A detail about SGX loading

Question

Is it possible to load a program larger than the EPC memory to an enclave? I feel like in theory it is permissible because

• OS can swap pages out freely
• EEXTEND measures an enclave incrementally by 256 bytes

So in theory, it seems possible to load a big program using just one page of EPC memory:

1. load 4K bytes to an EPC page
2. measure the loaded page
3. evict the loaded page
4. load the next 4K bytes to the same EPC page as the one in (1)

Am I understanding correctly in theory? Although in practice, I got an error immediately when loading big programs.

Answer 1

Researcher here, working with Intel SGX.

I would just like to add that Linux, however, does support mechanism 2) mentioned above, allowing pages to be encrypted and swapped out to regular DRAM. What this effectively means is yes to your original question. Linux is able to create enclaves of arbitrary size. However, in its current form(v1) once the enclave is finalized the size may not expand.

As to whether this is a good idea, the answer is definitely no. Expanding enclaves above the size of the EPC causes a lot of costly pagefaults to occur degrading performance significantly.

Answer 2

I asked a similar question in the Intel forums. The summary [1] is helpful.

The short answer: No, you cannot at this time load an enclave that is larger than the EPC.

Due to the current lack of paging support (and lack of dynamic page allocation that v2 will provide) this means that the combined HeapMaxSize of all enclaves loaded at the same time cannot exceed said ~90MB. [1]

The long answer: In SGX there are two mechanisms of dynamic memory management:

1. an enclave can request additional pages via EAUG - this is only supported in SGXv2, for which no hardware is currently available
2. the OS could swap out EPC pages to regular RAM (EWB/ELD instructions), but Windows does not currently support this

So why can you not load an enclave larger than EPC?

• the EPC size is limited on current systems to roughly 90MB
• Windows does not currently support swapping out these pages
• an enclave must request all pages it wishes to use before executing (EINIT) on SGXv1 hardware
• the size of all enclaves must not exceed the EPC size
• Intel reserves some EPC space for their management enclaves (quoting, provisioning, loading enclaves)

So your enclave will have to use well below 90MB of heap size on current hardware. I have experimented with the SDK emulation, and found that it allows a heap max size of roughly 1GiB [2]. Future OS versions will hopefully support EPC page swapping, allowing larger static enclave sizes. Future SGX hardware will allow dynamic page allocation, allowing dynamic enclave sizes.

[1] https://software.intel.com/en-us/forums/intel-isa-extensions/topic/607004#comment-1857071

[2] 1GiB - 64KiB - TCSnum * 128KiB, where TCSnum is the number of threads. Exceeding this HeapMaxSize results in a simulation error