Intel® Software Guard Extensions (Intel® SGX)
Use hardware-based isolation and memory encryption to provide more code protection in your solutions.

Multi applications and ocall

Chris_J_4
Beginner
221 Views

If an enclave is used by multiple applications and makes an ocall,
which application will get the ocall?  
I would hope it is the one who owns the stack which made the containing ecall?.  Would that be a safe assumption?

Besides an answer, a reference would also be appreciated.
Thanks

 

0 Kudos
1 Reply
Rodolfo_S_
New Contributor III
221 Views

Hi, Chris.

AFAIK one single enclave "instance" cannot be shared by various applications. By saying this, I mean that, using the SGX SDK, an application cannot make an ECALL to an enclave that it has not created. Trying to do so will cause an SGX_ERROR_INVALID_ENCLAVE error.

Best regards,

Rodolfo

Reply