[PAL/Linux-SGX] Read exitless-OCALL result before resetting the stack

Previously, there was a data race that the exitless-OCALL logic read the result of the OCALL from the stack *after* the code reset the stack. However, this stack is shared with the AEX flows. As of now, the AEX flows use the stack only in debug mode, so this data race flew under the radar for a long time. What can happen is that right-before reading the result of the exitless OCALL, the enclave thread is interrupted, an AEX logic is executed and modifies the values on the stack, then the exitless-OCALL logic is resumed, and the enclave thread reads an AEX-modified OCALL result value. Future commits (e.g., AEX-Notify) will introduce more AEX flows and expose this data race. So let's fix it now. Signed-off-by: Dmitrii Kuvaiskii <dmitrii.kuvaiskii@intel.com>
gramineproject · Aug 5, 2024 · 79ce80f · 79ce80f
1 parent 5a67c1c
commit 79ce80f
Showing 1 changed file with 5 additions and 1 deletion.
diff --git a/pal/src/host/linux-sgx/enclave_ocalls.c b/pal/src/host/linux-sgx/enclave_ocalls.c
@@ -136,8 +136,12 @@ static long sgx_exitless_ocall(uint64_t code, void* ocall_args) {
         }
     }
 
+    /* important to copy req->result before resetting the stack, otherwise it may be overwritten;
+     * this enclave's stack is also used in AEX flows, see host_entry.S:async_exit_pointer() */
+    long result = COPY_UNTRUSTED_VALUE(&req->result);
     sgx_reset_ustack(old_ustack);
-    return COPY_UNTRUSTED_VALUE(&req->result);
+
+    return result;
 }
 
 __attribute_no_sanitize_address