Etusivu Tutki Apua
Kirjaudu sisään
miti
/
graphene
1
0
Fork 0
Tiedostot Ongelmat 0 Pull-pyynnöt 0 Wiki
Puu: 6c4f21cba2
Branchit Tagit
graphene
/
Pal
/
src
/
host
/
Linux-SGX
/
sgx_arch.h

sgx_arch.h 8.0 KB
Historia Raaka

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307 
  1. /* Copyright (C) 2014 Stony Brook University
    2. 

  2.    This file is part of Graphene Library OS.
    3. 

  3. 

  4.    Graphene Library OS is free software: you can redistribute it and/or
    5. 

  5.    modify it under the terms of the GNU Lesser General Public License
    6. 

  6.    as published by the Free Software Foundation, either version 3 of the
    7. 

  7.    License, or (at your option) any later version.
    8. 

  8. 

  9.    Graphene Library OS is distributed in the hope that it will be useful,
    10. 

  10.    but WITHOUT ANY WARRANTY; without even the implied warranty of
    11. 

  11.    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    12. 

  12.    GNU Lesser General Public License for more details.
    13. 

  13. 

  14.    You should have received a copy of the GNU Lesser General Public License
    15. 

  15.    along with this program.  If not, see <http://www.gnu.org/licenses/>.  */
    16. 

  16. 

  17. #ifndef SGX_ARCH_H
    18. 

  18. #define SGX_ARCH_H
    19. 

  19. 

  20. #include "pal_linux_defs.h"
    21. 

  21. 

  22. #ifndef __ASSEMBLER__
    23. 

  23. 

  24. #include <stdint.h>
    25. 

  25. 

  26. typedef uint8_t sgx_arch_key_t [384];
    27. 

  27. typedef uint8_t sgx_arch_hash_t[32];
    28. 

  28. typedef uint8_t sgx_arch_mac_t [16];
    29. 

  29. // This if for passing a mac to hex2str
    30. 

  30. #define MACBUF_SIZE ((sizeof(sgx_arch_mac_t) * 2) + 1)
    31. 

  31. 

  32. typedef struct {
    33. 

  33.     uint64_t flags, xfrm;
    34. 

  34. } sgx_arch_attributes_t;
    35. 

  35. 

  36. #define SGX_FLAGS_INITIALIZED    0x01ULL
    37. 

  37. #define SGX_FLAGS_DEBUG          0x02ULL
    38. 

  38. #define SGX_FLAGS_MODE64BIT      0x04ULL
    39. 

  39. #define SGX_FLAGS_PROVISION_KEY  0x10ULL
    40. 

  40. #define SGX_FLAGS_LICENSE_KEY    0x20ULL
    41. 

  41. 

  42. #define SGX_XFRM_LEGACY          0x03ULL
    43. 

  43. #define SGX_XFRM_AVX             0x06ULL
    44. 

  44. #define SGX_XFRM_MPX             0x18ULL
    45. 

  45. #define SGX_XFRM_AVX512          0xe6ULL
    46. 

  46. 

  47. #define SGX_MISCSELECT_EXINFO    0x01UL
    48. 

  48. 

  49. typedef struct {
    50. 

  50.     uint64_t size, baseaddr;
    51. 

  51.     uint32_t ssaframesize;
    52. 

  52.     uint32_t miscselect;
    53. 

  53.     uint8_t  reserved[24];
    54. 

  54.     sgx_arch_attributes_t attributes;
    55. 

  55.     sgx_arch_hash_t mrenclave;
    56. 

  56.     uint8_t  reserved2[32];
    57. 

  57.     sgx_arch_hash_t mrsigner;
    58. 

  58.     uint8_t  reserved3[96];
    59. 

  59.     uint16_t isvprodid, isvsvn;
    60. 

  60.     uint8_t  reserved4[3836];
    61. 

  61. } sgx_arch_secs_t;
    62. 

  62. 

  63. typedef struct {
    64. 

  64.     uint64_t reserved;
    65. 

  65.     uint64_t flags;
    66. 

  66.     uint64_t ossa;
    67. 

  67.     uint32_t cssa;
    68. 

  68.     uint32_t nssa;
    69. 

  69.     uint64_t oentry;
    70. 

  70.     uint64_t reserved2;
    71. 

