security/intel/stm: Add STM support

This update is a combination of all four of the patches so that the
commit can be done without breaking parts of coreboot.  This possible
breakage is because of the cross-dependencies between the original
separate patches would cause failure because of data structure changes.

security/intel/stm

This directory contains the functions that check and move the STM to the
MSEG, create its page tables, and create the BIOS resource list.

The STM page tables is a six page region located in the MSEG and are
pointed to by the CR3 Offset field in the MSEG header.  The initial
page tables will identity map all memory between 0-4G.  The STM starts
in IA32e mode, which requires page tables to exist at startup.

The BIOS resource list defines the resources that the SMI Handler is
allowed to access.  This includes the SMM memory area where the SMI
handler resides and other resources such as I/O devices.  The STM uses
the BIOS resource list to restrict the SMI handler's accesses.

The BIOS resource list is currently located in the same area as the
SMI handler.  This location is shown in the comment section before
smm_load_module in smm_module_loader.c

Note: The files within security/intel/stm come directly from their
Tianocore counterparts.  Unnecessary code has been removed and the
remaining code has been converted to meet coreboot coding requirements.

For more information see:
     SMI Transfer Monitor (STM) User Guide, Intel Corp.,
     August 2015, Rev 1.0, can be found at firmware.intel.com

include/cpu/x86:

Addtions to include/cpu/x86 for STM support.

cpu/x86:

STM Set up - The STM needs to be loaded into the MSEG during BIOS
initialization and the SMM Monitor Control MSR be set to indicate
that an STM is in the system.

cpu/x86/smm:

SMI module loader modifications needed to set up the
SMM descriptors used by the STM during its initialization

Original-Change-Id: If4adcd92c341162630ce1ec357ffcf8a135785ec
Original-Signed-off-by: Eugene D. Myers <edmyers@tycho.nsa.gov>
Original-Reviewed-on: https://review.coreboot.org/c/coreboot/+/33234
Original-Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Original-Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Original-Reviewed-by: ron minnich <rminnich@gmail.com>

(cherry picked from commit ae438be57856e994774ec0e2521d49f1ad09bd6f)
Signed-off-by: Marc Jones <marcjones@sysproconsulting.com>

Change-Id: Ic0131fcada9f43c9817c8a0a942d0419c7023130
Reviewed-on: https://review.coreboot.org/c/coreboot/+/50308
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>

