hw: cpu: Rework the directory layout; add missing traits

The main motivation for this change is to: (a) add missing CPU flags
(including those flags that provide mitigation for the recent CVE flaws)
as 'traits'; and (b) adjust and clean up the layout of the 'hw/cpu/'
directory.

To that end, the following are the set of changes in this patch.

(*) Introduce a new cpu/x86 directory; and vendor-specific files: amd.py
    and intel.py; with __init__.py containing the *common* stuff:

    - hw/cpu/x86/amd.py  -- AMD-only traits.

    - hw/cpu/x86/intel.py -- Intel-only traits.

    - hw/cpu/x86/__init__.py -- Common traits for both AMD and Intel.

    - hw/cpu/x86.py -- Two things: (a) move the contents of this file
      into x86/__init__.py, which is its new location; this move
      preserves the integrity of the string trait names and Python
      paths, as they were before; and (b) given point (a), remove the
      now no longer needed hw/cpu/x86.py.  (Justification: We are
      removing this file to maintain consistency with the way it's done
      througout the 'os-traits' repository.)

    - hw/cpu/amd.py -- Deprecate the contents of this file with a
      comment; and copy them into hw/cpu/x86/amd.py, which is its new
      location.

    Comparison between the old and the new layouts of os_traits/hw/cpu/:

      Old Layout                     New Layout
      ----------                     ----------

        cpu/                           cpu/
        ├── aarch64.py                  ├── aarch64.py
        ├── amd.py                      ├── amd.py [DEPRECATED]
        ├── __init__.py                 ├── __init__.py
        └── x86.py                      └── x86/
                                           ├── amd.py
                                           ├── __init__.py
                                           └── intel.py

(*) Add various missing CPU flags to x86/intel.py, x86/amd.py and to
    x86/__intel__.py.

(*) Copy, and deprecate with a comment, flags from cpu/x86.py, i.e..
    "VMX" (Intel) and "SVM" (AMD), into corresponding vendor-specific
    files.

References
----------

[1] Thread start:
    http://lists.openstack.org/pipermail/openstack-discuss/2019-May/006281.html
    -- On reporting CPU flags that provide mitiation (to CVE flaws) as
    Nova 'traits'

[2] Thread conclusion:
    http://lists.openstack.org/pipermail/openstack-discuss/2019-May/006364.html

Closes-Bug: #1830948
Change-Id: I1c9a72d19ef9dadfb931efa3894867099974bcc7
Signed-off-by: Kashyap Chamarthy <kchamart@redhat.com>

os_traits/hw/cpu/amd.py

@@ -14,6 +14,18 @@
 
 
 TRAITS = [
-    # ref: https://developer.amd.com/sev/
+    # ref: https://docs.openstack.org/os-traits/latest/contributor/index.html#trait-lifecycle-policy # noqa
+    # NOTE(kchamart): This file is deprecated.  The 'SEV' trait is
+    # AMD-only, so it is copied to hw/cpu/amd.py; it is retained here
+    # not to cause Placement breakage.  All AMD-only traits are being
+    # tracked under: hw/cpu/x86/amd.py.  And the traits common to both
+    # AMD _and_ Intel are being tracked here: hw/cpu/x86/__init__.py.
+    #
+    # NOTE(aspiers): This trait was never used for anything, since the
+    # first bit of SEV code to use an SEV trait will land after this
+    # https://review.opendev.org/#/c/638680/ which has an explicit
+    # 'Depends-On' against the change I1c9a72d19ef ("hw: cpu: Rework the
+    # directory layout; add missing traits"), and is actually blocked
+    # until I1c9a72d19ef merges *and* gets released.
     'SEV',
 ]

os_traits/hw/cpu/x86/__init__.py

@@ -59,7 +59,27 @@ TRAITS = [
     # ref: https://en.wikipedia.org/wiki/Advanced_Synchronization_Facility
     'ASF',
     # ref: https://en.wikipedia.org/wiki/VT-x
+    # NOTE(kchamart): The 'VMX' trait is Intel-only, and does not belong
+    # in this file (which is supposed to be a "common" file for all
+    # x86-related).  But we need to retain it here forever to not cause
+    # Placement breakage.
     'VMX',
     # ref: https://en.wikipedia.org/wiki/AMD-V
+    # NOTE(kchamart): The 'SVM' trait is AMD-only, and does not belong
+    # in this "common" file.  But we need to retain it here forever to
+    # not cause Placement breakage.
     'SVM',
+    # ref: https://git.qemu.org/?p=qemu.git;a=blob;f=docs/qemu-cpu-models.texi
+    # Recommended to allow guest OS to use 1 GB size memory pages.  Not
+    # included by default in any of the Intel and AMD CPU models.  So
+    # this should be explicitly turned on for all Intel and AMD CPU
+    # models.
+    'PDPE1GB',
+    # ref: https://git.qemu.org/?p=qemu.git;a=blob;f=docs/qemu-cpu-models.texi
+    # Required to enable stronger Spectre v2 (CVE-2017-5715) fixes in
+    # some operating systems.  This flag must be explicitly turned on
+    # for *all* Intel and AMD CPU models.  (Prerequisite: host CPU
+    # microcode needs to support this feature before it can be used for
+    # guest CPUs).
+    'STIBP',
 ]

os_traits/hw/cpu/x86/amd.py

@@ -0,0 +1,27 @@
+# -*- coding: utf-8 -*-
+
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+
+TRAITS = [
+    # ref: http://specs.openstack.org/openstack/nova-specs/specs/train/approved/amd-sev-libvirt-support.html # noqa
+    'SEV',
+    # ref: https://en.wikipedia.org/wiki/AMD-V
+    'SVM',
+    # ref: https://git.qemu.org/?p=qemu.git;a=blob;f=docs/qemu-cpu-models.texi
+    # (Important CPU features for AMD x86 hosts)
+    'IBPB',
+    'NO_SSB',
+    'SSBD',
+    'VIRT_SSBD',
+]

os_traits/hw/cpu/x86/intel.py

@@ -0,0 +1,27 @@
+# -*- coding: utf-8 -*-
+
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+
+TRAITS = [
+    # Required as mitigation for "MDS" (Microarchitectural Data
+    # Sampling) security flaws
+    'MD_CLEAR',
+    # ref: https://git.qemu.org/?p=qemu.git;a=blob;f=docs/qemu-cpu-models.texi
+    # (Important CPU features for Intel x86 hosts)
+    'PCID',
+    'SPEC_CTRL',
+    'SSBD',
+    # ref: https://en.wikipedia.org/wiki/VT-x
+    'VMX',
+]