Vol. 3D 38-11

ENCLAVE ACCESS CONTROL AND DATA STRUCTURES

38.11 SECURITY 

INFORMATION 

(SECINFO)

The SECINFO data structure holds meta-data about an enclave page. 

38.11.1 SECINFO.FLAGS

The SECINFO.FLAGS are a set of fields describing the properties of an enclave page.

Table 38-14.  Layout of PAGEINFO Data Structure

Field

OFFSET (Bytes) Size (Bytes)

Description

LINADDR

0

8

Enclave linear address.

SRCPGE

8

8

Effective address of the page where contents are located.

SECINFO/PCMD

16

8

Effective address of the SECINFO or PCMD (for ELDU, ELDB, EWB) structure for 

the page.

SECS

24

8

Effective address of EPC slot that currently contains the SECS.

Table 38-15.  Layout of SECINFO Data Structure

Field

OFFSET (Bytes) Size (Bytes)

Description

FLAGS

0

8

Flags describing the state of the enclave page.

RESERVED

8

56

Must be zero.

Table 38-16.  Layout of SECINFO.FLAGS Field

Field

Bit Position

Description

R

0

If 1 indicates that the page can be read from inside the enclave; otherwise the page cannot be read 

from inside the enclave.

W

1

If 1 indicates that the page can be written from inside the enclave; otherwise the page cannot be writ-

ten from inside the enclave.

X

2

If 1 indicates that the page can be executed from inside the enclave; otherwise the page cannot be 

executed from inside the enclave.

PENDING

3

If 1 indicates that the page is in the PENDING state; otherwise the page is not in the PENDING state.

MODIFIED

4

If 1 indicates that the page is in the MODIFIED state; otherwise the page is not in the MODIFIED state.

PR

5

If 1 indicates that a permission restriction operation on the page is in progress, otherwise a permission 

restriction operation is not in progress.

RESERVED

7:6

Must be zero.

PAGE_TYPE

15:8

The type of page that the SECINFO is associated with.

RESERVED

63:16

Must be zero.