1 files changed, 726 insertions, 0 deletions

diff --git a/src/security/intel/stm/StmApi.h b/src/security/intel/stm/StmApi.h
new file mode 100644
index 000000000000..342ceeacf604
--- /dev/null
+++ b/src/security/intel/stm/StmApi.h
@@ -0,0 +1,726 @@
+/* @file
+ * STM API definition
+ *
+ * Copyright (c) 2015, Intel Corporation. All rights reserved.
+ * This program and the accompanying materials are licensed and made available
+ * under the terms and conditions of the BSD License which accompanies this
+ * distribution.  The full text of the license may be found at
+ * http://opensource.org/licenses/bsd-license.php.
+ *
+ * THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND,
+ * EITHER EXPRESS OR IMPLIED.
+ *
+ */
+
+#ifndef _STM_API_H_
+#define _STM_API_H_
+
+#include <stdint.h>
+
+// definition in STM spec
+
+#define STM_SPEC_VERSION_MAJOR 1
+#define STM_SPEC_VERSION_MINOR 0
+
+#pragma pack(push, 1)
+
+#define STM_HARDWARE_FIELD_FILL_TO_2K (2048 - sizeof(uint32_t) * 8)
+typedef struct {
+	uint32_t stm_header_revision;
+	uint32_t monitor_features;
+	uint32_t gdtr_limit;
+	uint32_t gdtr_base_offset;
+	uint32_t cs_selector;
+	uint32_t eip_offset;
+	uint32_t esp_offset;
+	uint32_t cr3_offset;
+	uint8_t reserved[STM_HARDWARE_FIELD_FILL_TO_2K];
+} HARDWARE_STM_HEADER;
+
+#define STM_FEATURES_IA32E 0x1
+
+typedef struct {
+	uint32_t intel_64mode_supported : 1;
+	uint32_t ept_supported : 1;
+	uint32_t mbz : 30;
+} STM_FEAT;
+
+typedef struct {
+	uint8_t stm_spec_ver_major;
+	uint8_t stm_pec_ver_minor;
+	uint16_t mbz;
+	uint32_t static_image_size;
+	uint32_t per_proc_dynamic_memory_size;
+	uint32_t additional_dynamic_memory_size;
+	STM_FEAT stm_features;
+	uint32_t number_of_rev_ids;
+	uint32_t stm_smm_rev_id[1];
+
+	// The total STM_HEADER should be 4K.
+} SOFTWARE_STM_HEADER;
+
+typedef struct {
+	HARDWARE_STM_HEADER hw_stm_hdr;
+	SOFTWARE_STM_HEADER sw_stm_hdr;
+} STM_HEADER;
+
+#define SHA1 1
+#define SHA256 2
+typedef struct {
+	uint64_t bios_component_base;
+	uint32_t image_size;
+	uint32_t hash_algorithm; // SHA1 or SHA256
+	uint8_t hash[32];
+} TXT_BIOS_COMPONENT_STATUS;
+
+#define PAGE_SIZE 4096
+typedef struct {
+	uint32_t image_size;
+	uint32_t reserved;
+	uint64_t image_page_base[1]; //[NumberOfPages];
+} TXT_BIOS_COMPONENT_UPDATE;
+
+typedef struct {
+	uint64_t spe_rip;
+	uint64_t spe_rsp;
+	uint16_t spe_ss;
+	uint16_t page_violation_exception : 1;
+	uint16_t msr_violation_exception : 1;
+	uint16_t register_violation_exception : 1;
+	uint16_t io_violation_exception : 1;
+	uint16_t pci_violation_exception : 1;
+	uint16_t reserved1 : 11;
+	uint32_t reserved2;
+} STM_PROTECTION_EXCEPTION_HANDLER;
+
+typedef struct {
+	uint8_t execution_disable_outside_smrr : 1;
+	uint8_t intel_64mode : 1;
+	uint8_t cr4_pae : 1;
+	uint8_t cr4_pse : 1;
+	uint8_t reserved1 : 4;
+} STM_SMM_ENTRY_STATE;
+
+typedef struct {
+	uint8_t smram_to_vmcs_restore_required : 1; // BIOS restore hint
