Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Beginner
139 Views

Difference btw trusted bridge and trusted proxy?

Jump to solution

In Intel's SGX developer guide Pointer Handling(https://software.intel.com/en-us/node/696463), it mentions:

> When a buffer is being copied, the trusted bridge must avoid overwriting enclave memory in an ECALL and the trusted proxy must avoid leaking secrets in an OCALL.

What are the trusted bridge and trusted proxy here?

0 Kudos

Accepted Solutions
Highlighted
Employee
139 Views

Hello Jason,

Trusted bridge and Trusted proxy interfaces between application and enclave.This code interfaces in/Out of enclave.

Edger Tool(included in build environment) that parses the EDL file and generate the trusted bridge and trusted proxy files (.c and .h files).

Trusted Bridge

For ECALLs, trusted bridge task is to ensure that the marshalling structure does not overlap enclave memory.

[in]: When a pointer to untrusted memory with attribute in is passed to the enclave, the trusted bridge allocates memory inside the enclave and copies the memory pointed to by
 the pointer from outside to the enclave memory.

[out]: When a pointer to untrusted memory with the out attribute is passed to the enclave, the trusted bridge allocates a buffer in trusted memory, zeroes the buffer contents
 to clear any previous secrets and passes a pointer to this buffer to the trusted function. After the trusted function returns, the trusted bridge copies the contents of the
 trusted buffer to untrusted memory.
 
 Trusted proxy
 
 For OCALLs, the trusted proxy allocates memory on the outside stack to pass the marshalling structure and checks that pointer parameters with their full range are within enclave.
 
 [in]: When a pointer to trusted memory with attribute in is passed from an enclave (an OCALL), the trusted proxy allocates memory outside the enclave and copies the memory
 pointed by the pointer from inside the enclave to untrusted memory.

[out]: When a pointer to trusted memory with the out attribute is passed from an enclave (an OCALL), the trusted proxy allocates a buffer on the untrusted stack, and passes
 a pointer to this buffer to the untrusted function. After the untrusted function returns, the trusted proxy copies the contents of the untrusted buffer to trusted memory.

Thanks,
R.Prabu

View solution in original post

0 Kudos
2 Replies
Highlighted
Employee
140 Views

Hello Jason,

Trusted bridge and Trusted proxy interfaces between application and enclave.This code interfaces in/Out of enclave.

Edger Tool(included in build environment) that parses the EDL file and generate the trusted bridge and trusted proxy files (.c and .h files).

Trusted Bridge

For ECALLs, trusted bridge task is to ensure that the marshalling structure does not overlap enclave memory.

[in]: When a pointer to untrusted memory with attribute in is passed to the enclave, the trusted bridge allocates memory inside the enclave and copies the memory pointed to by
 the pointer from outside to the enclave memory.

[out]: When a pointer to untrusted memory with the out attribute is passed to the enclave, the trusted bridge allocates a buffer in trusted memory, zeroes the buffer contents
 to clear any previous secrets and passes a pointer to this buffer to the trusted function. After the trusted function returns, the trusted bridge copies the contents of the
 trusted buffer to untrusted memory.
 
 Trusted proxy
 
 For OCALLs, the trusted proxy allocates memory on the outside stack to pass the marshalling structure and checks that pointer parameters with their full range are within enclave.
 
 [in]: When a pointer to trusted memory with attribute in is passed from an enclave (an OCALL), the trusted proxy allocates memory outside the enclave and copies the memory
 pointed by the pointer from inside the enclave to untrusted memory.

[out]: When a pointer to trusted memory with the out attribute is passed from an enclave (an OCALL), the trusted proxy allocates a buffer on the untrusted stack, and passes
 a pointer to this buffer to the untrusted function. After the untrusted function returns, the trusted proxy copies the contents of the untrusted buffer to trusted memory.

Thanks,
R.Prabu

View solution in original post

0 Kudos
Highlighted
Beginner
139 Views

Thank you R.Prabu, so can I re-phrase your detailed answer in this way ? 

Trusted bridge and trusted proxy are two delegates responsible for allocating and/or copying memory buffers in/out enclave. They are built by the Edger Tool, based on the EDL file we developer writes, to take care of each ECALL and OCALL respectively. 

0 Kudos