Intel SGX Enclave Support in Windows 10 Fall Update (Threshold 2)

More documents

Recommendations

Info

The job of the PAGEINFO structure is to describe the SECS page – which will be copied into the EPC, and take up the kernel address we saw earlier (the one backed by a system PTE). Note that the Intel documentation specifies that the SECS and LINADDR fields should be NULL, as these will be the destination addresses that the SGX hardware will fill out on its own. SRCPGE, on the other hand, is initialized to the address of the SECS, while SECINFO is initialized to another structure that KeCreateEnclave will fill out. As per the Intel manual, SECINFO represents a series of flags that are used to configure the security permissions of an EPC page – similar to the PTE for a regular page. Here they are below: Since the copy of the SECS in the enclave needs to be protected from code running in the enclave, both the R, W, and X fields are set to 0. The pending and modified bits are as well, since that state is not currently valid. Finally, the PAGE_TYPE is set to PT_SECS (0), which specifies that this is a SECS page. In other words, all of the fields are zero! At this point, KeCreateEnclave has created all the pre-requisite structures to describe the SECS and its underlying EPC page, which can then be consumed by the SGX hardware to create the enclave. This is done by using the new ENCLS instruction offered by SGX. ENCLS in an interesting mnemonic – it is a single instruction with a verity of leaf functions that are specified in the EAX register, somewhat similarly to CPUID. Each leaf function has its own name, and uses the RBX, RCX, and RDX registers in specific ways to store implicit data structures. The kernel now exposes a KiEncls function, which issues the ENCLS instruction, and moves the input arguments into the appropriate registers: VOID KiEncls ( _In_ ULONG LeafFunction,
_In_ PVOID Parameter1, _In_ PVOID Parameter2, _In_ PVOID Parameter3 ); Here are the currently defined lead functions supported by SGX1. We will see many of these throughout this whitepaper, and describe their use by the Windows kernel. In order to create the enclave, KeCreateEnclave needs to use the ECREATE (0) leaf function, which has the following inputs: As you can imagine, RBX will contain the PAGEINFO structure that was create above. RCX, on the other hand, is the destination of the SECS page – again, that’s going to be the kernel address backed by the system PTE from earlier. Once this instruction returns, KeCreateEnclave finally returns back to MiCreateEnclave. The last thing this function does is to read any output flags – such as the one describing that this is a debuggable enclave, based on the DEBUG attribute we saw KeCreateEnclave verifying earlier. If the DEBUG attribute is set, a Debug flag will be set in the Enclave VAD, whose use we’ll understand later. Additionally, the NumberOfDebugEnclaves field in the MI_USER_VA_INFO sub-structure part of the current process’ working set (MMWSL) structure is incremented (interestingly, no such field exists for regular enclaves – only debuggable enclaves are accounted). MiCreateEnclave now returns back to NtCreateEnclave, which returns back to the user, with the base address of the enclave that was allocated, or any errors if anything in the above failed in any way. The hard part is done – now it’s time to load data into the enclave!
Page 1 and 2: Intel SGX Enclave Support in Window
Page 3 and 4: Introduction One of the most exciti
Page 5 and 6: Enclave Construction The new Window
Page 7 and 8: This probably looks meaningless to
Page 9: MiInitializeEnclavePfn is used to s
Page 13 and 14: Continuing on, MiAddPagesToEnclave
Page 15 and 16: The user-mode API does nothing but
Page 17 and 18: Enclave Lifetime Management There a
Page 19 and 20: MiDeleteEnclavePages will first cle
Page 21 and 22: MiFindNextEnclaveBoundary). For any
Page 23 and 24: Index Enclave Leaf Functions EAUG .

Intel SGX Enclave Support in Windows 10 Fall Update (Threshold 2)

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?