Enclave once created is never destroyed
sihussain2 opened this issue · comments
When initialize_library happens , it does a initilize_enclave. This happens in virtually every function in enclaveshim_ecalls.c , functions such as SSL_read, BIO_*, etc. but after the operation, the enclave is never destroyed. I see a function called destroy_enclave(), but never invoked.
i am still new to TAlos and SGX in general, so, i am not sure if this is a bug or am i missing something. Wouldnt not destroying an enclave pose a security threat.
Indeed the enclave is never explicitly destroyed in our prototype. However, once the program terminates the operating system reclaims all the resources and the enclave is automatically destroyed.
To call the destroy_enclave()
function explicitly the application would need to make a particular API call to the TaLoS library that we can identify as the latest call.