Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.

can Enclave link librarys which is not in SDK/include?

dai_c_
Beginner
2,001 Views

Hello, I want to use the third-party libraries in enclave,Can I link the third-party static library(.a file) when compile enclave to generate enclave.so?

0 Kudos
1 Solution
Hoang_N_Intel
Employee
2,001 Views

Yes, and please make sure all the library's dependencies are also included statically

View solution in original post

0 Kudos
6 Replies
Hoang_N_Intel
Employee
2,002 Views

Yes, and please make sure all the library's dependencies are also included statically

0 Kudos
dai_c_
Beginner
2,001 Views

OK,Thank you very much!

0 Kudos
Roshan_Mehta
Beginner
2,001 Views
Suppose I have created a (rosheader.h) header file in /home/roshan/mylib/include directory
The static library(roslib.a) in /home/roshan/mylib 
I wanted to use this library inside the enclave, what I should I write in my makefile, I mean here:
 
A snippet of the makefile.
 
Enclave_Cpp_Files := Enclave/Enclave.cpp Enclave/Sealing/Sealing.cpp
# Enclave_Include_Paths := -IInclude -IEnclave -I$(SGX_SDK)/include -I$(SGX_SDK)/include/tlibc -I$(SGX_SDK)/include/stlport
Enclave_Include_Paths := -IEnclave -I$(SGX_SDK)/include -I$(SGX_SDK)/include/tlibc -I$(SGX_SDK)/include/stlport

Enclave_C_Flags := $(SGX_COMMON_CFLAGS) -nostdinc -fvisibility=hidden -fpie -fstack-protector $(Enclave_Include_Paths)
Enclave_Cpp_Flags := $(Enclave_C_Flags) -std=c++03 -nostdinc++
Enclave_Link_Flags := $(SGX_COMMON_CFLAGS) -Wl,--no-undefined -nostdlib -nodefaultlibs -nostartfiles -L$(SGX_LIBRARY_PATH) \
-Wl,--whole-archive -l$(Trts_Library_Name) -Wl,--no-whole-archive \
-Wl,--start-group -lsgx_tstdc -lsgx_tstdcxx -l$(Crypto_Library_Name) -l$(Service_Library_Name) -Wl,--end-group \
-Wl,-Bstatic -Wl,-Bsymbolic -Wl,--no-undefined \
-Wl,-pie,-eenclave_entry -Wl,--export-dynamic  \
-Wl,--defsym,__ImageBase=0

 

0 Kudos
you_w_
New Contributor III
2,001 Views

Hi Roshan:

You can add "-L/home/roshan/mylib" in SGX_COMMON_CFLAGS and then add "-l/roslib.a" after "-Wl,--whole-archive -l$(Trts_Library_Name)". Have a try.

Regards 

you

 

0 Kudos
dai_c_
Beginner
2,001 Views
I think you  should add include path and link flags to use your static lib
Enclave_Include_Paths := -IEnclave -I$(SGX_SDK)/include -I$(SGX_SDK)/include/tlibc -I$(SGX_SDK)/include/stlport -I /home/roshan/mylib/include
 
and the link flags as follows:
 
Enclave_Link_Flags := $(SGX_COMMON_CFLAGS) -Wl,--no-undefined -nostdlib -nodefaultlibs -nostartfiles -L$(SGX_LIBRARY_PATH) -L /home/roshan/mylib \
-Wl,--whole-archive -l$(Trts_Library_Name) -Wl,--no-whole-archive \
-Wl,--start-group -lsgx_tstdc -lsgx_tstdcxx -l$(Crypto_Library_Name) -l$(Service_Library_Name) -l roslib -Wl,--end-group \
-Wl,-Bstatic -Wl,-Bsymbolic -Wl,--no-undefined \
-Wl,-pie,-eenclave_entry -Wl,--export-dynamic  \
-Wl,--defsym,__ImageBase=0 \
-Wl,--version-script=Enclave/Enclave.lds
0 Kudos
dai_c_
Beginner
2,001 Views

Hoang Nguyen (Intel) wrote:

Yes, and please make sure all the library's dependencies are also included statically

Hello,when I want to use SGX to protect a part of project, if I move the code in enclave,the workload is heavy,and can I compile the part code into static lib,and my enclave link the static lib,can this way achieves the same goal as move the code in enclave?

0 Kudos
Reply