CPUID Enumeration and Architectural MSRs

ID 标签 758381
已更新 8/8/2023
版本 7.0
公共

author-image

作者

Processors Affected by Speculative Execution Side Channel Issues

Refer to the Consolidated Affected Processors by CPU table for a list of processors affected by speculative execution side channels and related security issues disclosed since 2018.

CPUID Enumeration for Mitigations

Processor support for the new mitigation mechanisms is enumerated using the CPUID instruction and several architectural model specific registers (MSRs). To find the mapping between a processor's CPUID and its Family/Model number, refer to the Intel® 64 and IA-32 Architectures Software Developer Manuals, Vol 2A, table 3-8 and the INPUT EAX = 01H: Returns Model, Family, Stepping Information section.

The CPUID instruction enumerates support for the mitigation mechanisms using feature flags in CPUID.(EAX=7H,ECX=0):EDX:

  • CPUID.(EAX=07H,ECX=0):EDX[9] enumerates support for the IA32_MCU_OPT_CTRL MSR. The presence of this MSR and RNGDS_MITG_DIS (bit 0) is part of the mitigation for Special Register Buffer Data Sampling. The GDS_MITG_DIS (bit 4) and GDS_MITG_LOCK (bit 5) bits are part of the mitigation for Gather Data Sampling
  • CPUID.(EAX=07H,ECX=0):EDX[10] enumerates support for additional functionality that will flush microarchitectural structures as listed here.
  • CPUID.(EAX=07H, ECX=0).EDX[11] and CPUID.(EAX=7H,ECX=0).EDX[13] enumerate support for an updated definition of the IA32_TSX_FORCE_ABORT MSR. Processors that set bit 0 (FORCE_ABORT_RTM) in the IA32_TSX_FORCE_ABORT MSR enable FORCE_ABORT_RTM mode. 
  • CPUID.(EAX=07H,ECX=0):EDX[26] enumerates support for indirect branch restricted speculation (IBRS) and the indirect branch predictor barrier (IBPB). Processors that set this bit support the IA32_SPEC_CTRL MSR and the IA32_PRED_CMD MSR. They allow software to set IA32_SPEC_CTRL[0] (IBRS) and IA32_PRED_CMD[0] (IBPB).
  • CPUID.(EAX=07H,ECX=0):EDX[27] enumerates support for single thread indirect branch predictors (STIBP). Processors that set this bit support the IA32_SPEC_CTRL MSR. They allow software to set IA32_SPEC_CTRL[1] (STIBP).
  • CPUID.(EAX=07H,ECX=0):EDX[28] enumerates support for L1D_FLUSH. Processors that set this bit support the IA32_FLUSH_CMD MSR. They allow software to set IA32_FLUSH_CMD[0] (L1D_FLUSH).
  • CPUID.(EAX=07H,ECX=0):EDX[29] enumerates support for the IA32_ARCH_CAPABILITIES MSR.
  • CPUID.(EAX=07H,ECX=0):EDX[31] enumerates support for Speculative Store Bypass Disable (SSBD). Processors that set this bit support the IA32_SPEC_CTRL MSR. They allow software to set IA32_SPEC_CTRL[2] (SSBD).
  • CPUID.(EAX=7H,ECX=2):EDX[5] enumerates MCDT_NO. Processors that enumerate this bit as 1 do not exhibit MXCSR Configuration Dependent Timing (MCDT) behavior and do not need to be mitigated to avoid data-dependent behavior for certain instructions.
  • CPUID.(EAX=7H,ECX=2): EDX[7] enumerates MONITOR_MITG_NO. Processors that enumerate this bit as 1 are not affected by performance or power issues due to MONITOR/UMONITOR instructions exceeding the capacity of an internal monitor tracking table. If 0, then the product may be affected by this issue.
     

The mitigation mechanisms may be introduced to a processor by loading a microcode update. In such cases, software should reevaluate the enumeration after loading that microcode update.

