Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1488 Discussions

Hello, [out, size=len] variables do not change at REE which has been change in Enclave ecall.

MoonHasSevenColor
1,471 Views

Dear Intel SGX Community,

 

  I am writing to post the question I meet, firstly I define an ecall interface at edl:

MoonHasSevenColor_0-1691505454377.png

 that I define the p_return_ptr as the out variable, which can be change in the ecall function, and work as the return value for returns_int_ptr()

  The ecall function content is:

MoonHasSevenColor_1-1691505553163.png

 

that each element in the p_return_ptr would be: p_return_ptr[i]=i. such as:

p_return_ptr[0]=0

p_return_ptr[1]=1

p_return_ptr[2]=2

p_return_ptr[3]=3

p_return_ptr[4]=4   ........

 

The App.cpp is:

MoonHasSevenColor_0-1691506127842.png

 

And I have verify that the out variable p_return_ptr has been changed in ecall, but it is not changed in App.cpp(REE), that the return operation is not successful in fact, I dont know where is the problem. I would appreciate a lot for your help. Thank you!

 

From the output the p_return_ptr at ecall is:

MoonHasSevenColor_3-1691505926453.png

 

While it does not change as an output variable, that at REE/App.cpp the p_return_ptr is:

MoonHasSevenColor_4-1691505969105.png

 

 

 

 

 

 

 

0 Kudos
1 Solution
Sahira_Intel
Moderator
1,289 Views

Hi,

Thanks so much for your patience while we looked into this issue.

As you rightfully said, you should use [out, count=len] instead of [out, size=len], but that does not solve the problem.

 

Short answer:

Remove the line p_return_ptr = (int*)malloc(len*sizeof(int)); in your Enclave.cpp and you program works as expected.

 

More details:

The function sgx_returns_int_ptr generated for you in the file Enclave/Enclave_t.c already does the memory allocation (inside enclave memory) in the line _in_p_return_ptr = (int*)malloc(_len_p_return_ptr);.

It then passes the pointer _in_p_return_ptr to your function returns_int_ptr with returns_int_ptr(_in_p_return_ptr, _tmp_len);.

As a result, the pointer p_return_ptr in your function does point to the space allocated before.

Note, however, that _in_p_return_ptr and p_return_ptr are two independent pointers (i.e., both pointers are stored at different memory locations) that point to the same memory location allocated before.

At this point, you currently perform another allocation and change the pointer p_return_ptr to this new location.

As _in_p_return_ptr and p_return_ptr are independent pointers, the former does still point to the memory location allocated by sgx_returns_int_ptr, and p_return_ptr does point to the newly allocated memory.

Then, you do changes to the newly allocated memory.

After your function returns, sgx_returns_int_ptr does copy data from the memory location allocated before (and pointed to by sgx_returns_int_ptr) to space allocated outside of the enclave with memcpy_s(_tmp_p_return_ptr, _len_p_return_ptr, _in_p_return_ptr, _len_p_return_ptr).

As you never did anything with this memory location, your result is not as expected.

 

Side note: you currently have a memory leak in your code, because p_return_ptr is never freed.

 

Please let us know if you have any further questions.

Sincerely,

Sahira

 

View solution in original post

0 Kudos
7 Replies
Wan_Intel
Moderator
1,450 Views

Hello MoonHasSevenColor,

Thanks for reaching out to us.


Could you please share the required scripts and files with us to replicate the issue from our end?



Regards,

Wan


0 Kudos
MoonHasSevenColor
1,438 Views

Sure! I attach the code name Code_JinXin.zip

unzip the folder, enter the flolder

 

make clean

make

./app

 

 

Thank you!

0 Kudos
MoonHasSevenColor
1,430 Views
Hello Wan,
I test further and find in edl file it should be [out, count=len] instead of [out, size=len]


But it still does not resolve the question
0 Kudos
Wan_Intel
Moderator
1,403 Views

Hello MoonHasSevenColor,

Thanks for the information.

We'll investigate the issue and update you at the earliest.



Regards,

Wan


0 Kudos
MoonHasSevenColor
1,323 Views

Hello Wan,

 

  Do you have any new discoveries for the code? Thank you for your help!

 

 

Best Reagrds,

Jin Xin

0 Kudos
Sahira_Intel
Moderator
1,290 Views

Hi,

Thanks so much for your patience while we looked into this issue.

As you rightfully said, you should use [out, count=len] instead of [out, size=len], but that does not solve the problem.

 

Short answer:

Remove the line p_return_ptr = (int*)malloc(len*sizeof(int)); in your Enclave.cpp and you program works as expected.

 

More details:

The function sgx_returns_int_ptr generated for you in the file Enclave/Enclave_t.c already does the memory allocation (inside enclave memory) in the line _in_p_return_ptr = (int*)malloc(_len_p_return_ptr);.

It then passes the pointer _in_p_return_ptr to your function returns_int_ptr with returns_int_ptr(_in_p_return_ptr, _tmp_len);.

As a result, the pointer p_return_ptr in your function does point to the space allocated before.

Note, however, that _in_p_return_ptr and p_return_ptr are two independent pointers (i.e., both pointers are stored at different memory locations) that point to the same memory location allocated before.

At this point, you currently perform another allocation and change the pointer p_return_ptr to this new location.

As _in_p_return_ptr and p_return_ptr are independent pointers, the former does still point to the memory location allocated by sgx_returns_int_ptr, and p_return_ptr does point to the newly allocated memory.

Then, you do changes to the newly allocated memory.

After your function returns, sgx_returns_int_ptr does copy data from the memory location allocated before (and pointed to by sgx_returns_int_ptr) to space allocated outside of the enclave with memcpy_s(_tmp_p_return_ptr, _len_p_return_ptr, _in_p_return_ptr, _len_p_return_ptr).

As you never did anything with this memory location, your result is not as expected.

 

Side note: you currently have a memory leak in your code, because p_return_ptr is never freed.

 

Please let us know if you have any further questions.

Sincerely,

Sahira

 

0 Kudos
MoonHasSevenColor
1,267 Views

Dear Sahira,

 

 

  Thank youuuuuuu for your so nice help and great answer! Thank you for your reminding to free the memory! It helps me a lot! Have a nice day!

 

 

 

Best Regards,

Jin Xin

0 Kudos
Reply