Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1543 討論

Where is saved register information in untrusted

Shohei_K_
初學者
‎07-26-2017 10:29 PM
1,605 檢視
已解答 跳至解答

Hi,I'm Shohei.I'm studying intel SGX in Japan.

I tried to get untrusted-stack information from enclave, but I couldn't do it.

When EENTER is called, where is saved register information in untrusted world. Is saved in Enclave?

Thank you

Shohei

0 積分
1 解決方案
yunfeng7854
新貢獻者 I
‎07-28-2017 04:02 PM
1,605 檢視
已解答 跳至解答

The enclaves and the outside have different stacks. On EENTER, the outside stack pointer RSP, RBP are saved in the state save area (SSA) frame of the current thread's TCS, for later restore on AEX. It is saved in the GPRSGX region of SSA frame. Here is the reference manual: https://software.intel.com/sites/default/files/managed/48/88/329298-002.pdf Sec. 2.9.1, Table 2-8.

Wenhao

在原始文章中檢視解決方案

0 積分
複製連結

連結已複製

4 回應
yunfeng7854
新貢獻者 I
‎07-28-2017 04:02 PM
1,606 檢視
已解答 跳至解答

The enclaves and the outside have different stacks. On EENTER, the outside stack pointer RSP, RBP are saved in the state save area (SSA) frame of the current thread's TCS, for later restore on AEX. It is saved in the GPRSGX region of SSA frame. Here is the reference manual: https://software.intel.com/sites/default/files/managed/48/88/329298-002.pdf Sec. 2.9.1, Table 2-8.

Wenhao

0 積分
複製連結
Shohei_K_
初學者
‎07-28-2017 07:28 PM
1,605 檢視
已解答 跳至解答

Thank you for your answer. That information is good for me.

But I have another question. When I tried, I call GPRSGX region of SSA frame from enclave.Here is that code.

  _thread_data_t *thread_data;
  thread_data = get_thread_data();

  ssa_gpr_t *ssa_gpr = reinterpret_cast<ssa_gpr_t *>(thread_data->first_ssa_gpr);
  unsigned long addbp = ssa_gpr->REG(bp_u);

But addbp points enclave's stack ebp not uEBP. Where do you think there were mistakes?

Thank you

Shohei

0 積分
複製連結
yunfeng7854
新貢獻者 I
‎07-29-2017 07:19 AM
1,605 檢視
已解答 跳至解答

I tried your code and I believe it returned an address outside the enclave. Could you try again?

I am using Intel SDK version 1.8, with gcc version 5.4.0 on a Ubuntu 16.04 system.

Wenhao

0 積分
複製連結
Shohei_K_
初學者
‎07-29-2017 05:29 PM
1,605 檢視
已解答 跳至解答

Thanks

That address is outside Enclave stack address? My code returns enclave stack ebp.

I tried this code in /Samplecode/SampleEnclave/Enclave/Trustedlibrary/Libc.cpp on SDK.

So I will check address outside the enclave again, and SDK, gcc, Ubuntu version.

Thanks a lot!

Shohei

0 積分
複製連結
回覆

週一至週五提供社區支援。請點選 這裡查看其他聯絡方式。

Intel 不會確認所有解決方案,包括但不限於可能出現在這個社群的任何檔案傳輸。因此,Intel 不承諾任何明示與暗示保證,包括但不限於適售性的暗示保證、適用於特定用途和無侵權,以及肇因於履行過程、交易過程或商業慣例的任何保證。

如需有關編譯器最佳化更完整的資訊,請參閱 最佳化公告.