Remove trailing blanks

.travis.yml

@@ -8,7 +8,7 @@ before_script:
   - git clone https://github.com/01org/linux-sgx-driver.git -b sgx_driver_$ISGX_DRIVER_VERSION
 
 script:
-  - make 
+  - make
   - cd $TRAVIS_BUILD_DIR/Pal/src && make clean && make SGX=1
   - cd $TRAVIS_BUILD_DIR/Pal/src && make clean && make DEBUG=1
   - cd $TRAVIS_BUILD_DIR/Pal/src && make clean && make SGX=1 DEBUG=1

LICENSE.addendum.txt

@@ -2,7 +2,7 @@ Graphene itself is licensed under the LGPL.
 
 Graphene on an SGX host requires a kernel driver (in
 Pal/src/host/Linux-SGX/sgx-driver), which is separately licensed under
-the GPL.  
+the GPL.
 
 Graphene also includes the following third party sources (and licenses):
 

LibOS/glibc-2.19/libos/Makefile

@@ -22,7 +22,7 @@
 subdir		:= libos
 
 # Installed header files.
-headers		:= 
+headers		:=
 
 # Internal header files.
 distribute	:= errno.h

LibOS/shim/include/shim_fs.h

@@ -146,7 +146,7 @@ struct shim_dentry {
     struct shim_qstr name;          /* caching the file's name. */
 
 
-    /* DEP 6/16/17: For now, let's try not hashing; I suspect it is 
+    /* DEP 6/16/17: For now, let's try not hashing; I suspect it is
      * overkill for most purposes.  I'll leave the field here for now,
      * but propose we move to a per-directory table to accelerate lookups,
      * rather than a global table, since this just supports one process.
@@ -179,15 +179,15 @@ struct shim_d_ops {
                  int flags);
 
     /* look up dentry and allocate internal data.
-     * 
+     *
      * On a successful lookup  (non-error, can be negative),
      * this function should call get_new_dentry(), populating additional fields,
      * and storing the new dentry in dent.
-     * 
+     *
      * Maybe drop force?
      */
     int (*lookup) (struct shim_dentry * dent, bool force);
-    
+
     /* this is to check file type and access, returning the stat.st_mode */
     int (*mode) (struct shim_dentry * dent, mode_t * mode, bool force);
 
@@ -223,7 +223,7 @@ struct shim_d_ops {
     /* readdir: given the path relative to the mount point, read the childs
        into the the buffer.  This call always returns everything under
        the directory in one big buffer; you do not need to try again
-       or keep a cursor in the directory.  You do need to free the 
+       or keep a cursor in the directory.  You do need to free the
        returned buffer. */
     int (*readdir) (struct shim_dentry * dent, struct shim_dirent ** dirent);
 };
@@ -281,7 +281,7 @@ extern struct shim_dentry * dentry_root;
                      (((x) == O_WRONLY || (x) == O_RDWR) ? MAY_WRITE : 0))
 
 #define LOOKUP_OPEN             0100 // Appears to be ignored
-#define LOOKUP_CREATE           0200 
+#define LOOKUP_CREATE           0200
 #define LOOKUP_ACCESS           0400 // Appears to be ignored
 #define LOOKUP_SYNC     (LOOKUP_OPEN|LOOKUP_CREATE|LOOKUP_ACCESS)
 
@@ -349,31 +349,31 @@ int permission (struct shim_dentry * dent, int mask, bool force);
 /* This function looks up a single dentry based on its parent dentry pointer
  * and the name.  Namelen is the length of char * name.
  * The dentry is returned in pointer *new.
- * 
+ *
  * The force flag causes the libOS to query the underlying file system for the
  * existence of the dentry, whereas without force, a negative dentry is
  * treated as definitive.  In some cases, this can be elided as an
  * optimization.
- * 
+ *
  * The caller should hold the dcache_lock.
  */
 int lookup_dentry (struct shim_dentry * parent, const char * name, int namelen,
                    bool force, struct shim_dentry ** new, struct shim_mount * fs);
 
 /* Looks up path under start dentry.  Saves in dent.
- * 
+ *
  * Assumes dcache_lock is held; main difference from path_lookupat is that
  * dcache_lock is not released on return.
- * 
+ *
  * The refcount is dropped by one on the returned dentry.
- * 
+ *
  * The make_ancestor flag creates pseudo-dentries for any parent paths that
  * are not in cache and do not exist on the underlying file system.  This is
  * intended for use only in setting up the file system view specified in the manifest.
  *
  * If the file isnt' found, returns -ENOENT.
- * 
- * If the LOOKUP_DIRECTORY flag is set, and the found file isn't a directory, 
+ *
+ * If the LOOKUP_DIRECTORY flag is set, and the found file isn't a directory,
  *  returns -ENOTDIR.
  */
 int __path_lookupat (struct shim_dentry * start, const char * path, int flags,
@@ -387,19 +387,19 @@ int path_lookupat (struct shim_dentry * start, const char * name, int flags,
 
 /* This function initializes dir to before a search, to either point
  * to the current working directory (if dfd == AT_FDCWD), or to the handle pointed to by dfd,
- * depending on the argument.  
- * 
- * Returns -EBADF if dfd is <0 or not a valid handle. 
+ * depending on the argument.
+ *
+ * Returns -EBADF if dfd is <0 or not a valid handle.
  * Returns -ENOTDIR if dfd is not a directory.
  */
 int path_startat (int dfd, struct shim_dentry ** dir);
 
 /* Open path with given flags, in mode, similar to Unix open.
- * 
+ *
  * The start dentry specifies where to begin the search.
- * hdl is an optional argument; if passed in, it is initialized to 
+ * hdl is an optional argument; if passed in, it is initialized to
  *   refer to the opened path.
- * 
+ *
  * The result is stored in dent.
  */
 
@@ -419,19 +419,19 @@ int dentry_open (struct shim_handle * hdl, struct shim_dentry * dent,
                  int flags);
 
 /* This function enumerates a directory and caches the results in the dentry.
- * 
+ *
  * Input: A dentry for a directory in the DENTRY_ISDIRECTORY and not in the
  * DENTRY_LISTED state.  The dentry DENTRY_LISTED flag is set upon success.
- * 
+ *
  * Return value: 0 on success, <0 on error
  */
 int list_directory_dentry (struct shim_dentry *dir);
 
 /* This function caches the contents of a directory (dent), already
  * in the listed state, in a buffer associated with a handle (hdl).
- * 
+ *
  * This function should only be called once on a handle.
- * 
+ *
  * Returns 0 on success, <0 on failure.
  */
 int list_directory_handle (struct shim_dentry *dent, struct shim_handle *hdl );
@@ -502,17 +502,17 @@ const char * dentry_get_name (struct shim_dentry * dent)
 }
 
 /* Allocate and initialize a new dentry for path name, under
- * parent.  Return the dentry.  
- * 
+ * parent.  Return the dentry.
+ *
  * mount is the mountpoint the dentry is under; this is typically
- * the parent->fs, but is passed explicitly for initializing 
+ * the parent->fs, but is passed explicitly for initializing
  * the dentry of a mountpoint.
- * 
+ *
  * If hashptr is passed (as an optimization), this is a hash
  * of the name.
- * 
+ *
  * If parent is non-null, the ref count is 1; else it is zero.
- * 
+ *
  * This function also sets up both a name and a relative path
  */
 struct shim_dentry * get_new_dentry (struct shim_mount *mount,
@@ -520,28 +520,28 @@ struct shim_dentry * get_new_dentry (struct shim_mount *mount,
                                      const char * name, int namelen,
                                      HASHTYPE * hashptr);
 
-/* This function searches for name/namelen (as the relative path; 
- * path/pathlen is the fully-qualified path), 
+/* This function searches for name/namelen (as the relative path;
+ * path/pathlen is the fully-qualified path),
  * under parent dentry (start).
- * 
+ *
  * If requested, the expected hash of the dentry is returned in hashptr,
  * primarily so that the hashing can be reused to add the dentry later.
- * 
+ *
  * The reference count on the found dentry is incremented by one.
  *
- * Used only by shim_namei.c 
+ * Used only by shim_namei.c
  */
 struct shim_dentry *
 __lookup_dcache (struct shim_dentry * start, const char * name, int namelen,
                  const char * path, int pathlen, HASHTYPE * hashptr);
 
