]>
Commit | Line | Data |
---|---|---|
f7c11c53 MK |
1 | /** @file\r |
2 | STM API definition\r | |
3 | \r | |
4 | Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR>\r | |
5 | This program and the accompanying materials\r | |
6 | are licensed and made available under the terms and conditions of the BSD License\r | |
7 | which accompanies this distribution. The full text of the license may be found at\r | |
8 | http://opensource.org/licenses/bsd-license.php.\r | |
9 | \r | |
10 | THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r | |
11 | WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r | |
12 | \r | |
13 | @par Specification Reference:\r | |
14 | SMI Transfer Monitor (STM) User Guide Revision 1.00\r | |
15 | \r | |
16 | **/\r | |
17 | \r | |
18 | #ifndef _STM_API_H_\r | |
19 | #define _STM_API_H_\r | |
20 | \r | |
21 | #include <Register/StmStatusCode.h>\r | |
22 | #include <Register/StmResourceDescriptor.h>\r | |
23 | #include <Register/ArchitecturalMsr.h>\r | |
24 | \r | |
25 | #pragma pack (1)\r | |
26 | \r | |
27 | /**\r | |
28 | STM Header Structures\r | |
29 | **/\r | |
30 | \r | |
31 | typedef struct {\r | |
32 | UINT32 Intel64ModeSupported :1; ///> bitfield\r | |
33 | UINT32 EptSupported :1; ///> bitfield\r | |
34 | UINT32 Reserved :30; ///> must be 0\r | |
35 | } STM_FEAT;\r | |
36 | \r | |
37 | #define STM_SPEC_VERSION_MAJOR 1\r | |
38 | #define STM_SPEC_VERSION_MINOR 0\r | |
39 | \r | |
40 | typedef struct {\r | |
41 | UINT8 StmSpecVerMajor;\r | |
42 | UINT8 StmSpecVerMinor;\r | |
43 | ///\r | |
44 | /// Must be zero\r | |
45 | ///\r | |
46 | UINT16 Reserved;\r | |
47 | UINT32 StaticImageSize;\r | |
48 | UINT32 PerProcDynamicMemorySize;\r | |
49 | UINT32 AdditionalDynamicMemorySize;\r | |
50 | STM_FEAT StmFeatures;\r | |
51 | UINT32 NumberOfRevIDs;\r | |
52 | UINT32 StmSmmRevID[1];\r | |
53 | ///\r | |
54 | /// The total STM_HEADER should be 4K.\r | |
55 | ///\r | |
56 | } SOFTWARE_STM_HEADER;\r | |
57 | \r | |
58 | typedef struct {\r | |
59 | MSEG_HEADER HwStmHdr;\r | |
60 | SOFTWARE_STM_HEADER SwStmHdr;\r | |
61 | } STM_HEADER;\r | |
62 | \r | |
63 | \r | |
64 | /**\r | |
65 | VMCALL API Numbers\r | |
66 | API number convention: BIOS facing VMCALL interfaces have bit 16 clear\r | |
67 | **/\r | |
68 | \r | |
69 | /**\r | |
70 | StmMapAddressRange enables a SMM guest to create a non-1:1 virtual to\r | |
71 | physical mapping of an address range into the SMM guest's virtual\r | |
72 | memory space.\r | |
73 | \r | |
74 | @param EAX #STM_API_MAP_ADDRESS_RANGE (0x00000001)\r | |
75 | @param EBX Low 32 bits of physical address of caller allocated\r | |
76 | STM_MAP_ADDRESS_RANGE_DESCRIPTOR structure.\r | |
77 | @param ECX High 32 bits of physical address of caller allocated\r | |
78 | STM_MAP_ADDRESS_RANGE_DESCRIPTOR structure. If Intel64Mode is\r | |
79 | clear (0), ECX must be 0.\r | |
80 | \r | |
81 | @note All fields of STM_MAP_ADDRESS_RANGE_DESCRIPTOR are inputs only. They\r | |
82 | are not modified by StmMapAddressRange.\r | |
83 | \r | |
84 | @retval CF 0\r | |
85 | No error, EAX set to STM_SUCCESS.\r | |
86 | The memory range was mapped as requested.\r | |
87 | @retval CF 1\r | |
88 | An error occurred, EAX holds relevant error value.\r | |
89 | @retval EAX #ERROR_STM_SECURITY_VIOLATION\r | |
90 | The requested mapping contains a protected resource.\r | |
91 | @retval EAX #ERROR_STM_CACHE_TYPE_NOT_SUPPORTED\r | |
92 | The requested cache type could not be satisfied.\r | |
93 | @retval EAX #ERROR_STM_PAGE_NOT_FOUND\r | |
94 | Page count must not be zero.\r | |
95 | @retval EAX #ERROR_STM_FUNCTION_NOT_SUPPORTED\r | |
96 | STM supports EPT and has not implemented StmMapAddressRange().\r | |
97 | @retval EAX #ERROR_STM_UNSPECIFIED\r | |
98 | An unspecified error occurred.\r | |
99 | \r | |
100 | @note All other registers unmodified.\r | |
101 | **/\r | |
102 | #define STM_API_MAP_ADDRESS_RANGE 0x00000001\r | |
103 | \r | |
104 | /**\r | |
105 | STM Map Address Range Descriptor for #STM_API_MAP_ADDRESS_RANGE VMCALL\r | |
106 | **/\r | |
107 | typedef struct {\r | |
108 | UINT64 PhysicalAddress;\r | |
109 | UINT64 VirtualAddress;\r | |
110 | UINT32 PageCount;\r | |
111 | UINT32 PatCacheType;\r | |
112 | } STM_MAP_ADDRESS_RANGE_DESCRIPTOR;\r | |
113 | \r | |
114 | /**\r | |
115 | Define values for PatCacheType field of #STM_MAP_ADDRESS_RANGE_DESCRIPTOR\r | |
116 | @{\r | |
117 | **/\r | |
118 | #define STM_MAP_ADDRESS_RANGE_PAT_CACHE_TYPE_ST_UC 0x00\r | |
119 | #define STM_MAP_ADDRESS_RANGE_PAT_CACHE_TYPE_WC 0x01\r | |
120 | #define STM_MAP_ADDRESS_RANGE_PAT_CACHE_TYPE_WT 0x04\r | |
121 | #define STM_MAP_ADDRESS_RANGE_PAT_CACHE_TYPE_WP 0x05\r | |
122 | #define STM_MAP_ADDRESS_RANGE_PAT_CACHE_TYPE_WB 0x06\r | |
123 | #define STM_MAP_ADDRESS_RANGE_PAT_CACHE_TYPE_UC 0x07\r | |
124 | #define STM_MAP_ADDRESS_RANGE_PAT_CACHE_TYPE_FOLLOW_MTRR 0xFFFFFFFF\r | |
125 | /// @}\r | |
126 | \r | |
127 | /**\r | |
128 | StmUnmapAddressRange enables a SMM guest to remove mappings from its page\r | |
129 | table.\r | |
130 | \r | |
131 | If TXT_PROCESSOR_SMM_DESCRIPTOR.EptEnabled bit is set by the STM, BIOS can\r | |
132 | control its own page tables. In this case, the STM implementation may\r | |
