miti
/
graphene


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392
							/* Copyright (C) 2014 Stony Brook University
   This file is part of Graphene Library OS.

   Graphene Library OS is free software: you can redistribute it and/or
   modify it under the terms of the GNU Lesser General Public License
   as published by the Free Software Foundation, either version 3 of the
   License, or (at your option) any later version.

   Graphene Library OS is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   GNU Lesser General Public License for more details.

   You should have received a copy of the GNU Lesser General Public License
   along with this program.  If not, see <http://www.gnu.org/licenses/>.  */

#ifndef SGX_ARCH_H
#define SGX_ARCH_H

#include "pal_linux_defs.h"

#ifndef __ASSEMBLER__

#include <stdint.h>

#include "assert.h"

#pragma pack(push, 1)

#define SE_KEY_SIZE      384
#define SE_EXPONENT_SIZE 4

#define SGX_HASH_SIZE 32
#define SGX_MAC_SIZE  16

typedef struct _sgx_measurement_t {
    uint8_t m[SGX_HASH_SIZE];
} sgx_measurement_t;

typedef uint8_t sgx_mac_t[SGX_MAC_SIZE];

// This if for passing a mac to hex2str
#define MACBUF_SIZE ((sizeof(sgx_mac_t) * 2) + 1)

typedef struct _sgx_attributes_t {
    uint64_t flags;
    uint64_t xfrm;
} sgx_attributes_t;

#define SGX_CPUSVN_SIZE      16
#define SGX_CONFIGID_SIZE    64
#define SGX_KEYID_SIZE       32
#define SGX_REPORT_DATA_SIZE 64

typedef struct _sgx_cpu_svn_t {
    uint8_t svn[SGX_CPUSVN_SIZE];
} sgx_cpu_svn_t;

typedef uint32_t sgx_misc_select_t;
typedef uint16_t sgx_prod_id_t;
typedef uint16_t sgx_isv_svn_t;
typedef uint16_t sgx_config_svn_t;
typedef uint8_t sgx_config_id_t[SGX_CONFIGID_SIZE];

#define SGX_ISVEXT_PROD_ID_SIZE 16
#define SGX_ISV_FAMILY_ID_SIZE  16

typedef uint8_t sgx_isvext_prod_id_t[SGX_ISVEXT_PROD_ID_SIZE];
typedef uint8_t sgx_isvfamily_id_t[SGX_ISV_FAMILY_ID_SIZE];

#define SGX_FLAGS_INITIALIZED   0x01ULL
#define SGX_FLAGS_DEBUG         0x02ULL
#define SGX_FLAGS_MODE64BIT     0x04ULL
#define SGX_FLAGS_PROVISION_KEY 0x10ULL
#define SGX_FLAGS_LICENSE_KEY   0x20ULL

#define SGX_XFRM_LEGACY 0x03ULL
#define SGX_XFRM_AVX    0x06ULL
#define SGX_XFRM_MPX    0x18ULL
#define SGX_XFRM_AVX512 0xe6ULL
#define SGX_XFRM_RESERVED (~(SGX_XFRM_LEGACY | SGX_XFRM_AVX | SGX_XFRM_MPX | SGX_XFRM_AVX512))

#define SGX_MISCSELECT_EXINFO 0x01UL

typedef struct {
    uint64_t          size;
    uint64_t          base;
    uint32_t          ssa_frame_size;
    sgx_misc_select_t misc_select;
    uint8_t           reserved1[24];
    sgx_attributes_t  attributes;
    sgx_measurement_t mr_enclave;
    uint8_t           reserved2[32];
    sgx_measurement_t mr_signer;
    uint8_t           reserved3[32];
    sgx_config_id_t   config_id;
    sgx_prod_id_t     isv_prod_id;
    sgx_isv_svn_t     isv_svn;
    sgx_config_svn_t  config_svn;
    uint8_t           reserved4[3834];
} sgx_arch_secs_t;

typedef struct {
    uint64_t reserved0;
    uint64_t flags;
    uint64_t ossa;
    uint32_t cssa;
    uint32_t nssa;
    uint64_t oentry;
    uint64_t reserved1;
    uint64_t ofs_base;
    uint64_t ogs_base;
    uint32_t ofs_limit;
    uint32_t ogs_limit;
    uint8_t  reserved3[4024];
} sgx_arch_tcs_t;
static_assert(sizeof(sgx_arch_tcs_t) == 4096, "incorrect struct size");

