- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
I have a question regarding to which permissions can EMODPR reduce in SGX2. I don't understand one part of the microcode for EMODPR about checking misconfigured SECINFO. My question is why is there a #GP when we reduce the enclave page's permission to read-only ?
The part of the microcode in question is as follows:
IF((SCRATCH_SECINFO reserved fields are not zero) or !(SCRATCH_SECINFO.FLAGS.R is 0 or SCRATCH_SECINFO.FLAGS.W is not 0)) THEN #GP(0); FI;
Assuming the reserved fields are all zero, so the first condition check always evaluates to FALSE. Then I proceed with the next condition using the truth table as follows:
- !(SCRATCH_SECINFO.FLAGS.R = 1 (FALSE) or SCRATCH_SECINFO.FLAGS.W = 1(TRUE)) --> FALSE
- !(SCRATCH_SECINFO.FLAGS.R = 1 (FALSE) or SCRATCH_SECINFO.FLAGS.W = 0(FALSE)) --> True
- !(SCRATCH_SECINFO.FLAGS.R = 0 (TRUE) or SCRATCH_SECINFO.FLAGS.W = 1(TRUE)) --> FALSE
- !(SCRATCH_SECINFO.FLAGS.R = 0 (TRUE) or SCRATCH_SECINFO.FLAGS.W = 0(FALSE)) --> FALSE
Best regards,
Minh
Link Copied
1 Reply
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
It turns out that I am using the version September 2016, which should be outdated. The latest version January 2019 addressed this issue.
Bests,
Minh

Reply
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page