-
Notifications
You must be signed in to change notification settings - Fork 708
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Port to SGX #775
Comments
@elichai @dingelish Would there be any way for us to add build ring and its tests for your SGX target, even if we can't run them in CI, similar to what Fortanix proposes to do for their target in #738? I would love for CI to at least verify that the code build successfully for your target. |
Also, I would love it if somebody could explain what the difference is between these two targets besides the fact that the fortanix target implements most of libstd. I heard that the Baidu toolchain has better support for Intel's toolchain and maybe some other aspects of SGX that Intel supports, whereas Fortanix's toolchain replaces some of what Intel does with Fortanix's own toolchain. But, what is the practical effect of the use of Intel vs Fortanix toolchains, as far as somebody who wants to distribute an SGX-based application is concerned? |
Hey Brian, thanks for your support! I can provide an SGX enclave which runs all your test cases in tests dir. The enclave will return non-zero or trigger a signal on error. The environment setup would be done by a Dockerfile and I'll provide it on docker hub as well. I'm not familiar with CI but I think I can try with it and provide you a CI script :-) Basically, I would say that the fundamental difference between these two impls are whether or not trust Intel's software stack. Baidu's implementation does depend on Intel's pre-built static library while Fortanix's does not. One example is Google's Asylo. Google does not 100% trust Intel and their Asylo includes a large patch on Intel SGX SDK. Enigma uses Baidu's approach and I believe the authors understand that the software stack is built on top of Intel's SDK. I think people have different understandings regard to their relationship with Intel as well as the ownership of liability. Intel has the liability to fix vulnerabilities in their SDK libraries such as the most recent fix to INTEL-SA-00202. And I believe Fortanix will fix similar bugs (if exists) on their side. It's good to see that we have different choices :-) |
As mentioned in #738, I'd want this to use
This is only true for Intel's toolchain, I don't intend feature detection to work this way on |
I prefer low-level (or even hard-coded) solution without std. |
@jethrogb Now I'm curious, how do you intend to do feature detection without an ocall(so without |
@elichai Here's one option #738 (comment). Another is to use only compile-time feature flags. |
Hmm that's an interesting idea to do it via local attestation. |
Require the local attestation at enclave startup. OS has two choices: don't run or proceed with feature detection. |
@jethrogb you'll still need to make another attestation after the feature detection. which can be interfered by the OS. |
Baidu provides Rust bindings to the Intel SDK. This means you're both buying in to Intel's large C codebase and Intel's model for building enclaves. You have to define unsafe interfaces for ECALLs/OCALLs, which are known to be susceptible to vulnerabilities. The Fortanix EDP doesn't use any of Intel's code. If my audit is correct, the only C code in a A small ABI has been specifically designed for use with SGX and consists of less than 20 calls. It's designed to avoid common pitfalls in enclave interface design (Iago attacks, struct padding issues, etc.). It's kept small intentionally to aid security audits. The EDP is integrated with Rust's NB. The Fortanix EDP website is live now. You can find more detailed documentation at https://edp.fortanix.com |
OK, I don't have any objections to that in theory, but I see a practical problem with it: The OpenSSL code assumes that it has access to the entire results of
So how are you planning to make this work through My main concern is that I don't want to add support for SGX targets at all until we have the actual code that avoids using the side-channel-leaky AES and GCM implementations in SGX. My secondary concern is that, whatever we land first, if there are limitations or the implementation is incomplete or suboptimal, that suboptimality needs to be clearly documented. |
@elichai Could you (or somebody from your team) contribute a PR that replaces the use of CPUID with Also, if your target is a no_std target, how did you get RSA working? Could you contribute a PR for that too? |
@briansmith I don't want to create a Chromium bug tracker account, but I've definitely seen RDRAND fail on bare hardware if you use it a lot. I don't remember the exact hw/sw setup, but it was something like continuous blast in a loop on all cores. |
@briansmith I'm not sure either, what I did wouldn't be compatible with fortanix. about the RSA, I don't use RSA, can you point me to where it's a problem with no-std? Is it the |
I think a better solution is to modify ring's build.rs so that it looks at
Yes, exactly. Does your team using ring with |
No, we don't use about what to do with it, I'm not too familiar with the insides of RSA implementations but I think the best thing is if it possible to accept a big allocated memory from the outside that will be sufficient for the operations. And AFAIK liballoc does work in sgx(unless baidu got some magic in behind I don't know about), and if @jethrogb liballoc works in your enviroment too I think that can be solved through that. about the TARGET I don't know of any specific target that is only in SGX, @dingelish what do you say? is there some way to know that the build.rs happens for SGX? (without using Xargo) |
@elichai I think something like |
As of ab0726d, ring's tests never do file I/O. There would still be more work to do to get them to work for Baidu's |
@briansmith |
@briansmith any updates on this? |
Please take a look at PR #869, which removes the usage of libstd in RSA in favor of using the |
"In particular, our end-to-end exploit can leak the entire private key of a secure enclave running on a separate CPU core after only a single digital signature operation." - https://www.vusec.net/projects/crosstalk/ |
Microcode updates addressing the issue are available. |
thanks bro! this link is helpful. |
I think this is substantially easier now. See #744 (comment) and the review I did for UEFI support in #1406. |
@DragonDev1906 wrote in #2043:
|
Various people want ring to work on SGX. Here's what needs to be done to have a decent port, AFAICT:
sgx_cpuid
.detect_implementation()
in aes.rs so that SGX targets will only use the constant-time AES-NI or constant-time VPAES implementations, and never any of the other leaky implementations.detect_implementation()
in gcm.rs so that SGX will only use the constant-timeCLMUL
implementation or the ghash-ssse3-x86_64.pl implementation (which hasn't been imported from BoringSSL yet), and never any of the other leaky implementations.ring:rand
documentation that on SGX only,RDRAND
is used.fprintf
from the constant_time_test.c.cpu::cache_detected_features
. #759: Usespin::Once
instead ofstd::sync::Once
in cpu.rs. (Needed by Baidu only, not Fortanix).ring::rand
API documentation, thatring::rand
is implemented solely in terms ofRDRAND
for SGX targets.Is there anything else that needs to be done to properly support SGX?
The text was updated successfully, but these errors were encountered: