sgx 0.6.1

Library for Intel SGX
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98

// SPDX-License-Identifier: Apache-2.0

use crate::parameters::{Attributes, MiscSelect, Parameters};
use core::num::NonZeroU32;

impl Parameters {
    /// Creates a new `Secs` instance
    ///
    /// This creates a new instances of an SGX Enclave Control Structure (SECS)
    /// page using the specified `Parameters` along with the `base` address and
    /// `size` as well as the number of pages in an SSA frame.
    ///
    /// Note that the `Masked` types in `Parameters` are interpreted as follows:
    ///   * `data`: contains the features the enclave author desires
    ///   * `mask`: contains the features supported by this platform
    ///
    /// The intersection of these two sets forms the set of features enabled.
    pub fn secs(&self, base: *const (), size: usize, ssa_frame_pages: NonZeroU32) -> Secs {
        Secs {
            size: size as u64,
            baseaddr: base as u64,
            ssaframesize: ssa_frame_pages,
            miscselect: self.misc.data & self.misc.mask,
            reserved0: [0; 24],
            attributes: self.attr.data & self.attr.mask,
            mrenclave: [0; 32],
            reserved1: [0; 32],
            mrsigner: [0; 32],
            reserved2: [0; 12],
            pid: self.pid,
            svn: self.svn,
            reserved3: [0; 7],
            reserved4: [[0; 28]; 17],
        }
    }
}

/// SGX Enclave Control Structure (SECS) page
///
/// The contents of `Secs` are entirely opaque as this type is passed directly
/// to the hardware during enclave creation and never user readable.
#[derive(Copy, Clone)]
#[repr(C, align(4096))]
pub struct Secs {
    size: u64,
    baseaddr: u64,
    ssaframesize: NonZeroU32,
    miscselect: MiscSelect,
    reserved0: [u8; 24],
    attributes: Attributes,
    mrenclave: [u8; 32],
    reserved1: [u8; 32],
    mrsigner: [u8; 32],
    reserved2: [u64; 12],
    pid: u16,
    svn: u16,
    reserved3: [u32; 7],
    reserved4: [[u64; 28]; 17],
}

impl core::fmt::Debug for Secs {
    fn fmt(&self, f: &mut core::fmt::Formatter<'_>) -> core::fmt::Result {
        f.debug_struct("Secs")
            .field("size", &self.size)
            .field("baseaddr", &self.baseaddr)
            .field("ssaframesize", &self.ssaframesize)
            .field("miscselect", &self.miscselect)
            .field("attributes", &self.attributes)
            .field("pid", &self.pid)
            .field("svn", &self.svn)
            .finish()
    }
}

#[cfg(test)]
mod test {
    use super::Secs;
    use testaso::testaso;

    testaso! {
        struct Secs: 4096, 4096 => {
            size: 0,
            baseaddr: 8,
            ssaframesize: 16,
            miscselect: 20,
            reserved0: 24,
            attributes: 48,
            mrenclave: 64,
            reserved1: 96,
            mrsigner: 128,
            reserved2: 160,
            pid: 256,
            svn: 258,
            reserved3: 260,
            reserved4: 288
        }
    }
}