+	uint8_t reinitialize_vmcs_required : 1;     // BIOS request
+	uint8_t reserved2 : 6;
+} STM_SMM_RESUME_STATE;
+
+typedef struct {
+	uint8_t domain_type : 4;    // STM input to BIOS on each SM
+	uint8_t x_state_policy : 2; // STM input to BIOS on each SMI
+	uint8_t ept_enabled : 1;
+	uint8_t reserved3 : 1;
+} STM_SMM_STATE;
+
+typedef struct {
+	uint64_t signature;
+	uint16_t size;
+	uint8_t smm_descriptor_ver_major;
+	uint8_t smm_descriptor_ver_minor;
+	uint32_t local_apic_id;
+	STM_SMM_ENTRY_STATE smm_entry_state;
+	STM_SMM_RESUME_STATE smm_resume_state;
+	STM_SMM_STATE stm_smm_state;
+	uint8_t reserved4;
+	uint16_t smm_cs;
+	uint16_t smm_ds;
+	uint16_t smm_ss;
+	uint16_t smm_other_segment;
+	uint16_t smm_tr;
+	uint16_t reserved5;
+	uint64_t smm_cr3;
+	uint64_t smm_stm_setup_rip;
+	uint64_t smm_stm_teardown_rip;
+	uint64_t smm_smi_handler_rip;
+	uint64_t smm_smi_handler_rsp;
+	uint64_t smm_gdt_ptr;
+	uint32_t smm_gdt_size;
+	uint32_t required_stm_smm_rev_id;
+	STM_PROTECTION_EXCEPTION_HANDLER stm_protection_exception_handler;
+	uint64_t reserved6;
+	uint64_t bios_hw_resource_requirements_ptr;
+	// extend area
+	uint64_t acpi_rsdp;
+	uint8_t physical_address_bits;
+} TXT_PROCESSOR_SMM_DESCRIPTOR;
+
+#define TXT_PROCESSOR_SMM_DESCRIPTOR_SIGNATURE "TXTPSSIG"
+#define TXT_PROCESSOR_SMM_DESCRIPTOR_VERSION_MAJOR 1
+#define TXT_PROCESSOR_SMM_DESCRIPTOR_VERSION_MINOR 0
+
+#define SMM_PSD_OFFSET 0xfb00
+
+typedef enum {
+	TxtSmmPageViolation = 1,
+	TxtSmmMsrViolation,
+	TxtSmmRegisterViolation,
+	TxtSmmIoViolation,
+	TxtSmmPciViolation
+} TXT_SMM_PROTECTION_EXCEPTION_TYPE;
+
+typedef struct {
+	uint32_t rdi;
+	uint32_t rsi;
+	uint32_t rbp;
+	uint32_t rdx;
+	uint32_t rcx;
+	uint32_t rbx;
+	uint32_t rax;
+	uint32_t cr3;
+	uint32_t cr2;
+	uint32_t cr0;
+	uint32_t vmcs_exit_instruction_info;
+	uint32_t vmcs_exit_instruction_length;
+	uint64_t vmcs_exit_qualification;
+	uint32_t error_code; // TXT_SMM_PROTECTION_EXCEPTION_TYPE
+	uint32_t rip;
+	uint32_t cs;
+	uint32_t rflags;
+	uint32_t rsp;
+	uint32_t ss;
+} STM_PROTECTION_EXCEPTION_STACK_FRAME_IA32;
+
+typedef struct {
+	uint64_t r15;
+	uint64_t r14;
+	uint64_t r13;
+	uint64_t r12;
+	uint64_t r11;
+	uint64_t r10;
+	uint64_t r9;
+	uint64_t r8;
+	uint64_t rdi;
+	uint64_t rsi;
+	uint64_t rbp;
+	uint64_t rdx;
+	uint64_t rcx;
+	uint64_t rbx;
+	uint64_t rax;
+	uint64_t cr8;
+	uint64_t cr3;
+	uint64_t cr2;
+	uint64_t cr0;
+	uint64_t vmcs_exit_instruction_info;
+	uint64_t vmcs_exit_instruction_length;
+	uint64_t vmcs_exit_qualification;
+	uint64_t error_code; // TXT_SMM_PROTECTION_EXCEPTION_TYPE
+	uint64_t rip;
+	uint64_t cs;
+	uint64_t rflags;
+	uint64_t rsp;
+	uint64_t ss;
+} STM_PROTECTION_EXCEPTION_STACK_FRAME_X64;
+
+typedef union {
+	STM_PROTECTION_EXCEPTION_STACK_FRAME_IA32 *ia32_stack_frame;
+	STM_PROTECTION_EXCEPTION_STACK_FRAME_X64 *x64_stack_frame;
+} STM_PROTECTION_EXCEPTION_STACK_FRAME;
+
+#define STM_SMM_REV_ID 0x80010100
+
+typedef struct _STM_SMM_CPU_STATE { //       Writable?