#define TCS_FLAGS_DBGOPTIN (01ULL)

typedef struct {
    uint64_t rax;
    uint64_t rcx;
    uint64_t rdx;
    uint64_t rbx;
    uint64_t rsp;
    uint64_t rbp;
    uint64_t rsi;
    uint64_t rdi;
    uint64_t r8;
    uint64_t r9;
    uint64_t r10;
    uint64_t r11;
    uint64_t r12;
    uint64_t r13;
    uint64_t r14;
    uint64_t r15;
    uint64_t rflags;
    uint64_t rip;
    uint64_t ursp;
    uint64_t urbp;
    uint32_t exitinfo;
    uint32_t reserved;
    uint64_t fsbase;
    uint64_t gsbase;
} sgx_pal_gpr_t;

typedef struct {
    uint64_t rax;
    uint64_t rcx;
    uint64_t rdx;
    uint64_t rbx;
    uint64_t rsp;
    uint64_t rbp;
    uint64_t rsi;
    uint64_t rdi;
    uint64_t r8;
    uint64_t r9;
    uint64_t r10;
    uint64_t r11;
    uint64_t r12;
    uint64_t r13;
    uint64_t r14;
    uint64_t r15;
    uint64_t rflags;
    uint64_t rip;
} sgx_cpu_context_t;

// Required by _restore_sgx_context, see enclave_entry.S.
static_assert(offsetof(sgx_cpu_context_t, rip) - offsetof(sgx_cpu_context_t, rflags) ==
              sizeof(((sgx_cpu_context_t){0}).rflags),
              "rip must be directly after rflags in sgx_cpu_context_t");
static_assert(offsetof(sgx_cpu_context_t, rip) - offsetof(sgx_cpu_context_t, r15) <= RED_ZONE_SIZE,
              "r15 needs to be within red zone distance from rip");
static_assert(offsetof(sgx_cpu_context_t, rip) - offsetof(sgx_cpu_context_t, rsp) <= RED_ZONE_SIZE,
              "rsp needs to be within red zone distance from rip");

typedef struct {
    uint32_t vector : 8;
    uint32_t exit_type : 3;
    uint32_t reserved : 20;
    uint32_t valid : 1;
} sgx_arch_exit_info_t;

#define SGX_EXCEPTION_HARDWARE 3UL
#define SGX_EXCEPTION_SOFTWARE 6UL

#define SGX_EXCEPTION_VECTOR_DE 0UL  /* DIV and IDIV instructions */
#define SGX_EXCEPTION_VECTOR_DB 1UL  /* For Intel use only */
#define SGX_EXCEPTION_VECTOR_BP 3UL  /* INT 3 instruction */
#define SGX_EXCEPTION_VECTOR_BR 5UL  /* BOUND instruction */
#define SGX_EXCEPTION_VECTOR_UD 6UL  /* UD2 instruction or reserved opcodes */
#define SGX_EXCEPTION_VECTOR_MF 16UL /* x87 FPU floating-point or WAIT/FWAIT instruction */
#define SGX_EXCEPTION_VECTOR_AC 17UL /* Any data reference in memory */
#define SGX_EXCEPTION_VECTOR_XM 19UL /* Any SIMD floating-point exceptions */

typedef struct {
    uint64_t lin_addr;
    uint64_t src_pge;
    uint64_t sec_info;
    uint64_t secs;
} sgx_arch_page_info_t;

typedef struct {
    uint64_t flags;
    uint64_t reserved[7];
} sgx_arch_sec_info_t;

#define SGX_SECINFO_FLAGS_R    0x001
#define SGX_SECINFO_FLAGS_W    0x002
#define SGX_SECINFO_FLAGS_X    0x004
#define SGX_SECINFO_FLAGS_SECS 0x000
#define SGX_SECINFO_FLAGS_TCS  0x100
#define SGX_SECINFO_FLAGS_REG  0x200

typedef struct _css_header_t {
    uint8_t  header[12];
    uint32_t type;
    uint32_t module_vendor;
    uint32_t date;
    uint8_t  header2[16];
    uint32_t hw_version;
    uint8_t  reserved[84];
} css_header_t;
static_assert(sizeof(css_header_t) == 128, "incorrect struct size");

typedef struct _css_key_t {
    uint8_t modulus[SE_KEY_SIZE];
    uint8_t exponent[SE_EXPONENT_SIZE];
    uint8_t signature[SE_KEY_SIZE];
} css_key_t;
static_assert(sizeof(css_key_t) == 772, "incorrect struct size");

typedef struct _css_body_t {
    sgx_misc_select_t    misc_select;
    sgx_misc_select_t    misc_mask;
    uint8_t              reserved[4];
    sgx_isvfamily_id_t   isv_family_id;
    sgx_attributes_t     attributes;
    sgx_attributes_t     attribute_mask;
    sgx_measurement_t    enclave_hash;
    uint8_t              reserved2[16];
    sgx_isvext_prod_id_t isvext_prod_id;
    uint16_t             isv_prod_id;
    uint16_t             isv_svn;
} css_body_t;
static_assert(sizeof(css_body_t) == 128, "incorrect struct size");

typedef struct _css_buffer_t {
    uint8_t reserved[12];
    uint8_t q1[SE_KEY_SIZE];
    uint8_t q2[SE_KEY_SIZE];
} css_buffer_t;
static_assert(sizeof(css_buffer_t) == 780, "incorrect struct size");

typedef struct _enclave_css_t {
    css_header_t header;
    css_key_t    key;
    css_body_t   body;
    css_buffer_t buffer;
} sgx_arch_enclave_css_t;
static_assert(sizeof(sgx_arch_enclave_css_t) == 1808, "incorrect struct size");

typedef struct _sgx_key_id_t {
    uint8_t id[SGX_KEYID_SIZE];
} sgx_key_id_t;

typedef struct {
    uint32_t          valid;
    uint32_t          reserved1[11];
    sgx_attributes_t  attributes;
    sgx_measurement_t mr_enclave;
    uint8_t           reserved2[32];
    sgx_measurement_t mr_signer;
    uint8_t           reserved3[32];
} launch_body_t;

typedef struct {
    launch_body_t     body;
    sgx_cpu_svn_t     cpu_svn_le;
    sgx_prod_id_t     isv_prod_id_le;
    sgx_isv_svn_t     isv_svn_le;
    uint8_t           reserved2[24];
    sgx_misc_select_t masked_misc_select_le;
    sgx_attributes_t  attributes_le;
    sgx_key_id_t      key_id;
    sgx_mac_t         mac;
} sgx_arch_token_t;

typedef struct _sgx_report_data_t {
    uint8_t d[SGX_REPORT_DATA_SIZE];
} sgx_report_data_t;

#define __sgx_mem_aligned __attribute__((aligned(512)))

typedef struct _report_body_t {
    sgx_cpu_svn_t     cpu_svn;
    sgx_misc_select_t misc_select;
    uint8_t           reserved1[28];
    sgx_attributes_t  attributes;
    sgx_measurement_t mr_enclave;
    uint8_t           reserved2[32];
    sgx_measurement_t mr_signer;
    uint8_t           reserved3[96];
    sgx_prod_id_t     isv_prod_id;
    sgx_isv_svn_t     isv_svn;
    uint8_t           reserved4[60];
    sgx_report_data_t report_data;
} sgx_report_body_t;

typedef struct _report_t {
    sgx_report_body_t body;
    sgx_key_id_t      key_id;
    sgx_mac_t         mac;
} sgx_report_t;

#define SGX_REPORT_SIGNED_SIZE 384
#define SGX_REPORT_ACTUAL_SIZE 432

typedef struct _target_info_t {
    sgx_measurement_t mr_enclave;
    sgx_attributes_t  attributes;
    uint8_t           reserved1[2];
    sgx_config_svn_t  config_svn;
    sgx_misc_select_t misc_select;
    uint8_t           reserved2[8];
    sgx_config_id_t   config_id;
    uint8_t           reserved3[384];
} sgx_target_info_t;
static_assert(sizeof(sgx_target_info_t) == 512, "incorrect struct size");

typedef struct _key_request_t {
    uint16_t          key_name;
    uint16_t          key_policy;
    sgx_isv_svn_t     isv_svn;
    uint16_t          reserved1;
    sgx_cpu_svn_t     cpu_svn;
    sgx_attributes_t  attribute_mask;
    sgx_key_id_t      key_id;
    sgx_misc_select_t misc_mask;
    sgx_config_svn_t  config_svn;
    uint8_t           reserved2[434];
    // struct is 512-bytes in size, alignment is required for EGETKEY
} sgx_key_request_t;
static_assert(sizeof(sgx_key_request_t) == 512, "incorrect struct size");

#define SGX_TARGETINFO_FILLED_SIZE (sizeof(sgx_measurement_t) + sizeof(sgx_attributes_t))

typedef uint8_t sgx_key_128bit_t[16];

#define ENCLU ".byte 0x0f, 0x01, 0xd7"

#else /* !__ASSEMBLER__ */

/* microcode to call ENCLU */
.macro ENCLU
    .byte 0x0f, 0x01, 0xd7
.endm

#endif

#define EENTER  2
#define ERESUME 3
#define EDBGRD  4
#define EDBGWR  5

#define EREPORT 0
#define EGETKEY 1
#define EEXIT   4

#define LAUNCH_KEY         0
#define PROVISION_KEY      1
#define PROVISION_SEAL_KEY 2
#define REPORT_KEY         3
#define SEAL_KEY           4

#define KEYPOLICY_MRENCLAVE 1
#define KEYPOLICY_MRSIGNER  2

#define XSAVE_SIZE 512

#define STACK_ALIGN       0xfffffffffffffff0
#define XSAVE_ALIGN       0xffffffffffffffc0
#define XSAVE_NON_FX_MASK 0xfffffffffffffffc

#define RETURN_FROM_OCALL 0xffffffffffffffff

#define RFLAGS_DF (1 << 10)
#define RFLAGS_AC (1 << 18)

#pragma pack(pop)
#endif /* SGX_ARCH_H */