133 | optionally return ERROR_STM_FUNCTION_NOT_SUPPORTED.\r | |
134 | \r | |
135 | @param EAX #STM_API_UNMAP_ADDRESS_RANGE (0x00000002)\r | |
136 | @param EBX Low 32 bits of virtual address of caller allocated\r | |
137 | STM_UNMAP_ADDRESS_RANGE_DESCRIPTOR structure.\r | |
138 | @param ECX High 32 bits of virtual address of caller allocated\r | |
139 | STM_UNMAP_ADDRESS_RANGE_DESCRIPTOR structure. If Intel64Mode is\r | |
140 | clear (0), ECX must be zero.\r | |
141 | \r | |
142 | @retval CF 0\r | |
143 | No error, EAX set to STM_SUCCESS. The memory range was unmapped\r | |
144 | as requested.\r | |
145 | @retval CF 1\r | |
146 | An error occurred, EAX holds relevant error value.\r | |
147 | @retval EAX #ERROR_STM_FUNCTION_NOT_SUPPORTED\r | |
148 | STM supports EPT and has not implemented StmUnmapAddressRange().\r | |
149 | @retval EAX #ERROR_STM_UNSPECIFIED\r | |
150 | An unspecified error occurred.\r | |
151 | \r | |
152 | @note All other registers unmodified.\r | |
153 | **/\r | |
154 | #define STM_API_UNMAP_ADDRESS_RANGE 0x00000002\r | |
155 | \r | |
156 | /**\r | |
157 | STM Unmap Address Range Descriptor for #STM_API_UNMAP_ADDRESS_RANGE VMCALL\r | |
158 | **/\r | |
159 | typedef struct {\r | |
160 | UINT64 VirtualAddress;\r | |
161 | UINT32 Length;\r | |
162 | } STM_UNMAP_ADDRESS_RANGE_DESCRIPTOR;\r | |
163 | \r | |
164 | \r | |
165 | /**\r | |
166 | Since the normal OS environment runs with a different set of page tables than\r | |
167 | the SMM guest, virtual mappings will certainly be different. In order to do a\r | |
168 | guest virtual to host physical translation of an address from the normal OS\r | |
169 | code (EIP for example), it is necessary to walk the page tables governing the\r | |
170 | OS page mappings. Since the SMM guest has no direct access to the page tables,\r | |
171 | it must ask the STM to do this page table walk. This is supported via the\r | |
172 | StmAddressLookup VMCALL. All OS page table formats need to be supported,\r | |
173 | (e.g. PAE, PSE, Intel64, EPT, etc.)\r | |
174 | \r | |
175 | StmAddressLookup takes a CR3 value and a virtual address from the interrupted\r | |
176 | code as input and returns the corresponding physical address. It also\r | |
177 | optionally maps the physical address into the SMM guest's virtual address\r | |
178 | space. This new mapping persists ONLY for the duration of the SMI and if\r | |
179 | needed in subsequent SMIs it must be remapped. PAT cache types follow the\r | |
180 | interrupted environment's page table.\r | |
181 | \r | |
182 | If EPT is enabled, OS CR3 only provides guest physical address information,\r | |
183 | but the SMM guest might also need to know the host physical address. Since\r | |
184 | SMM does not have direct access rights to EPT (it is protected by the STM),\r | |
185 | SMM can input InterruptedEptp to let STM help to walk through it, and output\r | |
186 | the host physical address.\r | |
187 | \r | |
188 | @param EAX #STM_API_ADDRESS_LOOKUP (0x00000003)\r | |
189 | @param EBX Low 32 bits of virtual address of caller allocated\r | |
190 | STM_ADDRESS_LOOKUP_DESCRIPTOR structure.\r | |
191 | @param ECX High 32 bits of virtual address of caller allocated\r | |
192 | STM_ADDRESS_LOOKUP_DESCRIPTOR structure. If Intel64Mode is\r | |
193 | clear (0), ECX must be zero.\r | |
194 | \r | |
195 | @retval CF 0\r | |
196 | No error, EAX set to STM_SUCCESS. PhysicalAddress contains the\r | |
197 | host physical address determined by walking the interrupted SMM\r | |
198 | guest's page tables. SmmGuestVirtualAddress contains the SMM\r | |
199 | guest's virtual mapping of the requested address.\r | |
200 | @retval CF 1\r | |
201 | An error occurred, EAX holds relevant error value.\r | |
202 | @retval EAX #ERROR_STM_SECURITY_VIOLATION\r | |
203 | The requested page was a protected page.\r | |
204 | @retval EAX #ERROR_STM_PAGE_NOT_FOUND\r | |
205 | The requested virtual address did not exist in the page given\r | |
206 | page table.\r | |
207 | @retval EAX #ERROR_STM_BAD_CR3\r | |
208 | The CR3 input was invalid. CR3 values must be from one of the\r | |
209 | interrupted guest, or from the interrupted guest of another\r | |
210 | processor.\r | |
211 | @retval EAX #ERROR_STM_PHYSICAL_OVER_4G\r | |
212 | The resulting physical address is greater than 4G and no virtual\r | |
213 | address was supplied. The STM could not determine what address\r | |
214 | within the SMM guest's virtual address space to do the mapping.\r | |
215 | STM_ADDRESS_LOOKUP_DESCRIPTOR field PhysicalAddress contains the\r | |
216 | physical address determined by walking the interrupted\r | |
217 | environment's page tables.\r | |
218 | @retval EAX #ERROR_STM_VIRTUAL_SPACE_TOO_SMALL\r | |
219 | A specific virtual mapping was requested, but\r | |
220 | SmmGuestVirtualAddress + Length exceeds 4G and the SMI handler\r | |
221 | is running in 32 bit mode.\r | |
222 | @retval EAX #ERROR_STM_UNSPECIFIED\r | |
223 | An unspecified error occurred.\r | |
224 | \r | |
225 | @note All other registers unmodified.\r | |
226 | **/\r | |
227 | #define STM_API_ADDRESS_LOOKUP 0x00000003\r | |
