Dice Question Streamline Icon: https://streamlinehq.com

Exact SPTM SVC routing between GL0 and GL2

Determine the exact request-routing and handling mechanisms used by the Secure Page Table Monitor (SPTM) to process SVC exceptions originating from Guarded Level 0 (GL0) components, including how these calls are conditionally trapped to Guarded Level 2 (GL2) via HCR_EL2.TGE, and clarify how GL0 components reach Secure Kernel at Guarded Level 1 (GL1) while the Trusted Execution Monitor (TXM) concurrently issues SVCs to SPTM at GL2.

Information Square Streamline Icon: https://streamlinehq.com

Background

The paper explains that GL0 components normally raise SVCs that would route to GL1, but the HCR_EL2.TGE bit can reroute exceptions to EL2, and by extension to GL2 where SPTM resides. However, GL0 components also directly call into Secure Kernel at GL1, while TXM in GL0 issues SVCs to SPTM at GL2. The interplay between these paths remains unclear.

Understanding this routing is important to clarify how the system enforces isolation while still allowing required cross-level calls under SPTM’s supervision.

References

The exact inner working of the request handling logic is still unknown, considering we will show in \cref{secureKernel} that GL0 components actually directly call into Secure Kernel in GL1. The exact handling mechanisms for allowing GL0 components to call into Secure Kernel at GL1 via SVCs and TXM calling into SPTM at GL2 via SVCs at the same time have yet to be discovered.

Modern iOS Security Features -- A Deep Dive into SPTM, TXM, and Exclaves (2510.09272 - Steffin et al., 10 Oct 2025) in Section SVC/HVC Handling, subsubsection “GL0 SVC Rerouting to SPTM”