background image

43-8 Vol. 3D

ENCLAVE CODE DEBUG AND PROFILING

43.6.3 

Performance Monitoring with Opt-out Entry

In general, performance monitoring activities are suppressed when entering an opt-out enclave. This applies to all 
thread-specific, configured performance monitoring, except for the cycle-counting fixed counter, 
IA32_FIXED_CTR1 and IA32_FIXED_CTR2. Upon entering an opt-out enclave, IA32_FIXED_CTR0, IA32_PMCx will 
stop accumulating counts. Additionally, if PEBS is configured to capture PEBS record for this thread, PEBS record 
generation will also be suppressed. Consequently, bit 60 of IA32_PERF_GLOBAL_STATUS MSR is set.
Performance monitoring on the sibling thread may also be affected. Any one of IA32_FIXED_CTRx or IA32_PMCx 
on the sibling thread configured to monitor thread-specific eventing logic with AnyThread =1 is demoted to count 
only MyThread while an opt-out enclave is executing on the other thread.

43.6.4 

Enclave Exit and Performance Monitoring

When a logical processor exits an enclave, either via ENCLU[EEXIT] or via AEX, all performance monitoring activity 
(including PEBS) on that logical processor that was suppressed is unsuppressed. 
Any counters that were demoted from AnyThread to MyThread on the sibling thread are promoted back to 
AnyThread.

43.6.5 

PEBS Record Generation on Intel® SGX Instructions

All leaf functions of the ENCLS instruction report “Eventing RIP” of the ENCLS instruction if a PEBS record is gener-
ated at the end of the instruction execution. Additionally, the EGETKEY and EREPORT leaf functions of the ENCLU 
instruction report “Eventing RIP” of the ENCLU instruction if a PEBS record is generated at the end of the instruction 
execution.
If the EENTER and ERESUME leaf functions are performing an opt-in entry report “Eventing RIP” of the ENCLU 
instruction if a PEBS record is generated at the end of the instruction execution. On the other hand, if these leaf 
functions are performing an opt-out entry, then these leaf functions result in PEBS being suppressed, and no PEBS 
record is generated at the end of these instructions.
A PEBS record is generated if there is a PEBS event pending at the end of EEXIT (due to a counter overflowing 
during enclave execution or during EEXIT execution). This PEBS record contains the architectural state of the 
logical processor at the end of EEXIT. If the enclave was entered via an opt-in entry, then this record reports the 
“Eventing RIP” as the linear address of the ENCLU[EEXIT] instruction. If the enclave was entered via an opt-out 
entry, then the record reports the “Eventing RIP” as the linear address of the ENCLU[EENTER/ERESUME] instruc-
tion that performed the last enclave entry. 
A PEBS record is generated after the AEX if there is a PEBS event pending at the end of AEX (due to a counter over-
flowing during enclave execution or during AEX execution). This PEBS record contains the synthetic state of the 
logical processor that is established at the end of AEX. For opt-in entry, this record has the EVENTING_RIP set to 
the RIP saved in the SSA. For opt-out entry, the record has the EVENTING_RIP set to the linear address of 
EENTER/ERESUME used for the last enclave entry.
If the enclave was entered via an opt-in entry, then this record reports the “Eventing RIP” as the linear address in 
the SSA of the enclave (a.k.a., the “Eventing LIP” inside the enclave). If the enclave was entered via an opt-out 
entry, then the record reports the “Eventing RIP” as the linear address of the ENCLU[EENTER/ERESUME] instruc-
tion that performed the last enclave entry.
A second PEBS event may be pended during the Enclave Exiting Event (EEE). If the PEBS event is taken at the end 
of delivery of the EEE then the “Eventing RIP” in this second PEBS record is the linear address of the AEP.

43.6.6 

Exception-Handling on PEBS/BTS Loads/Stores after AEX

The operating system should allocate sections of the DS save area from a non-paged pool, and mark them as 
accessed and dirty. If the loads/stores to any section of the DS save area incur faults then such faults are reported 
to the OS/VMM immediately, and generation of the PEBS/BTS record is skipped and may leave the buffers in a state 
where they have a partial PEBS or BTS records. 
However, any events that are detected during PEBS/BTS record generation at the end of AEX and before delivering 
the Enclave Exiting Event (EEE) cannot be reported immediately to the OS/VMM, as an event window is not open at