Pratikkumar V Prajapati has uploaded this change for review. ( https://review.coreboot.org/c/coreboot/+/45088 )
Change subject: Add support to print TME status. ......................................................................
Add support to print TME status.
Print whether the SOC supports TME. If the SOC supports TME, print the status of enable and lock bit from TME_ACTIVATE MSR.
Signed-off-by: Pratik Prajapati pratikkumar.v.prajapati@intel.com Change-Id: I584ac4b045ba80998d454283e02d3f28ef45692d --- M util/inteltool/cpu.c M util/inteltool/inteltool.c M util/inteltool/inteltool.h 3 files changed, 60 insertions(+), 2 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/88/45088/1
diff --git a/util/inteltool/cpu.c b/util/inteltool/cpu.c index 284e90b..e671cc4 100644 --- a/util/inteltool/cpu.c +++ b/util/inteltool/cpu.c @@ -22,6 +22,10 @@ #define MTRR_CAP_MSR 0xfe #define PRMRR_SUPPORTED (1 << 12) #define SGX_SUPPORTED (1 << 2) +#define IA32_TME_ACTIVATE 0x982 +#define TME_SUPPORTED (1 << 13) +#define TME_LOCKED (1) +#define TME_ENABLED (1 << 1)
int fd_msr;
@@ -212,6 +216,50 @@ return error; }
+static int is_tme_supported() +{ + cpuid_result_t cpuid_regs; + + /* CPUID leaf 0x7 subleaf 0x0 to detect TME support + * https://software.intel.com/sites/default/files/managed/a5/16/Multi-Key + * -Total-Memory-Encryption-Spec.pdf */ + cpuid_regs = cpuid_ext(0x7, 0x0); + return (cpuid_regs.ecx & TME_SUPPORTED); +} + +static int is_tme_locked(int cpunum) +{ + msr_t data; + data = rdmsr_from_cpu(cpunum, IA32_TME_ACTIVATE); + return (data.lo & TME_LOCKED); +} + +static int is_tme_enabled(int cpunum) +{ + msr_t data; + data = rdmsr_from_cpu(cpunum, IA32_TME_ACTIVATE); + return (data.lo & TME_ENABLED); +} + +void print_tme(void) +{ +#ifndef __DARWIN__ + int tme_supported = is_tme_supported(); + + printf("\n============= Dumping INTEL TME status =============\n"); + + printf("TME supported : %s\n", tme_supported ? "YES" : "NO"); + + if (tme_supported) { + printf("TME locked : %s\n", is_tme_locked(0) ? "YES" : "NO"); + printf("TME enabled : %s\n", is_tme_enabled(0) ? "YES" : "NO"); + } + printf("====================================================\n"); +#else + printf("Not Implemented\n"); +#endif +} + int print_intel_core_msrs(void) { unsigned int i, core, id, core_num = get_number_of_cores(); diff --git a/util/inteltool/inteltool.c b/util/inteltool/inteltool.c index 91a8b7e0..e79d8ff 100644 --- a/util/inteltool/inteltool.c +++ b/util/inteltool/inteltool.c @@ -512,6 +512,7 @@ " -M | --msrs: dump CPU MSRs\n" " -A | --ambs: dump AMB registers\n" " -x | --sgx: dump SGX status\n" + " -t | --tme: dump TME status\n" " -a | --all: dump all known (safe) registers\n" " --pcr=PORT_ID: dump all registers of a PCR port\n" " (may be specified max %d times)\n" @@ -572,7 +573,7 @@ int dump_gpios = 0, dump_mchbar = 0, dump_rcba = 0; int dump_pmbase = 0, dump_epbar = 0, dump_dmibar = 0; int dump_pciexbar = 0, dump_coremsrs = 0, dump_ambs = 0; - int dump_spi = 0, dump_gfx = 0, dump_ahci = 0, dump_sgx = 0; + int dump_spi = 0, dump_gfx = 0, dump_ahci = 0, dump_sgx = 0, dump_tme = 0; int dump_lpc = 0; int show_gpio_diffs = 0; size_t pcr_count = 0; @@ -599,10 +600,11 @@ {"ahci", 0, 0, 'R'}, {"sgx", 0, 0, 'x'}, {"pcr", required_argument, 0, LONG_OPT_PCR}, + {"tme", 0, 0, 't'}, {0, 0, 0, 0} };
- while ((opt = getopt_long(argc, argv, "vh?gGrplmedPMaAsfRS:x", + while ((opt = getopt_long(argc, argv, "vh?gGrplmedPMaAsfRS:xt", long_options, &option_index)) != EOF) { switch (opt) { case 'v': @@ -664,6 +666,7 @@ dump_spi = 1; dump_ahci = 1; dump_sgx = 1; + dump_tme = 1; break; case 'A': dump_ambs = 1; @@ -674,6 +677,9 @@ case 'x': dump_sgx = 1; break; + case 't': + dump_tme = 1; + break; case LONG_OPT_PCR: if (pcr_count < MAX_PCR_PORTS) { errno = 0; @@ -866,6 +872,9 @@ if (dump_sgx) print_sgx();
+ if (dump_tme) + print_tme(); + if (pcr_count) print_pcr_ports(sb, dump_pcr, pcr_count);
diff --git a/util/inteltool/inteltool.h b/util/inteltool/inteltool.h index e7d32a3..55c6470 100644 --- a/util/inteltool/inteltool.h +++ b/util/inteltool/inteltool.h @@ -412,6 +412,7 @@ int print_gfx(struct pci_dev *gfx); int print_ahci(struct pci_dev *ahci); int print_sgx(void); +void print_tme(void); void ivybridge_dump_timings(const char *dump_spd_file);
#endif
Paul Menzel has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/45088 )
Change subject: Add support to print TME status. ......................................................................
Patch Set 1:
(1 comment)
https://review.coreboot.org/c/coreboot/+/45088/1//COMMIT_MSG Commit Message:
https://review.coreboot.org/c/coreboot/+/45088/1//COMMIT_MSG@7 PS1, Line 7: Add support to print TME status. Please prefix with *inteltool* and remove the dot/period at the end of the git commit message summary.
Hello build bot (Jenkins), Stefan Reinauer,
I'd like you to reexamine a change. Please visit
https://review.coreboot.org/c/coreboot/+/45088
to look at the new patch set (#2).
Change subject: inteltool: Add support to print TME status ......................................................................
inteltool: Add support to print TME status
Print whether the SOC supports TME. If the SOC supports TME, print the status of enable and lock bit from TME_ACTIVATE MSR.
Signed-off-by: Pratik Prajapati pratikkumar.v.prajapati@intel.com Change-Id: I584ac4b045ba80998d454283e02d3f28ef45692d --- M util/inteltool/cpu.c M util/inteltool/inteltool.c M util/inteltool/inteltool.h 3 files changed, 60 insertions(+), 2 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/88/45088/2
Pratikkumar V Prajapati has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/45088 )
Change subject: inteltool: Add support to print TME status ......................................................................
Patch Set 2:
(1 comment)
https://review.coreboot.org/c/coreboot/+/45088/1//COMMIT_MSG Commit Message:
https://review.coreboot.org/c/coreboot/+/45088/1//COMMIT_MSG@7 PS1, Line 7: Add support to print TME status.
Please prefix with *inteltool* and remove the dot/period at the end of the git commit message summar […]
Done
Subrata Banik has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/45088 )
Change subject: inteltool: Add support to print TME status ......................................................................
Patch Set 2:
(2 comments)
https://review.coreboot.org/c/coreboot/+/45088/2/util/inteltool/cpu.c File util/inteltool/cpu.c:
https://review.coreboot.org/c/coreboot/+/45088/2/util/inteltool/cpu.c@221 PS2, Line 221: tab please
https://review.coreboot.org/c/coreboot/+/45088/2/util/inteltool/cpu.c@232 PS2, Line 232: msr_t data; : data = rdmsr_from_cpu(cpunum, IA32_TME_ACTIVATE); good to create a helper function so is_tme_locked and is_tme_enabled could use the same ?
