Abacwaningi abavela e-People's Liberation Army Defense Science and Technology University, i-National University of Singapore kanye ne-ETH Zurich baqhamuke indlela entsha yokuhlasela izindawo ezingazodwa ze-Intel SGX (Software Guard eXtensions). Ukuhlasela kubizwa nge-SmashEx futhi kubangelwa izinkinga zokungena kabusha lapho usingatha izimo ezihlukile ngesikhathi sokusebenza kwezingxenye zesikhathi sokusebenza ze-Intel SGX. Indlela ehlongozwayo yokuhlasela yenza kube nokwenzeka, uma ulawula isistimu yokusebenza, ukunquma idatha eyimfihlo etholakala ku-enclave, noma ukuhlela ukukopishwa kwekhodi yakho kumemori ye-enclave kanye nokwenziwa kwayo.
Ama-prototypes asetshenziswayo alungiselelwe ama-enclave anesikhathi sokusebenza ngokususelwa ku-Intel SGX SDK (CVE-2021-0186) kanye ne-Microsoft Open Enclave (CVE-2021-33767). Esimeni sokuqala, ikhono lokukhipha ukhiye we-RSA osetshenziswe kuseva yewebhu ye-HTTPS laboniswa, futhi okwesibili, kwakungenzeka ukunquma okuqukethwe okutholwe insiza ye-cURL egijima ngaphakathi kwe-enclave. Ukuba sengozini sekuvele kukhulunywe ngakho ngokohlelo ekukhishweni kwe-Intel SGX SDK 2.13 kanye ne-Open Enclave 0.17.1. Ngokungeziwe ku-Intel SGX SDK ne-Microsoft Open Enclave, ubungozi buvela naku-Google Asylo SDK, EdgelessRT, Apache Teaclave, Rust SGX SDK, SGX-LKL, CoSMIX kanye neVeracruz.
Masikhumbule ukuthi ubuchwepheshe be-SGX (Software Guard Extensions) buvele esizukulwaneni sesithupha se-Intel Core processors (Skylake) futhi bunikeza uchungechunge lwemiyalo evumela izinhlelo zokusebenza ezisezingeni lomsebenzisi ukwaba izindawo zememori evaliwe - ama-enclaves, okuqukethwe kwawo okungenakufundeka futhi ilungiswe ngisho nayi-kernel kanye nekhodi esetshenziswa kumamodi we-ring0, SMM kanye ne-VMM. Akunakwenzeka ukudlulisa ukulawula kukhodi eku-enclave kusetshenziswa imisebenzi yokweqa evamile kanye nokukhohlisa ngamarejista nesitaki - imiyalelo emisha edalwe ngokukhethekile ethi EENTER, EEXIT kanye ne-ERESUME isetshenziselwa ukudlulisa ukulawula ku-enclave, eyenza ukuhlola kweziphathimandla. Kulokhu, ikhodi ebekwe ku-enclave ingasebenzisa izindlela zokushaya zakudala ukuze ufinyelele imisebenzi ngaphakathi kwe-enclave kanye nemiyalelo ekhethekile yokubiza imisebenzi yangaphandle. Ukubethela kwenkumbulo ye-Enclave kusetshenziselwa ukuvikela ekuhlaselweni kwezingxenyekazi zekhompuyutha njengokuxhuma kumojula ye-DRAM.
Inkinga ukuthi ubuchwepheshe be-SGX buvumela isistimu yokusebenza ukuthi ikhiphe i-enclave ngokuphonsa okuhlukile kwehadiwe, futhi ama-enclave awasebenzisi kahle izinto zokuqala zokuphatha okuhlukile nge-athomu. Ngokungafani ne-kernel yesistimu yokusebenza kanye nezinhlelo zokusebenza ezivamile, ikhodi engaphakathi kwama-enclaves ayinakho ukufinyelela kuzinto zokuqala zokuhlela izenzo ze-athomu lapho uphatha okuhlukile okuphonswe ngokulinganayo. Ngaphandle kwama-primitives e-athomu ashiwo, i-enclave ingaphazanyiswa nganoma yisiphi isikhathi futhi ibuyiselwe ekubulaweni, ngisho nangezikhathi lapho i-enclave isebenzisa izigaba ezibucayi futhi isesimweni esingaphephile (isibonelo, lapho amarejista e-CPU engalondolozwa/engabuyiselwa).
Ngokusebenza okuvamile, ubuchwepheshe be-SGX buvumela ukwenziwa kwe-enclave ukuthi kuphazanyiswe okuhlukile kwezingxenyekazi zekhompuyutha okulungisekayo. Lesi sici sivumela izindawo zesikhathi sokusebenza se-enclave ukuthi zisebenzise ukuphatha okuhlukile kwe-intra-enclave noma ukucubungula isignali, kodwa futhi singabangela amaphutha abangenayo. Ukuhlasela kwe-SmashEx kusekelwe ekusebenziseni amaphutha ku-SDK ngenxa yokuthi isimo sokuphinda ubize isibambi esihlukile singaphathwa kahle. Kubalulekile ukuthi ukuxhaphaza ubungozi, umhlaseli kumele akwazi ukuphazamisa ukukhishwa kwe-enclave, i.e. kumele ilawule ukusebenza kwendawo yesistimu.
Ngemva kokukhipha okuhlukile, umhlaseli uthola iwindi lesikhathi esincane lapho uchungechunge lokubulawa lungabanjwa ngokukhohlisa amapharamitha okokufaka. Ikakhulukazi, uma ukwazi ukufinyelela isistimu (indawo engaphandle kwendawo ebiyelwe kuyo), ungakha okuhlukile okusha ngokushesha ngemva kokwenza umyalo wokufaka i-enclave (EENTER), ozobuyisela ukulawula kusistimu esigabeni lapho ukusetha isitaki i-enclave ayikaqedwa, lapho Isimo sokubhaliswa kwe-CPU siphinde sigcinwe khona.
Isistimu bese ingakwazi ukubuyisela ukulawula emuva ku-enclave, kodwa njengoba isitaki se-enclave singalungiswanga ngesikhathi sokuphazamiseka, i-enclave izosebenzisa isitaki esihlala kumemori yesistimu, engasetshenziswa ukuze kusetshenziswe izinhlelo ezigxile ekubuyiseleni (ROP). ) amasu okuxhashazwa.I-Oriented Programming). Uma usebenzisa indlela ye-ROP, umhlaseli akazami ukubeka ikhodi yakhe enkumbulweni, kodwa usebenza ngezingcezu zemiyalelo yomshini kakade etholakala emitapo yolwazi elayishiwe, ephetha ngomyalelo wokubuyisela ukulawula (njengomthetho, lezi iziphetho zemisebenzi yelabhulali) . Umsebenzi wokuxhaphaza wehlela ekwakheni uchungechunge lwezingcingo kumabhulokhi afanayo (“amagajethi”) ukuze kutholwe ukusebenza okufunayo.
Source: opennet.ru