2

I have a vector<vector <string>> a; How could I pass it to the enclave? How I declare edl function. A sample function declaration for the app, edl and enclave is much appreciated.

I am aware of this: C++ Arguments to SGX Enclave Edge Functions.

A sample to pass even a vector<string> is ok for me.

update1: I came up with this:

App.cpp

const char *convert(const std::string & s)
{
   return s.c_str();
}

vector<string> members_data;
member_data.push_back("apple");
member_data.push_back("orange"); //just for sample

    std::vector<const char*>  vc;
    std::transform(members_data.begin(), members_data.end(), std::back_inserter(vc), convert);

edl:

trusted {
       public void ecall_receive_vector([in, size=len] const char **arr, size_t len);
};

enclave

void ecall_receive_vector(const char *arr[], size_t len)
{
    vector<string> v(arr, arr+len);

    printf("%s\n", v[2].c_str());

}

But enclave does not receive any data, the program compiles perfectly with no error. Could anyone help? The printf is the sample ocall.

Kumar Roshan Mehta
  • 3,078
  • 2
  • 27
  • 50

1 Answers1

3

In the EDL use count instead of size.

trusted {
    public void ecall_receive_vector([in, count=len] const char **arr, size_t len);
};

You are passing a double pointer, it is, a pointer to pointer to char (char **).

While marshaling/unmarshaling pointers, the EDL Processor processes (copies and validates input and output) only the first level of indirection, it's up to the developer to handle the additional levels of indirection. Hence, for an array of pointers it will only copy the first array of pointers, not the pointed values, copying them is the developer's responsibility.

If not specified count and size default to 1 and sizeof(<pointed-type>) respectively. In your case size = sizeof(<pointer>) which in most platforms is 4.

In your case, you provided only size. As you don't provide the caller code I assume you're passing the length of the string, and as count was not specified it defaults to 1. Then the total number of bytes, based on Total number of bytes = count * size will be 1 * len which is wrong.

Using only count will let size default to sizeof(<pointed-type>), then Total number of bytes = count * size will be count * sizeof(<pointed-type>), which is right because you're passing an array of pointers.

To close, once inside the Enclave you need to copy the pointers' data because those pointers reside out of the enclave, that may be done automatically by assigning them to a std::string.

From Intel SGX SDK Documentation:

Pointer Handling (the last paragraph)

You may use the direction attribute to trade protection for performance. Otherwise, you must use the user_check attribute described below and validate the data obtained from untrusted memory via pointers before using it, since the memory a pointer points to could change unexpectedly because it is stored in untrusted memory. However, the direction attribute does not help with structures that contain pointers. In this scenario, developers have to validate and copy the buffer contents, recursively if needed, themselves.

And,

Buffer Size Calculation

The generalized formula for calculating the buffer size using these attributes:

Total number of bytes = count * size

  • The above formula holds when both count and size/sizefunc are specified.
  • size can be specified by either size or sizefunc attribute.
  • If count is not specified for the pointer parameter, then it is assumed to be equal to 1, i.e., count=1. Then total number of bytes equals to size/sizefunc.
  • If size is not specified, then the buffer size is calculated using the above formula where size is sizeof (element pointed by the pointer).
ruizpauker
  • 384
  • 7
  • 19