+	uint8_t reserved1[0x1d0];   // fc00h
+	uint32_t gdt_base_hi_dword; // fdd0h : NO
+	uint32_t ldt_base_hi_dword; // fdd4h : NO
+	uint32_t idt_base_hi_dword; // fdd8h : NO
+	uint8_t reserved2[0x4];     // fddch
+	uint64_t io_rdi;	    // fde0h : NO
+				    // - restricted
+	uint64_t io_eip;	    // fde8h : YES
+	uint64_t io_rcx;	    // fdf0h : NO
+				    // - restricted
+	uint64_t io_rsi;	    // fdf8h : NO
+				    // - restricted
+	uint8_t reserved3[0x40];    // fe00h
+	uint32_t cr4;		    // fe40h : NO
+	uint8_t reserved4[0x48];    // fe44h
+	uint32_t gdt_base_lo_dword; // fe8ch : NO
+	uint32_t gdt_limit;	 // fe90h : NO
+				    // - RESTRICTED
+	uint32_t idt_base_lo_dword; // fe94h : NO
+	uint32_t idt_limit;	 // fe98h : NO
+				    // - RESTRICTED
+	uint32_t ldt_base_lo_dword; // fe9ch : NO
+	uint32_t ldt_limit;	 // fea0h : NO
+				    // - RESTRICTED
+	uint32_t ldt_info;	  // fea4h : NO
+				    // - RESTRICTED
+	uint8_t reserved5[0x30];    // fea8h
+	uint64_t eptp;		    // fed8h : NO
+	uint32_t enabled_ept;       // fee0h : NO
+	uint8_t reserved6[0x14];    // fee4h
+	uint32_t smbase;	    // fef8h : YES
+				    // - NO for STM
+	uint32_t smm_rev_id;	// fefch : NO
+	uint16_t io_restart;	// ff00h : YES
+	uint16_t auto_halt_restart; // ff02h : YES
+	uint8_t reserved7[0x18];    // ff04h
+	uint64_t r15;		    // ff1ch : YES
+	uint64_t r14;		    // ff24h : YES
+	uint64_t r13;		    // ff2ch : YES
+	uint64_t r12;		    // ff34h : YES
+	uint64_t r11;		    // ff3ch : YES
+	uint64_t r10;		    // ff44h : YES
+	uint64_t r9;		    // ff4ch : YES
+	uint64_t r8;		    // ff54h : YES
+	uint64_t rax;		    // ff5ch : YES
+	uint64_t rcx;		    // ff64h : YES
+	uint64_t rdx;		    // ff6ch : YES
+	uint64_t rbx;		    // ff74h : YES
+	uint64_t rsp;		    // ff7ch : YES
+	uint64_t rbp;		    // ff84h : YES
+	uint64_t rsi;		    // ff8ch : YES
+	uint64_t rdi;		    // ff94h : YES
+	uint64_t io_mem_addr;       // ff9ch : NO
+	uint32_t io_misc;	   // ffa4h : NO
+	uint32_t es;		    // ffa8h : NO
+	uint32_t cs;		    // ffach : NO
+	uint32_t ss;		    // ffb0h : NO
+	uint32_t ds;		    // ffb4h : NO
+	uint32_t fs;		    // ffb8h : NO
+	uint32_t gs;		    // ffbch : NO
+	uint32_t ldtr;		    // ffc0h : NO
+	uint32_t tr;		    // ffc4h : NO
+	uint64_t dr7;		    // ffc8h : NO
+	uint64_t dr6;		    // ffd0h : NO
+	uint64_t rip;		    // ffd8h : YES
+	uint64_t ia32_efer;	 // ffe0h : YES
+				    // - NO for STM
+	uint64_t rflags;	    // ffe8h : YES
+	uint64_t cr3;		    // fff0h : NO
+	uint64_t cr0;		    // fff8h : NO
+} STM_SMM_CPU_STATE;
+
+// STM Mapping
+typedef struct {
+	uint64_t physical_address;
+	uint64_t virtual_ddress;
+	uint32_t Page_count;
+	uint32_t Pat_cache_type;
+} STM_MAP_ADDRESS_RANGE_DESCRIPTOR;
+
+#define ST_UC 0x00
+#define WC 0x01
+#define WT 0x04
+#define WP 0x05
+#define WB 0x06
+#define UC 0x07
+#define FOLLOW_MTRR 0xFFFFFFFF
+
+typedef struct {
+	uint64_t virtual_address;
+	uint32_t length;
