libsgxstep/enclave: only check accessed bit for present code pages

jovanbulck · Oct 17, 2024 · d25231f · d25231f
1 parent 6d0076e
commit d25231f
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 5 deletions.
diff --git a/app/aep-redirect/main.c b/app/aep-redirect/main.c
@@ -127,6 +127,7 @@ int main(int argc, char **argv) {
     attacker_config_page_table();
     register_aep_cb(aep_cb_func);
     print_enclave_info();
+    dump_enclave_exec_pages();
 
     info_event("reading/writing debug enclave memory..");
     edbgrd(data_pt, &old, 1);

diff --git a/libsgxstep/enclave.c b/libsgxstep/enclave.c
@@ -206,8 +206,11 @@ void mark_enclave_exec_not_accessed(void)
          * additionally flush the PTEs from the cache to further delay the
          * page-table walk and increase the landing space for the timer interrupt.
          */
-        *enclave_exec_ptes[i] = MARK_NOT_ACCESSED(*enclave_exec_ptes[i]);
-        flush(enclave_exec_ptes[i]);
+        if (PRESENT(*enclave_exec_ptes[i]))
+        {
+            *enclave_exec_ptes[i] = MARK_NOT_ACCESSED(*enclave_exec_ptes[i]);
+            flush(enclave_exec_ptes[i]);
+        }
     }
 }
 
@@ -217,19 +220,21 @@ uint64_t is_enclave_exec_accessed(void)
 
     for (int i = 0; i < enclave_exec_ptes_len; i++)
     {
-        if (ACCESSED(*enclave_exec_ptes[i]))
+        if (PRESENT(*enclave_exec_ptes[i]) && ACCESSED(*enclave_exec_ptes[i]))
             return (uint64_t) ENCLAVE_EXEC_NB2ADDR(i);
     }
     return 0;
 }
 
 void dump_enclave_exec_pages(void)
 {
-    ASSERT (enclave_exec_ptes);
+    if (!enclave_exec_ptes)
+        alloc_enclave_exec_ptes();
 
     for (int i = 0; i < enclave_exec_ptes_len; i++)
     {
-        info("%09lx: A=%ld", ENCLAVE_EXEC_NB2ADDR(i) - get_enclave_base(), ACCESSED(*enclave_exec_ptes[i]));
+        info("%09lx: P=%ld; A=%ld", ENCLAVE_EXEC_NB2ADDR(i) - get_enclave_base(),
+                PRESENT(*enclave_exec_ptes[i]), ACCESSED(*enclave_exec_ptes[i]));
     }
 }
 /*