Vol. 3D 43-3

ENCLAVE CODE DEBUG AND PROFILING

In this scenario, if the enclave is executing in VMX non-root operation and the “monitor trap flag” VM-execution 
control is 1, an MTF VM exit is pending on the instruction boundary after the AEX. No MTF VM exit occurs if another 
VM exit happens before reaching that instruction boundary. 
The value of the RFLAGS.TF bit at the end of AEX is the same as the value of RFLAGS.TF at the time of the enclave 
entry.

43.2.4 

RFLAGS.TF Treatment on AEX

The value of EFLAGS.TF at the end of AEX from an opt-out enclave is same as the value of EFLAGS.TF at the time 
of the enclave entry. The value of EFLAGS.TF at the end of AEX from an opt-in enclave is unmodified. The 
EFLAGS.TF saved in GPR portion of the SSA on an AEX is 0. For more detail see EENTER and ERESUME in Chapter 5.

43.2.5 

Restriction on Setting of TF after an Opt-Out Entry

Enclave entered through an opt-out entry is not allowed to set EFLAGS.TF. The POPF instruction forces RFLAGS.TF 
to 0 if the enclave was entered through opt-out entry.

43.2.6 

Trampoline Code Considerations

Any AEX from the enclave which results in the RFLAGS.TF =1 on the reporting stack will result in a single-step #DB 
after the first instruction of the trampoline code if the trampoline is entered using the IRET instruction.

43.3 

CODE AND DATA BREAKPOINTS

43.3.1 Breakpoint 

Suppression

Following an opt-out entry:

•

Instruction breakpoints are suppressed during execution in an enclave. 

•

Data breakpoints are not triggered on accesses to the address range defined by ELRANGE.

•

Data breakpoints are triggered on accesses to addresses outside the ELRANGE

Figure 43-2.  Single Stepping with Opt-out Entry -AEX Due to Non-SMI Event Before Single-Step Boundary

Event Inside Enclave

EENTER

Inst1

RFLAGS.TF

VMCS.MTF

ERESUME

Inst2

Inst3

EEXIT

Inst4

TF/MTF

Handler

AEX

Handler

Single-Step #DB Pending

MTF VM Exit Pending

AEX

Higher Priority

Handler