Résolu : Is using RTM xbegin inside an SGX enclave possible ?

EgremyB · ‎07-15-2021

Hi!

When using the intrinsic _xbegin() inside an SGX enclave, it always return a status of 0x0. I suppose this is due to a value in the Model Specific Register IA32_TSX_CTRL. Specifically, RTM_DISABLE is probably set to 1.

I found this here under the section Intel® Software Guard Extensions (Intel® SGX), subsection Enumeration and new MSRs.

My CPU is an Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz. Could this explanation be possible? How could I verify it? I couldn't find the documentation for my CPU to search for this information in it.

PS: I run Windows 10, so no msr-tools I guess ...

Thanks a lot!

X99 · ‎07-15-2021

This might not be the answer you're looking for, but it might help.

TSX (transactional memory) instruction set has been disabled by Intel after the Zombieload attack (see here). My advice is:

don't use TSX as is (see below)
if you really need TSX, you might limit your deployment to a very limited set of CPUs.

But all is not lost, as modern compilers offer an alternative. Here is an example of unsynchronized piece of code:

#include <iostream>
#include <vector>
#include <thread>

int f() {
    static int i = 0;
    std::cout << i << " -> ";
    ++i;
    std::cout << i << '\n';
    return i;
}

int main() {
    std::vector<std::thread> v(10);
    for(auto& t: v)
        t = std::thread([]{ for(int n = 0; n < 10; ++n) f(); });
    for(auto& t: v)
        t.join();
}

And its equivalent, this time using sync:

#include <iostream>
#include <vector>
#include <thread>

int f() {
    static int i = 0;
    synchronized { // begin synchronized block
        std::cout << i << " -> ";
        ++i;
        std::cout << i << '\n';
        return i;
    }
}

int main() {
    std::vector<std::thread> v(10);
    for(auto& t: v)
        t = std::thread([]{ for(int n = 0; n < 10; ++n) f(); });
    for(auto& t: v)
        t.join();
}

More info on transactional memory:

Hope it helps.

Voir la solution dans l'envoi d'origine

X99 · ‎07-15-2021

This might not be the answer you're looking for, but it might help.

TSX (transactional memory) instruction set has been disabled by Intel after the Zombieload attack (see here). My advice is:

don't use TSX as is (see below)
if you really need TSX, you might limit your deployment to a very limited set of CPUs.

But all is not lost, as modern compilers offer an alternative. Here is an example of unsynchronized piece of code:

#include <iostream>
#include <vector>
#include <thread>

int f() {
    static int i = 0;
    std::cout << i << " -> ";
    ++i;
    std::cout << i << '\n';
    return i;
}

int main() {
    std::vector<std::thread> v(10);
    for(auto& t: v)
        t = std::thread([]{ for(int n = 0; n < 10; ++n) f(); });
    for(auto& t: v)
        t.join();
}

And its equivalent, this time using sync:

#include <iostream>
#include <vector>
#include <thread>

int f() {
    static int i = 0;
    synchronized { // begin synchronized block
        std::cout << i << " -> ";
        ++i;
        std::cout << i << '\n';
        return i;
    }
}

int main() {
    std::vector<std::thread> v(10);
    for(auto& t: v)
        t = std::thread([]{ for(int n = 0; n < 10; ++n) f(); });
    for(auto& t: v)
        t.join();
}

More info on transactional memory:

Hope it helps.

JesusG_Intel · ‎07-19-2021

This thread has been marked as answered and Intel will no longer monitor this thread. If you want a response from Intel in a follow-up question, please open a new thread.

Is using RTM xbegin inside an SGX enclave possible ?

How to

Visual Studio

Windows