_CAP_F_RFDS_CLEAR              RT_BIT_64(28)
+#define MSR_IA32_ARCH_CAP_F_IGN_UMONITOR_SUPPORT    RT_BIT_64(29)
+#define MSR_IA32_ARCH_CAP_F_MON_UMON_MITIG_SUPPORT  RT_BIT_64(30)
+/** @} */
 
 /** Flush command register. */
 #define MSR_IA32_FLUSH_CMD                  UINT32_C(0x10b)
 /** Flush the level 1 data cache when this bit is written. */
-#define MSR_IA32_FLUSH_CMD_F_L1D            RT_BIT_32(0)
+#define MSR_IA32_FLUSH_CMD_F_L1D                    RT_BIT_64(0)
 
 /** Cache control/info. */

trunk/src/VBox/VMM/VMMAll/CPUMAllCpuId.cpp

@@ -1644 +1644 @@
 }
 
+
+/**
+ * Helper for extracting feature bits from IA32_ARCH_CAPABILITIES.
+ */
+static void cpumCpuIdExplodeArchCapabilities(CPUMFEATURESX86 *pFeatures, bool fHasArchCap, uint64_t fArchVal)
+{
+    Assert(fHasArchCap || fArchVal == 0);
+    pFeatures->fArchCap                = fHasArchCap;
+    pFeatures->fArchRdclNo             = RT_BOOL(fArchVal & MSR_IA32_ARCH_CAP_F_RDCL_NO);
+    pFeatures->fArchIbrsAll            = RT_BOOL(fArchVal & MSR_IA32_ARCH_CAP_F_IBRS_ALL);
+    pFeatures->fArchRsbOverride        = RT_BOOL(fArchVal & MSR_IA32_ARCH_CAP_F_RSBO);
+    pFeatures->fArchVmmNeedNotFlushL1d = RT_BOOL(fArchVal & MSR_IA32_ARCH_CAP_F_VMM_NEED_NOT_FLUSH_L1D);
+#if 0
+    pFeatures->fArchSsbNo              = RT_BOOL(fArchVal & MSR_IA32_ARCH_CAP_F_SSB_NO);
+#endif
+    pFeatures->fArchMdsNo              = RT_BOOL(fArchVal & MSR_IA32_ARCH_CAP_F_MDS_NO);
+#if 0
+    pFeatures->fArchIfPschangeMscNo    = RT_BOOL(fArchVal & MSR_IA32_ARCH_CAP_F_IF_PSCHANGE_MC_NO);
+    pFeatures->fArchTsxCtrl            = RT_BOOL(fArchVal & MSR_IA32_ARCH_CAP_F_TSX_CTRL);
+    pFeatures->fArchTaaNo              = RT_BOOL(fArchVal & MSR_IA32_ARCH_CAP_F_TAA_NO);
+    pFeatures->fArchMiscPackageCtrls   = RT_BOOL(fArchVal & MSR_IA32_ARCH_CAP_F_MISC_PACKAGE_CTRLS);
+    pFeatures->fArchEnergyFilteringCtl = RT_BOOL(fArchVal & MSR_IA32_ARCH_CAP_F_ENERGY_FILTERING_CTL);
+    pFeatures->fArchDoitm              = RT_BOOL(fArchVal & MSR_IA32_ARCH_CAP_F_DOITM);
+    pFeatures->fArchSbdrSsdpNo         = RT_BOOL(fArchVal & MSR_IA32_ARCH_CAP_F_SBDR_SSDP_NO);
+    pFeatures->fArchFbsdpNo            = RT_BOOL(fArchVal & MSR_IA32_ARCH_CAP_F_FBSDP_NO);
+    pFeatures->fArchPsdpNo             = RT_BOOL(fArchVal & MSR_IA32_ARCH_CAP_F_PSDP_NO);
+    pFeatures->fArchFbClear            = RT_BOOL(fArchVal & MSR_IA32_ARCH_CAP_F_FB_CLEAR);
+    pFeatures->fArchFbClearCtrl        = RT_BOOL(fArchVal & MSR_IA32_ARCH_CAP_F_FB_CLEAR_CTRL);
+    pFeatures->fArchRrsba              = RT_BOOL(fArchVal & MSR_IA32_ARCH_CAP_F_RRSBA);
+    pFeatures->fArchBhiNo              = RT_BOOL(fArchVal & MSR_IA32_ARCH_CAP_F_BHI_NO);
+    pFeatures->fArchXapicDisableStatus = RT_BOOL(fArchVal & XAPIC_DISABLE_STATUS);
+    pFeatures->fArchOverclockingStatus = RT_BOOL(fArchVal & MSR_IA32_ARCH_CAP_F_OVERCLOCKING_STATUS);
+    pFeatures->fArchPbrsbNo            = RT_BOOL(fArchVal & MSR_IA32_ARCH_CAP_F_PBRSB_NO);
+    pFeatures->fArchGdsCtrl            = RT_BOOL(fArchVal & MSR_IA32_ARCH_CAP_F_GDS_CTRL);
