Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.

Passing STL containers as arguments in ECALL / OCALL

Fan
Beginner
1,070 Views

Hi,

Do you guys have a plan of supporting passing STL containers (vector, etc.) as arguments in ECALL / OCALL? I'm mimicking this behavior by serializing containers (in an ad hoc manner) in the caller and deserializing them in the callee. But actually it is possible to serialize containers in general (e.g. http://www.boost.org/doc/libs/1_38_0/boost/serialization/vector.hpp​) so I think it would awesome to support so out of the box.

Fan

0 Kudos
2 Replies
Surenthar_S_Intel
1,070 Views

Hi,

You can pass a pointer to anything into an ECALL by casting it as a void * and specifying user_check in the EDL. Once you are in the enclave you recast it back to what you want, or just pass it straight through to an OCALL (for example, if you need to pass a pointer to callback function, or a std::function pointer to a class instance method). Enclave functions can both read from and write to unprotected memory. 

You can't use this method if the container originates inside the enclave since the OCALL can't use pointers to protected memory. For this case you would need to use the serialization method so that the OCALL can receive a copy of the data in unprotected memory.

-Surenthar

0 Kudos
Avradip_M_
Beginner
1,070 Views

Hi,

I am in a similar situation and

1.I need to pass some STL container from enclave to outside untrusted world.

2. I need to pass some STL containers among different enclaves in a secure way

Primary bottleneck I am facing is I can not figure out an easy way to serialize the stl containers. Is there any way I can use the boost serialization method? SGX developer reference says, Boost is supported partially as long as the boost runtime is not used. I am not really sure what that means. Can you please clarify.

Avradip

0 Kudos
Reply