inteltool: Add support to print TME/MKTME status

Print whether the SOC supports TME/MKTME. If the SOC supports the feature, print the status of enable and lock bit from TME_ACTIVATE MSR. -t option prints this status. Sample output: If TME/MKTME is supported: ============= Dumping INTEL TME/MKTME status ============= TME supported : YES TME locked : YES TME enabled : YES ==================================================== If TME/MKTME is not supported: ============= Dumping INTEL TME status ============= TME supported : NO ==================================================== Signed-off-by: Pratik Prajapati <pratikkumar.v.prajapati@intel.com> Change-Id: I584ac4b045ba80998d454283e02d3f28ef45692d Reviewed-on: https://review.coreboot.org/c/coreboot/+/45088 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2020-09-03 11:28:19 -07:00
parent 41220cd245
commit 1e67816961
3 changed files with 65 additions and 2 deletions
--- a/util/inteltool/cpu.c
+++ b/util/inteltool/cpu.c
@ -22,6 +22,10 @@
 #define MTRR_CAP_MSR		0xfe
 #define PRMRR_SUPPORTED		(1 << 12)
 #define SGX_SUPPORTED		(1 << 2)
+#define IA32_TME_ACTIVATE	0x982
+#define TME_SUPPORTED		(1 << 13)
+#define TME_LOCKED		(1)
+#define TME_ENABLED		(1 << 1)

 int fd_msr;

@ -212,6 +216,55 @@ int print_sgx(void)
 	return error;
 }

+static int is_tme_supported()
+{
+	cpuid_result_t cpuid_regs;
+
+	/*
+	 * CPUID leaf 0x7 subleaf 0x0 to detect TME support
+	 * https://software.intel.com/sites/default/files/managed/a5/16/Multi-Key
+	 * -Total-Memory-Encryption-Spec.pdf
+	 */
+
+	cpuid_regs = cpuid_ext(0x7, 0x0);
+        return (cpuid_regs.ecx & TME_SUPPORTED);
+}
+
+static msr_t read_tme_activate_msr(){
+	return rdmsr_from_cpu(0, IA32_TME_ACTIVATE);
+}
+
+static int is_tme_locked()
+{
+	msr_t data = read_tme_activate_msr();
+	return (data.lo & TME_LOCKED);
+}
+
+static int is_tme_enabled()
+{
+	msr_t data = read_tme_activate_msr();
+	return (data.lo & TME_ENABLED);
+}
+
+void print_tme(void)
+{
+#ifndef __DARWIN__
+	int tme_supported = is_tme_supported();
+
+	printf("\n============= Dumping INTEL TME status =============\n");
+
+	printf("TME supported : %s\n", tme_supported ? "YES" : "NO");
+
+	if (tme_supported) {
+		printf("TME locked    : %s\n", is_tme_locked() ? "YES" : "NO");
+		printf("TME enabled   : %s\n", is_tme_enabled() ? "YES" : "NO");
+	}
+	printf("====================================================\n");
+#else
+	printf("Not Implemented\n");
+#endif
+}
+
 int print_intel_core_msrs(void)
 {
 	unsigned int i, core, id, core_num = get_number_of_cores();