Intel® Software Guard Extensions (Intel® SGX)
Use hardware-based isolation and memory encryption to provide more code protection in your solutions.

DBGOPTIN

dmitry_e_1
Beginner
368 Views

DBGOPTIN bit of TCS.FLAGS must be set in order to allow various debug interface. Intel's Software developer's Manual says:

DBGOPTIN if set, allows debugging features (single-stepping, breakpoints, etc.) to be enabled and active while
executing in the enclave on this TCS. Hardware clears this bit on EADD. A debugger may later

modify it if the enclave’s ATTRIBUTES.DEBUG is set.

How is it possible to set the bit back (with Linux SDK) once an enclave is initialized and filled with pages?

0 Kudos
1 Solution
Francisco_C_Intel
368 Views

>Do you know if the gdp plugin supports changing the DBGOPTIN bit?

Without looking at the code, I would guess that ECLIPSE plugin leverages the GDB plugin. The ECLIPSE portion of the plugin is probably used to setup breakpoints and such, but the actual debugger is GDB, using the GDB plugin https://github.com/01org/linux-sgx/tree/master/sdk/debugger_interface/linux

For your other two questions, Section 5.3 of Intel(R) SGX Programming Reference describes in greater detail how to execute the instruction. Note that it is a 'system' leaf, so you'll need a driver to actually execute the instruction. If you follow the call flow in https://github.com/01org/linux-sgx/blob/master/psw/urts/enclave.cpp it looks like a writing to the memory uses standard file io ( https://github.com/01org/linux-sgx/blob/master/common/src/se_memory.c ), but in reality the 'write' call ends up in the driver:

https://github.com/01org/linux-sgx-driver/search?utf8=%E2%9C%93&q=edbgwr

 

 

View solution in original post

3 Replies
Francisco_C_Intel
368 Views

You can write to the enclave using the EDBGWR instruction. You'll need to modify the FLAGS.DBGOPTIN bit in every TCS you have created.

You can start by looking at

bool CEnclave::update_debug_flag(uint8_t debug_flag)
in
https://github.com/01org/linux-sgx/blob/master/psw/urts/enclave.cpp

and trace call flows to see how/when it is currently done. I am not as familiar with the Linux version of the code, but I think the ECLIPSE plugin will work with the runtime to make sure these debug flags/bits are updated appropriately.

 

dmitry_e_1
Beginner
368 Views

Thank you for your response. Do you know if the gdp plugin supports changing the DBGOPTIN bit?

You mentioned that I can simply use the EDBGWR instruction. Can the App.cpp (the untrusted partition) execute this instruction or it must be an external debugger?

Is it somehow possible for the enclave to manipulate this bit from the inside of the enclave?

 

Francisco_C_Intel
369 Views

>Do you know if the gdp plugin supports changing the DBGOPTIN bit?

Without looking at the code, I would guess that ECLIPSE plugin leverages the GDB plugin. The ECLIPSE portion of the plugin is probably used to setup breakpoints and such, but the actual debugger is GDB, using the GDB plugin https://github.com/01org/linux-sgx/tree/master/sdk/debugger_interface/linux

For your other two questions, Section 5.3 of Intel(R) SGX Programming Reference describes in greater detail how to execute the instruction. Note that it is a 'system' leaf, so you'll need a driver to actually execute the instruction. If you follow the call flow in https://github.com/01org/linux-sgx/blob/master/psw/urts/enclave.cpp it looks like a writing to the memory uses standard file io ( https://github.com/01org/linux-sgx/blob/master/common/src/se_memory.c ), but in reality the 'write' call ends up in the driver:

https://github.com/01org/linux-sgx-driver/search?utf8=%E2%9C%93&q=edbgwr

 

 

Reply