Re: [BUG?] unchecked MSR access error: WRMSR to 0x19c
From: Rui Salvaterra
Date: Fri Apr 07 2023 - 15:00:16 EST
Hi, Srinivas,
On Thu, 6 Apr 2023 at 23:31, srinivas pandruvada
<srinivas.pandruvada@xxxxxxxxxxxxxxx> wrote:
>
> Please send output of : cpuid -1
Attached.
> Also please try this:
>
> #wrmsr 0x19c 0xaaa8
> This should give "wrmsr: CPU 0 cannot set MSR 0x0000019c to 0x000000000000aaa8
Indeed, it does:
wrmsr: CPU 0 cannot set MSR 0x0000019c to 0x000000000000aaa8
> #wrmsr 0x19c 0x0aa8
>
> I think this will not return error.
Correct, no error writing 0x0aa8.
I'll soon test the patch you sent me.
Kind regards,
Rui
CPU:
vendor_id = "GenuineIntel"
version information (1/eax):
processor type = primary processor (0)
family = 0x6 (6)
model = 0x6 (6)
stepping id = 0x1 (1)
extended family = 0x0 (0)
extended model = 0x4 (4)
(family synth) = 0x6 (6)
(model synth) = 0x46 (70)
(simple synth) = Intel Core (unknown type) (Crystal Well C1) {Haswell}, 22nm
miscellaneous (1/ebx):
process local APIC physical ID = 0x7 (7)
maximum IDs for CPUs in pkg = 0x10 (16)
CLFLUSH line size = 0x8 (8)
brand index = 0x0 (0)
brand id = 0x00 (0): unknown
feature information (1/edx):
x87 FPU on chip = true
VME: virtual-8086 mode enhancement = true
DE: debugging extensions = true
PSE: page size extensions = true
TSC: time stamp counter = true
RDMSR and WRMSR support = true
PAE: physical address extensions = true
MCE: machine check exception = true
CMPXCHG8B inst. = true
APIC on chip = true
SYSENTER and SYSEXIT = true
MTRR: memory type range registers = true
PTE global bit = true
MCA: machine check architecture = true
CMOV: conditional move/compare instr = true
PAT: page attribute table = true
PSE-36: page size extension = true
PSN: processor serial number = false
CLFLUSH instruction = true
DS: debug store = true
ACPI: thermal monitor and clock ctrl = true
MMX Technology = true
FXSAVE/FXRSTOR = true
SSE extensions = true
SSE2 extensions = true
SS: self snoop = true
hyper-threading / multi-core supported = true
TM: therm. monitor = true
IA64 = false
PBE: pending break event = true
feature information (1/ecx):
PNI/SSE3: Prescott New Instructions = true
PCLMULDQ instruction = true
DTES64: 64-bit debug store = true
MONITOR/MWAIT = true
CPL-qualified debug store = true
VMX: virtual machine extensions = true
SMX: safer mode extensions = false
Enhanced Intel SpeedStep Technology = true
TM2: thermal monitor 2 = true
SSSE3 extensions = true
context ID: adaptive or shared L1 data = false
SDBG: IA32_DEBUG_INTERFACE = true
FMA instruction = true
CMPXCHG16B instruction = true
xTPR disable = true
PDCM: perfmon and debug = true
PCID: process context identifiers = true
DCA: direct cache access = false
SSE4.1 extensions = true
SSE4.2 extensions = true
x2APIC: extended xAPIC support = true
MOVBE instruction = true
POPCNT instruction = true
time stamp counter deadline = true
AES instruction = true
XSAVE/XSTOR states = true
OS-enabled XSAVE/XSTOR = true
AVX: advanced vector extensions = true
F16C half-precision convert instruction = true
RDRAND instruction = true
hypervisor guest status = false
cache and TLB information (2):
0x63: data TLB: 2M/4M pages, 4-way, 32 entries
data TLB: 1G pages, 4-way, 4 entries
0x03: data TLB: 4K pages, 4-way, 64 entries
0x76: instruction TLB: 2M/4M pages, fully, 8 entries
0xff: cache data is in CPUID leaf 4
0xb5: instruction TLB: 4K, 8-way, 64 entries
0xf0: 64 byte prefetching
0xc1: L2 TLB: 4K/2M pages, 8-way, 1024 entries
processor serial number = 0004-0661-0000-0000-0000-0000
deterministic cache parameters (4):
--- cache 0 ---
cache type = data cache (1)
cache level = 0x1 (1)
self-initializing cache level = true
fully associative cache = false
maximum IDs for CPUs sharing cache = 0x1 (1)
maximum IDs for cores in pkg = 0x7 (7)
