CISPA
Browse

Repurposing Segmentation as a Practical LVI-NULL Mitigation in SGX

Download (223.84 kB)
conference contribution
posted on 2023-11-29, 18:19 authored by Lukas Giner, Andreas Kogler, Claudio Canella, Michael SchwarzMichael Schwarz, Daniel Gruss
Load Value Injection (LVI) uses Meltdown-type data flows in Spectre-like confused-deputy attacks. LVI has been demonstrated in practical attacks on Intel SGX enclaves, and consequently, mitigations were deployed that incur tremendous overheads of factor 2 to 19. However, as we discover, on fixed hardware LVI-NULL leakage is still present. Hence, to mitigate LVI-NULL in SGX enclaves on LVI-fixed CPUs, the expensive mitigations would still be necessary. In this paper, we propose a lightweight mitigation focused on LVI-NULL in SGX, LVI-NULLify. We systematically analyze and categorize LVI-NULL variants. Our analysis reveals that previously proposed mitigations targeting LVI-NULL are not effective. Our novel mitigation addresses this problem by repurposing segmentation, a fast legacy hardware mechanism that x86 already uses for every memory operation. LVI-NULLify consists of a modified SGX-SDK and a compiler extension which put the enclave in control of LVI-NULL-exploitable memory locations. We evaluate LVI-NULLify on the LVI-fixed Comet Lake CPU and observe a performance overhead below 10% for the worst case, which is substantially lower than previous defenses with a prohibitive overhead of 1220% in the worst case. We conclude that LVI-NULLify is a practical solution to protect SGX enclaves against LVI-NULL today.

History

Preferred Citation

Lukas Giner, Andreas Kogler, Claudio Canella, Michael Schwarz and Daniel Gruss. Repurposing Segmentation as a Practical LVI-NULL Mitigation in SGX. In: Usenix Security Symposium (USENIX-Security). 2022.

Primary Research Area

  • Threat Detection and Defenses

Name of Conference

Usenix Security Symposium (USENIX-Security)

Legacy Posted Date

2021-10-06

Open Access Type

  • Green

BibTeX

@inproceedings{cispa_all_3493, title = "Repurposing Segmentation as a Practical LVI-NULL Mitigation in SGX", author = "Giner, Lukas and Kogler, Andreas and Canella, Claudio and Schwarz, Michael and Gruss, Daniel", booktitle="{Usenix Security Symposium (USENIX-Security)}", year="2022", }

Usage metrics

    Categories

    No categories selected

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC