sgx_arch.h 7.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303
  1. /* -*- mode:c; c-file-style:"k&r"; c-basic-offset: 4; tab-width:4; indent-tabs-mode:nil; mode:auto-fill; fill-column:78; -*- */
  2. /* vim: set ts=4 sw=4 et tw=78 fo=cqt wm=0: */
  3. /* Copyright (C) 2014 Stony Brook University
  4. This file is part of Graphene Library OS.
  5. Graphene Library OS is free software: you can redistribute it and/or
  6. modify it under the terms of the GNU Lesser General Public License
  7. as published by the Free Software Foundation, either version 3 of the
  8. License, or (at your option) any later version.
  9. Graphene Library OS is distributed in the hope that it will be useful,
  10. but WITHOUT ANY WARRANTY; without even the implied warranty of
  11. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  12. GNU Lesser General Public License for more details.
  13. You should have received a copy of the GNU Lesser General Public License
  14. along with this program. If not, see <http://www.gnu.org/licenses/>. */
  15. #ifndef SGX_ARCH_H
  16. #define SGX_ARCH_H
  17. #include "pal_linux_defs.h"
  18. #ifndef __ASSEMBLER__
  19. #include <stdint.h>
  20. typedef uint8_t sgx_arch_key_t [384];
  21. typedef uint8_t sgx_arch_hash_t[32];
  22. typedef uint8_t sgx_arch_mac_t [16];
  23. typedef struct {
  24. uint64_t flags, xfrm;
  25. } sgx_arch_attributes_t;
  26. #define SGX_FLAGS_INITIALIZED 0x01ULL
  27. #define SGX_FLAGS_DEBUG 0x02ULL
  28. #define SGX_FLAGS_MODE64BIT 0x04ULL
  29. #define SGX_FLAGS_PROVISION_KEY 0x10ULL
  30. #define SGX_FLAGS_LICENSE_KEY 0x20ULL
  31. #define SGX_XFRM_LEGACY 0x03ULL
  32. #define SGX_XFRM_AVX 0x06ULL
  33. #define SGX_MISCSELECT_EXINFO 0x01UL
  34. typedef struct {
  35. uint64_t size, baseaddr;
  36. uint32_t ssaframesize;
  37. uint32_t miscselect;
  38. uint8_t reserved[24];
  39. sgx_arch_attributes_t attributes;
  40. sgx_arch_hash_t mrenclave;
  41. uint8_t reserved2[32];
  42. sgx_arch_hash_t mrsigner;
  43. uint8_t reserved3[96];
  44. uint16_t isvprodid, isvsvn;
  45. uint8_t reserved4[3836];
  46. } sgx_arch_secs_t;
  47. typedef struct {
  48. uint64_t reserved;
  49. uint64_t flags;
  50. uint64_t ossa;
  51. uint32_t cssa;
  52. uint32_t nssa;
  53. uint64_t oentry;
  54. uint64_t reserved2;
  55. uint64_t ofsbasgx;
  56. uint64_t ogsbasgx;
  57. uint32_t fslimit;
  58. uint32_t gslimit;
  59. uint8_t reserved3[4024];
  60. } sgx_arch_tcs_t;
  61. typedef struct {
  62. uint64_t rax;
  63. uint64_t rcx;
  64. uint64_t rdx;
  65. uint64_t rbx;
  66. uint64_t rsp;
  67. uint64_t rbp;
  68. uint64_t rsi;
  69. uint64_t rdi;
  70. uint64_t r8;
  71. uint64_t r9;
  72. uint64_t r10;
  73. uint64_t r11;
  74. uint64_t r12;
  75. uint64_t r13;
  76. uint64_t r14;
  77. uint64_t r15;
  78. uint64_t rflags;
  79. uint64_t rip;
  80. uint64_t ursp;
  81. uint64_t urbp;
  82. uint32_t exitinfo;
  83. uint32_t reserved;
  84. #if SGX_HAS_FSGSBASE == 1
  85. uint64_t fsbase;
  86. uint64_t gsbase;
  87. #endif
  88. } sgx_arch_gpr_t;
  89. typedef struct {
  90. uint64_t rax;
  91. uint64_t rcx;
  92. uint64_t rdx;
  93. uint64_t rbx;
  94. uint64_t rsp;
  95. uint64_t rbp;
  96. uint64_t rsi;
  97. uint64_t rdi;
  98. uint64_t r8;
  99. uint64_t r9;
  100. uint64_t r10;
  101. uint64_t r11;
  102. uint64_t r12;
  103. uint64_t r13;
  104. uint64_t r14;
  105. uint64_t r15;
  106. uint64_t rflags;
  107. uint64_t rip;
  108. } sgx_context_t;
  109. typedef struct {
  110. uint32_t vector:8;
  111. uint32_t type:3;
  112. uint32_t reserved:20;
  113. uint32_t valid:1;
  114. } sgx_arch_exitinfo_t;
  115. #define SGX_EXCEPTION_HARDWARE 3UL
  116. #define SGX_EXCEPTION_SOFTWARE 6UL
  117. #define SGX_EXCEPTION_VECTOR_DE 0UL /* DIV and IDIV instructions */
  118. #define SGX_EXCEPTION_VECTOR_DB 1UL /* For Intel use only */
  119. #define SGX_EXCEPTION_VECTOR_BP 3UL /* INT 3 instruction */
  120. #define SGX_EXCEPTION_VECTOR_BR 5UL /* BOUND instruction */
  121. #define SGX_EXCEPTION_VECTOR_UD 6UL /* UD2 instruction or reserved opcodes */
  122. #define SGX_EXCEPTION_VECTOR_MF 16UL /* x87 FPU floating-point or WAIT/FWAIT instruction */
  123. #define SGX_EXCEPTION_VECTOR_AC 17UL /* Any data reference in memory */
  124. #define SGX_EXCEPTION_VECTOR_XM 19UL /* Any SIMD floating-point exceptions */
  125. typedef struct {
  126. uint64_t linaddr;
  127. uint64_t srcpge;
  128. uint64_t secinfo;
  129. uint64_t secs;
  130. } sgx_arch_pageinfo_t;
  131. typedef struct {
  132. uint64_t flags;
  133. uint8_t reserved[56];
  134. } sgx_arch_secinfo_t;
  135. #define SGX_SECINFO_FLAGS_R 0x001
  136. #define SGX_SECINFO_FLAGS_W 0x002
  137. #define SGX_SECINFO_FLAGS_X 0x004
  138. #define SGX_SECINFO_FLAGS_SECS 0x000
  139. #define SGX_SECINFO_FLAGS_TCS 0x100
  140. #define SGX_SECINFO_FLAGS_REG 0x200
  141. typedef struct {
  142. /* header part (signed) */
  143. uint32_t header[4], vendor;
  144. uint32_t date;
  145. uint32_t header2[4];
  146. uint32_t swdefined;
  147. uint8_t reserved1[84];
  148. /* key part (unsigned) */
  149. sgx_arch_key_t modulus;
  150. uint32_t exponent;
  151. sgx_arch_key_t signature;
  152. /* body part (signed) */
  153. uint32_t miscselect, miscselect_mask;
  154. uint8_t reserved2[20];
  155. sgx_arch_attributes_t attributes, attribute_mask;
  156. sgx_arch_hash_t enclave_hash;
  157. uint8_t reserved3[32];
  158. uint16_t isvprodid, isvsvn;
  159. /* tail part (unsigned) */
  160. uint8_t reserved4[12];
  161. sgx_arch_key_t q1, q2;
  162. } __attribute__((packed)) sgx_arch_sigstruct_t;
  163. typedef struct {
  164. uint32_t valid;
  165. uint8_t reserved[44];
  166. sgx_arch_attributes_t attributes;
  167. sgx_arch_hash_t mrenclave;
  168. uint8_t reserved2[32];
  169. sgx_arch_hash_t mrsigner;
  170. uint8_t reserved3[32];
  171. uint64_t cpusvnle[2];
  172. uint16_t isvprodidle, isvsvnle;
  173. uint8_t reserved4[24];
  174. uint32_t miscselect_mask;
  175. sgx_arch_attributes_t attribute_mask;
  176. sgx_arch_hash_t keyid;
  177. uint8_t mac[16];
  178. } __attribute__((packed)) sgx_arch_token_t;
  179. typedef struct {
  180. uint64_t cpusvn[2];
  181. uint32_t miscselect;
  182. uint8_t reserved[28];
  183. sgx_arch_attributes_t attributes;
  184. sgx_arch_hash_t mrenclave;
  185. uint8_t reserved2[32];
  186. sgx_arch_hash_t mrsigner;
  187. uint8_t reserved3[96];
  188. uint16_t isvprodid, isvsvn;
  189. uint8_t reserved4[60];
  190. uint8_t report_data[64];
  191. uint8_t keyid[32];
  192. sgx_arch_mac_t mac;
  193. } __attribute__((packed, aligned(512))) sgx_arch_report_t;
  194. #define SGX_REPORT_SIGNED_SIZE 384
  195. typedef struct {
  196. sgx_arch_hash_t mrenclave;
  197. sgx_arch_attributes_t attributes;
  198. uint8_t reserved[464];
  199. } __attribute__((packed, aligned(512))) sgx_arch_targetinfo_t;
  200. typedef struct {
  201. uint16_t keyname;
  202. uint16_t keypolicy;
  203. uint16_t isvsvn;
  204. uint8_t reserved[2];
  205. uint64_t cpusvn[2];
  206. sgx_arch_attributes_t attributes_mask;
  207. uint8_t keyid[32];
  208. uint32_t miscmask;
  209. uint8_t reserved2[436];
  210. } __attribute__((packed, aligned(512))) sgx_arch_keyrequest_t;
  211. typedef uint8_t sgx_arch_key128_t[16] __attribute__((aligned(16)));
  212. #else /* !__ASSEMBLER__ */
  213. /* microcode to call ENCLU */
  214. .macro ENCLU
  215. .byte 0x0f, 0x01, 0xd7
  216. .endm
  217. #endif
  218. #define EENTER 2
  219. #define ERESUME 3
  220. #define EDBGRD 4
  221. #define EDBGWR 5
  222. #define EREPORT 0
  223. #define EGETKEY 1
  224. #define EEXIT 4
  225. #define LAUNCH_KEY 0
  226. #define PROVISION_KEY 1
  227. #define PROVISION_SEAL_KEY 2
  228. #define REPORT_KEY 3
  229. #define SEAL_KEY 4
  230. #define KEYPOLICY_MRENCLAVE 1
  231. #define KEYPOLICY_MRSIGNER 2
  232. #define SGX_GPR_RAX 0x00
  233. #define SGX_GPR_RCX 0x08
  234. #define SGX_GPR_RDX 0x10
  235. #define SGX_GPR_RBX 0x18
  236. #define SGX_GPR_RSP 0x20
  237. #define SGX_GPR_RBP 0x28
  238. #define SGX_GPR_RSI 0x30
  239. #define SGX_GPR_RDI 0x38
  240. #define SGX_GPR_R8 0x40
  241. #define SGX_GPR_R9 0x48
  242. #define SGX_GPR_R10 0x50
  243. #define SGX_GPR_R11 0x58
  244. #define SGX_GPR_R12 0x60
  245. #define SGX_GPR_R13 0x68
  246. #define SGX_GPR_R14 0x70
  247. #define SGX_GPR_R15 0x78
  248. #define SGX_GPR_RFLAGS 0x80
  249. #define SGX_GPR_RIP 0x88
  250. #define SGX_GPR_EXITINFO 0xa0
  251. #define TCS_SIZE 4096
  252. #define TCS_SHIFT 12
  253. #define XSAVE_SIZE 512
  254. #define STACK_ALIGN 0xfffffffffffffff0
  255. #define XSAVE_ALIGN 0xffffffffffffffc0
  256. #define RETURN_FROM_OCALL 0xffffffffffffffff
  257. #endif /* SGX_ARCH_H */