Lines Matching +full:tcs +full:- +full:offset
1 /*-
7 * FA8650-15-C-7558 ("CADETS"), as part of the DARPA Transparent Computing
61 * Adds TCS, REG pages to the enclave.
66 * .-- ECREATE -- Add SECS page
67 * Kernel | EADD -- Add TCS, REG pages
68 * space | EEXTEND -- Measure the page (take unique hash)
69 * ENCLS | EPA -- Allocate version array page
70 * '-- EINIT -- Finalize enclave creation
71 * User .-- EENTER -- Go to entry point of enclave
72 * space | EEXIT -- Exit back to main application
73 * ENCLU '-- ERESUME -- Resume enclave execution (e.g. after exception)
82 * on step 2, create TCS or REG physical page and map it to specified by
91 * - PT_SECS index is special and equals SGX_SECS_VM_OBJECT_INDEX (-1);
92 * - PT_TCS and PT_REG indexes are specified by user in addr field of ioctl
94 * pidx = OFF_TO_IDX(addp->addr - vmh->base);
95 * - PT_VA index is special, created for PT_REG, PT_TCS and PT_SECS pages
97 * va_page_idx = - SGX_VA_PAGES_OFFS - (page_idx / SGX_VA_PAGE_SLOTS);
101 * - PT_TRIM is unused.
106 * We use sc->mtx_encls lock around them to prevent concurrent execution.
107 * sc->mtx lock is used to manage list of created enclaves and the state of
116 * Intel® 64 and IA-32 Architectures Software Developer's Manual
117 * https://software.intel.com/en-us/articles/intel-sdm
172 if (vmem_alloc(sc->vmem_epc, PAGE_SIZE, M_FIRSTFIT | M_NOWAIT, in sgx_get_epc_page()
174 i = (addr - sc->epc_base) / PAGE_SIZE; in sgx_get_epc_page()
175 *epc = &sc->epc_pages[i]; in sgx_get_epc_page()
190 addr = (epc->index * PAGE_SIZE) + sc->epc_base; in sgx_put_epc_page()
191 vmem_free(sc->vmem_epc, addr, PAGE_SIZE); in sgx_put_epc_page()
201 page->valid = VM_PAGE_BITS_ALL; in sgx_insert_epc_page_by_index()
225 mtx_lock(&sc->mtx_encls); in sgx_va_slot_init_by_index()
226 sgx_epa((void *)epc->base); in sgx_va_slot_init_by_index()
227 mtx_unlock(&sc->mtx_encls); in sgx_va_slot_init_by_index()
229 page = PHYS_TO_VM_PAGE(epc->phys); in sgx_va_slot_init_by_index()
245 object = enclave->object; in sgx_va_slot_init()
250 idx = - SGX_VA_PAGES_OFFS - va_page_idx; in sgx_va_slot_init()
265 map = &curproc->p_vmspace->vm_map; in sgx_mem_find()
274 object = entry->object.vm_object; in sgx_mem_find()
275 if (object == NULL || object->handle == NULL) { in sgx_mem_find()
280 if (object->type != OBJT_MGTDEVICE || in sgx_mem_find()
281 object->un_pager.devp.ops != &sgx_pg_ops) { in sgx_mem_find()
309 vmh = object->handle; in sgx_enclave_find()
315 enclave = vmh->enclave; in sgx_enclave_find()
316 if (enclave == NULL || enclave->object == NULL) { in sgx_enclave_find()
335 enclave->base = secs->base; in sgx_enclave_alloc()
336 enclave->size = secs->size; in sgx_enclave_alloc()
348 mtx_lock(&sc->mtx_encls); in sgx_epc_page_remove()
349 sgx_eremove((void *)epc->base); in sgx_epc_page_remove()
350 mtx_unlock(&sc->mtx_encls); in sgx_epc_page_remove()
366 dprintf("%s: p->pidx %ld\n", __func__, p->pindex); in sgx_page_remove()
369 epc = &sc->epc_pages[0]; in sgx_page_remove()
370 offs = (pa - epc->phys) / PAGE_SIZE; in sgx_page_remove()
371 epc = &sc->epc_pages[offs]; in sgx_page_remove()
385 mtx_lock(&sc->mtx); in sgx_enclave_remove()
386 TAILQ_REMOVE(&sc->enclaves, enclave, next); in sgx_enclave_remove()
387 mtx_unlock(&sc->mtx); in sgx_enclave_remove()
