Skip to content
Henk-Jan Lebbink edited this page Jun 5, 2018 · 2 revisions

SGX INSTRUCTION REFERENCES EADD — Add a Page to an Uninitialized Enclave

Opcode/ Instruction Op/En 64/32 bit Mode Support CPUID Feature Flag Description
EAX = 01H ENCLS[EADD] IR V/V SGX1 This leaf function adds a page to an uninitialized enclave.

Instruction Operand Encoding

Op/En EAX RBX RCX
IR EADD (In) Address of a PAGEINFO (In) Address of the destination EPC page (In)

Description

This leaf function copies a source page from non-enclave memory into the EPC, associates the EPC page with an SECS page residing in the EPC, and stores the linear address and security attributes in EPCM. As part of the asso- ciation, the enclave offset and the security attributes are measured and extended into the SECS.MRENCLAVE. This instruction can only be executed when current privilege level is 0.

RBX contains the effective address of a PAGEINFO structure while RCX contains the effective address of an EPC page. The table below provides additional information on the memory parameter of EADD leaf function.

EADD Memory Parameter Semantics

PAGEINFO PAGEINFO.SECS PAGEINFO.SRCPGE PAGEINFO.SECINFO EPCPAGE
Read access permitted by Non Enclave Read/Write access permit- ted by Enclave Read access permitted by Non Enclave Read access permitted by Non Enclave Write access permitted by Enclave

The instruction faults if any of the following:

EADD Faulting Conditions

The operands are not properly aligned. Unsupported security attributes are set.
Refers to an invalid SECS. Reference is made to an SECS that is locked by another thread.
The EPC page is locked by another thread. RCX does not contain an effective address of an EPC page.
The EPC page is already valid. If security attributes specifies a TCS and the source page specifies unsupported TCS values or fields.
The SECS has been initialized. The specified enclave offset is outside of the enclave address space.

Concurrency Restrictions

Table 40-8. Base Concurrency Restrictions of EADD

Leaf Parameter Base Concurrency Restrictions
Access On Conflict SGX_CONFLICT VM Exit Qualification
EADD Target [DS:RCX] Exclusive #GP EPC_PAGE_CONFLICT_EXCEPTION
SECS [DS:RBX]PAGEINFO.SECS Shared #GP

Vol. 3D 40-17 SGX INSTRUCTION REFERENCES

Table 40-9. Additional Concurrency Restrictions of EADD

Leaf Parameter Additional Concurrency Restrictions
vs. EACCEPT, EACCEPTCOPY, EMODPE, EMODPR, EMODT vs. EADD, EEXTEND, EINIT vs. ETRACK, ETRACKC
Access On Conflict Access On Conflict Access On Conflict
EADD Target [DS:RCX] Concurrent Concurrent Concurrent
SECS [DS:RBX]PAGE- INFO.SECS Concurrent Exclusive #GP Concurrent

Operation

Temp Variables in EADD Operational Flow

<table>
	<tr>
		<td><b>Name</b></td>
		<td><b>Type</b></td>
		<td><b>Size (bits)</b></td>
		<td><b>Description</b></td>
	</tr>
	<tr>
		<td>TMP_SRCPGE</td>
		<td>Effective Address</td>
		<td>32/64</td>
		<td>Effective address of the source page.</td>
	</tr>
	<tr>
		<td>TMP_SECS</td>
		<td>Effective Address</td>
		<td>32/64</td>
		<td>Effective address of the SECS destination page.</td>
	</tr>
	<tr>
		<td>TMP_SECINFO</td>
		<td>Effective Address</td>
		<td>32/64</td>
		<td>Effective address of an SECINFO structure which contains security attributes of the page to be added.</td>
	</tr>
	<tr>
		<td>SCRATCH_SECINFO</td>
		<td>SECINFO</td>
		<td>512</td>
		<td>Scratch storage for holding the contents of DS:TMP_SECINFO.</td>
	</tr>
	<tr>
		<td>TMP_LINADDR</td>
		<td>Unsigned Integer</td>
		<td>64</td>
		<td>Holds the linear address to be stored in the EPCM and used to calculate TMP_ENCLAVEOFFSET.</td>
	</tr>
	<tr>
		<td>TMP_ENCLAVEOFFSET</td>
		<td>Enclave Offset</td>
		<td>64</td>
		<td>The page displacement from the enclave base address.</td>
	</tr>
	<tr>
		<td>TMPUPDATEFIELD</td>
		<td>SHA256 Buffer</td>
		<td>512</td>
		<td>Buffer used to hold data being added to TMP_SECS.MRENCLAVE.</td>
	</tr>
</table>

