uapi/asm/sgx.h

0001 /* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */
0002 /*
0003  * Copyright(c) 2016-20 Intel Corporation.
0004  */
0005 #ifndef _UAPI_ASM_X86_SGX_H
0006 #define _UAPI_ASM_X86_SGX_H
0007
0008 #include <linux/types.h>
0009 #include <linux/ioctl.h>
0010
0011 /**
0012  * enum sgx_page_flags - page control flags
0013  * %SGX_PAGE_MEASURE:   Measure the page contents with a sequence of
0014  *          ENCLS[EEXTEND] operations.
0015  */
0016 enum sgx_page_flags {
0017     SGX_PAGE_MEASURE    = 0x01,
0018 };
0019
0020 #define SGX_MAGIC 0xA4
0021
0022 #define SGX_IOC_ENCLAVE_CREATE \
0023     _IOW(SGX_MAGIC, 0x00, struct sgx_enclave_create)
0024 #define SGX_IOC_ENCLAVE_ADD_PAGES \
0025     _IOWR(SGX_MAGIC, 0x01, struct sgx_enclave_add_pages)
0026 #define SGX_IOC_ENCLAVE_INIT \
0027     _IOW(SGX_MAGIC, 0x02, struct sgx_enclave_init)
0028 #define SGX_IOC_ENCLAVE_PROVISION \
0029     _IOW(SGX_MAGIC, 0x03, struct sgx_enclave_provision)
0030 #define SGX_IOC_VEPC_REMOVE_ALL \
0031     _IO(SGX_MAGIC, 0x04)
0032 #define SGX_IOC_ENCLAVE_RESTRICT_PERMISSIONS \
0033     _IOWR(SGX_MAGIC, 0x05, struct sgx_enclave_restrict_permissions)
0034 #define SGX_IOC_ENCLAVE_MODIFY_TYPES \
0035     _IOWR(SGX_MAGIC, 0x06, struct sgx_enclave_modify_types)
0036 #define SGX_IOC_ENCLAVE_REMOVE_PAGES \
0037     _IOWR(SGX_MAGIC, 0x07, struct sgx_enclave_remove_pages)
0038
0039 /**
0040  * struct sgx_enclave_create - parameter structure for the
0041  *                             %SGX_IOC_ENCLAVE_CREATE ioctl
0042  * @src:    address for the SECS page data
0043  */
0044 struct sgx_enclave_create  {
0045     __u64   src;
0046 };
0047
0048 /**
0049  * struct sgx_enclave_add_pages - parameter structure for the
0050  *                                %SGX_IOC_ENCLAVE_ADD_PAGE ioctl
0051  * @src:    start address for the page data
0052  * @offset: starting page offset
0053  * @length: length of the data (multiple of the page size)
0054  * @secinfo:    address for the SECINFO data
0055  * @flags:  page control flags
0056  * @count:  number of bytes added (multiple of the page size)
0057  */
0058 struct sgx_enclave_add_pages {
0059     __u64 src;
0060     __u64 offset;
0061     __u64 length;
0062     __u64 secinfo;
0063     __u64 flags;
0064     __u64 count;
0065 };
0066
0067 /**
0068  * struct sgx_enclave_init - parameter structure for the
0069  *                           %SGX_IOC_ENCLAVE_INIT ioctl
0070  * @sigstruct:  address for the SIGSTRUCT data
0071  */
0072 struct sgx_enclave_init {
0073     __u64 sigstruct;
0074 };
0075
0076 /**
0077  * struct sgx_enclave_provision - parameter structure for the
0078  *                %SGX_IOC_ENCLAVE_PROVISION ioctl
0079  * @fd:     file handle of /dev/sgx_provision
0080  */
0081 struct sgx_enclave_provision {
0082     __u64 fd;
0083 };
0084
0085 /**
0086  * struct sgx_enclave_restrict_permissions - parameters for ioctl
0087  *                                        %SGX_IOC_ENCLAVE_RESTRICT_PERMISSIONS
0088  * @offset: starting page offset (page aligned relative to enclave base
0089  *      address defined in SECS)
0090  * @length: length of memory (multiple of the page size)
0091  * @permissions:new permission bits for pages in range described by @offset
0092  *              and @length
0093  * @result: (output) SGX result code of ENCLS[EMODPR] function
0094  * @count:  (output) bytes successfully changed (multiple of page size)
0095  */
0096 struct sgx_enclave_restrict_permissions {
0097     __u64 offset;
0098     __u64 length;
0099     __u64 permissions;
0100     __u64 result;
0101     __u64 count;
0102 };
0103
0104 /**
0105  * struct sgx_enclave_modify_types - parameters for ioctl
0106  *                                   %SGX_IOC_ENCLAVE_MODIFY_TYPES
0107  * @offset: starting page offset (page aligned relative to enclave base
0108  *      address defined in SECS)
0109  * @length: length of memory (multiple of the page size)
0110  * @page_type:  new type for pages in range described by @offset and @length
0111  * @result: (output) SGX result code of ENCLS[EMODT] function
0112  * @count:  (output) bytes successfully changed (multiple of page size)
0113  */
0114 struct sgx_enclave_modify_types {
0115     __u64 offset;
0116     __u64 length;
0117     __u64 page_type;
0118     __u64 result;
0119     __u64 count;
0120 };
0121
0122 /**
0123  * struct sgx_enclave_remove_pages - %SGX_IOC_ENCLAVE_REMOVE_PAGES parameters
0124  * @offset: starting page offset (page aligned relative to enclave base
0125  *      address defined in SECS)
0126  * @length: length of memory (multiple of the page size)
0127  * @count:  (output) bytes successfully changed (multiple of page size)
0128  *
0129  * Regular (PT_REG) or TCS (PT_TCS) can be removed from an initialized
0130  * enclave if the system supports SGX2. First, the %SGX_IOC_ENCLAVE_MODIFY_TYPES
0131  * ioctl() should be used to change the page type to PT_TRIM. After that
0132  * succeeds ENCLU[EACCEPT] should be run from within the enclave and then
0133  * %SGX_IOC_ENCLAVE_REMOVE_PAGES can be used to complete the page removal.
