€•      Œsphinx.addnodes”Œdocument”“”)”}”(Œ	rawsource”Œ ”Œchildren”]”(Œtranslations”ŒLanguagesNode”“”)”}”(hhh]”(h Œpending_xref”“”)”}”(hhh]”Œdocutils.nodes”ŒText”“”ŒChinese (Simplified)”…””}”Œparent”hsbaŒ
attributes”}”(Œids”]”Œclasses”]”Œnames”]”Œdupnames”]”Œbackrefs”]”Œ	refdomain”Œstd”Œreftype”Œdoc”Œ	reftarget”Œ /translations/zh_CN/arch/x86/sgx”Œmodname”NŒ	classname”NŒrefexplicit”ˆuŒtagname”hhhubh)”}”(hhh]”hŒChinese (Traditional)”…””}”hh2sbah}”(h]”h ]”h"]”h$]”h&]”Œ	refdomain”h)Œreftype”h+Œ	reftarget”Œ /translations/zh_TW/arch/x86/sgx”Œmodname”NŒ	classname”NŒrefexplicit”ˆuh1hhhubh)”}”(hhh]”hŒItalian”…””}”hhFsbah}”(h]”h ]”h"]”h$]”h&]”Œ	refdomain”h)Œreftype”h+Œ	reftarget”Œ /translations/it_IT/arch/x86/sgx”Œmodname”NŒ	classname”NŒrefexplicit”ˆuh1hhhubh)”}”(hhh]”hŒJapanese”…””}”hhZsbah}”(h]”h ]”h"]”h$]”h&]”Œ	refdomain”h)Œreftype”h+Œ	reftarget”Œ /translations/ja_JP/arch/x86/sgx”Œmodname”NŒ	classname”NŒrefexplicit”ˆuh1hhhubh)”}”(hhh]”hŒKorean”…””}”hhnsbah}”(h]”h ]”h"]”h$]”h&]”Œ	refdomain”h)Œreftype”h+Œ	reftarget”Œ /translations/ko_KR/arch/x86/sgx”Œmodname”NŒ	classname”NŒrefexplicit”ˆuh1hhhubh)”}”(hhh]”hŒPortuguese (Brazilian)”…””}”hh‚sbah}”(h]”h ]”h"]”h$]”h&]”Œ	refdomain”h)Œreftype”h+Œ	reftarget”Œ /translations/pt_BR/arch/x86/sgx”Œmodname”NŒ	classname”NŒrefexplicit”ˆuh1hhhubh)”}”(hhh]”hŒSpanish”…””}”hh–sbah}”(h]”h ]”h"]”h$]”h&]”Œ	refdomain”h)Œreftype”h+Œ	reftarget”Œ /translations/sp_SP/arch/x86/sgx”Œmodname”NŒ	classname”NŒrefexplicit”ˆuh1hhhubeh}”(h]”h ]”h"]”h$]”h&]”Œcurrent_language”ŒEnglish”uh1h
hhŒ	_document”hŒsource”NŒline”NubhŒcomment”“”)”}”(hŒ SPDX-License-Identifier: GPL-2.0”h]”hŒ SPDX-License-Identifier: GPL-2.0”…””}”hh·sbah}”(h]”h ]”h"]”h$]”h&]”Œ	xml:space”Œpreserve”uh1hµhhh²hh³Œ:/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx.rst”h´KubhŒsection”“”)”}”(hhh]”(hŒtitle”“”)”}”(hŒSoftware Guard eXtensions (SGX)”h]”hŒSoftware Guard eXtensions (SGX)”…””}”(hhÏh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÍhhÊh²hh³hÇh´KubhÉ)”}”(hhh]”(hÎ)”}”(hŒOverview”h]”hŒOverview”…””}”(hhàh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÍhhÝh²hh³hÇh´KubhŒ	paragraph”“”)”}”(hŒ‚Software Guard eXtensions (SGX) hardware enables for user space applications
to set aside private memory regions of code and data:”h]”hŒ‚Software Guard eXtensions (SGX) hardware enables for user space applications
to set aside private memory regions of code and data:”…””}”(hhðh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´K
hhÝh²hubhŒbullet_list”“”)”}”(hhh]”(hŒ	list_item”“”)”}”(hŒPPrivileged (ring-0) ENCLS functions orchestrate the construction of the
regions.”h]”hï)”}”(hŒPPrivileged (ring-0) ENCLS functions orchestrate the construction of the
regions.”h]”hŒPPrivileged (ring-0) ENCLS functions orchestrate the construction of the
regions.”…””}”(hj	  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´Khj  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj   h²hh³hÇh´Nubj  )”}”(hŒdUnprivileged (ring-3) ENCLU functions allow an application to enter and
execute inside the regions.
”h]”hï)”}”(hŒcUnprivileged (ring-3) ENCLU functions allow an application to enter and
execute inside the regions.”h]”hŒcUnprivileged (ring-3) ENCLU functions allow an application to enter and
execute inside the regions.”…””}”(hj!  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´Khj  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj   h²hh³hÇh´Nubeh}”(h]”h ]”h"]”h$]”h&]”Œbullet”Œ*”uh1hþh³hÇh´KhhÝh²hubhï)”}”(hX‘  These memory regions are called enclaves. An enclave can be only entered at a
fixed set of entry points. Each entry point can hold a single hardware thread
at a time.  While the enclave is loaded from a regular binary file by using
ENCLS functions, only the threads inside the enclave can access its memory. The
region is denied from outside access by the CPU, and encrypted before it leaves
from LLC.”h]”hX‘  These memory regions are called enclaves. An enclave can be only entered at a
fixed set of entry points. Each entry point can hold a single hardware thread
at a time.  While the enclave is loaded from a regular binary file by using
ENCLS functions, only the threads inside the enclave can access its memory. The
region is denied from outside access by the CPU, and encrypted before it leaves
from LLC.”…””}”(hj=  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´KhhÝh²hubhï)”}”(hŒ The support can be determined by”h]”hŒ The support can be determined by”…””}”(hjK  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´KhhÝh²hubhŒblock_quote”“”)”}”(hŒ``grep sgx /proc/cpuinfo``
”h]”hï)”}”(hŒ``grep sgx /proc/cpuinfo``”h]”hŒliteral”“”)”}”(hja  h]”hŒgrep sgx /proc/cpuinfo”…””}”(hje  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hj_  ubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´Khj[  ubah}”(h]”h ]”h"]”h$]”h&]”uh1jY  h³hÇh´KhhÝh²hubhï)”}”(hX  SGX must both be supported in the processor and enabled by the BIOS.  If SGX
appears to be unsupported on a system which has hardware support, ensure
support is enabled in the BIOS.  If a BIOS presents a choice between "Enabled"
and "Software Enabled" modes for SGX, choose "Enabled".”h]”hX(  SGX must both be supported in the processor and enabled by the BIOS.  If SGX
appears to be unsupported on a system which has hardware support, ensure
support is enabled in the BIOS.  If a BIOS presents a choice between â€œEnabledâ€
and â€œSoftware Enabledâ€ modes for SGX, choose â€œEnabledâ€.”…””}”(hj~  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´KhhÝh²hubeh}”(h]”Œoverview”ah ]”h"]”Œoverview”ah$]”h&]”uh1hÈhhÊh²hh³hÇh´KubhÉ)”}”(hhh]”(hÎ)”}”(hŒEnclave Page Cache”h]”hŒEnclave Page Cache”…””}”(hj—  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÍhj”  h²hh³hÇh´K#ubhï)”}”(hX=  SGX utilizes an *Enclave Page Cache (EPC)* to store pages that are associated
with an enclave. It is contained in a BIOS-reserved region of physical memory.
Unlike pages used for regular memory, pages can only be accessed from outside of
the enclave during enclave construction with special, limited SGX instructions.”h]”(hŒSGX utilizes an ”…””}”(hj¥  h²hh³Nh´NubhŒemphasis”“”)”}”(hŒ*Enclave Page Cache (EPC)*”h]”hŒEnclave Page Cache (EPC)”…””}”(hj¯  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j­  hj¥  ubhX   to store pages that are associated
with an enclave. It is contained in a BIOS-reserved region of physical memory.
Unlike pages used for regular memory, pages can only be accessed from outside of
the enclave during enclave construction with special, limited SGX instructions.”…””}”(hj¥  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´K%hj”  h²hubhï)”}”(hŒ£Only a CPU executing inside an enclave can directly access enclave memory.
However, a CPU executing inside an enclave may access normal memory outside the
enclave.”h]”hŒ£Only a CPU executing inside an enclave can directly access enclave memory.
However, a CPU executing inside an enclave may access normal memory outside the
enclave.”…””}”(hjÇ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´K*hj”  h²hubhï)”}”(hŒIThe kernel manages enclave memory similar to how it treats device memory.”h]”hŒIThe kernel manages enclave memory similar to how it treats device memory.”…””}”(hjÕ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´K.hj”  h²hubhÉ)”}”(hhh]”(hÎ)”}”(hŒEnclave Page Types”h]”hŒEnclave Page Types”…””}”(hjæ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÍhjã  h²hh³hÇh´K1ubhŒdefinition_list”“”)”}”(hhh]”(hŒdefinition_list_item”“”)”}”(hŒ‚**SGX Enclave Control Structure (SECS)**
Enclave's address range, attributes and other global data are defined
by this structure.
”h]”(hŒterm”“”)”}”(hŒ(**SGX Enclave Control Structure (SECS)**”h]”hŒstrong”“”)”}”(hj  h]”hŒ$SGX Enclave Control Structure (SECS)”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj  ubah}”(h]”h ]”h"]”h$]”h&]”uh1jÿ  h³hÇh´K5hjû  ubhŒ
definition”“”)”}”(hhh]”hï)”}”(hŒXEnclave's address range, attributes and other global data are defined
by this structure.”h]”hŒZEnclaveâ€™s address range, attributes and other global data are defined
by this structure.”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´K4hj  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hjû  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jù  h³hÇh´K5hjö  ubjú  )”}”(hŒM**Regular (REG)**
Regular EPC pages contain the code and data of an enclave.
”h]”(j   )”}”(hŒ**Regular (REG)**”h]”j  )”}”(hj?  h]”hŒRegular (REG)”…””}”(hjA  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj=  ubah}”(h]”h ]”h"]”h$]”h&]”uh1jÿ  h³hÇh´K8hj9  ubj  )”}”(hhh]”hï)”}”(hŒ:Regular EPC pages contain the code and data of an enclave.”h]”hŒ:Regular EPC pages contain the code and data of an enclave.”…””}”(hjW  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´K8hjT  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj9  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jù  h³hÇh´K8hjö  h²hubjú  )”}”(hŒœ**Thread Control Structure (TCS)**
Thread Control Structure pages define the entry points to an enclave and
track the execution state of an enclave thread.
”h]”(j   )”}”(hŒ"**Thread Control Structure (TCS)**”h]”j  )”}”(hjw  h]”hŒThread Control Structure (TCS)”…””}”(hjy  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hju  ubah}”(h]”h ]”h"]”h$]”h&]”uh1jÿ  h³hÇh´K<hjq  ubj  )”}”(hhh]”hï)”}”(hŒxThread Control Structure pages define the entry points to an enclave and
track the execution state of an enclave thread.”h]”hŒxThread Control Structure pages define the entry points to an enclave and
track the execution state of an enclave thread.”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´K;hjŒ  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hjq  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jù  h³hÇh´K<hjö  h²hubjú  )”}”(hŒŠ**Version Array (VA)**
Version Array pages contain 512 slots, each of which can contain a version
number for a page evicted from the EPC.
”h]”(j   )”}”(hŒ**Version Array (VA)**”h]”j  )”}”(hj¯  h]”hŒVersion Array (VA)”…””}”(hj±  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj­  ubah}”(h]”h ]”h"]”h$]”h&]”uh1jÿ  h³hÇh´K@hj©  ubj  )”}”(hhh]”hï)”}”(hŒrVersion Array pages contain 512 slots, each of which can contain a version
number for a page evicted from the EPC.”h]”hŒrVersion Array pages contain 512 slots, each of which can contain a version
number for a page evicted from the EPC.”…””}”(hjÇ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´K?hjÄ  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj©  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jù  h³hÇh´K@hjö  h²hubeh}”(h]”h ]”h"]”h$]”h&]”uh1jô  hjã  h²hh³hÇh´Nubeh}”(h]”Œenclave-page-types”ah ]”h"]”Œenclave page types”ah$]”h&]”uh1hÈhj”  h²hh³hÇh´K1ubhÉ)”}”(hhh]”(hÎ)”}”(hŒEnclave Page Cache Map”h]”hŒEnclave Page Cache Map”…””}”(hjò  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÍhjï  h²hh³hÇh´KCubhï)”}”(hŒñThe processor tracks EPC pages in a hardware metadata structure called the
*Enclave Page Cache Map (EPCM)*.  The EPCM contains an entry for each EPC page
which describes the owning enclave, access rights and page type among the other
things.”h]”(hŒKThe processor tracks EPC pages in a hardware metadata structure called the
”…””}”(hj   h²hh³Nh´Nubj®  )”}”(hŒ*Enclave Page Cache Map (EPCM)*”h]”hŒEnclave Page Cache Map (EPCM)”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j­  hj   ubhŒ‡.  The EPCM contains an entry for each EPC page
which describes the owning enclave, access rights and page type among the other
things.”…””}”(hj   h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´KEhjï  h²hubhï)”}”(hX  EPCM permissions are separate from the normal page tables.  This prevents the
kernel from, for instance, allowing writes to data which an enclave wishes to
remain read-only.  EPCM permissions may only impose additional restrictions on
top of normal x86 page permissions.”h]”hX  EPCM permissions are separate from the normal page tables.  This prevents the
kernel from, for instance, allowing writes to data which an enclave wishes to
remain read-only.  EPCM permissions may only impose additional restrictions on
top of normal x86 page permissions.”…””}”(hj   h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´KJhjï  h²hubhï)”}”(hX9  For all intents and purposes, the SGX architecture allows the processor to
invalidate all EPCM entries at will.  This requires that software be prepared to
handle an EPCM fault at any time.  In practice, this can happen on events like
power transitions when the ephemeral key that encrypts enclave memory is lost.”h]”hX9  For all intents and purposes, the SGX architecture allows the processor to
invalidate all EPCM entries at will.  This requires that software be prepared to
handle an EPCM fault at any time.  In practice, this can happen on events like
power transitions when the ephemeral key that encrypts enclave memory is lost.”…””}”(hj.  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´KOhjï  h²hubeh}”(h]”Œenclave-page-cache-map”ah ]”h"]”Œenclave page cache map”ah$]”h&]”uh1hÈhj”  h²hh³hÇh´KCubeh}”(h]”Œenclave-page-cache”ah ]”h"]”Œenclave page cache”ah$]”h&]”uh1hÈhhÊh²hh³hÇh´K#ubhÉ)”}”(hhh]”(hÎ)”}”(hŒApplication interface”h]”hŒApplication interface”…””}”(hjO  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÍhjL  h²hh³hÇh´KUubhÉ)”}”(hhh]”(hÎ)”}”(hŒEnclave build functions”h]”hŒEnclave build functions”…””}”(hj`  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÍhj]  h²hh³hÇh´KXubhï)”}”(hX¯  In addition to the traditional compiler and linker build process, SGX has a
separate enclave â€œbuildâ€ process.  Enclaves must be built before they can be
executed (entered). The first step in building an enclave is opening the
**/dev/sgx_enclave** device.  Since enclave memory is protected from direct
access, special privileged instructions are then used to copy data into enclave
pages and establish enclave page permissions.”h]”(hŒæIn addition to the traditional compiler and linker build process, SGX has a
separate enclave â€œbuildâ€ process.  Enclaves must be built before they can be
executed (entered). The first step in building an enclave is opening the
”…””}”(hjn  h²hh³Nh´Nubj  )”}”(hŒ**/dev/sgx_enclave**”h]”hŒ/dev/sgx_enclave”…””}”(hjv  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hjn  ubhŒµ device.  Since enclave memory is protected from direct
access, special privileged instructions are then used to copy data into enclave
pages and establish enclave page permissions.”…””}”(hjn  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´KZhj]  h²hubh Œindex”“”)”}”(hhh]”h}”(h]”h ]”h"]”h$]”h&]”Œentries”]”(Œsingle”Œ#sgx_ioc_enclave_create (C function)”Œc.sgx_ioc_enclave_create”hNt”auh1jŽ  hj]  h²hh³Nh´Nubh Œdesc”“”)”}”(hhh]”(h Œdesc_signature”“”)”}”(hŒElong sgx_ioc_enclave_create (struct sgx_encl *encl, void __user *arg)”h]”h Œdesc_signature_line”“”)”}”(hŒDlong sgx_ioc_enclave_create(struct sgx_encl *encl, void __user *arg)”h]”(h Œdesc_sig_keyword_type”“”)”}”(hŒlong”h]”hŒlong”…””}”(hj²  h²hh³Nh´Nubah}”(h]”h ]”Œkt”ah"]”h$]”h&]”uh1j°  hj¬  h²hh³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´Kubh Œdesc_sig_space”“”)”}”(hŒ ”h]”hŒ ”…””}”(hjÄ  h²hh³Nh´Nubah}”(h]”h ]”Œw”ah"]”h$]”h&]”uh1jÂ  hj¬  h²hh³jÁ  h´Kubh Œ	desc_name”“”)”}”(hŒsgx_ioc_enclave_create”h]”h Œdesc_sig_name”“”)”}”(hŒsgx_ioc_enclave_create”h]”hŒsgx_ioc_enclave_create”…””}”(hjÛ  h²hh³Nh´Nubah}”(h]”h ]”Œn”ah"]”h$]”h&]”uh1jÙ  hjÕ  ubah}”(h]”h ]”(Œsig-name”Œdescname”eh"]”h$]”h&]”hÅhÆuh1jÓ  hj¬  h²hh³jÁ  h´Kubh Œdesc_parameterlist”“”)”}”(hŒ)(struct sgx_encl *encl, void __user *arg)”h]”(h Œdesc_parameter”“”)”}”(hŒstruct sgx_encl *encl”h]”(h Œdesc_sig_keyword”“”)”}”(hŒstruct”h]”hŒstruct”…””}”(hj   h²hh³Nh´Nubah}”(h]”h ]”Œk”ah"]”h$]”h&]”uh1jþ  hjú  ubjÃ  )”}”(hŒ ”h]”hŒ ”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”jÏ  ah"]”h$]”h&]”uh1jÂ  hjú  ubh)”}”(hhh]”jÚ  )”}”(hŒsgx_encl”h]”hŒsgx_encl”…””}”(hj   h²hh³Nh´Nubah}”(h]”h ]”jæ  ah"]”h$]”h&]”uh1jÙ  hj  ubah}”(h]”h ]”h"]”h$]”h&]”Œ	refdomain”Œc”Œreftype”Œ
identifier”Œ	reftarget”j"  Œmodname”NŒ	classname”NŒc:parent_key”Œsphinx.domains.c”Œ	LookupKey”“”)”}”Œdata”]”j<  ŒASTIdentifier”“”)”}”j7  jÝ  sbŒc.sgx_ioc_enclave_create”†”asbuh1hhjú  ubjÃ  )”}”(hŒ ”h]”hŒ ”…””}”(hjI  h²hh³Nh´Nubah}”(h]”h ]”jÏ  ah"]”h$]”h&]”uh1jÂ  hjú  ubh Œdesc_sig_punctuation”“”)”}”(hj<  h]”hŒ*”…””}”(hjY  h²hh³Nh´Nubah}”(h]”h ]”Œp”ah"]”h$]”h&]”uh1jW  hjú  ubjÚ  )”}”(hŒencl”h]”hŒencl”…””}”(hjg  h²hh³Nh´Nubah}”(h]”h ]”jæ  ah"]”h$]”h&]”uh1jÙ  hjú  ubeh}”(h]”h ]”h"]”h$]”h&]”Œnoemph”ˆhÅhÆuh1jø  hjô  ubjù  )”}”(hŒvoid __user *arg”h]”(j±  )”}”(hŒvoid”h]”hŒvoid”…””}”(hj€  h²hh³Nh´Nubah}”(h]”h ]”j½  ah"]”h$]”h&]”uh1j°  hj|  ubjÃ  )”}”(hŒ ”h]”hŒ ”…””}”(hjŽ  h²hh³Nh´Nubah}”(h]”h ]”jÏ  ah"]”h$]”h&]”uh1jÂ  hj|  ubhŒ__user”…””}”(hj|  h²hh³Nh´NubjÃ  )”}”(hŒ ”h]”hŒ ”…””}”(hj   h²hh³Nh´Nubah}”(h]”h ]”jÏ  ah"]”h$]”h&]”uh1jÂ  hj|  ubjX  )”}”(hj<  h]”hŒ*”…””}”(hj®  h²hh³Nh´Nubah}”(h]”h ]”jc  ah"]”h$]”h&]”uh1jW  hj|  ubjÚ  )”}”(hŒarg”h]”hŒarg”…””}”(hj»  h²hh³Nh´Nubah}”(h]”h ]”jæ  ah"]”h$]”h&]”uh1jÙ  hj|  ubeh}”(h]”h ]”h"]”h$]”h&]”Œnoemph”ˆhÅhÆuh1jø  hjô  ubeh}”(h]”h ]”h"]”h$]”h&]”hÅhÆuh1jò  hj¬  h²hh³jÁ  h´Kubeh}”(h]”h ]”h"]”h$]”h&]”hÅhÆŒadd_permalink”ˆuh1jª  Œsphinx_line_type”Œ
declarator”hj¦  h²hh³jÁ  h´Kubah}”(h]”j  ah ]”(Œsig”Œ
sig-object”eh"]”h$]”h&]”Œis_multiline”ˆŒ
_toc_parts”)Œ	_toc_name”huh1j¤  h³jÁ  h´Khj¡  h²hubh Œdesc_content”“”)”}”(hhh]”hï)”}”(hŒ&handler for ``SGX_IOC_ENCLAVE_CREATE``”h]”(hŒhandler for ”…””}”(hjï  h²hh³Nh´Nubjd  )”}”(hŒ``SGX_IOC_ENCLAVE_CREATE``”h]”hŒSGX_IOC_ENCLAVE_CREATE”…””}”(hj÷  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hjï  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´Khjì  h²hubah}”(h]”h ]”h"]”h$]”h&]”uh1jê  hj¡  h²hh³jÁ  h´Kubeh}”(h]”h ]”(j5  Œfunction”eh"]”h$]”h&]”Œdomain”j5  Œobjtype”j  Œdesctype”j  Œnoindex”‰Œnoindexentry”‰Œnocontentsentry”‰uh1jŸ  h²hhj]  h³Nh´NubhŒ	container”“”)”}”(hX  **Parameters**

``struct sgx_encl *encl``
  An enclave pointer.

``void __user *arg``
  The ioctl argument.

**Description**

Allocate kernel data structures for the enclave and invoke ECREATE.

**Return**

- 0:         Success.
- -EIO:      ECREATE failed.
- -errno:    POSIX error.”h]”(hï)”}”(hŒ**Parameters**”h]”j  )”}”(hj'  h]”hŒ
Parameters”…””}”(hj)  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj%  ubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´K”hj!  ubjõ  )”}”(hhh]”(jú  )”}”(hŒ.``struct sgx_encl *encl``
An enclave pointer.
”h]”(j   )”}”(hŒ``struct sgx_encl *encl``”h]”jd  )”}”(hjF  h]”hŒstruct sgx_encl *encl”…””}”(hjH  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hjD  ubah}”(h]”h ]”h"]”h$]”h&]”uh1jÿ  h³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´K‘hj@  ubj  )”}”(hhh]”hï)”}”(hŒAn enclave pointer.”h]”hŒAn enclave pointer.”…””}”(hj_  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³j[  h´K‘hj\  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj@  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jù  h³j[  h´K‘hj=  ubjú  )”}”(hŒ)``void __user *arg``
The ioctl argument.
”h]”(j   )”}”(hŒ``void __user *arg``”h]”jd  )”}”(hj  h]”hŒvoid __user *arg”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hj}  ubah}”(h]”h ]”h"]”h$]”h&]”uh1jÿ  h³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´K’hjy  ubj  )”}”(hhh]”hï)”}”(hŒThe ioctl argument.”h]”hŒThe ioctl argument.”…””}”(hj˜  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³j”  h´K’hj•  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hjy  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jù  h³j”  h´K’hj=  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jô  hj!  ubhï)”}”(hŒ**Description**”h]”j  )”}”(hjº  h]”hŒDescription”…””}”(hj¼  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj¸  ubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´K”hj!  ubhï)”}”(hŒCAllocate kernel data structures for the enclave and invoke ECREATE.”h]”hŒCAllocate kernel data structures for the enclave and invoke ECREATE.”…””}”(hjÐ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´K“hj!  ubhï)”}”(hŒ
**Return**”h]”j  )”}”(hjá  h]”hŒReturn”…””}”(hjã  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hjß  ubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´K•hj!  ubhÿ)”}”(hhh]”(j  )”}”(hŒ0:         Success.”h]”hï)”}”(hjü  h]”hŒ0:         Success.”…””}”(hjþ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´K–hjú  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj÷  ubj  )”}”(hŒ-EIO:      ECREATE failed.”h]”hï)”}”(hj  h]”hŒ-EIO:      ECREATE failed.”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´K—hj  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj÷  ubj  )”}”(hŒ-errno:    POSIX error.”h]”hï)”}”(hj,  h]”hŒ-errno:    POSIX error.”…””}”(hj.  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´K˜hj*  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj÷  ubeh}”(h]”h ]”h"]”h$]”h&]”j;  Œ-”uh1hþh³j  h´K–hj!  ubeh}”(h]”h ]”Œkernelindent”ah"]”h$]”h&]”uh1j  hj]  h²hh³Nh´Nubj  )”}”(hhh]”h}”(h]”h ]”h"]”h$]”h&]”Œentries”]”(j›  Œ&sgx_ioc_enclave_add_pages (C function)”Œc.sgx_ioc_enclave_add_pages”hNt”auh1jŽ  hj]  h²hh³Nh´Nubj   )”}”(hhh]”(j¥  )”}”(hŒHlong sgx_ioc_enclave_add_pages (struct sgx_encl *encl, void __user *arg)”h]”j«  )”}”(hŒGlong sgx_ioc_enclave_add_pages(struct sgx_encl *encl, void __user *arg)”h]”(j±  )”}”(hŒlong”h]”hŒlong”…””}”(hji  h²hh³Nh´Nubah}”(h]”h ]”j½  ah"]”h$]”h&]”uh1j°  hje  h²hh³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´MyubjÃ  )”}”(hŒ ”h]”hŒ ”…””}”(hjx  h²hh³Nh´Nubah}”(h]”h ]”jÏ  ah"]”h$]”h&]”uh1jÂ  hje  h²hh³jw  h´MyubjÔ  )”}”(hŒsgx_ioc_enclave_add_pages”h]”jÚ  )”}”(hŒsgx_ioc_enclave_add_pages”h]”hŒsgx_ioc_enclave_add_pages”…””}”(hjŠ  h²hh³Nh´Nubah}”(h]”h ]”jæ  ah"]”h$]”h&]”uh1jÙ  hj†  ubah}”(h]”h ]”(jí  jî  eh"]”h$]”h&]”hÅhÆuh1jÓ  hje  h²hh³jw  h´Myubjó  )”}”(hŒ)(struct sgx_encl *encl, void __user *arg)”h]”(jù  )”}”(hŒstruct sgx_encl *encl”h]”(jÿ  )”}”(hj  h]”hŒstruct”…””}”(hj¦  h²hh³Nh´Nubah}”(h]”h ]”j  ah"]”h$]”h&]”uh1jþ  hj¢  ubjÃ  )”}”(hŒ ”h]”hŒ ”…””}”(hj³  h²hh³Nh´Nubah}”(h]”h ]”jÏ  ah"]”h$]”h&]”uh1jÂ  hj¢  ubh)”}”(hhh]”jÚ  )”}”(hŒsgx_encl”h]”hŒsgx_encl”…””}”(hjÄ  h²hh³Nh´Nubah}”(h]”h ]”jæ  ah"]”h$]”h&]”uh1jÙ  hjÁ  ubah}”(h]”h ]”h"]”h$]”h&]”Œ	refdomain”j5  Œreftype”j7  Œ	reftarget”jÆ  Œmodname”NŒ	classname”Nj;  j>  )”}”jA  ]”jD  )”}”j7  jŒ  sbŒc.sgx_ioc_enclave_add_pages”†”asbuh1hhj¢  ubjÃ  )”}”(hŒ ”h]”hŒ ”…””}”(hjä  h²hh³Nh´Nubah}”(h]”h ]”jÏ  ah"]”h$]”h&]”uh1jÂ  hj¢  ubjX  )”}”(hj<  h]”hŒ*”…””}”(hjò  h²hh³Nh´Nubah}”(h]”h ]”jc  ah"]”h$]”h&]”uh1jW  hj¢  ubjÚ  )”}”(hŒencl”h]”hŒencl”…””}”(hjÿ  h²hh³Nh´Nubah}”(h]”h ]”jæ  ah"]”h$]”h&]”uh1jÙ  hj¢  ubeh}”(h]”h ]”h"]”h$]”h&]”Œnoemph”ˆhÅhÆuh1jø  hjž  ubjù  )”}”(hŒvoid __user *arg”h]”(j±  )”}”(hŒvoid”h]”hŒvoid”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”j½  ah"]”h$]”h&]”uh1j°  hj  ubjÃ  )”}”(hŒ ”h]”hŒ ”…””}”(hj&  h²hh³Nh´Nubah}”(h]”h ]”jÏ  ah"]”h$]”h&]”uh1jÂ  hj  ubhŒ__user”…””}”(hj  h²hh³Nh´NubjÃ  )”}”(hŒ ”h]”hŒ ”…””}”(hj8  h²hh³Nh´Nubah}”(h]”h ]”jÏ  ah"]”h$]”h&]”uh1jÂ  hj  ubjX  )”}”(hj<  h]”hŒ*”…””}”(hjF  h²hh³Nh´Nubah}”(h]”h ]”jc  ah"]”h$]”h&]”uh1jW  hj  ubjÚ  )”}”(hŒarg”h]”hŒarg”…””}”(hjS  h²hh³Nh´Nubah}”(h]”h ]”jæ  ah"]”h$]”h&]”uh1jÙ  hj  ubeh}”(h]”h ]”h"]”h$]”h&]”Œnoemph”ˆhÅhÆuh1jø  hjž  ubeh}”(h]”h ]”h"]”h$]”h&]”hÅhÆuh1jò  hje  h²hh³jw  h´Myubeh}”(h]”h ]”h"]”h$]”h&]”hÅhÆjÜ  ˆuh1jª  jÝ  jÞ  hja  h²hh³jw  h´Myubah}”(h]”j\  ah ]”(jâ  jã  eh"]”h$]”h&]”jç  ˆjè  )jé  huh1j¤  h³jw  h´Myhj^  h²hubjë  )”}”(hhh]”hï)”}”(hŒ-The handler for ``SGX_IOC_ENCLAVE_ADD_PAGES``”h]”(hŒThe handler for ”…””}”(hj}  h²hh³Nh´Nubjd  )”}”(hŒ``SGX_IOC_ENCLAVE_ADD_PAGES``”h]”hŒSGX_IOC_ENCLAVE_ADD_PAGES”…””}”(hj…  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hj}  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´Myhjz  h²hubah}”(h]”h ]”h"]”h$]”h&]”uh1jê  hj^  h²hh³jw  h´Myubeh}”(h]”h ]”(j5  Œfunction”eh"]”h$]”h&]”j  j5  j  j£  j  j£  j  ‰j  ‰j  ‰uh1jŸ  h²hhj]  h³Nh´Nubj   )”}”(hXñ  **Parameters**

``struct sgx_encl *encl``
  an enclave pointer

``void __user *arg``
  a user pointer to a struct sgx_enclave_add_pages instance

**Description**

Add one or more pages to an uninitialized enclave, and optionally extend the
measurement with the contents of the page. The SECINFO and measurement mask
are applied to all pages.

A SECINFO for a TCS is required to always contain zero permissions because
CPU silently zeros them. Allowing anything else would cause a mismatch in
the measurement.

mmap()'s protection bits are capped by the page permissions. For each page
address, the maximum protection bits are computed with the following
heuristics:

1. A regular page: PROT_R, PROT_W and PROT_X match the SECINFO permissions.
2. A TCS page: PROT_R | PROT_W.

mmap() is not allowed to surpass the minimum of the maximum protection bits
within the given address range.

The function deinitializes kernel data structures for enclave and returns
-EIO in any of the following conditions:

- Enclave Page Cache (EPC), the physical memory holding enclaves, has
  been invalidated. This will cause EADD and EEXTEND to fail.
- If the source address is corrupted somehow when executing EADD.

