Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1453 Discussions

Multi applications and ocall

Chris_J_4
Beginner
‎12-12-2016 11:00 AM
416 Views

If an enclave is used by multiple applications and makes an ocall,
which application will get the ocall?  
I would hope it is the one who owns the stack which made the containing ecall?.  Would that be a safe assumption?

Besides an answer, a reference would also be appreciated.
Thanks

 

0 Kudos

Link Copied

1 Reply
Rodolfo_S_
New Contributor III
‎12-12-2016 06:10 PM
416 Views

Hi, Chris.

AFAIK one single enclave "instance" cannot be shared by various applications. By saying this, I mean that, using the SGX SDK, an application cannot make an ECALL to an enclave that it has not created. Trying to do so will cause an SGX_ERROR_INVALID_ENCLAVE error.

Best regards,

Rodolfo

0 Kudos
Copy link
Reply

Community support is provided during standard business hours (Monday to Friday 7AM - 5PM PST). Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.