Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1453 Discussions

Acquire Performance Counters from within an Enclave

giovanni_m_1
Beginner
‎10-13-2016 02:03 PM
881 Views

Hello to Everybody,

 

 

I would like to get access to the CPU performance counters from within an Enclave. Initially I wanted to access directly from inside. So at the beginning I tried to execute an assembly code able to access a general register and everything seemed perfect. However, after a while I realized that the PCM registers can be accessed only on ring0 which is not the enclave case since it runs in ring3. Doh!! So now what to do? What is the most secure way?

I have no other choice than leveraging the Intel's PCM APIs outside of the enclave and pass the data into it?

Thank you in advance

 

0 Kudos

Link Copied

2 Replies
Francisco_C_Intel
Employee
‎10-14-2016 06:23 AM
881 Views

Does VTune provide what you need? On Windows, SGX PSW 1.6 has support for VTune.

If you are doing this by hand, are you in Windows or Linux? At a high level, you need to launch the enclave in DEBUG=1 mode, and then for every TCS, you need to set the debug opt-in bit to 1. If you don't do this, the performance counter registers don't work.

See

https://software.intel.com/en-us/forums/intel-software-guard-extensions-intel-sgx/topic/657458

 

0 Kudos
Copy link
giovanni_m_1
Beginner
‎10-15-2016 11:59 AM
881 Views

Well,

 

Thank you very much for the response. That was my backup solution. At the end I discovered that modifying a CPU flag into CR4 you can be able to enable the usage of RDPCM at ring3 level. In this way I can be able to enforce the ASM code from within the enclave. 

Thanks,

Regards

0 Kudos
Copy link
Reply

Community support is provided during standard business hours (Monday to Friday 7AM - 5PM PST). Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.