A compiler automatically modularizes identified functions or portions of source code, thereby enabling developers to merely identify portions of source code that represent functionality that is to be protected, including going back and identifying such portions after the programming of the software application program has been substantially completed. Such identification can be inline, within the source code itself, or specified in an external file. During compilation of such source code, a compiler recognizes such identifications and appropriately compiles the source code such that the relevant portions of the software application program are appropriately modularized, including inserting functionality to provide for marshaling of parameters between functionality that will be protected and functionality that will be executed outside of the enclave, as well as appropriately modifying pointers or addresses to be position independent based upon where the functionality making reference to such pointers or addresses will be executed.
展开▼