228 | \r | |
229 | /**\r | |
230 | STM Lookup Address Range Descriptor for #STM_API_ADDRESS_LOOKUP VMCALL\r | |
231 | **/\r | |
232 | typedef struct {\r | |
233 | UINT64 InterruptedGuestVirtualAddress;\r | |
234 | UINT32 Length;\r | |
235 | UINT64 InterruptedCr3;\r | |
236 | UINT64 InterruptedEptp;\r | |
237 | UINT32 MapToSmmGuest:2;\r | |
238 | UINT32 InterruptedCr4Pae:1;\r | |
239 | UINT32 InterruptedCr4Pse:1;\r | |
240 | UINT32 InterruptedIa32eMode:1;\r | |
241 | UINT32 Reserved1:27;\r | |
242 | UINT32 Reserved2;\r | |
243 | UINT64 PhysicalAddress;\r | |
244 | UINT64 SmmGuestVirtualAddress;\r | |
245 | } STM_ADDRESS_LOOKUP_DESCRIPTOR;\r | |
246 | \r | |
247 | /**\r | |
248 | Define values for the MapToSmmGuest field of #STM_ADDRESS_LOOKUP_DESCRIPTOR\r | |
249 | @{\r | |
250 | **/\r | |
251 | #define STM_ADDRESS_LOOKUP_DESCRIPTOR_DO_NOT_MAP 0\r | |
252 | #define STM_ADDRESS_LOOKUP_DESCRIPTOR_ONE_TO_ONE 1\r | |
253 | #define STM_ADDRESS_LOOKUP_DESCRIPTOR_VIRTUAL_ADDRESS_SPECIFIED 3\r | |
254 | /// @}\r | |
255 | \r | |
256 | \r | |
257 | /**\r | |
258 | When returning from a protection exception (see section 6.2), the SMM guest\r | |
259 | can instruct the STM to take one of two paths. It can either request a value\r | |
260 | be logged to the TXT.ERRORCODE register and subsequently reset the machine\r | |
261 | (indicating it couldn't resolve the problem), or it can request that the STM\r | |
262 | resume the SMM guest again with the specified register state.\r | |
263 | \r | |
264 | Unlike other VMCALL interfaces, StmReturnFromProtectionException behaves more\r | |
265 | like a jump or an IRET instruction than a "call". It does not return directly\r | |
266 | to the caller, but indirectly to a different location specified on the\r | |
267 | caller's stack (see section 6.2) or not at all.\r | |
268 | \r | |
269 | If the SMM guest STM protection exception handler itself causes a protection\r | |
270 | exception (e.g. a single nested exception), or more than 100 un-nested\r | |
271 | exceptions occur within the scope of a single SMI event, the STM must write\r | |
272 | STM_CRASH_PROTECTION_EXCEPTION_FAILURE to the TXT.ERRORCODE register and\r | |
273 | assert TXT.CMD.SYS_RESET. The reason for these restrictions is to simplify\r | |
274 | the code requirements while still enabling a reasonable debugging capability.\r | |
275 | \r | |
276 | @param EAX #STM_API_RETURN_FROM_PROTECTION_EXCEPTION (0x00000004)\r | |
277 | @param EBX If 0, resume SMM guest using register state found on exception\r | |
278 | stack. If in range 0x01..0x0F, EBX contains a BIOS error code\r | |
279 | which the STM must record in the TXT.ERRORCODE register and\r | |
280 | subsequently reset the system via TXT.CMD.SYS_RESET. The value\r | |
281 | of the TXT.ERRORCODE register is calculated as follows:\r | |
282 | \r | |
283 | TXT.ERRORCODE = (EBX & 0x0F) | STM_CRASH_BIOS_PANIC\r | |
284 | \r | |
285 | Values 0x10..0xFFFFFFFF are reserved, do not use.\r | |
286 | \r | |
287 | **/\r | |
288 | #define STM_API_RETURN_FROM_PROTECTION_EXCEPTION 0x00000004\r | |
289 | \r | |
290 | \r | |
291 | /**\r | |
292 | VMCALL API Numbers\r | |
293 | API number convention: MLE facing VMCALL interfaces have bit 16 set.\r | |
294 | \r | |
295 | The STM configuration lifecycle is as follows:\r | |
296 | 1. SENTER->SINIT->MLE: MLE begins execution with SMI disabled (masked).\r | |
297 | 2. MLE invokes #STM_API_INITIALIZE_PROTECTION VMCALL to prepare STM for\r | |
298 | setup of initial protection profile. This is done on a single CPU and\r | |
299 | has global effect.\r | |
300 | 3. MLE invokes #STM_API_PROTECT_RESOURCE VMCALL to define the initial\r | |
301 | protection profile. The protection profile is global across all CPUs.\r | |
302 | 4. MLE invokes #STM_API_START VMCALL to enable the STM to begin receiving\r | |
303 | SMI events. This must be done on every logical CPU.\r | |
304 | 5. MLE may invoke #STM_API_PROTECT_RESOURCE VMCALL or\r | |
305 | #STM_API_UNPROTECT_RESOURCE VMCALL during runtime as many times as\r | |
306 | necessary.\r | |
307 | 6. MLE invokes #STM_API_STOP VMCALL to disable the STM. SMI is again masked\r | |
308 | following #STM_API_STOP VMCALL.\r | |
309 | **/\r | |
310 | \r | |
311 | /**\r | |
312 | StartStmVmcall() is used to configure an STM that is present in MSEG. SMIs\r | |
313 | should remain disabled from the invocation of GETSEC[SENTER] until they are\r | |
314 | re-enabled by StartStmVMCALL(). When StartStmVMCALL() returns, SMI is\r | |
315 | enabled and the STM has been started and is active. Prior to invoking\r | |
316 | StartStmVMCALL(), the MLE root should first invoke\r | |
317 | InitializeProtectionVMCALL() followed by as many iterations of\r | |
318 | ProtectResourceVMCALL() as necessary to establish the initial protection\r | |
319 | profile. StartStmVmcall() must be invoked on all processor threads.\r | |
320 | \r | |
321 | @param EAX #STM_API_START (0x00010001)\r | |
322 | @param EDX STM configuration options. These provide the MLE with the\r | |
323 | ability to pass configuration parameters to the STM.\r | |
324 | \r | |
325 | @retval CF 0\r | |
