linux-headers (unknown)
1 /* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */
2 /*
3 * Copyright(c) 2016-20 Intel Corporation.
4 */
5 #ifndef _ASM_X86_SGX_H
6 #define _ASM_X86_SGX_H
7
8 #include <linux/types.h>
9 #include <linux/ioctl.h>
10
11 /**
12 * enum sgx_page_flags - page control flags
13 * %SGX_PAGE_MEASURE: Measure the page contents with a sequence of
14 * ENCLS[EEXTEND] operations.
15 */
16 enum sgx_page_flags {
17 SGX_PAGE_MEASURE = 0x01,
18 };
19
20 #define SGX_MAGIC 0xA4
21
22 #define SGX_IOC_ENCLAVE_CREATE \
23 _IOW(SGX_MAGIC, 0x00, struct sgx_enclave_create)
24 #define SGX_IOC_ENCLAVE_ADD_PAGES \
25 _IOWR(SGX_MAGIC, 0x01, struct sgx_enclave_add_pages)
26 #define SGX_IOC_ENCLAVE_INIT \
27 _IOW(SGX_MAGIC, 0x02, struct sgx_enclave_init)
28 #define SGX_IOC_ENCLAVE_PROVISION \
29 _IOW(SGX_MAGIC, 0x03, struct sgx_enclave_provision)
30 #define SGX_IOC_VEPC_REMOVE_ALL \
31 _IO(SGX_MAGIC, 0x04)
32 #define SGX_IOC_ENCLAVE_RESTRICT_PERMISSIONS \
33 _IOWR(SGX_MAGIC, 0x05, struct sgx_enclave_restrict_permissions)
34 #define SGX_IOC_ENCLAVE_MODIFY_TYPES \
35 _IOWR(SGX_MAGIC, 0x06, struct sgx_enclave_modify_types)
36 #define SGX_IOC_ENCLAVE_REMOVE_PAGES \
37 _IOWR(SGX_MAGIC, 0x07, struct sgx_enclave_remove_pages)
38
39 /**
40 * struct sgx_enclave_create - parameter structure for the
41 * %SGX_IOC_ENCLAVE_CREATE ioctl
42 * @src: address for the SECS page data
43 */
44 struct sgx_enclave_create {
45 __u64 src;
46 };
47
48 /**
49 * struct sgx_enclave_add_pages - parameter structure for the
50 * %SGX_IOC_ENCLAVE_ADD_PAGE ioctl
51 * @src: start address for the page data
52 * @offset: starting page offset
53 * @length: length of the data (multiple of the page size)
54 * @secinfo: address for the SECINFO data
55 * @flags: page control flags
56 * @count: number of bytes added (multiple of the page size)
57 */
58 struct sgx_enclave_add_pages {
59 __u64 src;
60 __u64 offset;
61 __u64 length;
62 __u64 secinfo;
63 __u64 flags;
64 __u64 count;
65 };
66
67 /**
68 * struct sgx_enclave_init - parameter structure for the
69 * %SGX_IOC_ENCLAVE_INIT ioctl
70 * @sigstruct: address for the SIGSTRUCT data
71 */
72 struct sgx_enclave_init {
73 __u64 sigstruct;
74 };
75
76 /**
77 * struct sgx_enclave_provision - parameter structure for the
78 * %SGX_IOC_ENCLAVE_PROVISION ioctl
79 * @fd: file handle of /dev/sgx_provision
80 */
81 struct sgx_enclave_provision {
82 __u64 fd;
83 };
84
85 /**
86 * struct sgx_enclave_restrict_permissions - parameters for ioctl
87 * %SGX_IOC_ENCLAVE_RESTRICT_PERMISSIONS
88 * @offset: starting page offset (page aligned relative to enclave base
89 * address defined in SECS)
90 * @length: length of memory (multiple of the page size)
91 * @permissions:new permission bits for pages in range described by @offset
92 * and @length
93 * @result: (output) SGX result code of ENCLS[EMODPR] function
94 * @count: (output) bytes successfully changed (multiple of page size)
95 */
96 struct sgx_enclave_restrict_permissions {
97 __u64 offset;
98 __u64 length;
99 __u64 permissions;
100 __u64 result;
101 __u64 count;
102 };
103
104 /**
105 * struct sgx_enclave_modify_types - parameters for ioctl
106 * %SGX_IOC_ENCLAVE_MODIFY_TYPES
107 * @offset: starting page offset (page aligned relative to enclave base
108 * address defined in SECS)
109 * @length: length of memory (multiple of the page size)
110 * @page_type: new type for pages in range described by @offset and @length
111 * @result: (output) SGX result code of ENCLS[EMODT] function
112 * @count: (output) bytes successfully changed (multiple of page size)
113 */
114 struct sgx_enclave_modify_types {
115 __u64 offset;
116 __u64 length;
117 __u64 page_type;
118 __u64 result;
119 __u64 count;
120 };
121
122 /**
123 * struct sgx_enclave_remove_pages - %SGX_IOC_ENCLAVE_REMOVE_PAGES parameters
124 * @offset: starting page offset (page aligned relative to enclave base
125 * address defined in SECS)
126 * @length: length of memory (multiple of the page size)
127 * @count: (output) bytes successfully changed (multiple of page size)
128 *
129 * Regular (PT_REG) or TCS (PT_TCS) can be removed from an initialized
130 * enclave if the system supports SGX2. First, the %SGX_IOC_ENCLAVE_MODIFY_TYPES
131 * ioctl() should be used to change the page type to PT_TRIM. After that
132 * succeeds ENCLU[EACCEPT] should be run from within the enclave and then
133 * %SGX_IOC_ENCLAVE_REMOVE_PAGES can be used to complete the page removal.
134 */
135 struct sgx_enclave_remove_pages {
136 __u64 offset;
137 __u64 length;
138 __u64 count;
139 };
140
141 struct sgx_enclave_run;
142
143 /**
144 * typedef sgx_enclave_user_handler_t - Exit handler function accepted by
145 * __vdso_sgx_enter_enclave()
146 * @run: The run instance given by the caller
147 *
148 * The register parameters contain the snapshot of their values at enclave
149 * exit. An invalid ENCLU function number will cause -EINVAL to be returned
150 * to the caller.
151 *
152 * Return:
153 * - <= 0: The given value is returned back to the caller.
154 * - > 0: ENCLU function to invoke, either EENTER or ERESUME.
155 */
156 typedef int (*sgx_enclave_user_handler_t)(long rdi, long rsi, long rdx,
157 long rsp, long r8, long r9,
158 struct sgx_enclave_run *run);
159
160 /**
161 * struct sgx_enclave_run - the execution context of __vdso_sgx_enter_enclave()
162 * @tcs: TCS used to enter the enclave
163 * @function: The last seen ENCLU function (EENTER, ERESUME or EEXIT)
164 * @exception_vector: The interrupt vector of the exception
165 * @exception_error_code: The exception error code pulled out of the stack
166 * @exception_addr: The address that triggered the exception
167 * @user_handler: User provided callback run on exception
168 * @user_data: Data passed to the user handler
169 * @reserved Reserved for future extensions
170 *
171 * If @user_handler is provided, the handler will be invoked on all return paths
172 * of the normal flow. The user handler may transfer control, e.g. via a
173 * longjmp() call or a C++ exception, without returning to
174 * __vdso_sgx_enter_enclave().
175 */
176 struct sgx_enclave_run {
177 __u64 tcs;
178 __u32 function;
179 __u16 exception_vector;
180 __u16 exception_error_code;
181 __u64 exception_addr;
182 __u64 user_handler;
183 __u64 user_data;
184 __u8 reserved[216];
185 };
186
187 /**
188 * typedef vdso_sgx_enter_enclave_t - Prototype for __vdso_sgx_enter_enclave(),
189 * a vDSO function to enter an SGX enclave.
190 * @rdi: Pass-through value for RDI
191 * @rsi: Pass-through value for RSI
192 * @rdx: Pass-through value for RDX
193 * @function: ENCLU function, must be EENTER or ERESUME
194 * @r8: Pass-through value for R8
195 * @r9: Pass-through value for R9
196 * @run: struct sgx_enclave_run, must be non-NULL
197 *
198 * NOTE: __vdso_sgx_enter_enclave() does not ensure full compliance with the
199 * x86-64 ABI, e.g. doesn't handle XSAVE state. Except for non-volatile
200 * general purpose registers, EFLAGS.DF, and RSP alignment, preserving/setting
201 * state in accordance with the x86-64 ABI is the responsibility of the enclave
202 * and its runtime, i.e. __vdso_sgx_enter_enclave() cannot be called from C
203 * code without careful consideration by both the enclave and its runtime.
204 *
205 * All general purpose registers except RAX, RBX and RCX are passed as-is to the
206 * enclave. RAX, RBX and RCX are consumed by EENTER and ERESUME and are loaded
207 * with @function, asynchronous exit pointer, and @run.tcs respectively.
208 *
209 * RBP and the stack are used to anchor __vdso_sgx_enter_enclave() to the
210 * pre-enclave state, e.g. to retrieve @run.exception and @run.user_handler
211 * after an enclave exit. All other registers are available for use by the
212 * enclave and its runtime, e.g. an enclave can push additional data onto the
213 * stack (and modify RSP) to pass information to the optional user handler (see
214 * below).
215 *
216 * Most exceptions reported on ENCLU, including those that occur within the
217 * enclave, are fixed up and reported synchronously instead of being delivered
218 * via a standard signal. Debug Exceptions (#DB) and Breakpoints (#BP) are
219 * never fixed up and are always delivered via standard signals. On synchronously
220 * reported exceptions, -EFAULT is returned and details about the exception are
221 * recorded in @run.exception, the optional sgx_enclave_exception struct.
222 *
223 * Return:
224 * - 0: ENCLU function was successfully executed.
225 * - -EINVAL: Invalid ENCL number (neither EENTER nor ERESUME).
226 */
227 typedef int (*vdso_sgx_enter_enclave_t)(unsigned long rdi, unsigned long rsi,
228 unsigned long rdx, unsigned int function,
229 unsigned long r8, unsigned long r9,
230 struct sgx_enclave_run *run);
231
232 #endif /* _ASM_X86_SGX_H */
Browse
Usage
Versions