Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Elephant
Beginner
80 Views

user_check protection for SGXSpectre

Hi,

Intel has released a technical advisory about the fixes for Spectre.  However, I would like to get more insight on how to handle user_check.  So from the "Intel® Software Guard Extensions (SGX) SW Development Guidance for Potential Bounds Check Bypass (CVE-2017-5753) Side Channel Exploits" whitepaper, Intel mentioned that we have to protect user_check inputs with the following pattern:

uint32_t enclave_function(const uint8_t* user_check_input,
uint32_t user_check_size)
{
...
//
// make sure input buffer is outside enclave
//
int SGXAPI sgx_is_outside_enclave(const void *addr, size_t
size);
if (!sgx_is_outside_enclave(user_check_input,
user_check_size)) {
// error code
...
}
else {
_mm_lfence();
...
}
...
}

However, how do I protect the structure that I passed with user_check when it has multiple pointers inside?

Thanks!

Kind Regards,
Elephant

 

0 Kudos
1 Reply
Hoang_N_Intel
Employee
80 Views

If the buffer is a structure of multiple pointers to other buffers, you will probably have to add one call to sgx_is_outside_enclave per pointer before you reference it.

Reply