The SGX-Bomb attack
SGX-Bomb launches the Rowhammer attack against enclave memory to trigger the processor lockdown. If arbitrary bit flips have occurred inside the enclave because of the Rowhammer attack, any read attempts to the enclave memory results in a failure of integrity check so that the processor will be locked, and the system should be rebooted.
This repository contains proof-of-concept code snippets of the SGX-bomb attack, including
- A kernel module to retrieve physical addresses of the enclave pages
- An enclave program to launch SGX-bomb attack
We evaluated the effectiveness of the SGX-Bomb attack in a real environment with DDR4 DRAM; it takes 283 s to hang the entire system with the default DRAM refresh rate, 64 ms.
Kernel version: 4.15.0-33-generic
Intel SGX-SDK : SGX-2.2
- Paper (SysTEX 2017): https://taesoo.kim/pubs/2017/jang:sgx-bomb.pdf
- Slides: https://taesoo.kim/pubs/2017/jang:sgx-bomb-slides.pdf