Syscall emulation

[jethrogb]

While reading your NDSS paper on OpenSGX, a question arised regarding syscall emulation. I e-mailed with Prerit (first author in lieu of a specified corresponding author) and he suggested I bring this up here.

In §IV-B "System call emulation" you write that the enclave context is saved. In §IV-D "Trampoline and stub" you write that the enclave is exited using EEXIT and then entered using ERESUME. I looked at your libsgx source code and it does not seem that any state is saved before calling EEXIT, nor does EEXIT save state. Furthermore, EEXIT does not increase TCS.CSSA, while ERESUME decreases TCS.CSSA. If I interpret the SGX reference correctly, ERESUME is only to be called after an asynchronous exit.

Prerit pointed me at the following code: https://github.com/sslab-gatech/opensgx/blob/407d176/qemu/target-i386/sgx_helper.c#L2041 but I don't think it matches the SGX programming reference. You mention multiple times in the paper that OpenSGX is instruction-compatible. Can you elaborate on this?

[johnmwshih]

The state saving is done in qemu-level, not in user-level (libsgx). Regarding to EEXIT, we do modify a bit for our trampoline design. The CSSA increasing is to make it compatible with CSSA behavior in the spec.

[jethrogb]

So you're saying EEXIT both saves sate and increases CSSA? Because neither of those things are compatible with the spec. How do you do a regular EEXIT?

[johnmwshih]

Both of them are performed in our trampoline design, which is a customized feature we add. If you only want to use EEXIT in normal way (e.g., terminates enclave) then it follows the spec.

[jethrogb]

Looking at the code linked above it looks like you always save state and increase CSSA, unless RBX=0, which would almost assuredly result in an exception for trying to access address 0. This means I can never re-enter an enclave with NSSA=1 after EEXIT?