sgx_create_monotonic_counter

sgx_create_monotonic_counter creates a monotonic counter with default owner policy and default user attribute mask.

Syntax

                        sgx_status_t sgx_create_monotonic_counter(
                                                 sgx_mc_uuid_t * counter_uuid,
                                                 uint32_t * counter_value
                                        );
                        

 

Parameters

counter_uuid [out]

A pointer to the buffer that receives the monotonic counter ID. The pointer cannot be NULL.

counter_value [out]

A pointer to the buffer that receives the monotonic counter value. The pointer cannot be NULL.

Return value

SGX_SUCCESS

Monotonic counter is created successfully.

SGX_ERROR_INVALID_PARAMETER

Any of the pointers is invalid.

SGX_ERROR_BUSY

The requested service is temporarily not available.

SGX_ERROR_MC_OVER_QUOTA

The enclave has reached the quota of Monotonic Counters it can maintain.

SGX_ERROR_MC_USED_UP

Monotonic counters are used out.

SGX_ERROR_AE_SESSION_INVALID

Session is not created or has been closed by architectural enclave service.

SGX_ERROR_SERVICE_UNAVAILABLE

The AE service did not respond or the requested service is not supported.

SGX_ERROR_SERVICE_TIMEOUT

A request to the AE service timed out.

SGX_ERROR_NETWORK_FAILURE

Network connecting or proxy setting issue was encountered.

SGX_ERROR_OUT_OF_MEMORY

Not enough memory is available to complete this operation.

SGX_ERROR_OUT_OF_EPC

There is not enough EPC memory to load one of the Architecture Enclaves needed to complete this operation.

SGX_ERROR_UNEXPECTED

Indicates an unexpected error occurs.

Description

Call sgx_create_monotonic_counter to create a monotonic counter with the default owner policy 0x1, which means enclaves with same signing key can access the monotonic counter and default owner_attribute_mask 0xFFFFFFFFFFFFFFCB.

The caller should call sgx_create_pse_session to establish a session with the platform service enclave before calling this API.

Creating a monotonic counter (MC) involves writing to the non-volatile memory available in the platform. Repeated write operations could cause the memory to wear out during the normal lifecycle of the platform. Intel® SGX prevents this by limiting the rate at which MC operations can be performed. If you exceed the limit, the MC operation may return SGX_ERROR_BUSY for several minutes.

Intel SGX limits the number of MCs an enclave can create. To avoid exhausting the available quota, an Intel SGX application should record the MC UUID that sgx_create_monotonic_counter returns and destroy a MC when it is not needed any more. If an enclave reaches its quota and previously created MC UUIDs have not been recorded, you may restore the MC service after uninstalling the Intel SGX PSW and installing it again. This procedure deletes all MCs created by any enclave in that system.

NOTE:
One application is not able to access the monotonic counter created by another application in simulation mode. This also affects two different applications using the same enclave.

Requirements

Header

sgx_tae_service.h sgx_tae_service.edl

Library

sgx_tservice.lib or sgx_tservice_sim.lib (simulation)

For more complete information about compiler optimizations, see our Optimization Notice.