Hello build bot (Jenkins), Stefan Reinauer, Subrata Banik,
I'd like you to reexamine a change. Please visit
https://review.coreboot.org/c/coreboot/+/45088
to look at the new patch set (#3).
Change subject: inteltool: Add support to print TME status ......................................................................
inteltool: Add support to print TME status
Print whether the SOC supports TME. If the SOC supports TME, print the status of enable and lock bit from TME_ACTIVATE MSR.
Signed-off-by: Pratik Prajapati pratikkumar.v.prajapati@intel.com Change-Id: I584ac4b045ba80998d454283e02d3f28ef45692d --- M util/inteltool/cpu.c M util/inteltool/inteltool.c M util/inteltool/inteltool.h 3 files changed, 60 insertions(+), 2 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/88/45088/3
Pratikkumar V Prajapati has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/45088 )
Change subject: inteltool: Add support to print TME status ......................................................................
Patch Set 3:
(2 comments)
https://review.coreboot.org/c/coreboot/+/45088/2/util/inteltool/cpu.c File util/inteltool/cpu.c:
https://review.coreboot.org/c/coreboot/+/45088/2/util/inteltool/cpu.c@221 PS2, Line 221:
tab please
Done
https://review.coreboot.org/c/coreboot/+/45088/2/util/inteltool/cpu.c@232 PS2, Line 232: msr_t data; : data = rdmsr_from_cpu(cpunum, IA32_TME_ACTIVATE);
good to create a helper function so is_tme_locked and is_tme_enabled could use the same ?
i would like to keep both functions separate to check if TME is enabled/locked. it would be more modular.
Paul Menzel has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/45088 )
Change subject: inteltool: Add support to print TME status ......................................................................
Patch Set 3: Code-Review+1
(2 comments)
https://review.coreboot.org/c/coreboot/+/45088/3//COMMIT_MSG Commit Message:
https://review.coreboot.org/c/coreboot/+/45088/3//COMMIT_MSG@11 PS3, Line 11: Please paste an example output.
https://review.coreboot.org/c/coreboot/+/45088/3/util/inteltool/cpu.c File util/inteltool/cpu.c:
https://review.coreboot.org/c/coreboot/+/45088/3/util/inteltool/cpu.c@225 PS3, Line 225: * -Total-Memory-Encryption-Spec.pdf */ https://doc.coreboot.org/coding_style.html#commenting
Hello build bot (Jenkins), Paul Menzel, Stefan Reinauer, Subrata Banik,
I'd like you to reexamine a change. Please visit
https://review.coreboot.org/c/coreboot/+/45088
to look at the new patch set (#4).
Change subject: inteltool: Add support to print TME/MKTME status ......................................................................
inteltool: Add support to print TME/MKTME status
Print whether the SOC supports TME/MKTME. If the SOC supports the feature, print the status of enable and lock bit from TME_ACTIVATE MSR. -t option prints this status.
Sample output:
If TME/MKTME is supported: ============= Dumping INTEL TME/MKTME status ============= MKTME supported : YES MKTME locked : YES MKTME enabled : YES ====================================================
If TME/MKTME is not supported: ============= Dumping INTEL TME status ============= TME supported : NO ====================================================
Signed-off-by: Pratik Prajapati pratikkumar.v.prajapati@intel.com Change-Id: I584ac4b045ba80998d454283e02d3f28ef45692d --- M util/inteltool/cpu.c M util/inteltool/inteltool.c M util/inteltool/inteltool.h 3 files changed, 63 insertions(+), 2 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/88/45088/4
Pratikkumar V Prajapati has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/45088 )
Change subject: inteltool: Add support to print TME/MKTME status ......................................................................
Patch Set 4:
(2 comments)
https://review.coreboot.org/c/coreboot/+/45088/3//COMMIT_MSG Commit Message:
https://review.coreboot.org/c/coreboot/+/45088/3//COMMIT_MSG@11 PS3, Line 11:
Please paste an example output.
