Azure Confidential Computing machines affected by Load Value Injection

Anonymous
2020-08-10T09:37:02.7+00:00

The Confidential Computing machines offered on Azure (DCsV2) seem to be affected by the LVI (Load Value Injection) vulnerability CVE-2020-0551. In particular, the Intel Attestation Service responds to an SGX remote attestation verification request for quotes generated by the Azure machines with the result "SW_HARDENING_NEEDED" and points to the security advisory SA-00334. This causes the official Intel Remote Attestation sample app to fail with the error "Enclave NOT TRUSTED". For our use case it would be crucial that the IAS returns with a (fully) positive result. Will Microsoft Azure offer machines that are not affected by this vulnerability in the near future?

Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
7,157 questions

4 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2020-08-13T14:49:46.043+00:00

    Thanks @vipullag-MSFT for your response. I know what it means and what additional measures need to be taken to mitigate the risk. However, my question was not about that, but if you're going to update your confidential computing offering to include machines that aren't affected by LVI/CVE-2020-0551/INTEL-SA-00334 at all (according to https://lviattack.eu/, "the most recent Icelake Core-family processors appear unaffected by LVI"). As I understand it, for quotes from those platforms the response would be "OK" instead of "SW_HARDENING_NEEDED". Can you tell me if such an update is planned and and if yes, when it can be expected?

    2 people found this answer helpful.
    0 comments
  2. P.V 6 Reputation points
    2021-04-27T13:18:15.847+00:00

    Hi.

    I'm digging this topic out because, as of today, the issue still exists (at least on DC1s_v2).

    Any updates?

    1 person found this answer helpful.
    0 comments
  3. vipullag-MSFT 24,206 Reputation points Microsoft Employee
    2020-08-13T05:16:30.383+00:00

    @Anonymous

    Below is the information I got from internal team on your ask.

    From the security advisory published by Intel, an attestation response may report “SW_HARDENING_NEEDED” for attestation requests originating from Intel® SGX-enabled platforms, informing that the hardware and firmware are updated and compliant. Further hardening is possible via software to mitigate INTEL-SA-00334. In this case, a Remote Attestation Verifier should evaluate the potential risk of an attack on these platforms and whether the attesting enclave employs adequate software hardening to mitigate the risk. This is an opt-in mitigation that needs to be enabled by enclave application based on their risk averse customers needs to choose the appropriate level of mitigation but it is a must have for the Intel PSW components (Architectural Enclaves) for which Intel has already released an update and users need to make sure they are running the latest PSW. As per the documentation, the software SDK needs the latest Intel SGX PSW 2.7.100.2 or above for Windows* and 2.9.100.2 or above for Linux. The app can be updated to use the latest Intel SGX SDK or OpenEnclave SDK, which have opt-in mitigation's for the Load Value Injection vulnerability.

    Hope that helps.

    Please 'Accept as answer' if it helped, so that it can help others in the community looking for help on similar topics.

    0 comments
  4. vipullag-MSFT 24,206 Reputation points Microsoft Employee
    2020-08-18T13:22:16.883+00:00

    @Anonymous

    I confirmed this with internal team and the team is always working with our hardware partners on improvements for future hardware.

    At this time, we cannot comment on if or when new hardware or features will be available in Azure.

    0 comments