Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
97 tokens/sec
GPT-4o
53 tokens/sec
Gemini 2.5 Pro Pro
44 tokens/sec
o3 Pro
5 tokens/sec
GPT-4.1 Pro
47 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

SIGY: Breaking Intel SGX Enclaves with Malicious Exceptions & Signals (2404.13998v1)

Published 22 Apr 2024 in cs.CR

Abstract: User programs recover from hardware exceptions and respond to signals by executing custom handlers that they register specifically for such events. We present SIGY attack, which abuses this programming model on Intel SGX to break the confidentiality and integrity guarantees of enclaves. SIGY uses the untrusted OS to deliver fake hardware events and injects fake signals in an enclave at any point. Such unintended execution of benign program-defined handlers in an enclave corrupts its state and violates execution integrity. 7 runtimes and library OSes (OpenEnclave, Gramine, Scone, Asylo, Teaclave, Occlum, EnclaveOS) are vulnerable to SIGY. 8 languages supported in Intel SGX have programming constructs that are vulnerable to SIGY. We use SIGY to demonstrate 4 proof of concept exploits on webservers (Nginx, Node.js) to leak secrets and data analytics workloads in different languages (C and Java) to break execution integrity.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (65)
  1. “Unsafe function call from a signal handler ,” https://owasp.org/www-community/vulnerabilities/Unsafe_function_call_from_a_signal_handler, accessed 17.04.2024.
  2. “[PAL/Linux-SGX] Cross-verify SW signals vs HW exceptions,” https://github.com/gramineproject/gramine/commit/a390e33e16ed374a40de2344562a937f289be2e1, accessed 22.04.2024.
  3. “Asylo Github,” https://github.com/google/asylo, accessed 28.01.2024.
  4. “Asynchronous Enclave Exit Notify and the EDECCSSA User Leaf Function,” https://www.intel.com/content/www/us/en/content-details/736463/white-paper-asynchronous-enclave-exit-notify-and-the-edeccssa-user-leaf-function.html, accessed 28.01.2024.
  5. “Banknote Database,” https://banknotedb.com, accessed 28.01.2024.
  6. “CVE-2022-41741,” https://nvd.nist.gov/vuln/detail/CVE-2022-41741, accessed 28.01.2024.
  7. “Delivering Signals for Fun and Profit,” https://lcamtuf.coredump.cx/signals.txt, accessed 28.01.2024.
  8. “Edgelessrt Github,” https://github.com/edgelesssys/edgelessrt, accessed 28.01.2024.
  9. “Ego Github,” https://github.com/edgelesssys/ego, accessed 28.01.2024.
  10. “Enarx Github,” https://github.com/enarx/enarx, accessed 28.01.2024.
  11. “Fortanix Runtime Encryption® Platform,” https://resources.fortanix.com/hubfs/Fortanix\_RTE\_Platform\_Whitepaper.pdf, accessed 28.01.2024.
  12. “Gramine Github,” https://github.com/gramineproject/gramine/tree/211ec447ee69f16139520fc3a17c561c36a00943, accessed 28.01.2024.
  13. “Intel SDK,” https://github.com/intel/linux-sgx, accessed 28.01.2024.
  14. “JSON Web Token (JWT),” https://datatracker.ietf.org/doc/html/rfc7519, accessed 28.01.2024.
  15. “kill(1) — Linux manual page,” https://man7.org/linux/man-pages/man1/kill.1.html, accessed 28.01.2024.
  16. “Multi Layer Perceptron in C,” https://github.com/manoharmukku/multilayer-perceptron-in-c, accessed 28.01.2024.
  17. “MystikOS Github,” https://github.com/deislabs/mystikos, accessed 28.01.2024.
  18. “Openenclave Github,” https://github.com/openenclave/openenclave, accessed 28.01.2024.
  19. “POSIX.1-2017,” https://pubs.opengroup.org/onlinepubs/9699919799.2018edition/, accessed 28.01.2024.
  20. “Rust EDP Github,” https://github.com/fortanix/rust-sgx/tree/master, accessed 28.01.2024.
  21. “Scone,” https://sconedocs.github.io, accessed 28.01.2024.
  22. “Scone Nodejs,” https://sconedocs.github.io/Nodejs, accessed 28.01.2024.
  23. “Teaclave Github,” https://github.com/apache/incubator-teaclave-sgx-sdk, accessed 28.01.2024.
  24. “WASI: signal handling,” https://github.com/WebAssembly/WASI/issues/166, accessed 28.01.2024.
  25. F. Alder, L.-A. Daniel, D. Oswald, F. Piessens, and J. Van Bulck, “Pandora: Principled symbolic validation of intel sgx enclave runtimes.”
