Skip to content

Analysis data for the opinion paper "A Case for Unified ABI Shielding in Intel SGX Runtimes"

Notifications You must be signed in to change notification settings

jovanbulck/sgx-abi-data

Repository files navigation

A Case for Unified ABI Shielding in Intel SGX Runtimes

This repository provides the analysis data for our opinion paper "A Case for Unified ABI Shielding in Intel SGX Runtimes" to appear at the 5th Workshop on System Software for Trusted Execution (SysTEX'22).

Jo Van Bulck, Fritz Alder, and Frank Piessens. "A Case for Unified ABI Shielding in Intel SGX Runtimes," in Proceedings of the 5th Workshop on System Software for Trusted Execution (SysTEX'22).

Paper abstract

With hardware support for trusted execution, most notably Intel SGX, becoming widely available, recent years have seen the emergence of numerous shielding runtimes to transparently protect enclave applications in hostile environments. While, at the application level, a wide range of languages and development paradigms are supported by diverse runtimes, shielding responsibilities at the lowest level of the application binary interface (ABI) remain strikingly similar. Particularly, the ABI dictates that certain CPU registers need to be cleansed and initialized via a small, hand-written assembly stub upon every enclave context switch.

This paper and call for action analyzes the ABI sanitization layers of 8 open-source SGX shielding runtimes from industry and academia, categorizes historic vulnerabilities therein, and identifies cross-cutting tendencies and insights. We conclude that there is no technical reason for maintaining separate, often notoriously complex and vulnerable ABI code bases. Moving forward, we outline challenges and opportunities for a single, unified ABI sanitization layer that complies with best practices from software engineering and can be scrutinized and integrated across SGX runtimes.

ABI vulnerability landscape data

We reproduce the ABI vulnerability landscape overview from the paper (Table 1) below. The top rows compare ABI sanitization layers in terms of total lines of code (as measured on January 20, 2022; using cloc) and lines changed since original release (as reported by git; following renamed/moved files). The third row distinguishes (aspired) production runtimes from research prototypes.

SGX-SDK OE EDP Gramine Enarx GoTEE SGX-LKL OpenSGX
LoC ABI stub 301 277 248 427 169 239 103 49
LoC changed 243 589 187 1,840 844 65 47 0
Production? ✔️ ✔️ ✔️ ✔️ ✔️

LoC ABI stub. The first row provides static permalinks to the assembly file that implements ABI shielding for the provided runtime, and which was measured for the provided LoC count. Note that in the case of OpenEnclave (OE), however, shielding responsibilities are split over two separate files, and the provided LoC count is the sum of enter.S and exit.S.

LoC changed. We provide detailed READMEs with instructions, output logs, and git submodules pointing to the analyzed versions of each runtime in the respective subdirectories.

To checkout the git submodules and reproduce the LoC counts, proceed as follows:

$ ./calculate_line_changes.sh

ABI patch timelines data

We reproduce the ABI patch timeline overview from the paper (Table 2) below, with permalinks provided to the respective commits. The top row provides initial commit dates as a reference. The next rows list the dates of the initial patch (and the last revision, if any) for the ABI sanitization responsibilities in the left column, where 📰 and ⭐ indicate vulnerabilities disclosed by the referenced academic study and this work, respectively.

SGX-SDK OE EDP Gramine Enarx
Initial commit °24.06.2016 °29.08.2017 °07.12.2018* °20.06.2016 °20.02.2020
RFLAGS.DF 📰 17.10.2019 📰 09.10.2019 07.12.2018 01.05.2019 20.03.2020
RFLAGS.AC 📰 12.11.2019 📰 09.10.2019 📰 21.10.2019 📰 19.11.2019 ⭐ 17.02.2022
10.02.2020
FPU extended state 📰 16.01.2020 09.10.2019 📰 10.02.2020 17.10.2019 29.05.2020
📰 14.07.2020 📰 19.06.2020
Exception stack 📰 13.07.2021 📰 13.07.2021 N/A 01.04.2019 📰 22.10.2021
31.01.2020

DF = direction flag sanitization; AC = alignment-check flag sanitization; FPU = extended-state sanitization; EXC = exception handler stack pointer initialization.

* This is the release date of the x86_64-fortanix-unknown-sgx Rust compiler target. After the paper release, we became aware of the existence of even older public development versions of the EDP entry code, from 21.04.2016 onwards, which are now also referenced in the EDP directory README.

About

Analysis data for the opinion paper "A Case for Unified ABI Shielding in Intel SGX Runtimes"

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages