https://community.intel.com/t5/Intel-Software-Guard-Extensions/Memory-Encryption-in-debug-enclaves/m-p/1118410#M1474 <P>The Linux SDK manual says (in documenting the function <SPAN style="font-size:12pt;font-family:&quot;font000000001da691ef&quot;;color:rgb(51,51,51)">sgx_create_enclave ):</SPAN><BR /> """</P> <DIV class="m_-6602495546985626557gmail-page" title="Page 93"> <DIV class="m_-6602495546985626557gmail-section" style="background-color:rgb(255,255,255)"> <DIV class="m_-6602495546985626557gmail-layoutArea"> <DIV class="m_-6602495546985626557gmail-column"> <P><I><SPAN style="font-size:12pt;font-family:&quot;font000000001da691ef&quot;;color:rgb(51,51,51)">debug [in] </SPAN></I></P> <P><I><SPAN style="font-size:12pt;font-family:&quot;font000000001da691ef&quot;">The valid value is 0 or 1. </SPAN></I></P> <P><I><SPAN style="font-size:12pt;font-family:&quot;font000000001da691ef&quot;">0 indicates to create the enclave in non-debug mode. An enclave created in non-debug mode cannot be debugged. </SPAN></I></P> <P><I><SPAN style="font-size:12pt;font-family:&quot;font000000001da691ef&quot;">1 indicates to create the enclave in debug mode. <B>The code/data memory inside an enclave created in debug mode is accessible by the debugger or other software outside of the enclave</B> and thus is </SPAN><SPAN style="font-size:12pt;font-family:&quot;font000000001da691ef&quot;;color:rgb(51,51,51)">not </SPAN><SPAN style="font-size:12pt;font-family:&quot;font000000001da691ef&quot;">under the same memory access protections as an enclave created in non-debug mode. </SPAN></I></P> </DIV> </DIV> </DIV> </DIV> <P>"""<BR /> <BR /> Does that mean that debug enclaves do not make use of the MEE (memory encryption engine)?<BR /> I noticed that if I try to access Enclave memory form the un-trusted code I get abort-page behavior, i.e., I get 0xFFFFFFFF. I assume that means the memory is inside the EPC (Enclave page cache). Is that correct?</P> <P>Is the entire EPC encrypted, or just non-debug enclaves?</P> <P>Ofir</P> Tue, 18 Oct 2016 14:23:16 GMT Ofir_W_ 2016-10-18T14:23:16Z https://community.intel.com/t5/Intel-Software-Guard-Extensions/Memory-Encryption-in-debug-enclaves/m-p/1118410#M1474 <P>The Linux SDK manual says (in documenting the function <SPAN style="font-size:12pt;font-family:&quot;font000000001da691ef&quot;;color:rgb(51,51,51)">sgx_create_enclave ):</SPAN><BR /> """</P> <DIV class="m_-6602495546985626557gmail-page" title="Page 93"> <DIV class="m_-6602495546985626557gmail-section" style="background-color:rgb(255,255,255)"> <DIV class="m_-6602495546985626557gmail-layoutArea"> <DIV class="m_-6602495546985626557gmail-column"> <P><I><SPAN style="font-size:12pt;font-family:&quot;font000000001da691ef&quot;;color:rgb(51,51,51)">debug [in] </SPAN></I></P> <P><I><SPAN style="font-size:12pt;font-family:&quot;font000000001da691ef&quot;">The valid value is 0 or 1. </SPAN></I></P> <P><I><SPAN style="font-size:12pt;font-family:&quot;font000000001da691ef&quot;">0 indicates to create the enclave in non-debug mode. An enclave created in non-debug mode cannot be debugged. </SPAN></I></P> <P><I><SPAN style="font-size:12pt;font-family:&quot;font000000001da691ef&quot;">1 indicates to create the enclave in debug mode. <B>The code/data memory inside an enclave created in debug mode is accessible by the debugger or other software outside of the enclave</B> and thus is </SPAN><SPAN style="font-size:12pt;font-family:&quot;font000000001da691ef&quot;;color:rgb(51,51,51)">not </SPAN><SPAN style="font-size:12pt;font-family:&quot;font000000001da691ef&quot;">under the same memory access protections as an enclave created in non-debug mode. </SPAN></I></P> </DIV> </DIV> </DIV> </DIV> <P>"""<BR /> <BR /> Does that mean that debug enclaves do not make use of the MEE (memory encryption engine)?<BR /> I noticed that if I try to access Enclave memory form the un-trusted code I get abort-page behavior, i.e., I get 0xFFFFFFFF. I assume that means the memory is inside the EPC (Enclave page cache). Is that correct?</P> <P>Is the entire EPC encrypted, or just non-debug enclaves?</P> <P>Ofir</P> Tue, 18 Oct 2016 14:23:16 GMT https://community.intel.com/t5/Intel-Software-Guard-Extensions/Memory-Encryption-in-debug-enclaves/m-p/1118410#M1474 Ofir_W_ 2016-10-18T14:23:16Z https://community.intel.com/t5/Intel-Software-Guard-Extensions/Memory-Encryption-in-debug-enclaves/m-p/1118411#M1475 <P style="margin-bottom: 0px; border: 0px; font-size: 14px; font-family: &quot;Helvetica Neue&quot;, Helvetica, Arial, &quot;Lucida Grande&quot;, sans-serif; vertical-align: baseline; color: rgb(0, 0, 0);">Hi,</P> <P style="margin-bottom: 0px; border: 0px; font-size: 14px; font-family: &quot;Helvetica Neue&quot;, Helvetica, Arial, &quot;Lucida Grande&quot;, sans-serif; vertical-align: baseline; color: rgb(0, 0, 0);">There is only one key in the MEE and it is used for all memory locations whether it is used for a debug or production enclave.</P> <P style="margin-bottom: 0px; border: 0px; font-size: 14px; font-family: &quot;Helvetica Neue&quot;, Helvetica, Arial, &quot;Lucida Grande&quot;, sans-serif; vertical-align: baseline; color: rgb(0, 0, 0);">This is because the MEE does not as a first level defence prevent access to memory from SW. There are other changes to the hardware that make access control checks when a memory access occurs. It is these access control checks which are disabled when the debug bit is set and the EDBGRD/EDBGWR instructions are used.</P> <P style="margin-bottom: 0px; border: 0px; font-size: 14px; font-family: &quot;Helvetica Neue&quot;, Helvetica, Arial, &quot;Lucida Grande&quot;, sans-serif; vertical-align: baseline; color: rgb(0, 0, 0);">-Surenthar</P> Thu, 20 Oct 2016 05:58:31 GMT https://community.intel.com/t5/Intel-Software-Guard-Extensions/Memory-Encryption-in-debug-enclaves/m-p/1118411#M1475 Surenthar_S_Intel 2016-10-20T05:58:31Z