Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1452 Discussions

Catch Segmentation Fault Error in an Enclave

Irene__GP
Beginner
‎07-01-2017 01:48 PM
801 Views

Dear all,

I am working on a project which would include some "inline assembly" code in the enclave. While in general this should work fine, one issue is that the relocation information of the assembly code is missing. In other words, there could probably exist a lot of segmentation fault issue in the enclave, something like:    

...
call 0x8080460  <--- this address (0x8080460) is incorrect, its new destination in the enclave should be 0x4040404
...

 

To handle such issue, currently what I am thinking is to intercept all the segmentation fault (SIGSEGV) within the enclave, and re-direct the execution flow to its new destination during the runtime. This seems generally sound to me.

I knew that SGX provides an exception handling routine (sgx_register_exception_handler); however, according to this post, it seems that SGX exception handler simply cannot catch SIGSEGV exception.. I am unable to play with a SGX hardware so at this moment I assume this is true.

So here is my question:

    1. Can I catch this SIGSEGV exception within the sgx_register_exception_handler?

    2. If not, what is the recommended way, the best practice to capture SIGSEGV exception in an enclave for my problem?

Thank you, any advice or suggestion would be strongly appreciated!

   

0 Kudos

Link Copied

2 Replies
Irene__GP
Beginner
‎07-01-2017 01:51 PM
801 Views

One more question, is it possible to catch the SIGSEGV within the secure world (within SGX Enclave or some trusted computing base)? Or I have to catch it in the OS-level, which is not assumed as "trusted" in the SGX model...

0 Kudos
Copy link
Anusha_K_Intel
Employee
‎07-03-2017 06:08 AM
801 Views

Hi,

Please refer to this query:

https://software.intel.com/en-us/forums/intel-software-guard-extensions-intel-sgx/topic/734597

0 Kudos
Copy link
Reply

Community support is provided during standard business hours (Monday to Friday 7AM - 5PM PST). Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.