389 object = enclave->object; in sgx_enclave_remove()
400 if (p->pindex == SGX_SECS_VM_OBJECT_INDEX) in sgx_enclave_remove()
414 KASSERT(object->resident_page_count == 0, ("count")); in sgx_enclave_remove()
426 mtx_lock(&sc->mtx_encls); in sgx_measure_page()
432 ret = sgx_eextend((void *)secs->base, in sgx_measure_page()
433 (void *)(epc->base + i)); in sgx_measure_page()
435 mtx_unlock(&sc->mtx_encls); in sgx_measure_page()
440 mtx_unlock(&sc->mtx_encls); in sgx_measure_page()
451 if (secs->size == 0) in sgx_secs_validate()
455 if (secs->base & (secs->size - 1)) in sgx_secs_validate()
459 if (secs->size < 2 * PAGE_SIZE) in sgx_secs_validate()
462 if ((secs->size & (secs->size - 1)) != 0) in sgx_secs_validate()
465 attr = &secs->attributes; in sgx_secs_validate()
467 if (attr->reserved1 != 0 || in sgx_secs_validate()
468 attr->reserved2 != 0 || in sgx_secs_validate()
469 attr->reserved3 != 0) in sgx_secs_validate()
473 if (attr->reserved4[i]) in sgx_secs_validate()
482 if ((attr->xfrm & 0x3) != 0x3) in sgx_secs_validate()
485 if (!attr->mode64bit) in sgx_secs_validate()
488 if (secs->size > sc->enclave_size_max) in sgx_secs_validate()
492 if (secs->reserved1[i]) in sgx_secs_validate()
496 if (secs->reserved2[i]) in sgx_secs_validate()
500 if (secs->reserved3[i]) in sgx_secs_validate()
504 if (secs->reserved4[i]) in sgx_secs_validate()
511 sgx_tcs_validate(struct tcs *tcs) in sgx_tcs_validate() argument
515 if ((tcs->flags) || in sgx_tcs_validate()
516 (tcs->ossa & (PAGE_SIZE - 1)) || in sgx_tcs_validate()
517 (tcs->ofsbasgx & (PAGE_SIZE - 1)) || in sgx_tcs_validate()
518 (tcs->ogsbasgx & (PAGE_SIZE - 1)) || in sgx_tcs_validate()
519 ((tcs->fslimit & 0xfff) != 0xfff) || in sgx_tcs_validate()
520 ((tcs->gslimit & 0xfff) != 0xfff)) in sgx_tcs_validate()
523 for (i = 0; i < nitems(tcs->reserved3); i++) in sgx_tcs_validate()
524 if (tcs->reserved3[i]) in sgx_tcs_validate()
531 sgx_tcs_dump(struct sgx_softc *sc, struct tcs *t) in sgx_tcs_dump()
534 dprintf("t->flags %lx\n", t->flags); in sgx_tcs_dump()
535 dprintf("t->ossa %lx\n", t->ossa); in sgx_tcs_dump()
536 dprintf("t->cssa %x\n", t->cssa); in sgx_tcs_dump()
537 dprintf("t->nssa %x\n", t->nssa); in sgx_tcs_dump()
538 dprintf("t->oentry %lx\n", t->oentry); in sgx_tcs_dump()
539 dprintf("t->ofsbasgx %lx\n", t->ofsbasgx); in sgx_tcs_dump()
540 dprintf("t->ogsbasgx %lx\n", t->ogsbasgx); in sgx_tcs_dump()
541 dprintf("t->fslimit %x\n", t->fslimit); in sgx_tcs_dump()
542 dprintf("t->gslimit %x\n", t->gslimit); in sgx_tcs_dump()
557 dprintf("%s: vmh->base %lx foff 0x%lx size 0x%lx\n", in sgx_pg_ctor()
558 __func__, vmh->base, foff, size); in sgx_pg_ctor()
575 sc = vmh->sc; in sgx_pg_dtor()
581 if (vmh->enclave == NULL) { in sgx_pg_dtor()
586 sgx_enclave_remove(sc, vmh->enclave); in sgx_pg_dtor()
588 free(vmh->enclave, M_SGX); in sgx_pg_dtor()
593 sgx_pg_fault(vm_object_t object, vm_ooffset_t offset, in sgx_pg_fault() argument
603 dprintf("%s: offset 0x%lx\n", __func__, offset); in sgx_pg_fault()
628 VM_OBJECT_ASSERT_WLOCKED(enclave->object); in sgx_insert_epc_page()
631 page = PHYS_TO_VM_PAGE(epc->phys); in sgx_insert_epc_page()
633 sgx_insert_epc_page_by_index(page, enclave->object, pidx, pages); in sgx_insert_epc_page()
659 ret = copyin((void *)param->src, secs, sizeof(struct secs)); in sgx_ioctl_create()
