Intel® Software Guard Extensions (Intel® SGX)
Use hardware-based isolation and memory encryption to provide more code protection in your solutions.

How to change an enclave base address ?

Nguyen__Minh
Beginner
342 Views

Hi,

I am working on Linux platform and have reserved a specific memory region (with fixed VA) for the enclave and hence, would like the enclave to always be loaded on to the target region. According to the sdk developer reference, the trusted runtime library uses __ImageBase to compute enclave base address.

I have tried to change the __ImageBase in the Makefile

Enclave_Link_Flags := -Wl,--no-undefined -nostdlib -nodefaultlibs -nostartfiles -L$(SGX_LIBRARY_PATH) \
	-Wl,--whole-archive -l$(Trts_Library_Name) -Wl,--no-whole-archive \
	-Wl,--start-group -lsgx_tstdc -lsgx_tcxx -l$(Crypto_Library_Name) -l$(Service_Library_Name) -Wl,--end-group \
	-Wl,-Bstatic -Wl,-Bsymbolic -Wl,--no-undefined \
	-Wl,-pie,-eenclave_entry -Wl,--export-dynamic  \
	-Wl,--defsym,__ImageBase=0x00007fa56e000000 -Wl,--gc-sections   \
	-Wl,--version-script=Enclave/Enclave.lds

and got a relocation: error /usr/bin/ld: failed to convert GOTPCREL relocation; relink with --no-relax

I added the --no-relax to the Enclave_Link_Flags but it seems g++ pickups the --no-relax but not the linker and hence, "unrecognized command". How can I relocate an enclave to a target VA address ?

0 Kudos
0 Replies
Reply