drginfo/ia32-64
1
0
Fork 0
forked from NRZCode/ia32-64
Code Pull requests Activity
ia32-64/x86/sexit.html
NRZ Code 92622c37d6 Initial commit
2025-07-08 02:23:29 -03:00

164 lines
9.1 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:svg="http://www.w3.org/2000/svg" xmlns:x86="http://www.felixcloutier.com/x86"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="style.css"></link><title>GETSEC[SEXIT]
— Exit Measured Environment</title></head><body><header><nav><ul><li><a href='index.html'>Index</a></li><li>December 2023</li></ul></nav></header><h1>GETSEC[SEXIT]
— Exit Measured Environment</h1>
<table>
<tr>
<th>Opcode</th>
<th>Instruction</th>
<th>Description</th></tr>
<tr>
<td>NP 0F 37 (EAX=5)</td>
<td>GETSEC[SEXIT]</td>
<td>Exit measured environment.</td></tr></table>
<h2 id="description">Description<a class="anchor" href="#description">
</a></h2>
<p>The GETSEC[SEXIT] instruction initiates an exit of a measured environment established by GETSEC[SENTER]. The SEXIT leaf of GETSEC is selected with EAX set to 5 at execution. This instruction leaf sends a message to all logical processors in the platform to signal the measured environment exit.</p>
<p>There are restrictions enforced by the processor for the execution of the GETSEC[SEXIT] instruction:</p>
<ul>
<li>Execution is not allowed unless the processor is in protected mode (CR0.PE = 1) with CPL = 0 and EFLAGS.VM = 0.</li>
<li>The processor must be in a measured environment as launched by a previous GETSEC[SENTER] instruction, but not still in authenticated code execution mode.</li>
<li>To avoid potential interoperability conflicts between modes, the processor is not allowed to execute this instruction if it currently is in SMM or in VMX operation.</li>
<li>To ensure consistent handling of SIPI messages, the processor executing the GETSEC[SEXIT] instruction must also be designated the BSP (bootstrap processor) as defined by the register bit IA32_APIC_BASE.BSP (bit 8).</li></ul>
<p>Failure to abide by the above conditions results in the processor signaling a general protection violation.</p>
<p>This instruction initiates a sequence to rendezvous the RLPs with the ILP. It then clears the internal processor flag indicating the processor is operating in a measured environment.</p>
<p>In response to a message signaling the completion of rendezvous, all RLPs restart execution with the instruction that was to be executed at the time GETSEC[SEXIT] was recognized. This applies to all processor conditions, with the following exceptions:</p>
<ul>
<li>If an RLP executed HLT and was in this halt state at the time of the message initiated by GETSEC[SEXIT], then execution resumes in the halt state.</li>
<li>If an RLP was executing MWAIT, then a message initiated by GETSEC[SEXIT] causes an exit of the MWAIT state, falling through to the next instruction.</li>
<li>If an RLP was executing an intermediate iteration of a string instruction, then the processor resumes execution of the string instruction at the point which the message initiated by GETSEC[SEXIT] was recognized.</li>
<li>If an RLP is still in the SENTER sleep state (never awakened with GETSEC[WAKEUP]), it will be sent to the wait-for-SIPI state after first clearing the bootstrap processor indicator flag (IA32_APIC_BASE.BSP) and any pending SIPI state. In this case, such RLPs are initialized to an architectural state consistent with having taken a soft reset using the INIT# pin.</li></ul>
<p>Prior to completion of the GETSEC[SEXIT] operation, both the ILP and any active RLPs unmask the response of the external event signals INIT#, A20M, NMI#, and SMI#. This unmasking is performed unconditionally to recognize pin events which are masked after a GETSEC[SENTER]. The state of A20M is unmasked, as the A20M pin is not recognized while the measured environment is active.</p>
<p>On a successful exit of the measured environment, the ILP re-locks the Intel® TXT-capable chipset private configuration space. GETSEC[SEXIT] does not affect the content of any PCR.</p>
<p>At completion of GETSEC[SEXIT] by the ILP, execution proceeds to the next instruction. Since EFLAGS and the debug register state are not modified by this instruction, a pending trap condition is free to be signaled if previously enabled.</p>
<h2 id="operation-in-a-uni-processor-platform">Operation in a Uni-Processor Platform<a class="anchor" href="#operation-in-a-uni-processor-platform">
</a></h2>
<p>(* The state of the internal flag ACMODEFLAG and SENTERFLAG persist across instruction boundary *)</p>
<p><strong>GETSEC[SEXIT] (ILP Only):</strong></p>
<p>IF (CR4.SMXE=0)</p>
<p>THEN #UD;</p>
<p>ELSE IF (in VMX non-root operation)</p>