-/* This function recursively deletes and frees all dentries under root 
- * 
+/* This function recursively deletes and frees all dentries under root
+ *
  * XXX: Current code doesn't do a free..
  */
 int __del_dentry_tree(struct shim_dentry * root);
 
-/* XXX: Future work: current dcache never shrinks.  Would be nice 
+/* XXX: Future work: current dcache never shrinks.  Would be nice
  * to be able to do something like LRU under space pressure, although
  * for a single app, this may be over-kill. */
 

LibOS/shim/include/shim_handle.h

@@ -325,7 +325,7 @@ struct shim_mount;
 struct shim_qstr;
 struct shim_dentry;
 
-/* The epolls list links to the back field of the shim_epoll_fd structure 
+/* The epolls list links to the back field of the shim_epoll_fd structure
  */
 struct shim_handle {
     enum shim_handle_type   type;

LibOS/shim/src/bookkeep/shim_handle.c

@@ -54,7 +54,7 @@ static inline int init_tty_handle (struct shim_handle * hdl, bool write)
     struct shim_dentry * dent = NULL;
     int ret;
     struct shim_thread * cur_thread = get_cur_thread();
-    
+
     /* XXX: Try getting the root FS from current thread? */
     assert(cur_thread);
     assert(cur_thread->root);

LibOS/shim/src/bookkeep/shim_thread.c

@@ -649,7 +649,7 @@ BEGIN_CP_FUNC(thread)
         *objp = (void *) new_thread;
 }
 END_CP_FUNC(thread)
-    
+
 BEGIN_RS_FUNC(thread)
 {
     struct shim_thread * thread = (void *) (base + GET_CP_FUNC_ENTRY());
@@ -707,7 +707,7 @@ BEGIN_CP_FUNC(running_thread)
     }
 }
 END_CP_FUNC(running_thread)
-    
+
 int resume_wrapper (void * param)
 {
     struct shim_thread * thread = (struct shim_thread *) param;

LibOS/shim/src/fs/shim_dcache.c

@@ -1,7 +1,7 @@
 /* -*- mode:c; c-file-style:"k&r"; c-basic-offset: 4; tab-width:4; indent-tabs-mode:nil; mode:auto-fill; fill-column:78; -*- */
 /* vim: set ts=4 sw=4 et tw=78 fo=cqt wm=0: */
 
-/* Copyright (C) 2014 Stony Brook University, 
+/* Copyright (C) 2014 Stony Brook University,
    2017 University of North Carolina at Chapel Hill and Fortanix, Inc.
    This file is part of Graphene Library OS.
 
@@ -81,7 +81,7 @@ int init_dcache (void)
 
     dentry_root = alloc_dentry();
 
-    /* The root is special; we assume it won't change or be freed, and 
+    /* The root is special; we assume it won't change or be freed, and
      * set its refcount to 1. */
     get_dentry(dentry_root);
 
@@ -119,13 +119,13 @@ static void free_dentry (struct shim_dentry *dent) {
 }
 
 /* Decrement the reference count on dent.
- * 
+ *
  * For now, we don't have an eviction policy, so just
- * keep everything.  
- * 
- * If a dentry is on the children list of a parent, it has 
- * a refcount of at least 1.  
- * 
+ * keep everything.
+ *
+ * If a dentry is on the children list of a parent, it has
+ * a refcount of at least 1.
+ *
  * If the ref count ever hits zero, we free the dentry.
  *
  */
@@ -137,7 +137,7 @@ void put_dentry (struct shim_dentry * dent) {
     if (count == 0) {
         debug("XXX Churn Warning: Freeing dentry %p; may not be expected\n", dent);
         // Add some assertions that the dentry is properly cleaned up, like it
-        // isn't on a parent's children list 
+        // isn't on a parent's children list
         assert(list_empty(dent, siblings));
         free_dentry(dent);
     }
@@ -146,17 +146,17 @@ void put_dentry (struct shim_dentry * dent) {
 }
 
 /* Allocate and initialize a new dentry for path name, under
- * parent.  Return the dentry.  
- * 
+ * parent.  Return the dentry.
+ *
  * mount is the mountpoint the dentry is under; this is typically
- * the parent->fs, but is passed explicitly for initializing 
+ * the parent->fs, but is passed explicitly for initializing
  * the dentry of a mountpoint.
- * 
+ *
  * If hashptr is passed (as an optimization), this is a hash
  * of the name.
- * 
+ *
  * If parent is non-null, the ref count is 1; else it is zero.
- * 
+ *
  * This function also sets up both a name and a relative path
  */
 struct shim_dentry * get_new_dentry (struct shim_mount *mount,
@@ -166,7 +166,7 @@ struct shim_dentry * get_new_dentry (struct shim_mount *mount,
 {
     struct shim_dentry * dent = alloc_dentry();
     HASHTYPE hash;
-    
+
     if (!dent)
         return NULL;
 
@@ -178,10 +178,10 @@ struct shim_dentry * get_new_dentry (struct shim_mount *mount,
         hash = *hashptr;
     } else
         hash = hash_dentry(parent, name, namelen);
-    
+
     qstrsetstr(&dent->name, name, namelen);
     dent->rel_path.hash = hash;
-    /* DEP 6/16/17: Not sure this flag is strictly necessary. 
+    /* DEP 6/16/17: Not sure this flag is strictly necessary.
      * But keeping it for now.
      */
     dent->state |= DENTRY_HASHED;
@@ -190,7 +190,7 @@ struct shim_dentry * get_new_dentry (struct shim_mount *mount,
         get_mount(mount);
         dent->fs = mount;
     }
-    
+
     if (parent) {
         // Increment both dentries' ref counts once they are linked
         get_dentry(parent);
@@ -212,38 +212,38 @@ struct shim_dentry * get_new_dentry (struct shim_mount *mount,
     return dent;
 }
 
-/* This function searches for name/namelen (as the relative path) under 
+/* This function searches for name/namelen (as the relative path) under
  * the parent directory (start).
- * 
+ *
  * path/pathlen is the fully-qualified path, and an optional (unused)
  * argument.  XXX: I am not sure what the case is where the full path
  * would resolve but the relative path would not; consider dropping
  * this argument, or documenting the reason (after testing).
- * 
+ *
  * If requested, the expected hash of the dentry is returned in hashptr,
  * primarily so that the hashing can be reused to add the dentry later.
- * 
+ *
  * The reference count on the found dentry is incremented by one.
- * 
- * Used only by shim_namei.c 
+ *
+ * Used only by shim_namei.c
  */
 struct shim_dentry *
 __lookup_dcache (struct shim_dentry * start, const char * name, int namelen,
                  const char * path, int pathlen, HASHTYPE * hashptr) {
 
-    /* In this implementation, we just look at the children 
+    /* In this implementation, we just look at the children
      * under the parent and see if there are matches.  It so,
-     * return it; if not, don't.  
-     * 
+     * return it; if not, don't.
+     *
      * To minimize disruption (and possibly for future optimization)
      * we are keeping hashes, so let's start with that for a marginally
-     * faster comparison 
+     * faster comparison
      */
     HASHTYPE hash = hash_dentry(start, name, namelen);
     struct shim_dentry *dent, *found = NULL;
 
     /* If start is NULL, there will be no hit in the cache.
-     * This mainly happens when boostrapping; in general, we assume the 
+     * This mainly happens when boostrapping; in general, we assume the
      * caller will use the current root or cwd.
      */
     if (!start) return NULL;
@@ -254,7 +254,7 @@ __lookup_dcache (struct shim_dentry * start, const char * name, int namelen,
         found = start;
         goto out;
     }
-    
+
     listp_for_each_entry(dent, &start->children, siblings) {
         /* DEP 6/20/XX: The old code skipped mountpoints; I don't see any good
          * reason for mount point lookup to fail, at least in this code.
@@ -265,13 +265,13 @@ __lookup_dcache (struct shim_dentry * start, const char * name, int namelen,
 
         // Check for memory corruption
         assert(0 == (dent->state & DENTRY_INVALID_FLAGS));
-        
+
         /* Compare the hash first */
         if (dent->rel_path.hash != hash)
             continue;
 
