github/acrn-hypervisor
1
0
Fork 0
mirror of https://github.com/projectacrn/acrn-hypervisor.git synced 2025-06-20 04:33:55 +00:00
Code Issues Projects Releases Wiki Activity

Adjust picture size for SGX

Browse Source 
Signed-off-by: Deb Taylor <deb.taylor@intel.com>
This commit is contained in:
Deb Taylor 2019-07-24 12:02:40 -04:00 committed by David Kinder
parent d0f7563d89
commit 42960ddcc8
1 changed files with 12 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
doc/tutorials/sgx_ virtualization.rst
View File

@ -19,7 +19,7 @@ ACRN SGX virtualization support can be divided into three parts:
The image below shows the high-level design of SGX virtualization in ACRN. The image below shows the high-level design of SGX virtualization in ACRN.
.. figure:: images/sgx-1.png .. figure:: images/sgx-1.png
:scale: 50% :scale: 25%
:align: left :align: left
Figure 1: SGX Virtualization in ACRN Figure 1: SGX Virtualization in ACRN
@ -67,13 +67,16 @@ you must perform the following:
a) Go to the Security page: a) Go to the Security page:
.. figure:: images/sgx-2.jpg .. figure:: images/sgx-2.jpg
:scale: 25%
:align: left :align: left
#) Enable SGX and configure the SGX Reserved Memory size as below: #) Enable SGX and configure the SGX Reserved Memory size as below:
* Intel Software Guard Extension (SGX) -> Enabled * Intel Software Guard Extension (SGX) -> Enabled
* SGX Reserved Memory Size -> 128MB * SGX Reserved Memory Size -> 128MB
.. figure:: images/sgx-3.jpg .. figure:: images/sgx-3.jpg
:scale: 25%
:align: left :align: left
.. note:: .. note::
@ -85,6 +88,7 @@ you must perform the following:
https://github.com/binbinwu1/acrn-hypervisor/commit/0153b2b9b9920b61780163f19c6f5318562215ef.patch https://github.com/binbinwu1/acrn-hypervisor/commit/0153b2b9b9920b61780163f19c6f5318562215ef.patch
#. Enable SGX in Guest: #. Enable SGX in Guest:
* Refer to https://github.com/intel/linux-sgx on how to enable SGX in Linux Guest. * Refer to https://github.com/intel/linux-sgx on how to enable SGX in Linux Guest.
* Refer to https://software.intel.com/en-us/articles/getting-started-with-sgx-sdk-for-windows on how to enable SGX in Windows Guest. * Refer to https://software.intel.com/en-us/articles/getting-started-with-sgx-sdk-for-windows on how to enable SGX in Windows Guest.
@ -158,6 +162,7 @@ Enclave System Function Handling
******************************** ********************************
A new "Enable ENCLS exiting" control bit (bit 15) is defined in the secondary processor-based VM execution control. A new "Enable ENCLS exiting" control bit (bit 15) is defined in the secondary processor-based VM execution control.
* 1-Setting of "Enable ENCLS exiting" enables ENCLS-exiting bitmap control, which is a new 64-bit ENCLS-exiting bitmap control field added to VMX VMCS (0202EH) to control VMEXIT on ENCLS leaf functions. * 1-Setting of "Enable ENCLS exiting" enables ENCLS-exiting bitmap control, which is a new 64-bit ENCLS-exiting bitmap control field added to VMX VMCS (0202EH) to control VMEXIT on ENCLS leaf functions.
* ACRN does not emulate ENCLS leaf functions and will not enable ENCLS exiting. * ACRN does not emulate ENCLS leaf functions and will not enable ENCLS exiting.