AEPIC enclave_idx explain

Hello!

Could you explain, what is enclave_idx and how I can get it? Thank you! ./dumper [enclave_pid] [enclave_idx] [flags] [dump_file]

Aug 11 '22 09:08 evasokolova1f

And one more question. When I use apic_dump - I get such results. Does it mean CPU is vulnerable or not?

00000010: ffff ffff ffff ffff ffff ffff ffff ffff  ................
00000020: ffff ffff ffff ffff ffff ffff ffff ffff  ................
00000030: ffff ffff ffff ffff ffff ffff ffff ffff  ................
00000040: ffff ffff ffff ffff ffff ffff ffff ffff  ................
00000050: ffff ffff ffff ffff ffff ffff ffff ffff  ................
00000060: ffff ffff ffff ffff ffff ffff ffff ffff  ................
00000070: ffff ffff ffff ffff ffff ffff ffff ffff  ................
00000080: ffff ffff ffff ffff ffff ffff ffff ffff  ................
00000090: ffff ffff ffff ffff ffff ffff ffff ffff  ................
000000a0: ffff ffff ffff ffff ffff ffff ffff ffff  ................
<trunkated>
00000fb0: ffff ffff ffff ffff ffff ffff ffff ffff  ................
00000fc0: ffff ffff ffff ffff ffff ffff ffff ffff  ................
00000fd0: ffff ffff ffff ffff ffff ffff ffff ffff  ................
00000fe0: ffff ffff ffff ffff ffff ffff ffff ffff  ................
00000ff0: ffff ffff ffff ffff ffff ffff ffff ffff  ................

Aug 11 '22 09:08 evasokolova1f

Hello! The enclave_idx is necessary since a process may have multiple enclaves, but it's usually zero.

The best way to check if you processor is vulnerable or not is to use the apic_dump kernel module. Given the ffs, I suspect you may have APIC MMIO disable. Boot your system with nox2apic in the kernel command line

Aug 11 '22 15:08 pietroborrello

AEPIC AEPIC copied to clipboard

enclave_idx explain

AEPIC
AEPIC copied to clipboard