Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.

Why Qemu-SGX not maintained any more?

LeoneChen
Beginner
1,380 Views

intel/qemu-sgx (github.com)

It say "This project has been identified as having known security escapes.", but what known security escapes?

0 Kudos
1 Solution
Iffa_Intel
Moderator
1,300 Views

Yes, that is just to share you the concept of that attack in QEMU.

Focus on the fact that the vulnerability attacks host operating system that runs QEMU.

QEMU-SGX, as the name implies, it uses QEMU so even if Enclave don't trust OS&Host App in VM, or no VM, the vulnerability exist.

 

Cordially,

Iffa


View solution in original post

0 Kudos
7 Replies
Iffa_Intel
Moderator
1,348 Views

Hi,


Generally, the QEMU is vulnerable to Virtual Machine Escape attack which triggered when fragment packets are reassembled for processing. This allows an attacker to perform arbitrary code execution at the same privilege level as QEMU itself, and completely crash the QEMU process.



Cordially,

Iffa


0 Kudos
LeoneChen
Beginner
1,337 Views

Thanks for reply!

 

Any hyper-links or details about this vulnerability or news?

0 Kudos
Iffa_Intel
Moderator
1,330 Views

Here it is (Note that this is public info):

1. Vulnerability in QEMU allows attackers to perform virtual machine escape

2. NVD for (no 1) vulnerability

3. KVM breakout

 

Hope this helps!

If you don't have any further inquiries, shall I close this case?

 

 

Cordially,

Iffa

0 Kudos
LeoneChen
Beginner
1,317 Views

But it seems that Qemu escape will not influent security of Enclave in VM, since Enclave don't trust OS&Host App in VM

0 Kudos
Iffa_Intel
Moderator
1,301 Views

Yes, that is just to share you the concept of that attack in QEMU.

Focus on the fact that the vulnerability attacks host operating system that runs QEMU.

QEMU-SGX, as the name implies, it uses QEMU so even if Enclave don't trust OS&Host App in VM, or no VM, the vulnerability exist.

 

Cordially,

Iffa


0 Kudos
LeoneChen
Beginner
1,277 Views

Thanks!

 

Thus it's due to Qemu problem, not an SGX problem

0 Kudos
Iffa_Intel
Moderator
1,253 Views

Glad that helps!


Intel will no longer monitor this thread since this issue has been resolved. If you need any additional information from Intel, please submit a new question. 



Cordially,

Iffa


0 Kudos
Reply