326 | No error, EAX set to STM_SUCCESS. The STM has been configured\r | |
327 | and is now active and the guarding all requested resources.\r | |
328 | @retval CF 1\r | |
329 | An error occurred, EAX holds relevant error value.\r | |
330 | @retval EAX #ERROR_STM_ALREADY_STARTED\r | |
331 | The STM is already configured and active. STM remains active and\r | |
332 | guarding previously enabled resource list.\r | |
333 | @retval EAX #ERROR_STM_WITHOUT_SMX_UNSUPPORTED\r | |
334 | The StartStmVMCALL() was invoked from VMX root mode, but outside\r | |
335 | of SMX. This error code indicates the STM or platform does not\r | |
336 | support the STM outside of SMX. The SMI handler remains active\r | |
337 | and operates in legacy mode. See Appendix C\r | |
338 | @retval EAX #ERROR_STM_UNSUPPORTED_MSR_BIT\r | |
339 | The CPU doesn't support the MSR bit. The STM is not active.\r | |
340 | @retval EAX #ERROR_STM_UNSPECIFIED\r | |
341 | An unspecified error occurred.\r | |
342 | \r | |
343 | @note All other registers unmodified.\r | |
344 | **/\r | |
345 | #define STM_API_START (BIT16 | 1)\r | |
346 | \r | |
347 | /**\r | |
348 | Bit values for EDX input parameter to #STM_API_START VMCALL\r | |
349 | @{\r | |
350 | **/\r | |
351 | #define STM_CONFIG_SMI_UNBLOCKING_BY_VMX_OFF BIT0\r | |
352 | /// @}\r | |
353 | \r | |
354 | \r | |
355 | /**\r | |
356 | The StopStmVMCALL() is invoked by the MLE to teardown an active STM. This is\r | |
357 | normally done as part of a full teardown of the SMX environment when the\r | |
358 | system is being shut down. At the time the call is invoked, SMI is enabled\r | |
359 | and the STM is active. When the call returns, the STM has been stopped and\r | |
360 | all STM context is discarded and SMI is disabled.\r | |
361 | \r | |
362 | @param EAX #STM_API_STOP (0x00010002)\r | |
363 | \r | |
364 | @retval CF 0\r | |
365 | No error, EAX set to STM_SUCCESS. The STM has been stopped and\r | |
366 | is no longer processing SMI events. SMI is blocked.\r | |
367 | @retval CF 1\r | |
368 | An error occurred, EAX holds relevant error value.\r | |
369 | @retval EAX #ERROR_STM_STOPPED\r | |
370 | The STM was not active.\r | |
371 | @retval EAX #ERROR_STM_UNSPECIFIED\r | |
372 | An unspecified error occurred.\r | |
373 | \r | |
374 | @note All other registers unmodified.\r | |
375 | **/\r | |
376 | #define STM_API_STOP (BIT16 | 2)\r | |
377 | \r | |
378 | \r | |
379 | /**\r | |
380 | The ProtectResourceVMCALL() is invoked by the MLE root to request protection\r | |
381 | of specific resources. The request is defined by a STM_RESOURCE_LIST, which\r | |
382 | may contain more than one resource descriptor. Each resource descriptor is\r | |
383 | processed separately by the STM. Whether or not protection for any specific\r | |
384 | resource is granted is returned by the STM via the ReturnStatus bit in the\r | |
385 | associated STM_RSC_DESC_HEADER.\r | |
386 | \r | |
387 | @param EAX #STM_API_PROTECT_RESOURCE (0x00010003)\r | |
388 | @param EBX Low 32 bits of physical address of caller allocated\r | |
389 | STM_RESOURCE_LIST. Bits 11:0 are ignored and assumed to be zero,\r | |
390 | making the buffer 4K aligned.\r | |
391 | @param ECX High 32 bits of physical address of caller allocated\r | |
392 | STM_RESOURCE_LIST.\r | |
393 | \r | |
394 | @note All fields of STM_RESOURCE_LIST are inputs only, except for the\r | |
395 | ReturnStatus bit. On input, the ReturnStatus bit must be clear. On\r | |
396 | return, the ReturnStatus bit is set for each resource request granted,\r | |
397 | and clear for each resource request denied. There are no other fields\r | |
398 | modified by ProtectResourceVMCALL(). The STM_RESOURCE_LIST must be\r | |
399 | contained entirely within a single 4K page.\r | |
400 | \r | |
401 | @retval CF 0\r | |
402 | No error, EAX set to STM_SUCCESS. The STM has successfully\r | |
403 | merged the entire protection request into the active protection\r | |
404 | profile. There is therefore no need to check the ReturnStatus\r | |
405 | bits in the STM_RESOURCE_LIST.\r | |
406 | @retval CF 1\r | |
407 | An error occurred, EAX holds relevant error value.\r | |
408 | @retval EAX #ERROR_STM_UNPROTECTABLE_RESOURCE\r | |
409 | At least one of the requested resource protections intersects a\r | |
410 | BIOS required resource. Therefore, the caller must walk through\r | |
411 | the STM_RESOURCE_LIST to determine which of the requested\r | |
412 | resources was not granted protection. The entire list must be\r | |
413 | traversed since there may be multiple failures.\r | |
414 | @retval EAX #ERROR_STM_MALFORMED_RESOURCE_LIST\r | |
415 | The resource list could not be parsed correctly, or did not\r | |
416 | terminate before crossing a 4K page boundary. The caller must\r | |
417 | walk through the STM_RESOURCE_LIST to determine which of the\r | |
418 | requested resources was not granted protection. The entire list\r | |
419 | must be traversed since there may be multiple failures.\r | |
420 | @retval EAX #ERROR_STM_OUT_OF_RESOURCES\r | |
421 | The STM has encountered an internal error and cannot complete\r | |
422 | the request.\r | |
423 | @retval EAX #ERROR_STM_UNSPECIFIED\r | |
