tvm-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Yu Ding <notificati...@github.com>
Subject Re: [dmlc/tvm] [RFC][SGX] Use Fortanix EDP instead of rust-sgx-sdk (#2887)
Date Fri, 05 Apr 2019 04:53:51 GMT
Yeah I 100% trust you :)

Correct me if I'm wrong: [`SGX_QUEUE`](https://github.com/dmlc/tvm/blob/7cd986db0e67583bc347ed208c25be4c0d0c32a0/rust/runtime/src/threading.rs#L198)
relies on the implementation of `Mutex` inside SGX. In Fortanix's solution, it's relies on
[`WaitQueue`](https://github.com/rust-lang/rust/blob/53f2165c544cceeafb308b80ace656ed328c1dc2/src/libstd/sys/sgx/mutex.rs#L25)
which depends on [`usercall`](https://github.com/rust-lang/rust/blob/53f2165c544cceeafb308b80ace656ed328c1dc2/src/libstd/sys/sgx/waitqueue.rs#L154)
to provide its atomicity. An attacker could easily hi-jack the enclave-runner thus modify
the behavior of `WaitQueue` then gain access to the behavior of that `SGX_QUEUE` and further
ruins the SGX environment.

A short gif to show how an attacker cheats on Fortanix's SGX app:

![gif](https://dingelish.com/record.gif)

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/dmlc/tvm/issues/2887#issuecomment-480147860
Mime
  • Unnamed multipart/alternative (inline, 7-Bit, 0 bytes)
View raw message