+} STM_UNMAP_ADDRESS_RANGE_DESCRIPTOR;
+
+typedef struct {
+	uint64_t interrupted_guest_virtual_address;
+	uint32_t length;
+	uint64_t interrupted_cr3;
+	uint64_t interrupted_eptp;
+	uint32_t map_to_smm_guest : 2;
+	uint32_t interrupted_cr4_pae : 1;
+	uint32_t interrupted_cr4_pse : 1;
+	uint32_t interrupted_ia32e_mode : 1;
+	uint32_t reserved1 : 27;
+	uint32_t reserved2;
+	uint64_t physical_address;
+	uint64_t smm_guest_virtual_address;
+} STM_ADDRESS_LOOKUP_DESCRIPTOR;
+
+#define DO_NOT_MAP 0
+#define ONE_TO_ONE 1
+#define VIRTUAL_ADDRESS_SPECIFIED 3
+
+// STM_RESOURCE_LIST
+#define END_OF_RESOURCES 0
+#define MEM_RANGE 1
+#define IO_RANGE 2
+#define MMIO_RANGE 3
+#define MACHINE_SPECIFIC_REG 4
+#define PCI_CFG_RANGE 5
+#define TRAPPED_IO_RANGE 6
+#define ALL_RESOURCES 7
+#define REGISTER_VIOLATION 8
+#define MAX_DESC_TYPE 8
+
+typedef struct {
+	uint32_t rsc_type;
+	uint16_t length;
+	uint16_t return_status : 1;
+	uint16_t reserved : 14;
+	uint16_t ignore_resource : 1;
+} STM_RSC_DESC_HEADER;
+
+typedef struct {
+	STM_RSC_DESC_HEADER Hdr;
+	uint64_t resource_list_continuation;
+} STM_RSC_END;
+
+// byte granular Memory range support
+#define STM_RSC_BGM 0x4
+
+typedef struct {
+	STM_RSC_DESC_HEADER hdr;
+	uint64_t base;
+	uint64_t length;
+	uint32_t rwx_attributes : 3;
+	uint32_t reserved : 29;
+	uint32_t reserved_2;
+} STM_RSC_MEM_DESC;
+
+#define STM_RSC_MEM_R 0x1
+#define STM_RSC_MEM_W 0x2
+#define STM_RSC_MEM_X 0x4
+
+typedef struct {
+	STM_RSC_DESC_HEADER hdr;
+	uint16_t base;
+	uint16_t length;
+	uint32_t reserved;
+} STM_RSC_IO_DESC;
+
+// byte granular MMIO range support
+#define STM_RSC_BGI 0x2
+
+typedef struct {
+	STM_RSC_DESC_HEADER hdr;
+	uint64_t base;
+	uint64_t length;
+	uint32_t rwx_attributes : 3;
+	uint32_t reserved : 29;
+	uint32_t reserved_2;
+} STM_RSC_MMIO_DESC;
+
+#define STM_RSC_MMIO_R 0x1
+#define STM_RSC_MMIO_W 0x2
+#define STM_RSC_MMIO_X 0x4
+
+typedef struct {
+	STM_RSC_DESC_HEADER hdr;
+	uint32_t msr_index;
+	uint32_t kernel_mode_processing : 1;
+	uint32_t reserved : 31;
+	uint64_t read_mask;
+	uint64_t write_mask;
+} STM_RSC_MSR_DESC;
+
+// bit granular MSR resource support
+#define STM_RSC_MSR 0x8
+
+typedef struct {
+	uint8_t type;    // must be 1, indicating Hardware Device Path
+	uint8_t subtype; // must be 1, indicating PCI
+	uint16_t length; // sizeof(STM_PCI_DEVICE_PATH_NODE) which is 6
+	uint8_t pci_function;
+	uint8_t pci_device;
+} STM_PCI_DEVICE_PATH_NODE;
+
+typedef struct {
+	STM_RSC_DESC_HEADER hdr;
+	uint16_t rw_attributes : 2;
+	uint16_t reserved : 14;
+	uint16_t base;
+	uint16_t length;
+	uint8_t originating_bus_number;
+	uint8_t last_node_index;
+	STM_PCI_DEVICE_PATH_NODE pci_device_path[1];
+	// STM_PCI_DEVICE_PATH_NODE  PciDevicePath[LastNodeIndex + 1];
+} STM_RSC_PCI_CFG_DESC;
+
+#define STM_RSC_PCI_CFG_R 0x1
+#define STM_RSC_PCI_CFG_W 0x2
+
+typedef struct {
+	STM_RSC_DESC_HEADER hdr;
+	uint16_t base;
+	uint16_t length;
+	uint16_t in : 1;