**Return**

- 0:         Success.
- -EACCES:   The source page is located in a noexec partition.
- -ENOMEM:   Out of EPC pages.
- -EINTR:    The call was interrupted before data was processed.
- -EIO:      Either EADD or EEXTEND failed because invalid source address
             or power cycle.
- -errno:    POSIX error.”h]”(hï)”}”(hŒ**Parameters**”h]”j  )”}”(hj­  h]”hŒ
Parameters”…””}”(hj¯  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj«  ubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M}hj§  ubjõ  )”}”(hhh]”(jú  )”}”(hŒ-``struct sgx_encl *encl``
an enclave pointer
”h]”(j   )”}”(hŒ``struct sgx_encl *encl``”h]”jd  )”}”(hjÌ  h]”hŒstruct sgx_encl *encl”…””}”(hjÎ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hjÊ  ubah}”(h]”h ]”h"]”h$]”h&]”uh1jÿ  h³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´MzhjÆ  ubj  )”}”(hhh]”hï)”}”(hŒan enclave pointer”h]”hŒan enclave pointer”…””}”(hjå  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³já  h´Mzhjâ  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hjÆ  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jù  h³já  h´MzhjÃ  ubjú  )”}”(hŒO``void __user *arg``
a user pointer to a struct sgx_enclave_add_pages instance
”h]”(j   )”}”(hŒ``void __user *arg``”h]”jd  )”}”(hj  h]”hŒvoid __user *arg”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hj  ubah}”(h]”h ]”h"]”h$]”h&]”uh1jÿ  h³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M{hjÿ  ubj  )”}”(hhh]”hï)”}”(hŒ9a user pointer to a struct sgx_enclave_add_pages instance”h]”hŒ9a user pointer to a struct sgx_enclave_add_pages instance”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³j  h´M{hj  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hjÿ  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jù  h³j  h´M{hjÃ  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jô  hj§  ubhï)”}”(hŒ**Description**”h]”j  )”}”(hj@  h]”hŒDescription”…””}”(hjB  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj>  ubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M}hj§  ubhï)”}”(hŒ²Add one or more pages to an uninitialized enclave, and optionally extend the
measurement with the contents of the page. The SECINFO and measurement mask
are applied to all pages.”h]”hŒ²Add one or more pages to an uninitialized enclave, and optionally extend the
measurement with the contents of the page. The SECINFO and measurement mask
are applied to all pages.”…””}”(hjV  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M|hj§  ubhï)”}”(hŒ¥A SECINFO for a TCS is required to always contain zero permissions because
CPU silently zeros them. Allowing anything else would cause a mismatch in
the measurement.”h]”hŒ¥A SECINFO for a TCS is required to always contain zero permissions because
CPU silently zeros them. Allowing anything else would cause a mismatch in
the measurement.”…””}”(hje  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M€hj§  ubhï)”}”(hŒ›mmap()'s protection bits are capped by the page permissions. For each page
address, the maximum protection bits are computed with the following
heuristics:”h]”hŒmmap()â€™s protection bits are capped by the page permissions. For each page
address, the maximum protection bits are computed with the following
heuristics:”…””}”(hjt  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M„hj§  ubhŒenumerated_list”“”)”}”(hhh]”(j  )”}”(hŒHA regular page: PROT_R, PROT_W and PROT_X match the SECINFO permissions.”h]”hï)”}”(hjŠ  h]”hŒHA regular page: PROT_R, PROT_W and PROT_X match the SECINFO permissions.”…””}”(hjŒ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´Mˆhjˆ  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj…  ubj  )”}”(hŒA TCS page: PROT_R | PROT_W.
”h]”hï)”}”(hŒA TCS page: PROT_R | PROT_W.”h]”hŒA TCS page: PROT_R | PROT_W.”…””}”(hj¤  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M‰hj   ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj…  ubeh}”(h]”h ]”h"]”h$]”h&]”Œenumtype”Œarabic”Œprefix”hŒsuffix”Œ.”uh1jƒ  hj§  ubhï)”}”(hŒkmmap() is not allowed to surpass the minimum of the maximum protection bits
within the given address range.”h]”hŒkmmap() is not allowed to surpass the minimum of the maximum protection bits
within the given address range.”…””}”(hjÄ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M‹hj§  ubhï)”}”(hŒrThe function deinitializes kernel data structures for enclave and returns
-EIO in any of the following conditions:”h]”hŒrThe function deinitializes kernel data structures for enclave and returns
-EIO in any of the following conditions:”…””}”(hjÓ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´MŽhj§  ubhÿ)”}”(hhh]”(j  )”}”(hŒEnclave Page Cache (EPC), the physical memory holding enclaves, has
been invalidated. This will cause EADD and EEXTEND to fail.”h]”hï)”}”(hŒEnclave Page Cache (EPC), the physical memory holding enclaves, has
been invalidated. This will cause EADD and EEXTEND to fail.”h]”hŒEnclave Page Cache (EPC), the physical memory holding enclaves, has
been invalidated. This will cause EADD and EEXTEND to fail.”…””}”(hjé  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M‘hjå  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hjâ  ubj  )”}”(hŒ@If the source address is corrupted somehow when executing EADD.
”h]”hï)”}”(hŒ?If the source address is corrupted somehow when executing EADD.”h]”hŒ?If the source address is corrupted somehow when executing EADD.”…””}”(hj	  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M“hjþ  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hjâ  ubeh}”(h]”h ]”h"]”h$]”h&]”j;  jH  uh1hþh³j÷  h´M‘hj§  ubhï)”}”(hŒ
**Return**”h]”j  )”}”(hj	  h]”hŒReturn”…””}”(hj!	  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj	  ubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M•hj§  ubhÿ)”}”(hhh]”(j  )”}”(hŒ0:         Success.”h]”hï)”}”(hj:	  h]”hŒ0:         Success.”…””}”(hj<	  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M–hj8	  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj5	  ubj  )”}”(hŒ<-EACCES:   The source page is located in a noexec partition.”h]”hï)”}”(hjR	  h]”hŒ<-EACCES:   The source page is located in a noexec partition.”…””}”(hjT	  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M—hjP	  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj5	  ubj  )”}”(hŒ-ENOMEM:   Out of EPC pages.”h]”hï)”}”(hjj	  h]”hŒ-ENOMEM:   Out of EPC pages.”…””}”(hjl	  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M˜hjh	  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj5	  ubj  )”}”(hŒ>-EINTR:    The call was interrupted before data was processed.”h]”hï)”}”(hj‚	  h]”hŒ>-EINTR:    The call was interrupted before data was processed.”…””}”(hj„	  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M™hj€	  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj5	  ubj  )”}”(hŒb-EIO:      Either EADD or EEXTEND failed because invalid source address
           or power cycle.”h]”jõ  )”}”(hhh]”jú  )”}”(hŒW-EIO:      Either EADD or EEXTEND failed because invalid source address
or power cycle.”h]”(j   )”}”(hŒG-EIO:      Either EADD or EEXTEND failed because invalid source address”h]”hŒG-EIO:      Either EADD or EEXTEND failed because invalid source address”…””}”(hj£	  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jÿ  h³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´MšhjŸ	  ubj  )”}”(hhh]”hï)”}”(hŒor power cycle.”h]”hŒor power cycle.”…””}”(hjµ	  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M›hj²	  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hjŸ	  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jù  h³j±	  h´Mšhjœ	  ubah}”(h]”h ]”h"]”h$]”h&]”uh1jô  hj˜	  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj5	  ubj  )”}”(hŒ-errno:    POSIX error.”h]”hï)”}”(hjÞ	  h]”hŒ-errno:    POSIX error.”…””}”(hjà	  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´MœhjÜ	  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj5	  ubeh}”(h]”h ]”h"]”h$]”h&]”j;  jH  uh1hþh³jI	  h´M–hj§  ubeh}”(h]”h ]”Œkernelindent”ah"]”h$]”h&]”uh1j  hj]  h²hh³Nh´Nubj  )”}”(hhh]”h}”(h]”h ]”h"]”h$]”h&]”Œentries”]”(j›  Œ!sgx_ioc_enclave_init (C function)”Œc.sgx_ioc_enclave_init”hNt”auh1jŽ  hj]  h²hh³Nh´Nubj   )”}”(hhh]”(j¥  )”}”(hŒClong sgx_ioc_enclave_init (struct sgx_encl *encl, void __user *arg)”h]”j«  )”}”(hŒBlong sgx_ioc_enclave_init(struct sgx_encl *encl, void __user *arg)”h]”(j±  )”}”(hŒlong”h]”hŒlong”…””}”(hj
  h²hh³Nh´Nubah}”(h]”h ]”j½  ah"]”h$]”h&]”uh1j°  hj
  h²hh³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M/ubjÃ  )”}”(hŒ ”h]”hŒ ”…””}”(hj)
  h²hh³Nh´Nubah}”(h]”h ]”jÏ  ah"]”h$]”h&]”uh1jÂ  hj
  h²hh³j(
  h´M/ubjÔ  )”}”(hŒsgx_ioc_enclave_init”h]”jÚ  )”}”(hŒsgx_ioc_enclave_init”h]”hŒsgx_ioc_enclave_init”…””}”(hj;
  h²hh³Nh´Nubah}”(h]”h ]”jæ  ah"]”h$]”h&]”uh1jÙ  hj7
  ubah}”(h]”h ]”(jí  jî  eh"]”h$]”h&]”hÅhÆuh1jÓ  hj
  h²hh³j(
  h´M/ubjó  )”}”(hŒ)(struct sgx_encl *encl, void __user *arg)”h]”(jù  )”}”(hŒstruct sgx_encl *encl”h]”(jÿ  )”}”(hj  h]”hŒstruct”…””}”(hjW
  h²hh³Nh´Nubah}”(h]”h ]”j  ah"]”h$]”h&]”uh1jþ  hjS
  ubjÃ  )”}”(hŒ ”h]”hŒ ”…””}”(hjd
  h²hh³Nh´Nubah}”(h]”h ]”jÏ  ah"]”h$]”h&]”uh1jÂ  hjS
  ubh)”}”(hhh]”jÚ  )”}”(hŒsgx_encl”h]”hŒsgx_encl”…””}”(hju
  h²hh³Nh´Nubah}”(h]”h ]”jæ  ah"]”h$]”h&]”uh1jÙ  hjr
  ubah}”(h]”h ]”h"]”h$]”h&]”Œ	refdomain”j5  Œreftype”j7  Œ	reftarget”jw
  Œmodname”NŒ	classname”Nj;  j>  )”}”jA  ]”jD  )”}”j7  j=
  sbŒc.sgx_ioc_enclave_init”†”asbuh1hhjS
  ubjÃ  )”}”(hŒ ”h]”hŒ ”…””}”(hj•
  h²hh³Nh´Nubah}”(h]”h ]”jÏ  ah"]”h$]”h&]”uh1jÂ  hjS
  ubjX  )”}”(hj<  h]”hŒ*”…””}”(hj£
  h²hh³Nh´Nubah}”(h]”h ]”jc  ah"]”h$]”h&]”uh1jW  hjS
  ubjÚ  )”}”(hŒencl”h]”hŒencl”…””}”(hj°
  h²hh³Nh´Nubah}”(h]”h ]”jæ  ah"]”h$]”h&]”uh1jÙ  hjS
  ubeh}”(h]”h ]”h"]”h$]”h&]”Œnoemph”ˆhÅhÆuh1jø  hjO
  ubjù  )”}”(hŒvoid __user *arg”h]”(j±  )”}”(hŒvoid”h]”hŒvoid”…””}”(hjÉ
  h²hh³Nh´Nubah}”(h]”h ]”j½  ah"]”h$]”h&]”uh1j°  hjÅ
  ubjÃ  )”}”(hŒ ”h]”hŒ ”…””}”(hj×
  h²hh³Nh´Nubah}”(h]”h ]”jÏ  ah"]”h$]”h&]”uh1jÂ  hjÅ
  ubhŒ__user”…””}”(hjÅ
  h²hh³Nh´NubjÃ  )”}”(hŒ ”h]”hŒ ”…””}”(hjé
  h²hh³Nh´Nubah}”(h]”h ]”jÏ  ah"]”h$]”h&]”uh1jÂ  hjÅ
  ubjX  )”}”(hj<  h]”hŒ*”…””}”(hj÷
  h²hh³Nh´Nubah}”(h]”h ]”jc  ah"]”h$]”h&]”uh1jW  hjÅ
  ubjÚ  )”}”(hŒarg”h]”hŒarg”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”jæ  ah"]”h$]”h&]”uh1jÙ  hjÅ
  ubeh}”(h]”h ]”h"]”h$]”h&]”Œnoemph”ˆhÅhÆuh1jø  hjO
  ubeh}”(h]”h ]”h"]”h$]”h&]”hÅhÆuh1jò  hj
  h²hh³j(
  h´M/ubeh}”(h]”h ]”h"]”h$]”h&]”hÅhÆjÜ  ˆuh1jª  jÝ  jÞ  hj
  h²hh³j(
  h´M/ubah}”(h]”j
  ah ]”(jâ  jã  eh"]”h$]”h&]”jç  ˆjè  )jé  huh1j¤  h³j(
  h´M/hj
  h²hubjë  )”}”(hhh]”hï)”}”(hŒ$handler for ``SGX_IOC_ENCLAVE_INIT``”h]”(hŒhandler for ”…””}”(hj.  h²hh³Nh´Nubjd  )”}”(hŒ``SGX_IOC_ENCLAVE_INIT``”h]”hŒSGX_IOC_ENCLAVE_INIT”…””}”(hj6  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hj.  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M/hj+  h²hubah}”(h]”h ]”h"]”h$]”h&]”uh1jê  hj
  h²hh³j(
  h´M/ubeh}”(h]”h ]”(j5  Œfunction”eh"]”h$]”h&]”j  j5  j  jT  j  jT  j  ‰j  ‰j  ‰uh1jŸ  h²hhj]  h³Nh´Nubj   )”}”(hX	  **Parameters**

``struct sgx_encl *encl``
  an enclave pointer

``void __user *arg``
  userspace pointer to a struct sgx_enclave_init instance

**Description**

Flush any outstanding enqueued EADD operations and perform EINIT.  The
Launch Enclave Public Key Hash MSRs are rewritten as necessary to match
the enclave's MRSIGNER, which is calculated from the provided sigstruct.

**Return**

- 0:         Success.
- -EPERM:    Invalid SIGSTRUCT.
- -EIO:      EINIT failed because of a power cycle.
- -errno:    POSIX error.”h]”(hï)”}”(hŒ**Parameters**”h]”j  )”}”(hj^  h]”hŒ
Parameters”…””}”(hj`  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj\  ubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M3hjX  ubjõ  )”}”(hhh]”(jú  )”}”(hŒ-``struct sgx_encl *encl``
an enclave pointer
”h]”(j   )”}”(hŒ``struct sgx_encl *encl``”h]”jd  )”}”(hj}  h]”hŒstruct sgx_encl *encl”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hj{  ubah}”(h]”h ]”h"]”h$]”h&]”uh1jÿ  h³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M0hjw  ubj  )”}”(hhh]”hï)”}”(hŒan enclave pointer”h]”hŒan enclave pointer”…””}”(hj–  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³j’  h´M0hj“  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hjw  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jù  h³j’  h´M0hjt  ubjú  )”}”(hŒM``void __user *arg``
userspace pointer to a struct sgx_enclave_init instance
”h]”(j   )”}”(hŒ``void __user *arg``”h]”jd  )”}”(hj¶  h]”hŒvoid __user *arg”…””}”(hj¸  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hj´  ubah}”(h]”h ]”h"]”h$]”h&]”uh1jÿ  h³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M1hj°  ubj  )”}”(hhh]”hï)”}”(hŒ7userspace pointer to a struct sgx_enclave_init instance”h]”hŒ7userspace pointer to a struct sgx_enclave_init instance”…””}”(hjÏ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³jË  h´M1hjÌ  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj°  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jù  h³jË  h´M1hjt  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jô  hjX  ubhï)”}”(hŒ**Description**”h]”j  )”}”(hjñ  h]”hŒDescription”…””}”(hjó  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hjï  ubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M3hjX  ubhï)”}”(hŒ×Flush any outstanding enqueued EADD operations and perform EINIT.  The
Launch Enclave Public Key Hash MSRs are rewritten as necessary to match
the enclave's MRSIGNER, which is calculated from the provided sigstruct.”h]”hŒÙFlush any outstanding enqueued EADD operations and perform EINIT.  The
Launch Enclave Public Key Hash MSRs are rewritten as necessary to match
the enclaveâ€™s MRSIGNER, which is calculated from the provided sigstruct.”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M2hjX  ubhï)”}”(hŒ
**Return**”h]”j  )”}”(hj  h]”hŒReturn”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj  ubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M6hjX  ubhÿ)”}”(hhh]”(j  )”}”(hŒ0:         Success.”h]”hï)”}”(hj3  h]”hŒ0:         Success.”…””}”(hj5  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M7hj1  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj.  ubj  )”}”(hŒ-EPERM:    Invalid SIGSTRUCT.”h]”hï)”}”(hjK  h]”hŒ-EPERM:    Invalid SIGSTRUCT.”…””}”(hjM  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M8hjI  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj.  ubj  )”}”(hŒ1-EIO:      EINIT failed because of a power cycle.”h]”hï)”}”(hjc  h]”hŒ1-EIO:      EINIT failed because of a power cycle.”…””}”(hje  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M9hja  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj.  ubj  )”}”(hŒ-errno:    POSIX error.”h]”hï)”}”(hj{  h]”hŒ-errno:    POSIX error.”…””}”(hj}  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M:hjy  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj.  ubeh}”(h]”h ]”h"]”h$]”h&]”j;  jH  uh1hþh³jB  h´M7hjX  ubeh}”(h]”h ]”Œkernelindent”ah"]”h$]”h&]”uh1j  hj]  h²hh³Nh´Nubj  )”}”(hhh]”h}”(h]”h ]”h"]”h$]”h&]”Œentries”]”(j›  Œ&sgx_ioc_enclave_provision (C function)”Œc.sgx_ioc_enclave_provision”hNt”auh1jŽ  hj]  h²hh³Nh´Nubj   )”}”(hhh]”(j¥  )”}”(hŒHlong sgx_ioc_enclave_provision (struct sgx_encl *encl, void __user *arg)”h]”j«  )”}”(hŒGlong sgx_ioc_enclave_provision(struct sgx_encl *encl, void __user *arg)”h]”(j±  )”}”(hŒlong”h]”hŒlong”…””}”(hj·  h²hh³Nh´Nubah}”(h]”h ]”j½  ah"]”h$]”h&]”uh1j°  hj³  h²hh³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´MrubjÃ  )”}”(hŒ ”h]”hŒ ”…””}”(hjÆ  h²hh³Nh´Nubah}”(h]”h ]”jÏ  ah"]”h$]”h&]”uh1jÂ  hj³  h²hh³jÅ  h´MrubjÔ  )”}”(hŒsgx_ioc_enclave_provision”h]”jÚ  )”}”(hŒsgx_ioc_enclave_provision”h]”hŒsgx_ioc_enclave_provision”…””}”(hjØ  h²hh³Nh´Nubah}”(h]”h ]”jæ  ah"]”h$]”h&]”uh1jÙ  hjÔ  ubah}”(h]”h ]”(jí  jî  eh"]”h$]”h&]”hÅhÆuh1jÓ  hj³  h²hh³jÅ  h´Mrubjó  )”}”(hŒ)(struct sgx_encl *encl, void __user *arg)”h]”(jù  )”}”(hŒstruct sgx_encl *encl”h]”(jÿ  )”}”(hj  h]”hŒstruct”…””}”(hjô  h²hh³Nh´Nubah}”(h]”h ]”j  ah"]”h$]”h&]”uh1jþ  hjð  ubjÃ  )”}”(hŒ ”h]”hŒ ”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”jÏ  ah"]”h$]”h&]”uh1jÂ  hjð  ubh)”}”(hhh]”jÚ  )”}”(hŒsgx_encl”h]”hŒsgx_encl”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”jæ  ah"]”h$]”h&]”uh1jÙ  hj  ubah}”(h]”h ]”h"]”h$]”h&]”Œ	refdomain”j5  Œreftype”j7  Œ	reftarget”j  Œmodname”NŒ	classname”Nj;  j>  )”}”jA  ]”jD  )”}”j7  jÚ  sbŒc.sgx_ioc_enclave_provision”†”asbuh1hhjð  ubjÃ  )”}”(hŒ ”h]”hŒ ”…””}”(hj2  h²hh³Nh´Nubah}”(h]”h ]”jÏ  ah"]”h$]”h&]”uh1jÂ  hjð  ubjX  )”}”(hj<  h]”hŒ*”…””}”(hj@  h²hh³Nh´Nubah}”(h]”h ]”jc  ah"]”h$]”h&]”uh1jW  hjð  ubjÚ  )”}”(hŒencl”h]”hŒencl”…””}”(hjM  h²hh³Nh´Nubah}”(h]”h ]”jæ  ah"]”h$]”h&]”uh1jÙ  hjð  ubeh}”(h]”h ]”h"]”h$]”h&]”Œnoemph”ˆhÅhÆuh1jø  hjì  ubjù  )”}”(hŒvoid __user *arg”h]”(j±  )”}”(hŒvoid”h]”hŒvoid”…””}”(hjf  h²hh³Nh´Nubah}”(h]”h ]”j½  ah"]”h$]”h&]”uh1j°  hjb  ubjÃ  )”}”(hŒ ”h]”hŒ ”…””}”(hjt  h²hh³Nh´Nubah}”(h]”h ]”jÏ  ah"]”h$]”h&]”uh1jÂ  hjb  ubhŒ__user”…””}”(hjb  h²hh³Nh´NubjÃ  )”}”(hŒ ”h]”hŒ ”…””}”(hj†  h²hh³Nh´Nubah}”(h]”h ]”jÏ  ah"]”h$]”h&]”uh1jÂ  hjb  ubjX  )”}”(hj<  h]”hŒ*”…””}”(hj”  h²hh³Nh´Nubah}”(h]”h ]”jc  ah"]”h$]”h&]”uh1jW  hjb  ubjÚ  )”}”(hŒarg”h]”hŒarg”…””}”(hj¡  h²hh³Nh´Nubah}”(h]”h ]”jæ  ah"]”h$]”h&]”uh1jÙ  hjb  ubeh}”(h]”h ]”h"]”h$]”h&]”Œnoemph”ˆhÅhÆuh1jø  hjì  ubeh}”(h]”h ]”h"]”h$]”h&]”hÅhÆuh1jò  hj³  h²hh³jÅ  h´Mrubeh}”(h]”h ]”h"]”h$]”h&]”hÅhÆjÜ  ˆuh1jª  jÝ  jÞ  hj¯  h²hh³jÅ  h´Mrubah}”(h]”jª  ah ]”(jâ  jã  eh"]”h$]”h&]”jç  ˆjè  )jé  huh1j¤  h³jÅ  h´Mrhj¬  h²hubjë  )”}”(hhh]”hï)”}”(hŒ)handler for ``SGX_IOC_ENCLAVE_PROVISION``”h]”(hŒhandler for ”…””}”(hjË  h²hh³Nh´Nubjd  )”}”(hŒ``SGX_IOC_ENCLAVE_PROVISION``”h]”hŒSGX_IOC_ENCLAVE_PROVISION”…””}”(hjÓ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hjË  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´MrhjÈ  h²hubah}”(h]”h ]”h"]”h$]”h&]”uh1jê  hj¬  h²hh³jÅ  h´Mrubeh}”(h]”h ]”(j5  Œfunction”eh"]”h$]”h&]”j  j5  j  jñ  j  jñ  j  ‰j  ‰j  ‰uh1jŸ  h²hhj]  h³Nh´Nubj   )”}”(hX?  **Parameters**

``struct sgx_encl *encl``
  an enclave pointer

``void __user *arg``
  userspace pointer to a struct sgx_enclave_provision instance

**Description**

Allow ATTRIBUTE.PROVISION_KEY for an enclave by providing a file handle to
/dev/sgx_provision.