system coherency line size = 0x40 (64)
physical line partitions = 0x1 (1)
ways of associativity = 0x8 (8)
number of sets = 0x40 (64)
WBINVD/INVD acts on lower caches = false
inclusive to lower caches = false
complex cache indexing = false
number of sets (s) = 64
(size synth) = 32768 (32 KB)
--- cache 1 ---
cache type = instruction cache (2)
cache level = 0x1 (1)
self-initializing cache level = true
fully associative cache = false
maximum IDs for CPUs sharing cache = 0x1 (1)
maximum IDs for cores in pkg = 0x7 (7)
system coherency line size = 0x40 (64)
physical line partitions = 0x1 (1)
ways of associativity = 0x8 (8)
number of sets = 0x40 (64)
WBINVD/INVD acts on lower caches = false
inclusive to lower caches = false
complex cache indexing = false
number of sets (s) = 64
(size synth) = 32768 (32 KB)
--- cache 2 ---
cache type = unified cache (3)
cache level = 0x2 (2)
self-initializing cache level = true
fully associative cache = false
maximum IDs for CPUs sharing cache = 0x1 (1)
maximum IDs for cores in pkg = 0x7 (7)
system coherency line size = 0x40 (64)
physical line partitions = 0x1 (1)
ways of associativity = 0x8 (8)
number of sets = 0x200 (512)
WBINVD/INVD acts on lower caches = false
inclusive to lower caches = false
complex cache indexing = false
number of sets (s) = 512
(size synth) = 262144 (256 KB)
--- cache 3 ---
cache type = unified cache (3)
cache level = 0x3 (3)
self-initializing cache level = true
fully associative cache = false
maximum IDs for CPUs sharing cache = 0xf (15)
maximum IDs for cores in pkg = 0x7 (7)
system coherency line size = 0x40 (64)
physical line partitions = 0x1 (1)
ways of associativity = 0xc (12)
number of sets = 0x2000 (8192)
WBINVD/INVD acts on lower caches = false
inclusive to lower caches = true
complex cache indexing = true
number of sets (s) = 8192
(size synth) = 6291456 (6 MB)
--- cache 4 ---
cache type = unified cache (3)
cache level = 0x4 (4)
self-initializing cache level = true
fully associative cache = false
maximum IDs for CPUs sharing cache = 0xf (15)
maximum IDs for cores in pkg = 0x7 (7)
system coherency line size = 0x40 (64)
physical line partitions = 0x10 (16)
ways of associativity = 0x10 (16)
number of sets = 0x2000 (8192)
WBINVD/INVD acts on lower caches = false
inclusive to lower caches = false
complex cache indexing = true
number of sets (s) = 8192
(size synth) = 134217728 (128 MB)
--- cache 5 ---
cache type = no more caches (0)
MONITOR/MWAIT (5):
smallest monitor-line size (bytes) = 0x40 (64)
largest monitor-line size (bytes) = 0x40 (64)
enum of Monitor-MWAIT exts supported = true
supports intrs as break-event for MWAIT = true
number of C0 sub C-states using MWAIT = 0x0 (0)
number of C1 sub C-states using MWAIT = 0x2 (2)
number of C2 sub C-states using MWAIT = 0x1 (1)
number of C3 sub C-states using MWAIT = 0x2 (2)
number of C4 sub C-states using MWAIT = 0x0 (0)
number of C5 sub C-states using MWAIT = 0x0 (0)
number of C6 sub C-states using MWAIT = 0x0 (0)
number of C7 sub C-states using MWAIT = 0x0 (0)
Thermal and Power Management Features (6):
digital thermometer = true
Intel Turbo Boost Technology = true
ARAT always running APIC timer = true
PLN power limit notification = true
ECMD extended clock modulation duty = true
PTM package thermal management = true
HWP base registers = false
HWP notification = false
HWP activity window = false
HWP energy performance preference = false
HWP package level request = false
HDC base registers = false
Intel Turbo Boost Max Technology 3.0 = false
HWP capabilities = false
HWP PECI override = false
flexible HWP = false
IA32_HWP_REQUEST MSR fast access mode = false
HW_FEEDBACK MSRs supported = false
ignoring idle logical processor HWP req = false
Thread Director = false
IA32_HW_FEEDBACK_THREAD_CONFIG bit 25 = false
digital thermometer thresholds = 0x2 (2)
