OSCL-LXR |
|
|
|
|||
0001 /* SPDX-License-Identifier: GPL-2.0 */ 0002 /** 0003 * Copyright(c) 2016-20 Intel Corporation. 0004 * 0005 * Intel Software Guard Extensions (SGX) support. 0006 */ 0007 #ifndef _ASM_X86_SGX_H 0008 #define _ASM_X86_SGX_H 0009 0010 #include <linux/bits.h> 0011 #include <linux/types.h> 0012 0013 /* 0014 * This file contains both data structures defined by SGX architecture and Linux 0015 * defined software data structures and functions. The two should not be mixed 0016 * together for better readability. The architectural definitions come first. 0017 */ 0018 0019 /* The SGX specific CPUID function. */ 0020 #define SGX_CPUID 0x12 0021 /* EPC enumeration. */ 0022 #define SGX_CPUID_EPC 2 0023 /* An invalid EPC section, i.e. the end marker. */ 0024 #define SGX_CPUID_EPC_INVALID 0x0 0025 /* A valid EPC section. */ 0026 #define SGX_CPUID_EPC_SECTION 0x1 0027 /* The bitmask for the EPC section type. */ 0028 #define SGX_CPUID_EPC_MASK GENMASK(3, 0) 0029 0030 enum sgx_encls_function { 0031 ECREATE = 0x00, 0032 EADD = 0x01, 0033 EINIT = 0x02, 0034 EREMOVE = 0x03, 0035 EDGBRD = 0x04, 0036 EDGBWR = 0x05, 0037 EEXTEND = 0x06, 0038 ELDU = 0x08, 0039 EBLOCK = 0x09, 0040 EPA = 0x0A, 0041 EWB = 0x0B, 0042 ETRACK = 0x0C, 0043 EAUG = 0x0D, 0044 EMODPR = 0x0E, 0045 EMODT = 0x0F, 0046 }; 0047 0048 /** 0049 * SGX_ENCLS_FAULT_FLAG - flag signifying an ENCLS return code is a trapnr 0050 * 0051 * ENCLS has its own (positive value) error codes and also generates 0052 * ENCLS specific #GP and #PF faults. And the ENCLS values get munged 0053 * with system error codes as everything percolates back up the stack. 0054 * Unfortunately (for us), we need to precisely identify each unique 0055 * error code, e.g. the action taken if EWB fails varies based on the 0056 * type of fault and on the exact SGX error code, i.e. we can't simply 0057 * convert all faults to -EFAULT. 0058 * 0059 * To make all three error types coexist, we set bit 30 to identify an 0060 * ENCLS fault. Bit 31 (technically bits N:31) is used to differentiate 0061 * between positive (faults and SGX error codes) and negative (system 0062 * error codes) values. 0063 */ 0064 #define SGX_ENCLS_FAULT_FLAG 0x40000000 0065 0066 /** 0067 * enum sgx_return_code - The return code type for ENCLS, ENCLU and ENCLV 0068 * %SGX_EPC_PAGE_CONFLICT: Page is being written by other ENCLS function. 0069 * %SGX_NOT_TRACKED: Previous ETRACK's shootdown sequence has not 0070 * been completed yet. 0071 * %SGX_CHILD_PRESENT SECS has child pages present in the EPC. 0072 * %SGX_INVALID_EINITTOKEN: EINITTOKEN is invalid and enclave signer's 0073 * public key does not match IA32_SGXLEPUBKEYHASH. 0074 * %SGX_PAGE_NOT_MODIFIABLE: The EPC page cannot be modified because it 0075 * is in the PENDING or MODIFIED state. 0076 * %SGX_UNMASKED_EVENT: An unmasked event, e.g. INTR, was received 0077 */ 0078 enum sgx_return_code { 0079 SGX_EPC_PAGE_CONFLICT = 7, 0080 SGX_NOT_TRACKED = 11, 0081 SGX_CHILD_PRESENT = 13, 0082 SGX_INVALID_EINITTOKEN = 16, 0083 SGX_PAGE_NOT_MODIFIABLE = 20, 0084 SGX_UNMASKED_EVENT = 128, 0085 }; 0086 0087 /* The modulus size for 3072-bit RSA keys. */ 0088 #define SGX_MODULUS_SIZE 384 0089 0090 /** 0091 * enum sgx_miscselect - additional information to an SSA frame 0092 * %SGX_MISC_EXINFO: Report #PF or #GP to the SSA frame. 0093 * 0094 * Save State Area (SSA) is a stack inside the enclave used to store processor 0095 * state when an exception or interrupt occurs. This enum defines additional 0096 * information stored to an SSA frame. 