-        /* I think comparing the relative path is adequate; with a global 
-         * hash table, a full path comparison may be needed, but I think 
+        /* I think comparing the relative path is adequate; with a global
+         * hash table, a full path comparison may be needed, but I think
          * we can assume a parent has children with unique names */
         const char * filename = get_file_name(name, namelen);
         const char * dname = dentry_get_name(dent);
@@ -306,7 +306,7 @@ int __del_dentry_tree(struct shim_dentry * root) {
     struct shim_dentry *cursor, *n;
 
     listp_for_each_entry_safe(cursor, n, &root->children, siblings) {
-        // Recur if this is a non-empty directory 
+        // Recur if this is a non-empty directory
         if (!listp_empty(&cursor->children))
             __del_dentry_tree(cursor);
 
@@ -383,9 +383,9 @@ BEGIN_RS_FUNC(dentry)
 
     create_lock(dent->lock);
 
-    /* DEP 6/16/17: I believe the point of this line is to 
-     * fix up the children linked list.  Presumably the ref count and 
-     * child count is already correct in the checkpoint. */   
+    /* DEP 6/16/17: I believe the point of this line is to
+     * fix up the children linked list.  Presumably the ref count and
+     * child count is already correct in the checkpoint. */
     if (dent->parent) {
         get_dentry(dent->parent);
         get_dentry(dent);

LibOS/shim/src/fs/shim_fs.c

@@ -227,7 +227,7 @@ int init_mount_root (void)
 
     int ret;
     struct shim_dentry *root = NULL;
-    
+
     if ((ret = __mount_root(&root)) < 0)
         return ret;
 
@@ -309,14 +309,14 @@ int __mount_fs (struct shim_mount * mount, struct shim_dentry * dent)
      * point is marked as a directory */
     if (mount_root->state & DENTRY_ISDIRECTORY)
         dent->state |= DENTRY_ISDIRECTORY;
-    
+
     /* DEP 6/16/17: In the dcache redesign, we don't use the *REACHABLE flags, but
      * leaving this commented for documentation, in case there is a problem
      * I over-simplified */
     //mount_root->state |= dent->state & (DENTRY_REACHABLE|DENTRY_UNREACHABLE);
 
     /* DEP 6/16/17: In the dcache redesign, I don't believe we need to manually
-     * rehash the path; this should be handled by get_new_dentry, or already be 
+     * rehash the path; this should be handled by get_new_dentry, or already be
      * hashed if mount_root exists.  I'm going to leave this line here for now
      * as documentation in case there is a problem later.
      */
@@ -345,7 +345,7 @@ int __mount_fs (struct shim_mount * mount, struct shim_dentry * dent)
         dent = parent;
     } while (dent);
 
-    
+
     return 0;
 }
 
@@ -378,7 +378,7 @@ out:
 }
 
 /* Parent is optional, but helpful.
- * dentp (optional) memoizes the dentry of the newly-mounted FS, on success. 
+ * dentp (optional) memoizes the dentry of the newly-mounted FS, on success.
  *
  * The make_ancestor flag creates pseudo-dentries for any missing paths (passed to
  * __path_lookupat).  This is only intended for use to connect mounts specified in the manifest
@@ -421,7 +421,7 @@ int mount_fs (const char * type, const char * uri, const char * mount_point,
             }
         }
     }
-    
+
     lock(dcache_lock);
 
     struct shim_mount * mount = alloc_mount();
@@ -455,17 +455,17 @@ int mount_fs (const char * type, const char * uri, const char * mount_point,
             get_dentry(dent);
         }
     }
-    
-    assert(dent == dentry_root || !(dent->state & DENTRY_VALID));    
+
+    assert(dent == dentry_root || !(dent->state & DENTRY_VALID));
 
     // We need to fix up the relative path to this mount, but only for
-    // directories.  
+    // directories.
     qstrsetstr(&dent->rel_path, "", 0);
     mount->path.hash = dent->rel_path.hash;
 
     /*Now go ahead and do a lookup so the dentry is valid */
     if ((ret = __path_lookupat(dentry_root, mount_point, 0, &dent2, 0,
-                               parent ? parent->fs : mount, make_ancestor)) < 0) 
+                               parent ? parent->fs : mount, make_ancestor)) < 0)
         goto out_with_unlock;
 
     assert(dent == dent2);
@@ -478,13 +478,13 @@ int mount_fs (const char * type, const char * uri, const char * mount_point,
     ret = __mount_fs(mount, dent);
 
     // If we made it this far and the dentry is still negative, clear
-    // the negative flag from the denry. 
+    // the negative flag from the denry.
     if (!ret && (dent->state & DENTRY_NEGATIVE))
         dent->state &= ~DENTRY_NEGATIVE;
-    
+
     /* Set the file system at the mount point properly */
     dent->fs = mount;
-    
+
     if (dentp && !ret)
         *dentp = dent;
 

LibOS/shim/src/fs/shim_namei.c

@@ -1,7 +1,7 @@
 /* -*- mode:c; c-file-style:"k&r"; c-basic-offset: 4; tab-width:4; indent-tabs-mode:nil; mode:auto-fill; fill-column:78; -*- */
 /* vim: set ts=4 sw=4 et tw=78 fo=cqt wm=0: */
 
-/* Copyright (C) 2017, University of North Carolina at Chapel Hill 
+/* Copyright (C) 2017, University of North Carolina at Chapel Hill
    and Fortanix, Inc.
    This file is part of Graphene Library OS.
 
@@ -66,11 +66,11 @@ static inline int __lookup_flags (int flags)
 }
 
 /* check permission (specified by mask) of a dentry. If force is not set,
- * permission is considered granted on invalid dentries 
- * 
+ * permission is considered granted on invalid dentries
+ *
  * mask is the same as mode in the manual for access(2): F_OK, R_OK, W_OK,
  * X_OK
- * 
+ *
  * Returns 0 on success, negative on failure.
  */
 /* Assume caller has acquired dcache_lock */
@@ -78,7 +78,7 @@ int permission (struct shim_dentry * dent, int mask, bool force) {
 
     mode_t mode = 0;
 
-    /* Pseudo dentries don't really have permssions.  I wonder if 
+    /* Pseudo dentries don't really have permssions.  I wonder if
      * we could tighten up the range of allowed calls.
      */
     if (dent->state & DENTRY_ANCESTOR)
@@ -93,7 +93,7 @@ int permission (struct shim_dentry * dent, int mask, bool force) {
         return 0;
 
     /* A dentry may not have the mode stored.  The original code
-     * used both NO_MODE and !DENTRY_VALID; let's try to consolidate to 
+     * used both NO_MODE and !DENTRY_VALID; let's try to consolidate to
      * just NO_MODE.
      */
     if (dent->mode == NO_MODE) {
@@ -101,7 +101,7 @@ int permission (struct shim_dentry * dent, int mask, bool force) {
         if (!force)
             return 0;
 
-        /* DEP 6/16/17: I don't think we should be defaulting to 0 if 
+        /* DEP 6/16/17: I don't think we should be defaulting to 0 if
          * there isn't a mode function. */
         assert(dent->fs);
         assert(dent->fs->d_ops);
@@ -124,7 +124,7 @@ int permission (struct shim_dentry * dent, int mask, bool force) {
             return err;
 
         dent->mode = mode;
-    } 
+    }
 
     mode = dent->mode;
 
@@ -367,7 +367,7 @@ int __path_lookupat (struct shim_dentry * start, const char * path, int flags,
 
                 assert(my_dent->fs->d_ops && my_dent->fs->d_ops->follow_link);
 
-                if ((err = my_dent->fs->d_ops->follow_link(my_dent, &this)) < 0) 
+                if ((err = my_dent->fs->d_ops->follow_link(my_dent, &this)) < 0)
                     goto out;
 
                 path = qstrgetstr(&this);
@@ -401,7 +401,7 @@ int __path_lookupat (struct shim_dentry * start, const char * path, int flags,
         // If we found something, and there is more, recur
         if (*my_path != '\0') {
 
