- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
In Intel's SGX developer guide https://software.intel.com/en-us/node/696463, it mentions that:
[out] – when [out] is specified for a pointer argument, the parameter is returned from the called procedure to the calling procedure. In an ECALL function an
out
parameter is passed from the enclave to the application and an OCALL function passes it from the application to the enclave.
I am having some trouble understanding the ECALL with an [out] parameter. First of all, isn't ECALL defined to be a function call from outside the enclave to a function inside the enclave? Then how could a parameter be passed from the enclave to the application?
Second of all, it said the parameter is returned from the called procedure, how come a parameter can be returned?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi, Jason.
I am having some trouble understanding the ECALL with an [out] parameter. First of all, isn't ECALL defined to be a function call from outside the enclave to a function inside the enclave? Then how could a parameter be passed from the enclave to the application?
Second of all, it said the parameter is returned from the called procedure, how come a parameter can be returned?
An ECALL means that the function will be executed inside an enclave. The [out] parameter means that it will be returned to the function call outside the enclave. See the example below:
// enclave.edl file enclave { trusted { public void sum_pointers([in] int *p_int1, [in] int *p_int2, [out] int *p_result); }; }; // enclave.cpp file void sum_pointers( int *p_int1, int *p_int2, int *p_result) { *p_result = *p_int1 + *p_int2; } //app.cpp file ... int main(){ ... int int1 = 5, int2 = 10, result; sum_pointers( &int1, &int2, &result); printf("%d + %d = %d", int1, int2, result); }
In this example, we have p_int1 and p_int2 as [in] parameters, while p_result is an [out] parameter. The function sum_pointers is an ECALL, therefore it will be executed inside the enclave. The parameters p_int1 and p_int2 are passed into the enclave, and the parameter p_result is passed from the enclave to the application after it is executed; it works as a return of the function.
Link Copied
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi, Jason.
I am having some trouble understanding the ECALL with an [out] parameter. First of all, isn't ECALL defined to be a function call from outside the enclave to a function inside the enclave? Then how could a parameter be passed from the enclave to the application?
Second of all, it said the parameter is returned from the called procedure, how come a parameter can be returned?
An ECALL means that the function will be executed inside an enclave. The [out] parameter means that it will be returned to the function call outside the enclave. See the example below:
// enclave.edl file enclave { trusted { public void sum_pointers([in] int *p_int1, [in] int *p_int2, [out] int *p_result); }; }; // enclave.cpp file void sum_pointers( int *p_int1, int *p_int2, int *p_result) { *p_result = *p_int1 + *p_int2; } //app.cpp file ... int main(){ ... int int1 = 5, int2 = 10, result; sum_pointers( &int1, &int2, &result); printf("%d + %d = %d", int1, int2, result); }
In this example, we have p_int1 and p_int2 as [in] parameters, while p_result is an [out] parameter. The function sum_pointers is an ECALL, therefore it will be executed inside the enclave. The parameters p_int1 and p_int2 are passed into the enclave, and the parameter p_result is passed from the enclave to the application after it is executed; it works as a return of the function.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi, Jason.
ECall/OCall has nothing to do with In/Out. They are relative to different situation.
ECall/OCall is relative to enclave: ECall means jumping into enclave while OCall means jumping out of enclave.
In/Out is relative to the function: In means parameter passing into the function while Out means parameter returning from the function.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I appreciate your answers, I understand it now.

- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page