If you agree with the change from Uint32 -> Uint32[2], then with that change
Reviewed-by: Michael D Kinney <michael.d.kin...@intel.com> > -----Original Message----- > From: Kinney, Michael D <michael.d.kin...@intel.com> > Sent: Wednesday, March 29, 2023 3:15 PM > To: Ni, Ray <ray...@intel.com>; devel@edk2.groups.io > Cc: Gao, Liming <gaolim...@byosoft.com.cn>; Liu, Zhiguang > <zhiguang....@intel.com>; Kinney, Michael D > <michael.d.kin...@intel.com> > Subject: RE: [PATCH 1/6] MdePkg: Add TME-MK related CPUID and MSR definitions > > Hi Ray, > > One comment below. > > Mike > > > -----Original Message----- > > From: Ni, Ray <ray...@intel.com> > > Sent: Tuesday, March 21, 2023 4:57 PM > > To: devel@edk2.groups.io > > Cc: Kinney, Michael D <michael.d.kin...@intel.com>; Gao, Liming > > <gaolim...@byosoft.com.cn>; Liu, Zhiguang > > <zhiguang....@intel.com> > > Subject: [PATCH 1/6] MdePkg: Add TME-MK related CPUID and MSR definitions > > > > TME (Total Memory Encryption) is the capability to encrypt > > the entirety of physical memory of a system. > > TME-MK (Total Memory Encryption-Multi-Key) builds on TME and adds > > support for multiple encryption keys. > > > > The patch adds some necessary CPUID/MSR definitions for TME-MK. > > > > Signed-off-by: Ray Ni <ray...@intel.com> > > Cc: Michael D Kinney <michael.d.kin...@intel.com> > > Cc: Liming Gao <gaolim...@byosoft.com.cn> > > Cc: Zhiguang Liu <zhiguang....@intel.com> > > --- > > .../Include/Register/Intel/ArchitecturalMsr.h | 106 +++++++++++++++++- > > MdePkg/Include/Register/Intel/Cpuid.h | 9 +- > > 2 files changed, 112 insertions(+), 3 deletions(-) > > > > diff --git a/MdePkg/Include/Register/Intel/ArchitecturalMsr.h > > b/MdePkg/Include/Register/Intel/ArchitecturalMsr.h > > index 071a8c689c..76d80660da 100644 > > --- a/MdePkg/Include/Register/Intel/ArchitecturalMsr.h > > +++ b/MdePkg/Include/Register/Intel/ArchitecturalMsr.h > > @@ -6,7 +6,7 @@ > > returned is a single 32-bit or 64-bit value, then a data structure is not > > > > provided for that MSR. > > > > > > > > - Copyright (c) 2016 - 2019, Intel Corporation. All rights reserved.<BR> > > > > + Copyright (c) 2016 - 2023, Intel Corporation. All rights reserved.<BR> > > > > SPDX-License-Identifier: BSD-2-Clause-Patent > > > > > > > > @par Specification Reference: > > > > @@ -5679,6 +5679,110 @@ typedef union { > > **/ > > > > #define MSR_IA32_X2APIC_SELF_IPI 0x0000083F > > > > > > > > +/** > > > > + Memory Encryption Activation MSR. If CPUID.07H:ECX.[13] = 1. > > > > + > > > > + @param ECX MSR_IA32_TME_ACTIVATE (0x00000982) > > > > + @param EAX Lower 32-bits of MSR value. > > > > + Described by the type MSR_IA32_TME_ACTIVATE_REGISTER. > > > > + @param EDX Upper 32-bits of MSR value. > > > > + Described by the type MSR_IA32_TME_ACTIVATE_REGISTER. > > > > + > > > > + <b>Example usage</b> > > > > + @code > > > > + MSR_IA32_TME_ACTIVATE_REGISTER Msr; > > > > + > > > > + Msr.Uint64 = AsmReadMsr64 (MSR_IA32_TME_ACTIVATE); > > > > + AsmWriteMsr64 (MSR_IA32_TME_ACTIVATE, Msr.Uint64); > > > > + @endcode > > > > + @note MSR_IA32_TME_ACTIVATE is defined as IA32_TME_ACTIVATE in SDM. > > > > +**/ > > > > +#define MSR_IA32_TME_ACTIVATE 0x00000982 > > > > + > > > > +/** > > > > + MSR information returned for MSR index #MSR_IA32_TME_ACTIVATE > > > > +**/ > > > > +typedef union { > > > > + /// > > > > + /// Individual bit fields > > > > + /// > > > > + struct { > > > > + /// > > > > + /// [Bit 0] Lock R/O: Will be set upon successful WRMSR (or first SMI); > > > > + /// written value ignored.. > > > > + /// > > > > + UINT32 Lock : 1; > > > > + /// > > > > + /// [Bit 1] Hardware Encryption Enable: This bit also enables MKTME; > > MKTME > > > > + /// cannot be enabled without enabling encryption hardware. > > > > + /// > > > > + UINT32 TmeEnable : 1; > > > > + /// > > > > + /// [Bit 2] Key Select: > > > > + /// 0: Create a new TME key (expected cold/warm boot). > > > > + /// 1: Restore the TME key from storage (Expected when resume from > > standby). > > > > + /// > > > > + UINT32 KeySelect : 1; > > > > + /// > > > > + /// [Bit 3] Save TME Key for Standby: Save key into storage to be used > > when > > > > + /// resume from standby. > > > > + /// Note: This may not be supported in all processors. > > > > + /// > > > > + UINT32 SaveKeyForStandby : 