Shielding Applications from an Untrusted Cloud with Haven, OSDI 2014
In SGX, how does the CPU protect enclaves from an adversarial OS? Specifically, imagine the following scenarios: (1) the OS tries to directly read/write the memory of an enclave; (2) the OS maps an EPC page into multiple enclaves; and (3) the OS swaps the virtual addresses of two EPC pages within the same enclave. Note that the OS has the full control of the page table. Briefly describe how SGX prevents these scenarios.
Section 5 of Intel SGX Explained describes SGX in more details. This is FYI; you don’t need to read it.
Compared to POSIX (or the interface exposed by an exokernel), do you think Haven’s untrusted interface (Figure 3) is better for protecting against Iago attacks? Use one example to explain why or why not.
What are the main drawbacks of Haven? Can you think of possible hardware/software changes to mitigate them?
Provide a list of questions you would like to discuss in class. Feel free to provide any comments on the paper and related topics (e.g., which parts you like and which parts you find confusing).