Done
https://review.coreboot.org/c/coreboot/+/45088/3/util/inteltool/cpu.c File util/inteltool/cpu.c:
https://review.coreboot.org/c/coreboot/+/45088/3/util/inteltool/cpu.c@225 PS3, Line 225: * -Total-Memory-Encryption-Spec.pdf */
Done
Hello build bot (Jenkins), Paul Menzel, Stefan Reinauer, Subrata Banik,
I'd like you to reexamine a change. Please visit
https://review.coreboot.org/c/coreboot/+/45088
to look at the new patch set (#5).
Change subject: inteltool: Add support to print TME/MKTME status ......................................................................
inteltool: Add support to print TME/MKTME status
Print whether the SOC supports TME/MKTME. If the SOC supports the feature, print the status of enable and lock bit from TME_ACTIVATE MSR. -t option prints this status.
Sample output:
If TME/MKTME is supported: ============= Dumping INTEL TME/MKTME status ============= TME supported : YES TME locked : YES TME enabled : YES ====================================================
If TME/MKTME is not supported: ============= Dumping INTEL TME status ============= TME supported : NO ====================================================
Signed-off-by: Pratik Prajapati pratikkumar.v.prajapati@intel.com Change-Id: I584ac4b045ba80998d454283e02d3f28ef45692d --- M util/inteltool/cpu.c M util/inteltool/inteltool.c M util/inteltool/inteltool.h 3 files changed, 63 insertions(+), 2 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/88/45088/5
Pratikkumar V Prajapati has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/45088 )
Change subject: inteltool: Add support to print TME/MKTME status ......................................................................
Patch Set 5:
this is open from long time, if there are no comments please merge the patch
Pratikkumar V Prajapati has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/45088 )
Change subject: inteltool: Add support to print TME/MKTME status ......................................................................
Patch Set 5:
(1 comment)
https://review.coreboot.org/c/coreboot/+/45088/2/util/inteltool/cpu.c File util/inteltool/cpu.c:
https://review.coreboot.org/c/coreboot/+/45088/2/util/inteltool/cpu.c@232 PS2, Line 232: msr_t data; : data = rdmsr_from_cpu(cpunum, IA32_TME_ACTIVATE);
i would like to keep both functions separate to check if TME is enabled/locked. […]
Done
Subrata Banik has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/45088 )
Change subject: inteltool: Add support to print TME/MKTME status ......................................................................
Patch Set 6:
(4 comments)
https://review.coreboot.org/c/coreboot/+/45088/6/util/inteltool/cpu.c File util/inteltool/cpu.c:
https://review.coreboot.org/c/coreboot/+/45088/6/util/inteltool/cpu.c@228 PS6, Line 228: remove blank line
https://review.coreboot.org/c/coreboot/+/45088/6/util/inteltool/cpu.c@230 PS6, Line 230: tab
https://review.coreboot.org/c/coreboot/+/45088/6/util/inteltool/cpu.c@235 PS6, Line 235: msr_t data; : data = rdmsr_from_cpu(cpunum, IA32_TME_ACTIVATE); if you could create a helper function then this two function can use mask alone
https://review.coreboot.org/c/coreboot/+/45088/6/util/inteltool/cpu.c@256 PS6, Line 256: if (tme_supported) { : printf("TME locked : %s\n", is_tme_locked(0) ? "YES" : "NO"); : printf("TME enabled : %s\n", is_tme_enabled(0) ? "YES" : "NO"); : } if (!tme_supported) return; printf("TME locked : %s\n", is_tme_locked(0) ? "YES" : "NO"); printf("TME enabled : %s\n", is_tme_enabled(0) ? "YES" : "NO"); to avoid extra tab
Pratikkumar V Prajapati has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/45088 )
Change subject: inteltool: Add support to print TME/MKTME status ......................................................................