+    pFeatures->fArchGdsNo              = RT_BOOL(fArchVal & MSR_IA32_ARCH_CAP_F_GDS_NO);
+    pFeatures->fArchRfdsNo             = RT_BOOL(fArchVal & MSR_IA32_ARCH_CAP_F_RFDS_NO);
+    pFeatures->fArchRfdsClear          = RT_BOOL(fArchVal & MSR_IA32_ARCH_CAP_F_RFDS_CLEAR);
+    pFeatures->fArchIgnUmonitorSupport = RT_BOOL(fArchVal & MSR_IA32_ARCH_CAP_F_IGN_UMONITOR_SUPPORT);
+    pFeatures->fArchMonUmonMitigSupport= RT_BOOL(fArchVal & MSR_IA32_ARCH_CAP_F_MON_UMON_MITIG_SUPPORT);
+#endif
+}
+
+
+# if defined(VBOX_VMM_TARGET_X86) || defined(VBOX_VMM_TARGET_AGNOSTIC)
+/**
+ * Sets the guest IA32_ARCH_CAPABILITIES value and associated feature bits.
+ */
+void cpumCpuIdSetGuestArchCapabilities(PVMCC pVM, bool fHasArchCap, uint64_t fArchVal, bool fHasIbrs)
+{
+    if (!fHasArchCap)
+        fArchVal = 0;
+    else if (!fHasIbrs)
+        fArchVal &= ~MSR_IA32_ARCH_CAP_F_IBRS_ALL;
+    fArchVal &= ~(  RT_BIT_64(9)
+                  | MSR_IA32_ARCH_CAP_F_MISC_PACKAGE_CTRLS
+                  | MSR_IA32_ARCH_CAP_F_ENERGY_FILTERING_CTL
+                  | MSR_IA32_ARCH_CAP_F_DOITM
+                  | RT_BIT_64(16)
+                  | RT_BIT_64(22)
+                  | MSR_IA32_ARCH_CAP_F_FB_CLEAR_CTRL
+                    /** @todo mask off MSR_IA32_ARCH_CAP_F_RRSBA ? */
+                  | MSR_IA32_ARCH_CAP_F_XAPIC_DISABLE_STATUS
+                  | MSR_IA32_ARCH_CAP_F_OVERCLOCKING_STATUS /** @todo expose IA32_OVERCLOCKING_STATUS */
+                  | MSR_IA32_ARCH_CAP_F_GDS_CTRL
+                  | MSR_IA32_ARCH_CAP_F_IGN_UMONITOR_SUPPORT
+                  | MSR_IA32_ARCH_CAP_F_MON_UMON_MITIG_SUPPORT
+                  | ~(RT_BIT_64(31) - 1U)
+                  );
+    VMCC_FOR_EACH_VMCPU_STMT(pVM, pVCpu->cpum.s.GuestMsrs.msr.ArchCaps = fArchVal);
+
+    cpumCpuIdExplodeArchCapabilities(&pVM->cpum.s.GuestFeatures, fHasArchCap, fArchVal);
+    LogRel(("CPUM: Guest IA32_ARCH_CAPABILITIES = %#RX64\n", fArchVal));
+}
+# endif
+
+
+# if defined(RT_ARCH_X86) || defined(RT_ARCH_AMD64)
+/**
+ * Sets host & guest feature bits & MSRs related to IA32_ARCH_CAPABILITIES.
+ *
+ * ASSUMES this is called after the basic guest features has been exploded.
+ */
+VMM_INT_DECL(void) CPUMCpuIdApplyX86HostArchCapabilities(PVMCC pVM, bool fHasArchCap, uint64_t fHostArchVal)
+{
+    cpumCpuIdExplodeArchCapabilities(const_cast<CPUMFEATURESX86 *>(&pVM->cpum.s.HostFeatures.s), fHasArchCap, fHostArchVal);
+    LogRel(("CPUM: Host IA32_ARCH_CAPABILITIES  = %#RX64\n", fHostArchVal));
+
+# if defined(VBOX_VMM_TARGET_X86) || defined(VBOX_VMM_TARGET_AGNOSTIC)
+#  ifdef VBOX_VMM_TARGET_AGNOSTIC
+    /** @todo arm on x86: check VM target. */
+#  endif
+    cpumCpuIdSetGuestArchCapabilities(pVM, fHasArchCap && pVM->cpum.s.GuestFeatures.fArchCap,
+                                      fHostArchVal, pVM->cpum.s.GuestFeatures.fIbrs);
+#  endif
+}
+# endif /* defined(RT_ARCH_X86) || defined(RT_ARCH_AMD64) */
+
 #endif /* defined(RT_ARCH_X86) || defined(RT_ARCH_AMD64) || defined(VBOX_VMM_TARGET_X86) */
 