hardware coordination feedback = true
ACNT2 available = false
performance-energy bias capability = true
number of enh hardware feedback classes = 0x0 (0)
performance capability reporting = false
energy efficiency capability reporting = false
size of feedback struct (4KB pages) = 0x1 (1)
index of CPU's row in feedback struct = 0x0 (0)
extended feature flags (7):
FSGSBASE instructions = true
IA32_TSC_ADJUST MSR supported = true
SGX: Software Guard Extensions supported = false
BMI1 instructions = true
HLE hardware lock elision = false
AVX2: advanced vector extensions 2 = true
FDP_EXCPTN_ONLY = false
SMEP supervisor mode exec protection = true
BMI2 instructions = true
enhanced REP MOVSB/STOSB = true
INVPCID instruction = true
RTM: restricted transactional memory = false
RDT-CMT/PQoS cache monitoring = false
deprecated FPU CS/DS = true
MPX: intel memory protection extensions = false
RDT-CAT/PQE cache allocation = false
AVX512F: AVX-512 foundation instructions = false
AVX512DQ: double & quadword instructions = false
RDSEED instruction = false
ADX instructions = false
SMAP: supervisor mode access prevention = false
AVX512IFMA: integer fused multiply add = false
PCOMMIT instruction = false
CLFLUSHOPT instruction = false
CLWB instruction = false
Intel processor trace = false
AVX512PF: prefetch instructions = false
AVX512ER: exponent & reciprocal instrs = false
AVX512CD: conflict detection instrs = false
SHA instructions = false
AVX512BW: byte & word instructions = false
AVX512VL: vector length = false
PREFETCHWT1 = false
AVX512VBMI: vector byte manipulation = false
UMIP: user-mode instruction prevention = false
PKU protection keys for user-mode = false
OSPKE CR4.PKE and RDPKRU/WRPKRU = false
WAITPKG instructions = false
AVX512_VBMI2: byte VPCOMPRESS, VPEXPAND = false
CET_SS: CET shadow stack = false
GFNI: Galois Field New Instructions = false
VAES instructions = false
VPCLMULQDQ instruction = false
AVX512_VNNI: neural network instructions = false
AVX512_BITALG: bit count/shiffle = false
TME: Total Memory Encryption = false
AVX512: VPOPCNTDQ instruction = false
LA57: 57-bit addrs & 5-level paging = false
BNDLDX/BNDSTX MAWAU value in 64-bit mode = 0x0 (0)
RDPID: read processor ID supported = false
KL: key locker = false
bus lock detection = false
CLDEMOTE supports cache line demote = false
MOVDIRI instruction = false
MOVDIR64B instruction = false
ENQCMD instruction = false
SGX_LC: SGX launch config supported = false
PKS: supervisor protection keys = false
SGX-KEYS: SGX attestation services = false
AVX512_4VNNIW: neural network instrs = false
AVX512_4FMAPS: multiply acc single prec = false
fast short REP MOV = false
UINTR: user interrupts = false
AVX512_VP2INTERSECT: intersect mask regs = false
IA32_MCU_OPT_CTRL SRBDS mitigation MSR = true
VERW MD_CLEAR microcode support = true
RTM transaction always aborts = false
IA32_TSX_FORCE_ABORT MSR = false
SERIALIZE instruction = false
hybrid part = false
TSXLDTRK: TSX suspend load addr tracking = false
PCONFIG instruction = false
LBR: architectural last branch records = false
CET_IBT: CET indirect branch tracking = false
AMX-BF16: tile bfloat16 support = false
AVX512_FP16: fp16 support = false
AMX-TILE: tile architecture support = false
AMX-INT8: tile 8-bit integer support = false
IBRS/IBPB: indirect branch restrictions = true
STIBP: 1 thr indirect branch predictor = true
L1D_FLUSH: IA32_FLUSH_CMD MSR = true
IA32_ARCH_CAPABILITIES MSR = false
IA32_CORE_CAPABILITIES MSR = false
SSBD: speculative store bypass disable = true
Direct Cache Access Parameters (9):
PLATFORM_DCA_CAP MSR bits = 0
Architecture Performance Monitoring Features (0xa):
version ID = 0x3 (3)
number of counters per logical processor = 0x4 (4)
bit width of counter = 0x30 (48)
length of EBX bit vector = 0x7 (7)
