Intel® Software Guard Extensions (Intel® SGX)
Use hardware-based isolation and memory encryption to provide more code protection in your solutions.

Is using RTM xbegin inside an SGX enclave possible ?

EgremyB
Novice
503 Views

Hi!

When using the intrinsic _xbegin()  inside an SGX enclave, it always return a status of 0x0. I suppose this is due to a value in the Model Specific Register IA32_TSX_CTRL. Specifically, RTM_DISABLE is probably set to 1.

I found this here under the section Intel® Software Guard Extensions (Intel® SGX), subsection Enumeration and new MSRs.

My CPU is an Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz. Could this explanation be possible? How could I verify it? I couldn't find the documentation for my CPU to search for this information in it.

 

PS: I run Windows 10, so no msr-tools I guess ...

 

Thanks a lot!

Labels (3)
0 Kudos
1 Solution
X99
New Contributor I
494 Views

This might not be the answer you're looking for, but it might help.

TSX (transactional memory) instruction set has been disabled by Intel after the Zombieload attack (see here). My advice is:

  • don't use TSX as is (see below)
  • if you really need TSX, you might limit your deployment to a very limited set of CPUs.

But all is not lost, as modern compilers offer an alternative. Here is an example of unsynchronized piece of code:

#include <iostream>
#include <vector>
#include <thread>

int f() {
    static int i = 0;
    std::cout << i << " -> ";
    ++i;
    std::cout << i << '\n';
    return i;
}

int main() {
    std::vector<std::thread> v(10);
    for(auto& t: v)
        t = std::thread([]{ for(int n = 0; n < 10; ++n) f(); });
    for(auto& t: v)
        t.join();
}

 

And its equivalent, this time using sync:

#include <iostream>
#include <vector>
#include <thread>

int f() {
    static int i = 0;
    synchronized { // begin synchronized block
        std::cout << i << " -> ";
        ++i;
        std::cout << i << '\n';
        return i;
    }
}

int main() {
    std::vector<std::thread> v(10);
    for(auto& t: v)
        t = std::thread([]{ for(int n = 0; n < 10; ++n) f(); });
    for(auto& t: v)
        t.join();
}

 

More info on transactional memory:

 

Hope it helps.

View solution in original post

2 Replies
X99
New Contributor I
495 Views

This might not be the answer you're looking for, but it might help.

TSX (transactional memory) instruction set has been disabled by Intel after the Zombieload attack (see here). My advice is:

  • don't use TSX as is (see below)
  • if you really need TSX, you might limit your deployment to a very limited set of CPUs.

But all is not lost, as modern compilers offer an alternative. Here is an example of unsynchronized piece of code:

#include <iostream>
#include <vector>
#include <thread>

int f() {
    static int i = 0;
    std::cout << i << " -> ";
    ++i;
    std::cout << i << '\n';
    return i;
}

int main() {
    std::vector<std::thread> v(10);
    for(auto& t: v)
        t = std::thread([]{ for(int n = 0; n < 10; ++n) f(); });
    for(auto& t: v)
        t.join();
}

 

And its equivalent, this time using sync:

#include <iostream>
#include <vector>
#include <thread>

int f() {
    static int i = 0;
    synchronized { // begin synchronized block
        std::cout << i << " -> ";
        ++i;
        std::cout << i << '\n';
        return i;
    }
}

int main() {
    std::vector<std::thread> v(10);
    for(auto& t: v)
        t = std::thread([]{ for(int n = 0; n < 10; ++n) f(); });
    for(auto& t: v)
        t.join();
}

 

More info on transactional memory:

 

Hope it helps.

JesusG_Intel
Moderator
457 Views

This thread has been marked as answered and Intel will no longer monitor this thread. If you want a response from Intel in a follow-up question, please open a new thread.


Reply