-            /* If we have more to look up, but got a negative DENTRY, 
+            /* If we have more to look up, but got a negative DENTRY,
              * we need to fail or (unlikely) create an ancestor dentry.*/
             if (my_dent->state & DENTRY_NEGATIVE) {
                 if (make_ancestor) {
@@ -445,7 +445,7 @@ int __path_lookupat (struct shim_dentry * start, const char * path, int flags,
             *dent = my_dent;
 
         // Enforce LOOKUP_CREATE flag at a higher level
-        if (my_dent->state & DENTRY_NEGATIVE) 
+        if (my_dent->state & DENTRY_NEGATIVE)
                 err = -ENOENT;
 
         // Enforce the LOOKUP_DIRECTORY flag
@@ -479,16 +479,16 @@ int path_lookupat (struct shim_dentry * start, const char * name, int flags,
 
 
 /* Open path with given flags, in mode, similar to Unix open.
- * 
+ *
  * The start dentry specifies where to begin the search, and can be null. If
  * specified, we assume the caller has incremented the ref count on the start,
  * but not the associated mount (probably using path_startat)
  *
- * hdl is an optional argument; if passed in, it is initialized to 
+ * hdl is an optional argument; if passed in, it is initialized to
  *   refer to the opened path.
  *
- * We assume the caller has not increased 
- * 
+ * We assume the caller has not increased
+ *
  * The result is stored in dent.
  */
 
@@ -565,7 +565,7 @@ int open_namei (struct shim_handle * hdl, struct shim_dentry * start,
     }
 
     // Set up the file handle, if provided
-    if (hdl) 
+    if (hdl)
         err = dentry_open(hdl, mydent, flags);
 
 out:
@@ -681,15 +681,15 @@ static inline void set_dirent_type (mode_t * type, int d_type)
 }
 
 /* This function enumerates a directory and caches the results in the cache.
- * 
+ *
  * Input: A dentry for a directory in the DENTRY_ISDIRECTORY and not in the
  * DENTRY_LISTED state.  The dentry DENTRY_LISTED flag is set upon success.
- * 
+ *
  * Return value: 0 on success, <0 on error
- * 
+ *
  * DEP 7/9/17: This work was once done as part of open, but, since getdents*
  * have no consistency semantics, we can apply the principle of laziness and
- * not do the work until we are sure we really need to.  
+ * not do the work until we are sure we really need to.
  */
 int list_directory_dentry (struct shim_dentry *dent) {
 
@@ -697,8 +697,8 @@ int list_directory_dentry (struct shim_dentry *dent) {
     struct shim_mount * fs = dent->fs;
     lock(dcache_lock);
 
-    /* DEP 8/4/17: Another process could list this directory 
-     * while we are waiting on the dcache lock.  This is ok, 
+    /* DEP 8/4/17: Another process could list this directory
+     * while we are waiting on the dcache lock.  This is ok,
      * no need to blow an assert.
      */
     if (dent->state & DENTRY_LISTED){
@@ -723,7 +723,7 @@ int list_directory_dentry (struct shim_dentry *dent) {
         dirent = NULL;
         goto done_read;
     }
-    
+
     struct shim_dirent * d = dirent;
     for ( ; d ; d = d->next) {
         struct shim_dentry * child;

LibOS/shim/src/fs/socket/fs.c

@@ -228,7 +228,7 @@ static int socket_poll (struct shim_handle * hdl, int poll_type)
     }
 
     ret = 0;
-    if (attr.disconnected) 
+    if (attr.disconnected)
         ret |= FS_POLL_ER;
     if ((poll_type & FS_POLL_RD) && attr.readable)
         ret |= FS_POLL_RD;

LibOS/shim/src/ipc/shim_ipc_helper.c

@@ -57,8 +57,8 @@ static LISTP_TYPE(shim_ipc_port) ipc_port_pool [PID_HASH_NUM];
 
 /* This variable can be read without the ipc_helper_lock held, but
  * should be modified with the ipc_helper_lock held (and in some cases,
- * the value should be re-checked after acquiring the lock. 
- * For reads in a loop without the lock, some caution should be taken to 
+ * the value should be re-checked after acquiring the lock.
+ * For reads in a loop without the lock, some caution should be taken to
  * use compiler barriers to ensure that a stale value isn't cached.
  */
 static enum {
@@ -1028,8 +1028,8 @@ end:
         put_handle_map(self->handle_map);
 
     /* shim_clean ultimately calls del_all_ipc_ports(), which reacquires the
-     * helper lock.  Err on the side of caution by adding a barrier to ensure 
-     * reading the latest ipc helper state.       
+     * helper lock.  Err on the side of caution by adding a barrier to ensure
+     * reading the latest ipc helper state.
      */
     barrier();
     if (ipc_helper_state == HELPER_HANDEDOVER) {
@@ -1052,7 +1052,7 @@ static int create_ipc_helper (void)
 {
     int ret = 0;
 
-    /* If we are holding the lock, no barrier is needed here, as 
+    /* If we are holding the lock, no barrier is needed here, as
      * the lock (and new function) form an implicit barrier, and
      * any "recent" changes should have come from this thread */
     if (ipc_helper_state == HELPER_ALIVE)

LibOS/shim/src/ipc/shim_ipc_nsimpl.h

@@ -91,7 +91,7 @@ static LOCKTYPE range_map_lock;
 /* This hash table organizes range structs by hlist */
 DEFINE_LISTP(range);
 static LISTP_TYPE(range) range_table [RANGE_HASH_NUM];
-/* These lists organizes range structs by list 
+/* These lists organizes range structs by list
  */
 static LISTP_TYPE(range) owned_ranges;
 static LISTP_TYPE(range) offered_ranges;

LibOS/shim/src/shim_async.c

@@ -63,7 +63,7 @@ int64_t install_async_event (PAL_HANDLE object, unsigned long time,
 
     unsigned long install_time = DkSystemTimeQuery();
     int64_t rv = 0;
-    
+
     debug("install async event at %lu\n", install_time);
 
     event->callback     = callback;
@@ -82,10 +82,10 @@ int64_t install_async_event (PAL_HANDLE object, unsigned long time,
             break;
     }
 
-    /* 
+    /*
      * man page of alarm system call :
      * DESCRIPTION
-     * alarm() arranges for a SIGALRM signal to be delivered to the 
+     * alarm() arranges for a SIGALRM signal to be delivered to the
 	 * calling process in seconds seconds.
      * If seconds is zero, any pending alarm is canceled.
      * In any event any previously set alarm() is canceled.
@@ -110,13 +110,13 @@ int64_t install_async_event (PAL_HANDLE object, unsigned long time,
     if (!time)    // If seconds is zero, any pending alarm is canceled.
         free(event);
     else
-        listp_add_tail(event, &async_list, list);   
+        listp_add_tail(event, &async_list, list);
 
     if (async_helper_state == HELPER_NOTALIVE)
         create_async_helper();
 
     unlock(async_helper_lock);
-    
+
     set_event(&async_helper_event, 1);
     return rv;
 }
@@ -191,7 +191,7 @@ static void shim_async_helper (void * arg)
 
         polled = DkObjectsWaitAny(object_num + 1, local_objects, sleep_time);
         barrier();
-        
+
         if (!polled) {
             if (next_event) {
                 debug("async event trigger at %lu\n",
@@ -318,7 +318,7 @@ int create_async_helper (void)
     /* Publish new and update the state once fully initialized */
     async_helper_thread = new;
     async_helper_state = HELPER_ALIVE;
-    
+
     return 0;
 }
 

LibOS/shim/src/shim_malloc.c

@@ -21,9 +21,9 @@
  * shim_malloc.c
  *
  * This file implements page allocation for the library OS-internal SLAB
- * memory allocator.  The slab allocator is in Pal/lib/slabmgr.h.  
- * 
- * When existing slabs are not sufficient, or a large (4k or greater) 
+ * memory allocator.  The slab allocator is in Pal/lib/slabmgr.h.
+ *
+ * When existing slabs are not sufficient, or a large (4k or greater)
  * allocation is requested, it ends up here (__system_alloc and __system_free).
  */
 

LibOS/shim/src/start.S

@@ -1,4 +1,4 @@
-/* -*- mode:c; c-basic-offset:4; tab-width:4; indent-tabs-mode:t; mode:auto-fill; fill-column:78; -*- */ 
+/* -*- mode:c; c-basic-offset:4; tab-width:4; indent-tabs-mode:t; mode:auto-fill; fill-column:78; -*- */
 /* vim: set ts=4 sw=4 et tw=78 fo=cqt wm=0: */
 
