Vol. 2D 6-1
CHAPTER 6
SAFER MODE EXTENSIONS REFERENCE
6.1 OVERVIEW
This chapter describes the Safer Mode Extensions (SMX) for the Intel 64 and IA-32 architectures. Safer Mode
Extensions (SMX) provide a programming interface for system software to establish a measured environment
within the platform to support trust decisions by end users. The measured environment includes:
•
Measured launch of a system executive, referred to as a Measured Launched Environment (MLE)
1
. The system
executive may be based on a Virtual Machine Monitor (VMM), a measured VMM is referred to as MVMM
2
.
•
Mechanisms to ensure the above measurement is protected and stored in a secure location in the platform.
•
Protection mechanisms that allow the VMM to control attempts to modify the VMM.
The measurement and protection mechanisms used by a measured environment are supported by the capabilities
of an Intel
®
Trusted Execution Technology (Intel
®
TXT) platform:
•
The SMX are the processor’s programming interface in an Intel TXT platform.
•
The chipset in an Intel TXT platform provides enforcement of the protection mechanisms.
•
Trusted Platform Module (TPM) 1.2 in the platform provides platform configuration registers (PCRs) to store
software measurement values.
6.2 SMX
FUNCTIONALITY
SMX functionality is provided in an Intel 64 processor through the GETSEC instruction via leaf functions. The
GETSEC instruction supports multiple leaf functions. Leaf functions are selected by the value in EAX at the time
GETSEC is executed. Each GETSEC leaf function is documented separately in the reference pages with a unique
mnemonic (even though these mnemonics share the same opcode, 0F 37).
6.2.1
Detecting and Enabling SMX
Software can detect support for SMX operation using the CPUID instruction. If software executes CPUID with 1 in
EAX, a value of 1 in bit 6 of ECX indicates support for SMX operation (GETSEC is available), see CPUID instruction
for the layout of feature flags of reported by CPUID.01H:ECX.
System software enables SMX operation by setting CR4.SMXE[Bit 14] = 1 before attempting to execute GETSEC.
Otherwise, execution of GETSEC results in the processor signaling an invalid opcode exception (#UD).
If the CPUID SMX feature flag is clear (CPUID.01H.ECX[Bit 6] = 0), attempting to set CR4.SMXE[Bit 14] results in
a general protection exception.
The IA32_FEATURE_CONTROL MSR (at address 03AH) provides feature control bits that configure operation of
VMX and SMX. These bits are documented in Table 6-1.
1. See Intel® Trusted Execution Technology Measured Launched Environment Programming Guide.
2. An MVMM is sometimes referred to as a measured launched environment (MLE). See Intel® Trusted Execution Technology Measured
Launched Environment Programming Guide