Home Explore Help
Sign In
miti
/
graphene
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 1f2360c857
Branches Tags
graphene
/
Pal
/
src
/
host
/
Linux-SGX
/
sgx_arch.h

sgx_arch.h 8.0 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307 
  1. /* -*- mode:c; c-file-style:"k&r"; c-basic-offset: 4; tab-width:4; indent-tabs-mode:nil; mode:auto-fill; fill-column:78; -*- */
    2. 

  2. /* vim: set ts=4 sw=4 et tw=78 fo=cqt wm=0: */
    3. 

  3. 

  4. /* Copyright (C) 2014 Stony Brook University
    5. 

  5.    This file is part of Graphene Library OS.
    6. 

  6. 

  7.    Graphene Library OS is free software: you can redistribute it and/or
    8. 

  8.    modify it under the terms of the GNU Lesser General Public License
    9. 

  9.    as published by the Free Software Foundation, either version 3 of the
    10. 

  10.    License, or (at your option) any later version.
    11. 

  11. 

  12.    Graphene Library OS is distributed in the hope that it will be useful,
    13. 

  13.    but WITHOUT ANY WARRANTY; without even the implied warranty of
    14. 

  14.    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    15. 

  15.    GNU Lesser General Public License for more details.
    16. 

  16. 

  17.    You should have received a copy of the GNU Lesser General Public License
    18. 

  18.    along with this program.  If not, see <http://www.gnu.org/licenses/>.  */
    19. 

  19. 

  20. #ifndef SGX_ARCH_H
    21. 

  21. #define SGX_ARCH_H
    22. 

  22. 

  23. #include "pal_linux_defs.h"
    24. 

  24. 

  25. #ifndef __ASSEMBLER__
    26. 

  26. 

  27. #include <stdint.h>
    28. 

  28. 

  29. typedef uint8_t sgx_arch_key_t [384];
    30. 

  30. typedef uint8_t sgx_arch_hash_t[32];
    31. 

  31. typedef uint8_t sgx_arch_mac_t [16];
    32. 

  32. // This if for passing a mac to hex2str
    33. 

  33. #define MACBUF_SIZE ((sizeof(sgx_arch_mac_t)*2)+1) 
    34. 

  34. 

  35. typedef struct {
    36. 

  36.     uint64_t flags, xfrm;
    37. 

  37. } sgx_arch_attributes_t;
    38. 

  38. 

  39. #define SGX_FLAGS_INITIALIZED    0x01ULL
    40. 

  40. #define SGX_FLAGS_DEBUG          0x02ULL
    41. 

  41. #define SGX_FLAGS_MODE64BIT      0x04ULL
    42. 

  42. #define SGX_FLAGS_PROVISION_KEY  0x10ULL
    43. 

  43. #define SGX_FLAGS_LICENSE_KEY    0x20ULL
    44. 

  44. 

  45. #define SGX_XFRM_LEGACY          0x03ULL
    46. 

  46. #define SGX_XFRM_AVX             0x06ULL
    47. 

  47. 

  48. #define SGX_MISCSELECT_EXINFO    0x01UL
    49. 

  49. 

  50. typedef struct {
    51. 

  51.     uint64_t size, baseaddr;
    52. 

  52.     uint32_t ssaframesize;
    53. 

  53.     uint32_t miscselect;
    54. 

  54.     uint8_t  reserved[24];
    55. 

  55.     sgx_arch_attributes_t attributes;
    56. 

  56.     sgx_arch_hash_t mrenclave;
    57. 

  57.     uint8_t  reserved2[32];
    58. 

  58.     sgx_arch_hash_t mrsigner;
    59. 

  59.     uint8_t  reserved3[96];
    60. 

  60.     uint16_t isvprodid, isvsvn;
    61. 

  61.     uint8_t  reserved4[3836];
    62. 

  62. } sgx_arch_secs_t;
    63. 

  63. 

  64. typedef struct {
    65. 

  65.     uint64_t reserved;
    66. 

  66.     uint64_t flags;
    67. 

  67.     uint64_t ossa;
    68. 

  68.     uint32_t cssa;
    69. 

  69.     uint32_t nssa;
    70. 

  70.     uint64_t oentry;
    71. 

  71.     uint64_t reserved2;
    72. 