 

LibOS/shim/src/sys/shim_clone.c

@@ -67,18 +67,18 @@
 
 /*
  * This Function is a wrapper around the user provided function.
- * Code flow for clone is as follows - 
- * 1) User application allocates stack for child process and  
- *    calls clone. The clone code sets up the user function 
+ * Code flow for clone is as follows -
+ * 1) User application allocates stack for child process and
+ *    calls clone. The clone code sets up the user function
  *    address and the argument address on the child stack.
- * 2)we Hijack the clone call and control flows to shim_clone 
- * 3)In Shim Clone we just call the DK Api to create a thread by providing a 
- *   wrapper function around the user provided function 
+ * 2)we Hijack the clone call and control flows to shim_clone
+ * 3)In Shim Clone we just call the DK Api to create a thread by providing a
+ *   wrapper function around the user provided function
  * 4)PAL layer allocates a stack and then invokes the clone syscall
  * 5)PAL runs thread_init function on PAL allocated Stack
- * 6)thread_init calls our wrapper and gives the user provided stack 
+ * 6)thread_init calls our wrapper and gives the user provided stack
  *   address.
- * 7.In the wrapper function ,we just do the stack switch to user 
+ * 7.In the wrapper function ,we just do the stack switch to user
  *   Provided stack and execute the user Provided function.
  */
 
@@ -96,7 +96,7 @@ int clone_implementation_wrapper(struct clone_args * arg)
 
     struct clone_args *pcargs = arg;
     int stack_allocated = 0;
-    
+
     DkObjectsWaitAny(1, &pcargs->create_event, NO_TIMEOUT);
     DkObjectClose(pcargs->create_event);
 
@@ -133,7 +133,7 @@ int clone_implementation_wrapper(struct clone_args * arg)
     add_thread(my_thread);
     set_as_child(arg->parent, my_thread);
 
-    /* Don't signal the initialize event until we are actually init-ed */ 
+    /* Don't signal the initialize event until we are actually init-ed */
     DkEventSet(pcargs->initialize_event);
 
     /***** From here down, we are switching to the user-provided stack ****/
@@ -320,11 +320,11 @@ int shim_do_clone (int flags, void * user_stack_addr, int * parent_tidptr,
     new_args.stack     = user_stack_addr;
     new_args.return_pc = *(void **) user_stack_addr;
 
-    // Invoke DkThreadCreate to spawn off a child process using the actual 
-    // "clone" system call. DkThreadCreate allocates a stack for the child 
-    // and then runs the given function on that stack However, we want our 
-    // child to run on the Parent allocated stack , so once the DkThreadCreate 
-    // returns .The parent comes back here - however, the child is Happily 
+    // Invoke DkThreadCreate to spawn off a child process using the actual
+    // "clone" system call. DkThreadCreate allocates a stack for the child
+    // and then runs the given function on that stack However, we want our
+    // child to run on the Parent allocated stack , so once the DkThreadCreate
+    // returns .The parent comes back here - however, the child is Happily
     // running the function we gave to DkThreadCreate.
     PAL_HANDLE pal_handle = thread_create(clone_implementation_wrapper,
                                           &new_args, flags);

LibOS/shim/src/sys/shim_epoll.c

@@ -58,7 +58,7 @@
 
 struct shim_mount epoll_builtin_fs;
 
-/* shim_epoll_fds are linked as a list (by the list field), 
+/* shim_epoll_fds are linked as a list (by the list field),
  * hanging off of a shim_epoll_handle (by the fds field) */
 struct shim_epoll_fd {
     FDTYPE                      fd;

LibOS/shim/src/sys/shim_exec.c

@@ -269,7 +269,7 @@ int shim_do_execve (const char * file, const char ** argv,
 
     BEGIN_PROFILE_INTERVAL();
 
-    
+
     DEFINE_LIST(sharg);
     struct sharg {
         LIST_TYPE(sharg)  list;

LibOS/shim/src/sys/shim_fs.c

@@ -61,7 +61,7 @@ int shim_do_unlink (const char * file)
     if (!dent->parent)
         return -EACCES;
 
-    if (dent->state & DENTRY_ISDIRECTORY) 
+    if (dent->state & DENTRY_ISDIRECTORY)
         return -EISDIR;
 
     if (dent->fs && dent->fs->d_ops &&
@@ -699,7 +699,7 @@ int shim_do_rename (const char * oldname, const char * newname)
     struct shim_dentry * old_dent = NULL, * new_dent = NULL;
     int ret = 0;
 
-    if ((ret = path_lookupat(NULL, oldname, LOOKUP_OPEN, &old_dent, NULL)) < 0) 
+    if ((ret = path_lookupat(NULL, oldname, LOOKUP_OPEN, &old_dent, NULL)) < 0)
         goto out;
 
     if (old_dent->state & DENTRY_NEGATIVE) {
@@ -718,7 +718,7 @@ int shim_do_rename (const char * oldname, const char * newname)
     // Both dentries should have a ref count of at least 2 at this point
     assert(REF_GET(old_dent->ref_count) >= 2);
     assert(REF_GET(new_dent->ref_count) >= 2);
-    
+
     ret = do_rename(old_dent, new_dent);
 
 out:

LibOS/shim/src/sys/shim_futex.c

@@ -43,7 +43,7 @@
 #define FUTEX_MIN_VALUE 0
 #define FUTEX_MAX_VALUE 255
 
-/* futex_waiters are linked off of shim_futex_handle by the waiters 
+/* futex_waiters are linked off of shim_futex_handle by the waiters
  * listp */
 struct futex_waiter {
     struct shim_thread * thread;
@@ -203,7 +203,7 @@ int shim_do_futex (int * uaddr, int op, int val, void * utime,
             int nwaken = 0;
             uint32_t bitset = (futex_op == FUTEX_WAKE_BITSET) ? val3 :
                               0xffffffff;
-            
+
             debug("FUTEX_WAKE: %p (val = %d) count = %d mask = %08x\n",
                   uaddr, *uaddr, val, bitset);
 

LibOS/shim/src/sys/shim_open.c

@@ -351,7 +351,7 @@ size_t shim_do_getdents (int fd, struct linux_dirent * buf, size_t count)
         ret = -ENOENT;
         goto out_no_unlock;
     }
-    
+
     /* we are grabbing the lock because the handle content is actually
        updated */
     lock(hdl->lock);
@@ -411,7 +411,7 @@ size_t shim_do_getdents (int fd, struct linux_dirent * buf, size_t count)
         if (ret < 0)
             goto out;
     }
-    
+
     while (dirhdl->ptr && *dirhdl->ptr) {
         dent = *dirhdl->ptr;
         /* DEP 3/3/17: We need to filter negative dentries */
@@ -428,7 +428,7 @@ done:
     ret = bytes;
     /* DEP 3/3/17: Properly detect EINVAL case, where buffer is too small to
      * hold anything */
-    if (bytes == 0 && (dirhdl->dot || dirhdl->dotdot || 
+    if (bytes == 0 && (dirhdl->dot || dirhdl->dotdot ||
                        (dirhdl->ptr && *dirhdl->ptr)))
         ret = -EINVAL;
 out:
@@ -459,7 +459,7 @@ size_t shim_do_getdents64 (int fd, struct linux_dirent64 * buf, size_t count)
         ret = -ENOENT;
         goto out;
     }
-    
+
     lock(hdl->lock);
 
     struct shim_dir_handle * dirhdl = &hdl->info.dir;
@@ -472,7 +472,7 @@ size_t shim_do_getdents64 (int fd, struct linux_dirent64 * buf, size_t count)
         ret = list_directory_dentry(dent);
         if (ret) goto out;
     }
-    
+
 #define DIRENT_SIZE(len)  (sizeof(struct linux_dirent64) + (len) + 1)
 
