Skip to content

How to analyse an SGX Enclave? (Installation and Usage)

Sebastian edited this page Sep 3, 2020 · 1 revision

Preface

Based on the paper "sgx-perf: A Performance Analysis Tool for Intel SGX Enclaves", a tool (called SGX-Perf) was developed by the TU Braunschweig, which enables a high-level analysis of enclaves.

To integrate SGX-Perf into the existing program, no major changes are necessary.

Requirements

As a prerequisite a few more things should be installed on the system. This can be done with the package management of Ubuntu. All you need to do is use the following command.

sudo apt-get install cmake libelf-dev graphviz

These programs are used to create the application and plot graphs.

How to execute

Before we can use the analysis tool, it has to be compiled first. The repository of the analysis tool has been added as submodules to this git repo (3rd-party/sgx-perf). The following instructions work for the original repository as well. You only have to note the path information. The following commands must be executed in the main directory of the analysis tool.

  • cd <sgx-perf-folder>
  • mkdir build
  • cd build
  • cmake ..
  • make

SGX-Perf is now compiled and can be used. To integrate this tool into the development environment, we have to adapt the execution environments. We get to this dialog analogous to the configuration of the SGX debugger.

Here we have to select the Environment tab, as shown in the following picture. At this point we have to integrate the analysis tool. By setting the variable LD_PRELOAD, a program can be loaded which should be started before the actual execution of the enclave.

From the previous commands it can be seen that the compiled analysis tool is located in the relative path <sgx-perf-folder>/build/lib/. An enclave can be run in different modes. Depending on the execution, one of the following variable definitions must be selected:

  • Simulation mode: LD_PRELOAD = <sgx-perf-folder>/build/lib/libloggersim.so
  • Hardware mode: LD_PRELOAD = <sgx-perf-folder>/build/lib/liblogger.so

image

SGX-Perf now stores the recordings in a SQLITE database with the format out-<pid>.db This is located in the execution directory of the Enclave.

The Analysis Tool records all function calls. Since many internal calls are also generated, you can use the following call to filter the display. Only calls that have been executed at least twice are displayed here.

  • cd <sgx-perf-folder>/build/bin
  • ./analyzer -e 2 -o 2 <working-directory>/out-<pid>.db

The following figure shows an example of the analysis data. In particular, the execution time of individual OCALL / ECALL calls can be seen from this.

image

In addition, diagrams can also be plotted to provide an overview of the hierarchy of function calls (Which function calls which function?)

image


For further information please refer to the SGX-Perf Repository.