Exceptions are a commodity hardware functionality which is central to multi-tasking OSes as well as event-driven user applications. Normally, the OS assists the user application by lifting the semantics of exceptions received from hardware to program-friendly user signals and exception handling interfaces. However, can exception handlers work securely in user enclaves, such as those enabled by Intel SGX, where the OS is not trusted by the enclave code?In this paper, we introduce a new attack called SmashEx which exploits the OS-enclave interface for asynchronous exceptions in SGX. It demonstrates the importance of a fundamental property of safe atomic execution that is required on this interface. In the absence of atomicity, we show that asynchronous exception handling in SGX enclaves is complicated and prone to re-entrancy vulnerabilities. Our attacks do not assume any memory errors in the enclave code, side channels, or application-specific logic flaws. We concretely demonstrate exploits that cause arbitrary disclosure of enclave private memory and code-reuse (ROP) attacks in the enclave. We show reliable exploits on two widely-used SGX runtimes, Intel SGX SDK and Microsoft Open Enclave, running OpenSSL and cURL libraries respectively. We tested a total of 14 frameworks, including Intel SGX SDK and Microsoft Open Enclave, 10 of which are vulnerable. We discuss how the vulnerability manifests on both SGX1-based and SGX2-based platforms. We present potential mitigation and long-term defenses for SmashEx.
CCS CONCEPTS• Security and privacy → Trusted computing; Software security engineering.
Objective: To investigate the effect of the FOCUS-PDCA procedure on the self-care ability of patients undergoing colostomy for rectal cancer. Method: A nonrandomized controlled trial of 160 patients with rectal cancer undergoing colostomy. The control group received routine nursing intervention, and the observation group received the FOCUS-PDCA procedure. The self-care ability of the two groups was investigated 1 week and 1 month after surgery, and a comparative analysis was made between the groups. Results: One week after surgery, the self-care ability of rectal cancer patients with colostomy increased from 39.09 points before implementation of the FOCUS-PDCA procedure to 60.15 points after implementation; an increase of 21.06%. One month after surgery, the self-care ability increased from 61.50 points to 83.13 points after implementation of the FOCUS-PDCA procedure; an increase of 21.63%. Conclusion: Application of the FOCUS-PDCA procedure improved the self-care ability of rectal cancer patients undergoing colostomy, improved their physical and mental health, reduced colostomy complications, and improved their quality of life. The results suggest that it is worth applying FOCUS-PDCA more widely.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.