1; > > > > + /// > > > > + /// [Bit 7:4] TME Policy/Encryption Algorithm: Only algorithms > > enumerated in > > > > + /// IA32_TME_CAPABILITY are allowed. > > > > + /// For example: > > > > + /// 0000 – AES-XTS-128. > > > > + /// 0001 – AES-XTS-128 with integrity. > > > > + /// 0010 – AES-XTS-256. > > > > + /// Other values are invalid. > > > > + /// > > > > + UINT32 TmePolicy : 4; > > > > + UINT32 Reserved : 23; > > > > + /// > > > > + /// [Bit 31] TME Encryption Bypass Enable: When encryption hardware is > > enabled: > > > > + /// * Total Memory Encryption is enabled using a CPU generated > > ephemeral key > > > > + /// based on a hardware random number generator when this bit is set > > to 0. > > > > + /// * Total Memory Encryption is bypassed (no encryption/decryption > > for KeyID0) > > > > + /// when this bit is set to 1. > > > > + /// Software must inspect Hardware Encryption Enable (bit 1) and TME > > encryption > > > > + /// bypass Enable (bit 31) to determine if TME encryption is enabled. > > > > + /// > > > > + UINT32 TmeBypassMode : 1; > > > > + /// > > > > + /// [Bit 35:32] MK_TME_KEYID_BITS: Reserved if MKTME is not > > enumerated, otherwise: > > > > + /// The number of key identifier bits to allocate to MKTME usage. > > > > + /// Similar to enumeration, this is an encoded value. > > > > + /// Writing a value greater than MK_TME_MAX_KEYID_BITS will result in > > #GP. > > > > + /// Writing a non-zero value to this field will #GP if bit 1 of EAX > > (Hardware > > > > + /// Encryption Enable) is not also set to ‘1, as encryption hardware > > must be > > > > + /// enabled to use MKTME. > > > > + /// Example: To support 255 keys, this field would be set to a value > > of 8. > > > > + /// > > > > + UINT32 MkTmeKeyidBits : 4; > > > > + UINT32 Reserved2 : 12; > > > > + /// > > > > + /// [Bit 63:48] MK_TME_CRYPTO_ALGS: Reserved if MKTME is not > > enumerated, otherwise: > > > > + /// Bit 48: AES-XTS 128. > > > > + /// Bit 49: AES-XTS 128 with integrity. > > > > + /// Bit 50: AES-XTS 256. > > > > + /// Bit 63:51: Reserved (#GP) > > > > + /// Bitmask for BIOS to set which encryption algorithms are allowed > > for MKTME, would > > > > + /// be later enforced by the key loading ISA ('1= allowed) > > > > + /// > > > > + UINT32 MkTmeCryptoAlgs : 16; > > > > + } Bits; > > > > + /// > > > > + /// All bit fields as a 32-bit value > > > > + /// > > > > + UINT32 Uint32; > > This is the first MSR in these include files that has defined bits in the > range 32..63. > This Uint32 union member can only access the lower 32-bits of the MSR. > Should this be changed to Uint32[2]? > > > > > + /// > > > > + /// All bit fields as a 64-bit value > > > > + /// > > > > + UINT64 Uint64; > > > > +} MSR_IA32_TME_ACTIVATE_REGISTER; > > > > + > > > > /** > > > > Silicon Debug Feature Control (R/W). If CPUID.01H:ECX.[11] = 1. > > > > > > > > diff --git a/MdePkg/Include/Register/Intel/Cpuid.h > > b/MdePkg/Include/Register/Intel/Cpuid.h > > index 350bf60252..1fb880c85c 100644 > > --- a/MdePkg/Include/Register/Intel/Cpuid.h > > +++ b/MdePkg/Include/Register/Intel/Cpuid.h > > @@ -6,7 +6,7 @@ > > If a register returned is a single 32-bit value, then a data structure is > > > > not provided for that register. > > > > > > > > - Copyright (c) 2015 - 2021, Intel Corporation. All rights reserved.<BR> > > > > + Copyright (c) 2015 - 2023, Intel Corporation. All rights reserved.<BR> > > > > SPDX-License-Identifier: BSD-2-Clause-Patent > > > > > > > > @par Specification Reference: > > > > @@ -1490,7 +1490,12 @@ typedef union { > > /// RDPKRU/WRPKRU instructions). > > > > /// > > > > UINT32 OSPKE : 1; > > > > - UINT32 Reserved5 : 9; > > > > + UINT32 Reserved8 : 8; > > > > + /// > > > > + /// [Bit 13] If 1, the following MSRs are supported: > > IA32_TME_CAPABILITY, IA32_TME_ACTIVATE, > > > > + /// IA32_TME_EXCLUDE_MASK, and IA32_TME_EXCLUDE_BASE. > > > > + /// > > > > + UINT32 TME_EN : 1; > > > > /// > > > > /// [Bits 14] AVX512_VPOPCNTDQ. (Intel Xeon Phi only.). > > > > /// > > > > -- > > 2.39.1.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#102141): https://edk2.groups.io/g/devel/message/102141 Mute This Topic: https://groups.io/mt/97767966/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/leave/9847357/21656/1706620634/xyzzy [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-