Table 1. Structured Extended Feature Flags Enumeration Leaf (Output depends on ECX input value)
Initial EAX Value Information Provided About the Processor Notes
07H EDX Leaf 07H main leaf (ECX = 0).
If ECX contains an invalid subleaf index, EAX/EBX/ECX/EDX return 0.
    Bit 10: MD_CLEAR supported.
Bits 25-00: Reserved
Bit 26: IBRS and IBPB supported
Bit 27: STIBP supported
Bit 28: L1D_FLUSH supported
Bit 29: IA32_ARCH_CAPABILITIES supported
Bit 30: Reserved
Bit 31: SSBD supported
07H EDX Leaf 07H main leaf (ECX = 2).
If ECX contains an invalid subleaf index, EAX/EBX/ECX/EDX return 0.
    Bit 0: PSFD supported
Bit 1: IPRED_CTRL
Bit 2: RRSBA_CTRL
Bit 3: DDP_CTRL
Bit 4: BHI_CTRL
Bit 5: MCDT_NO
Bit 6: Reserved
Bit 7: MONITOR_MITG_NO

 

Note The table above is not intended to provide full details of this leaf; see the Intel® 64 and IA-32 Architectures Software Developer’s Manual, Volume 2A (CPUID instruction), for full details on CPUID leaf 07H.

IA32_ARCH_CAPABILITIES MSR

Additional features are enumerated by the IA32_ARCH_CAPABILITIES MSR (MSR index 10AH). This is a read-only MSR that is supported if CPUID.(EAX=7H,ECX=0):EDX[29] is enumerated as 1.

Table 2. IA32_ARCH_CAPABILITIES MSR Details
Register Address Hex Register Address Dec Architectural MSR Name /
Bit Fields
MSR / Bit Description Comment
10AH 266 IA32_ARCH_CAPABILITIES Enumeration of Architectural Features (RO) If CPUID.(EAX-07H, ECX=0):EDX[29]=1
10AH 266 0 RDCL_NO: The processor is not susceptible to Rogue Data Cache Load (RDCL).  
10AH 266 1 IBRS_ALL: the processor supports enhanced Indirect Branch Restriction Speculation (IBRS)  
10AH 266 2 RSBA: The processor supports RSB Alternate. Alternative branch predictors may be used by RET instructions when the RSB is empty. Software using retpoline may be affected by this behavior.  
10AH 266 3 SKIP_L1DFL_VMENTRY: A value of 1 indicates the hypervisor need not flush the L1D on VM entry.  
10AH 266 4 SSB_NO: Processor is not susceptible to Speculative Store Bypass (SSB).   
10AH 266 5 MDS_NO: Processor is not susceptible to Microarchitectural Data Sampling (MDS).  
10AH 266 6 IF_PSCHANGE_MC_NO: The processor is not susceptible to a machine check error due to modifying the size of a code page without TLB invalidation.  
10AH 266 7 TSX_CTRL: The processor supports RTM_DISABLE and TSX_CPUID_CLEAR.  
10AH 266 8 TAA_NO: Processor is not susceptible to Intel® Transactional Synchronization Extensions (Intel® TSX) Asynchronous Abort (TAA).   
10AH 266 9 Reserved.  
10AH 266 10 MISC_PACKAGE_CTRLS: Processor supports IA32_MISC_PACKAGE_CTRLS MSR.  
10AH 266 11 ENERGY_FILTERING_CTL: Processor supports setting and reading IA32_MISC_PACKAGE_CTLS[0] (ENERGY_FILTERING_ENABLE) bit.  
10AH 266 12 DOITM: The processor supports data operand independent timing mode.  
10AH 266 13 SBDR_SSDP_NO: The processor is not affected by either the Shared Buffers Data Read (SBDR) vulnerability or the Sideband Stale Data Propagator (SSDP).  
10AH 266 14 FBSDP_NO: The processor is not affected by the Fill Buffer Stale Data Propagator (FBSDP).  
10AH 266 15 PSDP_NO: The processor is not affected by vulnerabilities involving the Primary Stale Data Propagator (PSDP).  
10AH 266 16 Reserved.  
10AH 266 17 FB_CLEAR: The processor will overwrite fill buffer values as part of MD_CLEAR operations with the VERW instruction. On these processors, L1D_FLUSH does not overwrite fill buffer values.  
10AH 266 18 FB_CLEAR_CTRL: The processor supports read and write to the IA32_MCU_OPT_CTRL MSR (MSR 123H) and to the FB_CLEAR_DIS bit in that MSR (bit position 3).  On such processors, the FB_CLEAR_DIS bit can be set to cause the VERW instruction to skip the FB_CLEAR action (FB_CLEAR_DIS does not disable the FB_CLEAR action in the L1D_FLUSH operation for processors in which L1D_FLUSH overwrites the fill buffers)
10AH 266 19 RRSBA A value of 1 indicates processor may have the RRSBA alternate prediction behavior, if not disabled by RRSBA_DIS_U or RRSBA_DIS_S.
10AH 266 20 BHI_NO A value of 1 indicates BHI_NO branch prediction behavior, regardless of the value of IA32_SPEC_CTRL[BHI_DIS_S] MSR bit.
10AH 266 21 XAPIC_DISABLE_STATUS: Enumerates that the IA32_XAPIC_DISABLE_STATUS MSR exists, and that bit 0 specifies whether the legacy xAPIC is disabled and APIC state is locked to x2APIC.  
10AH 266 22 Reserved  
10AH 266 23 OVERCLOCKING_STATUS: If set, the IA32_OVERCLOCKING STATUS MSR exists.  
10AH 266 24 PBRSB_NO: If 1, indicates that the processor is not affected by post-barrier Return Stack Buffer predictions  
10AH 266 25 GDS_CTRL: Enumeration for support of both IA32_MCU_OPT_CTRL[4] and IA32_MCU_OPT_CTRL[5].  
10AH 266 26 GDS_NO: The processor is not vulnerable to Gather Data Sampling.  
10AH 266 27 RFDS_NO: The processor is not vulnerable to Register File Data Sampling.  
10AH 266 28 RFDS_CLEAR: The processor is vulnerable to Register File Data Sampling, and the VERW instruction will overwrite buffers affected by Register File Data Sampling.  
10AH 266 29 IGN_UMONITOR_SUPPORT: If 1, indicates support of IA32_MCU_OPT_CTRL[6] (IGN_UMONITOR).   
10AH 266 30 MON_UMON_MITG_SUPPORT: If 1, indicates support of IA32_MCU_OPT_CTRL[7] (MON_UMON_MITG).   
10AH 266 63:31 Reserved  