0134  */
0135 struct sgx_enclave_remove_pages {
0136     __u64 offset;
0137     __u64 length;
0138     __u64 count;
0139 };
0140
0141 struct sgx_enclave_run;
0142
0143 /**
0144  * typedef sgx_enclave_user_handler_t - Exit handler function accepted by
0145  *                  __vdso_sgx_enter_enclave()
0146  * @run:    The run instance given by the caller
0147  *
0148  * The register parameters contain the snapshot of their values at enclave
0149  * exit. An invalid ENCLU function number will cause -EINVAL to be returned
0150  * to the caller.
0151  *
0152  * Return:
0153  * - <= 0:  The given value is returned back to the caller.
0154  * - > 0:   ENCLU function to invoke, either EENTER or ERESUME.
0155  */
0156 typedef int (*sgx_enclave_user_handler_t)(long rdi, long rsi, long rdx,
0157                       long rsp, long r8, long r9,
0158                       struct sgx_enclave_run *run);
0159
0160 /**
0161  * struct sgx_enclave_run - the execution context of __vdso_sgx_enter_enclave()
0162  * @tcs:            TCS used to enter the enclave
0163  * @function:           The last seen ENCLU function (EENTER, ERESUME or EEXIT)
0164  * @exception_vector:       The interrupt vector of the exception
0165  * @exception_error_code:   The exception error code pulled out of the stack
0166  * @exception_addr:     The address that triggered the exception
0167  * @user_handler:       User provided callback run on exception
0168  * @user_data:          Data passed to the user handler
0169  * @reserved            Reserved for future extensions
0170  *
0171  * If @user_handler is provided, the handler will be invoked on all return paths
0172  * of the normal flow.  The user handler may transfer control, e.g. via a
0173  * longjmp() call or a C++ exception, without returning to
0174  * __vdso_sgx_enter_enclave().
0175  */
0176 struct sgx_enclave_run {
0177     __u64 tcs;
0178     __u32 function;
0179     __u16 exception_vector;
0180     __u16 exception_error_code;
0181     __u64 exception_addr;
0182     __u64 user_handler;
0183     __u64 user_data;
0184     __u8  reserved[216];
0185 };
0186
0187 /**
0188  * typedef vdso_sgx_enter_enclave_t - Prototype for __vdso_sgx_enter_enclave(),
0189  *                    a vDSO function to enter an SGX enclave.
0190  * @rdi:    Pass-through value for RDI
0191  * @rsi:    Pass-through value for RSI
0192  * @rdx:    Pass-through value for RDX
0193  * @function:   ENCLU function, must be EENTER or ERESUME
0194  * @r8:     Pass-through value for R8
0195  * @r9:     Pass-through value for R9
0196  * @run:    struct sgx_enclave_run, must be non-NULL
0197  *
0198  * NOTE: __vdso_sgx_enter_enclave() does not ensure full compliance with the
0199  * x86-64 ABI, e.g. doesn't handle XSAVE state.  Except for non-volatile
0200  * general purpose registers, EFLAGS.DF, and RSP alignment, preserving/setting
0201  * state in accordance with the x86-64 ABI is the responsibility of the enclave
0202  * and its runtime, i.e. __vdso_sgx_enter_enclave() cannot be called from C
0203  * code without careful consideration by both the enclave and its runtime.
0204  *
0205  * All general purpose registers except RAX, RBX and RCX are passed as-is to the
0206  * enclave.  RAX, RBX and RCX are consumed by EENTER and ERESUME and are loaded
0207  * with @function, asynchronous exit pointer, and @run.tcs respectively.
0208  *
0209  * RBP and the stack are used to anchor __vdso_sgx_enter_enclave() to the
0210  * pre-enclave state, e.g. to retrieve @run.exception and @run.user_handler
0211  * after an enclave exit.  All other registers are available for use by the
0212  * enclave and its runtime, e.g. an enclave can push additional data onto the
0213  * stack (and modify RSP) to pass information to the optional user handler (see
0214  * below).
0215  *
0216  * Most exceptions reported on ENCLU, including those that occur within the
0217  * enclave, are fixed up and reported synchronously instead of being delivered
0218  * via a standard signal. Debug Exceptions (#DB) and Breakpoints (#BP) are
0219  * never fixed up and are always delivered via standard signals. On synchronously
0220  * reported exceptions, -EFAULT is returned and details about the exception are
0221  * recorded in @run.exception, the optional sgx_enclave_exception struct.
0222  *
0223  * Return:
0224  * - 0:     ENCLU function was successfully executed.
0225  * - -EINVAL:   Invalid ENCL number (neither EENTER nor ERESUME).
0226  */
0227 typedef int (*vdso_sgx_enter_enclave_t)(unsigned long rdi, unsigned long rsi,
0228                     unsigned long rdx, unsigned int function,
0229                     unsigned long r8,  unsigned long r9,
0230                     struct sgx_enclave_run *run);
0231
0232 #endif /* _UAPI_ASM_X86_SGX_H */