  71.     uint64_t ofsbasgx;
    72. 

  72.     uint64_t ogsbasgx;
    73. 

  73.     uint32_t fslimit;
    74. 

  74.     uint32_t gslimit;
    75. 

  75.     uint8_t  reserved3[4024];
    76. 

  76. } sgx_arch_tcs_t;
    77. 

  77. 

  78. #define TCS_FLAGS_DBGOPTIN   (01ULL)
    79. 

  79. 

  80. typedef struct {
    81. 

  81.     uint64_t rax;
    82. 

  82.     uint64_t rcx;
    83. 

  83.     uint64_t rdx;
    84. 

  84.     uint64_t rbx;
    85. 

  85.     uint64_t rsp;
    86. 

  86.     uint64_t rbp;
    87. 

  87.     uint64_t rsi;
    88. 

  88.     uint64_t rdi;
    89. 

  89.     uint64_t r8;
    90. 

  90.     uint64_t r9;
    91. 

  91.     uint64_t r10;
    92. 

  92.     uint64_t r11;
    93. 

  93.     uint64_t r12;
    94. 

  94.     uint64_t r13;
    95. 

  95.     uint64_t r14;
    96. 

  96.     uint64_t r15;
    97. 

  97.     uint64_t rflags;
    98. 

  98.     uint64_t rip;
    99. 

  99.     uint64_t ursp;
    100. 

  100.     uint64_t urbp;
    101. 

  101.     uint32_t exitinfo;
    102. 

  102.     uint32_t reserved;
    103. 

  103.     uint64_t fsbase;
    104. 

  104.     uint64_t gsbase;
    105. 

  105. } sgx_arch_gpr_t;
    106. 

  106. 

  107. typedef struct {
    108. 

  108.     uint64_t rax;
    109. 

  109.     uint64_t rcx;
    110. 

  110.     uint64_t rdx;
    111. 

  111.     uint64_t rbx;
    112. 

  112.     uint64_t rsp;
    113. 

  113.     uint64_t rbp;
    114. 

  114.     uint64_t rsi;
    115. 

  115.     uint64_t rdi;
    116. 

  116.     uint64_t r8;
    117. 

  117.     uint64_t r9;
    118. 

  118.     uint64_t r10;
    119. 

  119.     uint64_t r11;
    120. 

  120.     uint64_t r12;
    121. 

  121.     uint64_t r13;
    122. 

  122.     uint64_t r14;
    123. 

  123.     uint64_t r15;
    124. 

  124.     uint64_t rflags;
    125. 

  125.     uint64_t rip;
    126. 

  126. } sgx_context_t;
    127. 

  127. 

  128. // Required by _restore_sgx_context, see enclave_entry.S.
    129. 

  129. _Static_assert(offsetof(sgx_context_t, rip) - offsetof(sgx_context_t, rflags) ==
    130. 

  130.                sizeof(((sgx_context_t) {0}).rflags),
    131. 

  131.                "rip must be directly after rflags in sgx_context_t");
    132. 

  132. _Static_assert(offsetof(sgx_context_t, rflags) - offsetof(sgx_context_t, rdi) <= RED_ZONE_SIZE,
    133. 

  133.                "rdi needs to be within red zone distance from rflags");
    134. 

  134. 

  135. typedef struct {
    136. 

  136.     uint32_t vector:8;
    137. 

  137.     uint32_t type:3;
    138. 

  138.     uint32_t reserved:20;
    139. 

  139.     uint32_t valid:1;
    140. 

  140. } sgx_arch_exitinfo_t;
    141. 

  141. 

  142. #define SGX_EXCEPTION_HARDWARE      3UL
    143. 

  143. #define SGX_EXCEPTION_SOFTWARE      6UL
    144. 

  144. 

  145. #define SGX_EXCEPTION_VECTOR_DE     0UL  /* DIV and IDIV instructions */
    146. 

  146. #define SGX_EXCEPTION_VECTOR_DB     1UL  /* For Intel use only */
    147. 

  147. #define SGX_EXCEPTION_VECTOR_BP     3UL  /* INT 3 instruction */
    148. 

  148. #define SGX_EXCEPTION_VECTOR_BR     5UL  /* BOUND instruction */
    149. 

  149. #define SGX_EXCEPTION_VECTOR_UD     6UL  /* UD2 instruction or reserved opcodes */
    150. 

