Vol. 3D 41-35
SGX INSTRUCTION REFERENCES
EINIT Memory Parameter Semantics
EINIT performs the following steps, which can be seen in Figure 41-1:
Validates that SIGSTRUCT is signed using the enclosed public key.
Checks that the completed computation of SECS.MRENCLAVE equals SIGSTRUCT.HASHENCLAVE.
Checks that no reserved bits are set to 1 in SIGSTRUCT.ATTRIBUTES and no reserved bits in SIGSTRUCT.ATTRI-
BUTESMASK are set to 0.
Checks that no controlled ATTRIBUTES bits are set in SIGSTRUCT.ATTRIBUTES unless the SHA256 digest of
SIGSTRUCT.MODULUS equals IA32_SGX_LEPUBKEYHASH.
Checks that SIGSTRUCT.ATTRIBUTES equals the result of logically and-ing SIGSTRUCT.ATTRIBUTEMASK with
SECS.ATTRIBUTES.
If
EINITTOKEN.VALID is 0, checks that the SHA256 digest of SIGSTRUCT.MODULUS equals
IA32_SGX_LEPUBKEYHASH.
If
EINITTOKEN.VALID is 1, checks the validity of EINITTOKEN.
If
EINITTOKEN.VALID is 1, checks that EINITTOKEN.MRENCLAVE equals SECS.MRENCLAVE.
If
EINITTOKEN.VALID is 1 and EINITTOKEN.ATTRIBUTES.DEBUG is 1, SECS.ATTRIBUTES.DEBUG must be 1.
Commits SECS.MRENCLAVE, and sets SECS.MRSIGNER, SECS.ISVSVN, and SECS.ISVPRODID based on
SIGSTRUCT.
Update the SECS as Initialized.
Periodically, EINIT polls for certain asynchronous events. If such an event is detected, it completes with failure
code (ZF=1 and RAX = SGX_UNMASKED_EVENT), and RIP is incremented to point to the next instruction. These
events includes external interrupts, non-maskable interrupts, system-management interrupts, machine checks,
INIT signals, and the VMX-preemption timer. EINIT does not fail if the pending event is inhibited (e.g., external
interrupts could be inhibited due to blocking by MOV SS blocking or by STI).
The following bits in RFLAGS are cleared: CF, PF, AF, OF, and SF. When the instruction completes with an error,
RFLAGS.ZF is set to 1, and the corresponding error bit is set in RAX. If no error occurs, RFLAGS.ZF is cleared and
RAX is set to 0.
The error codes are:
SIGSTRUCT
SECS
EINITTOKEN
Access by non-Enclave
Read/Write access by Enclave
Access by non-Enclave
Table 41-22. EINIT Return Value in RAX
Error Code (see Table 41-3)
Description
No Error
EINIT successful
SGX_INVALID_SIG_STRUCT
If SIGSTRUCT contained an invalid value
SGX_INVALID_ATTRIBUTE
If SIGSTRUCT contains an unauthorized attributes mask
SGX_INVALID_MEASUREMENT
If SIGSTRUCT contains an incorrect measurement
If EINITTOKEN contains an incorrect measurement
SGX_INVALID_SIGNATURE
If signature does not validate with enclosed public key
SGX_INVALID_LICENSE
If license is invalid
SGX_INVALID_CPUSVN
If license SVN is unsupported
SGX_UNMASKED_EVENT
If an unmasked event is received before the instruction completes its
operation