- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
How enclave1 can transfer the report to enclave2. The report resides in enclave1. From there you could use EEXIT and return a pointer back to the application in untrusted space. The pointer cant be accessed as it points to Enclave. Sending from enclave1 to enclave2 directly is also not possible. Can you explain that part in detail?
-Thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Sam,
The report that resides in enclave1 is first copied to untrusted memory of enclave1's process by the enclave itself. Remember the enclave can access all of the processes memory that is mapped. This is okay because the report does not have any secret. untrusted code then can use IPC provided by all operating systems to transfer the report to enclave2's process which is also untrusted memory. Then un trusted code in process two can call into enclave2 which can then copy the report from untrusted memory of enclave2's process into enclave2's memory.
PFA for your reference for local attestation flow
Thanks and Regards,
Surenthar Selvaraj
Link Copied
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Sam
You can't transfer data from enclave1 to enclave2 directly. You need to get the report of enclave1 to your application and use enclave interface ,which is defined in enclave2, to transfer the report to enclave2.
(report)enclave1=====>application===>enclave2 :)
The report pointer is declared in your application ,not in enclave1. You have to pass the pointer into enclave1 and get the report using sgx_create_report() function in enclave1.
Thanks,
Yu
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Sam,
The report that resides in enclave1 is first copied to untrusted memory of enclave1's process by the enclave itself. Remember the enclave can access all of the processes memory that is mapped. This is okay because the report does not have any secret. untrusted code then can use IPC provided by all operating systems to transfer the report to enclave2's process which is also untrusted memory. Then un trusted code in process two can call into enclave2 which can then copy the report from untrusted memory of enclave2's process into enclave2's memory.
PFA for your reference for local attestation flow
Thanks and Regards,
Surenthar Selvaraj
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks for your detailed information
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page