msr: Add new MSR modules (rdmsr/wrmsr)

In order to be able to read from and write to model-specific registers, two new modules are added. They are i386 specific, as the cpuid module. rdmsr module registers the command rdmsr that allows reading from a MSR. wrmsr module registers the command wrmsr that allows writing to a MSR. wrmsr module is disabled if UEFI secure boot is enabled. Please note that on SMP systems, interacting with a MSR that has a scope per hardware thread, implies that the value only applies to the particular cpu/core/thread that ran the command. Also, if you specify a reserved or unimplemented MSR address, it will cause a general protection exception (which is not currently being handled) and the system will reboot. Signed-off-by: Jesús Diéguez Fernández <jesusdf@gmail.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2019-03-08 01:26:37 +01:00 · 2019-03-08 01:26:37 +01:00 · a728cd4d1d
commit a728cd4d1d
parent 8d417db48d
7 changed files with 324 additions and 7 deletions
--- a/docs/grub.texi
+++ b/docs/grub.texi
@ -3931,6 +3931,7 @@ you forget a command, you can run the command @command{help}
 * play::                        Play a tune
 * probe::                       Retrieve device info
 * pxe_unload::                  Unload the PXE environment
+* rdmsr::                       Read values from model-specific registers
 * read::                        Read user input
 * reboot::                      Reboot your computer
 * regexp::                      Test if regular expression matches string
@ -3954,6 +3955,7 @@ you forget a command, you can run the command @command{help}
 * verify_detached::             Verify detached digital signature
 * videoinfo::                   List available video modes
@comment * xen_*::              Xen boot commands for AArch64
+* wrmsr::                       Write values to model-specific registers
 * xen_hypervisor::              Load xen hypervisor binary (only on AArch64)
 * xen_module::                  Load xen modules for xen hypervisor (only on AArch64)
@end menu
@ -4786,6 +4788,24 @@ This command is only available on PC BIOS systems.
@end deffn


+@node rdmsr
+@subsection rdmsr
+
+@deffn Command: rdmsr 0xADDR [-v VARNAME]
+Read a model-specific register at address 0xADDR. If the parameter
+@option{-v} is used and an environment variable @var{VARNAME} is
+given, set that environment variable to the value that was read.
+
+Please note that on SMP systems, reading from a MSR that has a
+scope per hardware thread, implies that the value that is returned
+only applies to the particular cpu/core/thread that runs the command.
+
+Also, if you specify a reserved or unimplemented MSR address, it will
+cause a general protection exception (which is not currently being handled)
+and the system will reboot.
+@end deffn
+
+
@node read
@subsection read

@ -5292,6 +5312,21 @@ successfully.  If validation fails, it is set to a non-zero value.
 List available video modes. If resolution is given, show only matching modes.
@end deffn

+@node wrmsr
+@subsection wrmsr
+
+@deffn Command: wrmsr 0xADDR 0xVALUE
+Write a 0xVALUE to a model-specific register at address 0xADDR.
+
+Please note that on SMP systems, writing to a MSR that has a scope
+per hardware thread, implies that the value that is written
+only applies to the particular cpu/core/thread that runs the command.
+
+Also, if you specify a reserved or unimplemented MSR address, it will
+cause a general protection exception (which is not currently being handled)
+and the system will reboot.
+@end deffn
+
@node xen_hypervisor
@subsection xen_hypervisor

@ -5785,11 +5820,11 @@ boot and the shim. This functionality is provided by the shim_lock module. It
 is recommend to build in this and other required modules into the @file{core.img}.
 All modules not stored in the @file{core.img} and the ACPI tables for the
@command{acpi} command have to be signed, e.g. using PGP. Additionally, the
-@command{iorw} and the @command{memrw} commands are prohibited if the UEFI
-secure boot is enabled. This is done due to security reasons. All above
-mentioned requirements are enforced by the shim_lock module. And itself it
-is a persistent module which means that it cannot be unloaded if it was
-loaded into the memory.
+@command{iorw}, the @command{memrw} and the @command{wrmsr} commands are
+prohibited if the UEFI secure boot is enabled. This is done due to
+security reasons. All above mentioned requirements are enforced by the
+shim_lock module. And itself it is a persistent module which means that
+it cannot be unloaded if it was loaded into the memory.

@node Measured Boot
@section Measuring boot components
@ -5900,6 +5935,8 @@ to install to is specified, UUID is used instead as well.
@item USB                @tab yes     @tab yes      @tab yes          @tab yes
@item chainloader        @tab local   @tab yes      @tab yes          @tab no
@item cpuid              @tab partial @tab partial  @tab partial      @tab partial
+@item rdmsr              @tab partial @tab partial  @tab partial      @tab partial
+@item wrmsr              @tab partial @tab partial  @tab partial      @tab partial
@item hints              @tab guess   @tab guess    @tab guess        @tab guess
@item PCI                @tab yes     @tab yes      @tab yes          @tab yes
@item badram             @tab yes     @tab yes      @tab yes          @tab yes
@ -5919,6 +5956,8 @@ to install to is specified, UUID is used instead as well.
@item USB                @tab yes         @tab yes       @tab yes           @tab no
@item chainloader        @tab local       @tab local     @tab no            @tab local
@item cpuid              @tab partial     @tab partial   @tab partial       @tab no
+@item rdmsr              @tab partial     @tab partial   @tab partial       @tab no
+@item wrmsr              @tab partial     @tab partial   @tab partial       @tab no
@item hints              @tab guess       @tab guess     @tab good          @tab guess
@item PCI                @tab yes         @tab yes       @tab yes           @tab no
@item badram             @tab yes         @tab yes       @tab no            @tab yes
@ -5938,6 +5977,8 @@ to install to is specified, UUID is used instead as well.
@item USB                @tab yes         @tab no      @tab no      @tab no
@item chainloader        @tab yes         @tab no      @tab no      @tab no
@item cpuid              @tab no          @tab no      @tab no      @tab no
+@item rdmsr              @tab no          @tab no      @tab no      @tab no
+@item wrmsr              @tab no          @tab no      @tab no      @tab no
@item hints              @tab good        @tab good    @tab good    @tab no
@item PCI                @tab yes         @tab no      @tab no      @tab no
@item badram             @tab yes (*)     @tab no      @tab no      @tab no
@ -5957,6 +5998,8 @@ to install to is specified, UUID is used instead as well.
@item USB                @tab N/A       @tab yes         @tab no
@item chainloader        @tab yes       @tab no          @tab yes
@item cpuid              @tab no        @tab no          @tab yes
+@item rdmsr              @tab no        @tab no          @tab yes
+@item wrmsr              @tab no        @tab no          @tab yes
@item hints              @tab guess     @tab no          @tab no
@item PCI                @tab no        @tab no          @tab no
@item badram             @tab yes (*)   @tab no          @tab no