The enclave can only read the untrusted memory of the application, but the untrusted application can not read data from the enclave.
I am building an Intel® SGX application where the enclave process would handled large amounts of data from the untrusted application. If data is copied to from untrusted applications to the enclave, there would not be enough memory. Is there a way to directly process the data in the Untrust area without causing data copying?
You would have to allocate enough EPC for the data you are working with. The Intel® SGX Kernel Module and runtime supports paging so if the system runs out of EPC, it can utilize normal OS paging mechanisms to securely page EPC memory out to disk which would free up some EPC.
You could theoretically work on data in untrusted memory from within the enclave depending on the usage, but the enclave would only be able to access the untrusted application but the untrusted application could not read the enclave memory.