671 ret = sgx_mem_find(sc, secs->base, &entry, &object); in sgx_ioctl_create()
677 vmh = object->handle; in sgx_ioctl_create()
684 dprintf("%s: entry start %lx offset %lx\n", in sgx_ioctl_create()
685 __func__, entry->start, entry->offset); in sgx_ioctl_create()
686 vmh->base = (entry->start - entry->offset); in sgx_ioctl_create()
693 enclave->object = object; in sgx_ioctl_create()
694 enclave->vmh = vmh; in sgx_ioctl_create()
708 enclave->secs_epc_page = epc; in sgx_ioctl_create()
721 - SGX_VA_PAGES_OFFS - SGX_SECS_VM_OBJECT_INDEX, &pages); in sgx_ioctl_create()
728 mtx_lock(&sc->mtx); in sgx_ioctl_create()
729 if ((sc->state & SGX_STATE_RUNNING) == 0) { in sgx_ioctl_create()
730 mtx_unlock(&sc->mtx); in sgx_ioctl_create()
732 p = vm_page_grab(enclave->object, in sgx_ioctl_create()
733 - SGX_VA_PAGES_OFFS - SGX_SECS_VM_OBJECT_INDEX, in sgx_ioctl_create()
739 mtx_lock(&sc->mtx_encls); in sgx_ioctl_create()
740 ret = sgx_ecreate(&pginfo, (void *)epc->base); in sgx_ioctl_create()
741 mtx_unlock(&sc->mtx_encls); in sgx_ioctl_create()
744 mtx_unlock(&sc->mtx); in sgx_ioctl_create()
746 p = vm_page_grab(enclave->object, in sgx_ioctl_create()
747 - SGX_VA_PAGES_OFFS - SGX_SECS_VM_OBJECT_INDEX, in sgx_ioctl_create()
754 TAILQ_INSERT_TAIL(&sc->enclaves, enclave, next); in sgx_ioctl_create()
755 mtx_unlock(&sc->mtx); in sgx_ioctl_create()
757 vmh->enclave = enclave; in sgx_ioctl_create()
759 page = PHYS_TO_VM_PAGE(epc->phys); in sgx_ioctl_create()
760 sgx_insert_epc_page_by_index(page, enclave->object, in sgx_ioctl_create()
795 struct tcs *t; in sgx_ioctl_add_page()
806 ret = sgx_enclave_find(sc, addp->addr, &enclave); in sgx_ioctl_add_page()
812 object = enclave->object; in sgx_ioctl_add_page()
814 vmh = object->handle; in sgx_ioctl_add_page()
823 ret = copyin((void *)addp->secinfo, &secinfo, in sgx_ioctl_add_page()
831 ret = copyin((void *)addp->src, tmp_vaddr, PAGE_SIZE); in sgx_ioctl_add_page()
844 t = (struct tcs *)tmp_vaddr; in sgx_ioctl_add_page()
847 dprintf("%s: TCS page validation failed.\n", in sgx_ioctl_add_page()
854 addr = (addp->addr - vmh->base); in sgx_ioctl_add_page()
874 secs_epc_page = enclave->secs_epc_page; in sgx_ioctl_add_page()
876 pginfo.linaddr = (uint64_t)addp->addr; in sgx_ioctl_add_page()
879 pginfo.secs = (uint64_t)secs_epc_page->base; in sgx_ioctl_add_page()
881 mtx_lock(&sc->mtx_encls); in sgx_ioctl_add_page()
882 ret = sgx_eadd(&pginfo, (void *)epc->base); in sgx_ioctl_add_page()
885 mtx_unlock(&sc->mtx_encls); in sgx_ioctl_add_page()
889 mtx_unlock(&sc->mtx_encls); in sgx_ioctl_add_page()
891 ret = sgx_measure_page(sc, enclave->secs_epc_page, epc, addp->mrmask); in sgx_ioctl_add_page()
936 __func__, initp->addr, initp->sigstruct, initp->einittoken); in sgx_ioctl_init()
939 ret = sgx_enclave_find(sc, initp->addr, &enclave); in sgx_ioctl_init()
945 object = enclave->object; in sgx_ioctl_init()
951 ret = copyin((void *)initp->sigstruct, sigstruct, in sgx_ioctl_init()
958 ret = copyin((void *)initp->einittoken, einittoken, in sgx_ioctl_init()
965 secs_epc_page = enclave->secs_epc_page; in sgx_ioctl_init()
968 mtx_lock(&sc->mtx_encls); in sgx_ioctl_init()
969 ret = sgx_einit(sigstruct, (void *)secs_epc_page->base, in sgx_ioctl_init()
971 mtx_unlock(&sc->mtx_encls); in sgx_ioctl_init()
973 } while (ret == SGX_UNMASKED_EVENT && retry--); in sgx_ioctl_init()
