39-12 Vol. 3D

ENCLAVE OPERATION

b. EMODT forces all access rights to a page to be removed because TCS pages may not be accessed by enclave 

code. 

8. The enclave issues an EACCEPT instruction to confirm the requested modification. 

39.5.9 

Trimming a Page 

On processors that support SGX2, Intel SGX supports the trimming of an enclave page as a special case of EMODT. 
Trimming allows an enclave to actively participate in the process of removing a page from the enclave (dealloca-
tion) by splitting the process into first removing it from the enclave's access and then removing it from the EPC 
using the EREMOVE leaf function. The page type PT_TRIM indicates that a page has been trimmed from the 
enclave’s address space and that the page is no longer accessible to enclave software. Modifications to a page in 
the PT_TRIM state are not permitted; the page must be removed and then reallocated by the OS before the enclave 
may use the page again. Page deallocation operations may be batched to improve efficiency. 
The typical process for trimming a page from an enclave is as follows: 
1. Enclave signals OS that a particular page is no longer in use. 
2. OS invokes the EMODT leaf function on the page, requesting that the page’s type be changed to PT_TRIM. 

a. SECS and VA pages cannot be trimmed in this way, so the initial type of the page must be PT_REG or 

PT_TCS.

b. EMODT may only be called on valid enclave pages.

3. OS invokes the ETRACK leaf function on the enclave containing the page to track removal the TLB addresses 

from all the processors.

4. Issue an IPI (inter-processor interrupt) to flush the stale linear-address to physical-address translations for all 

logical processors executing in processes that contain the enclave.

5. Enclave issues an EACCEPT leaf function. 
6. The OS may now permanently remove the page from the EPC (by issuing EREMOVE). 

39.5.10  Restricting the EPCM Permissions of a Page 

On processors that support SGX2, restricting the EPCM permissions associated with an enclave page is accom-
plished using the EMODPR leaf function. This operation requires the cooperation of the OS to flush stale entries to 
the page and to update the page-table permissions of the page to match. Permissions restriction operations may 
be batched. 
The typical process for restricting the permissions of an enclave page is as follows: 
1. Enclave requests that the OS to restrict the permissions of an EPC page. 
2. OS performs permission restriction, flushing cached linear-address to physical-address translations, and page-

table modifications.
a. Invokes the EMODPR leaf function to restrict permissions (EMODPR may only be called on VALID pages).
b. Invokes the ETRACK leaf function on the enclave containing the page to track removal of the TLB addresses 

from all the processor.

c. Issue an IPI (inter-processor interrupt) to flush the stale linear-address to physical-address translations for 

all logical processors executing in processes that contain the enclave.

d. Sends IPIs to trigger enclave thread exit and TLB shootdown. 
e. OS informs the Enclave that all logical processors should now see the new restricted permissions.

3. Enclave invokes the EACCEPT leaf function.

a. Enclave may access the page throughout the entire process.
b. Successful call to EACCEPT guarantees that no stale cached linear-address to physical-address translations 

are present.