Patch Set 6:
(4 comments)
https://review.coreboot.org/c/coreboot/+/45088/6/util/inteltool/cpu.c File util/inteltool/cpu.c:
https://review.coreboot.org/c/coreboot/+/45088/6/util/inteltool/cpu.c@228 PS6, Line 228:
remove blank line
Done
https://review.coreboot.org/c/coreboot/+/45088/6/util/inteltool/cpu.c@230 PS6, Line 230:
tab
Done
https://review.coreboot.org/c/coreboot/+/45088/6/util/inteltool/cpu.c@235 PS6, Line 235: msr_t data; : data = rdmsr_from_cpu(cpunum, IA32_TME_ACTIVATE);
if you could create a helper function then this two function can use mask alone
we want to print both lock and enable info separately. so i am not getting reason to create a helper function
https://review.coreboot.org/c/coreboot/+/45088/6/util/inteltool/cpu.c@256 PS6, Line 256: if (tme_supported) { : printf("TME locked : %s\n", is_tme_locked(0) ? "YES" : "NO"); : printf("TME enabled : %s\n", is_tme_enabled(0) ? "YES" : "NO"); : }
if (!tme_supported) […]
Then i have to print '====' line also, so below code would be same as existing. i think its better to keep existing code. its not creating nested if else and so it should be good.
int tme_supported = is_tme_supported();
printf("\n============= Dumping INTEL TME status =============\n");
printf("TME supported : %s\n", tme_supported ? "YES" : "NO");
if (!tme_supported) { printf("====================================================\n"); return; }
printf("TME locked : %s\n", is_tme_locked(0) ? "YES" : "NO"); printf("TME enabled : %s\n", is_tme_enabled(0) ? "YES" : "NO");
Hello build bot (Jenkins), Paul Menzel, Stefan Reinauer, Subrata Banik,
I'd like you to reexamine a change. Please visit
https://review.coreboot.org/c/coreboot/+/45088
to look at the new patch set (#7).
Change subject: inteltool: Add support to print TME/MKTME status ......................................................................
inteltool: Add support to print TME/MKTME status
Print whether the SOC supports TME/MKTME. If the SOC supports the feature, print the status of enable and lock bit from TME_ACTIVATE MSR. -t option prints this status.
Sample output:
If TME/MKTME is supported: ============= Dumping INTEL TME/MKTME status ============= TME supported : YES TME locked : YES TME enabled : YES ====================================================
If TME/MKTME is not supported: ============= Dumping INTEL TME status ============= TME supported : NO ====================================================
Signed-off-by: Pratik Prajapati pratikkumar.v.prajapati@intel.com Change-Id: I584ac4b045ba80998d454283e02d3f28ef45692d --- M util/inteltool/cpu.c M util/inteltool/inteltool.c M util/inteltool/inteltool.h 3 files changed, 62 insertions(+), 2 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/88/45088/7
Wonkyu Kim has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/45088 )
Change subject: inteltool: Add support to print TME/MKTME status ......................................................................
Patch Set 7: Code-Review+2
Hello build bot (Jenkins), Wonkyu Kim, Paul Menzel, Stefan Reinauer, Subrata Banik,
I'd like you to reexamine a change. Please visit
https://review.coreboot.org/c/coreboot/+/45088
to look at the new patch set (#8).
Change subject: inteltool: Add support to print TME/MKTME status ......................................................................
inteltool: Add support to print TME/MKTME status
Print whether the SOC supports TME/MKTME. If the SOC supports the feature, print the status of enable and lock bit from TME_ACTIVATE MSR. -t option prints this status.
Sample output:
If TME/MKTME is supported: ============= Dumping INTEL TME/MKTME status ============= TME supported : YES TME locked : YES TME enabled : YES ====================================================
If TME/MKTME is not supported: ============= Dumping INTEL TME status ============= TME supported : NO ====================================================
Signed-off-by: Pratik Prajapati pratikkumar.v.prajapati@intel.com Change-Id: I584ac4b045ba80998d454283e02d3f28ef45692d --- M util/inteltool/cpu.c M util/inteltool/inteltool.c M util/inteltool/inteltool.h 3 files changed, 65 insertions(+), 2 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/88/45088/8
Pratikkumar V Prajapati has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/45088 )
Change subject: inteltool: Add support to print TME/MKTME status ......................................................................
