returned is a single 32-bit or 64-bit value, then a data structure is not\r
provided for that MSR.\r
\r
- Copyright (c) 2016 - 2019, Intel Corporation. All rights reserved.<BR>\r
+ Copyright (c) 2016 - 2023, Intel Corporation. All rights reserved.<BR>\r
SPDX-License-Identifier: BSD-2-Clause-Patent\r
\r
@par Specification Reference:\r
**/\r
#define MSR_IA32_X2APIC_SELF_IPI 0x0000083F\r
\r
+/**\r
+ Memory Encryption Activation MSR. If CPUID.07H:ECX.[13] = 1.\r
+\r
+ @param ECX MSR_IA32_TME_ACTIVATE (0x00000982)\r
+ @param EAX Lower 32-bits of MSR value.\r
+ Described by the type MSR_IA32_TME_ACTIVATE_REGISTER.\r
+ @param EDX Upper 32-bits of MSR value.\r
+ Described by the type MSR_IA32_TME_ACTIVATE_REGISTER.\r
+\r
+ <b>Example usage</b>\r
+ @code\r
+ MSR_IA32_TME_ACTIVATE_REGISTER Msr;\r
+\r
+ Msr.Uint64 = AsmReadMsr64 (MSR_IA32_TME_ACTIVATE);\r
+ AsmWriteMsr64 (MSR_IA32_TME_ACTIVATE, Msr.Uint64);\r
+ @endcode\r
+ @note MSR_IA32_TME_ACTIVATE is defined as IA32_TME_ACTIVATE in SDM.\r
+**/\r
+#define MSR_IA32_TME_ACTIVATE 0x00000982\r
+\r
+/**\r
+ MSR information returned for MSR index #MSR_IA32_TME_ACTIVATE\r
+**/\r
+typedef union {\r
+ ///\r
+ /// Individual bit fields\r
+ ///\r
+ struct {\r
+ ///\r
+ /// [Bit 0] Lock R/O: Will be set upon successful WRMSR (or first SMI);\r
+ /// written value ignored..\r
+ ///\r
+ UINT32 Lock : 1;\r
+ ///\r
+ /// [Bit 1] Hardware Encryption Enable: This bit also enables MKTME; MKTME\r
+ /// cannot be enabled without enabling encryption hardware.\r
+ ///\r
+ UINT32 TmeEnable : 1;\r
+ ///\r
+ /// [Bit 2] Key Select:\r
+ /// 0: Create a new TME key (expected cold/warm boot).\r
+ /// 1: Restore the TME key from storage (Expected when resume from standby).\r
+ ///\r
+ UINT32 KeySelect : 1;\r
+ ///\r
+ /// [Bit 3] Save TME Key for Standby: Save key into storage to be used when\r
+ /// resume from standby.\r
+ /// Note: This may not be supported in all processors.\r
+ ///\r
+ UINT32 SaveKeyForStandby : 1;\r
+ ///\r
+ /// [Bit 7:4] TME Policy/Encryption Algorithm: Only algorithms enumerated in\r
+ /// IA32_TME_CAPABILITY are allowed.\r
+ /// For example:\r
+ /// 0000 – AES-XTS-128.\r
+ /// 0001 – AES-XTS-128 with integrity.\r
+ /// 0010 – AES-XTS-256.\r
+ /// Other values are invalid.\r
+ ///\r
+ UINT32 TmePolicy : 4;\r
+ UINT32 Reserved : 23;\r
+ ///\r
+ /// [Bit 31] TME Encryption Bypass Enable: When encryption hardware is enabled:\r
+ /// * Total Memory Encryption is enabled using a CPU generated ephemeral key\r
+ /// based on a hardware random number generator when this bit is set to 0.\r
+ /// * Total Memory Encryption is bypassed (no encryption/decryption for KeyID0)\r
+ /// when this bit is set to 1.\r
+ /// Software must inspect Hardware Encryption Enable (bit 1) and TME encryption\r
+ /// bypass Enable (bit 31) to determine if TME encryption is enabled.\r
+ ///\r
+ UINT32 TmeBypassMode : 1;\r
+ ///\r
+ /// [Bit 35:32] MK_TME_KEYID_BITS: Reserved if MKTME is not enumerated, otherwise:\r
+ /// The number of key identifier bits to allocate to MKTME usage.\r
+ /// Similar to enumeration, this is an encoded value.\r
+ /// Writing a value greater than MK_TME_MAX_KEYID_BITS will result in #GP.\r
+ /// Writing a non-zero value to this field will #GP if bit 1 of EAX (Hardware\r
+ /// Encryption Enable) is not also set to ‘1, as encryption hardware must be\r
+ /// enabled to use MKTME.\r
+ /// Example: To support 255 keys, this field would be set to a value of 8.\r
+ ///\r
+ UINT32 MkTmeKeyidBits : 4;\r
+ UINT32 Reserved2 : 12;\r
+ ///\r
+ /// [Bit 63:48] MK_TME_CRYPTO_ALGS: Reserved if MKTME is not enumerated, otherwise:\r
+ /// Bit 48: AES-XTS 128.\r
+ /// Bit 49: AES-XTS 128 with integrity.\r
+ /// Bit 50: AES-XTS 256.\r
+ /// Bit 63:51: Reserved (#GP)\r
+ /// Bitmask for BIOS to set which encryption algorithms are allowed for MKTME, would\r
+ /// be later enforced by the key loading ISA ('1= allowed)\r
+ ///\r
+ UINT32 MkTmeCryptoAlgs : 16;\r
+ } Bits;\r
+ ///\r
+ /// All bit fields as a 32-bit value\r
+ ///\r
+ UINT32 Uint32[2];\r
+ ///\r
+ /// All bit fields as a 64-bit value\r
+ ///\r
+ UINT64 Uint64;\r
+} MSR_IA32_TME_ACTIVATE_REGISTER;\r
+\r
/**\r
Silicon Debug Feature Control (R/W). If CPUID.01H:ECX.[11] = 1.\r
\r
If a register returned is a single 32-bit value, then a data structure is\r
not provided for that register.\r
\r
- Copyright (c) 2015 - 2021, Intel Corporation. All rights reserved.<BR>\r
+ Copyright (c) 2015 - 2023, Intel Corporation. All rights reserved.<BR>\r
SPDX-License-Identifier: BSD-2-Clause-Patent\r
\r
@par Specification Reference:\r
/// RDPKRU/WRPKRU instructions).\r
///\r
UINT32 OSPKE : 1;\r
- UINT32 Reserved5 : 9;\r
+ UINT32 Reserved8 : 8;\r
+ ///\r
+ /// [Bit 13] If 1, the following MSRs are supported: IA32_TME_CAPABILITY, IA32_TME_ACTIVATE,\r
+ /// IA32_TME_EXCLUDE_MASK, and IA32_TME_EXCLUDE_BASE.\r
+ ///\r
+ UINT32 TME_EN : 1;\r
///\r
/// [Bits 14] AVX512_VPOPCNTDQ. (Intel Xeon Phi only.).\r
///\r
projects / ovmf.git / commitdiff