drginfo/ia32-64
1
0
Fork 0
forked from NRZCode/ia32-64
Code Pull requests Activity
ia32-64/x86/emodt.html
NRZ Code 92622c37d6 Initial commit
2025-07-08 02:23:29 -03:00

240 lines
8.7 KiB
HTML
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:svg="http://www.w3.org/2000/svg" xmlns:x86="http://www.felixcloutier.com/x86"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="style.css"></link><title>EMODT
— Change the Type of an EPC Page</title></head><body><header><nav><ul><li><a href='index.html'>Index</a></li><li>December 2023</li></ul></nav></header><h1>EMODT
— Change the Type of an EPC Page</h1>
<table>
<tr>
<th>Opcode/Instruction</th>
<th>Op/En</th>
<th>64/32 bit Mode Support</th>
<th>CPUID Feature Flag</th>
<th>Description</th></tr>
<tr>
<td>EAX = 0FH ENCLS[EMODT]</td>
<td>IR</td>
<td>V/V</td>
<td>SGX2</td>
<td>This leaf function changes the type of an existing EPC page.</td></tr></table>
<h2 id="instruction-operand-encoding">Instruction Operand Encoding<a class="anchor" href="#instruction-operand-encoding">
</a></h2>
<table>
<tr>
<td>Op/En </td>
<td colspan="2">EAX</td>
<td>RBX</td>
<td>RCX</td></tr>
<tr>
<td>IR</td>
<td>EMODT (In)</td>
<td>Return Error Code (Out)</td>
<td>Address of a SECINFO (In)</td>
<td>Address of the destination EPC page (In)</td></tr></table>
<h3 id="description">Description<a class="anchor" href="#description">
</a></h3>
<p>This leaf function modifies the type of an EPC page. The security attributes are configured to prevent access to the EPC page at its new type until a corresponding invocation of the EACCEPT leaf confirms the modification. This instruction can only be executed when current privilege level is 0.</p>
<p>RBX contains the effective address of a SECINFO structure while RCX contains the effective address of an EPC page. The table below provides additional information on the memory parameter of the EMODT leaf function.</p>
<h2 id="emodt-memory-parameter-semantics">EMODT Memory Parameter Semantics<a class="anchor" href="#emodt-memory-parameter-semantics">
</a></h2>
<table>
<tr>
<td>SECINFO</td>
<td>EPCPAGE</td></tr>
<tr>
<td>Read access permitted by Non Enclave</td>
<td>Read/Write access permitted by Enclave</td></tr></table>
<p>The instruction faults if any of the following:</p>
<h2 id="emodt-faulting-conditions">EMODT Faulting Conditions<a class="anchor" href="#emodt-faulting-conditions">
</a></h2>
<table>
<tr>
<td>The operands are not properly aligned.</td>
<td>If unsupported security attributes are set.</td></tr>
<tr>
<td>The Enclave is not initialized.</td>
<td>SECS is locked by another thread.</td></tr>
<tr>
<td>The EPC page is locked by another thread.</td>
<td>RCX does not contain an effective address of an EPC page in the running enclave.</td></tr>
<tr>
<td>The EPC page is not valid.</td>
<td></td></tr></table>
<p>The error codes are:</p>
<figure id="tbl-38-34">
<table>
<tr>
<th>Error Code (see <span class="not-imported">Table 38-4</span>)</th>
<th>Description</th></tr>
<tr>
<td>No Error</td>
