US 12,093,432 B2
Techniques and technologies to address malicious single-stepping and zero-stepping of trusted execution environments
Scott Constable, Portland, OR (US); Yuan Xiao, Columbus, OH (US); Bin Xing, Hillsboro, OR (US); Mona Vij, Hillsboro, OR (US); and Mark Shanahan, Raleigh, NC (US)
Assigned to INTEL CORPORATION, Santa Clara, CA (US)
Filed by Intel Corporation, Santa Clara, CA (US)
Filed on Sep. 24, 2021, as Appl. No. 17/485,077.
Prior Publication US 2022/0012369 A1, Jan. 13, 2022
Int. Cl. H04L 29/06 (2006.01); G06F 12/0862 (2016.01); G06F 12/14 (2006.01); G06F 21/52 (2013.01); G06F 21/55 (2013.01); G06F 21/57 (2013.01); G06F 21/74 (2013.01)
CPC G06F 21/74 (2013.01) [G06F 12/0862 (2013.01); G06F 12/1416 (2013.01); G06F 21/52 (2013.01); G06F 21/554 (2013.01); G06F 21/577 (2013.01); G06F 2201/88 (2013.01)] 18 Claims
OG exemplary drawing
 
1. An apparatus comprising:
processing circuitry coupled to a memory, the processing circuitry to:
detect, using an asynchronous exiting event software handler, an occurrence of at least one of a single-stepping event or a zero-stepping event in an execution thread on an architecturally protected enclave; and
in response to the occurrence, implement, using at least one of a static contract or a dynamic contract on enclave page locking, a mitigation process to inhibit further occurrences of the single-stepping event or the zero-stepping event in the architecturally protected enclave.