+	uint16_t out : 1;
+	uint16_t api : 1;
+	uint16_t reserved1 : 13;
+	uint16_t reserved2;
+} STM_RSC_TRAPPED_IO_DESC;
+
+typedef struct {
+	STM_RSC_DESC_HEADER hdr;
+} STM_RSC_ALL_RESOURCES_DESC;
+
+typedef struct {
+	STM_RSC_DESC_HEADER hdr;
+	uint32_t register_type;
+	uint32_t reserved;
+	uint64_t readMask;
+	uint64_t write_mask;
+} STM_REGISTER_VIOLATION_DESC;
+
+typedef enum {
+	stm_register_cr0,
+	stm_register_cr2,
+	stm_register_cr3,
+	stm_register_cr4,
+	stm_register_cr8,
+	stm_register_max,
+} STM_REGISTER_VIOLATION_TYPE;
+
+typedef union {
+	STM_RSC_DESC_HEADER header;
+	STM_RSC_END end;
+	STM_RSC_MEM_DESC mem;
+	STM_RSC_IO_DESC io;
+	STM_RSC_MMIO_DESC mmio;
+	STM_RSC_MSR_DESC msr;
+	STM_RSC_PCI_CFG_DESC pci_cfg;
+	STM_RSC_TRAPPED_IO_DESC trapped_io;
+	STM_RSC_ALL_RESOURCES_DESC all;
+	STM_REGISTER_VIOLATION_DESC register_violation;
+} STM_RSC;
+
+// VMCS database
+#define STM_VMCS_DATABASE_REQUEST_ADD 1
+#define STM_VMCS_DATABASE_REQUEST_REMOVE 0
+
+// Values for DomainType
+// Interpreter of DomainType
+#define DOMAIN_DISALLOWED_IO_OUT (1u << 0)
+#define DOMAIN_DISALLOWED_IO_IN (1u << 1)
+#define DOMAIN_INTEGRITY (1u << 2)
+#define DOMAIN_CONFIDENTIALITY (1u << 3)
+
+#define DOMAIN_UNPROTECTED 0x00
+#define DOMAIN_INTEGRITY_PROT_OUT_IN (DOMAIN_INTEGRITY)
+#define DOMAIN_FULLY_PROT_OUT_IN (DOMAIN_CONFIDENTIALITY | DOMAIN_INTEGRITY)
+#define DOMAIN_FULLY_PROT                                                      \
+	(DOMAIN_CONFIDENTIALITY | DOMAIN_INTEGRITY | DOMAIN_DISALLOWED_IO_IN   \
+	 | DOMAIN_DISALLOWED_IO_OUT)
+
+// Values for XStatePolicy
+#define XSTATE_READWRITE 0x00
+#define XSTATE_READONLY 0x01
+#define XSTATE_SCRUB 0x03
+
+typedef struct {
+	uint64_t vmcs_phys_pointer; // bits 11:0 are reserved and must be 0
+	uint32_t domain_type : 4;
+	uint32_t x_state_policy : 2;
+	uint32_t degradation_policy : 4;
+	uint32_t reserved1 : 22; // Must be 0
+	uint32_t add_or_remove;
+} STM_VMCS_DATABASE_REQUEST;
+
+// Event log
+#define NEW_LOG 1
+#define CONFIGURE_LOG 2
+#define START_LOG 3
+#define STOP_LOG 4
+#define CLEAR_LOG 5
+#define DELETE_LOG 6
+typedef enum {
+	evt_log_started,
+	evt_log_stopped,
+	evt_log_invalid_parameter_detected,
+	evt_handled_protection_exception,
+	// unhandled protection exceptions result in reset & cannot be logged
+	evt_bios_access_to_unclaimed_resource,
+	evt_mle_resource_protection_granted,
+	evt_mle_resource_protection_denied,
+	evt_mle_resource_unprotect,
+	evt_mle_resource_unprotect_error,
+	evt_mle_domain_type_degraded,
+	// add more here
+	evt_mle_max,
+	// Not used
+	evt_invalid = 0xFFFFFFFF,
+} EVENT_TYPE;
+
+typedef struct {
+	uint32_t page_count;
+	uint64_t pages[1]; // number of elements is PageCount
+} STM_EVENT_LOG_MANAGEMENT_REQUEST_DATA_LOG_BUFFER;
+
+typedef union {
+	STM_EVENT_LOG_MANAGEMENT_REQUEST_DATA_LOG_BUFFER log_buffer;
+	uint32_t event_enable_bitmap; // bitmap of EVENT_TYPE
+} STM_EVENT_LOG_MANAGEMENT_REQUEST_DATA;
+
