Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1403 Discussions

Intel SGX custom exception handler

Sangho_L_
Beginner
‎03-14-2016 04:31 PM
1,077 Views
Solved Jump to solution

Hello, I tried to use a custom exception handler inside an enclave with real hardware, but it wasn't called. #include "sgx_trts_exception.h" int ex_handler(sgx_exception_info_t *info) { printf("vec: %d, type: %d, eip: %u\n", info->exception_vector, info->exception_type, info->cpu_context.eip); return 1; } ... void init() { ... void *handler = sgx_register_exception_handler(0 /* and 1 */, &ex_handler); printf("handler: %u\n", handler); ... // divide by zero } sgx_register_exception_handler returned a non-zero value, but when the enclave executed a DIV0 instruction, it was just killed without calling the custom exception handler. Are there any other procedures to register a custom exception handler?

0 Kudos
1 Solution
Juan_d_Intel
Employee
‎03-30-2016 11:29 AM
1,077 Views
Solved Jump to solution

The exception handler has one parameter, a pointer to sgx_exception_info_t.

The sgx_cpu_context_t part of this parameter is loaded with the CPU registers from the SSA frame.

After the exception handler returns and only if it returns EXCEPTION_CONTINUE_EXECUTION, which indicates the exception has been handled, the updated CPU context values will be stored back into the SSA frame.

 

View solution in original post

0 Kudos
Copy link

Link Copied

3 Replies
Derek_B_Intel
Employee
‎03-15-2016 08:54 AM
1,077 Views
Solved Jump to solution

Several notes:
1. OCalls are not allowed in exception handlers.  The "printf" function is assumed to be supported as an OCall since I/O instructions are not supported within an enclave.

2. For the exception handler itself, "ex_handler", the return value should be:
      #define EXCEPTION_CONTINUE_SEARCH       0
      #define EXCEPTION_CONTINUE_EXECUTION    -1

0 Kudos
Copy link
Sangho_L_
Beginner
‎03-16-2016 11:54 AM
1,077 Views
Solved Jump to solution
Thanks for your answer. Now I want to advance RIP to ignore the faulting instruction, but I can't find a way to access TCS or SSA to change the stored RIP. Could you let me know how can I access such data structures?
0 Kudos
Copy link
Juan_d_Intel
Employee
‎03-30-2016 11:29 AM
1,078 Views
Solved Jump to solution

The exception handler has one parameter, a pointer to sgx_exception_info_t.

The sgx_cpu_context_t part of this parameter is loaded with the CPU registers from the SSA frame.

After the exception handler returns and only if it returns EXCEPTION_CONTINUE_EXECUTION, which indicates the exception has been handled, the updated CPU context values will be stored back into the SSA frame.

 

0 Kudos
Copy link
Reply

Community support is provided during standard business hours (Monday to Friday 7AM - 5PM PST). Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.