Scribd
Upload
132 views

Intel SGX Emulation Using Qemu: Prerit Jain Soham Desai

This document discusses emulating Intel Software Guard Extensions (SGX) using QEMU. It proposes developing a QEMU translation core to interpret new SGX instructions and provide SGX functionality through a userspace library. Key aspects included decoding SGX instructions, providing access control for enclave memory, and integrating with PolarSSL for cryptography. Challenges involved understanding QEMU semantics and collaboration. Future work could showcase SGX applications on different platforms using QEMU translation.

Uploaded by

Mario Schutz
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
132 views

Intel SGX Emulation Using Qemu: Prerit Jain Soham Desai

This document discusses emulating Intel Software Guard Extensions (SGX) using QEMU. It proposes developing a QEMU translation core to interpret new SGX instructions and provide SGX functionality through a userspace library. Key aspects included decoding SGX instructions, providing access control for enclave memory, and integrating with PolarSSL for cryptography. Challenges involved understanding QEMU semantics and collaboration. Future work could showcase SGX applications on different platforms using QEMU translation.

Uploaded by

Mario Schutz
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 19

Intel SGX

Emulation using
QEMU

Prerit Jain
Soham Desai
Overview
•Problem Statement
•Proposed Solution & Design
•Difficulties Faced
•What’s Next ? Future Work
Problem Statement: ( A short
Recap)
•SGX provides a set of new CPU instructions that can be used by
applications to set aside private regions of code and data.

•We aimed to create an emulation platform for SGX using ‘QEMU’


the open source machine emulator.
Proposed Solution and
Design
•Developed QEMU translation core for interpreting and
translating new SGX instructions.

•Take advantage of the ‘user emulation’ feature of QEMU.


Created a User space Library providing support for both User and
Kernel Space SGX functionalities.

•Provide Access Control, Data Structures within QEMU

•Cryptographic functionality using Polar SSL Crypto Library


Overview of Modifications
Application Applicatio dlopen Enclave
Binary n Binary Code

SGX Library
Target Specific
Translation
Target Specific Translation Logic for
Translation SGX Instructions

TCG Micro QEMU QEMU


Ops TCG Micro
Ops
Tiny Code Generator
Host Object Host Object
Code Code

CPU Execution Loop CPU Execution Loop


Decoding Logic to Interpret New
Instructions
Providing Access Control

•Dedicate Virtual Space for the Enclave Page Cache.


(During Initialization of QEMU)
•Check all Load/ Stores within QEMU translation.
(During Translation phase)
•Prevent Access if address falls within the dedicated region if not in
Enclave mode.
Static Library Snippets
Difficulties Faced
•Understanding QEMU semantics.
Its Internal Representation of x86 architecture, control flow,
translation of guest to host operations.

•Collaboration with multiple contributors. (ensuring segregation


of work and interoperability of modules created by different
individuals)
Approaching Completion
•Exception Handling Mechanism:

•Currently working with a basic exception such as a Floating Point


Exception(FPE) but need to take into account different
asynchronous exits.
Some Statistics
•Total Lines of Code Added: 5000 +

•Total GIT Commits : 350 +

•Number of Contributors: 5
Professors: Dr. Taesoo Kim, Dr. Dongsu Han (KAIST)
Students: Seongmin(KAIST), Prerit Jain, Soham Desai

•What we Learned :
Emulation using QEMU, Development of Console Application,
shared and static libraries, kernel module, x86 Architecture, Unit
Testing, Device Driver, GUI development using QT.
Future Work Possibilities
•Showcasing SGX functionalities for different applications and
creating prototypes.

•Providing SGX Support for Applications built for different


platforms like ARM, SPARC, etc. by using QEMU translation

•Extending Emulation support for remaining SGX instructions


Demo
Time for Q & A !!
Questions for us?
Back Up
Overview of Enclave Creation
1.Application hands over Enclave content to OS enclave creation service. (ENCLS
Leaf Instructions)
•Initial Setup, Reserving Memory, Basis Data Structures -> ECREATE
Instruction
•Committing pages from protected storage for code and data -> EADD
Instruction
•Finalize Measurement and complete creation process -> EINIT Instructions

1.Once the Enclave is created, the application can execute ENCLU leaf
instructions.
•Entering into the enclave, performing a context switch to the Enclave
execution context -> EENTER
•Restoring the context and exiting the enclave -> EEXIT

Thus for showcasing a Simple Application we need to emulate the following


instructions ECREATE, EADD, EINIT, EENTER, EEXIT -> Our Primary target.
SGX and QEMU Architecture
Intel SGX
2 New Instructions
-ENCLU (For User Space) Application
-ENCLS (For Kernel) User Space
Each has multiple leaf
Instructions which together ENCLU
provide the complete SGX
functionality
SGX Kernel Module Linux Kernel
QEMU
Interpreting the new Opcode
And Leaf functions and providing ENCLS
The functionality expected from QEMU
Hardware. SGX Architectural
Implementation X86 Emulation

You might also like