424 | An unspecified error occurred.\r | |
425 | \r | |
426 | @note All other registers unmodified.\r | |
427 | **/\r | |
428 | #define STM_API_PROTECT_RESOURCE (BIT16 | 3)\r | |
429 | \r | |
430 | \r | |
431 | /**\r | |
432 | The UnProtectResourceVMCALL() is invoked by the MLE root to request that the\r | |
433 | STM allow the SMI handler access to the specified resources.\r | |
434 | \r | |
435 | @param EAX #STM_API_UNPROTECT_RESOURCE (0x00010004)\r | |
436 | @param EBX Low 32 bits of physical address of caller allocated\r | |
437 | STM_RESOURCE_LIST. Bits 11:0 are ignored and assumed to be zero,\r | |
438 | making the buffer 4K aligned.\r | |
439 | @param ECX High 32 bits of physical address of caller allocated\r | |
440 | STM_RESOURCE_LIST.\r | |
441 | \r | |
442 | @note All fields of STM_RESOURCE_LIST are inputs only, except for the\r | |
443 | ReturnStatus bit. On input, the ReturnStatus bit must be clear. On\r | |
444 | return, the ReturnStatus bit is set for each resource processed. For\r | |
445 | a properly formed STM_RESOURCE_LIST, this should be all resources\r | |
446 | listed. There are no other fields modified by\r | |
447 | UnProtectResourceVMCALL(). The STM_RESOURCE_LIST must be contained\r | |
448 | entirely within a single 4K page.\r | |
449 | \r | |
450 | @retval CF 0\r | |
451 | No error, EAX set to STM_SUCCESS. The requested resources are\r | |
452 | not being guarded by the STM.\r | |
453 | @retval CF 1\r | |
454 | An error occurred, EAX holds relevant error value.\r | |
455 | @retval EAX #ERROR_STM_MALFORMED_RESOURCE_LIST\r | |
456 | The resource list could not be parsed correctly, or did not\r | |
457 | terminate before crossing a 4K page boundary. The caller must\r | |
458 | walk through the STM_RESOURCE_LIST to determine which of the\r | |
459 | requested resources were not able to be unprotected. The entire\r | |
460 | list must be traversed since there may be multiple failures.\r | |
461 | @retval EAX #ERROR_STM_UNSPECIFIED\r | |
462 | An unspecified error occurred.\r | |
463 | \r | |
464 | @note All other registers unmodified.\r | |
465 | **/\r | |
466 | #define STM_API_UNPROTECT_RESOURCE (BIT16 | 4)\r | |
467 | \r | |
468 | \r | |
469 | /**\r | |
470 | The GetBiosResourcesVMCALL() is invoked by the MLE root to request the list\r | |
471 | of BIOS required resources from the STM.\r | |
472 | \r | |
473 | @param EAX #STM_API_GET_BIOS_RESOURCES (0x00010005)\r | |
474 | @param EBX Low 32 bits of physical address of caller allocated destination\r | |
475 | buffer. Bits 11:0 are ignored and assumed to be zero, making the\r | |
476 | buffer 4K aligned.\r | |
477 | @param ECX High 32 bits of physical address of caller allocated destination\r | |
478 | buffer.\r | |
479 | @param EDX Indicates which page of the BIOS resource list to copy into the\r | |
480 | destination buffer. The first page is indicated by 0, the second\r | |
481 | page by 1, etc.\r | |
482 | \r | |
483 | @retval CF 0\r | |
484 | No error, EAX set to STM_SUCCESS. The destination buffer\r | |
485 | contains the BIOS required resources. If the page retrieved is\r | |
486 | the last page, EDX will be cleared to 0. If there are more pages\r | |
487 | to retrieve, EDX is incremented to the next page index. Calling\r | |
488 | software should iterate on GetBiosResourcesVMCALL() until EDX is\r | |
489 | returned cleared to 0.\r | |
490 | @retval CF 1\r | |
491 | An error occurred, EAX holds relevant error value.\r | |
492 | @retval EAX #ERROR_STM_PAGE_NOT_FOUND\r | |
493 | The page index supplied in EDX input was out of range.\r | |
494 | @retval EAX #ERROR_STM_UNSPECIFIED\r | |
495 | An unspecified error occurred.\r | |
496 | @retval EDX Page index of next page to read. A return of EDX=0 signifies\r | |
497 | that the entire list has been read.\r | |
498 | @note EDX is both an input and an output register.\r | |
499 | \r | |
500 | @note All other registers unmodified.\r | |
501 | **/\r | |
502 | #define STM_API_GET_BIOS_RESOURCES (BIT16 | 5)\r | |
503 | \r | |
504 | \r | |
505 | /**\r | |
506 | The ManageVmcsDatabaseVMCALL() is invoked by the MLE root to add or remove an\r | |
507 | MLE guest (including the MLE root) from the list of protected domains.\r | |
508 | \r | |
509 | @param EAX #STM_API_MANAGE_VMCS_DATABASE (0x00010006)\r | |
510 | @param EBX Low 32 bits of physical address of caller allocated\r | |
511 | STM_VMCS_DATABASE_REQUEST. Bits 11:0 are ignored and assumed to\r | |
512 | be zero, making the buffer 4K aligned.\r | |
513 | @param ECX High 32 bits of physical address of caller allocated\r | |
514 | STM_VMCS_DATABASE_REQUEST.\r | |
515 | \r | |
516 | @note All fields of STM_VMCS_DATABASE_REQUEST are inputs only. They are not\r | |
517 | modified by ManageVmcsDatabaseVMCALL().\r | |
518 | \r | |
519 | @retval CF 0\r | |
520 | No error, EAX set to STM_SUCCESS.\r | |
521 | @retval CF 1\r | |
522 | An error occurred, EAX holds relevant error value.\r | |
523 | @retval EAX #ERROR_STM_INVALID_VMCS\r | |
524 | Indicates a request to remove a VMCS from the database was made,\r | |
525 | but the referenced VMCS was not found in the database.\r | |
526 | @retval EAX #ERROR_STM_VMCS_PRESENT\r | |