<td>EMODT successful.</td></tr>
<tr>
<td>SGX_PAGE_NOT_MODIFIABLE</td>
<td>The EPC page cannot be modified because it is in the PENDING or MODIFIED state.</td></tr>
<tr>
<td>SGX_EPC_PAGE_CONFLICT</td>
<td>Page is being written by EADD, EAUG, ECREATE, ELDU/B, EMODPR, or EWB.</td></tr></table>
<figcaption><span class="not-imported">Table 38-34</span>. EMODT Return Value in RAX</figcaption></figure>
<h3 id="concurrency-restrictions">Concurrency Restrictions<a class="anchor" href="#concurrency-restrictions">
</a></h3>
<figure id="tbl-38-35">
<table>
<tr>
<th rowspan="2">Leaf</th>
<th rowspan="2">Parameter</th>
<th colspan="3">Base Concurrency Restrictions</th></tr>
<tr>
<th>Access</th>
<th>On Conflict</th>
<th>SGX_CONFLICT VM Exit Qualification</th></tr>
<tr>
<td>EMODT</td>
<td>Target [DS:RCX]</td>
<td>Exclusive</td>
<td>SGX_EPC_PAGE_ CONFLICT</td>
<td>EPC_PAGE_CONFLICT_ERROR</td></tr></table>
<figcaption><span class="not-imported">Table 38-35</span>. Base Concurrency Restrictions of EMODT</figcaption></figure>
<figure id="tbl-38-36">
<table>
<tr>
<th rowspan="3">Leaf</th>
<th rowspan="3">Parameter</th>
<th colspan="6">Additional Concurrency Restrictions</th></tr>
<tr>
<th colspan="2">vs. EACCEPT, EACCEPTCOPY, EMODPE, EM vs. EACCEPT, EACCEPTCOPY, EMODPE, EMODPR, EMODT</th>
<th colspan="2">vs. EADD, EEXTEND, EINIT</th>
<th colspan="2">vs. ETRACK, ETRACKC</th></tr>
<tr>
<th>Access</th>
<th>On Conflict</th>
<th>Access</th>
<th>On Conflict</th>
<th>Access</th>
<th>On Conflict</th></tr>
<tr>
<td>EMODT</td>
<td>Target [DS:RCX]</td>
<td>Exclusive</td>
<td>SGX_EPC_PAGE _CONFLICT</td>
<td>Concurrent</td>
<td></td>
<td>Concurrent</td>
<td></td></tr></table>
<figcaption><span class="not-imported">Table 38-36</span>. Additional Concurrency Restrictions of EMODT</figcaption></figure>
<h3 id="operation">Operation<a class="anchor" href="#operation">
</a></h3>
<h2 id="temp-variables-in-emodt-operational-flow">Temp Variables in EMODT Operational Flow<a class="anchor" href="#temp-variables-in-emodt-operational-flow">
</a></h2>
<table>
<tr>
<th>Name</th>
<th>Type</th>
<th>Size (bits)</th>
<th>Description</th></tr>
<tr>
<td>TMP_SECS</td>
<td>Effective Address</td>
<td>32/64</td>
<td>Physical address of SECS to which EPC operand belongs.</td></tr>
<tr>
<td>SCRATCH_SECINFO</td>
<td>SECINFO</td>
<td>512</td>
<td>Scratch storage for holding the contents of DS:RBX.</td></tr></table>
<p>IF (DS:RBX is not 64Byte Aligned)</p>
<p>THEN #GP(0); FI;</p>
<p>IF (DS:RCX is not 4KByte Aligned)</p>
<p>THEN #GP(0); FI;</p>
<p>IF (DS:RCX does not resolve within an EPC)</p>
<p>THEN #PF(DS:RCX); FI;</p>
<p>SCRATCH_SECINFO := DS:RBX;</p>
<p>(* Check for misconfigured SECINFO flags*)</p>
<p>IF ( (SCRATCH_SECINFO reserved fields are not zero ) or</p>
<p>!(SCRATCH_SECINFO.FLAGS.PT is PT_TCS or SCRATCH_SECINFO.FLAGS.PT is PT_TRIM) )</p>
<p>THEN #GP(0); FI;</p>
<p>(* Check concurrency with SGX1 instructions on the EPC page *)</p>
<p>IF (other SGX1 instructions accessing EPC page)</p>
