简介
OpenEnclave(缩写为OE)是微软开发的TEE软件栈,它支持Intel SGX和OP-TEE OS on ARM TrustZone,【OpenEnclave提供的SGX软件栈有别于Intel SGX软件栈(如linux-sgx),两者互为替代关系】。OpenEnclave支持C/C++运行时。
OpenEnclave主要的一个用途是在微软Azure云上保护目标安全。
架构
OpenEnclave和linux-sgx在SGX软件栈方面架构上非常相近,但实现细节有些区别。
OpenEnclave所使用的SGX驱动为Intel SGX DCAP Driver
OpenEnclave下开发的SGX Enclave应用(如helloworld)也被分为Host(不可信)和Enclave(可信)。OpenEnclave提供了oeedger8r边界工具(类似于SGX EDGER8R)读取EDL文件生成Stub文件。
ECALL流程
以enclave_helloworld这个ECALL为例。
Host(samples/helloworld/host/host.c)
enclave_helloworld
OE 不可信Stub(samples/helloworld/enclave/helloworld_u.c)
→
\rightarrow
→ helloworld_enclave_helloworld (不可信Stub文件中,enclave_helloworld是它的弱符号)
OE uRTS(host/calls.c)
→
\rightarrow
→ oe_call_enclave_function
→
\rightarrow
→ _call_enclave_function_impl
OE uRTS(host/sgx/calls.c,host目录下还包括optee相关的API)
→
\rightarrow
→ oe_ecall
→
\rightarrow
→ _do_eenter
OE uRTS(host/sgx/enter.c)
→
\rightarrow
→ oe_enter
CPU with SGX
→
\rightarrow
→ enclu
OE tRTS(enclave/sgx/start.S,enclave目录下还包括optee相关的API)
→
\rightarrow
→ _start
OE tRTS(enclave/core/sgx/enter.S,core目录下还包括optee相关的API)
→
\rightarrow
→ oe_enter
OE tRTS(enclave/core/sgx/calls.c)
→
\rightarrow
→ __oe_handle_main
→
\rightarrow
→ _handle_ecall
→
\rightarrow
→ oe_handle_call_enclave_function
→
\rightarrow
→ 查ECALL表获取ECALL可信Stub函数地址
OE 可信Stub(samples/helloworld/enclave/helloworld_t.c)
→
\rightarrow
→ ecall_enclave_helloworld
Enclave(samples/helloworld/enclave/enc.c)
→
\rightarrow
→ enclave_helloworld
相关CVE
current_description | cve_id | cvss2_score | cwe | paper | project | result | reference |
---|---|---|---|---|---|---|---|
In openenclave before 0.10.0, enclaves that use x87 FPU operations are vulnerable to tampering by a malicious host application. By violating the Linux System V Application Binary Interface (ABI) for such operations, a host app can compromise the execution integrity of some x87 FPU operations in an enclave. Depending on the FPU control configuration of the enclave app and whether the operations are used in secret-dependent execution paths, this vulnerability may also be used to mount a side-channel attack on the enclave. This has been fixed in 0.10.0 and the current master branch. Users will need to recompile their applications against the patched libraries to be protected from this vulnerability. | CVE-2020-15107 | 1.2 LOW | NVD-CWE-noinfo Insufficient Information | Faulty Point Unit: ABI Poisoning Attacks on Intel SGX | OpenEnclave ABI | x87 FPU操作完整性 | https://github.com/openenclave/openenclave/security/advisories/GHSA-7wjx-wcwg-w999 (Third Party Advisory); |
In Open Enclave before version 0.12.0, an information disclosure vulnerability exists when an enclave application using the syscalls provided by the sockets.edl is loaded by a malicious host application. An attacker who successfully exploited the vulnerability could read privileged data from the enclave heap across trust boundaries. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to elevate user rights directly, but it could be used to obtain information otherwise considered confidential in an enclave, which could be used in further compromises. The issue has been addressed in version 0.12.0 and the current master branch. Users will need to to recompile their applications against the patched libraries to be protected from this vulnerability. | CVE-2020-15224 | 2.7 LOW | CWE-552 Files or Directories Accessible to External Parties | None | OpenEnclave | 信息泄露 | https://github.com/openenclave/openenclave/commit/bcac8e7acb514429fee9e0b5d0c7a0308fd4d76b (Patch, Third Party Advisory); https://github.com/openenclave/openenclave/blob/master/CHANGELOG.md#v0120 (Release Notes, Third Party Advisory); https://github.com/openenclave/openenclave/security/advisories/GHSA-525h-wxcc-f66m (Third Party Advisory); |
An information disclosure vulnerability exists when affected Open Enclave SDK versions improperly handle objects in memory, aka ‘Open Enclave SDK Information Disclosure Vulnerability’. | CVE-2019-1370 | 2.1 LOW | CWE-200 Exposure of Sensitive Information to an Unauthorized Actor | A tale of two worlds: Assessing the vulnerability of enclave shielding runtimes | OpenEnclave | 信息泄露 | https://github.com/openenclave/openenclave/commit/efe75044d215d43c2587ffd79a52074bf838368b (Patch); https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1370 (Patch, Vendor Advisory); |
An information disclosure vulnerability exists when affected Open Enclave SDK versions improperly handle objects in memory, aka ‘Open Enclave SDK Information Disclosure Vulnerability’. | CVE-2019-1369 | 2.1 LOW | CWE-200 Exposure of Sensitive Information to an Unauthorized Actor | A tale of two worlds: Assessing the vulnerability of enclave shielding runtimes | OpenEnclave | 信息泄露 | https://github.com/openenclave/openenclave/commit/a39476e5de854317a1a74ec3c08257a00c1625d5 (Patch); https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1369 (Patch, Vendor Advisory); |
An information disclosure vulnerability exists when affected Open Enclave SDK versions improperly handle objects in memory, aka ‘Open Enclave SDK Information Disclosure Vulnerability’. | CVE-2019-0876 | 2.1 LOW | NVD-CWE-noinfo Insufficient Information | A tale of two worlds: Assessing the vulnerability of enclave shielding runtimes | OpenEnclave | 信息泄露 | https://github.com/openenclave/openenclave/commit/d07769bcf73bb8a1b29374be1a50f93bae549f58 (Patch); https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0876 (Patch, Vendor Advisory); http://www.securityfocus.com/bid/107743 (Third Party Advisory, VDB Entry); |