**Return**

- 0:         Success.
- -errno:    Otherwise.”h]”(hï)”}”(hŒ**Parameters**”h]”j  )”}”(hjû  h]”hŒ
Parameters”…””}”(hjý  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hjù  ubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´Mvhjõ  ubjõ  )”}”(hhh]”(jú  )”}”(hŒ-``struct sgx_encl *encl``
an enclave pointer
”h]”(j   )”}”(hŒ``struct sgx_encl *encl``”h]”jd  )”}”(hj  h]”hŒstruct sgx_encl *encl”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hj  ubah}”(h]”h ]”h"]”h$]”h&]”uh1jÿ  h³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´Mshj  ubj  )”}”(hhh]”hï)”}”(hŒan enclave pointer”h]”hŒan enclave pointer”…””}”(hj3  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³j/  h´Mshj0  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jù  h³j/  h´Mshj  ubjú  )”}”(hŒR``void __user *arg``
userspace pointer to a struct sgx_enclave_provision instance
”h]”(j   )”}”(hŒ``void __user *arg``”h]”jd  )”}”(hjS  h]”hŒvoid __user *arg”…””}”(hjU  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hjQ  ubah}”(h]”h ]”h"]”h$]”h&]”uh1jÿ  h³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´MthjM  ubj  )”}”(hhh]”hï)”}”(hŒ<userspace pointer to a struct sgx_enclave_provision instance”h]”hŒ<userspace pointer to a struct sgx_enclave_provision instance”…””}”(hjl  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³jh  h´Mthji  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hjM  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jù  h³jh  h´Mthj  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jô  hjõ  ubhï)”}”(hŒ**Description**”h]”j  )”}”(hjŽ  h]”hŒDescription”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hjŒ  ubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´Mvhjõ  ubhï)”}”(hŒ^Allow ATTRIBUTE.PROVISION_KEY for an enclave by providing a file handle to
/dev/sgx_provision.”h]”hŒ^Allow ATTRIBUTE.PROVISION_KEY for an enclave by providing a file handle to
/dev/sgx_provision.”…””}”(hj¤  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´Muhjõ  ubhï)”}”(hŒ
**Return**”h]”j  )”}”(hjµ  h]”hŒReturn”…””}”(hj·  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj³  ubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´Mxhjõ  ubhÿ)”}”(hhh]”(j  )”}”(hŒ0:         Success.”h]”hï)”}”(hjÐ  h]”hŒ0:         Success.”…””}”(hjÒ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´MyhjÎ  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hjË  ubj  )”}”(hŒ-errno:    Otherwise.”h]”hï)”}”(hjè  h]”hŒ-errno:    Otherwise.”…””}”(hjê  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ\/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:97: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´Mzhjæ  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hjË  ubeh}”(h]”h ]”h"]”h$]”h&]”j;  jH  uh1hþh³jß  h´Myhjõ  ubeh}”(h]”h ]”Œkernelindent”ah"]”h$]”h&]”uh1j  hj]  h²hh³Nh´Nubeh}”(h]”Œenclave-build-functions”ah ]”h"]”Œenclave build functions”ah$]”h&]”uh1hÈhjL  h²hh³hÇh´KXubhÉ)”}”(hhh]”(hÎ)”}”(hŒEnclave runtime management”h]”hŒEnclave runtime management”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÍhj  h²hh³hÇh´Khubhï)”}”(hX¥  Systems supporting SGX2 additionally support changes to initialized
enclaves: modifying enclave page permissions and type, and dynamically
adding and removing of enclave pages. When an enclave accesses an address
within its address range that does not have a backing page then a new
regular page will be dynamically added to the enclave. The enclave is
still required to run EACCEPT on the new page before it can be used.”h]”hX¥  Systems supporting SGX2 additionally support changes to initialized
enclaves: modifying enclave page permissions and type, and dynamically
adding and removing of enclave pages. When an enclave accesses an address
within its address range that does not have a backing page then a new
regular page will be dynamically added to the enclave. The enclave is
still required to run EACCEPT on the new page before it can be used.”…””}”(hj$  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´Kjhj  h²hubj  )”}”(hhh]”h}”(h]”h ]”h"]”h$]”h&]”Œentries”]”(j›  Œ1sgx_ioc_enclave_restrict_permissions (C function)”Œ&c.sgx_ioc_enclave_restrict_permissions”hNt”auh1jŽ  hj  h²hh³Nh´Nubj   )”}”(hhh]”(j¥  )”}”(hŒSlong sgx_ioc_enclave_restrict_permissions (struct sgx_encl *encl, void __user *arg)”h]”j«  )”}”(hŒRlong sgx_ioc_enclave_restrict_permissions(struct sgx_encl *encl, void __user *arg)”h]”(j±  )”}”(hŒlong”h]”hŒlong”…””}”(hjK  h²hh³Nh´Nubah}”(h]”h ]”j½  ah"]”h$]”h&]”uh1j°  hjG  h²hh³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:113: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M$ubjÃ  )”}”(hŒ ”h]”hŒ ”…””}”(hjZ  h²hh³Nh´Nubah}”(h]”h ]”jÏ  ah"]”h$]”h&]”uh1jÂ  hjG  h²hh³jY  h´M$ubjÔ  )”}”(hŒ$sgx_ioc_enclave_restrict_permissions”h]”jÚ  )”}”(hŒ$sgx_ioc_enclave_restrict_permissions”h]”hŒ$sgx_ioc_enclave_restrict_permissions”…””}”(hjl  h²hh³Nh´Nubah}”(h]”h ]”jæ  ah"]”h$]”h&]”uh1jÙ  hjh  ubah}”(h]”h ]”(jí  jî  eh"]”h$]”h&]”hÅhÆuh1jÓ  hjG  h²hh³jY  h´M$ubjó  )”}”(hŒ)(struct sgx_encl *encl, void __user *arg)”h]”(jù  )”}”(hŒstruct sgx_encl *encl”h]”(jÿ  )”}”(hj  h]”hŒstruct”…””}”(hjˆ  h²hh³Nh´Nubah}”(h]”h ]”j  ah"]”h$]”h&]”uh1jþ  hj„  ubjÃ  )”}”(hŒ ”h]”hŒ ”…””}”(hj•  h²hh³Nh´Nubah}”(h]”h ]”jÏ  ah"]”h$]”h&]”uh1jÂ  hj„  ubh)”}”(hhh]”jÚ  )”}”(hŒsgx_encl”h]”hŒsgx_encl”…””}”(hj¦  h²hh³Nh´Nubah}”(h]”h ]”jæ  ah"]”h$]”h&]”uh1jÙ  hj£  ubah}”(h]”h ]”h"]”h$]”h&]”Œ	refdomain”j5  Œreftype”j7  Œ	reftarget”j¨  Œmodname”NŒ	classname”Nj;  j>  )”}”jA  ]”jD  )”}”j7  jn  sbŒ&c.sgx_ioc_enclave_restrict_permissions”†”asbuh1hhj„  ubjÃ  )”}”(hŒ ”h]”hŒ ”…””}”(hjÆ  h²hh³Nh´Nubah}”(h]”h ]”jÏ  ah"]”h$]”h&]”uh1jÂ  hj„  ubjX  )”}”(hj<  h]”hŒ*”…””}”(hjÔ  h²hh³Nh´Nubah}”(h]”h ]”jc  ah"]”h$]”h&]”uh1jW  hj„  ubjÚ  )”}”(hŒencl”h]”hŒencl”…””}”(hjá  h²hh³Nh´Nubah}”(h]”h ]”jæ  ah"]”h$]”h&]”uh1jÙ  hj„  ubeh}”(h]”h ]”h"]”h$]”h&]”Œnoemph”ˆhÅhÆuh1jø  hj€  ubjù  )”}”(hŒvoid __user *arg”h]”(j±  )”}”(hŒvoid”h]”hŒvoid”…””}”(hjú  h²hh³Nh´Nubah}”(h]”h ]”j½  ah"]”h$]”h&]”uh1j°  hjö  ubjÃ  )”}”(hŒ ”h]”hŒ ”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”jÏ  ah"]”h$]”h&]”uh1jÂ  hjö  ubhŒ__user”…””}”(hjö  h²hh³Nh´NubjÃ  )”}”(hŒ ”h]”hŒ ”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”jÏ  ah"]”h$]”h&]”uh1jÂ  hjö  ubjX  )”}”(hj<  h]”hŒ*”…””}”(hj(  h²hh³Nh´Nubah}”(h]”h ]”jc  ah"]”h$]”h&]”uh1jW  hjö  ubjÚ  )”}”(hŒarg”h]”hŒarg”…””}”(hj5  h²hh³Nh´Nubah}”(h]”h ]”jæ  ah"]”h$]”h&]”uh1jÙ  hjö  ubeh}”(h]”h ]”h"]”h$]”h&]”Œnoemph”ˆhÅhÆuh1jø  hj€  ubeh}”(h]”h ]”h"]”h$]”h&]”hÅhÆuh1jò  hjG  h²hh³jY  h´M$ubeh}”(h]”h ]”h"]”h$]”h&]”hÅhÆjÜ  ˆuh1jª  jÝ  jÞ  hjC  h²hh³jY  h´M$ubah}”(h]”j>  ah ]”(jâ  jã  eh"]”h$]”h&]”jç  ˆjè  )jé  huh1j¤  h³jY  h´M$hj@  h²hubjë  )”}”(hhh]”hï)”}”(hŒ4handler for ``SGX_IOC_ENCLAVE_RESTRICT_PERMISSIONS``”h]”(hŒhandler for ”…””}”(hj_  h²hh³Nh´Nubjd  )”}”(hŒ(``SGX_IOC_ENCLAVE_RESTRICT_PERMISSIONS``”h]”hŒ$SGX_IOC_ENCLAVE_RESTRICT_PERMISSIONS”…””}”(hjg  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hj_  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:113: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M$hj\  h²hubah}”(h]”h ]”h"]”h$]”h&]”uh1jê  hj@  h²hh³jY  h´M$ubeh}”(h]”h ]”(j5  Œfunction”eh"]”h$]”h&]”j  j5  j  j…  j  j…  j  ‰j  ‰j  ‰uh1jŸ  h²hhj  h³Nh´Nubj   )”}”(hXã  **Parameters**

``struct sgx_encl *encl``
  an enclave pointer

``void __user *arg``
  userspace pointer to a :c:type:`struct sgx_enclave_restrict_permissions <sgx_enclave_restrict_permissions>`
  instance

**Description**

SGX2 distinguishes between relaxing and restricting the enclave page
permissions maintained by the hardware (EPCM permissions) of pages
belonging to an initialized enclave (after SGX_IOC_ENCLAVE_INIT).

EPCM permissions cannot be restricted from within the enclave, the enclave
requires the kernel to run the privileged level 0 instructions ENCLS[EMODPR]
and ENCLS[ETRACK]. An attempt to relax EPCM permissions with this call
will be ignored by the hardware.

**Return**

- 0:         Success
- -errno:    Otherwise”h]”(hï)”}”(hŒ**Parameters**”h]”j  )”}”(hj  h]”hŒ
Parameters”…””}”(hj‘  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj  ubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:113: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M(hj‰  ubjõ  )”}”(hhh]”(jú  )”}”(hŒ-``struct sgx_encl *encl``
an enclave pointer
”h]”(j   )”}”(hŒ``struct sgx_encl *encl``”h]”jd  )”}”(hj®  h]”hŒstruct sgx_encl *encl”…””}”(hj°  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hj¬  ubah}”(h]”h ]”h"]”h$]”h&]”uh1jÿ  h³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:113: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M&hj¨  ubj  )”}”(hhh]”hï)”}”(hŒan enclave pointer”h]”hŒan enclave pointer”…””}”(hjÇ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³jÃ  h´M&hjÄ  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj¨  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jù  h³jÃ  h´M&hj¥  ubjú  )”}”(hŒŠ``void __user *arg``
userspace pointer to a :c:type:`struct sgx_enclave_restrict_permissions <sgx_enclave_restrict_permissions>`
instance
”h]”(j   )”}”(hŒ``void __user *arg``”h]”jd  )”}”(hjç  h]”hŒvoid __user *arg”…””}”(hjé  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hjå  ubah}”(h]”h ]”h"]”h$]”h&]”uh1jÿ  h³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:113: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M(hjá  ubj  )”}”(hhh]”hï)”}”(hŒtuserspace pointer to a :c:type:`struct sgx_enclave_restrict_permissions <sgx_enclave_restrict_permissions>`
instance”h]”(hŒuserspace pointer to a ”…””}”(hj   h²hh³Nh´Nubh)”}”(hŒT:c:type:`struct sgx_enclave_restrict_permissions <sgx_enclave_restrict_permissions>`”h]”jd  )”}”(hj
  h]”hŒ'struct sgx_enclave_restrict_permissions”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”(Œxref”j5  Œc-type”eh"]”h$]”h&]”uh1jc  hj  ubah}”(h]”h ]”h"]”h$]”h&]”Œrefdoc”Œarch/x86/sgx”Œ	refdomain”j5  Œreftype”Œtype”Œrefexplicit”ˆŒrefwarn”‰j;  j>  )”}”jA  ]”sbŒ	reftarget”Œ sgx_enclave_restrict_permissions”uh1hh³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:113: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M'hj   ubhŒ	
instance”…””}”(hj   h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hîh³j-  h´M'hjý  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hjá  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jù  h³jü  h´M(hj¥  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jô  hj‰  ubhï)”}”(hŒ**Description**”h]”j  )”}”(hjL  h]”hŒDescription”…””}”(hjN  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hjJ  ubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:113: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M*hj‰  ubhï)”}”(hŒÉSGX2 distinguishes between relaxing and restricting the enclave page
permissions maintained by the hardware (EPCM permissions) of pages
belonging to an initialized enclave (after SGX_IOC_ENCLAVE_INIT).”h]”hŒÉSGX2 distinguishes between relaxing and restricting the enclave page
permissions maintained by the hardware (EPCM permissions) of pages
belonging to an initialized enclave (after SGX_IOC_ENCLAVE_INIT).”…””}”(hjb  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:113: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M)hj‰  ubhï)”}”(hŒÿEPCM permissions cannot be restricted from within the enclave, the enclave
requires the kernel to run the privileged level 0 instructions ENCLS[EMODPR]
and ENCLS[ETRACK]. An attempt to relax EPCM permissions with this call
will be ignored by the hardware.”h]”hŒÿEPCM permissions cannot be restricted from within the enclave, the enclave
requires the kernel to run the privileged level 0 instructions ENCLS[EMODPR]
and ENCLS[ETRACK]. An attempt to relax EPCM permissions with this call
will be ignored by the hardware.”…””}”(hjq  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:113: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M-hj‰  ubhï)”}”(hŒ
**Return**”h]”j  )”}”(hj‚  h]”hŒReturn”…””}”(hj„  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj€  ubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:113: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M2hj‰  ubhÿ)”}”(hhh]”(j  )”}”(hŒ0:         Success”h]”hï)”}”(hj  h]”hŒ0:         Success”…””}”(hjŸ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:113: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M3hj›  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj˜  ubj  )”}”(hŒ-errno:    Otherwise”h]”hï)”}”(hjµ  h]”hŒ-errno:    Otherwise”…””}”(hj·  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:113: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M4hj³  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj˜  ubeh}”(h]”h ]”h"]”h$]”h&]”j;  jH  uh1hþh³j¬  h´M3hj‰  ubeh}”(h]”h ]”Œkernelindent”ah"]”h$]”h&]”uh1j  hj  h²hh³Nh´Nubj  )”}”(hhh]”h}”(h]”h ]”h"]”h$]”h&]”Œentries”]”(j›  Œ)sgx_ioc_enclave_modify_types (C function)”Œc.sgx_ioc_enclave_modify_types”hNt”auh1jŽ  hj  h²hh³Nh´Nubj   )”}”(hhh]”(j¥  )”}”(hŒKlong sgx_ioc_enclave_modify_types (struct sgx_encl *encl, void __user *arg)”h]”j«  )”}”(hŒJlong sgx_ioc_enclave_modify_types(struct sgx_encl *encl, void __user *arg)”h]”(j±  )”}”(hŒlong”h]”hŒlong”…””}”(hjñ  h²hh³Nh´Nubah}”(h]”h ]”j½  ah"]”h$]”h&]”uh1j°  hjí  h²hh³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:113: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´MòubjÃ  )”}”(hŒ ”h]”hŒ ”…””}”(hj   h²hh³Nh´Nubah}”(h]”h ]”jÏ  ah"]”h$]”h&]”uh1jÂ  hjí  h²hh³jÿ  h´MòubjÔ  )”}”(hŒsgx_ioc_enclave_modify_types”h]”jÚ  )”}”(hŒsgx_ioc_enclave_modify_types”h]”hŒsgx_ioc_enclave_modify_types”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”jæ  ah"]”h$]”h&]”uh1jÙ  hj  ubah}”(h]”h ]”(jí  jî  eh"]”h$]”h&]”hÅhÆuh1jÓ  hjí  h²hh³jÿ  h´Mòubjó  )”}”(hŒ)(struct sgx_encl *encl, void __user *arg)”h]”(jù  )”}”(hŒstruct sgx_encl *encl”h]”(jÿ  )”}”(hj  h]”hŒstruct”…””}”(hj.  h²hh³Nh´Nubah}”(h]”h ]”j  ah"]”h$]”h&]”uh1jþ  hj*  ubjÃ  )”}”(hŒ ”h]”hŒ ”…””}”(hj;  h²hh³Nh´Nubah}”(h]”h ]”jÏ  ah"]”h$]”h&]”uh1jÂ  hj*  ubh)”}”(hhh]”jÚ  )”}”(hŒsgx_encl”h]”hŒsgx_encl”…””}”(hjL  h²hh³Nh´Nubah}”(h]”h ]”jæ  ah"]”h$]”h&]”uh1jÙ  hjI  ubah}”(h]”h ]”h"]”h$]”h&]”Œ	refdomain”j5  Œreftype”j7  Œ	reftarget”jN  Œmodname”NŒ	classname”Nj;  j>  )”}”jA  ]”jD  )”}”j7  j  sbŒc.sgx_ioc_enclave_modify_types”†”asbuh1hhj*  ubjÃ  )”}”(hŒ ”h]”hŒ ”…””}”(hjl  h²hh³Nh´Nubah}”(h]”h ]”jÏ  ah"]”h$]”h&]”uh1jÂ  hj*  ubjX  )”}”(hj<  h]”hŒ*”…””}”(hjz  h²hh³Nh´Nubah}”(h]”h ]”jc  ah"]”h$]”h&]”uh1jW  hj*  ubjÚ  )”}”(hŒencl”h]”hŒencl”…””}”(hj‡  h²hh³Nh´Nubah}”(h]”h ]”jæ  ah"]”h$]”h&]”uh1jÙ  hj*  ubeh}”(h]”h ]”h"]”h$]”h&]”Œnoemph”ˆhÅhÆuh1jø  hj&  ubjù  )”}”(hŒvoid __user *arg”h]”(j±  )”}”(hŒvoid”h]”hŒvoid”…””}”(hj   h²hh³Nh´Nubah}”(h]”h ]”j½  ah"]”h$]”h&]”uh1j°  hjœ  ubjÃ  )”}”(hŒ ”h]”hŒ ”…””}”(hj®  h²hh³Nh´Nubah}”(h]”h ]”jÏ  ah"]”h$]”h&]”uh1jÂ  hjœ  ubhŒ__user”…””}”(hjœ  h²hh³Nh´NubjÃ  )”}”(hŒ ”h]”hŒ ”…””}”(hjÀ  h²hh³Nh´Nubah}”(h]”h ]”jÏ  ah"]”h$]”h&]”uh1jÂ  hjœ  ubjX  )”}”(hj<  h]”hŒ*”…””}”(hjÎ  h²hh³Nh´Nubah}”(h]”h ]”jc  ah"]”h$]”h&]”uh1jW  hjœ  ubjÚ  )”}”(hŒarg”h]”hŒarg”…””}”(hjÛ  h²hh³Nh´Nubah}”(h]”h ]”jæ  ah"]”h$]”h&]”uh1jÙ  hjœ  ubeh}”(h]”h ]”h"]”h$]”h&]”Œnoemph”ˆhÅ•Oû      hÆuh1jø  hj&  ubeh}”(h]”h ]”h"]”h$]”h&]”hÅhÆuh1jò  hjí  h²hh³jÿ  h´Mòubeh}”(h]”h ]”h"]”h$]”h&]”hÅhÆjÜ  ˆuh1jª  jÝ  jÞ  hjé  h²hh³jÿ  h´Mòubah}”(h]”jä  ah ]”(jâ  jã  eh"]”h$]”h&]”jç  ˆjè  )jé  huh1j¤  h³jÿ  h´Mòhjæ  h²hubjë  )”}”(hhh]”hï)”}”(hŒ,handler for ``SGX_IOC_ENCLAVE_MODIFY_TYPES``”h]”(hŒhandler for ”…””}”(hj  h²hh³Nh´Nubjd  )”}”(hŒ ``SGX_IOC_ENCLAVE_MODIFY_TYPES``”h]”hŒSGX_IOC_ENCLAVE_MODIFY_TYPES”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hj  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:113: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´Mòhj  h²hubah}”(h]”h ]”h"]”h$]”h&]”uh1jê  hjæ  h²hh³jÿ  h´Mòubeh}”(h]”h ]”(j5  Œfunction”eh"]”h$]”h&]”j  j5  j  j+  j  j+  j  ‰j  ‰j  ‰uh1jŸ  h²hhj  h³Nh´Nubj   )”}”(hXÚ  **Parameters**