core cycle event = available
instruction retired event = available
reference cycles event = available
last-level cache ref event = available
last-level cache miss event = available
branch inst retired event = available
branch mispred retired event = available
top-down slots event = not available
fixed counter 0 supported = false
fixed counter 1 supported = false
fixed counter 2 supported = false
fixed counter 3 supported = false
fixed counter 4 supported = false
fixed counter 5 supported = false
fixed counter 6 supported = false
fixed counter 7 supported = false
fixed counter 8 supported = false
fixed counter 9 supported = false
fixed counter 10 supported = false
fixed counter 11 supported = false
fixed counter 12 supported = false
fixed counter 13 supported = false
fixed counter 14 supported = false
fixed counter 15 supported = false
fixed counter 16 supported = false
fixed counter 17 supported = false
fixed counter 18 supported = false
fixed counter 19 supported = false
fixed counter 20 supported = false
fixed counter 21 supported = false
fixed counter 22 supported = false
fixed counter 23 supported = false
fixed counter 24 supported = false
fixed counter 25 supported = false
fixed counter 26 supported = false
fixed counter 27 supported = false
fixed counter 28 supported = false
fixed counter 29 supported = false
fixed counter 30 supported = false
fixed counter 31 supported = false
number of contiguous fixed counters = 0x3 (3)
bit width of fixed counters = 0x30 (48)
anythread deprecation = false
x2APIC features / processor topology (0xb):
extended APIC ID = 7
--- level 0 ---
level number = 0x0 (0)
level type = thread (1)
bit width of level = 0x1 (1)
number of logical processors at level = 0x2 (2)
--- level 1 ---
level number = 0x1 (1)
level type = core (2)
bit width of level = 0x4 (4)
number of logical processors at level = 0x8 (8)
--- level 2 ---
level number = 0x2 (2)
level type = invalid (0)
bit width of level = 0x0 (0)
number of logical processors at level = 0x0 (0)
XSAVE features (0xd/0):
XCR0 valid bit field mask = 0x0000000000000007
x87 state = true
SSE state = true
AVX state = true
MPX BNDREGS = false
MPX BNDCSR = false
AVX-512 opmask = false
AVX-512 ZMM_Hi256 = false
AVX-512 Hi16_ZMM = false
PKRU state = false
XTILECFG state = false
XTILEDATA state = false
bytes required by fields in XCR0 = 0x00000340 (832)
bytes required by XSAVE/XRSTOR area = 0x00000340 (832)
XSAVEOPT instruction = true
XSAVEC instruction = false
XGETBV instruction = false
XSAVES/XRSTORS instructions = false
XFD: extended feature disable supported = false
SAVE area size in bytes = 0x00000000 (0)
IA32_XSS valid bit field mask = 0x0000000000000000
PT state = false
PASID state = false
CET_U user state = false
CET_S supervisor state = false
HDC state = false
UINTR state = false
LBR state = false
HWP state = false
AVX/YMM features (0xd/2):
AVX/YMM save state byte size = 0x00000100 (256)
AVX/YMM save state byte offset = 0x00000240 (576)
supported in IA32_XSS or XCR0 = XCR0 (user state)
64-byte alignment in compacted XSAVE = false
XFD faulting supported = false
extended feature flags (0x80000001/edx):
SYSCALL and SYSRET instructions = true
execution disable = true
1-GB large page support = true
RDTSCP = true
64-bit extensions technology available = true
Intel feature flags (0x80000001/ecx):
LAHF/SAHF supported in 64-bit mode = true
LZCNT advanced bit manipulation = true
3DNow! PREFETCH/PREFETCHW instructions = false
brand = "Intel(R) Core(TM) i7-4770R CPU @ 3.20GHz"
L1 TLB/cache information: 2M/4M pages & L1 TLB (0x80000005/eax):
instruction # entries = 0x0 (0)
instruction associativity = 0x0 (0)
data # entries = 0x0 (0)
data associativity = 0x0 (0)
L1 TLB/cache information: 4K pages & L1 TLB (0x80000005/ebx):
instruction # entries = 0x0 (0)
