drginfo/ia32-64
1
0
Fork 0
forked from NRZCode/ia32-64
Code Pull requests Activity
ia32-64/x86/emodt.html

241 lines
8.7 KiB
HTML
Raw Normal View History

Initial commit
2025-07-08 02:23:29 -03:00
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:svg="http://www.w3.org/2000/svg" xmlns:x86="http://www.felixcloutier.com/x86"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="style.css"></link><title>EMODT
— Change the Type of an EPC Page</title></head><body><header><nav><ul><li><a href='index.html'>Index</a></li><li>December 2023</li></ul></nav></header><h1>EMODT
— Change the Type of an EPC Page</h1>
<table>
<tr>
<th>Opcode/Instruction</th>
<th>Op/En</th>
<th>64/32 bit Mode Support</th>
<th>CPUID Feature Flag</th>
<th>Description</th></tr>
<tr>
<td>EAX = 0FH ENCLS[EMODT]</td>
<td>IR</td>
<td>V/V</td>
<td>SGX2</td>
<td>This leaf function changes the type of an existing EPC page.</td></tr></table>
<h2 id="instruction-operand-encoding">Instruction Operand Encoding<a class="anchor" href="#instruction-operand-encoding">
</a></h2>
<table>
<tr>
<td>Op/En </td>
<td colspan="2">EAX</td>
<td>RBX</td>
<td>RCX</td></tr>
<tr>
<td>IR</td>
<td>EMODT (In)</td>
<td>Return Error Code (Out)</td>
<td>Address of a SECINFO (In)</td>
<td>Address of the destination EPC page (In)</td></tr></table>
<h3 id="description">Description<a class="anchor" href="#description">
</a></h3>
<p>This leaf function modifies the type of an EPC page. The security attributes are configured to prevent access to the EPC page at its new type until a corresponding invocation of the EACCEPT leaf confirms the modification. This instruction can only be executed when current privilege level is 0.</p>
<p>RBX contains the effective address of a SECINFO structure while RCX contains the effective address of an EPC page. The table below provides additional information on the memory parameter of the EMODT leaf function.</p>
<h2 id="emodt-memory-parameter-semantics">EMODT Memory Parameter Semantics<a class="anchor" href="#emodt-memory-parameter-semantics">
</a></h2>
<table>
<tr>
<td>SECINFO</td>
<td>EPCPAGE</td></tr>
<tr>
<td>Read access permitted by Non Enclave</td>
<td>Read/Write access permitted by Enclave</td></tr></table>
<p>The instruction faults if any of the following:</p>
<h2 id="emodt-faulting-conditions">EMODT Faulting Conditions<a class="anchor" href="#emodt-faulting-conditions">
</a></h2>
<table>
<tr>
<td>The operands are not properly aligned.</td>
<td>If unsupported security attributes are set.</td></tr>
<tr>
<td>The Enclave is not initialized.</td>
<td>SECS is locked by another thread.</td></tr>
<tr>
<td>The EPC page is locked by another thread.</td>
<td>RCX does not contain an effective address of an EPC page in the running enclave.</td></tr>
<tr>
<td>The EPC page is not valid.</td>
<td></td></tr></table>
<p>The error codes are:</p>
<figure id="tbl-38-34">
<table>
<tr>
<th>Error Code (see <span class="not-imported">Table 38-4</span>)</th>
<th>Description</th></tr>
<tr>
