[Pal/Linux-SGX] Clean up PAL_TCB_LINUX and rename to PAL_TCB_URTS

PAL_TCB_LINUX of Pal/Linux-SGX is unrelated to PAL_TCB because untrusted
code is independent from trusted code. Remove PAL_TCB from PAL_TCB_LINUX
and make PAL_TCB_LINUX visible only to untrusted code. Also, rename to
PAL_TCB_URTS to make it clear that it belongs to untrusted code.

Pal/src/host/Linux-SGX/generated-offsets.c

@@ -93,8 +93,8 @@ void dummy(void)
     OFFSET(SGX_EXEC_SIZE, enclave_tls, exec_size);
     OFFSET(SGX_CLEAR_CHILD_TID, enclave_tls, clear_child_tid);
 
-    /* struct pal_tcb_linux aka PAL_TCB_LINUX */
-    OFFSET(PAL_TCB_LINUX_TCS, pal_tcb_linux, tcs);
+    /* struct pal_tcb_urts aka PAL_TCB_URTS */
+    OFFSET(PAL_TCB_URTS_TCS, pal_tcb_urts, tcs);
 
     /* sgx_arch_tcs_t */
     OFFSET_T(TCS_FLAGS, sgx_arch_tcs_t, flags);

Pal/src/host/Linux-SGX/sgx_entry.S

@@ -18,7 +18,7 @@ sgx_ecall:
 
 .Ldo_ecall:
 	# RBX has to be the TCS of the thread
-	movq %gs:PAL_TCB_LINUX_TCS, %rbx
+	movq %gs:PAL_TCB_URTS_TCS, %rbx
 
 	# RCX has to be the AEP (Asynchronous Exit Pointer)
 	leaq async_exit_pointer(%rip), %rcx

Pal/src/host/Linux-SGX/sgx_main.c

@@ -949,11 +949,9 @@ static int load_enclave (struct pal_enclave * enclave,
         return -ENOMEM;
 
     /* initialize TCB at the top of the alternative stack */
-    PAL_TCB_LINUX* tcb = alt_stack + ALT_STACK_SIZE - sizeof(PAL_TCB_LINUX);
-    tcb->common.self   = &tcb->common;
-    tcb->alt_stack     = alt_stack;
-    tcb->stack         = NULL;  /* main thread uses the stack provided by Linux */
-    tcb->tcs           = NULL;  /* initialized by child thread */
+    PAL_TCB_URTS* tcb = alt_stack + ALT_STACK_SIZE - sizeof(PAL_TCB_URTS);
+    pal_tcb_urts_init(
+        tcb, /*stack=*/NULL, alt_stack); /* main thread uses the stack provided by Linux */
     pal_thread_init(tcb);
 
     /* start running trusted PAL */

Pal/src/host/Linux-SGX/sgx_thread.c

@@ -21,6 +21,13 @@ static sgx_arch_tcs_t * enclave_tcs;
 static int enclave_thread_num;
 static struct thread_map * enclave_thread_map;
 
+void pal_tcb_urts_init(PAL_TCB_URTS* tcb, void* stack, void* alt_stack) {
+    tcb->self = tcb;
+    tcb->tcs = NULL;    /* initialized by child thread */
+    tcb->stack = stack;
+    tcb->alt_stack = alt_stack;
+}
+
 static void spin_lock(struct atomic_int* p) {
     while (atomic_cmpxchg(p, 0, 1)) {
         while (atomic_read(p) == 1)
@@ -55,7 +62,7 @@ void map_tcs(unsigned int tid) {
     for (int i = 0 ; i < enclave_thread_num ; i++)
         if (!enclave_thread_map[i].tid) {
             enclave_thread_map[i].tid = tid;
-            get_tcb_linux()->tcs = enclave_thread_map[i].tcs;
+            get_tcb_urts()->tcs = enclave_thread_map[i].tcs;
             ((struct enclave_dbginfo *) DBGINFO_ADDR)->thread_tids[i] = tid;
             break;
         }
@@ -63,13 +70,13 @@ void map_tcs(unsigned int tid) {
 }
 
 void unmap_tcs(void) {
-    int index = get_tcb_linux()->tcs - enclave_tcs;
+    int index = get_tcb_urts()->tcs - enclave_tcs;
     struct thread_map * map = &enclave_thread_map[index];
 
     assert(index < enclave_thread_num);
 
     spin_lock(&tcs_lock);
-    get_tcb_linux()->tcs = NULL;
+    get_tcb_urts()->tcs = NULL;
     ((struct enclave_dbginfo *) DBGINFO_ADDR)->thread_tids[index] = 0;
     map->tid = 0;
     spin_unlock(&tcs_lock);
@@ -83,10 +90,10 @@ void unmap_tcs(void) {
  * up by other means (e.g., the GS register is set by an SGX-enforced TCS.OGSBASGX).
  */
 int pal_thread_init(void* tcbptr) {
-    PAL_TCB_LINUX* tcb = tcbptr;
+    PAL_TCB_URTS* tcb = tcbptr;
     int ret;
 
