Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Beginner
75 Views

How to understand an ECALL with [out] parameter?

Jump to solution

In Intel's SGX developer guide https://software.intel.com/en-us/node/696463, it mentions that:

[out] – when [out] is specified for a pointer argument, the parameter is returned from the called procedure to the calling procedure. In an ECALL function an out parameter is passed from the enclave to the application and an OCALL function passes it from the application to the enclave.

I am having some trouble understanding the ECALL with an [out] parameter. First of all, isn't ECALL defined to be a function call from outside the enclave to a function inside the enclave? Then how could a parameter be passed from the enclave to the application?

Second of all, it said the parameter is returned from the called procedure, how come a parameter can be returned?

 

 

0 Kudos

Accepted Solutions
Highlighted
New Contributor III
75 Views

Hi, Jason.

I am having some trouble understanding the ECALL with an [out] parameter. First of all, isn't ECALL defined to be a function call from outside the enclave to a function inside the enclave? Then how could a parameter be passed from the enclave to the application?

Second of all, it said the parameter is returned from the called procedure, how come a parameter can be returned?

An ECALL means that the function will be executed inside an enclave. The [out] parameter means that it will be returned to the function call outside the enclave. See the example below:

// enclave.edl file
enclave {
    trusted {
        public void sum_pointers([in] int *p_int1, [in] int *p_int2, [out] int *p_result);
    };
};

// enclave.cpp file
void sum_pointers( int *p_int1, int *p_int2, int *p_result)
{
    *p_result = *p_int1 + *p_int2;
}

//app.cpp file
...
int main(){
...
    int int1 = 5, int2 = 10, result;
    sum_pointers( &int1, &int2, &result);
    printf("%d + %d = %d", int1, int2, result);
}

In this example, we have p_int1 and p_int2 as [in] parameters, while p_result is an [out] parameter. The function sum_pointers is an ECALL, therefore it will be executed inside the enclave. The parameters p_int1 and p_int2 are passed into the enclave, and the parameter p_result is passed from the enclave to the application after it is executed; it works as a return of the function.

 

View solution in original post

0 Kudos
3 Replies
Highlighted
New Contributor III
76 Views

Hi, Jason.

I am having some trouble understanding the ECALL with an [out] parameter. First of all, isn't ECALL defined to be a function call from outside the enclave to a function inside the enclave? Then how could a parameter be passed from the enclave to the application?

Second of all, it said the parameter is returned from the called procedure, how come a parameter can be returned?

An ECALL means that the function will be executed inside an enclave. The [out] parameter means that it will be returned to the function call outside the enclave. See the example below:

// enclave.edl file
enclave {
    trusted {
        public void sum_pointers([in] int *p_int1, [in] int *p_int2, [out] int *p_result);
    };
};

// enclave.cpp file
void sum_pointers( int *p_int1, int *p_int2, int *p_result)
{
    *p_result = *p_int1 + *p_int2;
}

//app.cpp file
...
int main(){
...
    int int1 = 5, int2 = 10, result;
    sum_pointers( &int1, &int2, &result);
    printf("%d + %d = %d", int1, int2, result);
}

In this example, we have p_int1 and p_int2 as [in] parameters, while p_result is an [out] parameter. The function sum_pointers is an ECALL, therefore it will be executed inside the enclave. The parameters p_int1 and p_int2 are passed into the enclave, and the parameter p_result is passed from the enclave to the application after it is executed; it works as a return of the function.

 

View solution in original post

0 Kudos
Highlighted
New Contributor I
75 Views

Hi, Jason.

ECall/OCall has nothing to do with In/Out. They are relative to different situation.

ECall/OCall is relative to enclave: ECall means jumping into enclave while OCall means jumping out of enclave.

In/Out is relative to the function: In means parameter passing into the function while Out means parameter returning from the function.

 

0 Kudos
Highlighted
Beginner
75 Views

I appreciate your answers, I understand it now.

0 Kudos