527 | Indicates a request to add a VMCS to the database was made, but\r | |
528 | the referenced VMCS was already present in the database.\r | |
529 | @retval EAX #ERROR_INVALID_PARAMETER\r | |
530 | Indicates non-zero reserved field.\r | |
531 | @retval EAX #ERROR_STM_UNSPECIFIED\r | |
532 | An unspecified error occurred\r | |
533 | \r | |
534 | @note All other registers unmodified.\r | |
535 | **/\r | |
536 | #define STM_API_MANAGE_VMCS_DATABASE (BIT16 | 6)\r | |
537 | \r | |
538 | /**\r | |
539 | STM VMCS Database Request for #STM_API_MANAGE_VMCS_DATABASE VMCALL\r | |
540 | **/\r | |
541 | typedef struct {\r | |
542 | ///\r | |
543 | /// bits 11:0 are reserved and must be 0\r | |
544 | ///\r | |
545 | UINT64 VmcsPhysPointer;\r | |
546 | UINT32 DomainType :4;\r | |
547 | UINT32 XStatePolicy :2;\r | |
548 | UINT32 DegradationPolicy :4;\r | |
549 | ///\r | |
550 | /// Must be 0\r | |
551 | ///\r | |
552 | UINT32 Reserved1 :22;\r | |
553 | UINT32 AddOrRemove;\r | |
554 | } STM_VMCS_DATABASE_REQUEST;\r | |
555 | \r | |
556 | /**\r | |
557 | Values for the DomainType field of #STM_VMCS_DATABASE_REQUEST\r | |
558 | @{\r | |
559 | **/\r | |
560 | #define DOMAIN_UNPROTECTED 0\r | |
561 | #define DOMAIN_DISALLOWED_IO_OUT BIT0\r | |
562 | #define DOMAIN_DISALLOWED_IO_IN BIT1\r | |
563 | #define DOMAIN_INTEGRITY BIT2\r | |
564 | #define DOMAIN_CONFIDENTIALITY BIT3\r | |
565 | #define DOMAIN_INTEGRITY_PROT_OUT_IN (DOMAIN_INTEGRITY)\r | |
566 | #define DOMAIN_FULLY_PROT_OUT_IN (DOMAIN_CONFIDENTIALITY | DOMAIN_INTEGRITY)\r | |
567 | #define DOMAIN_FULLY_PROT (DOMAIN_FULLY_PROT_OUT_IN | DOMAIN_DISALLOWED_IO_IN | DOMAIN_DISALLOWED_IO_OUT)\r | |
568 | /// @}\r | |
569 | \r | |
570 | /**\r | |
571 | Values for the XStatePolicy field of #STM_VMCS_DATABASE_REQUEST\r | |
572 | @{\r | |
573 | **/\r | |
574 | #define XSTATE_READWRITE 0x00\r | |
575 | #define XSTATE_READONLY 0x01\r | |
576 | #define XSTATE_SCRUB 0x03\r | |
577 | /// @}\r | |
578 | \r | |
579 | /**\r | |
580 | Values for the AddOrRemove field of #STM_VMCS_DATABASE_REQUEST\r | |
581 | @{\r | |
582 | **/\r | |
583 | #define STM_VMCS_DATABASE_REQUEST_ADD 1\r | |
584 | #define STM_VMCS_DATABASE_REQUEST_REMOVE 0\r | |
585 | /// @}\r | |
586 | \r | |
587 | \r | |
588 | /**\r | |
589 | InitializeProtectionVMCALL() prepares the STM for setup of the initial\r | |
590 | protection profile which is subsequently communicated via one or more\r | |
591 | invocations of ProtectResourceVMCALL(), prior to invoking StartStmVMCALL().\r | |
592 | It is only necessary to invoke InitializeProtectionVMCALL() on one processor\r | |
593 | thread. InitializeProtectionVMCALL() does not alter whether SMIs are masked\r | |
594 | or unmasked. The STM should return back to the MLE with "Blocking by SMI" set\r | |
595 | to 1 in the GUEST_INTERRUPTIBILITY field for the VMCS the STM created for the\r | |
596 | MLE guest.\r | |
597 | \r | |
598 | @param EAX #STM_API_INITIALIZE_PROTECTION (0x00010007)\r | |
599 | \r | |
600 | @retval CF 0\r | |
601 | No error, EAX set to STM_SUCCESS, EBX bits set to indicate STM\r | |
602 | capabilities as defined below. The STM has set up an empty\r | |
603 | protection profile, except for the resources that it sets up to\r | |
604 | protect itself. The STM must not allow the SMI handler to map\r | |
605 | any pages from the MSEG Base to the top of TSEG. The STM must\r | |
606 | also not allow SMI handler access to those MSRs which the STM\r | |
607 | requires for its own protection.\r | |
608 | @retval CF 1\r | |
609 | An error occurred, EAX holds relevant error value.\r | |
610 | @retval EAX #ERROR_STM_ALREADY_STARTED\r | |
611 | The STM is already configured and active. The STM remains active\r | |
612 | and guarding the previously enabled resource list.\r | |
613 | @retval EAX #ERROR_STM_UNPROTECTABLE\r | |
614 | The STM determines that based on the platform configuration, the\r | |
615 | STM is unable to protect itself. For example, the BIOS required\r | |
616 | resource list contains memory pages in MSEG.\r | |
617 | @retval EAX #ERROR_STM_UNSPECIFIED\r | |
618 | An unspecified error occurred.\r | |
619 | \r | |
620 | @note All other registers unmodified.\r | |
621 | **/\r | |
622 | #define STM_API_INITIALIZE_PROTECTION (BIT16 | 7)\r | |
623 | \r | |
624 | /**\r | |
625 | Byte granular support bits returned in EBX from #STM_API_INITIALIZE_PROTECTION\r | |
626 | @{\r | |
627 | **/\r | |
628 | #define STM_RSC_BGI BIT1\r | |
629 | #define STM_RSC_BGM BIT2\r | |
630 | #define STM_RSC_MSR BIT3\r | |
631 | /// @}\r | |
632 | \r | |
633 | \r | |
634 | /**\r | |
635 | The ManageEventLogVMCALL() is invoked by the MLE root to control the logging\r | |
636 | feature. It consists of several sub-functions to facilitate establishment of\r | |
637 | the log itself, configuring what events will be logged, and functions to\r | |
638 | start, stop, and clear the log.\r | |
639 | \r | |
640 | @param EAX #STM_API_MANAGE_EVENT_LOG (0x00010008)\r | |
641 | @param EBX Low 32 bits of physical address of caller allocated\r | |
642 | STM_EVENT_LOG_MANAGEMENT_REQUEST. Bits 11:0 are ignored and\r | |
643 | assumed to be zero, making the buffer 4K aligned.\r | |
