Off-Limits: Abusing Legacy x86 Memory Segmentation to Spy on Enclaved Execution

• Published in: Engineering Secure Software and Systems Vol. 10953; pp. 44 - 60
• Main Authors: Gyselinck, Jago, Van Bulck, Jo, Piessens, Frank, Strackx, Raoul
• Format: Book Chapter
• Language: English
• Published: Switzerland Springer International Publishing AG 2018; Springer International Publishing
• Series: Lecture Notes in Computer Science
• Subjects: Controlled-channel; Intel SGX; Paging; Segmentation; x86
• ISBN: 3319944959; 9783319944951
• ISSN: 0302-9743; 1611-3349
• DOI: 10.1007/978-3-319-94496-8_4

Enclaved execution environments, such as Intel SGX, enable secure, hardware-enforced isolated execution of critical application components without having to trust the underlying operating system or hypervisor. A recent line of research, however, explores innovative controlled-channel attacks mounted by untrusted system software to partially compromise the confidentiality of enclave programs. Apart from exploiting relatively well-known side-channels like the CPU cache and branch predictor, these attacks have so far focused on tracking side-effects from enclaved address translations via the paging unit. This paper shows, however, that for 32-bit SGX enclaves the unacclaimed x86 segmentation unit can be abused as a novel controlled-channel to reveal enclaved memory accesses at a page-level granularity, and in restricted circumstances even at a very precise byte-level granularity. While the x86 paging unit has been extensively studied from both an attack as well as a defense perspective, we are the first to show that address translation side-channels are not limited to paging. Our findings furthermore confirm that largely abandoned legacy x86 processor features, included for backwards compatibility, suggest new and unexpected side-channels.