Lines Matching full:permissions

184 	 * CPU will silently overwrite the permissions as zero, which means  in sgx_validate_secinfo()
377  * A SECINFO for a TCS is required to always contain zero permissions because
381  * mmap()'s protection bits are capped by the page permissions. For each page
385  * 1. A regular page: PROT_R, PROT_W and PROT_X match the SECINFO permissions.
725  * sgx_enclave_restrict_permissions() - Restrict EPCM permissions
728  *              their new permissions.
746 	secinfo.flags = modp->permissions & SGX_SECINFO_PERMISSION_MASK;  in sgx_enclave_restrict_permissions()
762 		 * Changing EPCM permissions is only supported on regular  in sgx_enclave_restrict_permissions()
774 		 * how EPCM permissions can be relaxed from within the enclave.  in sgx_enclave_restrict_permissions()
775 		 * ENCLS[EMODPR] can only remove existing EPCM permissions,  in sgx_enclave_restrict_permissions()
776 		 * attempting to set new permissions will be ignored by the  in sgx_enclave_restrict_permissions()
780 		/* Change EPCM permissions. */  in sgx_enclave_restrict_permissions()
787 			 * permissions of a regular page, and no concurrent  in sgx_enclave_restrict_permissions()
830  * permissions maintained by the hardware (EPCM permissions) of pages
833  * EPCM permissions cannot be restricted from within the enclave, the enclave
835  * and ENCLS[ETRACK]. An attempt to relax EPCM permissions with this call
858 	if (params.permissions & ~SGX_SECINFO_PERMISSION_MASK)  in sgx_ioc_enclave_restrict_permissions()
862 	 * Fail early if invalid permissions requested to prevent ENCLS[EMODPR]  in sgx_ioc_enclave_restrict_permissions()
865 	if ((params.permissions & SGX_SECINFO_W) &&  in sgx_ioc_enclave_restrict_permissions()
866 	    !(params.permissions & SGX_SECINFO_R))  in sgx_ioc_enclave_restrict_permissions()
949 		 * respect the originally vetted page permissions.  in sgx_enclave_modify_types()