Intel® Software Guard Extensions (Intel® SGX)
Use hardware-based isolation and memory encryption to provide more code protection in your solutions.
1338 Discussions

Sgx2 can apply for HeapInitSize memory dynamically at most,can't apply for HeapMaxSize dynamically.

enclave_Research
452 Views

hello!

set the following parameters in the Enclave Configuration File.

<EnclaveConfiguration>
<ProdID>0</ProdID>
<ISVSVN>0</ISVSVN>
<StackMinSize>0x4000</StackMinSize>
<StackMaxSize>0x200000</StackMaxSize>
<HeapInitSize>0x300000</HeapInitSize>
<HeapMaxSize>0x3000000</HeapMaxSize>
<HeapMinSize>0x300000</HeapMinSize>

<TCSNum>5</TCSNum>
<TCSMaxNum>10</TCSMaxNum>
<TCSMinPool>2</TCSMinPool>
<TCSPolicy>1</TCSPolicy>
<DisableDebug>0</DisableDebug>
<MiscSelect>1</MiscSelect>
<MiscMask>0xFFFFFFFF</MiscMask>
</EnclaveConfiguration>

I set HeapInitSize is 3M,HeapMaxSize is 48M;but I can apply for 3M(HeapInitSize) dynamically memory at most in enclave.How can I dynamically apply for 48M(StackMaxSize) memory?

0 Kudos
1 Solution
JesusG_Intel
Moderator
408 Views

Hello enclave_Research,


After you set the enclave configuration file, the platform takes care of dynamically allocating memory when needed. You don't need to do anything else.


How are you confirming that it is not working for you?


1. Are you using the sgx-emmt tool to measure how much heap and stack memory your enclave is using?

 

Refer to section Enclave Memory Measurement Tool in the Intel® Software Guard Extensions (Intel® SGX) SD for Linux* OS Developer Reference for details on how to measure the real usage of protected memory by the enclave at runtime by using sgx_emmt.

 

2. Ensure you are running the most recent versions of the SGX SDK for Linux and the SGX Platform Software.

 

3. Try setting only StackMaxSize and HeapMaxSize - do not set the Min and Init sizes.


Sincerely,

Jesus G.

Intel Customer Support


View solution in original post

4 Replies
JesusG_Intel
Moderator
439 Views

Hello enclave_Research,


  1. First, confirm that your processor supports SGX 2.

Option 1

On a Linux* system, execute cpuid in a terminal:

i. Open a terminal and run: $ cpuid | grep -i sgx

ii. Look for output: SGX2 supported = True

 

Option 2

Use test_sgx.c:

i. Go to the SGX Hardware Github and download the file test_sgx.c or clone the repository

ii. Compile and run test_sgx.c according to these instructions:

$ gcc test-sgx.c -o test-sgx

$ ./test-sgx

iii. Look for output: sgx 2 supported: 1

 

2. Are you sing the sgx-emmt tool to measure how much heap and stack memory your enclave is using?

 

Refer to section Enclave Memory Measurement Tool in the Intel® Software Guard Extensions (Intel® SGX) SD for Linux* OS Developer Reference for details on how to measure the real usage of protected memory by the enclave at runtime by using sgx_emmt.

 

Ensure you are running the most recent versions of the SGX SDK for Linux and the SGX Platform Software.

 

3. Try setting only StackMaxSize and HeapMaxSize - do not set the Min and Init sizes.


Sincerely,

Jesus G.

Intel Customer Support


enclave_Research
414 Views

Hello,

my processor support SGX2,I want to use Enclave Dynamic Memory Management(EDMM).In addition to modifying the enclave configuration, what else need to be done?

JesusG_Intel
Moderator
409 Views

Hello enclave_Research,


After you set the enclave configuration file, the platform takes care of dynamically allocating memory when needed. You don't need to do anything else.


How are you confirming that it is not working for you?


1. Are you using the sgx-emmt tool to measure how much heap and stack memory your enclave is using?

 

Refer to section Enclave Memory Measurement Tool in the Intel® Software Guard Extensions (Intel® SGX) SD for Linux* OS Developer Reference for details on how to measure the real usage of protected memory by the enclave at runtime by using sgx_emmt.

 

2. Ensure you are running the most recent versions of the SGX SDK for Linux and the SGX Platform Software.

 

3. Try setting only StackMaxSize and HeapMaxSize - do not set the Min and Init sizes.


Sincerely,

Jesus G.

Intel Customer Support


JesusG_Intel
Moderator
311 Views

This thread has been marked as answered and Intel will no longer monitor this thread. If you want a response from Intel in a follow-up question, please open a new thread.


Reply