英特尔®可信执行技术(TXT)软件开发全面指南

intel

需积分: 33 54 浏览量更新于2024-07-26 收藏 875KB PDF 举报

身份认证购VIP最低享 7 折!

领优惠券(最高得80元）

英特尔®可信执行技术（Intel® Trusted Execution Technology，简称TXT）是一种高级的平台安全特性，旨在增强现代计算机系统的安全性，尤其是在处理敏感数据和执行关键任务时。TXT软件开发指南是一份详细的文档，为开发者提供关于如何在英特尔架构的系统中实现和利用TXT功能的深入指导。这份315168-007版本的文档发布于2011年3月，旨在帮助软件开发者了解以下关键知识点： 1. **测量启动环境**（Measured Launch Environment, MLE）：TXT的核心概念是创建一个隔离的环境，即测量启动环境，其中代码的执行过程会被严格监控，确保只有经过验证的代码可以在该环境中运行。这对于防止恶意软件、病毒或未经授权的代码篡改至关重要。 2. **安全隔离**：开发者需要遵循文档提供的指南来确保代码的可信性，通过限制对敏感数据的访问，以及在不同安全域之间传递数据的机制，以保护数据隐私和完整性。 3. **指令集与平台支持**：文档会列出哪些Intel处理器型号支持TXT，并且可能包含针对特定处理器特性的优化建议，以便开发者针对不同的硬件环境编写兼容的软件。 4. **安全策略与授权**：明确指出，这份文档并不构成对Intel知识产权的任何许可，除非符合英特尔产品销售条款。开发者必须理解并遵守这些条款，特别是关于责任免除和保修声明的部分，包括产品适配特定用途、无制造缺陷和侵犯专利等方面的保证。 5. **安全最佳实践**：指南提供了关于如何设计和实施安全策略、配置TXT的指导，以及如何处理潜在的安全威胁和漏洞的建议。 6. **警告与限制**：开发者需要注意，未经英特尔书面同意，不应用于可能导致人身伤害或死亡的应用场景，强调了安全责任的重要性。 7. **规格与更新**：Intel可能会随时更改产品规格和描述，因此开发者在开发过程中需要密切关注英特尔的最新公告，以适应可能的改动。英特尔TXT软件开发指南为软件开发者提供了一套完整的工具和方法论，以确保在使用TXT技术时能够最大程度地保护系统和用户数据的安全，同时避免法律风险。阅读并遵循此指南对于在英特尔平台上构建安全应用至关重要。

资源详情

资源推荐

Overview

16 Intel

TXT Software Development Guide

cleared by the platform reset; this makes the error code accessible for post-reset

diagnostics.

An Intel TXT shutdown can be generated by the processor during execution of certain

GETSEC leaf functions (for example: ENTERACCS, EXITAC, SENTER, SEXIT), where

recovery from an error condition is not considered reliable. This situation should be

interpreted as an abort of authenticated execution or measured environment launch.

A legacy IA-32 triple-fault shutdown condition is also converted to an Intel TXT

shutdown sequence if the triple-fault shutdown occurs during authenticated code

execution mode or while the measured environment is active. The same is true for

other legacy non-SMX specific fault shutdown error conditions. Legacy shutdown to

Intel TXT shutdown conversions are defined as the mode of operation between:

Execution of the GETSEC functions ENTERACCS and EXITAC

Recognition of the message signaling the beginning of the processor rendezvous

after GETSEC[SENTER] and the message signaling the completion of the processor

rendezvous

Additionally, there is a special case. If the processor is in VMX operation while the

measured environment is active, a triple-fault shutdown condition that causes a guest

exiting event back to the Virtual Machine Monitor (VMM) supersedes conversion to the

Intel TXT shutdown sequence. In this situation, the VMM remains in control after the

error condition that occurred at the guest level and there is no need to abort

processor execution.

Given the above situation, if the triple-fault shutdown occurs at the root level of the

MLE or a VMX abort is detected, then an Intel TXT shutdown sequence is signaled. For

more details on a VMX abort, see Chapter 23, “VM Exits,” in the Intel 64 and IA-32

Software Developer Manuals, Volume 3B.

