Hi, I am reading the SGX programming Reference, in which it is said that:

"All enclave accesses to the PRMRR region always use the memory type specified by the PRMRR, unless the CR0.CD bit on one of the logical processors on the core running the enclave is set. In other words, PRMRR memory type overrides memory types coming from overlapping MTRRs and all other architectural range registers, and those coming from PAT and EPTs. All non-enclave accesses to PRMRR region result in abort-page semantics, while all enclave code fetch access to non-PRMRR region result in a #GP(0) exception (see Section 2.3 for description of Access Control).
The TYPE field in the PRMRR_BASE register can only be programmed with values UC(0x0) and WB (0x6). Any attempt to write a value other than these two to the TYPE field of the PRMRR_BASE MSR results in #GP. At power-on, all bits in PRMRR_BASE are initialized to 0 and mask."

Actually I was directed here from the paper "Intel SGX Explained" in section 6.6.6:

"An extreme approach that can provably defeat cache timing attacks is disabling caching for the PRM range, which  contains  the  EPC.  The  SDM  is  almost  completely silent about the PRM, but the SGX manuals that it is based on state that the allowable caching behaviors for the PRM range are uncacheable (UC) and write-back (WB). This could become useful if the SGX implementation would make sure that the PRM’s caching behavior cannot be changed while SGX is enabled, and if the selected behavior would be captured by the enclave’s measurement."

It seems that the PRM is cached when I run some test programs, but can we configure it as UC through writing to PRMRR using instructions like wrmsr, although it may not be recommended not to cache PRM? Using the msr-tools I can read PRMRR_BASE and PRMRR_MASK which are 0x88000000 and 0x7ffe000c00 respectively. My question is which is the PRMRR type? Maybe the last 8-bit indicate the type, however type 0 should be uncachaeable which is not?

Very many thanks,

Wenhao