trunk/src/VBox/VMM/VMMR0/CPUMR0.cpp

@@ -361 +361 @@
          * Copy MSR_IA32_ARCH_CAPABILITIES bits over into the host and guest feature
          * structure and as well as the guest MSR.
-         * Note! we assume this happens after the CPUMR3Init is done, so CPUID bits are settled.
+         * Note! We assume this happens after the CPUMR3Init is done, so CPUID bits are settled.
          */
-        pVM->cpum.s.HostFeatures.s.fArchRdclNo             = 0;
-        pVM->cpum.s.HostFeatures.s.fArchIbrsAll            = 0;
-        pVM->cpum.s.HostFeatures.s.fArchRsbOverride        = 0;
-        pVM->cpum.s.HostFeatures.s.fArchVmmNeedNotFlushL1d = 0;
-        pVM->cpum.s.HostFeatures.s.fArchMdsNo              = 0;
-        uint32_t const cStdRange = ASMCpuId_EAX(0);
+        uint64_t       fHostArchVal = 0;
+        bool           fHasArchCap  = false;
+        uint32_t const cStdRange    = ASMCpuId_EAX(0);
         if (   RTX86IsValidStdRange(cStdRange)
             && cStdRange >= 7)
@@ -377 +374 @@
                 && (fFeatures & X86_CPUID_FEATURE_EDX_MSR))
             {
-                /* Host: */
-                uint64_t const fHostArchVal = ASMRdMsr(MSR_IA32_ARCH_CAPABILITIES);
-                uint64_t fArchVal = fHostArchVal;
-                pVM->cpum.s.HostFeatures.s.fArchRdclNo             = RT_BOOL(fArchVal & MSR_IA32_ARCH_CAP_F_RDCL_NO);
-                pVM->cpum.s.HostFeatures.s.fArchIbrsAll            = RT_BOOL(fArchVal & MSR_IA32_ARCH_CAP_F_IBRS_ALL);
-                pVM->cpum.s.HostFeatures.s.fArchRsbOverride        = RT_BOOL(fArchVal & MSR_IA32_ARCH_CAP_F_RSBO);
-                pVM->cpum.s.HostFeatures.s.fArchVmmNeedNotFlushL1d = RT_BOOL(fArchVal & MSR_IA32_ARCH_CAP_F_VMM_NEED_NOT_FLUSH_L1D);
-                pVM->cpum.s.HostFeatures.s.fArchMdsNo              = RT_BOOL(fArchVal & MSR_IA32_ARCH_CAP_F_MDS_NO);
-
-                /* guest: */
-                if (!pVM->cpum.s.GuestFeatures.fArchCap)
-                    fArchVal = 0;
-                else if (!pVM->cpum.s.GuestFeatures.fIbrs)
-                    fArchVal &= ~MSR_IA32_ARCH_CAP_F_IBRS_ALL;
-                VMCC_FOR_EACH_VMCPU_STMT(pVM, pVCpu->cpum.s.GuestMsrs.msr.ArchCaps = fArchVal);
-                pVM->cpum.s.GuestFeatures.fArchRdclNo             = RT_BOOL(fArchVal & MSR_IA32_ARCH_CAP_F_RDCL_NO);
-                pVM->cpum.s.GuestFeatures.fArchIbrsAll            = RT_BOOL(fArchVal & MSR_IA32_ARCH_CAP_F_IBRS_ALL);
-                pVM->cpum.s.GuestFeatures.fArchRsbOverride        = RT_BOOL(fArchVal & MSR_IA32_ARCH_CAP_F_RSBO);
-                pVM->cpum.s.GuestFeatures.fArchVmmNeedNotFlushL1d = RT_BOOL(fArchVal & MSR_IA32_ARCH_CAP_F_VMM_NEED_NOT_FLUSH_L1D);
-                pVM->cpum.s.GuestFeatures.fArchMdsNo              = RT_BOOL(fArchVal & MSR_IA32_ARCH_CAP_F_MDS_NO);
-                LogRel(("CPUM: IA32_ARCH_CAPABILITIES (Host=%#RX64 Guest=%#RX64)\n", fHostArchVal, fArchVal));
+                fHostArchVal = ASMRdMsr(MSR_IA32_ARCH_CAPABILITIES);
+                fHasArchCap  = true;
             }
-            else
-            {
-                pVM->cpum.s.HostFeatures.s.fArchCap = 0;
-                LogRel(("CPUM: IA32_ARCH_CAPABILITIES unsupported\n"));
-            }
-        }
+        }
+        CPUMCpuIdApplyX86HostArchCapabilities(pVM, fHasArchCap, fHostArchVal);
 