``struct sgx_encl *encl``
  an enclave pointer

``void __user *arg``
  userspace pointer to a :c:type:`struct sgx_enclave_modify_types <sgx_enclave_modify_types>` instance

**Description**

Ability to change the enclave page type supports the following use cases:

* It is possible to add TCS pages to an enclave by changing the type of
  regular pages (``SGX_PAGE_TYPE_REG``) to TCS (``SGX_PAGE_TYPE_TCS``) pages.
  With this support the number of threads supported by an initialized
  enclave can be increased dynamically.

* Regular or TCS pages can dynamically be removed from an initialized
  enclave by changing the page type to ``SGX_PAGE_TYPE_TRIM``. Changing the
  page type to ``SGX_PAGE_TYPE_TRIM`` marks the page for removal with actual
  removal done by handler of ``SGX_IOC_ENCLAVE_REMOVE_PAGES`` ioctl() called
  after ENCLU[EACCEPT] is run on ``SGX_PAGE_TYPE_TRIM`` page from within the
  enclave.

**Return**

- 0:         Success
- -errno:    Otherwise”h]”(hï)”}”(hŒ**Parameters**”h]”j  )”}”(hj5  h]”hŒ
Parameters”…””}”(hj7  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj3  ubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:113: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´Möhj/  ubjõ  )”}”(hhh]”(jú  )”}”(hŒ-``struct sgx_encl *encl``
an enclave pointer
”h]”(j   )”}”(hŒ``struct sgx_encl *encl``”h]”jd  )”}”(hjT  h]”hŒstruct sgx_encl *encl”…””}”(hjV  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hjR  ubah}”(h]”h ]”h"]”h$]”h&]”uh1jÿ  h³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:113: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´MóhjN  ubj  )”}”(hhh]”hï)”}”(hŒan enclave pointer”h]”hŒan enclave pointer”…””}”(hjm  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³ji  h´Móhjj  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hjN  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jù  h³ji  h´MóhjK  ubjú  )”}”(hŒz``void __user *arg``
userspace pointer to a :c:type:`struct sgx_enclave_modify_types <sgx_enclave_modify_types>` instance
”h]”(j   )”}”(hŒ``void __user *arg``”h]”jd  )”}”(hj  h]”hŒvoid __user *arg”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hj‹  ubah}”(h]”h ]”h"]”h$]”h&]”uh1jÿ  h³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:113: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´Môhj‡  ubj  )”}”(hhh]”hï)”}”(hŒduserspace pointer to a :c:type:`struct sgx_enclave_modify_types <sgx_enclave_modify_types>` instance”h]”(hŒuserspace pointer to a ”…””}”(hj¦  h²hh³Nh´Nubh)”}”(hŒD:c:type:`struct sgx_enclave_modify_types <sgx_enclave_modify_types>`”h]”jd  )”}”(hj°  h]”hŒstruct sgx_enclave_modify_types”…””}”(hj²  h²hh³Nh´Nubah}”(h]”h ]”(j  j5  Œc-type”eh"]”h$]”h&]”uh1jc  hj®  ubah}”(h]”h ]”h"]”h$]”h&]”Œrefdoc”j"  Œ	refdomain”j5  Œreftype”Œtype”Œrefexplicit”ˆŒrefwarn”‰j;  j(  j+  Œsgx_enclave_modify_types”uh1hh³j¢  h´Môhj¦  ubhŒ	 instance”…””}”(hj¦  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hîh³j¢  h´Môhj£  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj‡  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jù  h³j¢  h´MôhjK  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jô  hj/  ubhï)”}”(hŒ**Description**”h]”j  )”}”(hjë  h]”hŒDescription”…””}”(hjí  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hjé  ubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:113: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´Möhj/  ubhï)”}”(hŒIAbility to change the enclave page type supports the following use cases:”h]”hŒIAbility to change the enclave page type supports the following use cases:”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:113: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´Mõhj/  ubhÿ)”}”(hhh]”(j  )”}”(hŒüIt is possible to add TCS pages to an enclave by changing the type of
regular pages (``SGX_PAGE_TYPE_REG``) to TCS (``SGX_PAGE_TYPE_TCS``) pages.
With this support the number of threads supported by an initialized
enclave can be increased dynamically.
”h]”hï)”}”(hŒûIt is possible to add TCS pages to an enclave by changing the type of
regular pages (``SGX_PAGE_TYPE_REG``) to TCS (``SGX_PAGE_TYPE_TCS``) pages.
With this support the number of threads supported by an initialized
enclave can be increased dynamically.”h]”(hŒUIt is possible to add TCS pages to an enclave by changing the type of
regular pages (”…””}”(hj  h²hh³Nh´Nubjd  )”}”(hŒ``SGX_PAGE_TYPE_REG``”h]”hŒSGX_PAGE_TYPE_REG”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hj  ubhŒ
) to TCS (”…””}”(hj  h²hh³Nh´Nubjd  )”}”(hŒ``SGX_PAGE_TYPE_TCS``”h]”hŒSGX_PAGE_TYPE_TCS”…””}”(hj1  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hj  ubhŒr) pages.
With this support the number of threads supported by an initialized
enclave can be increased dynamically.”…””}”(hj  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:113: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M÷hj  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj  ubj  )”}”(hXx  Regular or TCS pages can dynamically be removed from an initialized
enclave by changing the page type to ``SGX_PAGE_TYPE_TRIM``. Changing the
page type to ``SGX_PAGE_TYPE_TRIM`` marks the page for removal with actual
removal done by handler of ``SGX_IOC_ENCLAVE_REMOVE_PAGES`` ioctl() called
after ENCLU[EACCEPT] is run on ``SGX_PAGE_TYPE_TRIM`` page from within the
enclave.
”h]”hï)”}”(hXw  Regular or TCS pages can dynamically be removed from an initialized
enclave by changing the page type to ``SGX_PAGE_TYPE_TRIM``. Changing the
page type to ``SGX_PAGE_TYPE_TRIM`` marks the page for removal with actual
removal done by handler of ``SGX_IOC_ENCLAVE_REMOVE_PAGES`` ioctl() called
after ENCLU[EACCEPT] is run on ``SGX_PAGE_TYPE_TRIM`` page from within the
enclave.”h]”(hŒiRegular or TCS pages can dynamically be removed from an initialized
enclave by changing the page type to ”…””}”(hjT  h²hh³Nh´Nubjd  )”}”(hŒ``SGX_PAGE_TYPE_TRIM``”h]”hŒSGX_PAGE_TYPE_TRIM”…””}”(hj\  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hjT  ubhŒ. Changing the
page type to ”…””}”(hjT  h²hh³Nh´Nubjd  )”}”(hŒ``SGX_PAGE_TYPE_TRIM``”h]”hŒSGX_PAGE_TYPE_TRIM”…””}”(hjn  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hjT  ubhŒC marks the page for removal with actual
removal done by handler of ”…””}”(hjT  h²hh³Nh´Nubjd  )”}”(hŒ ``SGX_IOC_ENCLAVE_REMOVE_PAGES``”h]”hŒSGX_IOC_ENCLAVE_REMOVE_PAGES”…””}”(hj€  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hjT  ubhŒ/ ioctl() called
after ENCLU[EACCEPT] is run on ”…””}”(hjT  h²hh³Nh´Nubjd  )”}”(hŒ``SGX_PAGE_TYPE_TRIM``”h]”hŒSGX_PAGE_TYPE_TRIM”…””}”(hj’  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hjT  ubhŒ page from within the
enclave.”…””}”(hjT  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:113: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´MühjP  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj  ubeh}”(h]”h ]”h"]”h$]”h&]”j;  j<  uh1hþh³jI  h´M÷hj/  ubhï)”}”(hŒ
**Return**”h]”j  )”}”(hj¹  h]”hŒReturn”…””}”(hj»  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj·  ubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:113: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´Mhj/  ubhÿ)”}”(hhh]”(j  )”}”(hŒ0:         Success”h]”hï)”}”(hjÔ  h]”hŒ0:         Success”…””}”(hjÖ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:113: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´MhjÒ  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hjÏ  ubj  )”}”(hŒ-errno:    Otherwise”h]”hï)”}”(hjì  h]”hŒ-errno:    Otherwise”…””}”(hjî  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:113: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´Mhjê  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hjÏ  ubeh}”(h]”h ]”h"]”h$]”h&]”j;  jH  uh1hþh³jã  h´Mhj/  ubeh}”(h]”h ]”Œkernelindent”ah"]”h$]”h&]”uh1j  hj  h²hh³Nh´Nubj  )”}”(hhh]”h}”(h]”h ]”h"]”h$]”h&]”Œentries”]”(j›  Œ)sgx_ioc_enclave_remove_pages (C function)”Œc.sgx_ioc_enclave_remove_pages”hNt”auh1jŽ  hj  h²hh³Nh´Nubj   )”}”(hhh]”(j¥  )”}”(hŒKlong sgx_ioc_enclave_remove_pages (struct sgx_encl *encl, void __user *arg)”h]”j«  )”}”(hŒJlong sgx_ioc_enclave_remove_pages(struct sgx_encl *encl, void __user *arg)”h]”(j±  )”}”(hŒlong”h]”hŒlong”…””}”(hj(  h²hh³Nh´Nubah}”(h]”h ]”j½  ah"]”h$]”h&]”uh1j°  hj$  h²hh³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:113: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M‚ubjÃ  )”}”(hŒ ”h]”hŒ ”…””}”(hj7  h²hh³Nh´Nubah}”(h]”h ]”jÏ  ah"]”h$]”h&]”uh1jÂ  hj$  h²hh³j6  h´M‚ubjÔ  )”}”(hŒsgx_ioc_enclave_remove_pages”h]”jÚ  )”}”(hŒsgx_ioc_enclave_remove_pages”h]”hŒsgx_ioc_enclave_remove_pages”…””}”(hjI  h²hh³Nh´Nubah}”(h]”h ]”jæ  ah"]”h$]”h&]”uh1jÙ  hjE  ubah}”(h]”h ]”(jí  jî  eh"]”h$]”h&]”hÅhÆuh1jÓ  hj$  h²hh³j6  h´M‚ubjó  )”}”(hŒ)(struct sgx_encl *encl, void __user *arg)”h]”(jù  )”}”(hŒstruct sgx_encl *encl”h]”(jÿ  )”}”(hj  h]”hŒstruct”…””}”(hje  h²hh³Nh´Nubah}”(h]”h ]”j  ah"]”h$]”h&]”uh1jþ  hja  ubjÃ  )”}”(hŒ ”h]”hŒ ”…””}”(hjr  h²hh³Nh´Nubah}”(h]”h ]”jÏ  ah"]”h$]”h&]”uh1jÂ  hja  ubh)”}”(hhh]”jÚ  )”}”(hŒsgx_encl”h]”hŒsgx_encl”…””}”(hjƒ  h²hh³Nh´Nubah}”(h]”h ]”jæ  ah"]”h$]”h&]”uh1jÙ  hj€  ubah}”(h]”h ]”h"]”h$]”h&]”Œ	refdomain”j5  Œreftype”j7  Œ	reftarget”j…  Œmodname”NŒ	classname”Nj;  j>  )”}”jA  ]”jD  )”}”j7  jK  sbŒc.sgx_ioc_enclave_remove_pages”†”asbuh1hhja  ubjÃ  )”}”(hŒ ”h]”hŒ ”…””}”(hj£  h²hh³Nh´Nubah}”(h]”h ]”jÏ  ah"]”h$]”h&]”uh1jÂ  hja  ubjX  )”}”(hj<  h]”hŒ*”…””}”(hj±  h²hh³Nh´Nubah}”(h]”h ]”jc  ah"]”h$]”h&]”uh1jW  hja  ubjÚ  )”}”(hŒencl”h]”hŒencl”…””}”(hj¾  h²hh³Nh´Nubah}”(h]”h ]”jæ  ah"]”h$]”h&]”uh1jÙ  hja  ubeh}”(h]”h ]”h"]”h$]”h&]”Œnoemph”ˆhÅhÆuh1jø  hj]  ubjù  )”}”(hŒvoid __user *arg”h]”(j±  )”}”(hŒvoid”h]”hŒvoid”…””}”(hj×  h²hh³Nh´Nubah}”(h]”h ]”j½  ah"]”h$]”h&]”uh1j°  hjÓ  ubjÃ  )”}”(hŒ ”h]”hŒ ”…””}”(hjå  h²hh³Nh´Nubah}”(h]”h ]”jÏ  ah"]”h$]”h&]”uh1jÂ  hjÓ  ubhŒ__user”…””}”(hjÓ  h²hh³Nh´NubjÃ  )”}”(hŒ ”h]”hŒ ”…””}”(hj÷  h²hh³Nh´Nubah}”(h]”h ]”jÏ  ah"]”h$]”h&]”uh1jÂ  hjÓ  ubjX  )”}”(hj<  h]”hŒ*”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”jc  ah"]”h$]”h&]”uh1jW  hjÓ  ubjÚ  )”}”(hŒarg”h]”hŒarg”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”jæ  ah"]”h$]”h&]”uh1jÙ  hjÓ  ubeh}”(h]”h ]”h"]”h$]”h&]”Œnoemph”ˆhÅhÆuh1jø  hj]  ubeh}”(h]”h ]”h"]”h$]”h&]”hÅhÆuh1jò  hj$  h²hh³j6  h´M‚ubeh}”(h]”h ]”h"]”h$]”h&]”hÅhÆjÜ  ˆuh1jª  jÝ  jÞ  hj   h²hh³j6  h´M‚ubah}”(h]”j  ah ]”(jâ  jã  eh"]”h$]”h&]”jç  ˆjè  )jé  huh1j¤  h³j6  h´M‚hj  h²hubjë  )”}”(hhh]”hï)”}”(hŒ,handler for ``SGX_IOC_ENCLAVE_REMOVE_PAGES``”h]”(hŒhandler for ”…””}”(hj<  h²hh³Nh´Nubjd  )”}”(hŒ ``SGX_IOC_ENCLAVE_REMOVE_PAGES``”h]”hŒSGX_IOC_ENCLAVE_REMOVE_PAGES”…””}”(hjD  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hj<  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:113: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M‚hj9  h²hubah}”(h]”h ]”h"]”h$]”h&]”uh1jê  hj  h²hh³j6  h´M‚ubeh}”(h]”h ]”(j5  Œfunction”eh"]”h$]”h&]”j  j5  j  jb  j  jb  j  ‰j  ‰j  ‰uh1jŸ  h²hhj  h³Nh´Nubj   )”}”(hXÔ  **Parameters**

``struct sgx_encl *encl``
  an enclave pointer

``void __user *arg``
  userspace pointer to :c:type:`struct sgx_enclave_remove_pages <sgx_enclave_remove_pages>` instance

**Description**

Final step of the flow removing pages from an initialized enclave. The
complete flow is:

1) User changes the type of the pages to be removed to ``SGX_PAGE_TYPE_TRIM``
   using the ``SGX_IOC_ENCLAVE_MODIFY_TYPES`` ioctl().
2) User approves the page removal by running ENCLU[EACCEPT] from within
   the enclave.
3) User initiates actual page removal using the
   ``SGX_IOC_ENCLAVE_REMOVE_PAGES`` ioctl() that is handled here.

