-
Notifications
You must be signed in to change notification settings - Fork 548
/
sgx_error.h
129 lines (113 loc) · 11 KB
/
sgx_error.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
/*
* Copyright (C) 2011-2021 Intel Corporation. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* * Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* * Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
* * Neither the name of Intel Corporation nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
* OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef _SGX_ERROR_H_
#define _SGX_ERROR_H_
#define SGX_MK_ERROR(x) (0x00000000|(x))
typedef enum _status_t
{
SGX_SUCCESS = SGX_MK_ERROR(0x0000),
SGX_ERROR_UNEXPECTED = SGX_MK_ERROR(0x0001), /* Unexpected error */
SGX_ERROR_INVALID_PARAMETER = SGX_MK_ERROR(0x0002), /* The parameter is incorrect */
SGX_ERROR_OUT_OF_MEMORY = SGX_MK_ERROR(0x0003), /* Not enough memory is available to complete this operation */
SGX_ERROR_ENCLAVE_LOST = SGX_MK_ERROR(0x0004), /* Enclave lost after power transition or used in child process created by linux:fork() */
SGX_ERROR_INVALID_STATE = SGX_MK_ERROR(0x0005), /* SGX API is invoked in incorrect order or state */
SGX_ERROR_FEATURE_NOT_SUPPORTED = SGX_MK_ERROR(0x0008), /* Feature is not supported on this platform */
SGX_PTHREAD_EXIT = SGX_MK_ERROR(0x0009), /* Enclave is exited with pthread_exit() */
SGX_ERROR_MEMORY_MAP_FAILURE = SGX_MK_ERROR(0x000a), /* Failed to reserve memory for the enclave */
SGX_ERROR_INVALID_FUNCTION = SGX_MK_ERROR(0x1001), /* The ecall/ocall index is invalid */
SGX_ERROR_OUT_OF_TCS = SGX_MK_ERROR(0x1003), /* The enclave is out of TCS */
SGX_ERROR_ENCLAVE_CRASHED = SGX_MK_ERROR(0x1006), /* The enclave is crashed */
SGX_ERROR_ECALL_NOT_ALLOWED = SGX_MK_ERROR(0x1007), /* The ECALL is not allowed at this time, e.g. ecall is blocked by the dynamic entry table, or nested ecall is not allowed during initialization */
SGX_ERROR_OCALL_NOT_ALLOWED = SGX_MK_ERROR(0x1008), /* The OCALL is not allowed at this time, e.g. ocall is not allowed during exception handling */
SGX_ERROR_STACK_OVERRUN = SGX_MK_ERROR(0x1009), /* The enclave is running out of stack */
SGX_ERROR_UNDEFINED_SYMBOL = SGX_MK_ERROR(0x2000), /* The enclave image has undefined symbol. */
SGX_ERROR_INVALID_ENCLAVE = SGX_MK_ERROR(0x2001), /* The enclave image is not correct. */
SGX_ERROR_INVALID_ENCLAVE_ID = SGX_MK_ERROR(0x2002), /* The enclave id is invalid */
SGX_ERROR_INVALID_SIGNATURE = SGX_MK_ERROR(0x2003), /* The signature is invalid */
SGX_ERROR_NDEBUG_ENCLAVE = SGX_MK_ERROR(0x2004), /* The enclave is signed as product enclave, and can not be created as debuggable enclave. */
SGX_ERROR_OUT_OF_EPC = SGX_MK_ERROR(0x2005), /* Not enough EPC is available to load the enclave */
SGX_ERROR_NO_DEVICE = SGX_MK_ERROR(0x2006), /* Can't open SGX device */
SGX_ERROR_MEMORY_MAP_CONFLICT= SGX_MK_ERROR(0x2007), /* Page mapping failed in driver. Deprecated */
SGX_ERROR_INVALID_METADATA = SGX_MK_ERROR(0x2009), /* The metadata is incorrect. */
