1

Is it possible to run a device driver inside an Intel SGX enclave? Or is it impossible for an enclave to access DMA memory and perform memory-mapped I/O?

I already have a device driver that has mapped all of the necessary memory but I don't know if it will be possible to create an enclave that shares these mappings. I am essentially confused about whether enclaves can only access their own private memory or whether they can also access arbitrary physical memory that I would map to them.

The documentation seems to say that the enclave cannot access code at arbitrary locations but I want to know the rules for data and MMIO.

Luke Gorrie
  • 467
  • 3
  • 14
  • Enclave may only run in ring-3, so it cannot run as driver. You may, however, create a ring-3 process that will be used by the driver to load and communicate with the driver, but you still have to do any file IO outside of the enclave. Data access outside of the enclave are possible. – Haim Cohen Dec 15 '17 at 15:53
  • Thanks for the answer! I already have my driver running in ring-3. Does that mean I can put it into an enclave? How is the memory map for the enclave defined? (Maybe a documentation reference? I missed it up to now.) The trick I use to run the driver in ring-3 is https://github.com/lukego/blog/issues/13 – Luke Gorrie Dec 16 '17 at 16:25
  • You can find information on the way it is implemented in the Intel SGX SDK here: https://01.org/intel-software-guard-extensions/documentation/intel-sgx-developer-guide. Still, mlock, open, etc. are syscalls and cannot be called inside an enclave - you will need a bridging ocall to use them in an enclave. – Haim Cohen Dec 16 '17 at 16:42

1 Answers1

1

Enclaves are Statically Linked libraries, as so they share the Process with the application it gets loaded into. Multiple enclaves can be loaded into one process.

An Enclave owns one or more Page Tables, these pages are encrypted and protected from outside access. This is better explained on: https://software.intel.com/sites/default/files/332680-002.pdf, page 28.

Enclaves can access memory from the process they run, but their memory can only be accessed by themselves. DMA access attempts are rejected/aborted, is not possible to map to an enclave's memory, however, you can map to the memory of the process and access it from within the enclave.

Enclaves are by concept isolated from the outside world, they don't have I/O capabilites appart of the Protected File System Library. So, I don't think it's possible to run a driver inside sgx.

ruizpauker
  • 384
  • 7
  • 19