Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1371 Discussions

OCaml and SGX

Ivana_V_
Beginner
‎09-20-2018 02:59 AM
204 Views

Hi

I got stuck trying to run OCaml code within an SGX enclave and would
very much appreciate some help.

I so far managed to write a C wrapper around my OCaml code using the
functionalities described here:
https://caml.inria.fr/pub/docs/manual-ocaml/intfc.html

Now, to link the code, I have to load the OCaml runtime using
-lcamlrun_pic (-lcamlrun is not PIC compatible).

The problem is now that camlrun_pic uses standard libraries quite
heavily.  It looks like I could add the missing functionalities by doing
something like that:
http://www.tatetian.io/2016/01/25/file-io-inside-intel-sgx-enclave/

Do you think that's the right approach?  Is there an easier one?

Best,
Ivana

0 Kudos

Link Copied

1 Reply
Scott_R_Intel
Employee
‎09-25-2018 06:39 AM
204 Views

Hi Ivana.

Yes, creating ocall's for all required standard library calls that aren't included in the SGX libraries is the only way to do get to them from within an enclave.

Though, you may want to have a look at the Graphene-SGX Library OS project...  it may work for your needs:  https://github.com/oscarlab/graphene

Regards.

Scott

0 Kudos
Copy link
Reply

For more complete information about compiler optimizations, see our Optimization Notice.