instruction associativity = 0x0 (0)
data # entries = 0x0 (0)
data associativity = 0x0 (0)
L1 data cache information (0x80000005/ecx):
line size (bytes) = 0x0 (0)
lines per tag = 0x0 (0)
associativity = 0x0 (0)
size (KB) = 0x0 (0)
L1 instruction cache information (0x80000005/edx):
line size (bytes) = 0x0 (0)
lines per tag = 0x0 (0)
associativity = 0x0 (0)
size (KB) = 0x0 (0)
L2 TLB/cache information: 2M/4M pages & L2 TLB (0x80000006/eax):
instruction # entries = 0x0 (0)
instruction associativity = L2 off (0)
data # entries = 0x0 (0)
data associativity = L2 off (0)
L2 TLB/cache information: 4K pages & L2 TLB (0x80000006/ebx):
instruction # entries = 0x0 (0)
instruction associativity = L2 off (0)
data # entries = 0x0 (0)
data associativity = L2 off (0)
L2 unified cache information (0x80000006/ecx):
line size (bytes) = 0x40 (64)
lines per tag = 0x0 (0)
associativity = 8 to 15-way (6)
size (KB) = 0x100 (256)
L3 cache information (0x80000006/edx):
line size (bytes) = 0x0 (0)
lines per tag = 0x0 (0)
associativity = L2 off (0)
size (in 512KB units) = 0x0 (0)
RAS Capability (0x80000007/ebx):
MCA overflow recovery support = false
SUCCOR support = false
HWA: hardware assert support = false
scalable MCA support = false
Advanced Power Management Features (0x80000007/ecx):
CmpUnitPwrSampleTimeRatio = 0x0 (0)
Advanced Power Management Features (0x80000007/edx):
TS: temperature sensing diode = false
FID: frequency ID control = false
VID: voltage ID control = false
TTP: thermal trip = false
TM: thermal monitor = false
STC: software thermal control = false
100 MHz multiplier control = false
hardware P-State control = false
TscInvariant = true
CPB: core performance boost = false
read-only effective frequency interface = false
processor feedback interface = false
APM power reporting = false
connected standby = false
RAPL: running average power limit = false
Physical Address and Linear Address Size (0x80000008/eax):
maximum physical address bits = 0x27 (39)
maximum linear (virtual) address bits = 0x30 (48)
maximum guest physical address bits = 0x0 (0)
Extended Feature Extensions ID (0x80000008/ebx):
CLZERO instruction = false
instructions retired count support = false
always save/restore error pointers = false
INVLPGB instruction = false
RDPRU instruction = false
memory bandwidth enforcement = false
MCOMMIT instruction = false
WBNOINVD instruction = false
IBPB: indirect branch prediction barrier = false
interruptible WBINVD, WBNOINVD = false
IBRS: indirect branch restr speculation = false
STIBP: 1 thr indirect branch predictor = false
CPU prefers: IBRS always on = false
CPU prefers: STIBP always on = false
IBRS preferred over software solution = false
IBRS provides same mode protection = false
EFER[LMSLE] not supported = false
INVLPGB supports TLB flush guest nested = false
ppin processor id number supported = false
SSBD: speculative store bypass disable = false
virtualized SSBD = false
SSBD fixed in hardware = false
CPPC: collaborative processor perf ctrl = false
PSFD: predictive store forward disable = false
not vulnerable to branch type confusion = false
branch sampling feature support = false
(vuln to branch type confusion synth) = true
Size Identifiers (0x80000008/ecx):
number of CPU cores = 0x1 (1)
ApicIdCoreIdSize = 0x0 (0)
performance time-stamp counter size = 40 bits (0)
Feature Extended Size (0x80000008/edx):
max page count for INVLPGB instruction = 0x0 (0)
RDPRU instruction max input support = 0x0 (0)
(multi-processing synth) = multi-core (c=4), hyper-threaded (t=2)
(multi-processing method) = Intel leaf 0xb
(APIC widths synth): CORE_width=4 SMT_width=1
(APIC synth): PKG_ID=0 CORE_ID=3 SMT_ID=1
(uarch synth) = Intel Haswell {Haswell}, 22nm
(synth) = Intel Core i*-4000 / Mobile Core i*-4000 (Desktop R) (Crystal Well C1) {Haswell}, 22nm