Emilia: Catching Iago in Legacy Code

Cui, Rongzhen; Zhao, Lianying; Lie, David

doi:10.14722/ndss.2021.24328

Cited by 10 publications

(11 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Previous work has discovered that an attacker can compromise the confidentiality and integrity of an enclave by providing malicious system call return values, referred to as Iago attacks [36]. Eliminating such threats requires enclave software to carefully scrutinize system call return values passed into an enclave [30,57,60], with the aid of formal verification [58] or software testing techniques [40]. In addition, enclave runtimes may forget to clean certain registers after a context switch into an enclave, thus opening up the enclave to attacks [29,61].…”

Section: Related Workmentioning

confidence: 99%

SmashEx: Smashing SGX Enclaves Using Exceptions

Cui

Zhijingcheng

Shinde

et al. 2021

Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security

View full text Add to dashboard Cite

Exceptions are a commodity hardware functionality which is central to multi-tasking OSes as well as event-driven user applications. Normally, the OS assists the user application by lifting the semantics of exceptions received from hardware to program-friendly user signals and exception handling interfaces. However, can exception handlers work securely in user enclaves, such as those enabled by Intel SGX, where the OS is not trusted by the enclave code?In this paper, we introduce a new attack called SmashEx which exploits the OS-enclave interface for asynchronous exceptions in SGX. It demonstrates the importance of a fundamental property of safe atomic execution that is required on this interface. In the absence of atomicity, we show that asynchronous exception handling in SGX enclaves is complicated and prone to re-entrancy vulnerabilities. Our attacks do not assume any memory errors in the enclave code, side channels, or application-specific logic flaws. We concretely demonstrate exploits that cause arbitrary disclosure of enclave private memory and code-reuse (ROP) attacks in the enclave. We show reliable exploits on two widely-used SGX runtimes, Intel SGX SDK and Microsoft Open Enclave, running OpenSSL and cURL libraries respectively. We tested a total of 14 frameworks, including Intel SGX SDK and Microsoft Open Enclave, 10 of which are vulnerable. We discuss how the vulnerability manifests on both SGX1-based and SGX2-based platforms. We present potential mitigation and long-term defenses for SmashEx. CCS CONCEPTS• Security and privacy → Trusted computing; Software security engineering.

show abstract

Section: Related Workmentioning

confidence: 99%

SmashEx: Smashing SGX Enclaves Using Exceptions

Cui

Zhijingcheng

Shinde

et al. 2021

Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security

View full text Add to dashboard Cite

show abstract

“…Sandboxes using system call delegation have to consider races between sandboxes [49]. In addition, a prior study [47] observed that a Iago attack can occur across multiple components, and thus checking the return value within each enclave individually is not enough to prevent such an attack. In STOCK-ADE, the monitor can track global states among bi-enclaves thus can prevent Iago attacks against connected bi-enclaves.…”

Section: Os Interactions With Bi-enclavementioning

confidence: 99%

“…Second, enclaves require to use operating system services via system calls, but the secure interaction via system calls must be considered. Not only such system call requests must be verified to protect the hosting system [96], but return values must be checked to prevent Iago attacks against the enclave [30,47,85,91]. Finally, the communication channel among enclaves is not provided by the hardware mechanism.…”

Section: Introductionmentioning

confidence: 99%

Stockade: Hardware Hardening for Distributed Trusted Sandboxes

Park¹,

Kang²,

Lee³

et al. 2021

Preprint

View full text Add to dashboard Cite

Recent studies showed that a cloud application consists of multiple distributed modules provided by mutually distrustful parties. For trusted services, such applications can use trusted execution environments (TEEs) communicating through software-encrypted memory channels. Such an emerging TEE execution model requires a new type of bi-directional protection: protecting the rest of the system from the enclave module with sandboxing and protecting the enclave module from third-party modules and the operating system. However, the current TEE model cannot efficiently represent such distributed sandbox applications. To overcome the lack of hardware supports, this paper proposes an extended TEE model called STOCKADE, which supports distributed sandboxes hardened by hardware. STOCKADE proposes new three key techniques. First, it extends the hardware-based memory isolation in SGX to confine a user software module only within its TEE (enclave). Second, it proposes a trusted monitor enclave that filters and validates systems calls from enclaves. Finally, it allows hardware-protected memory sharing between a pair of enclaves for efficient protected communication without software-based encryption. Using an emulated SGX platform with the proposed extensions, this paper shows that distributed sandbox applications can be effectively supported with small changes of SGX hardware.

show abstract

“…Fuzzers. Cui et al [60] developed Emilia to automatically detect Iago vulnerabilities in legacy applications by fuzzing applications using system call return values. Unlike Emilia, our written-in-Rust fuzzer consists of two parts, of which the kernel part is also active.…”

Section: Related Workmentioning

confidence: 99%

Understanding TEE Containers, Easy to Use? Hard to Trust

Liu¹,

Chen²,

Li³

et al. 2021

Preprint

View full text Add to dashboard Cite

As an emerging technique for confidential computing, trusted execution environment (TEE) receives a lot of attention. To better develop, deploy, and run secure applications on a TEE platform such as Intel's SGX, both academic and industrial teams have devoted much effort to developing reliable and convenient TEE containers. In this paper, we studied the isolation strategies of 15 existing TEE containers to protect secure applications from potentially malicious operating systems (OS) or untrusted applications, using a semi-automatic approach combining a feedback-guided analyzer with manual code review. Our analysis reveals the isolation protection each of these TEE containers enforces, and their security weaknesses. We observe that none of the existing TEE containers can fulfill the goal they set, due to various pitfalls in their design and implementation. We report the lessons learnt from our study for guiding the development of more secure containers, and further discuss the trend of TEE container designs. We also release our analyzer that helps evaluate the container middleware both from the enclave and from the kernel.

show abstract

Emilia: Catching Iago in Legacy Code

Cited by 10 publications

References 22 publications

SmashEx: Smashing SGX Enclaves Using Exceptions

SmashEx: Smashing SGX Enclaves Using Exceptions

Stockade: Hardware Hardening for Distributed Trusted Sandboxes

Understanding TEE Containers, Easy to Use? Hard to Trust

Contact Info

Product

Resources

About