dot-asm
commented
1 month ago I'm reluctant to do this for the following reason. LVI countermeasures are cooperative in the sense that it makes no sense to harden just one component. I'd argue that adding this as an option would give users a false sense of security. x86_64-fortanix-unknown-sgx qualifies, because it unconditionally generates hardened code and provides hardened run-time. Same can not be said about for example incubator-teaclave-sgx-sdk, which makes no attempt to harden Rust code, be it user or run-time. One can argue that users are free to pass +lvi-cfi,+lvi-load-hardening, but it won't affect the pre-compiled run-time. If anything one can make a case for noting and mirroring the said Rust target features(*), but a crate feature makes virtually no sense.
(*) Ironically enough contemporary cargo fails to recognize the flags in question as legit.
Adds a new feature flag is to enable support for non-fortanix Intel SGX environments.
Also makes it easier to test SGX specific modifications to the code. For example in issue #214 , the test can be executed on the SGX variant by just using
cargo test --features "sgx portable" fp_test