CPUID Enumeration and Architectural MSRs

Published:01/03/2018

Processors Affected by Speculative Execution Side Channel Issues

Refer to the articles below for lists of processors affected by various speculative execution side channel issues.

CPUID Enumeration for Mitigations

Processor support for the new mitigation mechanisms is enumerated using the CPUID instruction and several architectural MSRs. To find the mapping between a processor's CPUID and its Family/Model number, refer to the Intel® 64 and IA-32 Architectures Software Developer Manuals, Vol 2A, table 3-8 and the INPUT EAX = 01H: Returns Model, Family, Stepping Information section.

The CPUID instruction enumerates support for the mitigation mechanisms using five feature flags in CPUID.(EAX=7H,ECX=0):EDX:

  • CPUID.(EAX=7H,ECX=0):EDX[10] enumerates support for additional functionality that will flush microarchitectural structures as listed here.
  • CPUID.(EAX=7H,ECX=0):EDX[26] enumerates support for indirect branch restricted speculation (IBRS) and the indirect branch predictor barrier (IBPB). Processors that set this bit support the IA32_SPEC_CTRL MSR and the IA32_PRED_CMD MSR. They allow software to set IA32_SPEC_CTRL[0] (IBRS) and IA32_PRED_CMD[0] (IBPB).
  • CPUID.(EAX=7H,ECX=0):EDX[27] enumerates support for single thread indirect branch predictors (STIBP). Processors that set this bit support the IA32_SPEC_CTRL MSR. They allow software to set IA32_SPEC_CTRL[1] (STIBP).
  • CPUID.(EAX=7H,ECX=0):EDX[28] enumerates support for L1D_FLUSH. Processors that set this bit support the IA32_FLUSH_CMD MSR. They allow software to set IA32_FLUSH_CMD[0] (L1D_FLUSH).
  • CPUID.(EAX=7H,ECX=0):EDX[29] enumerates support for the IA32_ARCH_CAPABILITIES MSR.
  • CPUID.(EAX=7H,ECX=0):EDX[31] enumerates support for Speculative Store Bypass Disable (SSBD). Processors that set this bit support the IA32_SPEC_CTRL MSR. They allow software to set IA32_SPEC_CTRL[2] (SSBD).

The mitigation mechanisms may be introduced to a processor by loading a microcode update. In such cases, software should reevaluate the enumeration after loading that microcode update.

Table 1. Structured Extended Feature Flags Enumeration Leaf (Output depends on ECX input value)

Initial EAX Value Information Provided About the Processor Notes
07H EDX Leaf 07H main leaf (ECX = 0).
If ECX contains an invalid subleaf index, EAX/EBX/ECX/EDX return 0.
    Bit 10: MD_CLEAR supported.
Bits 25-00: Reserved
Bit 26: IBRS and IBPB supported
Bit 27: STIBP supported
Bit 28: L1D_FLUSH supported
Bit 29: IA32_ARCH_CAPABILITIES supported
Bit 30: Reserved
Bit 31: SSBD supported

 

Note The table above is not intended to provide full details of this leaf; see the Intel® 64 and IA-32 Architectures Software Developer’s Manual, Volume 2A (CPUID instruction), for full details on CPUID leaf 07H.

IA32_ARCH_CAPABILITIES MSR

Additional features are enumerated by the IA32_ARCH_CAPABILITIES MSR (MSR index 10AH). This is a read-only MSR that is supported if CPUID.(EAX=7H,ECX=0):EDX[29] is enumerated as 1.

