Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[PAL/Linux-SGX] AEX-Notify 5/5: Add AEX-Notify flows in exception handling #2037

Open
wants to merge 4 commits into
base: dimakuv/aex-notify-part4
Choose a base branch
from
Open

[PAL/Linux-SGX] AEX-Notify 5/5: Add AEX-Notify flows in exception handling #2037

wants to merge 4 commits into from

Commits on Oct 22, 2024

  1. [PAL/Linux-SGX] Add AEX-Notify flows in exception handling 

    This commit adds the AEX-Notify flows inside the enclave.

The stage-1 signal handler is augmented as follows when AEX-Notify is
enabled: manually restore SSA[0] context, invoke the EDECCSSA
instruction instead of EEXIT (to go from SSA[1] to SSA[0] without
exiting the enclave) and finally jump to SSA[0].GPRSGX.RIP to resume
enclave execution (it will resume in stage-2 signal handler).

The stage-2 signal handler is augmented as follows: set bit 0 of
SSA[0].GPRSGX.AEXNOTIFY (so that AEX-Notify starts working again for
this thread), then apply AEX-Notify mitigations and finally restore
regular enclave execution.

This commit does not add any real AEX-Notify mitigations. Instead, we
count the number of AEX events reported inside the SGX enclave and print
this number on enclave termination (if log level is at least "warning").

Note that current implementation of AEX-Notify does not use the
checkpoint mechanism described in the official AEX-Notify whitepaper.
That checkpoint mechanism allows to coalesce multiple AEX events
that occur during the execution of mitigations. This saves some CPU
cycles and some signal-handling stack space, but we leave implementing
this optimization as future work.

Signed-off-by: Dmitrii Kuvaiskii <[email protected]>
    Dmitrii Kuvaiskii committed Oct 22, 2024
    Configuration menu
    Copy the full SHA
    32829f2 View commit details
    Browse the repository at this point in the history

  2. fixup! [PAL/Linux-SGX] Add AEX-Notify flows in exception handling 

    Fixed GDB issue. Fixed a SIGSEGV data race on thread termination
(ERESUME morphs into EENTER but then performs EEXIT). Added AEXNOTIFY
envvar to LibOS regression tests (but only to a subset from
`manifest.template`, simply because changing all manifest template files
would be a huge git diff).

Signed-off-by: Dmitrii Kuvaiskii <[email protected]>
    Dmitrii Kuvaiskii committed Oct 22, 2024
    Configuration menu
    Copy the full SHA
    4f19422 View commit details
    Browse the repository at this point in the history

  3. fixup! [PAL/Linux-SGX] Add AEX-Notify flows in exception handling 

    Fixed EDMM issue. Turned out to be a case of too many nested signal
handlers inside Gramine's SGX PAL, which overflowed the SGX enclave
signal stack.

Signed-off-by: Dmitrii Kuvaiskii <[email protected]>
    Dmitrii Kuvaiskii committed Oct 22, 2024
    Configuration menu
    Copy the full SHA
    0e99648 View commit details
    Browse the repository at this point in the history

  4. fixup! [PAL/Linux-SGX] Add AEX-Notify flows in exception handling 

    This commit adds conditional AEX-Notify enablement to all Gramine tests.

Run tests e.g. like this (on a machine that supports AEX-Notify both in
hardware and in Linux kernel):

    $ EDMM=1 AEXNOTIFY=1 SGX=1 gramine-test pytest

Signed-off-by: Dmitrii Kuvaiskii <[email protected]>
    Dmitrii Kuvaiskii committed Oct 22, 2024
    Configuration menu
    Copy the full SHA
    6504586 View commit details
    Browse the repository at this point in the history