enclave_idx explain

[evasokolova1f]

Hello!

Could you explain, what is enclave_idx and how I can get it? Thank you!
./dumper [enclave_pid] [enclave_idx] [flags] [dump_file]

[evasokolova1f]

And one more question.
When I use apic_dump - I get such results. Does it mean CPU is vulnerable or not?

00000010: ffff ffff ffff ffff ffff ffff ffff ffff  ................
00000020: ffff ffff ffff ffff ffff ffff ffff ffff  ................
00000030: ffff ffff ffff ffff ffff ffff ffff ffff  ................
00000040: ffff ffff ffff ffff ffff ffff ffff ffff  ................
00000050: ffff ffff ffff ffff ffff ffff ffff ffff  ................
00000060: ffff ffff ffff ffff ffff ffff ffff ffff  ................
00000070: ffff ffff ffff ffff ffff ffff ffff ffff  ................
00000080: ffff ffff ffff ffff ffff ffff ffff ffff  ................
00000090: ffff ffff ffff ffff ffff ffff ffff ffff  ................
000000a0: ffff ffff ffff ffff ffff ffff ffff ffff  ................
<trunkated>
00000fb0: ffff ffff ffff ffff ffff ffff ffff ffff  ................
00000fc0: ffff ffff ffff ffff ffff ffff ffff ffff  ................
00000fd0: ffff ffff ffff ffff ffff ffff ffff ffff  ................
00000fe0: ffff ffff ffff ffff ffff ffff ffff ffff  ................
00000ff0: ffff ffff ffff ffff ffff ffff ffff ffff  ................

[pietroborrello]

Hello! The enclave_idx is necessary since a process may have multiple enclaves, but it's usually zero.

The best way to check if you processor is vulnerable or not is to use the apic_dump kernel module. Given the ffs, I suspect you may have APIC MMIO disable. Boot your system with nox2apic in the kernel command line