<td>No Error</td>
<td>EMODT successful.</td></tr>
<tr>
<td>SGX_PAGE_NOT_MODIFIABLE</td>
<td>The EPC page cannot be modified because it is in the PENDING or MODIFIED state.</td></tr>
<tr>
<td>SGX_EPC_PAGE_CONFLICT</td>
<td>Page is being written by EADD, EAUG, ECREATE, ELDU/B, EMODPR, or EWB.</td></tr></table>
<figcaption><span class="not-imported">Table 38-34</span>. EMODT Return Value in RAX</figcaption></figure>
<h3 id="concurrency-restrictions">Concurrency Restrictions<a class="anchor" href="#concurrency-restrictions">
</a></h3>
<figure id="tbl-38-35">
<table>
<tr>
<th rowspan="2">Leaf</th>
<th rowspan="2">Parameter</th>
<th colspan="3">Base Concurrency Restrictions</th></tr>
<tr>
<th>Access</th>
<th>On Conflict</th>
<th>SGX_CONFLICT VM Exit Qualification</th></tr>
<tr>
<td>EMODT</td>
<td>Target [DS:RCX]</td>
<td>Exclusive</td>
<td>SGX_EPC_PAGE_ CONFLICT</td>
<td>EPC_PAGE_CONFLICT_ERROR</td></tr></table>
<figcaption><span class="not-imported">Table 38-35</span>. Base Concurrency Restrictions of EMODT</figcaption></figure>
<figure id="tbl-38-36">
<table>
<tr>
<th rowspan="3">Leaf</th>
<th rowspan="3">Parameter</th>
<th colspan="6">Additional Concurrency Restrictions</th></tr>
<tr>
<th colspan="2">vs. EACCEPT, EACCEPTCOPY, EMODPE, EM vs. EACCEPT, EACCEPTCOPY, EMODPE, EMODPR, EMODT</th>
<th colspan="2">vs. EADD, EEXTEND, EINIT</th>
<th colspan="2">vs. ETRACK, ETRACKC</th></tr>
<tr>
<th>Access</th>
<th>On Conflict</th>
<th>Access</th>
<th>On Conflict</th>
<th>Access</th>
<th>On Conflict</th></tr>
<tr>
<td>EMODT</td>
<td>Target [DS:RCX]</td>
<td>Exclusive</td>
<td>SGX_EPC_PAGE _CONFLICT</td>
<td>Concurrent</td>
<td></td>
<td>Concurrent</td>
<td></td></tr></table>
<figcaption><span class="not-imported">Table 38-36</span>. Additional Concurrency Restrictions of EMODT</figcaption></figure>
<h3 id="operation">Operation<a class="anchor" href="#operation">
</a></h3>
<h2 id="temp-variables-in-emodt-operational-flow">Temp Variables in EMODT Operational Flow<a class="anchor" href="#temp-variables-in-emodt-operational-flow">
</a></h2>
<table>
<tr>
<th>Name</th>
<th>Type</th>
<th>Size (bits)</th>
<th>Description</th></tr>
<tr>
<td>TMP_SECS</td>
<td>Effective Address</td>
<td>32/64</td>
<td>Physical address of SECS to which EPC operand belongs.</td></tr>
<tr>
<td>SCRATCH_SECINFO</td>
<td>SECINFO</td>
<td>512</td>
<td>Scratch storage for holding the contents of DS:RBX.</td></tr></table>
<p>IF (DS:RBX is not 64Byte Aligned)</p>
<p>THEN #GP(0); FI;</p>
<p>IF (DS:RCX is not 4KByte Aligned)</p>
<p>THEN #GP(0); FI;</p>
<p>IF (DS:RCX does not resolve within an EPC)</p>
<p>THEN #PF(DS:RCX); FI;</p>
<p>SCRATCH_SECINFO := DS:RBX;</p>
<p>(* Check for misconfigured SECINFO flags*)</p>
<p>IF ( (SCRATCH_SECINFO reserved fields are not zero ) or</p>
<p>!(SCRATCH_SECINFO.FLAGS.PT is PT_TCS or SCRATCH_SECINFO.FLAGS.PT is PT_TRIM) )</p>
<p>THEN #GP(0); FI;</p>
<p>(* Check concurrency with SGX1 instructions on the EPC page *)</p>
<p>IF (other SGX1 instructions accessing EPC page)</p>
