Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1452 Discussions

Cheat Engine modify enclave field's value, how can it possible?

sang__oh
Beginner
‎01-22-2019 10:57 PM
1,024 Views
Solved Jump to solution

i'm just finish coding this, (https://software.intel.com/en-us/forums/intel-software-guard-extensions-intel-sgx/topic/802697) 

it just add 1 on enclave field.

 

i'm running Visual Studio 2017 by admin permission, debug with SGX Debugger both app, Enclave.

here is my project.zip,with visual studio 2017    https://drive.google.com/open?id=13trTAamhNWaz2Q2BRDtUFP5qCX8Syyuc

and code.

app.cpp

int main() {
	int a = 1;

	sgx_enclave_id_t eid;
	sgx_status_t ret = SGX_SUCCESS;
	sgx_launch_token_t token = { 0 };
	int updated = 0;
	
	ret = sgx_create_enclave(ENCLAVE_FILE, SGX_DEBUG_FLAG, &token, &updated, &eid, NULL);
	if (ret != SGX_SUCCESS)
	{
		printf("APP error%#x, failed to create enclave. \n", ret);
		return -1;
	}
	
	int *ptr = &a;
	printf("%d\n",*ptr);

	while (1) {
		foo(eid, ptr);
		printf("%d\n", *ptr);		
		Sleep(500);
	}

	if (SGX_SUCCESS != sgx_destroy_enclave(eid))
		return -1;
}

 

Enclave1.edl

enclave {
    from "sgx_tstdc.edl" import *;

    trusted {
        /* define ECALLs here. */
		public void foo([in, out]int *ptr);
    };

    untrusted {
        /* define OCALLs here. */

    };
};

 

Enclave1.cpp

int a = 1;

void foo(int *ptr)
{	
	*ptr += a++;	
}

 

when i running this code, the result is printing correctly what i expected. (1, 2, 4, 7, ....)

and i want know really i have no access permission on enclave field. so turn on Cheat Engine(such as memory Explorer) and scan Enclave1.cpp 's value (int a). but unlike expected, i can modify this value very easy! on SGX explantation, user cannot modify on Enclave fileds.

Why it possible change Enclave1.cpp 's value?

Using Cheat Engine image.

(image = https://drive.google.com/file/d/195BjO4epYPC_-YCkhM48Og6QUX0ytgVu/view?usp=sharing)

in this picture, 23 is Enclave1.cpp 's 'int a' value

 

 

0 Kudos
1 Solution
Francisco_C_Intel
Employee
‎01-23-2019 07:26 AM
1,024 Views
Solved Jump to solution

When you create the enclave,

    sgx_create_enclave(ENCLAVE_FILE, SGX_DEBUG_FLAG,...

 

The flag SGX_DEBUG_FLAG indicates whether or not the enclave can be inspected/debugged/modified.

The enclave you are creating is likely one that is allowed to be debugged.

 

View solution in original post

0 Kudos
Copy link

Link Copied

5 Replies
Francisco_C_Intel
Employee
‎01-23-2019 07:26 AM
1,025 Views
Solved Jump to solution

When you create the enclave,

    sgx_create_enclave(ENCLAVE_FILE, SGX_DEBUG_FLAG,...

 

The flag SGX_DEBUG_FLAG indicates whether or not the enclave can be inspected/debugged/modified.

The enclave you are creating is likely one that is allowed to be debugged.

 

0 Kudos
Copy link
sang__oh
Beginner
‎01-24-2019 03:22 AM
1,024 Views
Solved Jump to solution

thanks to your regards Francisco C.

I found that https://software.intel.com/en-us/sgx-sdk-dev-reference-sgx-create-enclave - sgx_create_enclave() - SGX_DEBUG_FLAG

 

as far from topic, i'm interested of SGX's memory limit.

in this topic(https://software.intel.com/en-us/forums/intel-software-guard-extensions-intel-sgx/topic/670322) 6th's processor has 90MB EPC Memory.

 

but EPC memory, listen for the first time to me.

anyway i'm using i7-8700k so i want know my cpu's EPC memory limit.

i7-8700k specifications (https://ark.intel.com/products/126684/Intel-Core-i7-8700K-Processor-12M-Cache-up-to-4-70-GHz-)

but, i can't find about EPC even official specification site! what is EPC? and how can i find my cpu's EPC limit?

 

thanks,

0 Kudos
Copy link
Scott_R_Intel
Employee
‎01-24-2019 04:19 AM
1,024 Views
Solved Jump to solution

Hello Oh.

Everything in that thread you posted still applies to all currently shipping Intel processors with SGX.  They all support a maximum of 128MB physical EPC.  After subtracting overhead memory required for running SGX, it leaves approximately 90MB of actual usable EPC for enclaves.  As mentioned, if you use paging in Linux, you can expand that, but there is a performance penalty, of course.

Regards.

Scott

0 Kudos
Copy link
sang__oh
Beginner
‎01-24-2019 06:15 PM
1,024 Views
Solved Jump to solution

thanks for your help, but i have one more question.

my SGX SDK version is 2.2.100.48339, and SGX v2 support Dynamic Memory Allocation inside an enclave.

(http://caslab.csl.yale.edu/workshops/hasp2016/HASP16-17.pdf)

my sgx sdk version is up 2.x , but there is error when i modify Enclave.config.xml - HeapMaxSzie up to 128mb.

i think my mainboard not support SGX v2. so i'm looking for which devices supporting SGX v2, but i can't find any results during googling 1 hour....

 

my mainboard is ASRock  Z370 Pro4, cpu i7-8700k.  

please linking where can i find SGX v2 supporting motherboard.

 

thanks :)

0 Kudos
Copy link
Scott_R_Intel
Employee
‎01-25-2019 04:23 AM
1,024 Views
Solved Jump to solution

Hello.

The SDK version and the SGX technology versions do not directly correlate.  Your processor only supports the SGX 1.0 feature set.  The only currently shipping processors that support EDMM are based on the Gemini Lake SOC such as the Intel® Celeron® J4005 Processor as found in the NUC models NUC7CJYH and NUC7PJYH.

Regards.

Scott

 

0 Kudos
Copy link
Reply

Community support is provided during standard business hours (Monday to Friday 7AM - 5PM PST). Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.