Intel AEX Notify Support prepared for Linux to help improve SGX enclave security


Future Intel processors and some existing processors through a microcode update will support a new feature called the Asynchronous Exit Notification (AEX) mechanism to help with Software Guard Extensions (SGX) enclave security. Linux kernel patches are pending to implement this Intel AEX Notify support with compatible processors.

The Intel Asynchronous EXit (AEX) notification mechanism allows SGX enclaves to execute a handler after an AEX event. These handlers can be used for things like SGX-Step mitigation as an attack framework for precise control of enclave execution.

SGX stage

Pending Linux patches confirm that AEX Notify support will be found on upcoming CPUs (presumably Sapphire Rapids) as well as some existing CPUs via microcode update.

This patch in the x86/sgx branch of TIP summarizes AEX Notify and kernel-side work:

== AEX Notify Background ==

“Intel Architecture Instruction Set Extensions and Future Features – Version 45” is out. There is a new chapter:

Asynchronous enclave exit notification and EDECCSSA user sheet function.

The output of the enclaves can be either synchronous and consensual (EEXIT for example) or asynchronous (on interrupt or fault). Asyncs can obviously be mined in single-stage enclaves, on top of which other naughty things can be built.

AEX Notify will be available on both upcoming processors and some older processors via microcode updates.

== The problem ==

These attacks are currently entirely opaque to the Enclave since the hardware performs backup/restore under the covers. The Asynchronous Enclave Exit Notification (AEX Notify) mechanism allows enclaves to detect and mitigate potential exposure to these types of attacks.

== The Solution ==

Set the new attribute value for AEX notification. Make sure the attribute is cleared from the list of reserved attributes. Instead of adding to open coded lists of individual attributes, add named lists of privileged (not allowed by default) and unprivileged (allowed by default) attributes. Add the AEX notification attribute as an unprivileged attribute, which will prevent the kernel from rejecting enclaves when set.

See the Intel documentation for more details on asynchronous enclave exit notification support.

TIP’s patch now in x86/sgx adds support to allow secure enclaves to use AEX Notify. A separate patch also from Intel then exposes the EDECCSSA user leaf feature to KVM guests. With the x86 TIP area now, the code should be merged for the Linux 6.2 merge window or since it’s security related, it might even be tempted to land again for Linux 6.1 if deemed important enough to get that more secure SGX enclave feature. there to help prevent enclave attacks.


Comments are closed.