Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add Java DaCapo benchmark sample provide fixes #646

Open
wants to merge 22 commits into
base: oe_port
Choose a base branch
from
Open
Changes from 1 commit
Commits
Show all changes
22 commits
Select commit Hold shift click to select a range
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Document limitations of in-enclave signal handling
  • Loading branch information
prp committed Jul 27, 2020
commit c6af984a4c20b9db9c4ba70e5fb9147042dc0d9b
6 changes: 6 additions & 0 deletions docs/Incompatibilities.md
Original file line number Diff line number Diff line change
Expand Up @@ -110,6 110,12 @@ All of the Linux clocks are driven from the monotonic counter, so anything depen
Additionally, the time exposed in the enclave is untrusted.
The enclave may communicate with an external trusted time source but that can give only a lower bound on the current time: a malicious host could cause the enclave to sleep for an unbounded amount of time.

### Limited signal handling

With SGX1, signals such as `SIGSEGV` must be reported by the untrusted host and cannot be independently validated by the enclave.
In addition, the address that resulted in a page fault cannot be obtained at all, and an application signal handler inside the enclave therefore always reports the faulting address as 0x0.
(The enclave configuration setting `unsafe_host_signals` can be used to control if SGX-LKL exposes untrusted signals from the host to the enclave.)

Summary of security implications
--------------------------------

Expand Down