  26. ARM, “Learn the Architecture: TrustZone for AArch64,” https://developer.arm.com/architectures/learn-the-architecture/trustzone-for-aarch64/trustzone-in-the-processor, 2021.
  27. S. Arnautov, B. Trach, F. Gregor, T. Knauth, A. Martin, C. Priebe, J. Lind, D. Muthukumaran, D. O’Keeffe, M. L. Stillwell, D. Goltzsche, D. Eyers, R. Kapitza, P. Pietzuch, and C. Fetzer, “SCONE: Secure linux containers with intel SGX,” in 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI 16).   Savannah, GA: USENIX Association, Nov. 2016, pp. 689–703. [Online]. Available: https://www.usenix.org/conference/osdi16/technical-sessions/presentation/arnautov
  28. S. Checkoway and H. Shacham, “Iago attacks: why the system call api is a bad untrusted rpc interface,” ACM SIGARCH Computer Architecture News, vol. 41, no. 1, pp. 253–264, 2013.
  29. X. Chen, T. Garfinkel, E. C. Lewis, P. Subrahmanyam, C. A. Waldspurger, D. Boneh, J. Dwoskin, and D. R. Ports, “Overshadow: A virtualization-based approach to retrofitting protection in commodity operating systems,” SIGOPS Oper. Syst. Rev., vol. 42, no. 2, p. 2–13, Mar. 2008.
  30. T. Cloosters, M. Rodler, and L. Davi, “TeeRex: Discovery and exploitation of memory corruption vulnerabilities in SGX enclaves,” in 29th USENIX Security Symposium (USENIX Security 20).   USENIX Association, Aug. 2020, pp. 841–858. [Online]. Available: https://www.usenix.org/conference/usenixsecurity20/presentation/cloosters
  31. T. Cloosters, J. Willbold, T. Holz, and L. Davi, “SGXFuzz: Efficiently synthesizing nested structures for SGX enclave fuzzing,” in 31st USENIX Security Symposium (USENIX Security 22).   Boston, MA: USENIX Association, Aug. 2022, pp. 3147–3164. [Online]. Available: https://www.usenix.org/conference/usenixsecurity22/presentation/cloosters
  32. S. Constable, J. V. Bulck, X. Cheng, Y. Xiao, C. Xing, I. Alexandrovich, T. Kim, F. Piessens, M. Vij, and M. Silberstein, “AEX-Notify: Thwarting precise Single-Stepping attacks through interrupt awareness for intel SGX enclaves,” in 32nd USENIX Security Symposium (USENIX Security 23).   Anaheim, CA: USENIX Association, Aug. 2023, pp. 4051–4068. [Online]. Available: https://www.usenix.org/conference/usenixsecurity23/presentation/constable
  33. V. Costan and S. Devadas, “Intel sgx explained.” IACR Cryptology ePrint Archive, vol. 2016, no. 086, pp. 1–118, 2016.
  34. J. Cui, J. Z. Yu, S. Shinde, P. Saxena, and Z. Cai, “Smashex: Smashing sgx enclaves using exceptions,” in Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security, ser. CCS ’21, 2021.
  35. A. Ghosn, J. R. Larus, and E. Bugnion, “Secured routines: Language-based construction of trusted execution environments,” in 2019 USENIX Annual Technical Conference (USENIX ATC 19).   Renton, WA: USENIX Association, Jul. 2019, pp. 571–586. [Online]. Available: http://www.usenix.org/conference/atc19/presentation/ghosn
  36. J. Götzfried, M. Eckert, S. Schinzel, and T. Müller, “Cache attacks on intel sgx,” in Proceedings of the 10th European Workshop on Systems Security, ser. EuroSec’17.   New York, NY, USA: Association for Computing Machinery, 2017. [Online]. Available: https://doi.org/10.1145/3065913.3065915
  37. L. Harrison, H. Vijayakumar, R. Padhye, K. Sen, and M. Grace, “PARTEMU: Enabling dynamic analysis of Real-World TrustZone software using emulation,” in 29th USENIX Security Symposium (USENIX Security 20).   USENIX Association, Aug. 2020, pp. 789–806. [Online]. Available: https://www.usenix.org/conference/usenixsecurity20/presentation/harrison
  38. W. He, W. Zhang, S. Das, and Y. Liu, “Sgxlinger: A new side-channel attack vector based on interrupt latency against enclave execution,” in 2018 IEEE 36th International Conference on Computer Design (ICCD).   IEEE, 2018, pp. 108–114.
