/* * Copyright (C) 2011-2016 Intel Corporation. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in * the documentation and/or other materials provided with the * distribution. * * Neither the name of Intel Corporation nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef _SE_ARCH_H_ #define _SE_ARCH_H_ #include "inst.h" #include "se_types.h" #include "sgx_attributes.h" #include "sgx_key.h" #include "sgx_report.h" #include "sgx_tcrypto.h" #define SE_PAGE_SIZE 0x1000 #define TCS_SIZE SE_PAGE_SIZE #pragma pack(push, 1) #if !defined(__cplusplus) || defined(__INTEL_COMPILER) || (defined(SE_GNU) && !defined(__GXX_EXPERIMENTAL_CXX0X__)) #define _ASSERT_CONCAT(a, b) a##b #define ASSERT_CONCAT(a, b) _ASSERT_CONCAT(a, b) #define se_static_assert(e) typedef char ASSERT_CONCAT(assert_line, __LINE__)[(e)?1:-1] #else #define se_static_assert(e) static_assert(e,#e) #endif se_static_assert(sizeof(sgx_key_request_t) == 512); se_static_assert(sizeof(sgx_target_info_t) == 512); /*SECS data structure*/ typedef struct _secs_t { uint64_t size; /* ( 0) Size of the enclave in bytes */ PADDED_POINTER(void, base); /* ( 8) Base address of enclave */ uint32_t ssa_frame_size; /* ( 16) size of 1 SSA frame in pages */ sgx_misc_select_t misc_select; /* ( 20) Which fields defined in SSA.MISC */ #define SECS_RESERVED1_LENGTH 24 uint8_t reserved1[SECS_RESERVED1_LENGTH]; /* ( 24) reserved */ sgx_attributes_t attributes; /* ( 48) ATTRIBUTES Flags Field */ sgx_measurement_t mr_enclave; /* ( 64) Integrity Reg 0 - Enclave measurement */ #define SECS_RESERVED2_LENGTH 32 uint8_t reserved2[SECS_RESERVED2_LENGTH]; /* ( 96) reserved */ sgx_measurement_t mr_signer; /* (128) Integrity Reg 1 - Enclave signing key */ #define SECS_RESERVED3_LENGTH 96 uint8_t reserved3[SECS_RESERVED3_LENGTH]; /* (160) reserved */ sgx_prod_id_t isv_prod_id; /* (256) product ID of enclave */ sgx_isv_svn_t isv_svn; /* (258) Security Version of the Enclave */ #define SECS_RESERVED4_LENGTH 3836 uint8_t reserved4[SECS_RESERVED4_LENGTH];/* (260) reserved */ } secs_t; /* TCS flags definitions */ #define DBGOPTIN 1 /* used by debugger */ typedef struct _tcs_t { uint64_t reserved0; /* (0) */ uint64_t flags; /* (8)bit 0: DBGOPTION */ uint64_t ossa; /* (16)State Save Area */ uint32_t cssa; /* (24)Current SSA slot */ uint32_t nssa; /* (28)Number of SSA slots */ uint64_t oentry; /* (32)Offset in enclave to which control is transferred on EENTER if enclave INACTIVE state */ uint64_t reserved1; /* (40) */ uint64_t ofs_base; /* (48)When added to the base address of the enclave, produces the base address FS segment inside the enclave */ uint64_t ogs_base; /* (56)When added to the base address of the enclave, produces the base address GS segment inside the enclave */ uint32_t ofs_limit; /* (64)Size to become the new FS limit in 32-bit mode */ uint32_t ogs_limit; /* (68)Size to become the new GS limit in 32-bit mode */ #define TCS_RESERVED_LENGTH 4024 uint8_t reserved[TCS_RESERVED_LENGTH]; /* (72) */ }tcs_t; se_static_assert(sizeof(tcs_t) == SE_PAGE_SIZE); /**************************************************************************** * Definitions for SSA ****************************************************************************/ typedef struct _exit_info_t { uint32_t vector:8; /* Exception number of exceptions reported inside enclave */ uint32_t exit_type:3; /* 3: Hardware exceptions, 6: Software exceptions */ uint32_t reserved:20; uint32_t valid:1; /* 0: unsupported exceptions, 1: Supported exceptions */ } exit_info_t; #define SE_VECTOR_DE 0 #define SE_VECTOR_DB 1 #define SE_VECTOR_BP 3 #define SE_VECTOR_BR 5 #define SE_VECTOR_UD 6 #define SE_VECTOR_MF 16 #define SE_VECTOR_AC 17 #define SE_VECTOR_XM 19 typedef struct _ssa_gpr_t { REGISTER( ax); /* (0) */ REGISTER( cx); /* (8) */ REGISTER( dx); /* (16) */ REGISTER( bx); /* (24) */ REGISTER( sp); /* (32) */ REGISTER( bp); /* (40) */ REGISTER( si); /* (48) */ REGISTER( di); /* (56) */ uint64_t r8; /* (64) */ uint64_t r9; /* (72) */ uint64_t r10; /* (80) */ uint64_t r11; /* (88) */ uint64_t r12; /* (96) */ uint64_t r13; /* (104) */ uint64_t r14; /* (112) */ uint64_t r15; /* (120) */ REGISTER(flags); /* (128) */ REGISTER( ip); /* (136) */ REGISTER( sp_u); /* (144) untrusted stack pointer. saved by EENTER */ REGISTER( bp_u); /* (152) untrusted frame pointer. saved by EENTER */ exit_info_t exit_info; /* (160) contain information for exits */ uint32_t reserved; /* (164) padding to multiple of 8 bytes */ uint64_t fs; /* (168) FS register */ uint64_t gs; /* (176) GS register */ } ssa_gpr_t; typedef uint64_t si_flags_t; #define SI_FLAG_NONE 0x0 #define SI_FLAG_R 0x1 /* Read Access */ #define SI_FLAG_W 0x2 /* Write Access */ #define SI_FLAG_X 0x4 /* Execute Access */ #define SI_FLAG_PT_LOW_BIT 0x8 /* PT low bit */ #define SI_FLAG_PT_MASK (0xFF<