- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
In Intel's SGX developer guide Pointer Handling(https://software.intel.com/en-us/node/696463), it mentions:
> When a buffer is being copied, the trusted bridge must avoid overwriting enclave memory in an ECALL and the trusted proxy must avoid leaking secrets in an OCALL.
What are the trusted bridge and trusted proxy here?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Jason,
Trusted bridge and Trusted proxy interfaces between application and enclave.This code interfaces in/Out of enclave.
Edger Tool(included in build environment) that parses the EDL file and generate the trusted bridge and trusted proxy files (.c and .h files).
Trusted Bridge
For ECALLs, trusted bridge task is to ensure that the marshalling structure does not overlap enclave memory.
[in]: When a pointer to untrusted memory with attribute in is passed to the enclave, the trusted bridge allocates memory inside the enclave and copies the memory pointed to by
the pointer from outside to the enclave memory.
[out]: When a pointer to untrusted memory with the out attribute is passed to the enclave, the trusted bridge allocates a buffer in trusted memory, zeroes the buffer contents
to clear any previous secrets and passes a pointer to this buffer to the trusted function. After the trusted function returns, the trusted bridge copies the contents of the
trusted buffer to untrusted memory.
Trusted proxy
For OCALLs, the trusted proxy allocates memory on the outside stack to pass the marshalling structure and checks that pointer parameters with their full range are within enclave.
[in]: When a pointer to trusted memory with attribute in is passed from an enclave (an OCALL), the trusted proxy allocates memory outside the enclave and copies the memory
pointed by the pointer from inside the enclave to untrusted memory.
[out]: When a pointer to trusted memory with the out attribute is passed from an enclave (an OCALL), the trusted proxy allocates a buffer on the untrusted stack, and passes
a pointer to this buffer to the untrusted function. After the untrusted function returns, the trusted proxy copies the contents of the untrusted buffer to trusted memory.
Thanks,
R.Prabu
Link Copied
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Jason,
Trusted bridge and Trusted proxy interfaces between application and enclave.This code interfaces in/Out of enclave.
Edger Tool(included in build environment) that parses the EDL file and generate the trusted bridge and trusted proxy files (.c and .h files).
Trusted Bridge
For ECALLs, trusted bridge task is to ensure that the marshalling structure does not overlap enclave memory.
[in]: When a pointer to untrusted memory with attribute in is passed to the enclave, the trusted bridge allocates memory inside the enclave and copies the memory pointed to by
the pointer from outside to the enclave memory.
[out]: When a pointer to untrusted memory with the out attribute is passed to the enclave, the trusted bridge allocates a buffer in trusted memory, zeroes the buffer contents
to clear any previous secrets and passes a pointer to this buffer to the trusted function. After the trusted function returns, the trusted bridge copies the contents of the
trusted buffer to untrusted memory.
Trusted proxy
For OCALLs, the trusted proxy allocates memory on the outside stack to pass the marshalling structure and checks that pointer parameters with their full range are within enclave.
[in]: When a pointer to trusted memory with attribute in is passed from an enclave (an OCALL), the trusted proxy allocates memory outside the enclave and copies the memory
pointed by the pointer from inside the enclave to untrusted memory.
[out]: When a pointer to trusted memory with the out attribute is passed from an enclave (an OCALL), the trusted proxy allocates a buffer on the untrusted stack, and passes
a pointer to this buffer to the untrusted function. After the untrusted function returns, the trusted proxy copies the contents of the untrusted buffer to trusted memory.
Thanks,
R.Prabu
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you R.Prabu, so can I re-phrase your detailed answer in this way ?
Trusted bridge and trusted proxy are two delegates responsible for allocating and/or copying memory buffers in/out enclave. They are built by the Edger Tool, based on the EDL file we developer writes, to take care of each ECALL and OCALL respectively.
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page