<p>THEN</p>
<p>RFLAGS.ZF := 1;</p>
<p>RAX := SGX_EPC_PAGE_CONFLICT;</p>
<p>GOTO DONE;</p>
<p>FI;</p>
<p>IF (EPCM(DS:RCX).VALID is 0)</p>
<p>THEN #PF(DS:RCX); FI;</p>
<p>(* Check the EPC page for concurrency *)</p>
<p>IF (EPC page in use by another SGX2 instruction)</p>
<p>THEN</p>
<p>RFLAGS.ZF := 1;</p>
<p>RAX := SGX_EPC_PAGE_CONFLICT;</p>
<p>GOTO DONE;</p>
<p>FI;</p>
<p>IF (!(EPCM(DS:RCX).PT is PT_REG or</p>
<p>((EPCM(DS:RCX).PT is PT_TCS or PT_SS_FIRST or PT_SS_REST) and SCRATCH_SECINFO.FLAGS.PT is PT_TRIM)))</p>
<p>THEN #PF(DS:RCX); FI;</p>
<p>IF (EPCM(DS:RCX).PENDING is not 0 or (EPCM(DS:RCX).MODIFIED is not 0) )</p>
<p>THEN</p>
<p>RFLAGS.ZF := 1;</p>
<p>RAX := SGX_PAGE_NOT_MODIFIABLE;</p>
<p>GOTO DONE;</p>
<p>FI;</p>
<p>TMP_SECS := GET_SECS_ADDRESS</p>
<p>IF (TMP_SECS.ATTRIBUTES.INIT = 0)</p>
<p>THEN #GP(0); FI;</p>
<p>(* Update EPCM fields *)</p>
<p>EPCM(DS:RCX).PR := 0;</p>
<p>EPCM(DS:RCX).MODIFIED := 1;</p>
<p>EPCM(DS:RCX).R := 0;</p>
<p>EPCM(DS:RCX).W := 0;</p>
<p>EPCM(DS:RCX).X := 0;</p>
<p>EPCM(DS:RCX).PT := SCRATCH_SECINFO.FLAGS.PT;</p>
<p>RFLAGS.ZF := 0;</p>
<p>RAX := 0;</p>
<p>DONE:</p>
<p>RFLAGS.CF,PF,AF,OF,SF := 0;</p>
<h3 id="flags-affected">Flags Affected<a class="anchor" href="#flags-affected">
</a></h3>
<p>Sets ZF if page is not modifiable or if other SGX2 instructions are executing concurrently, otherwise cleared. Clears CF, PF, AF, OF, SF.</p>
<h3 class="exceptions" id="protected-mode-exceptions">Protected Mode Exceptions<a class="anchor" href="#protected-mode-exceptions">
</a></h3>
<table>
<tr>
<td rowspan="3">#GP(0)</td>
<td>If a memory operand effective address is outside the DS segment limit.</td></tr>
<tr>
<td>If a memory operand is not properly aligned.</td></tr>
<tr>
<td>If a memory operand is locked.</td></tr>
<tr>
<td rowspan="2">#PF(error</td>
<td>code) If a page fault occurs in accessing memory operands.</td></tr>
<tr>
<td>If a memory operand is not an EPC page.</td></tr></table>
<h3 class="exceptions" id="64-bit-mode-exceptions">64-Bit Mode Exceptions<a class="anchor" href="#64-bit-mode-exceptions">
</a></h3>
<table>
<tr>
<td rowspan="3">#GP(0)</td>
<td>If a memory operand is non-canonical form.</td></tr>
<tr>
<td>If a memory operand is not properly aligned.</td></tr>
<tr>
<td>If a memory operand is locked.</td></tr>
<tr>
<td rowspan="2">#PF(error</td>
<td>code) If a page fault occurs in accessing memory operands.</td></tr>
<tr>
<td>If a memory operand is not an EPC page.</td></tr></table><footer><p>
This UNOFFICIAL, mechanically-separated, non-verified reference is provided for convenience, but it may be
inc<span style="opacity: 0.2">omp</span>lete or b<sub>r</sub>oke<sub>n</sub> in various obvious or non-obvious
ways. Refer to <a href="https://software.intel.com/en-us/download/intel-64-and-ia-32-architectures-sdm-combined-volumes-1-2a-2b-2c-2d-3a-3b-3c-3d-and-4">Intel® 64 and IA-32 Architectures Software Developers Manual</a> for anything serious.
</p></footer></body></html>
View git blame Copy permalink