Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Elephant
Beginner
123 Views

Understanding the INTEL-SA-00219

Hi,

I would like to understand how the mitigation solution would be for normal malloc (non-structured) with the latest APIs to solve the  CVE-2019-0117 issue.  In the developer guide provided by Intel, it seems like the APIs only work with structures and not arbitrary-sized secret data.  If I need to align my "secret data", can I do the following:

align_req_t req[] = {
    {0, SIZE_OF_SECRET},
};

uint8_t *secret = (uint8_t *)sgx_aligned_malloc(SIZE_OF_SECRET, 1, req, 1);

// use secret here...

will this be necessary for all the mallocs I have inside my enclave code that handles confidential data?

 

Thanks a lot for your help!

- elephant

0 Kudos
0 Replies
Reply