Table 2. IA32_ARCH_CAPABILITIES MSR Details

Register Address Hex Register Address DEC Register Name /
Bit Fields
Bit Description Comment
10AH 266 IA32_ARCH_CAPABILITIES Enumeration of Architectural Features (RO) If CPUID.(EAX-07H, ECX=0):EDX[29]=1
10AH 266 0 RDCL_NO: The processor is not susceptible to Rogue Data Cache Load (RDCL).  
10AH 266 1 IBRS_ALL: the processor supports enhanced Indirect Branch Restriction Speculation (IBRS)  
10AH 266 2 RSBA: The processor supports RSB Alternate. Alternative branch predictors may be used by RET instructions when the RSB is empty. Software using retpoline may be affected by this behavior.  
10AH 266 3 SKIP_L1DFL_VMENTRY: A value of 1 indicates the hypervisor need not flush the L1D on VM entry.  
10AH 266 4 SSB_NO: Processor is not susceptible to Speculative Store Bypass (SSB).   
10AH 266 5 MDS_NO: Processor is not susceptible to Microarchitectural Data Sampling (MDS).  
10AH 266 6 IF_PSCHANGE_MC_NO: The processor is not susceptible to a machine check error due to modifying the size of a code page without TLB invalidation.  
10AH 266 7 TSX_CTRL: The processor supports RTM_DISABLE and TSX_CPUID_CLEAR.  
10AH 266 8 TAA_NO: Processor is not susceptible to Intel® Transactional Synchronization Extensions (Intel® TSX) Asynchronous Abort (TAA).   
10AH 266 63:9 Reserved  

 

IA32_SPEC_CTRL MSR

The IA32_SPEC_CTRL MSR bits are defined as logical processor scope. On some core implementations, the bits may impact sibling logical processors on the same core.

This MSR has a value of 0 after reset and is unaffected by INIT# or SIPI#.

Like IA32_TSC_DEADLINE MSR (MSR index 6E0H), the x2APIC MSRs (MSR indices 802H to 83FH) and IA32_PRED_CMD (MSR index 49H), WRMSR to IA32_SPEC_CTRL (MSR index 48H) is not defined as a serializing instruction.

WRMSR to IA32_SPEC_CTRL does not execute until all prior instructions have completed locally and no later instructions begin execution until the WRMSR completes.

 

Table 3. IA32_SPEC_CTRL MSR Details

Register Address Hex Register Address DEC Register Name /
Bit Fields
Bit Description Comment
48H 72 IA32_SPEC_CTRL Speculation Control (R/W) If any one of the enumeration conditions for the defined bit field positions holds.
48H 72 0 IBRS. Restricts speculation of indirect branch. If CPUID.(EAX=07H, EXC=0):EDX[26]=1
48H 72 1

Single Thread Indirect Branch Predictors (STIBP). Prevents indirect branch predictions on all logical processors on the core from being controlled by any sibling logical processor in the same core

If CPUID.(EAX=07H, ECX=0):EDX[27]=1
48H 72 2 Speculative Store Bypass Disable (SSBD) delays speculative execution of a load until the addresses of all older stores are known If CPUID.(EAX=07H, ECX=0):EDX[31]=1
48H 72 63:4 Reserved  

 

IA32_PRED_CMD MSR

The IA32_PRED_CMD MSR gives software a way to issue commands that affect the state of predictors.

Table 4. IA32_PRED_CMD MSR Details

Register Address Hex Register Address DEC Register Name/
Bit Fields
Bit Description Comment
49H 73 IA_PRED_CMD Prediction Command (WO) If any one of the enumeration conditions for defined bit field positions holds.
49H 73 0 Indirect Branch Prediction Barrier (IBPB) If CPUID.EAX=07H, ECX=0):EDX[26]=1
49H 73 63:1 Reserved  

 

Like IA32_TSC_DEADLINE MSR (MSR index 6E0H), the X2APIC MSRs (MSR indices 802H to 83FH) and IA32_SPEC_CTRL (MSR index 48H), WRMSR to IA32_PRED_CMD (MSR index 49H) is not defined as a serializing instruction.

WRMSR to IA32_PRED_CMD does not execute until all prior instructions have completed locally and no later instructions begin execution until the WRMSR completes.
 

IA32_FLUSH_CMD MSR

The IA32_FLUSH_CMD MSR gives software a way to invalidate structures with finer granularity than other architectural methods.

Like the IA32_TSC_DEADLINE MSR (MSR index 6E0H), the X2APIC MSRs (MSR indices 802H to 83FH), and the IA32_SPEC_CTRL MSR (MSR index 48H), WRMSR to the IA32_FLUSH_CMD MSR (MSR index 10BH) is not defined as a serializing instruction.

