Intel® Software Guard Extensions (Intel® SGX)
Use hardware-based isolation and memory encryption to provide more code protection in your solutions.

Build enclave using libgmp

nguyen__hieu
Beginner
532 Views

Hi everyone

I am now want to implement some functions running inside SGX enclave. My functions will based on some cryptographic libraries like libgmp, libpbc (Paired-Based Cryptography library). I don't know if those libraries can be used inside SGX enclave or not because when I try to build my enclave with -lgmp option I got an error like "/usr/bin/ld: /usr/lib/gcc/x86_64-linux-gnu/5/../../../x86_64-linux-gnu/libgmp.a(memory.o): relocation R_X86_64_32 against `.rodata.str1.8' can not be used when making a shared object; recompile with -fPIC".

Thanks for your help!

0 Kudos
6 Replies
dai_c_
Beginner
532 Views

Hello,In SGX SDK, Only those libraries in sgxsdk/include can be used in enclave

nguyen__hieu
Beginner
532 Views

Libgmp is a trivial library which supports a lot of cryptography function but it is not supported in SGX enclave. It 's too bad to hear that

JohnMechalas
Employee
532 Views

I have posted an article and sample code on using libgmp in an enclave.

islam__md_monirul
532 Views

Hi john,

I was trying to build trusted gmp library for SGX enclave, following your above-mentioned article, so I downloaded the modified package from given github link in the article and tried to configure and build it, but I get errors and warnings after executing the make command. The errors are given below:

 

In file included from nextprime.c:56:0:
gmp-impl.h:292:3: error: expected identifier or ‘(’ before ‘do’
   do {     \
   ^
/opt/intel/sgxsdk/include/tlibc/string.h:65:22: note: in expansion of macro ‘memset’
 void * _TLIBC_CDECL_ memset(void *, int, size_t);
                      ^~~~~~
gmp-impl.h:298:5: error: expected identifier or ‘(’ before ‘while’
   } while (0)
     ^
/opt/intel/sgxsdk/include/tlibc/string.h:65:22: note: in expansion of macro ‘memset’
 void * _TLIBC_CDECL_ memset(void *, int, size_t);
                      ^~~~~~
In file included from nextprime.c:57:0:
/opt/intel/sgxsdk/include/tlibc/string.h:87:80: warning: ISO C does not allow extra ‘;’ outside of a function [-Wpedantic]
 TLIBC_DEPRECATED_FUNCTION_(char * _TLIBC_CDECL_, strcat, char *, const char *);
                                                                               ^
/opt/intel/sgxsdk/include/tlibc/string.h:88:80: warning: ISO C does not allow extra ‘;’ outside of a function [-Wpedantic]
 TLIBC_DEPRECATED_FUNCTION_(char * _TLIBC_CDECL_, strcpy, char *, const char *);
                                                                               ^
/opt/intel/sgxsdk/include/tlibc/string.h:120:72: warning: ISO C does not allow extra ‘;’ outside of a function [-Wpedantic]
 _TLIBC_DEPRECATED_FUNCTION_(char * _TLIBC_CDECL_, strdup, const char *);
                                                                        ^
/opt/intel/sgxsdk/include/tlibc/string.h:121:87: warning: ISO C does not allow extra ‘;’ outside of a function [-Wpedantic]
 EPRECATED_FUNCTION_(char * _TLIBC_CDECL_, stpcpy, char *dest, const char *src);
                                                                               ^
In file included from nextprime.c:56:0:
nextprime.c: In function ‘__gmp_nextprime’:
gmp-impl.h:294:25: warning: pointer targets in initialization differ in signedness [-Wpointer-sign]
     char *__memset__p = (p);  \
                         ^
nextprime.c:97:3: note: in expansion of macro ‘memset’
   memset (ps->s, 0, SIEVESIZE);
   ^~~~~~
Makefile:1259: recipe for target 'libsgx_tgmp_a-nextprime.o' failed
make[2]: *** [libsgx_tgmp_a-nextprime.o] Error 1
make[2]: Leaving directory '/home/user/Desktop/sgx-gmp-github'
Makefile:1350: recipe for target 'all-recursive' failed
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory '/home/user/Desktop/sgx-gmp-github'
Makefile:1024: recipe for target 'all' failed
make: *** [all] Error 2

 

Following is the section of gmp-impl.h file in which system detected errors:

#if ! HAVE_MEMSET
#define memset(p, c, n)            \
  do {                    \
    ASSERT ((n) >= 0);            \
    char *__memset__p = (p);        \
    int     __i;                \
    for (__i = 0; __i < (n); __i++)    \
      __memset__p[__i] = (c);        \
  } while (0)

 

Following is the section of string.h file:

/*
 * Deprecated C99.
 */

_TLIBC_DEPRECATED_FUNCTION_(char * _TLIBC_CDECL_, strcat, char *, const char *);
_TLIBC_DEPRECATED_FUNCTION_(char * _TLIBC_CDECL_, strcpy, char *, const char *);

/*
 * Deprecated Non-C99.
 */
_TLIBC_DEPRECATED_FUNCTION_(char * _TLIBC_CDECL_, strdup, const char *);
_TLIBC_DEPRECATED_FUNCTION_(char * _TLIBC_CDECL_, stpcpy, char *dest, const char *src);

__END_DECLS

 

Thanks!

islam__md_monirul
532 Views

Any help regarding the above issue?

JohnMechalas
Employee
532 Views

Apologies for the long delay. I don't normally monitor this forum so I missed your reply. I encourage you, and others, to file issues with the repo directly on GitHub as that will notify me.

My guess is that there have been changes in the SGX SDK that are causing a conflict with libgmp's code. I'll take a look at this 

Reply