background image

Vol. 3D 40-5

ENCLAVE EXITING EVENTS

40.4.1 

AEX Operational Detail

Temp Variables in AEX Operational Flow

The pseudo code in this section describes the internal operations that are executed when an AEX occurs in enclave 
mode. These operations occur just before the normal interrupt or exception processing occurs.

(* Save RIP for later use *)
TMP_RIP = Linear Address of Resume RIP
(* Is the processor in 64-bit mode? *)
TMP_MODE64  ((IA32_EFER.LMA = 1) && (CS.L = 1));

(* Save all registers, When saving EFLAGS, the TF bit is set to 0 and

the RF bit is set to what would have been saved on stack in the non-SGX case *)

 IF (TMP_MODE64 = 0)

THEN

Save EAX, EBX, ECX, EDX, ESP, EBP, ESI, EDI, EFLAGS, EIP into the current SSA frame using 

CR_GPR_PA; (* see Table 41-4 for list of CREGs used to describe internal operation within Intel SGX *)

SSA.RFLAGS.TF  0;

ELSE    (* TMP_MODE64 = 1 *)
 

Save RAX, RBX, RCX, RDX, RSP, RBP, RSI, RDI, R8-R15, RFLAGS, RIP into the current SSA frame using 

CR_GPR_PA;

SSA.RFLAGS.TF  0;

FI;
Save FS and GS BASE into SSA using CR_GPR_PA;

(* store XSAVE state into the current SSA frame's XSAVE area using the physical addresses 

that were determined and cached at enclave entry time with CR_XSAVE_PAGE_i. *)

For each XSAVE state i defined by (SECS.ATTRIBUTES.XFRM[i] = 1, destination address cached in 
CR_XSAVE_PAGE_i)
   SSA.XSAVE.i  XSAVE_STATE_i;

(* Clear bytes 8 to 23 of XSAVE_HEADER, i.e. the next 16 bytes after XHEADER_BV *)

CR_XSAVE_PAGE_0.XHEADER_BV[191:64]  0;

(* Clear bits in XHEADER_BV[63:0] that are not enabled in ATTRIBUTES.XFRM *)

CR_XSAVE_PAGE_0.XHEADER_BV[63:0]  

CR_XSAVE_PAGE_0.XHEADER_BV[63:0] & SECS(CR_ACTIVE_SECS).ATTRIBUTES.XFRM;
Apply synthetic state to GPRs, RFLAGS, extended features, etc.

(* Restore the RSP and RBP from the current SSA frame's GPR area using the physical address 

that was determined and cached at enclave entry time with CR_GPR_PA. *)

RSP  CR_GPR_PA.URSP;
RBP  CR_GPR_PA.URBP;

Name

Type

Size (bits)

Description

TMP_RIP

Effective Address

32/64

Address of instruction at which to resume execution on ERESUME.

TMP_MODE64

binary

1

((IA32_EFER.LMA = 1) && (CS.L = 1)).

TMP_BRANCH_RECORD

LBR Record

2x64

From/To address to be pushed onto LBR stack.