First remove any page table entries pointing to the page and then proceed
with the actual removal of the enclave page and data in support of it.

VA pages are not affected by this removal. It is thus possible that the
enclave may end up with more VA pages than needed to support all its
pages.

**Return**

- 0:         Success
- -errno:    Otherwise”h]”(hï)”}”(hŒ**Parameters**”h]”j  )”}”(hjl  h]”hŒ
Parameters”…””}”(hjn  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hjj  ubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:113: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M†hjf  ubjõ  )”}”(hhh]”(jú  )”}”(hŒ-``struct sgx_encl *encl``
an enclave pointer
”h]”(j   )”}”(hŒ``struct sgx_encl *encl``”h]”jd  )”}”(hj‹  h]”hŒstruct sgx_encl *encl”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hj‰  ubah}”(h]”h ]”h"]”h$]”h&]”uh1jÿ  h³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:113: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´Mƒhj…  ubj  )”}”(hhh]”hï)”}”(hŒan enclave pointer”h]”hŒan enclave pointer”…””}”(hj¤  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³j   h´Mƒhj¡  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj…  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jù  h³j   h´Mƒhj‚  ubjú  )”}”(hŒx``void __user *arg``
userspace pointer to :c:type:`struct sgx_enclave_remove_pages <sgx_enclave_remove_pages>` instance
”h]”(j   )”}”(hŒ``void __user *arg``”h]”jd  )”}”(hjÄ  h]”hŒvoid __user *arg”…””}”(hjÆ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hjÂ  ubah}”(h]”h ]”h"]”h$]”h&]”uh1jÿ  h³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:113: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M„hj¾  ubj  )”}”(hhh]”hï)”}”(hŒbuserspace pointer to :c:type:`struct sgx_enclave_remove_pages <sgx_enclave_remove_pages>` instance”h]”(hŒuserspace pointer to ”…””}”(hjÝ  h²hh³Nh´Nubh)”}”(hŒD:c:type:`struct sgx_enclave_remove_pages <sgx_enclave_remove_pages>`”h]”jd  )”}”(hjç  h]”hŒstruct sgx_enclave_remove_pages”…””}”(hjé  h²hh³Nh´Nubah}”(h]”h ]”(j  j5  Œc-type”eh"]”h$]”h&]”uh1jc  hjå  ubah}”(h]”h ]”h"]”h$]”h&]”Œrefdoc”j"  Œ	refdomain”j5  Œreftype”Œtype”Œrefexplicit”ˆŒrefwarn”‰j;  j(  j+  Œsgx_enclave_remove_pages”uh1hh³jÙ  h´M„hjÝ  ubhŒ	 instance”…””}”(hjÝ  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hîh³jÙ  h´M„hjÚ  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj¾  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jù  h³jÙ  h´M„hj‚  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jô  hjf  ubhï)”}”(hŒ**Description**”h]”j  )”}”(hj"  h]”hŒDescription”…””}”(hj$  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj   ubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:113: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M†hjf  ubhï)”}”(hŒXFinal step of the flow removing pages from an initialized enclave. The
complete flow is:”h]”hŒXFinal step of the flow removing pages from an initialized enclave. The
complete flow is:”…””}”(hj8  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:113: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M…hjf  ubj„  )”}”(hhh]”(j  )”}”(hŒ~User changes the type of the pages to be removed to ``SGX_PAGE_TYPE_TRIM``
using the ``SGX_IOC_ENCLAVE_MODIFY_TYPES`` ioctl().”h]”hï)”}”(hŒ~User changes the type of the pages to be removed to ``SGX_PAGE_TYPE_TRIM``
using the ``SGX_IOC_ENCLAVE_MODIFY_TYPES`` ioctl().”h]”(hŒ4User changes the type of the pages to be removed to ”…””}”(hjN  h²hh³Nh´Nubjd  )”}”(hŒ``SGX_PAGE_TYPE_TRIM``”h]”hŒSGX_PAGE_TYPE_TRIM”…””}”(hjV  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hjN  ubhŒ
using the ”…””}”(hjN  h²hh³Nh´Nubjd  )”}”(hŒ ``SGX_IOC_ENCLAVE_MODIFY_TYPES``”h]”hŒSGX_IOC_ENCLAVE_MODIFY_TYPES”…””}”(hjh  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hjN  ubhŒ	 ioctl().”…””}”(hjN  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:113: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´MˆhjJ  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hjG  ubj  )”}”(hŒQUser approves the page removal by running ENCLU[EACCEPT] from within
the enclave.”h]”hï)”}”(hŒQUser approves the page removal by running ENCLU[EACCEPT] from within
the enclave.”h]”hŒQUser approves the page removal by running ENCLU[EACCEPT] from within
the enclave.”…””}”(hj‹  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:113: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´MŠhj‡  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hjG  ubj  )”}”(hŒlUser initiates actual page removal using the
``SGX_IOC_ENCLAVE_REMOVE_PAGES`` ioctl() that is handled here.
”h]”hï)”}”(hŒkUser initiates actual page removal using the
``SGX_IOC_ENCLAVE_REMOVE_PAGES`` ioctl() that is handled here.”h]”(hŒ-User initiates actual page removal using the
”…””}”(hj¤  h²hh³Nh´Nubjd  )”}”(hŒ ``SGX_IOC_ENCLAVE_REMOVE_PAGES``”h]”hŒSGX_IOC_ENCLAVE_REMOVE_PAGES”…””}”(hj¬  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hj¤  ubhŒ ioctl() that is handled here.”…””}”(hj¤  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:113: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´MŒhj   ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hjG  ubeh}”(h]”h ]”h"]”h$]”h&]”j¿  jÀ  jÁ  hjÂ  Œ)”uh1jƒ  hjf  ubhï)”}”(hŒFirst remove any page table entries pointing to the page and then proceed
with the actual removal of the enclave page and data in support of it.”h]”hŒFirst remove any page table entries pointing to the page and then proceed
with the actual removal of the enclave page and data in support of it.”…””}”(hjÒ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:113: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´Mhjf  ubhï)”}”(hŒ“VA pages are not affected by this removal. It is thus possible that the
enclave may end up with more VA pages than needed to support all its
pages.”h]”hŒ“VA pages are not affected by this removal. It is thus possible that the
enclave may end up with more VA pages than needed to support all its
pages.”…””}”(hjá  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:113: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M’hjf  ubhï)”}”(hŒ
**Return**”h]”j  )”}”(hjò  h]”hŒReturn”…””}”(hjô  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hjð  ubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:113: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M–hjf  ubhÿ)”}”(hhh]”(j  )”}”(hŒ0:         Success”h]”hï)”}”(hj  h]”hŒ0:         Success”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:113: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M—hj  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj  ubj  )”}”(hŒ-errno:    Otherwise”h]”hï)”}”(hj%  h]”hŒ-errno:    Otherwise”…””}”(hj'  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:113: ./arch/x86/kernel/cpu/sgx/ioctl.c”h´M˜hj#  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj  ubeh}”(h]”h ]”h"]”h$]”h&]”j;  jH  uh1hþh³j  h´M—hjf  ubeh}”(h]”h ]”Œkernelindent”ah"]”h$]”h&]”uh1j  hj  h²hh³Nh´Nubeh}”(h]”Œenclave-runtime-management”ah ]”h"]”Œenclave runtime management”ah$]”h&]”uh1hÈhjL  h²hh³hÇh´KhubhÉ)”}”(hhh]”(hÎ)”}”(hŒEnclave vDSO”h]”hŒEnclave vDSO”…””}”(hjS  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÍhjP  h²hh³hÇh´Kwubhï)”}”(hXl  Entering an enclave can only be done through SGX-specific EENTER and ERESUME
functions, and is a non-trivial process.  Because of the complexity of
transitioning to and from an enclave, enclaves typically utilize a library to
handle the actual transitions.  This is roughly analogous to how glibc
implementations are used by most applications to wrap system calls.”h]”hXl  Entering an enclave can only be done through SGX-specific EENTER and ERESUME
functions, and is a non-trivial process.  Because of the complexity of
transitioning to and from an enclave, enclaves typically utilize a library to
handle the actual transitions.  This is roughly analogous to how glibc
implementations are used by most applications to wrap system calls.”…””}”(hja  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´KyhjP  h²hubhï)”}”(hŒ®Another crucial characteristic of enclaves is that they can generate exceptions
as part of their normal operation that need to be handled in the enclave or are
unique to SGX.”h]”hŒ®Another crucial characteristic of enclaves is that they can generate exceptions
as part of their normal operation that need to be handled in the enclave or are
unique to SGX.”…””}”(hjo  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´KhjP  h²hubhï)”}”(hX¬  Instead of the traditional signal mechanism to handle these exceptions, SGX
can leverage special exception fixup provided by the vDSO.  The kernel-provided
vDSO function wraps low-level transitions to/from the enclave like EENTER and
ERESUME.  The vDSO function intercepts exceptions that would otherwise generate
a signal and return the fault information directly to its caller.  This avoids
the need to juggle signal handlers.”h]”hX¬  Instead of the traditional signal mechanism to handle these exceptions, SGX
can leverage special exception fixup provided by the vDSO.  The kernel-provided
vDSO function wraps low-level transitions to/from the enclave like EENTER and
ERESUME.  The vDSO function intercepts exceptions that would otherwise generate
a signal and return the fault information directly to its caller.  This avoids
the need to juggle signal handlers.”…””}”(hj}  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´KƒhjP  h²hubj  )”}”(hhh]”h}”(h]”h ]”h"]”h$]”h&]”Œentries”]”(j›  Œ"vdso_sgx_enter_enclave_t (C macro)”Œc.vdso_sgx_enter_enclave_t”hNt”auh1jŽ  hjP  h²hh³Nh´Nubj   )”}”(hhh]”(j¥  )”}”(hŒvdso_sgx_enter_enclave_t”h]”j«  )”}”(hŒvdso_sgx_enter_enclave_t”h]”jÔ  )”}”(hŒvdso_sgx_enter_enclave_t”h]”jÚ  )”}”(hjž  h]”hŒvdso_sgx_enter_enclave_t”…””}”(hj¨  h²hh³Nh´Nubah}”(h]”h ]”jæ  ah"]”h$]”h&]”uh1jÙ  hj¤  ubah}”(h]”h ]”(jí  jî  eh"]”h$]”h&]”hÅhÆuh1jÓ  hj   h²hh³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:138: ./arch/x86/include/uapi/asm/sgx.h”h´KÂubah}”(h]”h ]”h"]”h$]”h&]”hÅhÆjÜ  ˆuh1jª  jÝ  jÞ  hjœ  h²hh³j»  h´KÂubah}”(h]”j—  ah ]”(jâ  jã  eh"]”h$]”h&]”jç  ˆjè  )jé  huh1j¤  h³j»  h´KÂhj™  h²hubjë  )”}”(hhh]”hï)”}”(hŒ_**Typedef**: Prototype for __vdso_sgx_enter_enclave(), a vDSO function to enter an SGX enclave.”h]”(j  )”}”(hŒ**Typedef**”h]”hŒTypedef”…””}”(hjÏ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hjË  ubhŒT: Prototype for __vdso_sgx_enter_enclave(), a vDSO function to enter an SGX enclave.”…””}”(hjË  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:138: ./arch/x86/include/uapi/asm/sgx.h”h´KÄhjÈ  h²hubah}”(h]”h ]”h"]”h$]”h&]”uh1jê  hj™  h²hh³j»  h´KÂubeh}”(h]”h ]”(j5  Œmacro”eh"]”h$]”h&]”j  j5  j  jñ  j  jñ  j  ‰j  ‰j  ‰uh1jŸ  h²hhjP  h³Nh´Nubhï)”}”(hŒ
**Syntax**”h]”j  )”}”(hj÷  h]”hŒSyntax”…””}”(hjù  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hjõ  ubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:138: ./arch/x86/include/uapi/asm/sgx.h”h´KÇhjP  h²hubjZ  )”}”(hŒ³``int vdso_sgx_enter_enclave_t (unsigned long rdi, unsigned long rsi, unsigned long rdx, unsigned int function, unsigned long r8, unsigned long r9, struct sgx_enclave_run *run)``
”h]”hï)”}”(hŒ²``int vdso_sgx_enter_enclave_t (unsigned long rdi, unsigned long rsi, unsigned long rdx, unsigned int function, unsigned long r8, unsigned long r9, struct sgx_enclave_run *run)``”h]”jd  )”}”(hj  h]”hŒ®int vdso_sgx_enter_enclave_t (unsigned long rdi, unsigned long rsi, unsigned long rdx, unsigned int function, unsigned long r8, unsigned long r9, struct sgx_enclave_run *run)”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hj  ubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:138: ./arch/x86/include/uapi/asm/sgx.h”h´KÉhj  ubah}”(h]”h ]”h"]”h$]”h&]”uh1jY  h³j(  h´KÉhjP  h²hubj   )”}”(hX  **Parameters**

``unsigned long rdi``
  Pass-through value for RDI

``unsigned long rsi``
  Pass-through value for RSI

``unsigned long rdx``
  Pass-through value for RDX

``unsigned int function``
  ENCLU function, must be EENTER or ERESUME

``unsigned long r8``
  Pass-through value for R8

``unsigned long r9``
  Pass-through value for R9

``struct sgx_enclave_run *run``
  struct sgx_enclave_run, must be non-NULL

**NOTE**

__vdso_sgx_enter_enclave() does not ensure full compliance with the
x86-64 ABI, e.g. doesn't handle XSAVE state.  Except for non-volatile
general purpose registers, EFLAGS.DF, and RSP alignment, preserving/setting
state in accordance with the x86-64 ABI is the responsibility of the enclave
and its runtime, i.e. __vdso_sgx_enter_enclave() cannot be called from C
code without careful consideration by both the enclave and its runtime.

All general purpose registers except RAX, RBX and RCX are passed as-is to the
enclave.  RAX, RBX and RCX are consumed by EENTER and ERESUME and are loaded
with **function**, asynchronous exit pointer, and **run.tcs** respectively.

RBP and the stack are used to anchor __vdso_sgx_enter_enclave() to the
pre-enclave state, e.g. to retrieve **run.exception** and **run.user_handler**
after an enclave exit.  All other registers are available for use by the
enclave and its runtime, e.g. an enclave can push additional data onto the
stack (and modify RSP) to pass information to the optional user handler (see
below).

Most exceptions reported on ENCLU, including those that occur within the
enclave, are fixed up and reported synchronously instead of being delivered
via a standard signal. Debug Exceptions (#DB) and Breakpoints (#BP) are
never fixed up and are always delivered via standard signals. On synchronously
reported exceptions, -EFAULT is returned and details about the exception are
recorded in **run.exception**, the optional sgx_enclave_exception struct.

