Skip to content

Commit

Permalink
Proof-of-concept _untested_ stub for Gramine support.
Browse files Browse the repository at this point in the history
Proper integration of SGX-Step with different runtimes is
still an outstanding issue (#28). Currently, only the Intel SDK is
"officially" supported. An (untested) stub to start on integration with
Gramine is, furthermore, provided "as is" in the `gramine` directory.
  • Loading branch information
jovanbulck committed Oct 12, 2022
1 parent d53ab9b commit 5bad772
Show file tree
Hide file tree
Showing 8 changed files with 241 additions and 0 deletions.
3 changes: 3 additions & 0 deletions .gitmodules
Original file line number Diff line number Diff line change
Expand Up @@ -4,3 +4,6 @@
[submodule "sdk/intel-sdk/linux-sgx"]
path = sdk/intel-sdk/linux-sgx
url = https://github.com/01org/linux-sgx.git
[submodule "sdk/gramine"]
path = sdk/gramine/gramine
url = https://github.com/gramineproject/gramine.git
6 changes: 6 additions & 0 deletions sdk/README.md
Original file line number Diff line number Diff line change
@@ -1 +1,7 @@
TODO list the expected SDK hooks here used by `libsgxstep` and how to port to a new libOS/SDK.

> :warning: **Note.** Proper integration of SGX-Step with different runtimes is
> still an outstanding issue (#28). Currently, only the Intel SDK is
> "officially" supported. An (untested) stub to start on integration with
> Gramine is, furthermore, provided "as is" in the `gramine` directory.
113 changes: 113 additions & 0 deletions sdk/gramine/0001-SGX-Step-Gramine-patches-to-reconfigure-AEP-TCS.patch
Original file line number Diff line number Diff line change
@@ -0,0 +1,113 @@
From f3d05a71a513445e9c3eec9e2ab6d4ab30f52d46 Mon Sep 17 00:00:00 2001
From: Jo Van Bulck <jo.vanbulck@cs.kuleuven.be>
Date: Wed, 12 Oct 2022 16:58:07 +0200
Subject: [PATCH 1/2] SGX-Step Gramine patches to reconfigure AEP/TCS.

---
pal/src/host/linux-sgx/host_entry.S | 50 +++++++++++++++++++++++++++--
pal/src/host/linux-sgx/meson.build | 11 +++++++
2 files changed, 58 insertions(+), 3 deletions(-)

diff --git a/pal/src/host/linux-sgx/host_entry.S b/pal/src/host/linux-sgx/host_entry.S
index bb38ced4..b84803d2 100644
--- a/pal/src/host/linux-sgx/host_entry.S
+++ b/pal/src/host/linux-sgx/host_entry.S
@@ -2,6 +2,21 @@

#include "asm-offsets.h"

+ .data
+g_aep_pointer:
+ .word 0x0
+ .word 0x0
+ .word 0x0
+ .word 0x0
+
+ .data
+g_tcs:
+ .word 0x0
+ .word 0x0
+ .word 0x0
+ .word 0x0
+
+ .text
.extern tcs_base
.extern g_in_aex_profiling

@@ -36,11 +51,18 @@ sgx_ecall:

# RBX has to be the TCS of the thread
movq %gs:PAL_HOST_TCB_TCS, %rbx
+ leaq g_tcs(%rip), %rax
+ movq %rbx, (%rax)

# RCX has to be the AEP (Asynchronous Exit Pointer)
- leaq async_exit_pointer(%rip), %rcx
-
- movq $EENTER, %rax
+ leaq g_aep_pointer(%rip), %rax
+ movq (%rax), %rcx /* aep addr */
+ cmp $0x0, %rcx
+ jnz 1f
+ leaq async_exit_pointer(%rip), %rcx
+ movq %rcx, (%rax)
+
+1: movq $EENTER, %rax /* EENTER leaf */
ENCLU

# currently only ECALL_THREAD_RESET returns
@@ -178,3 +200,25 @@ sgx_raise:
# RSI - external event
jmp .Ldo_ecall
.cfi_endproc
+
+
+.macro DECLARE_GLOBAL_FUNC name
+ .globl \name
+ .type \name, @function
+\name:
+.endm
+
+DECLARE_GLOBAL_FUNC sgx_get_aep
+ leaq g_aep_pointer(%rip), %rax
+ movq (%rax), %rax
+ ret
+
+DECLARE_GLOBAL_FUNC sgx_set_aep
+ leaq g_aep_pointer(%rip), %rax
+ movq %rdi, (%rax)
+ ret
+
+DECLARE_GLOBAL_FUNC sgx_get_tcs
+ leaq g_tcs(%rip), %rax
+ movq (%rax), %rax
+ ret
diff --git a/pal/src/host/linux-sgx/meson.build b/pal/src/host/linux-sgx/meson.build
index 3e77bdcc..c40794fa 100644
--- a/pal/src/host/linux-sgx/meson.build
+++ b/pal/src/host/linux-sgx/meson.build
@@ -152,10 +152,21 @@ libpal_sgx_host = executable('loader',
# host part of PAL uses stack protector with standard parameters (not the ones defined for
# PAL/LibOS)
'-fstack-protector-strong',
+
+ # XXX add libsgxstep include path
+ '-I../../..',
+ # XXX FORTIFY_SOURCE conflicts with regular libc header includes in libsgxstep
+ '-D_FORTIFY_SOURCE=0',
+ # XXX libsgxstep needs Intel SDK headers (only for error reporting; can be hacked out if needed)
+ '-I/opt/intel/sgxsdk/include/'
],
link_args: [
'-Wl,-zrelro',
'-Wl,-znow',
+
+ # XXX link in libsgxstep library
+ '-L../../../libsgxstep',
+ '-lsgx-step',
],
pie: true,

--
2.34.1

Original file line number Diff line number Diff line change
@@ -0,0 +1,66 @@
From 0a276da7b6ba82ced095a795f66ac7f3ad0870a1 Mon Sep 17 00:00:00 2001
From: Jo Van Bulck <jo.vanbulck@cs.kuleuven.be>
Date: Wed, 12 Oct 2022 16:58:44 +0200
Subject: [PATCH 2/2] Example usage of libsgxstep functionality on Gramine's
enclave entry.