977 td->td_retval[0] = ret; in sgx_ioctl_init()
1032 sgx_mmap_single(struct cdev *cdev, vm_ooffset_t *offset, in sgx_mmap_single() argument
1040 dprintf("%s: mapsize 0x%lx, offset %lx\n", in sgx_mmap_single()
1041 __func__, mapsize, *offset); in sgx_mmap_single()
1045 vmh->sc = sc; in sgx_mmap_single()
1046 vmh->size = mapsize; in sgx_mmap_single()
1047 vmh->mem = cdev_pager_allocate(vmh, OBJT_MGTDEVICE, &sgx_pg_ops, in sgx_mmap_single()
1048 mapsize, nprot, *offset, NULL); in sgx_mmap_single()
1049 if (vmh->mem == NULL) { in sgx_mmap_single()
1054 VM_OBJECT_WLOCK(vmh->mem); in sgx_mmap_single()
1055 vm_object_set_flag(vmh->mem, OBJ_PG_DTOR); in sgx_mmap_single()
1056 VM_OBJECT_WUNLOCK(vmh->mem); in sgx_mmap_single()
1058 *objp = vmh->mem; in sgx_mmap_single()
1080 sc->epc_base = ((uint64_t)(cp[1] & 0xfffff) << 32) + in sgx_get_epc_area()
1082 sc->epc_size = ((uint64_t)(cp[3] & 0xfffff) << 32) + in sgx_get_epc_area()
1084 sc->npages = sc->epc_size / SGX_PAGE_SIZE; in sgx_get_epc_area()
1086 if (sc->epc_size == 0 || sc->epc_base == 0) { in sgx_get_epc_area()
1088 __func__, sc->epc_base, sc->epc_size); in sgx_get_epc_area()
1093 sc->enclave_size_max = (1 << ((cp[3] >> 8) & 0xff)); in sgx_get_epc_area()
1095 sc->enclave_size_max = SGX_ENCL_SIZE_MAX_DEF; in sgx_get_epc_area()
1097 epc_base_vaddr = (vm_offset_t)pmap_mapdev_attr(sc->epc_base, in sgx_get_epc_area()
1098 sc->epc_size, VM_MEMATTR_DEFAULT); in sgx_get_epc_area()
1100 sc->epc_pages = malloc(sizeof(struct epc_page) * sc->npages, in sgx_get_epc_area()
1103 for (i = 0; i < sc->npages; i++) { in sgx_get_epc_area()
1104 sc->epc_pages[i].base = epc_base_vaddr + SGX_PAGE_SIZE * i; in sgx_get_epc_area()
1105 sc->epc_pages[i].phys = sc->epc_base + SGX_PAGE_SIZE * i; in sgx_get_epc_area()
1106 sc->epc_pages[i].index = i; in sgx_get_epc_area()
1109 sc->vmem_epc = vmem_create("SGX EPC", sc->epc_base, sc->epc_size, in sgx_get_epc_area()
1111 if (sc->vmem_epc == NULL) { in sgx_get_epc_area()
1113 free(sc->epc_pages, M_SGX); in sgx_get_epc_area()
1117 error = vm_phys_fictitious_reg_range(sc->epc_base, in sgx_get_epc_area()
1118 sc->epc_base + sc->epc_size, VM_MEMATTR_DEFAULT); in sgx_get_epc_area()
1121 free(sc->epc_pages, M_SGX); in sgx_get_epc_area()
1132 vm_phys_fictitious_unreg_range(sc->epc_base, in sgx_put_epc_area()
1133 sc->epc_base + sc->epc_size); in sgx_put_epc_area()
1135 free(sc->epc_pages, M_SGX); in sgx_put_epc_area()
1156 mtx_init(&sc->mtx_encls, "SGX ENCLS", NULL, MTX_DEF); in sgx_load()
1157 mtx_init(&sc->mtx, "SGX driver", NULL, MTX_DEF); in sgx_load()
1159 TAILQ_INIT(&sc->enclaves); in sgx_load()
1161 sc->sgx_cdev = make_dev(&sgx_cdevsw, 0, UID_ROOT, GID_WHEEL, in sgx_load()
1164 sc->state |= SGX_STATE_RUNNING; in sgx_load()
1167 sc->epc_base, sc->epc_size, sc->npages); in sgx_load()
1179 if ((sc->state & SGX_STATE_RUNNING) == 0) in sgx_unload()
1182 mtx_lock(&sc->mtx); in sgx_unload()
1183 if (!TAILQ_EMPTY(&sc->enclaves)) { in sgx_unload()
1184 mtx_unlock(&sc->mtx); in sgx_unload()
1187 sc->state &= ~SGX_STATE_RUNNING; in sgx_unload()
1188 mtx_unlock(&sc->mtx); in sgx_unload()
1190 destroy_dev(sc->sgx_cdev); in sgx_unload()
1192 vmem_destroy(sc->vmem_epc); in sgx_unload()
1195 mtx_destroy(&sc->mtx_encls); in sgx_unload()
1196 mtx_destroy(&sc->mtx); in sgx_unload()