Community
cancel
Showing results for 
Search instead for 
Did you mean: 
gu_j_1
Beginner
65 Views

Does the SGX add support to handle page faults inside the enclave?

Jump to solution

If the host system is malicious, it can easily manipulate certain memory pages to be unavailable to trigger page faults to interrupt or infer the execution state in the enclave.

Will Intel add support to handle page faults inside the enclave in later SGX? If so, what is the expected time? If not, what are the considerations?

Thanks in advance!

0 Kudos

Accepted Solutions
65 Views

Paging support is supposed to come in the next version of SDK

View solution in original post

2 Replies
yunfeng7854
New Contributor I
65 Views

Hi, I think I am having a similar question. As I can see from the documents, the processor will report a page fault exception to EXINFO and EXITINFO if SECS.MISCSELECT[0] != 0. So maybe the enclave can catch and handle page fault.

Then I tried to set in the enclave configure file to "<MiscSelect>1</MiscSelect>". In this case the enclave cannot be loaded with an error code 0x2010. I also see from the documents that:

(1) MiscSelect and MiscMask are for future functional extension. Currently, MiscSelect must be 0. Otherwise the corresponding enclave may not be loaded successfully.  --- SGX SDK Developer Reference for linux os, page 57

(2) If CPUID.(EAX=12H, ECX=0):EBX[31:0] = 0, MISCSELECT must be 0.
If CPUID.(EAX=12H, ECX=0):EBX[31:0] !=0, enclave writers must specify MISCSELECT such that each cleared bit in MISCMASK must also specify the corresponding bit as 0 in MISCSELECT. --- Intel Software Guard Extensions Programming Reference, page 30

And it seems that with query to my processor, the CPUID.(EAX=12H, ECX=0):EBX[31:0] = 0. Maybe that means my processor currently doesn't support this feature?

I am not sure.. and I am wondering: is this a hardware or software restriction? Will SGX v2 be a software or hardware upgrade?

Thanks a lot

66 Views

Paging support is supposed to come in the next version of SDK

View solution in original post