  39. O. S. Hofmann, S. Kim, A. M. Dunn, M. Z. Lee, and E. Witchel, “Inktag: Secure applications on an untrusted operating system,” SIGPLAN Not., vol. 48, no. 4, p. 265–278, Mar. 2013.
  40. Intel, “Intel software guard extensions,” https://software.intel.com/content/www/us/en/develop/topics/software-guard-extensions.html, accessed 28.01.2024.
  41. P. Jiang, Q. Wang, J. Cheng, C. Wang, L. Xu, X. Wang, Y. Wu, X. Li, and K. Ren, “Boomerang: Metadata-Private messaging under hardware trust,” in 20th USENIX Symposium on Networked Systems Design and Implementation (NSDI 23).   Boston, MA: USENIX Association, Apr. 2023, pp. 877–899. [Online]. Available: https://www.usenix.org/conference/nsdi23/presentation/jiang
  42. A. Khan, M. Zou, K. Kim, D. Xu, A. Bianchi, and D. J. Tian, “Fuzzing sgx enclaves via host program mutations,” in 2023 IEEE 8th European Symposium on Security and Privacy (EuroS&P), 2023, pp. 472–488.
  43. M. R. Khandaker, Y. Cheng, Z. Wang, and T. Wei, “Coin attacks: On insecurity of enclave untrusted interfaces in sgx,” in Proceedings of the Twenty-Fifth International Conference on Architectural Support for Programming Languages and Operating Systems, ser. ASPLOS ’20.   New York, NY, USA: Association for Computing Machinery, 2020, p. 971–985. [Online]. Available: https://doi.org/10.1145/3373376.3378486
  44. J. Lee, J. Jang, Y. Jang, N. Kwak, Y. Choi, C. Choi, T. Kim, M. Peinado, and B. B. Kang, “Hacking in darkness: Return-oriented programming against secure enclaves,” in 26th USENIX Security Symposium (USENIX Security 17).   Vancouver, BC: USENIX Association, Aug. 2017, pp. 523–539. [Online]. Available: https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/lee-jaehyuk
  45. Y. Lee, C. Min, and B. Lee, “ExpRace: Exploiting kernel races through raising interrupts,” in 30th USENIX Security Symposium (USENIX Security 21).   USENIX Association, Aug. 2021, pp. 2363–2380. [Online]. Available: https://www.usenix.org/conference/usenixsecurity21/presentation/lee-yoochan
  46. H. Lefeuvre, V.-A. Bădoiu, Y. Chien, F. Huici, N. Dautenhahn, and P. Olivier, “Assessing the impact of interface vulnerabilities in compartmentalized software,” arXiv preprint arXiv:2212.12904, 2022.
  47. O. Oleksenko, B. Trach, R. Krahn, M. Silberstein, and C. Fetzer, “Varys: Protecting SGX enclaves from practical Side-Channel attacks,” in 2018 USENIX Annual Technical Conference (USENIX ATC 18).   Boston, MA: USENIX Association, Jul. 2018, pp. 227–240. [Online]. Available: https://www.usenix.org/conference/atc18/presentation/oleksenko
  48. D. R. K. Ports and T. Garfinkel, “Towards application security on untrusted operating systems,” in Proceedings of the 3rd Conference on Hot Topics in Security, ser. HOTSEC’08.   USA: USENIX Association, 2008.
  49. I. Puddu, M. Schneider, M. Haller, and S. Capkun, “Frontal attack: Leaking Control-Flow in SGX via the CPU frontend,” in 30th USENIX Security Symposium (USENIX Security 21).   USENIX Association, Aug. 2021, pp. 663–680. [Online]. Available: https://www.usenix.org/conference/usenixsecurity21/presentation/puddu
  50. J. R. Sanchez Vicarte, B. Schreiber, R. Paccagnella, and C. W. Fletcher, “Game of threads: Enabling asynchronous poisoning attacks,” in Proceedings of the Twenty-Fifth International Conference on Architectural Support for Programming Languages and Operating Systems, ser. ASPLOS ’20.   New York, NY, USA: Association for Computing Machinery, 2020, p. 35–52. [Online]. Available: https://doi.org/10.1145/3373376.3378462
  51. B. Schlüter, S. Sridhara, A. Bertschi, and S. Shinde, “WeSee: Using Malicious #VC Interrupts to Break AMD SEV-SNP,” in IEEE S&P, 2024.
  52. B. Schlüter, S. Sridhara, M. Kuhne, A. Bertschi, and S. Shinde, “Heckler: Breaking Confidential VMs with Malicious Interrupts,” in USENIX Security, 2024.