  72.     uint64_t ofsbasgx;
    73. 

  73.     uint64_t ogsbasgx;
    74. 

  74.     uint32_t fslimit;
    75. 

  75.     uint32_t gslimit;
    76. 

  76.     uint8_t  reserved3[4024];
    77. 

  77. } sgx_arch_tcs_t;
    78. 

  78. 

  79. #define TCS_FLAGS_DBGOPTIN   (01ULL)
    80. 

  80. 

  81. typedef struct {
    82. 

  82.     uint64_t rax;
    83. 

  83.     uint64_t rcx;
    84. 

  84.     uint64_t rdx;
    85. 

  85.     uint64_t rbx;
    86. 

  86.     uint64_t rsp;
    87. 

  87.     uint64_t rbp;
    88. 

  88.     uint64_t rsi;
    89. 

  89.     uint64_t rdi;
    90. 

  90.     uint64_t r8;
    91. 

  91.     uint64_t r9;
    92. 

  92.     uint64_t r10;
    93. 

  93.     uint64_t r11;
    94. 

  94.     uint64_t r12;
    95. 

  95.     uint64_t r13;
    96. 

  96.     uint64_t r14;
    97. 

  97.     uint64_t r15;
    98. 

  98.     uint64_t rflags;
    99. 

  99.     uint64_t rip;
    100. 

  100.     uint64_t ursp;
    101. 

  101.     uint64_t urbp;
    102. 

  102.     uint32_t exitinfo;
    103. 

  103.     uint32_t reserved;
    104. 

  104. #if SGX_HAS_FSGSBASE == 1
    105. 

  105.     uint64_t fsbase;
    106. 

  106.     uint64_t gsbase;
    107. 

  107. #endif
    108. 

  108. } sgx_arch_gpr_t;
    109. 

  109. 

  110. typedef struct {
    111. 

  111.     uint64_t rax;
    112. 

  112.     uint64_t rcx;
    113. 

  113.     uint64_t rdx;
    114. 

  114.     uint64_t rbx;
    115. 

  115.     uint64_t rsp;
    116. 

  116.     uint64_t rbp;
    117. 

  117.     uint64_t rsi;
    118. 

  118.     uint64_t rdi;
    119. 

  119.     uint64_t r8;
    120. 

  120.     uint64_t r9;
    121. 

  121.     uint64_t r10;
    122. 

  122.     uint64_t r11;
    123. 

  123.     uint64_t r12;
    124. 

  124.     uint64_t r13;
    125. 

  125.     uint64_t r14;
    126. 

  126.     uint64_t r15;
    127. 

  127.     uint64_t rflags;
    128. 

  128.     uint64_t rip;
    129. 

  129. } sgx_context_t;
    130. 

  130. 

  131. typedef struct {
    132. 

  132.     uint32_t vector:8;
    133. 

  133.     uint32_t type:3;
    134. 

  134.     uint32_t reserved:20;
    135. 

  135.     uint32_t valid:1;
    136. 

  136. } sgx_arch_exitinfo_t;
    137. 

  137. 

  138. #define SGX_EXCEPTION_HARDWARE      3UL
    139. 

  139. #define SGX_EXCEPTION_SOFTWARE      6UL
    140. 

  140. 

  141. #define SGX_EXCEPTION_VECTOR_DE     0UL  /* DIV and IDIV instructions */
    142. 

  142. #define SGX_EXCEPTION_VECTOR_DB     1UL  /* For Intel use only */
    143. 

  143. #define SGX_EXCEPTION_VECTOR_BP     3UL  /* INT 3 instruction */
    144. 

  144. #define SGX_EXCEPTION_VECTOR_BR     5UL  /* BOUND instruction */
    145. 

  145. #define SGX_EXCEPTION_VECTOR_UD     6UL  /* UD2 instruction or reserved opcodes */
    146. 

  146. #define SGX_EXCEPTION_VECTOR_MF    16UL  /* x87 FPU floating-point or WAIT/FWAIT instruction */
    147. 

  147. #define SGX_EXCEPTION_VECTOR_AC    17UL  /* Any data reference in memory */
    148. 

  148. #define SGX_EXCEPTION_VECTOR_XM    19UL  /* Any SIMD floating-point exceptions */
    149. 

