tvm-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Yu Ding <>
Subject Re: [dmlc/tvm] [RFC][SGX] Use Fortanix EDP instead of rust-sgx-sdk (#2887)
Date Fri, 05 Apr 2019 04:53:51 GMT
Yeah I 100% trust you :)

Correct me if I'm wrong: [`SGX_QUEUE`](
relies on the implementation of `Mutex` inside SGX. In Fortanix's solution, it's relies on
which depends on [`usercall`](
to provide its atomicity. An attacker could easily hi-jack the enclave-runner thus modify
the behavior of `WaitQueue` then gain access to the behavior of that `SGX_QUEUE` and further
ruins the SGX environment.

A short gif to show how an attacker cheats on Fortanix's SGX app:


You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
  • Unnamed multipart/alternative (inline, 7-Bit, 0 bytes)
View raw message