Menu
Is it possible to load a program larger than the EPC memory to an enclave? I feel like in theory it is permissible because
EEXTEND measures an enclave incrementally by 256 bytesSo in theory, it seems possible to load a big program using just one page of EPC memory:
Am I understanding correctly in theory? Although in practice, I got an error immediately when loading big programs.
458
SGX gives developers the ability to split a computer's memory into what are called enclaves, which are private, predefined areas in memory that can better protect users' sensitive information. Put a different way, SGX encrypts sections of memory using security instructions native to the CPU.
Intel Software Guard Extensions (SGX) is a set of security-related instruction codes that are built into some Intel central processing units (CPUs). They allow user-level and operating system code to define protected private regions of memory, called enclaves.
Enclave Page Cache (EPC) The SGX design supports having multiple enclaves on a system at the same time, which is a necessity in multi-process environments. This is achieved by having the EPC split into 4 KB pages that can be assigned to different enclaves.
SGX uses strong encryption and hardware-level isolation to ensure the confidentiality of data and code and to prevent them from being tampered with. Intel designed SGX to protect apps and code even when the operating system, hypervisor, or BIOS firmware is compromised.
I asked a similar question in the Intel forums. The summary [1] is helpful.
The short answer: No, you cannot at this time load an enclave that is larger than the EPC.
Due to the current lack of paging support (and lack of dynamic page allocation that v2 will provide) this means that the combined HeapMaxSize of all enclaves loaded at the same time cannot exceed said ~90MB. [1]
The long answer: In SGX there are two mechanisms of dynamic memory management:
So why can you not load an enclave larger than EPC?
So your enclave will have to use well below 90MB of heap size on current hardware. I have experimented with the SDK emulation, and found that it allows a heap max size of roughly 1GiB [2]. Future OS versions will hopefully support EPC page swapping, allowing larger static enclave sizes. Future SGX hardware will allow dynamic page allocation, allowing dynamic enclave sizes.
[1] https://software.intel.com/en-us/forums/intel-isa-extensions/topic/607004#comment-1857071
[2] 1GiB - 64KiB - TCSnum * 128KiB, where TCSnum is the number of threads. Exceeding this HeapMaxSize results in a simulation error
194
Researcher here, working with Intel SGX.
I would just like to add that Linux, however, does support mechanism 2) mentioned above, allowing pages to be encrypted and swapped out to regular DRAM. What this effectively means is yes to your original question. Linux is able to create enclaves of arbitrary size. However, in its current form(v1) once the enclave is finalized the size may not expand.
As to whether this is a good idea, the answer is definitely no. Expanding enclaves above the size of the EPC causes a lot of costly pagefaults to occur degrading performance significantly.
23
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
