Hi, I have a question about the Heaven Paper: https://www.usenix.org/system/files/conference/osdi14/osdi14-paper-baumann.pdf

If I understood correctly, the process is:
1. Application developer packages everything into an image, and encrypt with a password,  then send the encrypted image to the cloud provider;
2. cloud provider first creates an Enclave, and load it with a "Shield";
3. the "Shield" does the "remote attestation", once all clear, it receives the password that can decrypt the Image. 
4. It basically "boots" the OS/App inside the image. 
5; application runs securely

I'm confused with step 4. Quoting the original text "The Assuming it was loaded correctly, the shield may now decrypt the VHD key using its private key, and use it to access the contents of the VHD, allowing it to continue to load the LibOS and application."

Just wondering, if code inside the image is encrypted when the enclave is created, how does the enclave make the code "executable" after decryption? This is like asking my C program to execute machine code inside my HEAP, which is mostly forbidden by OS. Is this kind of operation allowed inside the Enclave? (i.e. trusted enclave code can read some blobs from untrusted memory, decrypt it, and place it inside trusted area as CODE instead of DATA, then execute the code?)

Thanks a lot!

-Dvorak