644 | @param ECX High 32 bits of physical address of caller allocated\r | |
645 | STM_EVENT_LOG_MANAGEMENT_REQUEST.\r | |
646 | \r | |
647 | @retval CF=0\r | |
648 | No error, EAX set to STM_SUCCESS.\r | |
649 | @retval CF=1\r | |
650 | An error occurred, EAX holds relevant error value. See subfunction\r | |
651 | descriptions below for details.\r | |
652 | \r | |
653 | @note All other registers unmodified.\r | |
654 | **/\r | |
655 | #define STM_API_MANAGE_EVENT_LOG (BIT16 | 8)\r | |
656 | \r | |
657 | ///\r | |
658 | /// STM Event Log Management Request for #STM_API_MANAGE_EVENT_LOG VMCALL\r | |
659 | ///\r | |
660 | typedef struct {\r | |
661 | UINT32 SubFunctionIndex;\r | |
662 | union {\r | |
663 | struct {\r | |
664 | UINT32 PageCount;\r | |
665 | //\r | |
666 | // number of elements is PageCount\r | |
667 | //\r | |
668 | UINT64 Pages[];\r | |
669 | } LogBuffer;\r | |
670 | //\r | |
671 | // bitmap of EVENT_TYPE\r | |
672 | //\r | |
673 | UINT32 EventEnableBitmap;\r | |
674 | } Data;\r | |
675 | } STM_EVENT_LOG_MANAGEMENT_REQUEST;\r | |
676 | \r | |
677 | /**\r | |
678 | Defines values for the SubFunctionIndex field of\r | |
679 | #STM_EVENT_LOG_MANAGEMENT_REQUEST\r | |
680 | @{\r | |
681 | **/\r | |
682 | #define STM_EVENT_LOG_MANAGEMENT_REQUEST_NEW_LOG 1\r | |
683 | #define STM_EVENT_LOG_MANAGEMENT_REQUEST_CONFIGURE_LOG 2\r | |
684 | #define STM_EVENT_LOG_MANAGEMENT_REQUEST_START_LOG 3\r | |
685 | #define STM_EVENT_LOG_MANAGEMENT_REQUEST_STOP_LOG 4\r | |
686 | #define STM_EVENT_LOG_MANAGEMENT_REQUEST_CLEAR_LOG 5\r | |
687 | #define STM_EVENT_LOG_MANAGEMENT_REQUEST_DELETE_LOG 6\r | |
688 | /// @}\r | |
689 | \r | |
690 | /**\r | |
691 | Log Entry Header\r | |
692 | **/\r | |
693 | typedef struct {\r | |
694 | UINT32 EventSerialNumber;\r | |
695 | UINT16 Type;\r | |
696 | UINT16 Lock :1;\r | |
697 | UINT16 Valid :1;\r | |
698 | UINT16 ReadByMle :1;\r | |
699 | UINT16 Wrapped :1;\r | |
700 | UINT16 Reserved :12;\r | |
701 | } LOG_ENTRY_HEADER;\r | |
702 | \r | |
703 | /**\r | |
704 | Enum values for the Type field of #LOG_ENTRY_HEADER\r | |
705 | **/\r | |
706 | typedef enum {\r | |
707 | EvtLogStarted,\r | |
708 | EvtLogStopped,\r | |
709 | EvtLogInvalidParameterDetected,\r | |
710 | EvtHandledProtectionException,\r | |
711 | ///\r | |
712 | /// unhandled protection exceptions result in reset & cannot be logged\r | |
713 | ///\r | |
714 | EvtBiosAccessToUnclaimedResource,\r | |
715 | EvtMleResourceProtectionGranted,\r | |
716 | EvtMleResourceProtectionDenied,\r | |
717 | EvtMleResourceUnprotect,\r | |
718 | EvtMleResourceUnprotectError,\r | |
719 | EvtMleDomainTypeDegraded,\r | |
720 | ///\r | |
721 | /// add more here\r | |
722 | ///\r | |
723 | EvtMleMax,\r | |
724 | ///\r | |
725 | /// Not used\r | |
726 | ///\r | |
727 | EvtInvalid = 0xFFFFFFFF,\r | |
728 | } EVENT_TYPE;\r | |
729 | \r | |
730 | typedef struct {\r | |
731 | UINT32 Reserved;\r | |
732 | } ENTRY_EVT_LOG_STARTED;\r | |
733 | \r | |
734 | typedef struct {\r | |
735 | UINT32 Reserved;\r | |
736 | } ENTRY_EVT_LOG_STOPPED;\r | |
737 | \r | |
738 | typedef struct {\r | |
739 | UINT32 VmcallApiNumber;\r | |
740 | } ENTRY_EVT_LOG_INVALID_PARAM;\r | |
741 | \r | |
742 | typedef struct {\r | |
743 | STM_RSC Resource;\r | |
744 | } ENTRY_EVT_LOG_HANDLED_PROTECTION_EXCEPTION;\r | |
745 | \r | |
746 | typedef struct {\r | |
747 | STM_RSC Resource;\r | |
748 | } ENTRY_EVT_BIOS_ACCESS_UNCLAIMED_RSC;\r | |
749 | \r | |
750 | typedef struct {\r | |
751 | STM_RSC Resource;\r | |
752 | } ENTRY_EVT_MLE_RSC_PROT_GRANTED;\r | |
753 | \r | |
754 | typedef struct {\r | |
755 | STM_RSC Resource;\r | |
756 | } ENTRY_EVT_MLE_RSC_PROT_DENIED;\r | |
757 | \r | |
758 | typedef struct {\r | |
759 | STM_RSC Resource;\r | |
760 | } ENTRY_EVT_MLE_RSC_UNPROT;\r | |
761 | \r | |
762 | typedef struct {\r | |
763 | STM_RSC Resource;\r | |
764 | } ENTRY_EVT_MLE_RSC_UNPROT_ERROR;\r | |
765 | \r | |
766 | typedef struct {\r | |
767 | UINT64 VmcsPhysPointer;\r | |
768 | UINT8 ExpectedDomainType;\r | |
769 | UINT8 DegradedDomainType;\r | |
770 | } ENTRY_EVT_MLE_DOMAIN_TYPE_DEGRADED;\r | |
771 | \r | |
772 | typedef union {\r | |
773 | ENTRY_EVT_LOG_STARTED Started;\r | |
774 | ENTRY_EVT_LOG_STOPPED Stopped;\r | |
775 | ENTRY_EVT_LOG_INVALID_PARAM InvalidParam;\r | |
776 | ENTRY_EVT_LOG_HANDLED_PROTECTION_EXCEPTION HandledProtectionException;\r | |
777 | ENTRY_EVT_BIOS_ACCESS_UNCLAIMED_RSC BiosUnclaimedRsc;\r | |
778 | ENTRY_EVT_MLE_RSC_PROT_GRANTED MleRscProtGranted;\r | |
779 | ENTRY_EVT_MLE_RSC_PROT_DENIED MleRscProtDenied;\r | |
780 | ENTRY_EVT_MLE_RSC_UNPROT MleRscUnprot;\r | |
781 | ENTRY_EVT_MLE_RSC_UNPROT_ERROR MleRscUnprotError;\r | |
782 | ENTRY_EVT_MLE_DOMAIN_TYPE_DEGRADED MleDomainTypeDegraded;\r | |
783 | } LOG_ENTRY_DATA;\r | |
784 | \r | |
785 | typedef struct {\r | |
786 | LOG_ENTRY_HEADER Hdr;\r | |
787 | LOG_ENTRY_DATA Data;\r | |
788 | } STM_LOG_ENTRY;\r | |
789 | \r | |
790 | /**\r | |
791 | Maximum STM Log Entry Size\r | |
792 | **/\r | |
793 | #define STM_LOG_ENTRY_SIZE 256\r | |
794 | \r | |
795 | \r | |
796 | /**\r | |
797 | STM Protection Exception Stack Frame Structures\r | |
798 | **/\r | |
