Jo Van Bulck
Jo Van Bulck
Currently, page-fault attack code is rather unclean and has a lot of code duplication to setup fault handlers and revoke enclave page permissions through either `mprotect` calls and/or PTE remapping...
Ideally `libsgxstep` should be less tightly coupled to the Intel SGX-SDK and rely on a clean and stable interface that can be easily ported to other SDKs or libOSs, eg...
dmesg warnings ``` [ 45.321866] [sgx-step] listening on /dev/sgx-step [ 56.452386] x86/PAT: app:2512 map pfn RAM range req uncached-minus for [mem 0x481488000-0x481488fff], got write-back [ 56.452489] x86/PAT: app:2512 map pfn...
A fully automated single-stepping timer configuration benchmark program would repeatedly interrupt an enclaved nop instruction slide, each time adjusting the current timer interval guess -- in a binary search fashion...
https://github.com/jovanbulck/0xbadc0de/blob/master/intel-sgx-sdk/sgx-strlen/main.c#L58 http://windows-internals.com/cet-on-windows/
`SGX_STEP_PLATFORM` and `SGX_STEP_TIMER_INTERVAL` and actual timer configuration AEP code should better be encapsulated in `libsgxstep` plus a common `Makefile.config`, such that the actual application AEP callback code can focus exclusively...
the `app` directory should contain simple, self-contained example programs for all of the features of the framework
eg Travis-CI to at least make sure everything compiles on an up-to-date system. This means we should also patch, build, and install the SGX-SDK. We can also consider running at...
Custom AEP trampoline seems to cause `sgx-gdb` to crash with a segmentation fault. Full output for the aep-redirect sample program: ``` GNU gdb (Ubuntu 7.11.1-0ubuntu1~16.5) 7.11.1 Copyright (C) 2016 Free...
A dynamic ELF parser library could easily return addresses (relative to the enclave base) for required enclave symbols (functions, data locations) etc. Together with `get_enclave_base()`, this way one does not...