<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" version="2.0">
  <channel>
    <title>topic You can write to the enclave in Intel® Software Guard Extensions (Intel® SGX)</title>
    <link>https://community.intel.com/t5/Intel-Software-Guard-Extensions/DBGOPTIN/m-p/1113439#M1371</link>
    <description>&lt;P&gt;You can write to the enclave using the EDBGWR instruction. You'll need to modify&amp;nbsp;the FLAGS.DBGOPTIN bit in every&amp;nbsp;TCS you have created.&lt;/P&gt;

&lt;P&gt;You can start by looking at&lt;BR /&gt;
	&lt;BR /&gt;
	&lt;SPAN class="pl-k" style="font: 12px/16.8px Consolas, &amp;quot;Liberation Mono&amp;quot;, Menlo, Courier, monospace; color: rgb(167, 29, 93); text-transform: none; text-indent: 0px; letter-spacing: normal; word-spacing: 0px; white-space: pre; box-sizing: border-box; widows: 1; font-size-adjust: none; font-stretch: normal; background-color: rgb(255, 255, 255); -webkit-text-stroke-width: 0px;"&gt;bool&lt;/SPAN&gt;&lt;SPAN style="font: 12px/16.8px Consolas, &amp;quot;Liberation Mono&amp;quot;, Menlo, Courier, monospace; color: rgb(51, 51, 51); text-transform: none; text-indent: 0px; letter-spacing: normal; word-spacing: 0px; float: none; display: inline !important; white-space: pre; widows: 1; font-size-adjust: none; font-stretch: normal; background-color: rgb(255, 255, 255); -webkit-text-stroke-width: 0px;"&gt; &lt;/SPAN&gt;&lt;SPAN class="pl-en" style="font: 12px/16.8px Consolas, &amp;quot;Liberation Mono&amp;quot;, Menlo, Courier, monospace; color: rgb(121, 93, 163); text-transform: none; text-indent: 0px; letter-spacing: normal; word-spacing: 0px; white-space: pre; box-sizing: border-box; widows: 1; font-size-adjust: none; font-stretch: normal; background-color: rgb(255, 255, 255); -webkit-text-stroke-width: 0px;"&gt;CEnclave::update_debug_flag&lt;/SPAN&gt;&lt;SPAN style="font: 12px/16.8px Consolas, &amp;quot;Liberation Mono&amp;quot;, Menlo, Courier, monospace; color: rgb(51, 51, 51); text-transform: none; text-indent: 0px; letter-spacing: normal; word-spacing: 0px; float: none; display: inline !important; white-space: pre; widows: 1; font-size-adjust: none; font-stretch: normal; background-color: rgb(255, 255, 255); -webkit-text-stroke-width: 0px;"&gt;(&lt;/SPAN&gt;&lt;SPAN class="pl-c1" style="font: 12px/16.8px Consolas, &amp;quot;Liberation Mono&amp;quot;, Menlo, Courier, monospace; color: rgb(0, 134, 179); text-transform: none; text-indent: 0px; letter-spacing: normal; word-spacing: 0px; white-space: pre; box-sizing: border-box; widows: 1; font-size-adjust: none; font-stretch: normal; background-color: rgb(255, 255, 255); -webkit-text-stroke-width: 0px;"&gt;uint8_t&lt;/SPAN&gt;&lt;SPAN style="font: 12px/16.8px Consolas, &amp;quot;Liberation Mono&amp;quot;, Menlo, Courier, monospace; color: rgb(51, 51, 51); text-transform: none; text-indent: 0px; letter-spacing: normal; word-spacing: 0px; float: none; display: inline !important; white-space: pre; widows: 1; font-size-adjust: none; font-stretch: normal; background-color: rgb(255, 255, 255); -webkit-text-stroke-width: 0px;"&gt; debug_flag)&lt;/SPAN&gt;&lt;BR /&gt;
	in&lt;BR /&gt;
	&lt;A href="https://github.com/01org/linux-sgx/blob/master/psw/urts/enclave.cpp"&gt;https://github.com/01org/linux-sgx/blob/master/psw/urts/enclave.cpp&lt;/A&gt;&lt;/P&gt;

&lt;P&gt;and trace call&amp;nbsp;flows to&amp;nbsp;see&amp;nbsp;how/when it is currently done. I am not as familiar with the Linux version of the code, but I think the ECLIPSE plugin will work with the runtime to make sure these debug flags/bits are updated appropriately.&lt;/P&gt;

&lt;P&gt;&amp;nbsp;&lt;/P&gt;</description>
    <pubDate>Thu, 30 Jun 2016 15:14:37 GMT</pubDate>
    <dc:creator>Francisco_C_Intel</dc:creator>
    <dc:date>2016-06-30T15:14:37Z</dc:date>
    <item>
      <title>DBGOPTIN</title>
      <link>https://community.intel.com/t5/Intel-Software-Guard-Extensions/DBGOPTIN/m-p/1113438#M1370</link>
      <description>&lt;P&gt;DBGOPTIN bit of&amp;nbsp;TCS.FLAGS must be set in order to allow various debug interface. Intel's Software developer's Manual says:&lt;/P&gt;

&lt;BLOCKQUOTE&gt;
	&lt;P&gt;DBGOPTIN if set, allows debugging features (single-stepping, breakpoints, etc.) to be enabled and active while&lt;BR /&gt;
		executing in the enclave on this TCS. Hardware clears this bit on EADD. A debugger may later&lt;/P&gt;

	&lt;P&gt;modify it if the enclave’s ATTRIBUTES.DEBUG is set.&lt;/P&gt;
&lt;/BLOCKQUOTE&gt;

&lt;P&gt;How is it possible to set the bit back (with Linux SDK) once an enclave is initialized and filled with pages?&lt;/P&gt;</description>
      <pubDate>Thu, 30 Jun 2016 05:31:31 GMT</pubDate>
      <guid>https://community.intel.com/t5/Intel-Software-Guard-Extensions/DBGOPTIN/m-p/1113438#M1370</guid>
      <dc:creator>dmitry_e_1</dc:creator>
      <dc:date>2016-06-30T05:31:31Z</dc:date>
    </item>
    <item>
      <title>You can write to the enclave</title>
      <link>https://community.intel.com/t5/Intel-Software-Guard-Extensions/DBGOPTIN/m-p/1113439#M1371</link>
      <description>&lt;P&gt;You can write to the enclave using the EDBGWR instruction. You'll need to modify&amp;nbsp;the FLAGS.DBGOPTIN bit in every&amp;nbsp;TCS you have created.&lt;/P&gt;

&lt;P&gt;You can start by looking at&lt;BR /&gt;
	&lt;BR /&gt;
	&lt;SPAN class="pl-k" style="font: 12px/16.8px Consolas, &amp;quot;Liberation Mono&amp;quot;, Menlo, Courier, monospace; color: rgb(167, 29, 93); text-transform: none; text-indent: 0px; letter-spacing: normal; word-spacing: 0px; white-space: pre; box-sizing: border-box; widows: 1; font-size-adjust: none; font-stretch: normal; background-color: rgb(255, 255, 255); -webkit-text-stroke-width: 0px;"&gt;bool&lt;/SPAN&gt;&lt;SPAN style="font: 12px/16.8px Consolas, &amp;quot;Liberation Mono&amp;quot;, Menlo, Courier, monospace; color: rgb(51, 51, 51); text-transform: none; text-indent: 0px; letter-spacing: normal; word-spacing: 0px; float: none; display: inline !important; white-space: pre; widows: 1; font-size-adjust: none; font-stretch: normal; background-color: rgb(255, 255, 255); -webkit-text-stroke-width: 0px;"&gt; &lt;/SPAN&gt;&lt;SPAN class="pl-en" style="font: 12px/16.8px Consolas, &amp;quot;Liberation Mono&amp;quot;, Menlo, Courier, monospace; color: rgb(121, 93, 163); text-transform: none; text-indent: 0px; letter-spacing: normal; word-spacing: 0px; white-space: pre; box-sizing: border-box; widows: 1; font-size-adjust: none; font-stretch: normal; background-color: rgb(255, 255, 255); -webkit-text-stroke-width: 0px;"&gt;CEnclave::update_debug_flag&lt;/SPAN&gt;&lt;SPAN style="font: 12px/16.8px Consolas, &amp;quot;Liberation Mono&amp;quot;, Menlo, Courier, monospace; color: rgb(51, 51, 51); text-transform: none; text-indent: 0px; letter-spacing: normal; word-spacing: 0px; float: none; display: inline !important; white-space: pre; widows: 1; font-size-adjust: none; font-stretch: normal; background-color: rgb(255, 255, 255); -webkit-text-stroke-width: 0px;"&gt;(&lt;/SPAN&gt;&lt;SPAN class="pl-c1" style="font: 12px/16.8px Consolas, &amp;quot;Liberation Mono&amp;quot;, Menlo, Courier, monospace; color: rgb(0, 134, 179); text-transform: none; text-indent: 0px; letter-spacing: normal; word-spacing: 0px; white-space: pre; box-sizing: border-box; widows: 1; font-size-adjust: none; font-stretch: normal; background-color: rgb(255, 255, 255); -webkit-text-stroke-width: 0px;"&gt;uint8_t&lt;/SPAN&gt;&lt;SPAN style="font: 12px/16.8px Consolas, &amp;quot;Liberation Mono&amp;quot;, Menlo, Courier, monospace; color: rgb(51, 51, 51); text-transform: none; text-indent: 0px; letter-spacing: normal; word-spacing: 0px; float: none; display: inline !important; white-space: pre; widows: 1; font-size-adjust: none; font-stretch: normal; background-color: rgb(255, 255, 255); -webkit-text-stroke-width: 0px;"&gt; debug_flag)&lt;/SPAN&gt;&lt;BR /&gt;
	in&lt;BR /&gt;
	&lt;A href="https://github.com/01org/linux-sgx/blob/master/psw/urts/enclave.cpp"&gt;https://github.com/01org/linux-sgx/blob/master/psw/urts/enclave.cpp&lt;/A&gt;&lt;/P&gt;