0097 */ 0098 enum sgx_miscselect { 0099 SGX_MISC_EXINFO = BIT(0), 0100 }; 0101 0102 #define SGX_MISC_RESERVED_MASK GENMASK_ULL(63, 1) 0103 0104 #define SGX_SSA_GPRS_SIZE 184 0105 #define SGX_SSA_MISC_EXINFO_SIZE 16 0106 0107 /** 0108 * enum sgx_attributes - the attributes field in &struct sgx_secs 0109 * %SGX_ATTR_INIT: Enclave can be entered (is initialized). 0110 * %SGX_ATTR_DEBUG: Allow ENCLS(EDBGRD) and ENCLS(EDBGWR). 0111 * %SGX_ATTR_MODE64BIT: Tell that this a 64-bit enclave. 0112 * %SGX_ATTR_PROVISIONKEY: Allow to use provisioning keys for remote 0113 * attestation. 0114 * %SGX_ATTR_KSS: Allow to use key separation and sharing (KSS). 0115 * %SGX_ATTR_EINITTOKENKEY: Allow to use token signing key that is used to 0116 * sign cryptographic tokens that can be passed to 0117 * EINIT as an authorization to run an enclave. 0118 */ 0119 enum sgx_attribute { 0120 SGX_ATTR_INIT = BIT(0), 0121 SGX_ATTR_DEBUG = BIT(1), 0122 SGX_ATTR_MODE64BIT = BIT(2), 0123 SGX_ATTR_PROVISIONKEY = BIT(4), 0124 SGX_ATTR_EINITTOKENKEY = BIT(5), 0125 SGX_ATTR_KSS = BIT(7), 0126 }; 0127 0128 #define SGX_ATTR_RESERVED_MASK (BIT_ULL(3) | BIT_ULL(6) | GENMASK_ULL(63, 8)) 0129 0130 /** 0131 * struct sgx_secs - SGX Enclave Control Structure (SECS) 0132 * @size: size of the address space 0133 * @base: base address of the address space 0134 * @ssa_frame_size: size of an SSA frame 0135 * @miscselect: additional information stored to an SSA frame 0136 * @attributes: attributes for enclave 0137 * @xfrm: XSave-Feature Request Mask (subset of XCR0) 0138 * @mrenclave: SHA256-hash of the enclave contents 0139 * @mrsigner: SHA256-hash of the public key used to sign the SIGSTRUCT 0140 * @config_id: a user-defined value that is used in key derivation 0141 * @isv_prod_id: a user-defined value that is used in key derivation 0142 * @isv_svn: a user-defined value that is used in key derivation 0143 * @config_svn: a user-defined value that is used in key derivation 0144 * 0145 * SGX Enclave Control Structure (SECS) is a special enclave page that is not 0146 * visible in the address space. In fact, this structure defines the address 0147 * range and other global attributes for the enclave and it is the first EPC 0148 * page created for any enclave. It is moved from a temporary buffer to an EPC 0149 * by the means of ENCLS[ECREATE] function. 0150 */ 0151 struct sgx_secs { 0152 u64 size; 0153 u64 base; 0154 u32 ssa_frame_size; 0155 u32 miscselect; 0156 u8 reserved1[24]; 0157 u64 attributes; 0158 u64 xfrm; 0159 u32 mrenclave[8]; 0160 u8 reserved2[32]; 0161 u32 mrsigner[8]; 0162 u8 reserved3[32]; 0163 u32 config_id[16]; 0164 u16 isv_prod_id; 0165 u16 isv_svn; 0166 u16 config_svn; 0167 u8 reserved4[3834]; 0168 } __packed; 0169 0170 /** 0171 * enum sgx_tcs_flags - execution flags for TCS 0172 * %SGX_TCS_DBGOPTIN: If enabled allows single-stepping and breakpoints 0173 * inside an enclave. It is cleared by EADD but can 0174 * be set later with EDBGWR. 0175 */ 0176 enum sgx_tcs_flags { 0177 SGX_TCS_DBGOPTIN = 0x01, 0178 }; 0179 0180 #define SGX_TCS_RESERVED_MASK GENMASK_ULL(63, 1) 0181 #define SGX_TCS_RESERVED_SIZE 4024 0182 0183 /** 0184 * struct sgx_tcs - Thread Control Structure (TCS) 0185 * @state: used to mark an entered TCS 0186 * @flags: execution flags (cleared by EADD) 0187 * @ssa_offset: SSA stack offset relative to the enclave base 0188 * @ssa_index: the current SSA frame index (cleard by EADD) 0189 * @nr_ssa_frames: the number of frame in the SSA stack 0190 * @entry_offset: entry point offset relative to the enclave base 0191 * @exit_addr: address outside the enclave to exit on an exception or 0192 * interrupt 