  53. Y. Shen, H. Tian, Y. Chen, K. Chen, R. Wang, Y. Xu, Y. Xia, and S. Yan, “Occlum: Secure and efficient multitasking inside a single enclave of intel sgx,” in Proceedings of the Twenty-Fifth International Conference on Architectural Support for Programming Languages and Operating Systems, ser. ASPLOS ’20.   New York, NY, USA: Association for Computing Machinery, 2020, p. 955–970. [Online]. Available: https://doi.org/10.1145/3373376.3378469
  54. ——, “Occlum: Secure and efficient multitasking inside a single enclave of intel sgx,” in Proceedings of the Twenty-Fifth International Conference on Architectural Support for Programming Languages and Operating Systems, 2020, pp. 955–970.
  55. D. Suciu, S. McLaughlin, L. Simon, and R. Sion, “Horizontal privilege escalation in trusted applications,” in 29th USENIX Security Symposium (USENIX Security 20).   USENIX Association, Aug. 2020. [Online]. Available: https://www.usenix.org/conference/usenixsecurity20/presentation/suciu
  56. J. Van Bulck, D. Oswald, E. Marin, A. Aldoseri, F. D. Garcia, and F. Piessens, “A tale of two worlds: Assessing the vulnerability of enclave shielding runtimes,” in Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, ser. CCS ’19.   New York, NY, USA: Association for Computing Machinery, 2019, p. 1741–1758. [Online]. Available: https://doi.org/10.1145/3319535.3363206
  57. J. Van Bulck and F. Piessens, “Sgx-step: An open-source framework for precise dissection and practical exploitation of intel sgx enclaves.”
  58. J. Van Bulck, F. Piessens, and R. Strackx, “Sgx-step: A practical attack framework for precise enclave execution control,” in Proceedings of the 2nd Workshop on System Software for Trusted Execution, ser. SysTEX’17.   New York, NY, USA: Association for Computing Machinery, 2017. [Online]. Available: https://doi.org/10.1145/3152701.3152706
  59. ——, “Nemesis: Studying microarchitectural timing leaks in rudimentary cpu interrupt logic,” in Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, ser. CCS ’18.   New York, NY, USA: Association for Computing Machinery, 2018, p. 178–195. [Online]. Available: https://doi.org/10.1145/3243734.3243822
  60. J. Van Bulck, N. Weichbrodt, R. Kapitza, F. Piessens, and R. Strackx, “Telling your secrets without page faults: Stealthy page {{\{{Table-Based}}\}} attacks on enclaved execution,” in 26th USENIX Security Symposium (USENIX Security 17), 2017, pp. 1041–1056.
  61. Y. Wang, Z. Zhang, N. He, Z. Zhong, S. Guo, Q. Bao, D. Li, Y. Guo, and X. Chen, “Symgx: Detecting cross-boundary pointer vulnerabilities of sgx applications via static symbolic execution,” in Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, ser. CCS ’23.   New York, NY, USA: Association for Computing Machinery, 2023, p. 2710–2724. [Online]. Available: https://doi.org/10.1145/3576915.3623213
  62. N. Weichbrodt, A. Kurmus, P. Pietzuch, and R. Kapitza, “Asyncshock: Exploiting synchronisation bugs in intel sgx enclaves,” in Computer Security–ESORICS 2016: 21st European Symposium on Research in Computer Security, Heraklion, Greece, September 26-30, 2016, Proceedings, Part I 21.   Springer, 2016, pp. 440–457.
  63. R. Wojtczuk and J. Rutkowska, “Following the White Rabbit: Software attacks against Intel (R) VT-d technology,” https://invisiblethingslab.com/resources/2011/Software\%20Attacks\%20on\%20Intel\%20VT-d.pdf, 2011.
  64. Y. Xu, W. Cui, and M. Peinado, “Controlled-channel attacks: Deterministic side channels for untrusted operating systems,” in IEEE S&P, 2015.
  65. D. Yu, J. Wang, H. Fang, Y. Fang, and Y. Zhang, “Senfuzzer: Detecting sgx memory corruption via information feedback and tailored interface analysis,” in Proceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses, ser. RAID ’23.   New York, NY, USA: Association for Computing Machinery, 2023, p. 485–498. [Online]. Available: https://doi.org/10.1145/3607199.3607215
User Edit Pencil Streamline Icon: https://streamlinehq.com
Authors (4)
  1. Supraja Sridhara (7 papers)
  2. Andrin Bertschi (7 papers)
  3. Benedict Schlüter (5 papers)
  4. Shweta Shinde (25 papers)
Citations (1)
View on Semantic Scholar

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now