&lt;P&gt;and trace call&amp;nbsp;flows to&amp;nbsp;see&amp;nbsp;how/when it is currently done. I am not as familiar with the Linux version of the code, but I think the ECLIPSE plugin will work with the runtime to make sure these debug flags/bits are updated appropriately.&lt;/P&gt;

&lt;P&gt;&amp;nbsp;&lt;/P&gt;</description>
      <pubDate>Thu, 30 Jun 2016 15:14:37 GMT</pubDate>
      <guid>https://community.intel.com/t5/Intel-Software-Guard-Extensions/DBGOPTIN/m-p/1113439#M1371</guid>
      <dc:creator>Francisco_C_Intel</dc:creator>
      <dc:date>2016-06-30T15:14:37Z</dc:date>
    </item>
    <item>
      <title>Thank you for your response.</title>
      <link>https://community.intel.com/t5/Intel-Software-Guard-Extensions/DBGOPTIN/m-p/1113440#M1372</link>
      <description>&lt;P&gt;Thank you for your response. Do you know if the gdp plugin supports changing the DBGOPTIN bit?&lt;/P&gt;

&lt;P&gt;You mentioned that I can simply use the EDBGWR instruction. Can the App.cpp (the untrusted partition) execute this instruction or it must be an external debugger?&lt;/P&gt;

&lt;P&gt;Is it somehow possible for the enclave to manipulate this bit from the inside of the enclave?&lt;/P&gt;

&lt;P&gt;&amp;nbsp;&lt;/P&gt;</description>
      <pubDate>Sat, 02 Jul 2016 03:17:15 GMT</pubDate>
      <guid>https://community.intel.com/t5/Intel-Software-Guard-Extensions/DBGOPTIN/m-p/1113440#M1372</guid>
      <dc:creator>dmitry_e_1</dc:creator>
      <dc:date>2016-07-02T03:17:15Z</dc:date>
    </item>
    <item>
      <title>&gt;Do you know if the gdp</title>
      <link>https://community.intel.com/t5/Intel-Software-Guard-Extensions/DBGOPTIN/m-p/1113441#M1373</link>
      <description>&lt;P&gt;&amp;gt;Do you know if the gdp plugin supports changing the DBGOPTIN bit?&lt;/P&gt;

&lt;P&gt;Without looking at the code, I would guess that ECLIPSE plugin leverages the GDB plugin. The ECLIPSE portion of the plugin is probably used to setup breakpoints and such, but the actual debugger is GDB, using the GDB plugin &lt;A href="https://github.com/01org/linux-sgx/tree/master/sdk/debugger_interface/linux"&gt;https://github.com/01org/linux-sgx/tree/master/sdk/debugger_interface/linux&lt;/A&gt;&lt;/P&gt;

&lt;P&gt;For your other two questions, Section 5.3 of &lt;A href="https://software.intel.com/sites/default/files/managed/48/88/329298-002.pdf"&gt;&lt;U&gt;&lt;FONT color="#0066cc"&gt;Intel(R) SGX Programming Reference&lt;/FONT&gt;&lt;/U&gt;&lt;/A&gt; describes in greater detail how to execute the instruction. Note that it is a 'system' leaf, so you'll need a driver to actually execute the instruction. If you follow the call flow in &lt;A href="https://github.com/01org/linux-sgx/blob/master/psw/urts/enclave.cpp" rel="nofollow"&gt;&lt;U&gt;&lt;FONT color="#0066cc"&gt;&lt;/FONT&gt;&lt;/U&gt;&lt;/A&gt;&lt;A href="https://github.com/01org/linux-sgx/blob/master/psw/urts/enclave.cpp" target="_blank"&gt;https://github.com/01org/linux-sgx/blob/master/psw/urts/enclave.cpp&lt;/A&gt; it looks like a writing to the memory uses standard file io ( &lt;A href="https://github.com/01org/linux-sgx/blob/master/common/src/se_memory.c"&gt;https://github.com/01org/linux-sgx/blob/master/common/src/se_memory.c&lt;/A&gt; ), but in reality the 'write' call ends up&amp;nbsp;in the driver:&lt;/P&gt;

&lt;P&gt;&lt;A href="https://github.com/01org/linux-sgx-driver/search?utf8=%E2%9C%93&amp;amp;q=edbgwr"&gt;https://github.com/01org/linux-sgx-driver/search?utf8=%E2%9C%93&amp;amp;q=edbgwr&lt;/A&gt;&lt;/P&gt;

&lt;P&gt;&amp;nbsp;&lt;/P&gt;

&lt;P&gt;&amp;nbsp;&lt;/P&gt;</description>
      <pubDate>Wed, 06 Jul 2016 16:22:47 GMT</pubDate>
      <guid>https://community.intel.com/t5/Intel-Software-Guard-Extensions/DBGOPTIN/m-p/1113441#M1373</guid>
      <dc:creator>Francisco_C_Intel</dc:creator>
      <dc:date>2016-07-06T16:22:47Z</dc:date>
    </item>
  </channel>
</rss>

