Solved: Re: Examples loading enclave from buffer?

Daniel_ˢᵍˣ · ‎07-28-2022

Any examples available using sgx_create_enclave_from_buffer_ex and invoking ecalls and ocalls of the loaded enclave?

Sahira_Intel · ‎08-02-2022

Hi,

While there are no samples using that function included in the SGX SDK, I am sending you a patch to convert SampleEnclave which uses sgx_create_enclave to sgx_create_enclave_from_buffer_ex (the file type is not supported so I am sending you a PM of it)

You can apply it to the linux-sgx repo.

Sincerely,

Sahira

View solution in original post

Sahira_Intel · ‎08-02-2022

Hi,

While there are no samples using that function included in the SGX SDK, I am sending you a patch to convert SampleEnclave which uses sgx_create_enclave to sgx_create_enclave_from_buffer_ex (the file type is not supported so I am sending you a PM of it)

You can apply it to the linux-sgx repo.

Sincerely,

Sahira

Daniel_ˢᵍˣ · ‎08-05-2022

Thank you Sahira, the patched example worked.

A related question:

In terms of security, is there an advantage in using mmap instead of reading the enclave into a buffer and using that buffer as input to sgx_create_enclave_from_buffer_ex?¹

¹ I created a hello world where the enclave is read into a buffer (fopen + fread) instead of using mmap and it appears to work as well.

Daniel_ˢᵍˣ · ‎08-05-2022

Hello,

The patched sample worked, thank you.

A related question:

In terms of security, is there an advantage in using mmap instead of reading the enclave into a buffer (fopen + fread) and using that buffer in sgx_create_enclave_from_buffer_ex?

Sahira_Intel · ‎08-16-2022

Hi,

It is technically faster. sgx_create_enclave_from_buffer_ex can be used without mmap if the user already has the enclave image buffer.

Sincerely,

Sahira

Examples loading enclave from buffer?

Linux