- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I have a question about enforcing execute-only memory inside SGX enclaves. What I am trying to do is to mark an enclave page as executable and non-readable. The XnR memory has been used by Readactor (link) to protect against return-oriented programming attacks.
As far as I know Intel provides the Extended Page Tables (EPTs) to translate guest physical memory to real physical memory, and it enables execute-only code pages in the guest address space. As both the guest operating system and the VMM are untrusted, I am curious about whether it's possible inside SGX enclaves.
Thanks
Link Copied
0 Replies

Reply
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page