Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.

SGX Threads behavior

Anandakumar
New Contributor II
1,174 Views

Hello All,

 

I am getting some undefined behavior in SGX enclave while number of threads exceeds number of TCS mentioned in sgx config file.

 

In configuration, TCS NUM is set to 10 and TCS Policy set to 1. 

 

When the untrusted code created more than 10 threads, then I am facing some strange issues from Enclave. After changing TCS NUM to higher value the application running smoothly. 

 

Here, I am aware of number of threads allowed inside the SGX is restricted by number of Physical core. But I want to know what happens in Enclave when we run more number of threads than the value specified by TCS NUM.

 

Thanks,

Anand

0 Kudos
1 Solution
JesusG_Intel
Moderator
1,155 Views

Hello Anand,


TCS_NUM indicates the number of Thread Control Structures to allocate for the enclave.

 

From SGX Explained: "The SGX implementation uses a Thread Control Structure (TCS) for each logical processor that executes an enclave’s code. It follows that an enclave’s author must provision at least as many TCS instances as the maximum number of concurrent threads that the enclave is intended to support."

 

A TCS consists of an entry point and pointer to the State Save Area and other features. Section 37.8 Thread Control Structure of Intel's Software Development Manual provides details of the contents of the TCS.

 

If you try to use more threads than the number of Thread Control Structures then the threads will not know how to enter the enclave because the TCS does not exist.

 

Refer to Thread Binding Policy for information on the TCS_POLICY.


Sincerely,

Jesus G.

Intel Customer Support


View solution in original post

0 Kudos
2 Replies
JesusG_Intel
Moderator
1,156 Views

Hello Anand,


TCS_NUM indicates the number of Thread Control Structures to allocate for the enclave.

 

From SGX Explained: "The SGX implementation uses a Thread Control Structure (TCS) for each logical processor that executes an enclave’s code. It follows that an enclave’s author must provision at least as many TCS instances as the maximum number of concurrent threads that the enclave is intended to support."

 

A TCS consists of an entry point and pointer to the State Save Area and other features. Section 37.8 Thread Control Structure of Intel's Software Development Manual provides details of the contents of the TCS.

 

If you try to use more threads than the number of Thread Control Structures then the threads will not know how to enter the enclave because the TCS does not exist.

 

Refer to Thread Binding Policy for information on the TCS_POLICY.


Sincerely,

Jesus G.

Intel Customer Support


0 Kudos
JesusG_Intel
Moderator
1,122 Views

This thread has been marked as answered and Intel will no longer monitor this thread. If you want a response from Intel in a follow-up question, please open a new thread.


0 Kudos
Reply