Lines Matching +full:sram +full:- +full:proc

1 .. SPDX-License-Identifier: GPL-2.0
13 * Privileged (ring-0) ENCLS functions orchestrate the construction of the
15 * Unprivileged (ring-3) ENCLU functions allow an application to enter and
27 	``grep sgx /proc/cpuinfo``
38 with an enclave. It is contained in a BIOS-reserved region of physical memory.
49 ------------------
67 ----------------------
76 remain read-only.  EPCM permissions may only impose additional restrictions on
88 -----------------------
97 .. kernel-doc:: arch/x86/kernel/cpu/sgx/ioctl.c
104 --------------------------
113 .. kernel-doc:: arch/x86/kernel/cpu/sgx/ioctl.c
119 ------------
121 Entering an enclave can only be done through SGX-specific EENTER and ERESUME
122 functions, and is a non-trivial process.  Because of the complexity of
132 can leverage special exception fixup provided by the vDSO.  The kernel-provided
133 vDSO function wraps low-level transitions to/from the enclave like EENTER and
138 .. kernel-doc:: arch/x86/include/uapi/asm/sgx.h
147 ----------------
153 reinitializes all enclave pages so that they can be allocated and re-used.
161 --------------
174 EINIT function takes an RSA-3072 signature of the enclave measurement.  The function
192 encrypt pages leaving the CPU caches. MEE uses a n-ary Merkle tree with root in
193 SRAM to maintain integrity of the encrypted data. This provides integrity and
194 anti-replay protection but does not scale to large memory sizes because the time
199 MEE. TME-based SGX implementations do not have an integrity Merkle tree, which
200 means integrity and replay-attacks are not mitigated.  B, it includes
211 --------------
216 the enclave through special SGX instructions. A run-time within the enclave is
221 ---------------------
224 configured with a library OS and run-time which permits the application to run.
225 The enclave run-time and library OS work together to execute the application
232 ---------
238 This is effectively a kernel use-after-free of an EPC page, and due