I think there is an inconsistency between the parameter semantic described in EMODPE Memory Parameter Semantics and the EMODPE's microcode itself. The parameter semantic requires the target EPC to have read permission whereas the microcode does not really enforce this requirement for the to-be-extended page. Also, there are two EPC pages, one for SECINFO and the other for to-be-extended EPC page. Which one does the parameter semantics refer to ?
Here is the relevant microcode part:
(* Check for misconfigured SECINFO flags*) IF (( EPCM(DS:RCX).R=0) and (SCRATCH_SECINFO.FLAGS.R=0) and (SCRATCH_SECINFO.FLAGS.W!=0)) THEN #GP(0); FI; (* Update EPCM permissions *)
Following this, the entire statement needs to be TRUE for the #GP to be triggered. Even if the EPCM(DS:RCX).R is 0, the outcome still depends on the attributes of SCRATCH_SECINFO. For example, if SCRATCH_SECINFO.FLAGS.R = 1 and SCRATCH_SECINFO.FLAGS.W=1, then the target EPC page can be updated from non-read to read-only, which is contradict to the parameter semantic.
I would appreciate if someone help understanding this matter. I am using January 2019 version SDM.
I still cannot understand the EMODPE Memory Parameter Semantics. I don't understand why the to-be-extended EPC needs to have "Read permitted by Enclave".
Following the microcode:
IF (DS:RCX does not resolve within an EPC)
As for this line, it does not require the CPU to read the to-be-extended EPC page to figure out that an EPC page is within EPC or not.
The rest of the microcode involves the EPCM checking, which should not also require read permissions to to-be-extended EPC page.
Did I miss out something ? How should I interpret the memory parameter semantics? From my current understanding, it is the required permission of the to-be-extended page before passing the page as an input to the EMODPE instruction.