Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1490 Discussions

Does PRERELEASE compilation mode enforce memory isolation of the enclaves on Linux?

Ket
Novice
946 Views

Dear all,

 

I'm working on a proof of concept to demonstrate that SGX enclaves protect the content of the memory, by scanning the allocated memory of a process that hosts an enclave.

 

From the untrusted part, when scanning some values that are only located in the enclave (transferred using TLS, not hardcoded in the enclave binary), I found them in a memory range allocated in the process and indicated to be part of the mapped pages of /dev/isgx when checking /proc/<pid>/maps, which surprises me because I thought PRERELEASE mode offered the same security guarantees than RELEASE in terms of isolation.

 

My enclave is compiled using the following flags:

  • SGX_MODE ?= HW
  • SGX_PRERELEASE ?= 1
  • SGX_DEBUG ?= 0

The XML config file looks like this:

<!-- Please refer to User's Guide for the explanation of each field -->
<EnclaveConfiguration>
<ProdID>0</ProdID>
<ISVSVN>0</ISVSVN>
<StackMaxSize>0x100000</StackMaxSize>
<HeapMaxSize>0x2000000</HeapMaxSize>
<ReservedMemMaxSize>0x1000000</ReservedMemMaxSize>
<ReservedMemExecutable>1</ReservedMemExecutable>
<TCSNum>10</TCSNum>
<TCSPolicy>1</TCSPolicy>
<DisableDebug>0</DisableDebug>
<MiscSelect>0</MiscSelect>
<MiscMask>0xFFFFFFFF</MiscMask>
</EnclaveConfiguration>
 
Note that according to this article, that seems OK to have DisableDebug set to zero. I'm wondering if this flag may leak the values stored in an enclave. It is worth noting that switching this flag to 1 throws the same error described in the article, preventing further testing in that direction.
 
My question is: when the enclave is compiled in PRERELEASE mode with the aforementioned settings, is the memory isolation enforced by SGX on Linux? If not so, is it possible to tweak some parameters to enforce it, without having a commercial license?
 
Many thanks for your time!
Cheers
 
EDIT (2022-06-03): I have found an article regarding SCONE (aka Scontains) that describes a similar use case as mine (dumping secrets from a memory scanner). It seems it is normal to be able to dump secrets when compiled in PRERELEASE (see Hardware Mode in the article). I still would like an official confirmation from Intel about it though.
0 Kudos
1 Solution
Sahira_Intel
Moderator
823 Views

Hi Ket,

In an enclave launched in release mode, which disables the access to the enclave's memory (by untrusted apps, debugger, etc) at a hardware level. Pre-Release mode does not have this functionality.

Hope this helps

 

Sincerely,

Sahira 

 

 

View solution in original post

0 Kudos
3 Replies
Sahira_Intel
Moderator
883 Views

Hi Ket,

Yes, DisableDebug flag must remain 0 if you are running in pre-release mode. Also make sure the other flags are set correctly to run in pre-release mode (sgx_prerelease =1, sgx_debug=0, sgx_mode=hw)

In pre-release mode, the data is not necessarily protected by the hw. For full memory protection, you would need to have the enclave signed by intel.


Hope this is helpful.

Sincerely,

Sahira

 

 



0 Kudos
Ket
Novice
832 Views

Dear Sahira,

 

Many thanks for your response! This explains why we observe such results. May you please share more information regarding how data is protected in PRERELEASE mode and the difference between PRERELEASE and RELEASE in terms of memory isolation (provided we use an up-to-date Linux distribution as an OS)?

 

Many thanks!

 

Cheers

0 Kudos
Sahira_Intel
Moderator
824 Views

Hi Ket,

In an enclave launched in release mode, which disables the access to the enclave's memory (by untrusted apps, debugger, etc) at a hardware level. Pre-Release mode does not have this functionality.

Hope this helps

 

Sincerely,

Sahira 

 

 

0 Kudos
Reply