search

intel / linux-sgx

Intel SGX for Linux*
https://www.intel.com/content/www/us/en/developer/tools/software-guard-extensions/linux-overview.html
Other
1.33k stars 544 forks source link

segmentation fault inside secure enclave #747

Open olehnikolaiev opened 3 years ago

olehnikolaiev commented 3 years ago

hello! I faced with an issue that passing random input to ecall may cause segmentation fault on version 2.13. after debugging with sgx_gdb I figured out that most probably it is related to not enough checks in automatically generated code by Intel: all generated checks for input pointers are passed(secure_encalve_t.c file) and call to secure enclave function ends well (all data is well-formed and valid after executing the function) but while copying from temporary buffer to resultant buffer (it is still the part of automatically generated code in secure_enclave_t.c) I always get a segmentation fault inside memcpy_s. attaching the files with automatically generated code, input, part of edl file and gdb log to the issue. I do calls to the enclave with sgx_ecall(global_eid, ecall_idx, 0, (void*) input); happens on ubuntu 18.04 and gcc-7.5. waiting for your reply and thanks in advance! gdb_log.txt secure_enclave_edl.txt input.txt secure_enclave_t_c.txt

llly commented 3 years ago

It seems that all your output buffer pointers are not valid. 

_tmp_errStatus = 0x3a78ec57401b7638
_tmp_key = 0x8dfc69ac6996977c <error: Cannot access memory at address 0x8dfc69ac6996977c>
_tmp_err_string = 0xc0465d8f508ad7f5 <error: Cannot access memory at address 0xc0465d8f508ad7f5>

It's expected behavior.