 

IA32_SPEC_CTRL MSR

The IA32_SPEC_CTRL MSR bits are defined as logical processor scope. On some core implementations, the bits may impact sibling logical processors on the same core.

This MSR has a value of 0 after reset and is unaffected by INIT# or SIPI#.

Like IA32_TSC_DEADLINE MSR (MSR index 6E0H), the x2APIC MSRs (MSR indices 802H to 83FH) and IA32_PRED_CMD (MSR index 49H), WRMSR to IA32_SPEC_CTRL (MSR index 48H) is not defined as a serializing instruction.

WRMSR to IA32_SPEC_CTRL does not execute until all prior instructions have completed locally and no later instructions begin execution until the WRMSR completes.

Table 3. IA32_SPEC_CTRL MSR Details
Register Address Hex Register Address Dec Architectural MSR Name /
Bit Fields
MSR / Bit Description Comment
48H 72 IA32_SPEC_CTRL Speculation Control (R/W) If any one of the enumeration conditions for the defined bit field positions holds.
48H 72 0 IBRS. Restricts speculation of indirect branch. If CPUID.(EAX=07H, EXC=0):EDX[26]=1
48H 72 1 Single Thread Indirect Branch Predictors (STIBP). Prevents indirect branch predictions on all logical processors on the core from being controlled by any sibling logical processor in the same core. If CPUID.(EAX=07H, ECX=0):EDX[27]=1
48H 72 2 Speculative Store Bypass Disable (SSBD) delays speculative execution of a load until the addresses of all older stores are known If CPUID.(EAX=07H, ECX=0):EDX[31]=1
48H 72 3 IPRED_DIS_U: When 1, enables IPRED_DIS control for CPL3.  Enumerated by CPUID.7.2.EDX[IPRED_CTRL] (bit 1)
48H 72 4 IPRED_DIS_S: When 1, enables IPRED_DIS control for CPL0/1/2.  Enumerated by CPUID.7.2.EDX[IPRED_CTRL] (bit 1)
48H 72 5 RRSBA_DIS_U: When 1, disables RRSBA behavior for CPL3.  Enumerated by CPUID.7.2.EDX[RRSBA_CTRL] (bit 2)
48H 72 6 RRSBA_DIS_S: When 1, disables RRSBA behavior for CPL0/1/2. Enumerated by CPUID.7.2.EDX[RRSBA_CTRL] (bit 2)
48H 72 7 PSFD: When 1, disables Fast Store Forwarding Predictor without disabling Speculative Store Bypass. Enumerated by CPUID.(EAX=7,ECX=2).EDX[0]
48H 72 8 DDPD_U: If IA32_SPEC_CTRL.DDPD_U (bit 8) is set to 1, Data Dependent Prefetcher which examine data values in memory (in any case limited to user-mode) is disabled. Enumerated by CPUID.(EAX=7,ECX=2).EDX[3]
48H 72 9 Reserved.  
48H 72 10 BHI_DIS_S: When 1, enables BHI_DIS_S behavior.   Enumerated by CPUID.7.2.EDX[BHI_CTRL] (bit 4)
48H 72 63:11 Reserved.  

 

IA32_PRED_CMD MSR

The IA32_PRED_CMD MSR gives software a way to issue commands that affect the state of predictors.

Table 4. IA32_PRED_CMD MSR Details
Register Address Hex Register Address Dec Register Name/
Bit Fields
MSR / Bit Description Comment
49H 73 IA32_PRED_CMD Prediction Command (WO) If any one of the enumeration conditions for defined bit field positions holds.
49H 73 0 Indirect Branch Prediction Barrier (IBPB) If CPUID.EAX=07H, ECX=0):EDX[26]=1
49H 73 63:1 Reserved  

 

Like IA32_TSC_DEADLINE MSR (MSR index 6E0H), the X2APIC MSRs (MSR indices 802H to 83FH) and IA32_SPEC_CTRL (MSR index 48H), WRMSR to IA32_PRED_CMD (MSR index 49H) is not defined as a serializing instruction.

WRMSR to IA32_PRED_CMD does not execute until all prior instructions have completed locally and no later instructions begin execution until the WRMSR completes.
 

IA32_FLUSH_CMD MSR

The IA32_FLUSH_CMD MSR gives software a way to invalidate structures with finer granularity than other architectural methods.

Like the IA32_TSC_DEADLINE MSR (MSR index 6E0H), the X2APIC MSRs (MSR indices 802H to 83FH), and the IA32_SPEC_CTRL MSR (MSR index 48H), WRMSR to the IA32_FLUSH_CMD MSR (MSR index 10BH) is not defined as a serializing instruction.

WRMSR to the IA32_FLUSH_CMD MSR does not execute until all prior instructions have completed locally, and no later instructions begin execution until the WRMSR completes.

Table 5. IA32_FLUSH_CMD MSR Details
Register Address Hex Register Address Dec Architectural MSR Name /
Bit Fields
MSR / Bit Description Comment
10BH 267 IA32_FLUSH_CMD Flush Command (WO) If any one of the enumeration conditions for defined bit field positions holds.
10BH 267 0 L1D_FLUSH: Writeback and invalidate the L1 data cache If CPUID.EAX=07H, ECX=0):EDX[28]=1
10BH 267 63:1 Reserved  

 

IA32_MCU_OPT_CTRL MSR 

The thread-scope MSR IA32_MCU_OPT_CTRL MSR (address 123H) provides status and control bits for several mitigations. This MSR is supported where any of the mitigations described below are enumerated. This enumeration may only occur after a microcode update.

As part of the mitigation for Special Register Buffer Data Sampling, Intel added a new thread-scope IA32_MCU_OPT_CTRL MSR (address 123H). The presence of this MSR and RNGDS_MITG_DIS (bit 0) is enumerated by CPUID (EAX=07H,ECX=0).EDX[SRBDS_CTRL = 9]==1. This MSR may be introduced through a microcode update

Setting IA32_MCU_OPT_CTRL[0] (RNGDS_MITG_DIS) to 1 for a logical processor disables the mitigation for RDRAND and RDSEED executed outside of an Intel SGX enclave on that logical processor. Opting out of the mitigation for a particular logical processor does not affect the RDRAND and RDSEED mitigations for other logical processors.

Note that inside of an Intel SGX enclave, the mitigation is applied regardless of the value of RNGDS_MITG_DS.