Patch Set 8:
(1 comment)
https://review.coreboot.org/c/coreboot/+/45088/6/util/inteltool/cpu.c File util/inteltool/cpu.c:
https://review.coreboot.org/c/coreboot/+/45088/6/util/inteltool/cpu.c@235 PS6, Line 235: msr_t data; : data = rdmsr_from_cpu(cpunum, IA32_TME_ACTIVATE);
we want to print both lock and enable info separately. […]
Done
Stefan Reinauer has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/45088 )
Change subject: inteltool: Add support to print TME/MKTME status ......................................................................
Patch Set 8: Code-Review+2
Pratikkumar V Prajapati has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/45088 )
Change subject: inteltool: Add support to print TME/MKTME status ......................................................................
Patch Set 8:
(1 comment)
https://review.coreboot.org/c/coreboot/+/45088/6/util/inteltool/cpu.c File util/inteltool/cpu.c:
https://review.coreboot.org/c/coreboot/+/45088/6/util/inteltool/cpu.c@256 PS6, Line 256: if (tme_supported) { : printf("TME locked : %s\n", is_tme_locked(0) ? "YES" : "NO"); : printf("TME enabled : %s\n", is_tme_enabled(0) ? "YES" : "NO"); : }
Then i have to print '====' line also, so below code would be same as existing. […]
Done
Patrick Georgi has submitted this change. ( https://review.coreboot.org/c/coreboot/+/45088 )
Change subject: inteltool: Add support to print TME/MKTME status ......................................................................
inteltool: Add support to print TME/MKTME status
Print whether the SOC supports TME/MKTME. If the SOC supports the feature, print the status of enable and lock bit from TME_ACTIVATE MSR. -t option prints this status.
Sample output:
If TME/MKTME is supported: ============= Dumping INTEL TME/MKTME status ============= TME supported : YES TME locked : YES TME enabled : YES ====================================================
If TME/MKTME is not supported: ============= Dumping INTEL TME status ============= TME supported : NO ====================================================
Signed-off-by: Pratik Prajapati pratikkumar.v.prajapati@intel.com Change-Id: I584ac4b045ba80998d454283e02d3f28ef45692d Reviewed-on: https://review.coreboot.org/c/coreboot/+/45088 Tested-by: build bot (Jenkins) no-reply@coreboot.org Reviewed-by: Stefan Reinauer stefan.reinauer@coreboot.org --- M util/inteltool/cpu.c M util/inteltool/inteltool.c M util/inteltool/inteltool.h 3 files changed, 65 insertions(+), 2 deletions(-)
Approvals: build bot (Jenkins): Verified Stefan Reinauer: Looks good to me, approved
diff --git a/util/inteltool/cpu.c b/util/inteltool/cpu.c index 284e90b..db63d36 100644 --- a/util/inteltool/cpu.c +++ b/util/inteltool/cpu.c @@ -22,6 +22,10 @@ #define MTRR_CAP_MSR 0xfe #define PRMRR_SUPPORTED (1 << 12) #define SGX_SUPPORTED (1 << 2) +#define IA32_TME_ACTIVATE 0x982 +#define TME_SUPPORTED (1 << 13) +#define TME_LOCKED (1) +#define TME_ENABLED (1 << 1)
int fd_msr;
@@ -212,6 +216,55 @@ return error; }