  149. 

  150. typedef struct {
    151. 

  151.     uint64_t linaddr;
    152. 

  152.     uint64_t srcpge;
    153. 

  153.     uint64_t secinfo;
    154. 

  154.     uint64_t secs;
    155. 

  155. } sgx_arch_pageinfo_t;
    156. 

  156. 

  157. typedef struct {
    158. 

  158.     uint64_t flags;
    159. 

  159.     uint8_t  reserved[56];
    160. 

  160. } sgx_arch_secinfo_t;
    161. 

  161. 

  162. #define SGX_SECINFO_FLAGS_R             0x001
    163. 

  163. #define SGX_SECINFO_FLAGS_W             0x002
    164. 

  164. #define SGX_SECINFO_FLAGS_X             0x004
    165. 

  165. #define SGX_SECINFO_FLAGS_SECS          0x000
    166. 

  166. #define SGX_SECINFO_FLAGS_TCS           0x100
    167. 

  167. #define SGX_SECINFO_FLAGS_REG           0x200
    168. 

  168. 

  169. typedef struct {
    170. 

  170.     /* header part (signed) */
    171. 

  171.     uint32_t header[4], vendor;
    172. 

  172.     uint32_t date;
    173. 

  173.     uint32_t header2[4];
    174. 

  174.     uint32_t swdefined;
    175. 

  175.     uint8_t  reserved1[84];
    176. 

  176. 

  177.     /* key part (unsigned) */
    178. 

  178.     sgx_arch_key_t modulus;
    179. 

  179.     uint32_t exponent;
    180. 

  180.     sgx_arch_key_t signature;
    181. 

  181. 

  182.     /* body part (signed) */
    183. 

  183.     uint32_t miscselect, miscselect_mask;
    184. 

  184.     uint8_t  reserved2[20];
    185. 

  185.     sgx_arch_attributes_t attributes, attribute_mask;
    186. 

  186.     sgx_arch_hash_t enclave_hash;
    187. 

  187.     uint8_t  reserved3[32];
    188. 

  188.     uint16_t isvprodid, isvsvn;
    189. 

  189. 

  190.     /* tail part (unsigned) */
    191. 

  191.     uint8_t  reserved4[12];
    192. 

  192.     sgx_arch_key_t q1, q2;
    193. 

  193. } __attribute__((packed)) sgx_arch_sigstruct_t;
    194. 

  194. 

  195. typedef struct {
    196. 

  196.     uint32_t valid;
    197. 

  197.     uint8_t  reserved[44];
    198. 

  198.     sgx_arch_attributes_t attributes;
    199. 

  199.     sgx_arch_hash_t mrenclave;
    200. 

  200.     uint8_t  reserved2[32];
    201. 

  201.     sgx_arch_hash_t mrsigner;
    202. 

  202.     uint8_t  reserved3[32];
    203. 

  203.     uint64_t cpusvnle[2];
    204. 

  204.     uint16_t isvprodidle, isvsvnle;
    205. 

  205.     uint8_t  reserved4[24];
    206. 

  206.     uint32_t miscselect_mask;
    207. 

  207.     sgx_arch_attributes_t attribute_mask;
    208. 

  208.     sgx_arch_hash_t keyid;
    209. 

  209.     sgx_arch_mac_t mac;
    210. 

  210. } __attribute__((packed)) sgx_arch_token_t;
    211. 

  211. 

  212. typedef struct {
    213. 

  213.     uint64_t cpusvn[2];
    214. 

  214.     uint32_t miscselect;
    215. 

  215.     uint8_t  reserved[28];
    216. 

  216.     sgx_arch_attributes_t attributes;
    217. 

  217.     sgx_arch_hash_t mrenclave;
    218. 

  218.     uint8_t  reserved2[32];
    219. 

  219.     sgx_arch_hash_t mrsigner;
    220. 

  220.     uint8_t  reserved3[96];
    221. 

  221.     uint16_t isvprodid, isvsvn;
    222. 

  222.     uint8_t  reserved4[60];
    223. 

  223.     uint8_t  report_data[64];
    224. 

  224.     uint8_t  keyid[32];
    225. 

  225.     sgx_arch_mac_t mac;
    226. 