---
pal/src/host/linux-sgx/host_ecalls.c | 35 ++++++++++++++++++++++++++++
1 file changed, 35 insertions(+)

diff --git a/pal/src/host/linux-sgx/host_ecalls.c b/pal/src/host/linux-sgx/host_ecalls.c
index 9387266b..a740df24 100644
--- a/pal/src/host/linux-sgx/host_ecalls.c
+++ b/pal/src/host/linux-sgx/host_ecalls.c
@@ -6,6 +6,31 @@
#include "pal_ecall_types.h"
#include "pal_rpc_queue.h"

+/*****************************************************************************/
+/* XXX SGX-Step library includes and callbacks */
+
+#define SGX_STEP_ENABLE 1
+
+#if SGX_STEP_ENABLE
+ #include "libsgxstep/debug.h"
+ #include "libsgxstep/enclave.h"
+
+ int aep_fired = 0;
+
+ void aep_cb_func(void)
+ {
+ gprsgx_region_t gprsgx = {0};
+ uint64_t erip = edbgrd_erip() - (uint64_t) get_enclave_base();
+ info("Hello world from AEP callback %d with erip=%#llx! Resuming enclave..", aep_fired, erip);
+
+ edbgrd(get_enclave_ssa_gprsgx_adrs(), &gprsgx, sizeof(gprsgx_region_t));
+ dump_gprsgx_region(&gprsgx);
+
+ aep_fired++;
+ }
+#endif
+/*****************************************************************************/
+
int ecall_enclave_start(char* libpal_uri, char* args, size_t args_size, char* env,
size_t env_size, int parent_stream_fd, sgx_target_info_t* qe_targetinfo,
struct pal_topo_info* topo_info, struct pal_dns_host_conf* dns_conf) {
@@ -32,6 +57,16 @@ int ecall_enclave_start(char* libpal_uri, char* args, size_t args_size, char* en
ms.ms_topo_info = topo_info;
ms.ms_dns_host_conf = dns_conf;
ms.rpc_queue = g_rpc_queue;
+
+ /*****************************************************************************/
+ #if SGX_STEP_ENABLE
+ /* XXX example of custom SGX-Step code before entering the victim enclave */
+ info("entering victim enclave");
+ register_aep_cb(aep_cb_func);
+ print_enclave_info();
+ #endif
+ /*****************************************************************************/
+
return sgx_ecall(ECALL_ENCLAVE_START, &ms);
}

--
2.34.1

40 changes: 40 additions & 0 deletions sdk/gramine/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
## Proof-of-concept _untested_ Gramine support

> :warning: **Note.** Integration with Gramine (v1.3.1) is currently _untested_
> and only provided as an example/starter for people wishing to experiment with
> SGX-Step on Gramine (e.g., see issue #47). Particularly, the patches below
> were validated to successfully compile but were never actually ran(!)
> Furthermore, single-stepping itself is not currently provided for Gramine,
> but should be straightforwardly feasible based on the existing code for the
> Intel SDK. As always, issues/PRs are welcome if you want to contribute
> improvements for a work-in-progress Gramine port.
1. First, apply the patches in the untrusted Gramine runtime `host_entry.S` to
be able to link to `libsgxstep`:

```bash
$ ./patch_entry.sh
```

2. Build the patched Gramine runtime and validate that the patches were
properly applied in the modified Gramine loader:

```bash
$ cd gramine
$ meson configure build/ -Dsgx=enabled
$ ninja -C build
$ objdump -d build/pal/src/host/linux-sgx/loader | grep sgx_set_aep
000000000000924c <sgx_set_aep>:
```

3. Now, you can implement the required attack code in Gramine's untrusted
runtime using `libsgxstep` functionality as usual. For example, the following
patch in `host_ecalls.c` demonstrates some basic usages:

```bash
$ ./patch_ecall.sh
$ cd gramine
$ ninja -C build
$ objdump -d build/pal/src/host/linux-sgx/loader | grep sgx_step
18631: 48 8d 05 2c 1c 00 00 lea 0x1c2c(%rip),%rax # 1a264 <sgx_step_aep_trampoline>
```
1 change: 1 addition & 0 deletions sdk/gramine/gramine
Submodule gramine added at 211ec4
6 changes: 6 additions & 0 deletions sdk/gramine/patch_ecall.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
#!/bin/bash

cd gramine

echo "=== patching ECALL ==="
patch -p1 < ../0002-Example-usage-of-libsgxstep-functionality-on-Gramine.patch
6 changes: 6 additions & 0 deletions sdk/gramine/patch_entry.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
#!/bin/bash

cd gramine

echo "=== patching AEP/TCS ==="
patch -p1 < ../0001-SGX-Step-Gramine-patches-to-reconfigure-AEP-TCS.patch

0 comments on commit 5bad772

Please sign in to comment.