SGX_ERROR_DEVICE_BUSY = SGX_MK_ERROR(0x200c), /* Device is busy, mostly EINIT failed. */
SGX_ERROR_INVALID_VERSION = SGX_MK_ERROR(0x200d), /* Metadata version is inconsistent between uRTS and sgx_sign or uRTS is incompatible with current platform. */
SGX_ERROR_MODE_INCOMPATIBLE = SGX_MK_ERROR(0x200e), /* The target enclave 32/64 bit mode or sim/hw mode is incompatible with the mode of current uRTS. */
SGX_ERROR_ENCLAVE_FILE_ACCESS = SGX_MK_ERROR(0x200f), /* Can't open enclave file. */
SGX_ERROR_INVALID_MISC = SGX_MK_ERROR(0x2010), /* The MiscSelct/MiscMask settings are not correct.*/
SGX_ERROR_INVALID_LAUNCH_TOKEN = SGX_MK_ERROR(0x2011), /* The launch token is not correct.*/
SGX_ERROR_MAC_MISMATCH = SGX_MK_ERROR(0x3001), /* Indicates verification error for reports, sealed datas, etc */
SGX_ERROR_INVALID_ATTRIBUTE = SGX_MK_ERROR(0x3002), /* The enclave is not authorized, e.g., requesting invalid attribute or launch key access on legacy SGX platform without FLC */
SGX_ERROR_INVALID_CPUSVN = SGX_MK_ERROR(0x3003), /* The cpu svn is beyond platform's cpu svn value */
SGX_ERROR_INVALID_ISVSVN = SGX_MK_ERROR(0x3004), /* The isv svn is greater than the enclave's isv svn */
SGX_ERROR_INVALID_KEYNAME = SGX_MK_ERROR(0x3005), /* The key name is an unsupported value */
SGX_ERROR_UNSUPPORTED_FUNCTION = SGX_MK_ERROR(0x3006), /* The functionality is not supported */
SGX_ERROR_SERVICE_UNAVAILABLE = SGX_MK_ERROR(0x4001), /* Indicates aesm didn't respond or the requested service is not supported */
SGX_ERROR_SERVICE_TIMEOUT = SGX_MK_ERROR(0x4002), /* The request to aesm timed out */
SGX_ERROR_AE_INVALID_EPIDBLOB = SGX_MK_ERROR(0x4003), /* Indicates epid blob verification error */
SGX_ERROR_SERVICE_INVALID_PRIVILEGE = SGX_MK_ERROR(0x4004), /* Enclave not authorized to run, .e.g. provisioning enclave hosted in an app without access rights to /dev/sgx_provision */
SGX_ERROR_EPID_MEMBER_REVOKED = SGX_MK_ERROR(0x4005), /* The EPID group membership is revoked. */
SGX_ERROR_UPDATE_NEEDED = SGX_MK_ERROR(0x4006), /* SGX needs to be updated */
SGX_ERROR_NETWORK_FAILURE = SGX_MK_ERROR(0x4007), /* Network connecting or proxy setting issue is encountered */
SGX_ERROR_AE_SESSION_INVALID = SGX_MK_ERROR(0x4008), /* Session is invalid or ended by server */
SGX_ERROR_BUSY = SGX_MK_ERROR(0x400a), /* The requested service is temporarily not available */
SGX_ERROR_MC_NOT_FOUND = SGX_MK_ERROR(0x400c), /* The Monotonic Counter doesn't exist or has been invalided */
SGX_ERROR_MC_NO_ACCESS_RIGHT = SGX_MK_ERROR(0x400d), /* Caller doesn't have the access right to specified VMC */
SGX_ERROR_MC_USED_UP = SGX_MK_ERROR(0x400e), /* Monotonic counters are used out */
SGX_ERROR_MC_OVER_QUOTA = SGX_MK_ERROR(0x400f), /* Monotonic counters exceeds quota limitation */
SGX_ERROR_KDF_MISMATCH = SGX_MK_ERROR(0x4011), /* Key derivation function doesn't match during key exchange */
SGX_ERROR_UNRECOGNIZED_PLATFORM = SGX_MK_ERROR(0x4012), /* EPID Provisioning failed due to platform not recognized by backend server*/
SGX_ERROR_UNSUPPORTED_CONFIG = SGX_MK_ERROR(0x4013), /* The config for trigging EPID Provisiong or PSE Provisiong<P is invalid*/