Measured Launched Environment

18 Intel

TXT Software Development Guide

Field Offset Size

(bytes)

Description

CmdlineEnd 48 4 Ending linear address of command line

UUID: This field contains a UUID which uniquely identifies this MLE Header Structure.

The UUID is defined as follows:

ULONG UUID0; // 9082AC5A

ULONG UUID1; // 74A7476F

ULONG UUID2; // A2555C0F

ULONG UUID3; // 42B651CB

This UUID value should only exist in the MLE (binary) in this field of the MLE header.

This implies that this UUID should not be stored as a variable nor placed in the code to

be assigned to this field. This can also be ensured by analyzing the binary.

HeaderLen: this field contains the length in bytes of the MLE Header Structure.

Version: this field contains the version of the MLE header, where the upper two bytes

are the major version and the lower two bytes are the minor version. Changes in the

major version indicate that an incompatible change in behavior is required of the MLE

or that the format of this structure is not backwards compatible. Version 2.1

(20001H) is the currently supported version.

EntryPoint: this field is the linear address, within the MLE’s linear address space, at

which the ILP will begin execution upon completion of the GETSEC[SENTER]

instruction.

FirstValidPage: this field is the starting linear address of the MLE. This will be

verified by SINIT to match the first valid entry in the MLE page tables.

MleStart / MleEnd: these fields are intended for use by system software that needs

to know which portion of an MLE binary file is the MLE, as defined by its page table.

This might be useful for calculating the MLE hash when the entire binary file is not

being used as the MLE.

Capabilities: this bit vector represents TXT-related capabilities that the MLE supports.

It will be used by the SINIT AC module to determine whether the MLE is compatible

with it and as needed for any optional capabilities. The currently defined bits for this

are:

Table 2. MLE/SINIT Capabilities Field Bit Definitions

Bit position Description

0 Support for GETSEC[WAKEUP] for RLP wakeup (1)

All MLEs should support this.

1 Support for RLP wakeup using MONITOR address

(SinitMleData.RlpWakeupAddr) (1)

All MLEs should support this.

2 The ECX register will contain the pointer to the MLE page table on return

from SINIT to the MLE EntryPoint (1).

3 STM support (1).

Measured Launched Environment

Intel

TXT Software Development Guide 19

31:4 Reserved (must be 0)

CmdlineStart / CmdlineEnd: these fields are intended for use by system software

that needs calculate the MLE hash, for MLEs that include their command lines in their

identity. These are linear addresses within the MLE of the beginning and end of a

buffer that will contain the command line. The buffer is padded with 0 bytes at the

end. MLEs which do not include the command line in their identity should set these

fields to 0.

2.2 MLE Launch

At some point system software will start an Intel TXT environment. This may be done

at operating system loader time or could be done after the operating system boots.

From this point on we will assume that the operating system is starting the Intel TXT

environment and refer to this code as the system software.

After the measured environment startup, the application processors (RLPs) will not

respond to SIPIs as they did before SENTER. Once the measured environment is

launched, the RLPs cannot run the real-mode MP startup code. An alternative MP

startup algorithm will need to be developed. The new MP startup algorithm would not

require the RLPs to leave protected mode with paging on. The OS may also be

required to detect whether a measured environment has been established and use this

information to decide which MP startup algorithm is appropriate (the standard MP

startup algorithm or the modified algorithm).

This section shows the pseudocode for preparing the system for the SMX measured

launch. The following describes the process in a number of sub-sections:

Intel TXT detection and processor preparation

Detection of previous errors

Loading the SINIT AC module

Loading the MLE and processor rendezvous

Performing a measured launch

2.2.1 Intel

TXT Detection and Processor Preparation

Lines 1 - 4: Before attempting to launch the measured environment, the system

software should check that all logical processors support VMX and SMX (the check for

VMX support is not necessary if the environment to be launched will not use VMX).

For single processor socket systems, it is sufficient if this action is only performed by

the ILP. This includes physical processors containing multiple logical processors. In

order to correctly handle multiple processor socket systems, this check must be

performed on all logical processors. It is possible that two physical processor within

the same system may differ in terms of SMX and VMX capabilities.