  150. #define SGX_EXCEPTION_VECTOR_MF    16UL  /* x87 FPU floating-point or WAIT/FWAIT instruction */
    151. 

  151. #define SGX_EXCEPTION_VECTOR_AC    17UL  /* Any data reference in memory */
    152. 

  152. #define SGX_EXCEPTION_VECTOR_XM    19UL  /* Any SIMD floating-point exceptions */
    153. 

  153. 

  154. typedef struct {
    155. 

  155.     uint64_t linaddr;
    156. 

  156.     uint64_t srcpge;
    157. 

  157.     uint64_t secinfo;
    158. 

  158.     uint64_t secs;
    159. 

  159. } sgx_arch_pageinfo_t;
    160. 

  160. 

  161. typedef struct {
    162. 

  162.     uint64_t flags;
    163. 

  163.     uint8_t  reserved[56];
    164. 

  164. } sgx_arch_secinfo_t;
    165. 

  165. 

  166. #define SGX_SECINFO_FLAGS_R             0x001
    167. 

  167. #define SGX_SECINFO_FLAGS_W             0x002
    168. 

  168. #define SGX_SECINFO_FLAGS_X             0x004
    169. 

  169. #define SGX_SECINFO_FLAGS_SECS          0x000
    170. 

  170. #define SGX_SECINFO_FLAGS_TCS           0x100
    171. 

  171. #define SGX_SECINFO_FLAGS_REG           0x200
    172. 

  172. 

  173. typedef struct {
    174. 

  174.     /* header part (signed) */
    175. 

  175.     uint32_t header[4], vendor;
    176. 

  176.     uint32_t date;
    177. 

  177.     uint32_t header2[4];
    178. 

  178.     uint32_t swdefined;
    179. 

  179.     uint8_t  reserved1[84];
    180. 

  180. 

  181.     /* key part (unsigned) */
    182. 

  182.     sgx_arch_key_t modulus;
    183. 

  183.     uint32_t exponent;
    184. 

  184.     sgx_arch_key_t signature;
    185. 

  185. 

  186.     /* body part (signed) */
    187. 

  187.     uint32_t miscselect, miscselect_mask;
    188. 

  188.     uint8_t  reserved2[20];
    189. 

  189.     sgx_arch_attributes_t attributes, attribute_mask;
    190. 

  190.     sgx_arch_hash_t enclave_hash;
    191. 

  191.     uint8_t  reserved3[32];
    192. 

  192.     uint16_t isvprodid, isvsvn;
    193. 

  193. 

  194.     /* tail part (unsigned) */
    195. 

  195.     uint8_t  reserved4[12];
    196. 

  196.     sgx_arch_key_t q1, q2;
    197. 

  197. } __attribute__((packed)) sgx_arch_sigstruct_t;
    198. 

  198. 

  199. typedef struct {
    200. 

  200.     uint32_t valid;
    201. 

  201.     uint8_t  reserved[44];
    202. 

  202.     sgx_arch_attributes_t attributes;
    203. 

  203.     sgx_arch_hash_t mrenclave;
    204. 

  204.     uint8_t  reserved2[32];
    205. 

  205.     sgx_arch_hash_t mrsigner;
    206. 

  206.     uint8_t  reserved3[32];
    207. 

  207.     uint64_t cpusvnle[2];
    208. 

  208.     uint16_t isvprodidle, isvsvnle;
    209. 

  209.     uint8_t  reserved4[24];
    210. 

  210.     uint32_t miscselect_mask;
    211. 

  211.     sgx_arch_attributes_t attribute_mask;
    212. 

  212.     sgx_arch_hash_t keyid;
    213. 

  213.     sgx_arch_mac_t mac;
    214. 

  214. } __attribute__((packed)) sgx_arch_token_t;
    215. 

  215. 

  216. typedef uint8_t sgx_arch_report_data_t[64];
    217. 

  217. 

  218. #define __sgx_mem_aligned __attribute__((aligned(512)))
    219. 

  219. 

  220. typedef struct {
    221. 

  221.     uint64_t cpusvn[2];
    222. 

  222.     uint32_t miscselect;
    223. 

  223.     uint8_t  reserved[28];
    224. 