**Return**

- 0:         ENCLU function was successfully executed.
- -EINVAL:   Invalid ENCL number (neither EENTER nor ERESUME).”h]”(hï)”}”(hŒ**Parameters**”h]”j  )”}”(hj5  h]”hŒ
Parameters”…””}”(hj7  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj3  ubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:138: ./arch/x86/include/uapi/asm/sgx.h”h´KÍhj/  ubjõ  )”}”(hhh]”(jú  )”}”(hŒ1``unsigned long rdi``
Pass-through value for RDI
”h]”(j   )”}”(hŒ``unsigned long rdi``”h]”jd  )”}”(hjT  h]”hŒunsigned long rdi”…””}”(hjV  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hjR  ubah}”(h]”h ]”h"]”h$]”h&]”uh1jÿ  h³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:138: ./arch/x86/include/uapi/asm/sgx.h”h´KÄhjN  ubj  )”}”(hhh]”hï)”}”(hŒPass-through value for RDI”h]”hŒPass-through value for RDI”…””}”(hjm  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³ji  h´KÄhjj  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hjN  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jù  h³ji  h´KÄhjK  ubjú  )”}”(hŒ1``unsigned long rsi``
Pass-through value for RSI
”h]”(j   )”}”(hŒ``unsigned long rsi``”h]”jd  )”}”(hj  h]”hŒunsigned long rsi”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hj‹  ubah}”(h]”h ]”h"]”h$]”h&]”uh1jÿ  h³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:138: ./arch/x86/include/uapi/asm/sgx.h”h´KÅhj‡  ubj  )”}”(hhh]”hï)”}”(hŒPass-through value for RSI”h]”hŒPass-through value for RSI”…””}”(hj¦  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³j¢  h´KÅhj£  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj‡  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jù  h³j¢  h´KÅhjK  ubjú  )”}”(hŒ1``unsigned long rdx``
Pass-through value for RDX
”h]”(j   )”}”(hŒ``unsigned long rdx``”h]”jd  )”}”(hjÆ  h]”hŒunsigned long rdx”…””}”(hjÈ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hjÄ  ubah}”(h]”h ]”h"]”h$]”h&]”uh1jÿ  h³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:138: ./arch/x86/include/uapi/asm/sgx.h”h´KÆhjÀ  ubj  )”}”(hhh]”hï)”}”(hŒPass-through value for RDX”h]”hŒPass-through value for RDX”…””}”(hjß  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³jÛ  h´KÆhjÜ  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hjÀ  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jù  h³jÛ  h´KÆhjK  ubjú  )”}”(hŒD``unsigned int function``
ENCLU function, must be EENTER or ERESUME
”h]”(j   )”}”(hŒ``unsigned int function``”h]”jd  )”}”(hjÿ  h]”hŒunsigned int function”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hjý  ubah}”(h]”h ]”h"]”h$]”h&]”uh1jÿ  h³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:138: ./arch/x86/include/uapi/asm/sgx.h”h´KÇhjù  ubj  )”}”(hhh]”hï)”}”(hŒ)ENCLU function, must be EENTER or ERESUME”h]”hŒ)ENCLU function, must be EENTER or ERESUME”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³j  h´KÇhj  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hjù  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jù  h³j  h´KÇhjK  ubjú  )”}”(hŒ/``unsigned long r8``
Pass-through value for R8
”h]”(j   )”}”(hŒ``unsigned long r8``”h]”jd  )”}”(hj8  h]”hŒunsigned long r8”…””}”(hj:  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hj6  ubah}”(h]”h ]”h"]”h$]”h&]”uh1jÿ  h³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:138: ./arch/x86/include/uapi/asm/sgx.h”h´KÈhj2  ubj  )”}”(hhh]”hï)”}”(hŒPass-through value for R8”h]”hŒPass-through value for R8”…””}”(hjQ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³jM  h´KÈhjN  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj2  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jù  h³jM  h´KÈhjK  ubjú  )”}”(hŒ/``unsigned long r9``
Pass-through value for R9
”h]”(j   )”}”(hŒ``unsigned long r9``”h]”jd  )”}”(hjq  h]”hŒunsigned long r9”…””}”(hjs  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hjo  ubah}”(h]”h ]”h"]”h$]”h&]”uh1jÿ  h³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:138: ./arch/x86/include/uapi/asm/sgx.h”h´KÉhjk  ubj  )”}”(hhh]”hï)”}”(hŒPass-through value for R9”h]”hŒPass-through value for R9”…””}”(hjŠ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³j†  h´KÉhj‡  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hjk  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jù  h³j†  h´KÉhjK  ubjú  )”}”(hŒI``struct sgx_enclave_run *run``
struct sgx_enclave_run, must be non-NULL
”h]”(j   )”}”(hŒ``struct sgx_enclave_run *run``”h]”jd  )”}”(hjª  h]”hŒstruct sgx_enclave_run *run”…””}”(hj¬  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hj¨  ubah}”(h]”h ]”h"]”h$]”h&]”uh1jÿ  h³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:138: ./arch/x86/include/uapi/asm/sgx.h”h´KÊhj¤  ubj  )”}”(hhh]”hï)”}”(hŒ(struct sgx_enclave_run, must be non-NULL”h]”hŒ(struct sgx_enclave_run, must be non-NULL”…””}”(hjÃ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³j¿  h´KÊhjÀ  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj¤  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jù  h³j¿  h´KÊhjK  ubeh}”(h]”h ]”h"]”h$]”h&]”uh1jô  hj/  ubhï)”}”(hŒ**NOTE**”h]”j  )”}”(hjå  h]”hŒNOTE”…””}”(hjç  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hjã  ubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:138: ./arch/x86/include/uapi/asm/sgx.h”h´KÌhj/  ubhï)”}”(hX³  __vdso_sgx_enter_enclave() does not ensure full compliance with the
x86-64 ABI, e.g. doesn't handle XSAVE state.  Except for non-volatile
general purpose registers, EFLAGS.DF, and RSP alignment, preserving/setting
state in accordance with the x86-64 ABI is the responsibility of the enclave
and its runtime, i.e. __vdso_sgx_enter_enclave() cannot be called from C
code without careful consideration by both the enclave and its runtime.”h]”hXµ  __vdso_sgx_enter_enclave() does not ensure full compliance with the
x86-64 ABI, e.g. doesnâ€™t handle XSAVE state.  Except for non-volatile
general purpose registers, EFLAGS.DF, and RSP alignment, preserving/setting
state in accordance with the x86-64 ABI is the responsibility of the enclave
and its runtime, i.e. __vdso_sgx_enter_enclave() cannot be called from C
code without careful consideration by both the enclave and its runtime.”…””}”(hjû  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:138: ./arch/x86/include/uapi/asm/sgx.h”h´KÌhj/  ubhï)”}”(hŒæAll general purpose registers except RAX, RBX and RCX are passed as-is to the
enclave.  RAX, RBX and RCX are consumed by EENTER and ERESUME and are loaded
with **function**, asynchronous exit pointer, and **run.tcs** respectively.”h]”(hŒ All general purpose registers except RAX, RBX and RCX are passed as-is to the
enclave.  RAX, RBX and RCX are consumed by EENTER and ERESUME and are loaded
with ”…””}”(hj
  h²hh³Nh´Nubj  )”}”(hŒ**function**”h]”hŒfunction”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj
  ubhŒ!, asynchronous exit pointer, and ”…””}”(hj
  h²hh³Nh´Nubj  )”}”(hŒ**run.tcs**”h]”hŒrun.tcs”…””}”(hj$  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj
  ubhŒ respectively.”…””}”(hj
  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:138: ./arch/x86/include/uapi/asm/sgx.h”h´KÓhj/  ubhï)”}”(hX~  RBP and the stack are used to anchor __vdso_sgx_enter_enclave() to the
pre-enclave state, e.g. to retrieve **run.exception** and **run.user_handler**
after an enclave exit.  All other registers are available for use by the
enclave and its runtime, e.g. an enclave can push additional data onto the
stack (and modify RSP) to pass information to the optional user handler (see
below).”h]”(hŒkRBP and the stack are used to anchor __vdso_sgx_enter_enclave() to the
pre-enclave state, e.g. to retrieve ”…””}”(hj=  h²hh³Nh´Nubj  )”}”(hŒ**run.exception**”h]”hŒrun.exception”…””}”(hjE  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj=  ubhŒ and ”…””}”(hj=  h²hh³Nh´Nubj  )”}”(hŒ**run.user_handler**”h]”hŒrun.user_handler”…””}”(hjW  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj=  ubhŒé
after an enclave exit.  All other registers are available for use by the
enclave and its runtime, e.g. an enclave can push additional data onto the
stack (and modify RSP) to pass information to the optional user handler (see
below).”…””}”(hj=  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:138: ./arch/x86/include/uapi/asm/sgx.h”h´K×hj/  ubhï)”}”(hXÂ  Most exceptions reported on ENCLU, including those that occur within the
enclave, are fixed up and reported synchronously instead of being delivered
via a standard signal. Debug Exceptions (#DB) and Breakpoints (#BP) are
never fixed up and are always delivered via standard signals. On synchronously
reported exceptions, -EFAULT is returned and details about the exception are
recorded in **run.exception**, the optional sgx_enclave_exception struct.”h]”(hX…  Most exceptions reported on ENCLU, including those that occur within the
enclave, are fixed up and reported synchronously instead of being delivered
via a standard signal. Debug Exceptions (#DB) and Breakpoints (#BP) are
never fixed up and are always delivered via standard signals. On synchronously
reported exceptions, -EFAULT is returned and details about the exception are
recorded in ”…””}”(hjp  h²hh³Nh´Nubj  )”}”(hŒ**run.exception**”h]”hŒrun.exception”…””}”(hjx  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hjp  ubhŒ,, the optional sgx_enclave_exception struct.”…””}”(hjp  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:138: ./arch/x86/include/uapi/asm/sgx.h”h´KÞhj/  ubhï)”}”(hŒ
**Return**”h]”j  )”}”(hj“  h]”hŒReturn”…””}”(hj•  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj‘  ubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:138: ./arch/x86/include/uapi/asm/sgx.h”h´Kåhj/  ubhÿ)”}”(hhh]”(j  )”}”(hŒ40:         ENCLU function was successfully executed.”h]”hï)”}”(hj®  h]”hŒ40:         ENCLU function was successfully executed.”…””}”(hj°  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:138: ./arch/x86/include/uapi/asm/sgx.h”h´Kåhj¬  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj©  ubj  )”}”(hŒ<-EINVAL:   Invalid ENCL number (neither EENTER nor ERESUME).”h]”hï)”}”(hjÆ  h]”hŒ<-EINVAL:   Invalid ENCL number (neither EENTER nor ERESUME).”…””}”(hjÈ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³Œ]/var/lib/git/docbuild/linux/Documentation/arch/x86/sgx:138: ./arch/x86/include/uapi/asm/sgx.h”h´KæhjÄ  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj©  ubeh}”(h]”h ]”h"]”h$]”h&]”j;  jH  uh1hþh³j½  h´Kåhj/  ubeh}”(h]”h ]”Œkernelindent”ah"]”h$]”h&]”uh1j  hjP  h²hh³Nh´Nubeh}”(h]”Œenclave-vdso”ah ]”h"]”Œenclave vdso”ah$]”h&]”uh1hÈhjL  h²hh³hÇh´Kwubeh}”(h]”Œapplication-interface”ah ]”h"]”Œapplication interface”ah$]”h&]”uh1hÈhhÊh²hh³hÇh´KUubhÉ)”}”(hhh]”(hÎ)”}”(hŒksgxd”h]”hŒksgxd”…””}”(hjü  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÍhjù  h²hh³hÇh´KŽubhï)”}”(hŒ4SGX support includes a kernel thread called *ksgxd*.”h]”(hŒ,SGX support includes a kernel thread called ”…””}”(hj
  h²hh³Nh´Nubj®  )”}”(hŒ*ksgxd*”h]”hŒksgxd”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j­  hj
  ubhŒ.”…””}”(hj
  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´Khjù  h²hubhÉ)”}”(hhh]”(hÎ)”}”(hŒEPC sanitization”h]”hŒEPC sanitization”…””}”(hj-  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÍhj*  h²hh³hÇh´K“ubhï)”}”(hXv  ksgxd is started when SGX initializes.  Enclave memory is typically ready
for use when the processor powers on or resets.  However, if SGX has been in
use since the reset, enclave pages may be in an inconsistent state.  This might
occur after a crash and kexec() cycle, for instance.  At boot, ksgxd
reinitializes all enclave pages so that they can be allocated and re-used.”h]”hXv  ksgxd is started when SGX initializes.  Enclave memory is typically ready
for use when the processor powers on or resets.  However, if SGX has been in
use since the reset, enclave pages may be in an inconsistent state.  This might
occur after a crash and kexec() cycle, for instance.  At boot, ksgxd
reinitializes all enclave pages so that they can be allocated and re-used.”…””}”(hj;  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´K•hj*  h²hubhï)”}”(hX!  The sanitization is done by going through EPC address space and applying the
EREMOVE function to each physical page. Some enclave pages like SECS pages have
hardware dependencies on other pages which prevents EREMOVE from functioning.
Executing two EREMOVE passes removes the dependencies.”h]”hX!  The sanitization is done by going through EPC address space and applying the
EREMOVE function to each physical page. Some enclave pages like SECS pages have
hardware dependencies on other pages which prevents EREMOVE from functioning.
Executing two EREMOVE passes removes the dependencies.”…””}”(hjI  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´K›hj*  h²hubeh}”(h]”Œepc-sanitization”ah ]”h"]”Œepc sanitization”ah$]”h&]”uh1hÈhjù  h²hh³hÇh´K“ubhÉ)”}”(hhh]”(hÎ)”}”(hŒPage reclaimer”h]”hŒPage reclaimer”…””}”(hjb  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÍhj_  h²hh³hÇh´K¡ubhï)”}”(hŒÄSimilar to the core kswapd, ksgxd, is responsible for managing the
overcommitment of enclave memory.  If the system runs out of enclave memory,
*ksgxd* â€œswapsâ€ enclave memory to normal memory.”h]”(hŒSimilar to the core kswapd, ksgxd, is responsible for managing the
overcommitment of enclave memory.  If the system runs out of enclave memory,
”…””}”(hjp  h²hh³Nh´Nubj®  )”}”(hŒ*ksgxd*”h]”hŒksgxd”…””}”(hjx  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j­  hjp  ubhŒ- â€œswapsâ€ enclave memory to normal memory.”…””}”(hjp  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´K£hj_  h²hubeh}”(h]”Œpage-reclaimer”ah ]”h"]”Œpage reclaimer”ah$]”h&]”uh1hÈhjù  h²hh³hÇh´K¡ubeh}”(h]”Œksgxd”ah ]”h"]”Œksgxd”ah$]”h&]”uh1hÈhhÊh²hh³hÇh´KŽubhÉ)”}”(hhh]”(hÎ)”}”(hŒLaunch Control”h]”hŒLaunch Control”…””}”(hj£  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÍhj   h²hh³hÇh´K¨ubhï)”}”(hŒÉSGX provides a launch control mechanism. After all enclave pages have been
copied, kernel executes EINIT function, which initializes the enclave. Only after
this the CPU can execute inside the enclave.”h]”hŒÉSGX provides a launch control mechanism. After all enclave pages have been
copied, kernel executes EINIT function, which initializes the enclave. Only after
this the CPU can execute inside the enclave.”…””}”(hj±  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´Kªhj   h²hubhï)”}”(hX  EINIT function takes an RSA-3072 signature of the enclave measurement.  The function
checks that the measurement is correct and signature is signed with the key
hashed to the four **IA32_SGXLEPUBKEYHASH{0, 1, 2, 3}** MSRs representing the
SHA256 of a public key.”h]”(hŒ´EINIT function takes an RSA-3072 signature of the enclave measurement.  The function
checks that the measurement is correct and signature is signed with the key
hashed to the four ”…””}”(hj¿  h²hh³Nh´Nubj  )”}”(hŒ$**IA32_SGXLEPUBKEYHASH{0, 1, 2, 3}**”h]”hŒ IA32_SGXLEPUBKEYHASH{0, 1, 2, 3}”…””}”(hjÇ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj¿  ubhŒ. MSRs representing the
SHA256 of a public key.”…””}”(hj¿  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´K®hj   h²hubhï)”}”(hX  Those MSRs can be configured by the BIOS to be either readable or writable.
Linux supports only writable configuration in order to give full control to the
kernel on launch control policy. Before calling EINIT function, the driver sets
the MSRs to match the enclave's signing key.”h]”hX  Those MSRs can be configured by the BIOS to be either readable or writable.
Linux supports only writable configuration in order to give full control to the
kernel on launch control policy. Before calling EINIT function, the driver sets
the MSRs to match the enclaveâ€™s signing key.”…””}”(hjß  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´K³hj   h²hubeh}”(h]”Œlaunch-control”ah ]”h"]”Œlaunch control”ah$]”h&]”uh1hÈhhÊh²hh³hÇh´K¨ubhÉ)”}”(hhh]”(hÎ)”}”(hŒEncryption engines”h]”hŒEncryption engines”…””}”(hjø  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÍhjõ  h²hh³hÇh´K¹ubhï)”}”(hŒ¬In order to conceal the enclave data while it is out of the CPU package, the
memory controller has an encryption engine to transparently encrypt and decrypt
enclave memory.”h]”hŒ¬In order to conceal the enclave data while it is out of the CPU package, the
memory controller has an encryption engine to transparently encrypt and decrypt
enclave memory.”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´K»hjõ  h²hubhï)”}”(hX  In CPUs prior to Ice Lake, the Memory Encryption Engine (MEE) is used to
encrypt pages leaving the CPU caches. MEE uses a n-ary Merkle tree with root in
SRAM to maintain integrity of the encrypted data. This provides integrity and
anti-replay protection but does not scale to large memory sizes because the time
required to update the Merkle tree grows logarithmically in relation to the
memory size.”h]”hX  In CPUs prior to Ice Lake, the Memory Encryption Engine (MEE) is used to
encrypt pages leaving the CPU caches. MEE uses a n-ary Merkle tree with root in
SRAM to maintain integrity of the encrypted data. This provides integrity and
anti-replay protection but does not scale to large memory sizes because the time
required to update the Merkle tree grows logarithmically in relation to the
memory size.”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´K¿hjõ  h²hubhï)”}”(hXI  CPUs starting from Icelake use Total Memory Encryption (TME) in the place of
MEE. TME-based SGX implementations do not have an integrity Merkle tree, which
means integrity and replay-attacks are not mitigated.  B, it includes
additional changes to prevent cipher text from being returned and SW memory
aliases from being created.”h]”hXI  CPUs starting from Icelake use Total Memory Encryption (TME) in the place of
