Difference btw trusted bridge and trusted proxy?

jason_t_ — Wed, 04 Jan 2017 02:14:52 GMT

In Intel's SGX developer guide Pointer Handling(https://software.intel.com/en-us/node/696463), it mentions:

> When a buffer is being copied, the trusted bridge must avoid overwriting enclave memory in an ECALL and the trusted proxy must avoid leaking secrets in an OCALL.

What are the trusted bridge and trusted proxy here?

Hello Jason,

Prabu_R_Intel — Wed, 04 Jan 2017 18:10:39 GMT

Hello Jason,

Trusted bridge and Trusted proxy interfaces between application and enclave.This code interfaces in/Out of enclave.

Edger Tool(included in build environment) that parses the EDL file and generate the trusted bridge and trusted proxy files (.c and .h files).

Trusted Bridge

For ECALLs, trusted bridge task is to ensure that the marshalling structure does not overlap enclave memory.

[in]: When a pointer to untrusted memory with attribute in is passed to the enclave, the trusted bridge allocates memory inside the enclave and copies the memory pointed to by
the pointer from outside to the enclave memory.

[out]: When a pointer to untrusted memory with the out attribute is passed to the enclave, the trusted bridge allocates a buffer in trusted memory, zeroes the buffer contents
to clear any previous secrets and passes a pointer to this buffer to the trusted function. After the trusted function returns, the trusted bridge copies the contents of the
trusted buffer to untrusted memory.

Trusted proxy

For OCALLs, the trusted proxy allocates memory on the outside stack to pass the marshalling structure and checks that pointer parameters with their full range are within enclave.

[in]: When a pointer to trusted memory with attribute in is passed from an enclave (an OCALL), the trusted proxy allocates memory outside the enclave and copies the memory
pointed by the pointer from inside the enclave to untrusted memory.

[out]: When a pointer to trusted memory with the out attribute is passed from an enclave (an OCALL), the trusted proxy allocates a buffer on the untrusted stack, and passes
a pointer to this buffer to the untrusted function. After the untrusted function returns, the trusted proxy copies the contents of the untrusted buffer to trusted memory.

Thanks,
R.Prabu

Thank you R.Prabu, so can I

jason_t_ — Thu, 05 Jan 2017 01:38:16 GMT

Thank you R.Prabu, so can I re-phrase your detailed answer in this way ?

Trusted bridge and trusted proxy are two delegates responsible for allocating and/or copying memory buffers in/out enclave. They are built by the Edger Tool, based on the EDL file we developer writes, to take care of each ECALL and OCALL respectively.

topic Difference btw trusted bridge and trusted proxy? in Intel® Software Guard Extensions (Intel® SGX)

Difference btw trusted bridge and trusted proxy?

Hello Jason,

Thank you R.Prabu, so can I