<p>THEN</p>
<p>RFLAGS.ZF := 1;</p>
<p>RAX := SGX_EPC_PAGE_CONFLICT;</p>
<p>GOTO DONE;</p>
<p>FI;</p>
<p>IF (EPCM(DS:RCX).VALID is 0)</p>
<p>THEN #PF(DS:RCX); FI;</p>
<p>(* Check the EPC page for concurrency *)</p>
<p>IF (EPC page in use by another SGX2 instruction)</p>
<p>THEN</p>
<p>RFLAGS.ZF := 1;</p>
<p>RAX := SGX_EPC_PAGE_CONFLICT;</p>
<p>GOTO DONE;</p>
<p>FI;</p>
<p>IF (!(EPCM(DS:RCX).PT is PT_REG or</p>
<p>((EPCM(DS:RCX).PT is PT_TCS or PT_SS_FIRST or PT_SS_REST) and SCRATCH_SECINFO.FLAGS.PT is PT_TRIM)))</p>
<p>THEN #PF(DS:RCX); FI;</p>
<p>IF (EPCM(DS:RCX).PENDING is not 0 or (EPCM(DS:RCX).MODIFIED is not 0) )</p>
<p>THEN</p>
<p>RFLAGS.ZF := 1;</p>
<p>RAX := SGX_PAGE_NOT_MODIFIABLE;</p>
<p>GOTO DONE;</p>
<p>FI;</p>
<p>TMP_SECS := GET_SECS_ADDRESS</p>
<p>IF (TMP_SECS.ATTRIBUTES.INIT = 0)</p>
<p>THEN #GP(0); FI;</p>
<p>(* Update EPCM fields *)</p>
<p>EPCM(DS:RCX).PR := 0;</p>
<p>EPCM(DS:RCX).MODIFIED := 1;</p>
<p>EPCM(DS:RCX).R := 0;</p>
<p>EPCM(DS:RCX).W := 0;</p>
<p>EPCM(DS:RCX).X := 0;</p>
<p>EPCM(DS:RCX).PT := SCRATCH_SECINFO.FLAGS.PT;</p>
<p>RFLAGS.ZF := 0;</p>
<p>RAX := 0;</p>
<p>DONE:</p>
<p>RFLAGS.CF,PF,AF,OF,SF := 0;</p>
<h3 id="flags-affected">Flags Affected<a class="anchor" href="#flags-affected">
</a></h3>
<p>Sets ZF if page is not modifiable or if other SGX2 instructions are executing concurrently, otherwise cleared. Clears CF, PF, AF, OF, SF.</p>
<h3 class="exceptions" id="protected-mode-exceptions">Protected Mode Exceptions<a class="anchor" href="#protected-mode-exceptions">
</a></h3>
<table>
<tr>
<td rowspan="3">#GP(0)</td>
<td>If a memory operand effective address is outside the DS segment limit.</td></tr>
<tr>
<td>If a memory operand is not properly aligned.</td></tr>
<tr>
<td>If a memory operand is locked.</td></tr>
<tr>
<td rowspan="2">#PF(error</td>
<td>code) If a page fault occurs in accessing memory operands.</td></tr>
<tr>
<td>If a memory operand is not an EPC page.</td></tr></table>
<h3 class="exceptions" id="64-bit-mode-exceptions">64-Bit Mode Exceptions<a class="anchor" href="#64-bit-mode-exceptions">
</a></h3>
<table>
<tr>
<td rowspan="3">#GP(0)</td>
<td>If a memory operand is non-canonical form.</td></tr>
<tr>
<td>If a memory operand is not properly aligned.</td></tr>
<tr>
<td>If a memory operand is locked.</td></tr>
<tr>
<td rowspan="2">#PF(error</td>
<td>code) If a page fault occurs in accessing memory operands.</td></tr>
<tr>
<td>If a memory operand is not an EPC page.</td></tr></table><footer><p>
This UNOFFICIAL, mechanically-separated, non-verified reference is provided for convenience, but it may be
inc<span style="opacity: 0.2">omp</span>lete or b<sub>r</sub>oke<sub>n</sub> in various obvious or non-obvious
ways. Refer to <a href="https://software.intel.com/en-us/download/intel-64-and-ia-32-architectures-sdm-combined-volumes-1-2a-2b-2c-2d-3a-3b-3c-3d-and-4">Intel® 64 and IA-32 Architectures Software Developers Manual</a> for anything serious.
</p></footer></body></html>
Copy permalink