MEE. TME-based SGX implementations do not have an integrity Merkle tree, which
means integrity and replay-attacks are not mitigated.  B, it includes
additional changes to prevent cipher text from being returned and SW memory
aliases from being created.”…””}”(hj"  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´KÆhjõ  h²hubhï)”}”(hŒdDMA to enclave memory is blocked by range registers on both MEE and TME systems
(SDM section 41.10).”h]”hŒdDMA to enclave memory is blocked by range registers on both MEE and TME systems
(SDM section 41.10).”…””}”(hj0  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´KÌhjõ  h²hubeh}”(h]”Œencryption-engines”ah ]”h"]”Œencryption engines”ah$]”h&]”uh1hÈhhÊh²hh³hÇh´K¹ubhÉ)”}”(hhh]”(hÎ)”}”(hŒUsage Models”h]”hŒUsage Models”…””}”(hjI  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÍhjF  h²hh³hÇh´KÐubhÉ)”}”(hhh]”(hÎ)”}”(hŒShared Library”h]”hŒShared Library”…””}”(hjZ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÍhjW  h²hh³hÇh´KÓubhï)”}”(hX­  Sensitive data and the code that acts on it is partitioned from the application
into a separate library. The library is then linked as a DSO which can be loaded
into an enclave. The application can then make individual function calls into
the enclave through special SGX instructions. A run-time within the enclave is
configured to marshal function parameters into and out of the enclave and to
call the correct library function.”h]”hX­  Sensitive data and the code that acts on it is partitioned from the application
into a separate library. The library is then linked as a DSO which can be loaded
into an enclave. The application can then make individual function calls into
the enclave through special SGX instructions. A run-time within the enclave is
configured to marshal function parameters into and out of the enclave and to
call the correct library function.”…””}”(hjh  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´KÕhjW  h²hubeh}”(h]”Œshared-library”ah ]”h"]”Œshared library”ah$]”h&]”uh1hÈhjF  h²hh³hÇh´KÓubhÉ)”}”(hhh]”(hÎ)”}”(hŒApplication Container”h]”hŒApplication Container”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÍhj~  h²hh³hÇh´KÝubhï)”}”(hX  An application may be loaded into a container enclave which is specially
configured with a library OS and run-time which permits the application to run.
The enclave run-time and library OS work together to execute the application
when a thread enters the enclave.”h]”hX  An application may be loaded into a container enclave which is specially
configured with a library OS and run-time which permits the application to run.
The enclave run-time and library OS work together to execute the application
when a thread enters the enclave.”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´Kßhj~  h²hubeh}”(h]”Œapplication-container”ah ]”h"]”Œapplication container”ah$]”h&]”uh1hÈhjF  h²hh³hÇh´KÝubeh}”(h]”Œusage-models”ah ]”h"]”Œusage models”ah$]”h&]”uh1hÈhhÊh²hh³hÇh´KÐubhÉ)”}”(hhh]”(hÎ)”}”(hŒ#Impact of Potential Kernel SGX Bugs”h]”hŒ#Impact of Potential Kernel SGX Bugs”…””}”(hj°  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÍhj­  h²hh³hÇh´KåubhÉ)”}”(hhh]”(hÎ)”}”(hŒ	EPC leaks”h]”hŒ	EPC leaks”…””}”(hjÁ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÍhj¾  h²hh³hÇh´Kèubhï)”}”(hŒBWhen EPC page leaks happen, a WARNING like this is shown in dmesg:”h]”hŒBWhen EPC page leaks happen, a WARNING like this is shown in dmesg:”…””}”(hjÏ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´Kêhj¾  h²hubhï)”}”(hŒN"EREMOVE returned ... and an EPC page was leaked.  SGX may become unusable..."”h]”hŒRâ€œEREMOVE returned ... and an EPC page was leaked.  SGX may become unusable...â€”…””}”(hjÝ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´Kìhj¾  h²hubhï)”}”(hX  This is effectively a kernel use-after-free of an EPC page, and due
to the way SGX works, the bug is detected at freeing. Rather than
adding the page back to the pool of available EPC pages, the kernel
intentionally leaks the page to avoid additional errors in the future.”h]”hX  This is effectively a kernel use-after-free of an EPC page, and due
to the way SGX works, the bug is detected at freeing. Rather than
adding the page back to the pool of available EPC pages, the kernel
intentionally leaks the page to avoid additional errors in the future.”…””}”(hjë  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´Kîhj¾  h²hubhï)”}”(hX  When this happens, the kernel will likely soon leak more EPC pages, and
SGX will likely become unusable because the memory available to SGX is
limited. However, while this may be fatal to SGX, the rest of the kernel
is unlikely to be impacted and should continue to work.”h]”hX  When this happens, the kernel will likely soon leak more EPC pages, and
SGX will likely become unusable because the memory available to SGX is
limited. However, while this may be fatal to SGX, the rest of the kernel
is unlikely to be impacted and should continue to work.”…””}”(hjù  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´Kóhj¾  h²hubhï)”}”(hŒöAs a result, when this happens, user should stop running any new
SGX workloads, (or just any new workloads), and migrate all valuable
workloads. Although a machine reboot can recover all EPC memory, the bug
should be reported to Linux developers.”h]”hŒöAs a result, when this happens, user should stop running any new
SGX workloads, (or just any new workloads), and migrate all valuable
workloads. Although a machine reboot can recover all EPC memory, the bug
should be reported to Linux developers.”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´Køhj¾  h²hubeh}”(h]”Œ	epc-leaks”ah ]”h"]”Œ	epc leaks”ah$]”h&]”uh1hÈhj­  h²hh³hÇh´Kèubeh}”(h]”Œ#impact-of-potential-kernel-sgx-bugs”ah ]”h"]”Œ#impact of potential kernel sgx bugs”ah$]”h&]”uh1hÈhhÊh²hh³hÇh´KåubhÉ)”}”(hhh]”(hÎ)”}”(hŒVirtual EPC”h]”hŒVirtual EPC”…””}”(hj(  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÍhj%  h²hh³hÇh´Kÿubhï)”}”(hX  The implementation has also a virtual EPC driver to support SGX enclaves
in guests. Unlike the SGX driver, an EPC page allocated by the virtual
EPC driver doesn't have a specific enclave associated with it. This is
because KVM doesn't track how a guest uses EPC pages.”h]”hX  The implementation has also a virtual EPC driver to support SGX enclaves
in guests. Unlike the SGX driver, an EPC page allocated by the virtual
EPC driver doesnâ€™t have a specific enclave associated with it. This is
because KVM doesnâ€™t track how a guest uses EPC pages.”…””}”(hj6  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´Mhj%  h²hubhï)”}”(hX¡  As a result, the SGX core page reclaimer doesn't support reclaiming EPC
pages allocated to KVM guests through the virtual EPC driver. If the
user wants to deploy SGX applications both on the host and in guests
on the same machine, the user should reserve enough EPC (by taking out
total virtual EPC size of all SGX VMs from the physical EPC size) for
host SGX applications so they can run with acceptable performance.”h]”hX£  As a result, the SGX core page reclaimer doesnâ€™t support reclaiming EPC
pages allocated to KVM guests through the virtual EPC driver. If the
user wants to deploy SGX applications both on the host and in guests
on the same machine, the user should reserve enough EPC (by taking out
total virtual EPC size of all SGX VMs from the physical EPC size) for
host SGX applications so they can run with acceptable performance.”…””}”(hjD  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´Mhj%  h²hubhï)”}”(hXC  Architectural behavior is to restore all EPC pages to an uninitialized
state also after a guest reboot.  Because this state can be reached only
through the privileged ``ENCLS[EREMOVE]`` instruction, ``/dev/sgx_vepc``
provides the ``SGX_IOC_VEPC_REMOVE_ALL`` ioctl to execute the instruction
on all pages in the virtual EPC.”h]”(hŒ§Architectural behavior is to restore all EPC pages to an uninitialized
state also after a guest reboot.  Because this state can be reached only
through the privileged ”…””}”(hjR  h²hh³Nh´Nubjd  )”}”(hŒ``ENCLS[EREMOVE]``”h]”hŒENCLS[EREMOVE]”…””}”(hjZ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hjR  ubhŒ instruction, ”…””}”(hjR  h²hh³Nh´Nubjd  )”}”(hŒ``/dev/sgx_vepc``”h]”hŒ/dev/sgx_vepc”…””}”(hjl  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hjR  ubhŒ
provides the ”…””}”(hjR  h²hh³Nh´Nubjd  )”}”(hŒ``SGX_IOC_VEPC_REMOVE_ALL``”h]”hŒSGX_IOC_VEPC_REMOVE_ALL”…””}”(hj~  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hjR  ubhŒB ioctl to execute the instruction
on all pages in the virtual EPC.”…””}”(hjR  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´Mhj%  h²hubhï)”}”(hŒv``EREMOVE`` can fail for three reasons.  Userspace must pay attention
to expected failures and handle them as follows:”h]”(jd  )”}”(hŒ``EREMOVE``”h]”hŒEREMOVE”…””}”(hjš  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hj–  ubhŒk can fail for three reasons.  Userspace must pay attention
to expected failures and handle them as follows:”…””}”(hj–  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´Mhj%  h²hubj„  )”}”(hhh]”(j  )”}”(hX3  Page removal will always fail when any thread is running in the
enclave to which the page belongs.  In this case the ioctl will
return ``EBUSY`` independent of whether it has successfully removed
some pages; userspace can avoid these failures by preventing execution
of any vcpu which maps the virtual EPC.
”h]”hï)”}”(hX2  Page removal will always fail when any thread is running in the
enclave to which the page belongs.  In this case the ioctl will
return ``EBUSY`` independent of whether it has successfully removed
some pages; userspace can avoid these failures by preventing execution
of any vcpu which maps the virtual EPC.”h]”(hŒ‡Page removal will always fail when any thread is running in the
enclave to which the page belongs.  In this case the ioctl will
return ”…””}”(hj¹  h²hh³Nh´Nubjd  )”}”(hŒ	``EBUSY``”h]”hŒEBUSY”…””}”(hjÁ  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hj¹  ubhŒ¢ independent of whether it has successfully removed
some pages; userspace can avoid these failures by preventing execution
of any vcpu which maps the virtual EPC.”…””}”(hj¹  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´Mhjµ  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj²  h²hh³hÇh´Nubj  )”}”(hX	  Page removal will cause a general protection fault if two calls to
``EREMOVE`` happen concurrently for pages that refer to the same
"SECS" metadata pages.  This can happen if there are concurrent
invocations to ``SGX_IOC_VEPC_REMOVE_ALL``, or if a ``/dev/sgx_vepc``
file descriptor in the guest is closed at the same time as
``SGX_IOC_VEPC_REMOVE_ALL``; it will also be reported as ``EBUSY``.
This can be avoided in userspace by serializing calls to the ioctl()
and to close(), but in general it should not be a problem.
”h]”hï)”}”(hX  Page removal will cause a general protection fault if two calls to
``EREMOVE`` happen concurrently for pages that refer to the same
"SECS" metadata pages.  This can happen if there are concurrent
invocations to ``SGX_IOC_VEPC_REMOVE_ALL``, or if a ``/dev/sgx_vepc``
file descriptor in the guest is closed at the same time as
``SGX_IOC_VEPC_REMOVE_ALL``; it will also be reported as ``EBUSY``.
This can be avoided in userspace by serializing calls to the ioctl()
and to close(), but in general it should not be a problem.”h]”(hŒCPage removal will cause a general protection fault if two calls to
”…””}”(hjã  h²hh³Nh´Nubjd  )”}”(hŒ``EREMOVE``”h]”hŒEREMOVE”…””}”(hjë  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hjã  ubhŒ‰ happen concurrently for pages that refer to the same
â€œSECSâ€ metadata pages.  This can happen if there are concurrent
invocations to ”…””}”(hjã  h²hh³Nh´Nubjd  )”}”(hŒ``SGX_IOC_VEPC_REMOVE_ALL``”h]”hŒSGX_IOC_VEPC_REMOVE_ALL”…””}”(hjý  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hjã  ubhŒ
, or if a ”…””}”(hjã  h²hh³Nh´Nubjd  )”}”(hŒ``/dev/sgx_vepc``”h]”hŒ/dev/sgx_vepc”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hjã  ubhŒ<
file descriptor in the guest is closed at the same time as
”…””}”(hjã  h²hh³Nh´Nubjd  )”}”(hŒ``SGX_IOC_VEPC_REMOVE_ALL``”h]”hŒSGX_IOC_VEPC_REMOVE_ALL”…””}”(hj!  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hjã  ubhŒ; it will also be reported as ”…””}”(hjã  h²hh³Nh´Nubjd  )”}”(hŒ	``EBUSY``”h]”hŒEBUSY”…””}”(hj3  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hjã  ubhŒ.
This can be avoided in userspace by serializing calls to the ioctl()
and to close(), but in general it should not be a problem.”…””}”(hjã  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´Mhjß  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj²  h²hh³hÇh´Nubj  )”}”(hXz  Finally, page removal will fail for SECS metadata pages which still
have child pages.  Child pages can be removed by executing
``SGX_IOC_VEPC_REMOVE_ALL`` on all ``/dev/sgx_vepc`` file descriptors
mapped into the guest.  This means that the ioctl() must be called
twice: an initial set of calls to remove child pages and a subsequent
set of calls to remove SECS pages.  The second set of calls is only
required for those mappings that returned a nonzero value from the
first call.  It indicates a bug in the kernel or the userspace client
if any of the second round of ``SGX_IOC_VEPC_REMOVE_ALL`` calls has
a return code other than 0.”h]”hï)”}”(hXz  Finally, page removal will fail for SECS metadata pages which still
have child pages.  Child pages can be removed by executing
``SGX_IOC_VEPC_REMOVE_ALL`` on all ``/dev/sgx_vepc`` file descriptors
mapped into the guest.  This means that the ioctl() must be called
twice: an initial set of calls to remove child pages and a subsequent
set of calls to remove SECS pages.  The second set of calls is only
required for those mappings that returned a nonzero value from the
first call.  It indicates a bug in the kernel or the userspace client
if any of the second round of ``SGX_IOC_VEPC_REMOVE_ALL`` calls has
a return code other than 0.”h]”(hŒFinally, page removal will fail for SECS metadata pages which still
have child pages.  Child pages can be removed by executing
”…””}”(hjU  h²hh³Nh´Nubjd  )”}”(hŒ``SGX_IOC_VEPC_REMOVE_ALL``”h]”hŒSGX_IOC_VEPC_REMOVE_ALL”…””}”(hj]  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hjU  ubhŒ on all ”…””}”(hjU  h²hh³Nh´Nubjd  )”}”(hŒ``/dev/sgx_vepc``”h]”hŒ/dev/sgx_vepc”…””}”(hjo  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hjU  ubhX†   file descriptors
mapped into the guest.  This means that the ioctl() must be called
twice: an initial set of calls to remove child pages and a subsequent
set of calls to remove SECS pages.  The second set of calls is only
required for those mappings that returned a nonzero value from the
first call.  It indicates a bug in the kernel or the userspace client
if any of the second round of ”…””}”(hjU  h²hh³Nh´Nubjd  )”}”(hŒ``SGX_IOC_VEPC_REMOVE_ALL``”h]”hŒSGX_IOC_VEPC_REMOVE_ALL”…””}”(hj  h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jc  hjU  ubhŒ& calls has
a return code other than 0.”…””}”(hjU  h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hîh³hÇh´M%hjQ  ubah}”(h]”h ]”h"]”h$]”h&]”uh1j  hj²  h²hh³hÇh´Nubeh}”(h]”h ]”h"]”h$]”h&]”j¿  jÀ  jÁ  hjÂ  jÃ  uh1jƒ  hj%  h²hh³hÇh´Mubeh}”(h]”Œvirtual-epc”ah ]”h"]”Œvirtual epc”ah$]”h&]”uh1hÈhhÊh²hh³hÇh´Kÿubeh}”(h]”Œsoftware-guard-extensions-sgx”ah ]”h"]”Œsoftware guard extensions (sgx)”ah$]”h&]”uh1hÈhhh²hh³hÇh´Kubeh}”(h]”h ]”h"]”h$]”h&]”Œsource”hÇuh1hŒcurrent_source”NŒcurrent_line”NŒsettings”Œdocutils.frontend”ŒValues”“”)”}”(hÍNŒ	generator”NŒ	datestamp”NŒsource_link”NŒ
source_url”NŒtoc_backlinks”Œentry”Œfootnote_backlinks”KŒsectnum_xform”KŒstrip_comments”NŒstrip_elements_with_classes”NŒstrip_classes”NŒreport_level”KŒ
halt_level”KŒexit_status_level”KŒdebug”NŒwarning_stream”NŒ	traceback”ˆŒinput_encoding”Œ	utf-8-sig”Œinput_encoding_error_handler”Œstrict”Œoutput_encoding”Œutf-8”Œoutput_encoding_error_handler”jØ  Œerror_encoding”Œutf-8”Œerror_encoding_error_handler”Œbackslashreplace”Œlanguage_code”Œen”Œrecord_dependencies”NŒconfig”NŒ	id_prefix”hŒauto_id_prefix”Œid”Œdump_settings”NŒdump_internals”NŒdump_transforms”NŒdump_pseudo_xml”NŒexpose_internals”NŒstrict_visitor”NŒ_disable_config”NŒ_source”hÇŒ_destination”NŒ_config_files”]”Œ7/var/lib/git/docbuild/linux/Documentation/docutils.conf”aŒfile_insertion_enabled”ˆŒraw_enabled”KŒline_length_limit”M'Œpep_references”NŒpep_base_url”Œhttps://peps.python.org/”Œpep_file_url_template”Œpep-%04d”Œrfc_references”NŒrfc_base_url”Œ&https://datatracker.ietf.org/doc/html/”Œ	tab_width”KŒtrim_footnote_reference_space”‰Œsyntax_highlight”Œlong”Œsmart_quotes”ˆŒsmartquotes_locales”]”Œcharacter_level_inline_markup”‰Œdoctitle_xform”‰Œdocinfo_xform”KŒsectsubtitle_xform”‰Œimage_loading”Œlink”Œembed_stylesheet”‰Œcloak_email_addresses”ˆŒsection_self_link”‰Œenv”NubŒreporter”NŒindirect_targets”]”Œsubstitution_defs”}”Œsubstitution_names”}”Œrefnames”}”Œrefids”}”Œnameids”}”(j²  j¯  j‘  jŽ  jI  jF  jì  jé  jA  j>  jö  jó  j  j  jM  jJ  jî  jë  j  jš  j\  jY  j•  j’  jò  jï  jC  j@  jª  j§  j{  jx  j¢  jŸ  j"  j  j  j  jª  j§  uŒ	nametypes”}”(j²  ‰j‘  ‰jI  ‰jì  ‰jA  ‰jö  ‰j  ‰jM  ‰jî  ‰j  ‰j\  ‰j•  ‰jò  ‰jC  ‰jª  ‰j{  ‰j¢  ‰j"  ‰j  ‰jª  ‰uh}”(j¯  hÊjŽ  hÝjF  j”  jé  jã  j>  jï  jó  jL  j  j]  j  j¦  j\  ja  j
  j
  jª  j¯  jJ  j  j>  jC  jä  jé  j  j   jë  jP  j—  jœ  jš  jù  jY  j*  j’  j_  jï  j   j@  jõ  j§  jF  jx  jW  jŸ  j~  j  j­  j  j¾  j§  j%  uŒfootnote_refs”}”Œcitation_refs”}”Œautofootnotes”]”Œautofootnote_refs”]”Œsymbol_footnotes”]”Œsymbol_footnote_refs”]”Œ	footnotes”]”Œ	citations”]”Œautofootnote_start”KŒsymbol_footnote_start”K Œ
id_counter”Œcollections”ŒCounter”“”}”…”R”Œparse_messages”]”Œtransform_messages”]”Œtransformer”NŒinclude_log”]”Œ
decoration”Nh²hub.