Table 6: IA32_MCU_OPT_CTRL MSR
Register Address Hex Register Address Dec Architectural MSR Name / Bit Fields MSR / Bit Description Comment
123H 291 IA32_MCU_OPT_CTRL Microcode Update Option Control (R/W) If CPUID.(EAX=07H,ECX=0):EDX[9]=1 or IA32_ARCH_CAPABILITIES[18]=1
123H 291 0 RNGDS_MITG_DIS (R/W): If 0 (default), SRBDS mitigation is enabled for RDRAND and RDSEED. If 1, SRBDS mitigation is disabled for RDRAND and RDSEED executed outside of Intel SGX enclaves If CPUD.(EAX=07H, ECX=0):EDX[9]=1
123H 291 1 RTM_ALLOW: When set to 0, XBEGIN will always abort with EAX code 0.  When set to 1, XBEGIN behavior depends on the value of IA32_TSX_CTRL[RTM_DISABLE]. Read/Write. Setting RTM_LOCKED prevents writes to this bit. 
123H 291 2 RTM_LOCKED: When 1, RTM_ALLOW is locked at zero, writes to RTM_ALLOW will be ignored. Read-Only status bit.
123H 291 3 On such processors, the FB_CLEAR_DIS bit can be set to cause the VERW instruction to not perform the FB_CLEAR action (FB_CLEAR_DIS does not disable the FB_CLEAR action in the L1D_FLUSH operation for processors in which L1D_FLUSH overwrites the fill buffers). If IA32_ARCH_CAPABILITIES.FB_CLEAR_CTRL=1. 
123H 291 4 GDS_MITG_DIS: If 0: GDS mitigation enabled (patch load time default).
If 1 on all threads for a given core: GDS mitigation is disabled.
Read/Write
Notes: 0/1 Updates (writes) to this MSR change enable/disable the mitigation. GDS_MITG_DIS must be set to 1 on all threads on a core to disable the mitigation.
123H 291 5 GDS_MITG_LOCK: If 0: Not locked / GDS_MITG_DIS is under OS control.
If 1: Locked / GDS_MITG_DIS forced to 0 (writes are ignored).
Read Only
Note: R/W on Tiger Lake.
Lock is one-way, and set at MCU load when Intel SGX has been enabled and hyperthreading has been disabled, as configured by BIOS. 
123H 291 6 IGN_UMONITOR: If 0, UMONITOR instructions may set up an address monitor as described in their instruction definition. 
If 1 (default), UMONITORs will not set up address monitors . This may cause later UMWAIT instructions to not enter an implementation-dependent optimized state.
If IA32_ARCH_CAPABILITIES[29]=1
123H 291 7 MON_UMON_MITG  
If 0 (default), Disabled.  
If 1, Enable: MONITOR and UMONITOR instructions will flush previously monitored addresses of the logical processor and, sometimes, nearby logical processors (on a sibling hyperthread or in the same module). This may reduce the rate of entering monitoring hardware overflow mode or may allow leaving that mode more quickly. Note that it may impact the latency of the MONITOR and UMONITOR instructions and may cause nearby logical processors to wake from sleep states. 
If IA32_ARCH_CAPABILITIES[30]=1
NOTE: The intent of this option is to try to keep the address monitoring hardware out of monitoring hardware overflow mode or recover faster if it is in that mode.
 
123H 291 63:6 Reserved  

 

IA32_TSX_CTRL MSR

IA32_ARCH_CAPABILITIES[TSX_CTRL] (bit 7) enumerates that the IA32_TSX_CTRL MSR exists and that TSX_CTRL supports bit 0 (RTM_DISABLE) and bit 1 (TSX_CPUID_CLEAR). Processors that do not enumerate IA32_ARCH_CAPABILITIES[TAA_NO] (bit 8), but do enumerate IA32_ARCH_CAPABILITIES[TSX_CTRL] (bit 7) have the following two behaviors:

  1. The processor automatically overwrites the affected microarchitecture data buffers when entering or exiting Intel SGX enclaves.
  2. On a hyperthreading-enabled processor, the processor automatically aborts any Intel TSX transaction on one logical processor when the sibling logical processor on the same physical core enters an Intel SGX enclave. The processor also prevents an Intel TSX transaction from starting on one logical processor if the sibling logical processor is currently executing an Intel SGX enclave.
Table 7: Description of IA32_TSX_CTRL MSR
Register Address Hex Register Address Dec Architectural MSR Name / Bit Fields MSR / Bit Description Comment
122h 299 IA32_TSX_CTRL   Thread scope. Not architecturally serializing.
Available when CPUID.ARCH_CAP(EAX=7h,ECX=0):EDX[29] = 1 and IA32_ARCH_CAPABILITIES.bit 7 = 1
 
122h 299 0 RTM_DISABLE: When set to 1 XBEGIN will always abort with EAX code 0.  
122h 299 1 TSX_CPUID_CLEAR: When set to 1 CPUID.07h.EBX.RTM [bit 11] and CPUID.07h.EBX.HLE [bit 4] report 0.
When set to 0 and the SKU supports Intel TSX these bits will return 1.
 
122h 299 63:2 Reserved  

 

IA32_TSX_FORCE_ABORT MSR

The original definition of TSX_FORCE_ABORT MSR is documented in Section 1.0 of the Performance Monitoring Impact of Intel® Transactional Synchronization Extension Memory Ordering Issue guidance (RDC 604224). The updated definition of the thread-scope TSX_FORCE_ABORT MSR is described in Section 2.0 of RDC 604224 and in the table below. Whether a processor supports this updated MSR definition can be determined by checking for the combination of the following conditions:
•    CPUID.07H.0H.EDX[13](RTM_FORCE_ABORT) = 1
•    CPUID.07H.0H.EDX[11](RTM_ALWAYS_ABORT) = 1 or TSX_FORCE_ABORT[SDV_ENABLE_RTM](bit 2) = 1

Table 8: IA32_TSX_FORCE_ABORT MSR
Register Address Hex Register Address Dec Architectural MSR Name / Bit Fields MSR / Bit Description Comment
10f 271 IA32_TSX_FORCE_ABORT MSR Existence enumerated by CPUID 7:0 EDX[13]
 
10f 271 0 RTM_FORCE_ABORT: Reads as 1, unless bit 2 is set. When set to 1 all RTM transactions abort with EAX code 0 while the bit it set, and counter 3 becomes usable. When bit 2 is set, no implication on Counter 3.

Writes ignored,
Default: 1.
R/W, Default: 0 
If CPUID.(EAX=-7H,ECX=0):EDX[11]=1, bit 0 is always 1 and writes to change it are ignored. 
If SDV_ENABLE_RTM is 1, bit 0 is always 0 and writes to change it are ignored.

10f 271 1 TSX_CPUID_CLEAR: When set, CPUID.07H.0H.EBX[11]=0 and CPUID.07H.0H.EBX[4]=0. R/W, Default: 0. Can be set only if CPUID.(EAX=07H,ECX=0):EDX[11]=1 or if SDV_ENABLE_RTM is 1.
10f 271 2 SDV_ENABLE_RTM: When set, CPUID.(EAX=07H,ECX=0):EDX[11]=0 and the processor may not force abort RTM. This unsupported mode should only be used for software development and not for production usage.  R/W, Default: 0. If 0, can be set only if CPUID.(EAX=07H,ECX=0):EDX[11]=0
10f 271 63:3 Reserved  

 

It is possible for Performance Monitoring Unit (PMU) drivers to opt-in to use all general purpose counters by enabling FORCE_ABORT_RTM mode. This requires setting bit 0 (FORCE_ABORT_RTM) in the TSX_FORCE_ABORT (0x10f) MSR for each logical CPU that is affected. The driver should only access this MSR when CPUID 7.EDX[13] is set.

When FORCE_ABORT_RTM is enabled, all RTM transactions on the logical CPU will forcefully abort, which can potentially impact performance of Intel TSX-enabled software, but the general purpose counter 3 will report correct values. 

Application functionality should not be impacted because software that uses RTM is required to implement valid, non-transactional fallback paths for potential aborts, which are already exercised. When FORCE_ABORT_RTM mode is disabled, the RTM transactions will be allowed to commit again.

FORCE_ABORT_RTM mode does not change the CPUID feature enumeration for RTM or HLE.

FORCE_ABORT_RTM mode should always be disabled when the measurement session is finished to prevent applications that use RTM from experiencing performance impacts.

