Lines Matching full:permissions

191 	 * CPU will silently overwrite the permissions as zero, which means  in sgx_validate_secinfo()
384  * A SECINFO for a TCS is required to always contain zero permissions because
388  * mmap()'s protection bits are capped by the page permissions. For each page
392  * 1. A regular page: PROT_R, PROT_W and PROT_X match the SECINFO permissions.
732  * sgx_enclave_restrict_permissions() - Restrict EPCM permissions
735  *              their new permissions.
753 	secinfo.flags = modp->permissions & SGX_SECINFO_PERMISSION_MASK;  in sgx_enclave_restrict_permissions()
769 		 * Changing EPCM permissions is only supported on regular  in sgx_enclave_restrict_permissions()
781 		 * how EPCM permissions can be relaxed from within the enclave.  in sgx_enclave_restrict_permissions()
782 		 * ENCLS[EMODPR] can only remove existing EPCM permissions,  in sgx_enclave_restrict_permissions()
783 		 * attempting to set new permissions will be ignored by the  in sgx_enclave_restrict_permissions()
787 		/* Change EPCM permissions. */  in sgx_enclave_restrict_permissions()
794 			 * permissions of a regular page, and no concurrent  in sgx_enclave_restrict_permissions()
837  * permissions maintained by the hardware (EPCM permissions) of pages
840  * EPCM permissions cannot be restricted from within the enclave, the enclave
842  * and ENCLS[ETRACK]. An attempt to relax EPCM permissions with this call
865 	if (params.permissions & ~SGX_SECINFO_PERMISSION_MASK)  in sgx_ioc_enclave_restrict_permissions()
869 	 * Fail early if invalid permissions requested to prevent ENCLS[EMODPR]  in sgx_ioc_enclave_restrict_permissions()
872 	if ((params.permissions & SGX_SECINFO_W) &&  in sgx_ioc_enclave_restrict_permissions()
873 	    !(params.permissions & SGX_SECINFO_R))  in sgx_ioc_enclave_restrict_permissions()
956 		 * respect the originally vetted page permissions.  in sgx_enclave_modify_types()