Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1453 Discussions

SGX with Position Dependent Static Libraries

csoder
Beginner
‎05-04-2022 08:45 AM
754 Views
Solved Jump to solution

Is it possible to create an SGX application that references a static library, compiled as position-dependent code? 

I have attempted to port a test application to an SGX application using a 3rd party porting tool, and have found I'm only able to do this successfully when all of the involved libraries are compiled using the -fPIC tag.

For one of the libraries I would like my enclave functions to reference, I only have access to the .a files, so recompiling the library as PIC is not an option. Looking through SGX documentation, I have been unable to narrow down if this is a limitation of SGX, or if its perhaps just the manner in which I'm trying to port the application.  

I found this thread, where someone appears to have the same issue as me with a different library, but the link to the solution is broken: https://community.intel.com/t5/Intel-Software-Guard-Extensions/Build-enclave-using-libgmp/m-p/1151640 

 

Any guidance?

 

Labels (1)
Labels:
0 Kudos
1 Solution
Sahira_Intel
Moderator
‎05-10-2022 02:50 PM
687 Views
Solved Jump to solution

Hi,


Porting a library means recompiling it from source where the -fPIC flag is mandatory. But since you only have access to .a files, your best option would be to use Gramine (https://github.com/gramineproject/gramine) to wrap the whole application in an enclave. This is not necessarily the same as porting a library, but it could work for your use case.


Sincerely,

Sahira R.



View solution in original post

0 Kudos
Copy link

Link Copied

3 Replies
Sahira_Intel
Moderator
‎05-04-2022 03:07 PM
727 Views
Solved Jump to solution

Hi,


Here is an example of how the GMP library was ported to SGX: https://github.com/intel/sgx-gmp to be used in an enclave


Sincerely,

Sahira




0 Kudos
Copy link
Sahira_Intel
Moderator
‎05-10-2022 02:50 PM
688 Views
Solved Jump to solution

Hi,


Porting a library means recompiling it from source where the -fPIC flag is mandatory. But since you only have access to .a files, your best option would be to use Gramine (https://github.com/gramineproject/gramine) to wrap the whole application in an enclave. This is not necessarily the same as porting a library, but it could work for your use case.


Sincerely,

Sahira R.



0 Kudos
Copy link
csoder
Beginner
‎05-17-2022 12:46 PM
662 Views
Solved Jump to solution
In response to Sahira_Intel

Understood, thank you. 

In response to Sahira_Intel
0 Kudos
Copy link
Reply

Community support is provided during standard business hours (Monday to Friday 7AM - 5PM PST). Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.