Lines Matching full:permissions

192 	 * CPU will silently overwrite the permissions as zero, which means  in sgx_validate_secinfo()
385  * A SECINFO for a TCS is required to always contain zero permissions because
389  * mmap()'s protection bits are capped by the page permissions. For each page
393  * 1. A regular page: PROT_R, PROT_W and PROT_X match the SECINFO permissions.
706  * sgx_enclave_restrict_permissions() - Restrict EPCM permissions
709  *              their new permissions.
727 	secinfo.flags = modp->permissions & SGX_SECINFO_PERMISSION_MASK;  in sgx_enclave_restrict_permissions()
743 		 * Changing EPCM permissions is only supported on regular  in sgx_enclave_restrict_permissions()
755 		 * how EPCM permissions can be relaxed from within the enclave.  in sgx_enclave_restrict_permissions()
756 		 * ENCLS[EMODPR] can only remove existing EPCM permissions,  in sgx_enclave_restrict_permissions()
757 		 * attempting to set new permissions will be ignored by the  in sgx_enclave_restrict_permissions()
761 		/* Change EPCM permissions. */  in sgx_enclave_restrict_permissions()
768 			 * permissions of a regular page, and no concurrent  in sgx_enclave_restrict_permissions()
811  * permissions maintained by the hardware (EPCM permissions) of pages
814  * EPCM permissions cannot be restricted from within the enclave, the enclave
816  * and ENCLS[ETRACK]. An attempt to relax EPCM permissions with this call
839 	if (params.permissions & ~SGX_SECINFO_PERMISSION_MASK)  in sgx_ioc_enclave_restrict_permissions()
843 	 * Fail early if invalid permissions requested to prevent ENCLS[EMODPR]  in sgx_ioc_enclave_restrict_permissions()
846 	if ((params.permissions & SGX_SECINFO_W) &&  in sgx_ioc_enclave_restrict_permissions()
847 	    !(params.permissions & SGX_SECINFO_R))  in sgx_ioc_enclave_restrict_permissions()
930 		 * respect the originally vetted page permissions.  in sgx_enclave_modify_types()