<p>THEN VM Exit (reason=”GETSEC instruction”);</p>
<p>ELSE IF (GETSEC leaf unsupported)</p>
<p>THEN #UD;</p>
<p>ELSE IF ((in VMX root operation) or</p>
<p>(CR0.PE=0) or (CPL&gt;0) or (EFLAGS.VM=1) or</p>
<p>(IA32_APIC_BASE.BSP=0) or</p>
<p>(TXT chipset not present) or</p>
<p>(SENTERFLAG=0) or (ACMODEFLAG=1) or (IN_SMM=1))</p>
<p>THEN #GP(0);</p>
<p>SignalTXTMsg(SEXIT);</p>
<p>DO</p>
<p>WHILE (no SignalSEXIT message);</p>
<p><strong>TXT_SEXIT_MSG_EVENT (ILP &amp; RLP):</strong></p>
<p>Mask and clear SignalSEXIT event;</p>
<p>Clear MONITOR FSM;</p>
<p>Unmask SignalSENTER event;</p>
<p>IF (in VMX operation)</p>
<p>THEN TXT-SHUTDOWN(#IllegalEvent);</p>
<p>SignalTXTMsg(SEXITAck);</p>
<p>IF (logical processor is not ILP)</p>
<p>THEN GOTO RLP_SEXIT_ROUTINE;</p>
<p>(* ILP waits for all logical processors to ACK *)</p>
<p>DO</p>
<p>DONE := READ(LT.STS);</p>
<p>WHILE (NOT DONE);</p>
<p>SignalTXTMsg(SEXITContinue);</p>
<p>SignalTXTMsg(ClosePrivate);</p>
<p>SENTERFLAG := 0;</p>
<p>Unmask SMI, INIT, A20M, and NMI external pin events;</p>
<p>END;</p>
<p><strong>RLP_SEXIT_ROUTINE (RLPs Only):</strong></p>
<p>Wait for SignalSEXITContinue message;</p>
<p>Unmask SMI, INIT, A20M, and NMI external pin events;</p>
<p>IF (prior execution state = HLT)</p>
<p>THEN reenter HLT state;</p>
<p>IF (prior execution state = SENTER sleep)</p>
<p>THEN</p>
<p>IA32_APIC_BASE.BSP := 0;</p>
<p>Clear pending SIPI state;</p>
<p>Call INIT_PROCESSOR_STATE;</p>
<p>Unmask SIPI event;</p>
<p>GOTO WAIT-FOR-SIPI;</p>
<p>FI;</p>
<p>END;</p>
<h2 id="flags-affected">Flags Affected<a class="anchor" href="#flags-affected">
</a></h2>
<p>ILP: None.</p>
<p>RLPs: All flags are modified for an RLP. returning to wait-for-SIPI state, none otherwise.</p>
<h2 id="use-of-prefixes">Use of Prefixes<a class="anchor" href="#use-of-prefixes">
</a></h2>
<p>LOCK Causes #UD.</p>
<p>REP* Cause #UD (includes REPNE/REPNZ and REP/REPE/REPZ).</p>
<p>Operand size Causes #UD.</p>
<p>NP 66/F2/F3 prefixes are not allowed.</p>
<p>Segmentoverrides Ignored.</p>
<p>Address size Ignored.</p>
<p>REX Ignored.</p>
<h2 class="exceptions" id="protected-mode-exceptions">Protected Mode Exceptions<a class="anchor" href="#protected-mode-exceptions">
</a></h2>
<table>
<tr>
<td rowspan="2">#UD</td>
<td>If CR4.SMXE = 0.</td></tr>
<tr>
<td>If GETSEC[SEXIT] is not reported as supported by GETSEC[CAPABILITIES].</td></tr>
<tr>
<td rowspan="6">#GP(0)</td>
<td>If CR0.PE = 0 or CPL &gt; 0 or EFLAGS.VM = 1.</td></tr>
<tr>
<td>If in VMX root operation.</td></tr>
<tr>
<td>If the initiating processor is not designated via the MSR bit IA32_APIC_BASE.BSP.</td></tr>
<tr>
<td>If an Intel® TXT-capable chipset is not present.</td></tr>
<tr>
<td>If a protected partition is not already active or the processor is already in authenticated code mode.</td></tr>
<tr>
<td>If the processor is in SMM.</td></tr></table>
<h2 class="exceptions" id="real-address-mode-exceptions">Real-Address Mode Exceptions<a class="anchor" href="#real-address-mode-exceptions">
</a></h2>
<table>
<tr>
<td rowspan="2">#UD</td>
<td>If CR4.SMXE = 0.</td></tr>
<tr>
<td>If GETSEC[SEXIT] is not reported as supported by GETSEC[CAPABILITIES].</td></tr>
<tr>
<td>#GP(0)</td>
<td>GETSEC[SEXIT] is not recognized in real-address mode.</td></tr></table>
<h2 class="exceptions" id="virtual-8086-mode-exceptions">Virtual-8086 Mode Exceptions<a class="anchor" href="#virtual-8086-mode-exceptions">
</a></h2>
<table>
<tr>
<td rowspan="2">#UD</td>
<td>If CR4.SMXE = 0.</td></tr>
<tr>
<td>If GETSEC[SEXIT] is not reported as supported by GETSEC[CAPABILITIES].</td></tr>
<tr>
<td>#GP(0)</td>
<td>GETSEC[SEXIT] is not recognized in virtual-8086 mode.</td></tr></table>
<h2 class="exceptions" id="compatibility-mode-exceptions">Compatibility Mode Exceptions<a class="anchor" href="#compatibility-mode-exceptions">
</a></h2>
<p>All protected mode exceptions apply.</p>
<h2 class="exceptions" id="64-bit-mode-exceptions">64-Bit Mode Exceptions<a class="anchor" href="#64-bit-mode-exceptions">
</a></h2>
<p>All protected mode exceptions apply.</p>
<h2 id="vm-exit-condition">VM-Exit Condition<a class="anchor" href="#vm-exit-condition">
</a></h2>
<p>Reason (GETSEC) If in VMX non-root operation.</p><footer><p>
This UNOFFICIAL, mechanically-separated, non-verified reference is provided for convenience, but it may be
inc<span style="opacity: 0.2">omp</span>lete or b<sub>r</sub>oke<sub>n</sub> in various obvious or non-obvious
ways. Refer to <a href="https://software.intel.com/en-us/download/intel-64-and-ia-32-architectures-sdm-combined-volumes-1-2a-2b-2c-2d-3a-3b-3c-3d-and-4">Intel® 64 and IA-32 Architectures Software Developers Manual</a> for anything serious.
</p></footer></body></html>
View git blame Copy permalink