IA32_UARCH_MISC_CTL MSR

Table 9: IA32_UARCH_MISC_CTL
Register Address Hex Register Address Dec  Architectural MSR Name / Bit Fields Permission MSR / Bit Description Comment
1B01H 6913 IA32_UARCH_MISC_CTL     If IA32_ARCH_CAPABILITIES[DOITM]=1
1B01H 6913 0 R/W Data Operand Independent Timing Mode (DOITM)  If IA32_ARCH_CAPABILITIES[DOITM]=1
1B01H 6913 63:1 RO Reserved  

This MSR is logical processor scoped and has a reset value of 0. When the DOITM bit is set in IA32_UARCH_MISC_CTL, the processor enables Data Operand Independent Timing Mode. Like IA32_TSC_DEADLINE MSR (MSR index 6E0H), the X2APIC MSRs (MSR indices 802H to 83FH) and IA32_SPEC_CTRL (MSR index 48H), WRMSR to IA32_UARCH_MISC_CTL (MSR index 1B01H) is not defined as a serializing instruction. WRMSR to IA32_UARCH_MISC_CTL does not execute until all prior instructions have completed locally and no later instructions begin execution until the WRMSR completes.

IA32_XAPIC_DISABLE_STATUS MSR 

Some recent Intel processors support a new feature that can disable switching to the legacy xAPIC after BIOS or system software has switched to x2APIC mode. This prevents clearing of the EXTD bit of the IA32_APIC_BASE model specific register (MSR), ensuring that x2APIC cannot be disabled. Software can determine whether a processor may support this functionality by checking bit 21 of the IA32_ARCH_CAPABILITIES MSR. When this bit is present, bit 0 (LEGACY_XAPIC_DISABLED) of the read-only IA32_XAPIC_DISABLE_STATUS MSR (address 0xBD) reflects whether legacy xAPIC is disabled and APIC state is locked to x2APIC. When LEGACY_XAPIC_DISABLED=1, then IA32_APIC_BASE.EXTD will also be 1. When LEGACY_XAPIC_DISABLED is set, the EXTD bit of IA32_APIC_BASE is always 1 and attempts to clear it will be treated as a reserved bit violation (for example, WRMSR will cause a #GP fault). Note that VM exits due to MSR bitmaps occur before such reserved bit checks.

The LEGACY_XAPIC_DISABLED bit does not affect APIC virtualization. When LEGACY_XAPIC_DISABLED=1, the “virtualize APIC accesses” VM-execution control is still supported.

On Intel® Xeon® 4th Gen Scalable processors (code name Sapphire Rapids), LEGACY_XAPIC_DISABLED is a requirement for some platform features, such as Intel® Software Guard Extensions (Intel® SGX) and Intel® Trust Domain Extensions (Intel® TDX), and LEGACY_XAPIC_DISABLED will be set if the processor is in x2APIC mode when the BIOS successfully completes MCHECK (performed via a WRMSR to MSR 0x79). 

Intel does not currently provide a mechanism for BIOS or system software to explicitly set the IA32_XAPIC_DISABLE_STATUS[LEGACY_XAPIC_DISABLED] bit. However, processors may implicitly set IA32_XAPIC_DISABLE_STATUS[LEGACY_XAPIC_DISABLED] when software sets the IA32_APIC_BASE.EXTD bit, effectively preventing x2APIC from being disabled once it has been enabled. 

Note: If there is a need to remain in legacy xAPIC mode, refer to the Sapphire Rapids BIOS Writers Guide

Table 10: IA32_XAPIC_DISABLE_STATUS MSR
Register Address Hex Register Address Dec Architectural MSR / Bit Fields MSR / Bit Description Comment
BDH 189 IA32_XAPIC_DISABLE_STATUS xAPIC disable status (R/O) If CPUID.(EAX-07H, ECX=0):EDX[29]=1 and IA32_ARCH_CAPABILITIES bit 21 = 1
BDH 189 0 LEGACY_XAPIC_DISABLED: Indicates lock state of x2APIC.
If set, MSR writes that attempt  to clear the EXTD bit of the IA32_APIC_BASE MSR will #GP. 
 
BDH 189 63:1 Reserved  

 

Software Security Guidance Home | Advisory Guidance | Technical Documentation | Best Practices | Resources