-    /* set GS reg of this thread to thread's TCB; after this point, can use get_tcb_linux() */
+    /* set GS reg of this thread to thread's TCB; after this point, can use get_tcb_urts() */
     ret = INLINE_SYSCALL(arch_prctl, 2, ARCH_SET_GS, tcb);
     if (IS_ERR(ret)) {
         ret = -EPERM;
@@ -138,7 +145,7 @@ out:
 }
 
 noreturn void thread_exit(int status) {
-    PAL_TCB_LINUX* tcb = get_tcb_linux();
+    PAL_TCB_URTS* tcb = get_tcb_urts();
 
     /* technically, async signals were already blocked before calling this function
      * (by sgx_ocall_exit()) but we keep it here for future proof */
@@ -190,9 +197,9 @@ int clone_thread(void) {
      *       stack +--> +-------------------+
      *                  |  child stack      | THREAD_STACK_SIZE
      * child_stack +--> +-------------------+
-     *                  |  alternate stack  | ALT_STACK_SIZE - sizeof(PAL_TCB_LINUX)
+     *                  |  alternate stack  | ALT_STACK_SIZE - sizeof(PAL_TCB_URTS)
      *         tcb +--> +-------------------+
-     *                  |  PAL TCB          | sizeof(PAL_TCB_LINUX)
+     *                  |  PAL TCB          | sizeof(PAL_TCB_URTS)
      *                  +-------------------+
      *
      * Note that this whole memory region is zeroed out because we use mmap(). */
@@ -200,11 +207,8 @@ int clone_thread(void) {
     void* child_stack_top = stack + THREAD_STACK_SIZE;
 
     /* initialize TCB at the top of the alternative stack */
-    PAL_TCB_LINUX* tcb = child_stack_top + ALT_STACK_SIZE - sizeof(PAL_TCB_LINUX);
-    tcb->common.self   = &tcb->common;
-    tcb->alt_stack     = child_stack_top;
-    tcb->stack         = stack;
-    tcb->tcs           = NULL;  /* initialized by child thread */
+    PAL_TCB_URTS* tcb = child_stack_top + ALT_STACK_SIZE - sizeof(PAL_TCB_URTS);
+    pal_tcb_urts_init(tcb, stack, child_stack_top);
 
     /* align child_stack to 16 */
     child_stack_top = ALIGN_DOWN_PTR(child_stack_top, 16);

Pal/src/host/Linux-SGX/sgx_tls.h

@@ -37,20 +37,6 @@ struct enclave_tls {
     };
 };
 
-typedef struct pal_tcb_linux {
-    PAL_TCB common;
-    struct {
-        /* private to untrusted Linux PAL, unique to each untrusted thread */
-        sgx_arch_tcs_t*     tcs;       /* TCS page of SGX corresponding to thread, for EENTER */
-        void*               stack;     /* bottom of stack, for later freeing when thread exits */
-        void*               alt_stack; /* bottom of alt stack, for child thread to init alt stack */
-    };
-} PAL_TCB_LINUX;
-
-static inline PAL_TCB_LINUX* get_tcb_linux(void) {
-    return (PAL_TCB_LINUX*)pal_get_tcb();
-}
-
 #ifndef DEBUG
 extern uint64_t dummy_debug_variable;
 #endif
@@ -76,7 +62,24 @@ extern uint64_t dummy_debug_variable;
         __asm__ ("movq %q0, %%gs:%c1":: "r" (value),                \
              "i" (offsetof(struct enclave_tls, member)));           \
     } while (0)
+# else
+/* private to untrusted Linux PAL, unique to each untrusted thread */
+typedef struct pal_tcb_urts {
+    struct pal_tcb_urts* self;
+    sgx_arch_tcs_t*     tcs;       /* TCS page of SGX corresponding to thread, for EENTER */
+    void*               stack;     /* bottom of stack, for later freeing when thread exits */
+    void*               alt_stack; /* bottom of alt stack, for child thread to init alt stack */
+} PAL_TCB_URTS;
 
+extern void pal_tcb_urts_init(PAL_TCB_URTS* tcb, void* stack, void* alt_stack);
+
+static inline PAL_TCB_URTS* get_tcb_urts(void) {
+    PAL_TCB_URTS* tcb;
+    __asm__ ("movq %%gs:%c1, %q0\n"
+             : "=r" (tcb)
+             : "i" (offsetof(PAL_TCB_URTS, self)));
+    return tcb;
+}
 # endif
 
 #endif /* __SGX_TLS_H__ */