For details on detecting and enabling VMX see chapter 19, “Introduction to Virtual-

Machine Extensions”, in the Intel 64 and IA-32 Software Developer Manuals, Volume

3B. For details on detecting and enabling SMX support see chapter 6, “Safer Mode

Extensions Reference”, in the Intel 64 and IA-32 Software Developer Manuals, Volume

2B .

Measured Launched Environment

20 Intel

TXT Software Development Guide

Lines 5 - 9: System software should check that the chipset supports Intel TXT prior to

launching the measured environment. The presence of the Intel TXT chipset can be

detected by executing GETSEC[CAPABILITIES] with EAX=0 & EBX=0. This instruction

will return the ‘Intel TXT Chipset’ bit set in EAX if an Intel TXT chipset is present. The

processor must enable SMX before executing the GETSEC instruction.

Lines 10 – 12: System software should also verify that the processor supports all of

the GETSEC instruction leaf indices that will be needed. The minimal set of

instructions required will depend on the system software and MLE, but is most likely

SENTER, SEXIT, WAKEUP, SMCTRL, and PARAMETERS. The supported leaves are

indicated in the EAX register after executing the GETSEC[CAPABILITIES] instruction as

indicated above.

Listing 1. Intel

TXT Detection Pseudocode

// Intel TXT detection

// Execute on all logical processors for compatibility with

// multiple processor systems

1. CPUID(EAX=1);

2. IF (SMX not supported) OR (VMX not supported) {

3. Fail measured environment startup;

4. }

// Enable SMX on ILP & check for Intel TXT chipset

5. CR4.SMXE = 1;

6. GETSEC[CAPABILITIES];

7. IF (Intel TXT chipset NOT present) {

8. Fail measured environment startup;

9. }

10. IF (All needed SMX GETSEC leaves are NOT supported) {

11. Fail measured environment startup;

12. }

2.2.2 Detection of Previous Errors

In order to prevent a cycle of failures or system resets, it is necessary for the system

software to check for errors from a previous launch. Errors that are detected by

system software prior to executing the GETSEC[SENTER] instruction will be specific to

that software and, if persisted, will be in a manner specific to the software. Errors

generated during execution of the GETSEC[SENTER] instruction result in a system

reset and the error code being stored in the TXT.ERRORCODE register. Possible

remediation steps are described in section 4.2.

Lines 1 - 3: The error code from an error generated during the GETSEC[SENTER]

instruction is stored in the TXT.ERRORCODE register, which is persistent across soft

resets. A non-zero value indicates an error. Error codes are specific to an SINIT AC

module and can be found in a text file that is distributed with the module.

Lines 4 - 6: If the TXT_RESET.STS bit of the TXT.ESTS register is set, then in order to

maintain TXT integrity the GETSEC[SENTER] instruction will fail. System software

剩余111页未读，继续阅读

专业路人甲

粉丝: 1
资源: 24

英特尔®可信执行技术(TXT)软件开发全面指南

trustzone与OP-TEE

Intel® Trusted Execution Technology (Intel® TXT) Enabling Guide

英特尔软件开发工具介绍——Intel^R VTune可视化性能分析器

英特尔64和 ia-32 体系结构的软件开发人员手册合集.pdf

英特尔® Parallel Amplifier 入门

axi4 spec 中文版.pdf

英特尔智音技术oed驱动修复.rar

英特尔® 酷睿™ i3-10100 处理器参数

英特尔® 以太网适配器 完整驱动程序各文件作用

hardware and software support for virtualization.pdf

atom-e3800-family-datasheet.pdf

dpdk 中文编程指南 pdf

英特尔® Wireless-AC 9560 有支持omnipeek抓包的驱动吗

英特尔智音技术oed驱动下载

x86服务器基础知识介绍.pdf

intel.realsense.viewer.exe

英特尔eeupdate64e.exe工具

英特尔智音技术oed驱动

英特尔智音技术OED

intel onemkl开发指南

最新资源

英特尔® 以太网适配器完整驱动程序各文件作用