0193 * @fs_offset: offset relative to the enclave base to become FS 0194 * segment inside the enclave 0195 * @gs_offset: offset relative to the enclave base to become GS 0196 * segment inside the enclave 0197 * @fs_limit: size to become a new FS-limit (only 32-bit enclaves) 0198 * @gs_limit: size to become a new GS-limit (only 32-bit enclaves) 0199 * 0200 * Thread Control Structure (TCS) is an enclave page visible in its address 0201 * space that defines an entry point inside the enclave. A thread enters inside 0202 * an enclave by supplying address of TCS to ENCLU(EENTER). A TCS can be entered 0203 * by only one thread at a time. 0204 */ 0205 struct sgx_tcs { 0206 u64 state; 0207 u64 flags; 0208 u64 ssa_offset; 0209 u32 ssa_index; 0210 u32 nr_ssa_frames; 0211 u64 entry_offset; 0212 u64 exit_addr; 0213 u64 fs_offset; 0214 u64 gs_offset; 0215 u32 fs_limit; 0216 u32 gs_limit; 0217 u8 reserved[SGX_TCS_RESERVED_SIZE]; 0218 } __packed; 0219 0220 /** 0221 * struct sgx_pageinfo - an enclave page descriptor 0222 * @addr: address of the enclave page 0223 * @contents: pointer to the page contents 0224 * @metadata: pointer either to a SECINFO or PCMD instance 0225 * @secs: address of the SECS page 0226 */ 0227 struct sgx_pageinfo { 0228 u64 addr; 0229 u64 contents; 0230 u64 metadata; 0231 u64 secs; 0232 } __packed __aligned(32); 0233 0234 0235 /** 0236 * enum sgx_page_type - bits in the SECINFO flags defining the page type 0237 * %SGX_PAGE_TYPE_SECS: a SECS page 0238 * %SGX_PAGE_TYPE_TCS: a TCS page 0239 * %SGX_PAGE_TYPE_REG: a regular page 0240 * %SGX_PAGE_TYPE_VA: a VA page 0241 * %SGX_PAGE_TYPE_TRIM: a page in trimmed state 0242 * 0243 * Make sure when making changes to this enum that its values can still fit 0244 * in the bitfield within &struct sgx_encl_page 0245 */ 0246 enum sgx_page_type { 0247 SGX_PAGE_TYPE_SECS, 0248 SGX_PAGE_TYPE_TCS, 0249 SGX_PAGE_TYPE_REG, 0250 SGX_PAGE_TYPE_VA, 0251 SGX_PAGE_TYPE_TRIM, 0252 }; 0253 0254 #define SGX_NR_PAGE_TYPES 5 0255 #define SGX_PAGE_TYPE_MASK GENMASK(7, 0) 0256 0257 /** 0258 * enum sgx_secinfo_flags - the flags field in &struct sgx_secinfo 0259 * %SGX_SECINFO_R: allow read 0260 * %SGX_SECINFO_W: allow write 0261 * %SGX_SECINFO_X: allow execution 0262 * %SGX_SECINFO_SECS: a SECS page 0263 * %SGX_SECINFO_TCS: a TCS page 0264 * %SGX_SECINFO_REG: a regular page 0265 * %SGX_SECINFO_VA: a VA page 0266 * %SGX_SECINFO_TRIM: a page in trimmed state 0267 */ 0268 enum sgx_secinfo_flags { 0269 SGX_SECINFO_R = BIT(0), 0270 SGX_SECINFO_W = BIT(1), 0271 SGX_SECINFO_X = BIT(2), 0272 SGX_SECINFO_SECS = (SGX_PAGE_TYPE_SECS << 8), 0273 SGX_SECINFO_TCS = (SGX_PAGE_TYPE_TCS << 8), 0274 SGX_SECINFO_REG = (SGX_PAGE_TYPE_REG << 8), 0275 SGX_SECINFO_VA = (SGX_PAGE_TYPE_VA << 8), 0276 SGX_SECINFO_TRIM = (SGX_PAGE_TYPE_TRIM << 8), 0277 }; 0278 0279 #define SGX_SECINFO_PERMISSION_MASK GENMASK_ULL(2, 0) 0280 #define SGX_SECINFO_PAGE_TYPE_MASK (SGX_PAGE_TYPE_MASK << 8) 0281 #define SGX_SECINFO_RESERVED_MASK ~(SGX_SECINFO_PERMISSION_MASK | \ 0282 SGX_SECINFO_PAGE_TYPE_MASK) 0283 0284 /** 0285 * struct sgx_secinfo - describes attributes of an EPC page 0286 * @flags: permissions and type 0287 * 0288 * Used together with ENCLS leaves that add or modify an EPC page to an 0289 * enclave to define page permissions and type. 0290 */ 0291 struct sgx_secinfo { 0292 u64 flags; 0293 u8 reserved[56]; 0294 } __packed __aligned(64); 0295 0296 #define SGX_PCMD_RESERVED_SIZE 40 0297 0298 /** 0299 * struct sgx_pcmd - Paging Crypto Metadata (PCMD) 0300 * @enclave_id: enclave identifier 0301 * @mac: MAC over PCMD, page contents and isvsvn 0302 * 0303 * PCMD is stored for every swapped page to the regular memory. When ELDU loads 0304 * the page back it recalculates the MAC by using a isvsvn number stored in a 0305 * VA page. Together these two structures bring integrity and rollback 0306 * protection. 