IF (DS:RBX is not 32Byte Aligned)
    THEN #GP(0); FI;
IF (DS:RCX is not 4KByte Aligned)
    THEN #GP(0); FI;
IF (DS:RCX does not resolve within an EPC)
    THEN #PF(DS:RCX); FI;
TMP_SRCPGEDS:RBX.SRCPGE;
TMP_SECSDS:RBX.SECS;
TMP_SECINFODS:RBX.SECINFO;
TMP_LINADDRDS:RBX.LINADDR;
IF (DS:TMP_SRCPGE is not 4KByte aligned or DS:TMP_SECS is not 4KByte aligned or
    DS:TMP_SECINFO is not 64Byte aligned or TMP_LINADDR is not 4KByte aligned)
    THEN #GP(0); FI;
IF (DS:TMP_SECS does not resolve within an EPC)
    THEN #PF(DS:TMP_SECS); FI;
SCRATCH_SECINFODS:TMP_SECINFO;
(* Check for misconfigured SECINFO flags*)
IF (SCRATCH_SECINFO reserved fields are not zero or 
40-18 Vol. 3D
                            SGX INSTRUCTION REFERENCES
    ! (SCRATCH_SECINFO.FLAGS.PT is PT_REG or SCRATCH_SECINFO.FLAGS.PT is PT_TCS) ) 
    THEN #GP(0); FI;
(* Check the EPC page for concurrency *)
IF (EPC page is not available for EADD) 
    THEN 
        IF (<<VMX non-root operation>> AND <<ENABLE_EPC_VIRTUALIZATION_EXTENSIONS>>)
            THEN
                VMCS.Exit_reasonSGX_CONFLICT;
                VMCS.Exit_qualification.codeEPC_PAGE_CONFLICT_EXCEPTION;
                VMCS.Exit_qualification.error0;
                VMCS.Guest-physical_address ← << translation of DS:RCX produced by paging >>;
                VMCS.Guest-linear_addressDS:RCX;
        
            Deliver VMEXIT;
 