799 | \r | |
800 | typedef struct {\r | |
801 | UINT32 Rdi;\r | |
802 | UINT32 Rsi;\r | |
803 | UINT32 Rbp;\r | |
804 | UINT32 Rdx;\r | |
805 | UINT32 Rcx;\r | |
806 | UINT32 Rbx;\r | |
807 | UINT32 Rax;\r | |
808 | UINT32 Cr3;\r | |
809 | UINT32 Cr2;\r | |
810 | UINT32 Cr0;\r | |
811 | UINT32 VmcsExitInstructionInfo;\r | |
812 | UINT32 VmcsExitInstructionLength;\r | |
813 | UINT64 VmcsExitQualification;\r | |
814 | ///\r | |
815 | /// An TXT_SMM_PROTECTION_EXCEPTION_TYPE num value\r | |
816 | ///\r | |
817 | UINT32 ErrorCode;\r | |
818 | UINT32 Rip;\r | |
819 | UINT32 Cs;\r | |
820 | UINT32 Rflags;\r | |
821 | UINT32 Rsp;\r | |
822 | UINT32 Ss;\r | |
823 | } STM_PROTECTION_EXCEPTION_STACK_FRAME_IA32;\r | |
824 | \r | |
825 | typedef struct {\r | |
826 | UINT64 R15;\r | |
827 | UINT64 R14;\r | |
828 | UINT64 R13;\r | |
829 | UINT64 R12;\r | |
830 | UINT64 R11;\r | |
831 | UINT64 R10;\r | |
832 | UINT64 R9;\r | |
833 | UINT64 R8;\r | |
834 | UINT64 Rdi;\r | |
835 | UINT64 Rsi;\r | |
836 | UINT64 Rbp;\r | |
837 | UINT64 Rdx;\r | |
838 | UINT64 Rcx;\r | |
839 | UINT64 Rbx;\r | |
840 | UINT64 Rax;\r | |
841 | UINT64 Cr8;\r | |
842 | UINT64 Cr3;\r | |
843 | UINT64 Cr2;\r | |
844 | UINT64 Cr0;\r | |
845 | UINT64 VmcsExitInstructionInfo;\r | |
846 | UINT64 VmcsExitInstructionLength;\r | |
847 | UINT64 VmcsExitQualification;\r | |
848 | ///\r | |
849 | /// An TXT_SMM_PROTECTION_EXCEPTION_TYPE num value\r | |
850 | ///\r | |
851 | UINT64 ErrorCode;\r | |
852 | UINT64 Rip;\r | |
853 | UINT64 Cs;\r | |
854 | UINT64 Rflags;\r | |
855 | UINT64 Rsp;\r | |
856 | UINT64 Ss;\r | |
857 | } STM_PROTECTION_EXCEPTION_STACK_FRAME_X64;\r | |
858 | \r | |
859 | typedef union {\r | |
860 | STM_PROTECTION_EXCEPTION_STACK_FRAME_IA32 *Ia32StackFrame;\r | |
861 | STM_PROTECTION_EXCEPTION_STACK_FRAME_X64 *X64StackFrame;\r | |
862 | } STM_PROTECTION_EXCEPTION_STACK_FRAME;\r | |
863 | \r | |
864 | /**\r | |
865 | Enum values for the ErrorCode field in\r | |
866 | #STM_PROTECTION_EXCEPTION_STACK_FRAME_IA32 and\r | |
867 | #STM_PROTECTION_EXCEPTION_STACK_FRAME_X64\r | |
868 | **/\r | |
869 | typedef enum {\r | |
870 | TxtSmmPageViolation = 1,\r | |
871 | TxtSmmMsrViolation,\r | |
872 | TxtSmmRegisterViolation,\r | |
873 | TxtSmmIoViolation,\r | |
874 | TxtSmmPciViolation\r | |
875 | } TXT_SMM_PROTECTION_EXCEPTION_TYPE;\r | |
876 | \r | |
877 | /**\r | |
878 | TXT Pocessor SMM Descriptor (PSD) structures\r | |
879 | **/\r | |
880 | \r | |
881 | typedef struct {\r | |
882 | UINT64 SpeRip;\r | |
883 | UINT64 SpeRsp;\r | |
884 | UINT16 SpeSs;\r | |
885 | UINT16 PageViolationException:1;\r | |
886 | UINT16 MsrViolationException:1;\r | |
887 | UINT16 RegisterViolationException:1;\r | |
888 | UINT16 IoViolationException:1;\r | |
889 | UINT16 PciViolationException:1;\r | |
890 | UINT16 Reserved1:11;\r | |
891 | UINT32 Reserved2;\r | |
892 | } STM_PROTECTION_EXCEPTION_HANDLER;\r | |
893 | \r | |
894 | typedef struct {\r | |
895 | UINT8 ExecutionDisableOutsideSmrr:1;\r | |
896 | UINT8 Intel64Mode:1;\r | |
897 | UINT8 Cr4Pae : 1;\r | |
898 | UINT8 Cr4Pse : 1;\r | |
899 | UINT8 Reserved1 : 4;\r | |
900 | } STM_SMM_ENTRY_STATE;\r | |
901 | \r | |
902 | typedef struct {\r | |
903 | UINT8 SmramToVmcsRestoreRequired : 1; ///> BIOS restore hint\r | |
904 | UINT8 ReinitializeVmcsRequired : 1; ///> BIOS request\r | |
905 | UINT8 Reserved2 : 6;\r | |
906 | } STM_SMM_RESUME_STATE;\r | |
907 | \r | |
908 | typedef struct {\r | |
909 | UINT8 DomainType : 4; ///> STM input to BIOS on each SMI\r | |
910 | UINT8 XStatePolicy : 2; ///> STM input to BIOS on each SMI\r | |
911 | UINT8 EptEnabled : 1;\r | |
912 | UINT8 Reserved3 : 1;\r | |
913 | } STM_SMM_STATE;\r | |
914 | \r | |
915 | #define TXT_SMM_PSD_OFFSET 0xfb00\r | |
916 | #define TXT_PROCESSOR_SMM_DESCRIPTOR_SIGNATURE SIGNATURE_64('T', 'X', 'T', 'P', 'S', 'S', 'I', 'G')\r | |
917 | #define TXT_PROCESSOR_SMM_DESCRIPTOR_VERSION_MAJOR 1\r | |
918 | #define TXT_PROCESSOR_SMM_DESCRIPTOR_VERSION_MINOR 0\r | |
919 | \r | |
920 | typedef struct {\r | |
921 | UINT64 Signature;\r | |
922 | UINT16 Size;\r | |
923 | UINT8 SmmDescriptorVerMajor;\r | |
924 | UINT8 SmmDescriptorVerMinor;\r | |
925 | UINT32 LocalApicId;\r | |
926 | STM_SMM_ENTRY_STATE SmmEntryState;\r | |
927 | STM_SMM_RESUME_STATE SmmResumeState;\r | |
928 | STM_SMM_STATE StmSmmState;\r | |
929 | UINT8 Reserved4;\r | |
930 | UINT16 SmmCs;\r | |
931 | UINT16 SmmDs;\r | |
932 | UINT16 SmmSs;\r | |
933 | UINT16 SmmOtherSegment;\r | |
934 | UINT16 SmmTr;\r | |
935 | UINT16 Reserved5;\r | |
936 | UINT64 SmmCr3;\r | |
937 | UINT64 SmmStmSetupRip;\r | |
938 | UINT64 SmmStmTeardownRip;\r | |
939 | UINT64 SmmSmiHandlerRip;\r | |
940 | UINT64 SmmSmiHandlerRsp;\r | |
941 | UINT64 SmmGdtPtr;\r | |
942 | UINT32 SmmGdtSize;\r | |
943 | UINT32 RequiredStmSmmRevId;\r | |
944 | STM_PROTECTION_EXCEPTION_HANDLER StmProtectionExceptionHandler;\r | |
945 | UINT64 Reserved6;\r | |
946 | UINT64 BiosHwResourceRequirementsPtr;\r | |
947 | // extend area\r | |
948 | UINT64 AcpiRsdp;\r | |
949 | UINT8 PhysicalAddressBits;\r | |
950 | } TXT_PROCESSOR_SMM_DESCRIPTOR;\r | |
951 | \r | |
952 | #pragma pack ()\r | |
953 | \r | |
954 | #endif\r |