  226. } __attribute__((packed, aligned(512))) sgx_arch_report_t;
    227. 

  227. 

  228. #define SGX_REPORT_SIGNED_SIZE  384
    229. 

  229. 

  230. typedef struct {
    231. 

  231.     sgx_arch_hash_t mrenclave;
    232. 

  232.     sgx_arch_attributes_t attributes;
    233. 

  233.     uint8_t  reserved[464];
    234. 

  234. } __attribute__((packed, aligned(512))) sgx_arch_targetinfo_t;
    235. 

  235. 

  236. typedef struct {
    237. 

  237.     uint16_t keyname;
    238. 

  238.     uint16_t keypolicy;
    239. 

  239.     uint16_t isvsvn;
    240. 

  240.     uint8_t  reserved[2];
    241. 

  241.     uint64_t cpusvn[2];
    242. 

  242.     sgx_arch_attributes_t attributes_mask;
    243. 

  243.     uint8_t  keyid[32];
    244. 

  244.     uint32_t miscmask;
    245. 

  245.     uint8_t  reserved2[436];
    246. 

  246. } __attribute__((packed, aligned(512))) sgx_arch_keyrequest_t;
    247. 

  247. 

  248. typedef uint8_t sgx_arch_key128_t[16] __attribute__((aligned(16)));
    249. 

  249. 

  250. #else /* !__ASSEMBLER__ */
    251. 

  251. 

  252. /* microcode to call ENCLU */
    253. 

  253. .macro ENCLU
    254. 

  254.     .byte 0x0f, 0x01, 0xd7
    255. 

  255. .endm
    256. 

  256. 

  257. #endif
    258. 

  258. 

  259. #define EENTER      2
    260. 

  260. #define ERESUME     3
    261. 

  261. #define EDBGRD      4
    262. 

  262. #define EDBGWR      5
    263. 

  263. 

  264. #define EREPORT     0
    265. 

  265. #define EGETKEY     1
    266. 

  266. #define EEXIT       4
    267. 

  267. 

  268. #define LAUNCH_KEY          0
    269. 

  269. #define PROVISION_KEY       1
    270. 

  270. #define PROVISION_SEAL_KEY  2
    271. 

  271. #define REPORT_KEY          3
    272. 

  272. #define SEAL_KEY            4
    273. 

  273. 

  274. #define KEYPOLICY_MRENCLAVE     1
    275. 

  275. #define KEYPOLICY_MRSIGNER      2
    276. 

  276. 

  277. #define SGX_GPR_RAX             0x00
    278. 

  278. #define SGX_GPR_RCX             0x08
    279. 

  279. #define SGX_GPR_RDX             0x10
    280. 

  280. #define SGX_GPR_RBX             0x18
    281. 

  281. #define SGX_GPR_RSP             0x20
    282. 

  282. #define SGX_GPR_RBP             0x28
    283. 

  283. #define SGX_GPR_RSI             0x30
    284. 

  284. #define SGX_GPR_RDI             0x38
    285. 

  285. #define SGX_GPR_R8              0x40
    286. 

  286. #define SGX_GPR_R9              0x48
    287. 

  287. #define SGX_GPR_R10             0x50
    288. 

  288. #define SGX_GPR_R11             0x58
    289. 

  289. #define SGX_GPR_R12             0x60
    290. 

  290. #define SGX_GPR_R13             0x68
    291. 

  291. #define SGX_GPR_R14             0x70
    292. 

  292. #define SGX_GPR_R15             0x78
    293. 

  293. #define SGX_GPR_RFLAGS          0x80
    294. 

  294. #define SGX_GPR_RIP             0x88
    295. 

  295. #define SGX_GPR_EXITINFO        0xa0
    296. 

  296. 

  297. #define TCS_SIZE    4096
    298. 

  298. #define TCS_SHIFT   12
    299. 

  299. 

  300. #define XSAVE_SIZE  512
    301. 

  301. 

  302. #define STACK_ALIGN 0xfffffffffffffff0
    303. 

  303. #define XSAVE_ALIGN 0xffffffffffffffc0
    304. 

  304. 

  305. #define RETURN_FROM_OCALL 0xffffffffffffffff
    306. 

  306. 

  307. #endif /* SGX_ARCH_H */
    308.