  224.     sgx_arch_attributes_t attributes;
    225. 

  225.     sgx_arch_hash_t mrenclave;
    226. 

  226.     uint8_t  reserved2[32];
    227. 

  227.     sgx_arch_hash_t mrsigner;
    228. 

  228.     uint8_t  reserved3[96];
    229. 

  229.     uint16_t isvprodid, isvsvn;
    230. 

  230.     uint8_t  reserved4[60];
    231. 

  231.     sgx_arch_report_data_t report_data;
    232. 

  232. } __attribute__((packed)) sgx_arch_report_body_t;
    233. 

  233. 

  234. typedef struct {
    235. 

  235.     sgx_arch_report_body_t body;
    236. 

  236.     uint8_t  keyid[32];
    237. 

  237.     sgx_arch_mac_t mac;
    238. 

  238. } __attribute__((packed)) sgx_arch_report_t;
    239. 

  239. 

  240. #define SGX_REPORT_SIGNED_SIZE  384
    241. 

  241. #define SGX_REPORT_ACTUAL_SIZE  432
    242. 

  242. 

  243. typedef struct {
    244. 

  244.     sgx_arch_hash_t mrenclave;
    245. 

  245.     sgx_arch_attributes_t attributes;
    246. 

  246.     uint8_t  reserved[4];
    247. 

  247.     uint32_t miscselect;
    248. 

  248.     uint8_t  reserved2[456];
    249. 

  249. } __attribute__((packed)) sgx_arch_targetinfo_t;
    250. 

  250. 

  251. #define SGX_TARGETINFO_FILLED_SIZE  (sizeof(sgx_arch_hash_t) + \
    252. 

  252.                                      sizeof(sgx_arch_attributes_t))
    253. 

  253. 

  254. typedef struct {
    255. 

  255.     uint16_t keyname;
    256. 

  256.     uint16_t keypolicy;
    257. 

  257.     uint16_t isvsvn;
    258. 

  258.     uint8_t  reserved[2];
    259. 

  259.     uint64_t cpusvn[2];
    260. 

  260.     sgx_arch_attributes_t attributes_mask;
    261. 

  261.     uint8_t  keyid[32];
    262. 

  262.     uint32_t miscmask;
    263. 

  263.     uint8_t  reserved2[436];
    264. 

  264. } __attribute__((packed)) sgx_arch_keyrequest_t;
    265. 

  265. 

  266. typedef uint8_t sgx_arch_key128_t[16];
    267. 

  267. 

  268. #define ENCLU ".byte 0x0f, 0x01, 0xd7"
    269. 

  269. 

  270. #else /* !__ASSEMBLER__ */
    271. 

  271. 

  272. /* microcode to call ENCLU */
    273. 

  273. .macro ENCLU
    274. 

  274.     .byte 0x0f, 0x01, 0xd7
    275. 

  275. .endm
    276. 

  276. 

  277. #endif
    278. 

  278. 

  279. #define EENTER      2
    280. 

  280. #define ERESUME     3
    281. 

  281. #define EDBGRD      4
    282. 

  282. #define EDBGWR      5
    283. 

  283. 

  284. #define EREPORT     0
    285. 

  285. #define EGETKEY     1
    286. 

  286. #define EEXIT       4
    287. 

  287. 

  288. #define LAUNCH_KEY          0
    289. 

  289. #define PROVISION_KEY       1
    290. 

  290. #define PROVISION_SEAL_KEY  2
    291. 

  291. #define REPORT_KEY          3
    292. 

  292. #define SEAL_KEY            4
    293. 

  293. 

  294. #define KEYPOLICY_MRENCLAVE     1
    295. 

  295. #define KEYPOLICY_MRSIGNER      2
    296. 

  296. 

  297. #define XSAVE_SIZE  512
    298. 

  298. 

  299. #define STACK_ALIGN 0xfffffffffffffff0
    300. 

  300. #define XSAVE_ALIGN 0xffffffffffffffc0
    301. 

  301. #define XSAVE_NON_FX_MASK 0xfffffffffffffffc
    302. 

  302. 

  303. #define RETURN_FROM_OCALL 0xffffffffffffffff
    304. 

  304. 

  305. #define RFLAGS_DF (1<<10)
    306. 

  306. 

  307. #endif /* SGX_ARCH_H */
    308.