Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1528 Discussions

Is possible to run an analysis tool, like pintool, in SGX enclave?

rlyown
Beginner
‎08-31-2023 07:26 AM
1,161 Views

Hi, 

My goal is to inject some extensions into the enclave application during initialization to transparently execute the runtime analysis strategy, like libos dose.

I recently searched for analysis tools for enclave programs, but most tools have their own simulators, like triton and angr. Then I found this document (332680-001-720907.pdf ), which mentioned that the side channel detection tool uses Intel Pin. But it also emphasizes that it is only SGX simulation mode.

Is there a way to run an analysis tool such as pintool in an SGX enclave? Maybe using libos is a good way to let Intel Pin run on libos, but it seems too heavy.

 

 

0 Kudos

Link Copied

3 Replies
Wan_Intel
Moderator
‎09-03-2023 09:51 PM
1,099 Views

Hi Rlyown,

Thanks for reaching out to us.

Let me check with relevant team and I'll update here at the earliest.



Regards,

Wan


0 Kudos
Copy link
Wan_Intel
Moderator
‎09-17-2023 11:17 PM
986 Views

Hello Rlyown,

We've received feedback from relevant team.


Running Intel® Pintool would have to be done, but in either SDK simulation mode or inside an Enclave within a Library OS (Gramine), even though, as you pointed out is very heavy. There is not really another way that we know of.


Sorry for the inconvenience and thank you for your support.



Regards,

Wan


0 Kudos
Copy link
Wan_Intel
Moderator
‎09-27-2023 07:15 PM
902 Views

Hi Rlyown,

Thanks for your question.

If you need additional information from Intel, please submit a new question as this thread will no longer be monitored.



Regards,

Wan


0 Kudos
Copy link
Reply

Community support is provided Monday to Friday. Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.