            ELSE
                #GP(0);
        FI;
FI;
IF (EPCM(DS:RCX).VALID0) 
    THEN #PF(DS:RCX); FI;
(* Check the SECS for concurrency *)
IF (SECS is not available for EADD) 
    THEN #GP(0); FI;
IF (EPCM(DS:TMP_SECS).VALID = 0 or EPCM(DS:TMP_SECS).PTPT_SECS) 
    THEN #PF(DS:TMP_SECS); FI;
(* Copy 4KBytes from source page to EPC page*)
DS:RCX[32767:0] ← DS:TMP_SRCPGE[32767:0];
CASE (SCRATCH_SECINFO.FLAGS.PT) 
    PT_TCS:
        IF (DS:RCX.RESERVED0) #GP(0); FI;
        IF ( (DS:TMP_SECS.ATTRIBUTES.MODE64BIT = 0) and 
            ((DS:TCS.FSLIMIT & 0FFFH0FFFH) or (DS:TCS.GSLIMIT & 0FFFH0FFFH) )) #GP(0); FI;
        BREAK;
    PT_REG:
        IF (SCRATCH_SECINFO.FLAGS.W = 1 and SCRATCH_SECINFO.FLAGS.R = 0) #GP(0); FI;
        BREAK;
ESAC;
(* Check the enclave offset is within the enclave linear address space *)
IF (TMP_LINADDR < DS:TMP_SECS.BASEADDR or TMP_LINADDRDS:TMP_SECS.BASEADDR + DS:TMP_SECS.SIZE) 
    THEN #GP(0); FI;
(* Check concurrency of measurement resource*)
IF (Measurement being updated) 
    THEN #GP(0); FI;
(* Check if the enclave to which the page will be added is already in Initialized state *)
IF (DS:TMP_SECS already initialized) 
                            Vol. 3D 40-19
SGX INSTRUCTION REFERENCES
    THEN #GP(0); FI;
(* For TCS pages, force EPCM.rwx bits to 0 and no debug access *)
IF (SCRATCH_SECINFO.FLAGS.PT = PT_TCS) 
    THEN
        SCRATCH_SECINFO.FLAGS.R0;
        SCRATCH_SECINFO.FLAGS.W0;
        SCRATCH_SECINFO.FLAGS.X0;
        (DS:RCX).FLAGS.DBGOPTIN0; // force TCS.FLAGS.DBGOPTIN off
        DS:RCX.CSSA0;
        DS:RCX.AEP0;
        DS:RCX.STATE0;
FI;
(* Add enclave offset and security attributes to MRENCLAVE *)
TMP_ENCLAVEOFFSETTMP_LINADDR - DS:TMP_SECS.BASEADDR;
TMPUPDATEFIELD[63:0] ← 0000000044444145H; // “EADD”
TMPUPDATEFIELD[127:64] ← TMP_ENCLAVEOFFSET;
TMPUPDATEFIELD[511:128] ← SCRATCH_SECINFO[375:0]; // 48 bytes
DS:TMP_SECS.MRENCLAVESHA256UPDATE(DS:TMP_SECS.MRENCLAVE, TMPUPDATEFIELD)
INC enclaves MRENCLAVE update counter;
(* Add enclave offset and security attributes to MRENCLAVE *)
EPCM(DS:RCX).RSCRATCH_SECINFO.FLAGS.R;
EPCM(DS:RCX).WSCRATCH_SECINFO.FLAGS.W;
EPCM(DS:RCX).XSCRATCH_SECINFO.FLAGS.X;
EPCM(DS:RCX).PTSCRATCH_SECINFO.FLAGS.PT;
EPCM(DS:RCX).ENCLAVEADDRESSTMP_LINADDR;
(* associate the EPCPAGE with the SECS by storing the SECS identifier of DS:TMP_SECS *)
Update EPCM(DS:RCX) SECS identifier to reference DS:TMP_SECS identifier;
(* Set EPCM entry fields *)
EPCM(DS:RCX).BLOCKED0;
EPCM(DS:RCX).PENDING0;
EPCM(DS:RCX).MODIFIED0;
EPCM(DS:RCX).VALID1;

Flags Affected

None

Protected Mode Exceptions

#GP(0) If a memory operand effective address is outside the DS segment limit. If a memory operand is not properly aligned. If an enclave memory operand is outside of the EPC. If an enclave memory operand is the wrong type. If a memory operand is locked. If the enclave is initialized. If the enclave's MRENCLAVE is locked. If the TCS page reserved bits are set.

#PF(error code) If a page fault occurs in accessing memory operands. If the EPC page is valid.

40-20 Vol. 3D SGX INSTRUCTION REFERENCES

64-Bit Mode Exceptions

#GP(0) If a memory operand is non-canonical form. If a memory operand is not properly aligned. If an enclave memory operand is outside of the EPC. If an enclave memory operand is the wrong type. If a memory operand is locked. If the enclave is initialized. If the enclave's MRENCLAVE is locked. If the TCS page reserved bits are set.

#PF(error code) If a page fault occurs in accessing memory operands. If the EPC page is valid.

Vol. 3D 40-21


Source: Intel® Architecture Software Developer's Manual (May 2018)
Generated: 5-6-2018

Clone this wiki locally