[SBI] Passing SBI arguments through a physical address might cause an unexpected machine failure

keystone-enclave / riscv-pk

Security monitor for Keystone Enclave (mirror of riscv-pk). Will be deprecated when openSBI port is ready

Other

36 stars 14 forks source link

[SBI] Passing SBI arguments through a physical address might cause an unexpected machine failure #9

Open dayeol opened 5 years ago

dayeol commented 5 years ago

Currently, create_enclave SBI function uses a physical address passed by the operating system to read/write the arguments and return value. This might cause an unexpected failure if the physical address is not valid at the time the SM dereferences it. We need to change all SBI interfaces back to use standard argument registers (a0-a6)

archshift commented 4 years ago

Is this fixed by #54?

dayeol commented 4 years ago

I think it won't. valid means valid in page table, so the access can be still invalid of the page was evicted before the SM acceses it.

This is really unlikely case so we havent seen this for a while, but basically it's fixable by using registers to pass arguments.