Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1453 Discussions

Enclave paging when using a large of Untrust memory

wwfbear789
Beginner
‎11-24-2022 08:20 AM
996 Views
Solved Jump to solution

Intel SGX provides paging functionality. Therefore, when a large amount of EPCs are allocated, the pages are evicted to the Untrust area. My question is, when using a certain amount of Enclave, is it possibly to evict EPCs by using a large amount of memory in the Untrust area? Also, is it possibly that when a large amount of memory is used in the Untrust area, if we try to allocate a large Enclave, a small number of EPCs will be allocated due to the memory in the Untrust area?

I would appreciate it if you could help me out.

0 Kudos
1 Solution
KFPW_Intel
Moderator
‎11-24-2022 11:36 PM
979 Views
Solved Jump to solution

Hi,

 

Thank you for your interest in Intel® SGX.

 

I am checking if the large amount of memory used will result in any differences in the EPC allocated memory. I will get back to you if I have more information for this.

 

In the meantime, Intel® SGX uses Enclave Page Cache (EPC) to store enclave contents. When the enclaves are larger than the total memory available to the EPC, enclave paging are used by privileged SW to evict some pages to swap in other pages.

This process has an inherent overhead associated with it, the more pages are swapped out, the more often the overhead is incurred.

 

For large enclave, it is suggested to include only secrets and code to operate on them in the enclaves. This is to ensure the enclave size is less than the EPC, and minimize the chances of incurring paging overhead.

 

Regards,

Ken


View solution in original post

0 Kudos
Copy link

Link Copied

3 Replies
KFPW_Intel
Moderator
‎11-24-2022 11:36 PM
980 Views
Solved Jump to solution

Hi,

 

Thank you for your interest in Intel® SGX.

 

I am checking if the large amount of memory used will result in any differences in the EPC allocated memory. I will get back to you if I have more information for this.

 

In the meantime, Intel® SGX uses Enclave Page Cache (EPC) to store enclave contents. When the enclaves are larger than the total memory available to the EPC, enclave paging are used by privileged SW to evict some pages to swap in other pages.

This process has an inherent overhead associated with it, the more pages are swapped out, the more often the overhead is incurred.

 

For large enclave, it is suggested to include only secrets and code to operate on them in the enclaves. This is to ensure the enclave size is less than the EPC, and minimize the chances of incurring paging overhead.

 

Regards,

Ken


0 Kudos
Copy link
wwfbear789
Beginner
‎11-25-2022 04:05 AM
971 Views
Solved Jump to solution
In response to KFPW_Intel

Hi, 

 

Thank you for reply!

We look forward to your answer.

 

Best regards

wwfbear789

In response to KFPW_Intel
0 Kudos
Copy link
KFPW_Intel
Moderator
‎11-30-2022 05:39 PM
908 Views
Solved Jump to solution

Hi wwfbear789,

 

Thank you for your patience.

 

This information might be related to your question.

 

SGX offers an EPC page eviction method that can defend against a malicious OS that attempts any active address translation attacks. Enclaves do not trust the system software in the SGX threat model.

 

SGX supports evicting EPC pages to DRAM pages outside the PRM range. The system software is expected to use its existing page swapping implementation to evict the contents of these pages out of DRAM and onto a disk as shown in the figure.

 

KFPW_Intel_0-1669858903681.png

 

If the EPC page is evicted , any attempt to access the page from the enclave code will result in Page Fault. Therefore, OS kernel's page handler needs to be able to extract the virtual page number in order to load back the page into the DRAM.

 

Refer to Intel SGX Explained Section 5.5 (Page 69) for more information regards to EPC page Eviction.

 

Hope this is helpful, please let me know if you have questions.

 

Regards,

Ken

 

0 Kudos
Copy link
Reply

Community support is provided during standard business hours (Monday to Friday 7AM - 5PM PST). Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.