         /*

trunk/src/VBox/VMM/VMMR3/NEMR3Native-darwin.cpp

@@ -2203 +2203 @@
     /*
      * Get MSR_IA32_ARCH_CAPABILITIES and expand it into the host feature structure.
+     *
      * This is only available with 11.0+ (BigSur) as the required API is only available there,
      * we could in theory initialize this when creating the EMTs using hv_vcpu_read_msr() but
      * the required vCPU handle is created after CPUM was initialized which is too late.
      * Given that the majority of users is on 11.0 and later we don't care for now.
+     *
+     * (Yes, this is done after CPUM init.)
      */
+    uint64_t fHostArchVal = 0;
+    bool     fHasArchCap  = false;
     if (   hrc == HV_SUCCESS
         && hv_vmx_get_msr_info)
     {
-        g_CpumHostFeatures.s.fArchRdclNo             = 0;
-        g_CpumHostFeatures.s.fArchIbrsAll            = 0;
-        g_CpumHostFeatures.s.fArchRsbOverride        = 0;
-        g_CpumHostFeatures.s.fArchVmmNeedNotFlushL1d = 0;
-        g_CpumHostFeatures.s.fArchMdsNo              = 0;
         uint32_t const cStdRange = ASMCpuId_EAX(0);
         if (   RTX86IsValidStdRange(cStdRange)
@@ -2226 +2226 @@
                 && (fStdFeaturesEdx    & X86_CPUID_FEATURE_EDX_MSR))
             {
-                uint64_t fArchVal;
-                hrc = hv_vmx_get_msr_info(HV_VMX_INFO_MSR_IA32_ARCH_CAPABILITIES, &fArchVal);
-                if (hrc == HV_SUCCESS)
-                {
-                    g_CpumHostFeatures.s.fArchRdclNo             = RT_BOOL(fArchVal & MSR_IA32_ARCH_CAP_F_RDCL_NO);
-                    g_CpumHostFeatures.s.fArchIbrsAll            = RT_BOOL(fArchVal & MSR_IA32_ARCH_CAP_F_IBRS_ALL);
-                    g_CpumHostFeatures.s.fArchRsbOverride        = RT_BOOL(fArchVal & MSR_IA32_ARCH_CAP_F_RSBO);
-                    g_CpumHostFeatures.s.fArchVmmNeedNotFlushL1d = RT_BOOL(fArchVal & MSR_IA32_ARCH_CAP_F_VMM_NEED_NOT_FLUSH_L1D);
-                    g_CpumHostFeatures.s.fArchMdsNo              = RT_BOOL(fArchVal & MSR_IA32_ARCH_CAP_F_MDS_NO);
-                }
+                fHasArchCap = true;
+                hrc = hv_vmx_get_msr_info(HV_VMX_INFO_MSR_IA32_ARCH_CAPABILITIES, &fHostArchVal);
+                if (hrc != HV_SUCCESS)
+                    fHostArchVal = 0;
             }
-            else
-                g_CpumHostFeatures.s.fArchCap = 0;
-        }
-    }
+        }
+    }
+    CPUMCpuIdApplyX86HostArchCapabilities(pVM, fHasArchCap, fHostArchVal);
 
     return nemR3DarwinHvSts2Rc(hrc);