Getting SGX Measurements of the running enclave during its runtime

[tiagorvmartins]

Hey Gramine team,

I believe the answer is looking at /dev/attestation/report but is there any kind of library (exposing a function) to use in runtime that could easily fetch and parse the MRENCLAVE and MRSIGNER of the enclave itself running that code?

Been reading about the SGX Report which seems to contain exactly what we need.

On the low-level interface section documentation:
/dev/attestation/report pseudo-file can be opened for read and will contain the SGX report.

Thank you in advance!

[dimakuv]

Yes, you must read /dev/attestation/report binary file.

There is no function, but you can take a look at how Gramine implements the corresponding C functions and do the same/copy-paste them in your C library:

• gramine/pal/src/host/linux-sgx/enclave_framework.c

  Line 323 in a7f46aa

  int sgx_get_report(const sgx_target_info_t* target_info, const sgx_report_data_t* data,

• gramine/pal/src/host/linux-sgx/enclave_api.S

  Line 9 in a7f46aa

  sgx_report:

• gramine/pal/src/host/linux-sgx/enclave_framework.c

  Line 333 in a7f46aa

  int sgx_verify_report(sgx_report_t* report) {

• gramine/pal/src/host/linux-sgx/enclave_framework.c

  Line 305 in a7f46aa

  static void print_report(sgx_report_t* r) {

• gramine/pal/src/host/linux-sgx/sgx_arch.h

  Line 384 in a7f46aa

  } sgx_report_t;

Note that before reading the SGX report you should technically write two files:

• /dev/attestation/user_report_data
• /dev/attestation/target_info

The former may be just all zeros. The latter may be the output of /dev/attestation/my_target_info.

Another example: https://github.com/gramineproject/gramine/blob/master/CI-Examples/python/scripts/sgx-report.py

[tiagorvmartins]

This is exactly what we need, and thank you for the provided examples!