SGX_ERROR_NO_PRIVILEGE = SGX_MK_ERROR(0x5002), /* Not enough privilege to perform the operation */
/* SGX Protected Code Loader Error codes*/
SGX_ERROR_PCL_ENCRYPTED = SGX_MK_ERROR(0x6001), /* trying to encrypt an already encrypted enclave */
SGX_ERROR_PCL_NOT_ENCRYPTED = SGX_MK_ERROR(0x6002), /* trying to load a plain enclave using sgx_create_encrypted_enclave */
SGX_ERROR_PCL_MAC_MISMATCH = SGX_MK_ERROR(0x6003), /* section mac result does not match build time mac */
SGX_ERROR_PCL_SHA_MISMATCH = SGX_MK_ERROR(0x6004), /* Unsealed key MAC does not match MAC of key hardcoded in enclave binary */
SGX_ERROR_PCL_GUID_MISMATCH = SGX_MK_ERROR(0x6005), /* GUID in sealed blob does not match GUID hardcoded in enclave binary */
/* SGX errors are only used in the file API when there is no appropriate EXXX (EINVAL, EIO etc.) error code */
SGX_ERROR_FILE_BAD_STATUS = SGX_MK_ERROR(0x7001), /* The file is in bad status, run sgx_clearerr to try and fix it */
SGX_ERROR_FILE_NO_KEY_ID = SGX_MK_ERROR(0x7002), /* The Key ID field is all zeros, can't re-generate the encryption key */
SGX_ERROR_FILE_NAME_MISMATCH = SGX_MK_ERROR(0x7003), /* The current file name is different then the original file name (not allowed, substitution attack) */
SGX_ERROR_FILE_NOT_SGX_FILE = SGX_MK_ERROR(0x7004), /* The file is not an SGX file */
SGX_ERROR_FILE_CANT_OPEN_RECOVERY_FILE = SGX_MK_ERROR(0x7005), /* A recovery file can't be opened, so flush operation can't continue (only used when no EXXX is returned) */
SGX_ERROR_FILE_CANT_WRITE_RECOVERY_FILE = SGX_MK_ERROR(0x7006), /* A recovery file can't be written, so flush operation can't continue (only used when no EXXX is returned) */
SGX_ERROR_FILE_RECOVERY_NEEDED = SGX_MK_ERROR(0x7007), /* When openeing the file, recovery is needed, but the recovery process failed */
SGX_ERROR_FILE_FLUSH_FAILED = SGX_MK_ERROR(0x7008), /* fflush operation (to disk) failed (only used when no EXXX is returned) */
SGX_ERROR_FILE_CLOSE_FAILED = SGX_MK_ERROR(0x7009), /* fclose operation (to disk) failed (only used when no EXXX is returned) */
SGX_ERROR_UNSUPPORTED_ATT_KEY_ID = SGX_MK_ERROR(0x8001), /* platform quoting infrastructure does not support the key.*/
SGX_ERROR_ATT_KEY_CERTIFICATION_FAILURE = SGX_MK_ERROR(0x8002), /* Failed to generate and certify the attestation key.*/
SGX_ERROR_ATT_KEY_UNINITIALIZED = SGX_MK_ERROR(0x8003), /* The platform quoting infrastructure does not have the attestation key available to generate quote.*/
SGX_ERROR_INVALID_ATT_KEY_CERT_DATA = SGX_MK_ERROR(0x8004), /* TThe data returned by the platform library's sgx_get_quote_config() is invalid.*/
SGX_ERROR_PLATFORM_CERT_UNAVAILABLE = SGX_MK_ERROR(0x8005), /* The PCK Cert for the platform is not available.*/
SGX_ERROR_TLS_X509_INVALID_EXTENSION = SGX_MK_ERROR(0x9001), /* error of RA-TLS x509 invalid extension */
SGX_INTERNAL_ERROR_ENCLAVE_CREATE_INTERRUPTED = SGX_MK_ERROR(0xF001), /* The ioctl for enclave_create unexpectedly failed with EINTR. */
} sgx_status_t;
#endif