Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.

SGX with Position Dependent Static Libraries

csoder
Beginner
690 Views

Is it possible to create an SGX application that references a static library, compiled as position-dependent code? 

I have attempted to port a test application to an SGX application using a 3rd party porting tool, and have found I'm only able to do this successfully when all of the involved libraries are compiled using the -fPIC tag.

For one of the libraries I would like my enclave functions to reference, I only have access to the .a files, so recompiling the library as PIC is not an option. Looking through SGX documentation, I have been unable to narrow down if this is a limitation of SGX, or if its perhaps just the manner in which I'm trying to port the application.  

I found this thread, where someone appears to have the same issue as me with a different library, but the link to the solution is broken: https://community.intel.com/t5/Intel-Software-Guard-Extensions/Build-enclave-using-libgmp/m-p/1151640 

 

Any guidance?

 

Labels (1)
0 Kudos
1 Solution
Sahira_Intel
Moderator
623 Views

Hi,


Porting a library means recompiling it from source where the -fPIC flag is mandatory. But since you only have access to .a files, your best option would be to use Gramine (https://github.com/gramineproject/gramine) to wrap the whole application in an enclave. This is not necessarily the same as porting a library, but it could work for your use case.


Sincerely,

Sahira R.



View solution in original post

0 Kudos
3 Replies
Sahira_Intel
Moderator
663 Views

Hi,


Here is an example of how the GMP library was ported to SGX: https://github.com/intel/sgx-gmp to be used in an enclave


Sincerely,

Sahira




0 Kudos
Sahira_Intel
Moderator
624 Views

Hi,


Porting a library means recompiling it from source where the -fPIC flag is mandatory. But since you only have access to .a files, your best option would be to use Gramine (https://github.com/gramineproject/gramine) to wrap the whole application in an enclave. This is not necessarily the same as porting a library, but it could work for your use case.


Sincerely,

Sahira R.



0 Kudos
csoder
Beginner
598 Views
0 Kudos
Reply