Question about Intel SGX and gramine

Skip to first unread message


Sep 6, 2022, 4:50:23 AM9/6/22
Hi, My name is Chulmin Lee. I am a student of Seoul National University, South Korea and studying about Intel SGX.

Recently, I read "Intel SGX Explained". It says that SGX design does not prohibit multiple application processes from sharing an enclave. To test this, I made a child thread outside of the enclave and tried to EENTER with TCS on the main thread.

Specifically, I made the main thread clone child thread after ocall and sleep forever. So the main thread is outside of the enclave. And then, a child thread do EENTER with TCS, and AEP and all other inputs for EENTER.

However, when thre child thread tries to EENTER, it does not jump inside thre enclave but always returns to the AEP.

Can you guess why this happened? Does Intel SGX have logic for differentiating main thread and child thread?

If you need more detail, I will send you Dockerfile to reproduce this.

Thank you. 
Reply all
Reply to author
0 new messages