0307 */ 0308 struct sgx_pcmd { 0309 struct sgx_secinfo secinfo; 0310 u64 enclave_id; 0311 u8 reserved[SGX_PCMD_RESERVED_SIZE]; 0312 u8 mac[16]; 0313 } __packed __aligned(128); 0314 0315 #define SGX_SIGSTRUCT_RESERVED1_SIZE 84 0316 #define SGX_SIGSTRUCT_RESERVED2_SIZE 20 0317 #define SGX_SIGSTRUCT_RESERVED3_SIZE 32 0318 #define SGX_SIGSTRUCT_RESERVED4_SIZE 12 0319 0320 /** 0321 * struct sgx_sigstruct_header - defines author of the enclave 0322 * @header1: constant byte string 0323 * @vendor: must be either 0x0000 or 0x8086 0324 * @date: YYYYMMDD in BCD 0325 * @header2: constant byte string 0326 * @swdefined: software defined value 0327 */ 0328 struct sgx_sigstruct_header { 0329 u64 header1[2]; 0330 u32 vendor; 0331 u32 date; 0332 u64 header2[2]; 0333 u32 swdefined; 0334 u8 reserved1[84]; 0335 } __packed; 0336 0337 /** 0338 * struct sgx_sigstruct_body - defines contents of the enclave 0339 * @miscselect: additional information stored to an SSA frame 0340 * @misc_mask: required miscselect in SECS 0341 * @attributes: attributes for enclave 0342 * @xfrm: XSave-Feature Request Mask (subset of XCR0) 0343 * @attributes_mask: required attributes in SECS 0344 * @xfrm_mask: required XFRM in SECS 0345 * @mrenclave: SHA256-hash of the enclave contents 0346 * @isvprodid: a user-defined value that is used in key derivation 0347 * @isvsvn: a user-defined value that is used in key derivation 0348 */ 0349 struct sgx_sigstruct_body { 0350 u32 miscselect; 0351 u32 misc_mask; 0352 u8 reserved2[20]; 0353 u64 attributes; 0354 u64 xfrm; 0355 u64 attributes_mask; 0356 u64 xfrm_mask; 0357 u8 mrenclave[32]; 0358 u8 reserved3[32]; 0359 u16 isvprodid; 0360 u16 isvsvn; 0361 } __packed; 0362 0363 /** 0364 * struct sgx_sigstruct - an enclave signature 0365 * @header: defines author of the enclave 0366 * @modulus: the modulus of the public key 0367 * @exponent: the exponent of the public key 0368 * @signature: the signature calculated over the fields except modulus, 0369 * @body: defines contents of the enclave 0370 * @q1: a value used in RSA signature verification 0371 * @q2: a value used in RSA signature verification 0372 * 0373 * Header and body are the parts that are actual signed. The remaining fields 0374 * define the signature of the enclave. 0375 */ 0376 struct sgx_sigstruct { 0377 struct sgx_sigstruct_header header; 0378 u8 modulus[SGX_MODULUS_SIZE]; 0379 u32 exponent; 0380 u8 signature[SGX_MODULUS_SIZE]; 0381 struct sgx_sigstruct_body body; 0382 u8 reserved4[12]; 0383 u8 q1[SGX_MODULUS_SIZE]; 0384 u8 q2[SGX_MODULUS_SIZE]; 0385 } __packed; 0386 0387 #define SGX_LAUNCH_TOKEN_SIZE 304 0388 0389 /* 0390 * Do not put any hardware-defined SGX structure representations below this 0391 * comment! 0392 */ 0393 0394 #ifdef CONFIG_X86_SGX_KVM 0395 int sgx_virt_ecreate(struct sgx_pageinfo *pageinfo, void __user *secs, 0396 int *trapnr); 0397 int sgx_virt_einit(void __user *sigstruct, void __user *token, 0398 void __user *secs, u64 *lepubkeyhash, int *trapnr); 0399 #endif 0400 0401 int sgx_set_attribute(unsigned long *allowed_attributes, 0402 unsigned int attribute_fd); 0403 0404 #endif /* _ASM_X86_SGX_H */
| [ Source navigation ] | [ Diff markup ] | [ Identifier search ] | [ general search ] |
|
This page was automatically generated by the 2.1.0 LXR engine. The LXR team |
|