+static int is_tme_supported() +{ + cpuid_result_t cpuid_regs; + + /* + * CPUID leaf 0x7 subleaf 0x0 to detect TME support + * https://software.intel.com/sites/default/files/managed/a5/16/Multi-Key + * -Total-Memory-Encryption-Spec.pdf + */ + + cpuid_regs = cpuid_ext(0x7, 0x0); + return (cpuid_regs.ecx & TME_SUPPORTED); +} + +static msr_t read_tme_activate_msr(){ + return rdmsr_from_cpu(0, IA32_TME_ACTIVATE); +} + +static int is_tme_locked() +{ + msr_t data = read_tme_activate_msr(); + return (data.lo & TME_LOCKED); +} + +static int is_tme_enabled() +{ + msr_t data = read_tme_activate_msr(); + return (data.lo & TME_ENABLED); +} + +void print_tme(void) +{ +#ifndef __DARWIN__ + int tme_supported = is_tme_supported(); + + printf("\n============= Dumping INTEL TME status =============\n"); + + printf("TME supported : %s\n", tme_supported ? "YES" : "NO"); + + if (tme_supported) { + printf("TME locked : %s\n", is_tme_locked() ? "YES" : "NO"); + printf("TME enabled : %s\n", is_tme_enabled() ? "YES" : "NO"); + } + printf("====================================================\n"); +#else + printf("Not Implemented\n"); +#endif +} + int print_intel_core_msrs(void) { unsigned int i, core, id, core_num = get_number_of_cores(); diff --git a/util/inteltool/inteltool.c b/util/inteltool/inteltool.c index 5ecd8ca..d7415b0 100644 --- a/util/inteltool/inteltool.c +++ b/util/inteltool/inteltool.c @@ -515,6 +515,7 @@ " -M | --msrs: dump CPU MSRs\n" " -A | --ambs: dump AMB registers\n" " -x | --sgx: dump SGX status\n" + " -t | --tme: dump TME status\n" " -a | --all: dump all known (safe) registers\n" " --pcr=PORT_ID: dump all registers of a PCR port\n" " (may be specified max %d times)\n" @@ -575,7 +576,7 @@ int dump_gpios = 0, dump_mchbar = 0, dump_rcba = 0; int dump_pmbase = 0, dump_epbar = 0, dump_dmibar = 0; int dump_pciexbar = 0, dump_coremsrs = 0, dump_ambs = 0; - int dump_spi = 0, dump_gfx = 0, dump_ahci = 0, dump_sgx = 0; + int dump_spi = 0, dump_gfx = 0, dump_ahci = 0, dump_sgx = 0, dump_tme = 0; int dump_lpc = 0; int show_gpio_diffs = 0; size_t pcr_count = 0; @@ -602,10 +603,11 @@ {"ahci", 0, 0, 'R'}, {"sgx", 0, 0, 'x'}, {"pcr", required_argument, 0, LONG_OPT_PCR}, + {"tme", 0, 0, 't'}, {0, 0, 0, 0} };
- while ((opt = getopt_long(argc, argv, "vh?gGrplmedPMaAsfRS:x", + while ((opt = getopt_long(argc, argv, "vh?gGrplmedPMaAsfRS:xt", long_options, &option_index)) != EOF) { switch (opt) { case 'v': @@ -667,6 +669,7 @@ dump_spi = 1; dump_ahci = 1; dump_sgx = 1; + dump_tme = 1; break; case 'A': dump_ambs = 1; @@ -677,6 +680,9 @@ case 'x': dump_sgx = 1; break; + case 't': + dump_tme = 1; + break; case LONG_OPT_PCR: if (pcr_count < MAX_PCR_PORTS) { errno = 0; @@ -869,6 +875,9 @@ if (dump_sgx) print_sgx();
+ if (dump_tme) + print_tme(); + if (pcr_count) print_pcr_ports(sb, dump_pcr, pcr_count);
diff --git a/util/inteltool/inteltool.h b/util/inteltool/inteltool.h index b3253e7..a528485 100644 --- a/util/inteltool/inteltool.h +++ b/util/inteltool/inteltool.h @@ -411,6 +411,7 @@ int print_gfx(struct pci_dev *gfx); int print_ahci(struct pci_dev *ahci); int print_sgx(void); +void print_tme(void); void ivybridge_dump_timings(const char *dump_spd_file);
#endif
-
Patrick Georgi (Code Review) -
Paul Menzel (Code Review)
-
Pratikkumar V Prajapati (Code Review)
-
Stefan Reinauer (Code Review)
-
Subrata Banik (Code Review)
-
Wonkyu Kim (Code Review)