Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1510 Discussions

Will SGX_DESTROY_ENCLAVE Wipe Out EPC Pages?

He__Yi
Beginner
‎10-23-2019 08:32 AM
1,350 Views
Solved Jump to solution

Hi!

 

It seems like sgx_destroy_enclave will call EREMOVE functions to disconnect the EPC pages to a certain SECS in EPCM.

But does it also wipe out all the contents in the EPC pages? If the page is in DRAM, it would probably be fine to not wiping out data, since data are encrypted when writing from cache to DRAM. What about data still in cache? I am aware that side channel attack is one possible vulnerabilities of SGX. But I'm still curious if EREMOVE or sgx_destroy_enclave will wipe out data in cache.

From the data I collected, sgx_destroy_enclave is pretty efficient. So I guess maybe it doesn't really clear up those pages?

 

 

Thanks!

0 Kudos
1 Solution
JesusG_Intel
Moderator
‎07-09-2020 12:41 PM
1,333 Views
Solved Jump to solution
In response to hiber

Hello Hiber, we answered your question in this thread.

View solution in original post

In response to hiber
Copy link

Link Copied

2 Replies
hiber
Novice
‎07-08-2020 08:24 PM
1,345 Views
Solved Jump to solution

Hello Yi.

I'm sorry to bother you another problem.

In the Intel Enclave Sample code "SealedData", I find the iCLSClient in my compute system components. 

However, I still cannot run it successful. It still returns: "monotonic counter is not supported and trusted time is not supported."

Do you have solved the problem and have some solutions?

Thanks a lot!

0 Kudos
Copy link
JesusG_Intel
Moderator
‎07-09-2020 12:41 PM
1,334 Views
Solved Jump to solution
In response to hiber

Hello Hiber, we answered your question in this thread.

In response to hiber
Copy link
Reply

Community support is provided Monday to Friday. Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.