WRMSR to the IA32_FLUSH_CMD MSR does not execute until all prior instructions have completed locally, and no later instructions begin execution until the WRMSR completes.


Table 5. IA32_FLUSH_CMD MSR Details

Register Address Hex Register Address DEC Register Name /
Bit Fields
Bit Description Comment
10BH 267 IA_FLUSH_CMD Flush Command (WO) If any one of the enumeration conditions for defined bit field positions holds.
10BH 267 0 L1D_FLUSH: Writeback and invalidate the L1 data cache If CPUID.EAX=07H, ECX=0):EDX[28]=1
10BH 267 63:1 Reserved  

 

IA32_MCU_OPT_CTRL MSR 

As part of the mitigation for Special Register Buffer Data Sampling, Intel added a new thread-scope IA32_MCU_OPT_CTRL MSR (address 123H). The presence of this MSR and RNGDS_MITG_DIS (bit 0) is enumerated by CPUID (EAX=07H,ECX=0).EDX[SRBDS_CTRL = 9]==1. This MSR may be introduced through a microcode update

Setting IA32_MCU_OPT_CTRL[0] (RNGDS_MITG_DIS) to 1 for a logical processor disables the mitigation for RDRAND and RDSEED executed outside of an Intel SGX enclave on that logical processor. Opting out of the mitigation for a particular logical processor does not affect the RDRAND and RDSEED mitigations for other logical processors.

Note that inside of an Intel SGX enclave, the mitigation is applied regardless of the value of RNGDS_MITG_DS.

Table 1: IA32_MCU_OPT_CTRL MSR
Register Address Hex Register Address Dec MSR Name / Bit Fields MSR / Bit Description Comment
123H 291 IA32_MCU_OPT_CTRL Microcode Update Option Control (R/W) If CPUID.(EAX=07H,
ECX=0):EDX[9]=1
    0

RNGDS_MITG_DIS (R/W)
When set to 0 (default), SRBDS mitigation is enabled for RDRAND and RDSEED.
When set to 1, SRBDS mitigation is disabled for RDRAND and RDSEED executed outside of Intel SGX enclaves

 If CPUID.(EAX=07H,
ECX=0):EDX[9]=1
 
    63:1 Reserved  

 

IA32_TSX_CTRL MSR

IA32_ARCH_CAPABILITIES[TSX_CTRL] (bit 7) enumerates that the IA32_TSX_CTRL MSR exists and that TSX_CTRL supports bit 0 (RTM_DISABLE) and bit 1 (TSX_CPUID_CLEAR).

  1. The processor automatically overwrites the affected microarchitecture data buffers when entering or exiting Intel SGX enclaves.
  2. On a hyperthreading-enabled processor, the processor automatically aborts any Intel TSX transaction on one logical processor when the sibling logical processor on the same physical core enters an Intel SGX enclave. The processor also prevents an Intel TSX transaction from starting on one logical processor if the sibling logical processor is currently executing an Intel SGX enclave.

Table 1. Description of IA32_TSX_CTRL MSR

Register Address Register Name / Bit Fields Bit Description Comment
122h IA32_TSX_CTRL   Thread scope. Not architecturally serializing.
Available when CPUID.ARCH_CAP(EAX=7h,ECX=0):EDX[29] = 1 and IA32_ARCH_CAPABILITIES.bit 7 = 1
 
  0 RTM_DISABLE: When set to 1 XBEGIN will always abort with EAX code 0.  
  1 TSX_CPUID_CLEAR: When set to 1 CPUID.07h.EBX.RTM [bit 11] and CPUID.07h.EBX.HLE [bit 4] report 0.
When set to 0 and the SKU supports TSX these bits will return 1.
 
Software Security Guidance Home | Advisory Guidance | Technical Documentation | Best Practices | Resources

 

Product and Performance Information

1

Performance varies by use, configuration and other factors. Learn more at www.Intel.com/PerformanceIndex.