Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1464 Discussions

Is possible to run an analysis tool, like pintool, in SGX enclave?

rlyown
Beginner
811 Views

Hi, 

My goal is to inject some extensions into the enclave application during initialization to transparently execute the runtime analysis strategy, like libos dose.

I recently searched for analysis tools for enclave programs, but most tools have their own simulators, like triton and angr. Then I found this document (332680-001-720907.pdf ), which mentioned that the side channel detection tool uses Intel Pin. But it also emphasizes that it is only SGX simulation mode.

Is there a way to run an analysis tool such as pintool in an SGX enclave? Maybe using libos is a good way to let Intel Pin run on libos, but it seems too heavy.

 

 

0 Kudos
3 Replies
Wan_Intel
Moderator
749 Views

Hi Rlyown,

Thanks for reaching out to us.

Let me check with relevant team and I'll update here at the earliest.



Regards,

Wan


0 Kudos
Wan_Intel
Moderator
636 Views

Hello Rlyown,

We've received feedback from relevant team.


Running Intel® Pintool would have to be done, but in either SDK simulation mode or inside an Enclave within a Library OS (Gramine), even though, as you pointed out is very heavy. There is not really another way that we know of.


Sorry for the inconvenience and thank you for your support.



Regards,

Wan


0 Kudos
Wan_Intel
Moderator
552 Views

Hi Rlyown,

Thanks for your question.

If you need additional information from Intel, please submit a new question as this thread will no longer be monitored.



Regards,

Wan


0 Kudos
Reply