+typedef struct {
+	uint32_t sub_functionindex;
+	STM_EVENT_LOG_MANAGEMENT_REQUEST_DATA data;
+} STM_EVENT_LOG_MANAGEMENT_REQUEST;
+
+// VMCALL API Numbers
+//
+// API number convention: BIOS facing VMCALL interfaces have bit 16 clear
+#define STM_API_MAP_ADDRESS_RANGE 0x00000001
+#define STM_API_UNMAP_ADDRESS_RANGE 0x00000002
+#define STM_API_ADDRESS_LOOKUP 0x00000003
+#define STM_API_RETURN_FROM_PROTECTION_EXCEPTION 0x00000004
+
+// API number convention: MLE facing VMCALL interfaces have bit 16 set
+//
+// The STM configuration lifecycle is as follows:
+// 1. SENTER->SINIT->MLE: MLE begins execution with SMI disabled (masked).
+// 2. MLE invokes InitializeProtectionVMCALL() to prepare STM for setup of
+//    initial protection profile. This is done on a single CPU and has global
+//    effect.
+// 3. MLE invokes ProtectResourceVMCALL() to define the initial protection
+//    profile. The protection profile is global across all CPUs.
+// 4. MLE invokes StartStmVMCALL() to enable the STM to begin receiving SMI
+//    events. This must be done on every logical CPU.
+// 5. MLE may invoke ProtectResourceVMCALL() or UnProtectResourceVMCALL()
+//    during runtime as many times as necessary.
+// 6. MLE invokes StopStmVMCALL() to disable the STM. SMI is again masked
+//    following StopStmVMCALL().
+//
+#define STM_API_START 0x00010001
+#define STM_API_STOP 0x00010002
+#define STM_API_PROTECT_RESOURCE 0x00010003
+#define STM_API_UNPROTECT_RESOURCE 0x00010004
+#define STM_API_GET_BIOS_RESOURCES 0x00010005
+#define STM_API_MANAGE_VMCS_DATABASE 0x00010006
+#define STM_API_INITIALIZE_PROTECTION 0x00010007
+#define STM_API_MANAGE_EVENT_LOG 0x00010008
+
+// Return codes
+typedef uint32_t STM_STATUS;
+
+#define STM_SUCCESS 0x00000000
+#define SMM_SUCCESS 0x00000000
+// all error codes have bit 31 set
+// STM errors have bit 16 set
+#define ERROR_STM_SECURITY_VIOLATION 0x80010001
+#define ERROR_STM_CACHE_TYPE_NOT_SUPPORTED 0x80010002
+#define ERROR_STM_PAGE_NOT_FOUND 0x80010003
+#define ERROR_STM_BAD_CR3 0x80010004
+#define ERROR_STM_PHYSICAL_OVER_4G 0x80010005
+#define ERROR_STM_VIRTUAL_SPACE_TOO_SMALL 0x80010006
+#define ERROR_STM_UNPROTECTABLE_RESOURCE 0x80010007
+#define ERROR_STM_ALREADY_STARTED 0x80010008
+#define ERROR_STM_WITHOUT_SMX_UNSUPPORTED 0x80010009
+#define ERROR_STM_STOPPED 0x8001000A
+#define ERROR_STM_BUFFER_TOO_SMALL 0x8001000B
+#define ERROR_STM_INVALID_VMCS_DATABASE 0x8001000C
+#define ERROR_STM_MALFORMED_RESOURCE_LIST 0x8001000D
+#define ERROR_STM_INVALID_PAGECOUNT 0x8001000E
+#define ERROR_STM_LOG_ALLOCATED 0x8001000F
+#define ERROR_STM_LOG_NOT_ALLOCATED 0x80010010
+#define ERROR_STM_LOG_NOT_STOPPED 0x80010011
+#define ERROR_STM_LOG_NOT_STARTED 0x80010012
+#define ERROR_STM_RESERVED_BIT_SET 0x80010013
+#define ERROR_STM_NO_EVENTS_ENABLED 0x80010014
+#define ERROR_STM_OUT_OF_RESOURCES 0x80010015
+#define ERROR_STM_FUNCTION_NOT_SUPPORTED 0x80010016
+#define ERROR_STM_UNPROTECTABLE 0x80010017
