42-10 Vol. 3D
INTEL® SGX INTERACTIONS WITH IA32 AND INTEL® 64 ARCHITECTURE
42.9
INTERACTIONS OF INIT, SIPI, AND WAIT-FOR-SIPI WITH INTEL® SGX
INIT received inside an enclave, while the logical processor is not in VMX operation, causes the logical processor to
exit the enclave asynchronously. After the AEX, the processor's architectural state is initialized to “Power-on” state
(Table 9.1 in Intel® 64 and IA-32 Architectures Software Developer’s Manual, Volume 3A). If the logical processor
is BSP, then it proceeds to execute the BIOS initialization code. If the logical processor is an AP, it enters wait-for-
SIPI state.
INIT received inside an enclave, while the logical processor (LP) is in VMX root operation, follows regular Intel
Architecture behavior and is blocked.
INIT received inside an enclave, while the logical processor is in VMX non-root operation, causes an AEX. Subse-
quent to the AEX, the INIT causes a VM exit with the Enclave Interruption bit in the exit-reason field in the VMCS.
A processor cannot be inside an enclave in the wait-for-SIPI state. Consequently, a SIPI received while inside an
enclave is lost.
Intel SGX does not change the behavior of the processor in the wait-for-SIPI state.
The SGX-related processor states after INIT-SIPI-SIPI is as follows:
•
EPC Settings: Unchanged
•
EPCM: Unchanged
•
CPUID.LEAF_12H.*: Unchanged
•
ENCLAVE_MODE: 0 (LP exits enclave asynchronously)
•
MEE state: Unchanged
Software should be aware that following INIT-SIPI-SIPI, the EPC might contain valid pages and should take appro-
priate measures such as initialize the EPC with the EREMOVE leaf function.
42.10 INTERACTIONS
WITH
DMA
DMA is not allowed to access any Processor Reserved Memory.
42.11 INTERACTIONS
WITH
TXT
42.11.1 Enclaves Created Prior to Execution of GETSEC
Enclaves which have been created before the GETSEC[SENTER] leaf function are available for execution after the
successful completion of GETSEC[SENTER] and the corresponding SINIT ACM. Actions that a TXT Launched Envi-
ronment performs in preparation to execute code in the Launched Environment, also applies to enclave code that
would run after GETSEC[SENTER].
42.11.2 Interaction of GETSEC with Intel® SGX
All leaf functions of the GETSEC instruction are illegal inside an enclave, and results in an invalid-opcode exception
(#UD).
Responding Logical Processors (RLP) which are executing inside an enclave at the time a GETSEC[SENTER] event
occurs perform an AEX from the enclave and then enter the Wait-for-SIPI state.
RLP executing inside an enclave at the time of GETSEC[SEXIT], behave as defined for GETSEC[SEXIT]-that is, the
RLPs pause during execution of SEXIT and resume after the completion of SEXIT.
The execution of a TXT launch does not affect Intel SGX configuration or security parameters.