Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.

ENCLS[ECREATE] Programming Reference Error?

Mitch_P_
Beginner
1,761 Views

Hi there,

I'm currently writing a linux kernel extension for ENCLS SGX support. Part of that is trying to find out where I'm #GP(0)-ing during ECREATE.

Looking at the pseudocode for the ECREATE leaf in Section 5.2 "Intel SGX Instruction Reference" of the Intel® Software Guard Extensions Programming Reference (Ref. # 329298-002) I think I've found a logic error in the pseudocode.

One of the PF(0) resulting branches pseudocode (directly from the reference) is below. Screenshot is available at http://i.imgur.com/DmzP4WL.png if there are formatting issues.

(* Make sure that the SECS does not have any unsupported MISCSELECT options*)
IF ( !(CPUID.(EAX=12H, ECX=0):EBX[31:0] & DS:TMP_SECS.MISSELECT[31:0]) )
    THEN
        EPCM(DS:TMP_SECS).EntryLock.Release();
        #GP(0);
FI;

Firstly, I'm lead to believe that 'DS:TMP_SECS.MISSELECT' is a typo, and should be 'DS:TMP_SECS.MISCSELECT' as I can't find any reference to MISSELECT in the document, but that's not the primary concern.

The concern is that if CPUID.(EAX=12H, ECX=0):EBX[31:0] = 0 (which it is on my system), indicating that "the bit vector of supported extended features that can be written to the MISC region of the SSA" are none, that the pseudocode above will always page fault, as 0x0 & {anything} == 0x0, and !0x0 == true.

Is this the actual implementation? I'm not sure whether I'm misunderstanding the pseudocode or whether it's not correctly representing the implementation. Any assistance would be greatly appreciated.

Thanks in advance.

0 Kudos
1 Solution
Francisco_C_Intel
1,761 Views

I think you caught another error. I think it should look like:

IF ( ~(CPUID.(EAX=12H, ECX=0):EBX[31:0]) & DS:TMP_SECS.MISSELECT[31:0] )


 

View solution in original post

0 Kudos
1 Reply
Francisco_C_Intel
1,762 Views

I think you caught another error. I think it should look like:

IF ( ~(CPUID.(EAX=12H, ECX=0):EBX[31:0]) & DS:TMP_SECS.MISSELECT[31:0] )


 

0 Kudos
Reply