+#define ERROR_STM_UNSUPPORTED_MSR_BIT 0x80010018
+#define ERROR_STM_UNSPECIFIED 0x8001FFFF
+
+// SMM errors have bit 17 set
+#define ERROR_SMM_BAD_BUFFER 0x80020001
+#define ERROR_SMM_INVALID_RSC 0x80020004
+#define ERROR_SMM_INVALID_BUFFER_SIZE 0x80020005
+#define ERROR_SMM_BUFFER_TOO_SHORT 0x80020006
+#define ERROR_SMM_INVALID_LIST 0x80020007
+#define ERROR_SMM_OUT_OF_MEMORY 0x80020008
+#define ERROR_SMM_AFTER_INIT 0x80020009
+#define ERROR_SMM_UNSPECIFIED 0x8002FFFF
+
+// Errors that apply to both have bits 15, 16, and 17 set
+#define ERROR_INVALID_API 0x80038001
+#define ERROR_INVALID_PARAMETER 0x80038002
+
+// STM TXT.ERRORCODE codes
+#define STM_CRASH_PROTECTION_EXCEPTION 0xC000F001
+#define STM_CRASH_PROTECTION_EXCEPTION_FAILURE 0xC000F002
+#define STM_CRASH_DOMAIN_DEGRADATION_FAILURE 0xC000F003
+#define STM_CRASH_BIOS_PANIC 0xC000E000
+
+typedef struct {
+	uint32_t event_serial_number;
+	uint16_t type;
+	uint16_t lock : 1;
+	uint16_t valid : 1;
+	uint16_t read_by_mle : 1;
+	uint16_t wrapped : 1;
+	uint16_t reserved : 12;
+} LOG_ENTRY_HEADER;
+
+typedef struct {
+	uint32_t reserved;
+} ENTRY_EVT_LOG_STARTED;
+
+typedef struct {
+	uint32_t reserved;
+} ENTRY_EVT_LOG_STOPPED;
+
+typedef struct {
+	uint32_t vmcall_api_number;
+} ENTRY_EVT_LOG_INVALID_PARAM;
+
+typedef struct {
+	STM_RSC resource;
+} ENTRY_EVT_LOG_HANDLED_PROTECTION_EXCEPTION;
+
+typedef struct {
+	STM_RSC resource;
+} ENTRY_EVT_BIOS_ACCESS_UNCLAIMED_RSC;
+
+typedef struct {
+	STM_RSC resource;
+} ENTRY_EVT_MLE_RSC_PROT_GRANTED;
+
+typedef struct {
+	STM_RSC resource;
+} ENTRY_EVT_MLE_RSC_PROT_DENIED;
+
+typedef struct {
+	STM_RSC resource;
+} ENTRY_EVT_MLE_RSC_UNPROT;
+
+typedef struct {
+	STM_RSC resource;
+} ENTRY_EVT_MLE_RSC_UNPROT_ERROR;
+
+typedef struct {
+	uint64_t vmcs_phys_pointer;
+	uint8_t expected_domain_type;
+	uint8_t degraded_domain_type;
+} ENTRY_EVT_MLE_DOMAIN_TYPE_DEGRADED;
+
+typedef union {
+	ENTRY_EVT_LOG_STARTED started;
+	ENTRY_EVT_LOG_STOPPED stopped;
+	ENTRY_EVT_LOG_INVALID_PARAM invalid_param;
+	ENTRY_EVT_LOG_HANDLED_PROTECTION_EXCEPTION
+	handled_protection_exception;
+	ENTRY_EVT_BIOS_ACCESS_UNCLAIMED_RSC bios_unclaimed_rsc;
+	ENTRY_EVT_MLE_RSC_PROT_GRANTED mle_rsc_prot_granted;
+	ENTRY_EVT_MLE_RSC_PROT_DENIED mle_rsc_prot_denied;
+	ENTRY_EVT_MLE_RSC_UNPROT mle_rsc_unprot;
+	ENTRY_EVT_MLE_RSC_UNPROT_ERROR mle_rsc_unprot_error;
+	ENTRY_EVT_MLE_DOMAIN_TYPE_DEGRADED mle_domain_type_degraded;
+} LOG_ENTRY_DATA;
+
+typedef struct {
+	LOG_ENTRY_HEADER hdr;
+	LOG_ENTRY_DATA data;
+} STM_LOG_ENTRY;
+
+#define STM_LOG_ENTRY_SIZE 256
+#define STM_CONFIG_SMI_UNBLOCKING_BY_VMX_OFF 0x1
+
+// TXT debug
+#define SW_SMI_STM_ADD_RUNTIME_RESOURCES_SUB_FUNC 0
+#define SW_SMI_STM_READ_BIOS_RESOURCES_SUB_FUNC 1
+#define SW_SMI_STM_REPLACE_BIOS_RESOURCES_SUB_FUNC 2
+
+typedef struct {
+	uint32_t buffer_size;
+	uint32_t reserved;
+	// uint8_t   Data[];
+} TXT_BIOS_DEBUG;
+
+#pragma pack(pop)
+
+#endif