Currently, we don't have userland debugging in the busybear setup we are using.
Once we do, not being able to attach to an enclave application for debugging will become a more serious problem.
Any debugging features are a serious potential security vulnerability, and need to be treated carefully.
If we want to allow debugging, the sm will have to allow enclave regions that are not PMP protected, and we'll need a way to ensure that the attestation report is either invalid or otherwise clearly indicates this.
I'm opening this up to discussion as to the features we need, and how we should support them.
Currently, we don't have userland debugging in the busybear setup we are using.
Once we do, not being able to attach to an enclave application for debugging will become a more serious problem.
Any debugging features are a serious potential security vulnerability, and need to be treated carefully.
If we want to allow debugging, the sm will have to allow enclave regions that are not PMP protected, and we'll need a way to ensure that the attestation report is either invalid or otherwise clearly indicates this.
I'm opening this up to discussion as to the features we need, and how we should support them.