 #define ASSIGN_DIRENT(dent, name, type)                                 \
@@ -508,7 +508,7 @@ size_t shim_do_getdents64 (int fd, struct linux_dirent64 * buf, size_t count)
         ret = list_directory_handle(dent, hdl);
         if (ret) goto out;
     }
-    
+
     while (dirhdl->ptr && *dirhdl->ptr) {
         dent = *dirhdl->ptr;
         /* DEP 3/3/17: We need to filter negative dentries */
@@ -525,7 +525,7 @@ done:
     ret = bytes;
     /* DEP 3/3/17: Properly detect EINVAL case, where buffer is too small to
      * hold anything */
-    if (bytes == 0 && (dirhdl->dot || dirhdl->dotdot || 
+    if (bytes == 0 && (dirhdl->dot || dirhdl->dotdot ||
                        (dirhdl->ptr && *dirhdl->ptr)))
         ret = -EINVAL;
     unlock(hdl->lock);

LibOS/shim/src/sys/shim_sigaction.c

@@ -256,7 +256,7 @@ static int __kill_proc (struct shim_thread * thread, void * arg,
         return 1;
 
     /* DEP: Let's do a racy read of is_alive and in_vm.
-     * If either of these are zero it is a stable condition, 
+     * If either of these are zero it is a stable condition,
      * and we can elide the lock acquire (which helps perf).
      */
     if (!thread->is_alive)

LibOS/shim/src/sys/shim_socket.c

@@ -481,7 +481,7 @@ int shim_do_bind (int sockfd, struct sockaddr * addr, socklen_t addrlen)
     }
 
     if (sock->domain == AF_UNIX) {
-        if (addrlen != sizeof(struct sockaddr_un)) 
+        if (addrlen != sizeof(struct sockaddr_un))
             goto out;
 
         struct sockaddr_un * saddr = (struct sockaddr_un *) addr;
@@ -518,7 +518,7 @@ int shim_do_bind (int sockfd, struct sockaddr * addr, socklen_t addrlen)
 
     sock->sock_state = SOCK_BOUND;
 
-    if ((ret = create_socket_uri(hdl)) < 0) 
+    if ((ret = create_socket_uri(hdl)) < 0)
         goto out;
 
     PAL_HANDLE pal_hdl = DkStreamOpen(qstrgetstr(&hdl->uri),

LibOS/shim/src/sys/shim_wait.c

@@ -141,7 +141,7 @@ found_child:
 
 found:
     if (status) {
-        /* Bits 0--7 are for the signal, if any.  
+        /* Bits 0--7 are for the signal, if any.
          * Bits 8--15 are for the exit code */
         *status = thread->term_signal;
         *status |= ((thread->exit_code & 0xff) << 8);

LibOS/shim/src/utils/md5.c

@@ -55,7 +55,7 @@ static unsigned char PADDING[64] = {
 #define F(x, y, z) (((x) & (y)) | ((~x) & (z)))
 #define G(x, y, z) (((x) & (z)) | ((y) & (~z)))
 #define H(x, y, z) ((x) ^ (y) ^ (z))
-#define I(x, y, z) ((y) ^ ((x) | (~z))) 
+#define I(x, y, z) ((y) ^ ((x) | (~z)))
 
 /* ROTATE_LEFT rotates x left n bits */
 #define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> (32-(n))))

LibOS/shim/test/Makefile

@@ -10,7 +10,7 @@ RUNTIME = $(level)../../../Runtime
 ifeq ($(SGX),1)
 PAL_LOADER = pal_loader SGX
 else
-PAL_LOADER = pal_loader 
+PAL_LOADER = pal_loader
 endif
 
 CC = gcc

LibOS/shim/test/apps/lighttpd/README

@@ -7,7 +7,7 @@ See the wiki page for more details.
 
 7/23/13:
 
-To start a server in graphene, 
+To start a server in graphene,
    make start-graphene-server
 
 To start a server on any other platform,
@@ -16,7 +16,7 @@ To start a server on any other platform,
 Now that your server is up and running, it is time to test it.  From a
 remote host, you can use the run-apachebench.sh script to programatically submit
 requests at various loads. The usage of that script is as follows:
-   ./run-apachebench.sh <ip-of-server> <port-of-server> <concurrency-level> 
+   ./run-apachebench.sh <ip-of-server> <port-of-server> <concurrency-level>
 
 The script will append the output to a file "ab.n<N>.c<C>"
 
@@ -85,4 +85,4 @@ If you are within kvm or lxc, your ip will not be that of your
 host. Make sure your ip matches the ip in the conf file.
 
 If you have a lot of time and want to do a good job, throw out the top
-and the low numbers, and report the mean of your large sample.
+and the low numbers, and report the mean of your large sample.

LibOS/shim/test/apps/lmbench/Makefile

@@ -47,7 +47,7 @@ regression: all
 	cp -f $(LMBENCHDIR)/lmbench-regression $(LMBENCHDIR)/bin/linux
 	cd $(LMBENCHDIR)/bin/linux && \
 		env LOADER=./pal_loader OS=linux \
-		./lmbench-regression 
+		./lmbench-regression
 
 clean-lmbench:
 	$(MAKE) -C $(LMBENCHDIR) clean

LibOS/shim/test/apps/ltp/README

@@ -2,7 +2,7 @@ LTP FOR GRAPHENE
 ----------------
 
 Running LTP test cases in Graphene :
-1) run 'make' in LibOS/shim/test/apps/ltp 
+1) run 'make' in LibOS/shim/test/apps/ltp
 2) cd Graphene/LibOS/shim/test/regression
 3) make regression
 
@@ -10,9 +10,9 @@ The above command will start running LTP system call test cases in Graphene.
 
 It works in 2 steps:
 1) Creates a testfile (Graphene/LibOS/shim/test/apps/ltp/syscalls.graphene) with all the LTP system call test cases to run, excluding the ones mentioned in Graphene/LibOS/shim/test/apps/ltp/BLOCKED. “BLOCKED” contains all the test cases which are hanging in the Graphene and thus are excluded from regression tests.
-2) Calls Graphene/LibOS/shim/test/apps/ltp/fetch.py It runs the LTP test cases and display output on the terminal. 
+2) Calls Graphene/LibOS/shim/test/apps/ltp/fetch.py It runs the LTP test cases and display output on the terminal.
    Some LTP testcases hangs in Graphene. This python script sets a timeout for each testcase referring the file 'TIMEOUTS'. Default timeout is set 20 seconds in the script.
-   It also shows, ‘new passed testcases’ (passed testcases which are not in Graphene/LibOS/shim/test/apps/ltp/PASSED) and ‘new failed testcases’ (failed testcases which are in ‘PASSED’). 
+   It also shows, ‘new passed testcases’ (passed testcases which are not in Graphene/LibOS/shim/test/apps/ltp/PASSED) and ‘new failed testcases’ (failed testcases which are in ‘PASSED’).
 It also creates files ‘run_output’, ‘Failed.csv’, ‘Passed.csv’, ‘Blocked.csv’ under Graphene/LibOS/shim/test/apps/ltp for reference.
 Results are of 4 types :
 [Pass]   -> Testcase passed

LibOS/shim/test/apps/ltp/fetch.py

@@ -146,7 +146,7 @@ with open('../../../../syscalls.graphene') as testcases:
 
         if test=="seq":
             test = tokens[6]     #splice02
-        try: 
+        try:
             timeout = timeouts_dict[test]
         except KeyError:
             timeout = DEFAULT_TIMEOUT
@@ -155,7 +155,7 @@ os.chdir("../../../..")
 
 pool.close()
 pool.join()
-    
+
 stable_passed = dict()
 with open(stablePass, 'rb') as csvfile:
     test_subtest = csv.reader(csvfile)

LibOS/shim/test/apps/ltp/syscalls.sh

@@ -2,6 +2,6 @@
 
 cd `dirname $0`
 export LTPROOT=$PWD"/opt/ltp"
-awk -v SGX=$SGX_RUN -f edit_sys_tests.awk $LTPROOT/runtest/syscalls > syscalls.graphene 
+awk -v SGX=$SGX_RUN -f edit_sys_tests.awk $LTPROOT/runtest/syscalls > syscalls.graphene
 cd $LTPROOT/../..
 python fetch.py

LibOS/shim/test/apps/python/Makefile

@@ -26,7 +26,7 @@ $(PYTHON_SRC)/configure: $(PYTHON_SRC).tgz
 benchmarks: benchmarks.tar.gz
 	tar -xmzf $<
 
-regression: 
+regression:
 	@echo "\n\nBuilding Python..."
 	@$(MAKE) >> /dev/null 2>&1
 

LibOS/shim/test/regression/exec.c

@@ -14,7 +14,7 @@ int main (int argc, const char ** argv, const char ** envp)
     char * const new_argv[] = { "./exec_victim", fd_argv, NULL };
 
     setenv("IN_EXECVE", "1", 1);
-    
+
     execv(new_argv[0], new_argv);
     return 0;
 }

LibOS/shim/test/regression/exec_victim.c

@@ -36,6 +36,6 @@ int main(int argc, char ** argv, const char ** envp)
 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 \
 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 \
 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 \
-\n");    
+\n");
     return 0;
 }

LibOS/shim/test/regression/futex.c

@@ -22,7 +22,7 @@ struct atomic_int {
     volatile int counter;
 };
 static struct atomic_int my_counter;
-    
+
 static inline void atomic_inc (struct atomic_int * v)
 {
     asm volatile( "lock; incl %0"
@@ -60,32 +60,32 @@ int main (int argc, const char ** argv)
     for (int i = 0; i < THREADS; i++) {
 
         varx[i] = (1 << i);
-        
+
         // Allocate the stack
         stacks[i] = malloc(FIBER_STACK);
         if (stacks[i] == 0) {
             perror("malloc: could not allocate stack");
             _exit(1);
         }
-        
+
         // Call the clone system call to create the child thread
         pids[i] = clone(&thread_function, (void *) stacks[i] + FIBER_STACK,
                         CLONE_FS | CLONE_FILES | CLONE_SIGHAND | CLONE_VM,
                         &varx[i]);
-        
+
         //printf("clone() creates new thread %d\n", pids[i]);
-        
+
         if (pids[i] == -1) {
             perror("clone");
             _exit(2);
         }
     }
-    
+
     // Make sure the threads are sleeping
     do {
-        sleep(1); 
+        sleep(1);
     } while(my_counter.counter != THREADS);
-    
+
     printf("Waking up kiddos\n");
     /* Wake in reverse order */
     for (int i = THREADS-1; i >= 0; i--) {

LibOS/shim/test/regression/getsockopt.c

@@ -1,5 +1,5 @@
-/* Unit test for issue #92.  
- * Example for use of getsockopt with SO_TYPE 
+/* Unit test for issue #92.
+ * Example for use of getsockopt with SO_TYPE
  * taken from here: http://alas.matf.bg.ac.rs/manuals/lspe/snode=103.html
  */
 #include <stdio.h>
@@ -15,7 +15,7 @@ int main(int argc,char **argv) {
   int so_type = -1;    /* Socket type */
   socklen_t optlen;  /* Option length */
   int rv;
-  
+
   /*
    * Create a TCP/IP socket to use:
    */
@@ -36,7 +36,7 @@ int main(int argc,char **argv) {
 	    "SO_TYPE) %d", errno);
     exit(-1);
   }
-  
+
   assert(optlen == sizeof so_type);
   if (so_type == SOCK_STREAM) {
     printf("getsockopt: Got socket type OK\n");
@@ -44,7 +44,7 @@ int main(int argc,char **argv) {
     printf("getsockopt: Got socket type failed\n");
     rv = -1;
   }
-    
+
   return rv;
 }
-   
+

LibOS/shim/test/regression/large-mmap.c

@@ -14,7 +14,7 @@ int main() {
     if (!fp) { perror("fopen"); return 1; }
     int rv = ftruncate(fileno(fp), TEST_LENGTH);
     if (rv) {perror ("ftruncate"); return 1;}
-    else 
+    else
         printf("large-mmap: ftruncate OK\n");
 
     void* a=mmap(NULL, TEST_LENGTH2, PROT_READ|PROT_WRITE, MAP_PRIVATE, fileno(fp), 0);

Pal/ipc/linux/graphene-ipc.c

@@ -617,7 +617,7 @@ int recv_next (struct task_struct *task, struct gipc_queue *gq)
 		if (signal_pending(task))
 			return -ERESTARTSYS;
 	}
-	
+
 	return gq->next;
 }
 

Pal/lib/atomic.h

@@ -5,17 +5,17 @@
 #define _SHIM_ATOMIC_H_
 
 /* Copyright (C) 2014 Stony Brook University
- * Copyright (C) 2017 Fortanix Inc, and University of North Carolina 
+ * Copyright (C) 2017 Fortanix Inc, and University of North Carolina
  * at Chapel Hill.
  *
- * This file defines atomic operations (And barriers) for use in 
+ * This file defines atomic operations (And barriers) for use in
  * Graphene.
- * 
- * The atomic operation assembly code is taken from musl libc, which 
+ *
+ * The atomic operation assembly code is taken from musl libc, which
  * is subject to the MIT license.
- * 
+ *
  * At this point, we primarily focus on x86_64; there are some vestigial
- * 32-bit definitions here, but a more portable version would need to 
+ * 32-bit definitions here, but a more portable version would need to
  * move and reimplement portions of this for 32-bit x86 (or other architectures).
  */
 
@@ -62,7 +62,7 @@ __attribute__((aligned(sizeof(uint32_t))))
 
 
 /* The return types below effectively assume we are dealing with a 64-bit
- * signed value. 
+ * signed value.
  */
 #ifdef __x86_64__
 /*
@@ -149,16 +149,16 @@ static inline void atomic_dec (struct atomic_int * v)
         : "=m"(v->counter) : "m"(v->counter) : "memory", "cc");
 }
 
-/* Atomically substracts 1 from v.  Returns 1 if this causes the 
+/* Atomically substracts 1 from v.  Returns 1 if this causes the
    value to reach 0; returns 0 otherwise. */
 static inline int64_t atomic_dec_and_test (struct atomic_int * v)
 {
     int64_t i = _atomic_add(-1, v);
     return i == 0;
 }
- 
+
 /* Helper function to atomically compare-and-swap the value pointed to by p.
- * t is the old value, s is the new value.  Returns 
+ * t is the old value, s is the new value.  Returns
  * the value originally in p. */
 static inline int64_t cmpxchg(volatile int64_t *p, int64_t t, int64_t s)
 {

Pal/lib/graphene/config.c

@@ -38,7 +38,7 @@ struct config {
     char * buf;
     LIST_TYPE(config) list;
     LISTP_TYPE(config) children;
-    LIST_TYPE(config) siblings; 
+    LIST_TYPE(config) siblings;
 };
 
 static int __add_config (struct config_store * store,

Pal/lib/list-test.c

@@ -73,7 +73,7 @@ void assert_list(LISTP_TYPE(simple) *listp, int len, int *array, int stop_early_
     else
         assert(stop_early_ok);
 }
-    
+
 
 void print_list_reverse(LISTP_TYPE(simple) *listp) {
     struct simple *tmp;
@@ -107,12 +107,12 @@ int main() {
     assert(!listp_empty(&list_in_the_sky));
 
     assert_list(&list_in_the_sky, 7, sol1, 0);
-    
+
     /* Test list_add  - i.e., adding things in the middle of the list*/
     listp_for_each_entry_safe(tmp, n, &list_in_the_sky, list) {
         if ((tmp->idx % 2) == 0) {
             tmp2 = malloc(sizeof(struct simple));
-            tmp2->idx = (tmp->idx * 10) + 5; 
+            tmp2->idx = (tmp->idx * 10) + 5;
             INIT_LIST_HEAD(tmp2, list);
             assert(list_empty(tmp2, list));
             list_add(tmp2, tmp, list);
@@ -144,7 +144,7 @@ int main() {
 
         if ((tmp->idx % 2) == 1) {
             tmp2 = malloc(sizeof(struct simple));
-            tmp2->idx = ((tmp->idx - 1) * 10) + 5; 
+            tmp2->idx = ((tmp->idx - 1) * 10) + 5;
             INIT_LIST_HEAD(tmp2, list);
             assert(list_empty(tmp2, list));
             list_add_tail(tmp2, tmp, list);
@@ -157,7 +157,7 @@ int main() {
     assert_list(&list_in_the_sky, 20, sol4, 0);
 
     printf("Deletion test starting\n\n");
-    
+
     /* Test list deletion and safe iteration by destroying the list*/
     listp_for_each_entry_safe(tmp, n, &list_in_the_sky, list) {
         listp_del(tmp, &list_in_the_sky, list);
@@ -167,7 +167,7 @@ int main() {
     assert(listp_empty(&list_in_the_sky));
 
     printf("Deletion test Ending\n\n");
-    
+
     /* Rebuild the list */
     for (i = 0; i < 7; i++) {
         tmp = malloc(sizeof(struct simple));
@@ -180,7 +180,7 @@ int main() {
     assert(!listp_empty(&list_in_the_sky));
 
     printf("Deletion test 2 starting\n\n");
-    
+
     /* Test listp_del_init by migrating to another list */
     listp_for_each_entry_safe(tmp, n, &list_in_the_sky, list) {
         listp_del(tmp, &list_in_the_sky, list);
@@ -210,11 +210,11 @@ int main() {
     print_list_reverse(&list_in_the_sky);
     printf("\nfin\n");
     */
-    
+
     printf("Deletion test 2 Ending\n\n");
-    
+
     /* Test listp_for_each_entry_safe_continue; stop on 4
-     * after deleting 6 and 4, break, and continue. 
+     * after deleting 6 and 4, break, and continue.
      * */
     listp_for_each_entry_safe(tmp, n, &list_in_the_basement, list) {
         if (0 == (tmp->idx % 2)) {
@@ -222,11 +222,11 @@ int main() {
             listp_del(tmp, &list_in_the_basement, list);
             // NB: The continue pointer needs to be valid (will probably work
             // by accident even if 4 isn't freed, so better to leak one node
-            if (idx == 4) 
+            if (idx == 4)
                 break;
              else
                 free(tmp);
-            
+
         }
     }
 
@@ -257,7 +257,7 @@ int main() {
     assert(!listp_empty(&list_in_the_sky));
 
     printf("Begin splice tests \n\n");
-    
+
     /* Test listp splice */
     listp_splice_init(&list_in_the_basement, &list_in_the_sky, list, simple);
 
@@ -295,8 +295,8 @@ int main() {
     print_list(&list_in_the_sky);
     printf("\nfin\n");
     */
-    
-    
+
+
     printf("Before list move test \n\n");
 
     /* Test listp_move_tail */
@@ -318,7 +318,7 @@ int main() {
     print_list(&list_in_the_sky);
     printf("\nfin\n");
     */
-    
+
     printf("All tests passed!\n");
     return 0;
 }

Pal/lib/list.h

@@ -34,7 +34,7 @@
  * change in a macro for declarations, which generates a type declaration for
  * each list object (giving marginally more help from the compiler
  * in detecting bugs.
- * 
+ *
  * In particular, there is a small trade-off in that the association between
  * list heads and nodes is more explicit and a few more casting errors can be
  * caught by the compiler, but we add a parameter to some functions (well,
@@ -42,43 +42,43 @@
  */
 
 /* How-to:
- * 
+ *
  * Each list has a pointer (listp) type, and a node (list)type.  We assume
  * list nodes are embedded in a larger structure; the name of this structure
  * is used as part of the list type.
- * 
+ *
  * To define a listp/list pair for a struct foo:
- * 
+ *
  * DEFINE_LIST(foo);
  * struct foo {
  *   int x;
- *   LIST_TYPE(foo) list; // The list node 
+ *   LIST_TYPE(foo) list; // The list node
  * };
- * 
+ *
  * DEFINE_LISTP(foo);
  * static LISTP_TYPE(foo) the_list = LISTP_INIT;
- * 
+ *
  * -----
- * 
+ *
  * From here, you can use listp_add variants to add an object from the list:
- * 
+ *
  * struct foo *f = malloc(sizeof(struct foo));
  * f->x = 1;
  * INIT_LIST_HEAD(f, list); // The second parameter is the structure member
  * listp_add(f, &the_list, list);
- * 
+ *
  * -----
- * 
+ *
  * There are a number of add variants, some that add in a given position,
  * others that add to the head or the tail.
- * 
+ *
  * You can search for an object using a variant of listp_for_each_entry. The
  * safe variants are safe against deletion.
- * 
- * You can remove an object from a list using listp_del.  
- * 
+ *
+ * You can remove an object from a list using listp_del.
+ *
  * In this example, we delete everything with a key bigger than 5.
- * 
+ *
  * LIST_TYPE(foo) *f, *n; // n is not used, just for scratch space
  * listp_for_each_entry_safe(f, n, &the_list, list) {
  *    if (f->x > 4) {
@@ -86,28 +86,28 @@
  *         free(f);
  *    }
  * }
- * 
- * 
- * listp_splice moves an entire listp onto another, and list_move_tail takes 
+ *
+ *
+ * listp_splice moves an entire listp onto another, and list_move_tail takes
  * an element off of one list and places it on another.
- * 
+ *
  * static LISTP_TYPE(foo) other_list; // Assume it is full of goodies
  *  // Move everything on other_list to the_list
  * listp_splice_tail(&other_list, &the_list, list, foo); // the third argument
  *                                                       // is the field; the
  *                                                       // fourth is the type
- *                                                       // of the nodes (not 
+ *                                                       // of the nodes (not
  *                                                       // the head pointer).
- * 
- * // Use listp_empty to test for emptiness of the list 
+ *
+ * // Use listp_empty to test for emptiness of the list
  * assert(listp_empty(&other_ist));
- * 
+ *
  *  // Now move back anythign less than 6 back to other_list
  * listp_for_each_entry_safe(f, n, &the_list, list) {
- *    if (f->x < 6) 
+ *    if (f->x < 6)
  *         listp_move_tail(f, &other_list, &the_list, list);
  * }
- * 
+ *
  */
 
 // Maybe TODO?
@@ -132,8 +132,8 @@
 #define LIST_TYPE(STRUCT) struct list_head ##_## STRUCT
 #define LISTP_TYPE(STRUCT) struct listp ##_## STRUCT
 
-/* Declare the enclosing struct for convenience, on 
- * the assumption that this is primarily used in structure 
+/* Declare the enclosing struct for convenience, on
+ * the assumption that this is primarily used in structure
  * definitions, and harmless if duplicated. */
 #define DEFINE_LIST(STRUCT)                     \
     struct STRUCT;                              \
@@ -152,7 +152,7 @@
 
 #define LISTP_INIT {NULL}
 
-/* A node not on a list uses NULL; on a list, you 
+/* A node not on a list uses NULL; on a list, you
  * store self pointers */
 #define INIT_LIST_HEAD(OBJECT, FIELD) do {      \
         (OBJECT)->FIELD.next = NULL;            \
@@ -194,7 +194,7 @@
         }                                                   \
     } while (0)
 
-/* If NODE is defined, add NEW after NODE; if not, 
+/* If NODE is defined, add NEW after NODE; if not,
  * put NEW at the front of the list */
 #define listp_add_after(NEW, NODE, HEAD, FIELD) do { \
         if (NODE)                                \
@@ -343,7 +343,7 @@
         listp_splice_tail(NEW, OLD, FIELD, TYPE);           \
         INIT_LISTP(NEW);                                    \
     } while(0);
-    
+
 // list_move_tail - delete from OLD, make tail of NEW
 #define listp_move_tail(NODE, NEW, OLD, FIELD) do {   \
         listp_del_init(NODE, OLD, FIELD);             \

Pal/lib/slabmgr.h

@@ -301,7 +301,7 @@ static inline void destroy_slab_mgr (SLAB_MGR mgr)
 static inline int enlarge_slab_mgr (SLAB_MGR mgr, int level)
 {
     assert(level < SLAB_LEVEL);
-    /* DEP 11/24/17: This strategy basically doubles a level's size 
+    /* DEP 11/24/17: This strategy basically doubles a level's size
      * every time it grows.  The assumption if we get this far is that
      * mgr->addr == mgr->top_addr */
     assert(mgr->addr[level] == mgr->addr_top[level]);
@@ -455,7 +455,7 @@ static inline size_t slab_get_buf_size(const void * ptr)
 
 static inline void slab_free (SLAB_MGR mgr, void * obj)
 {
-    /* In a general purpose allocator, free of NULL is allowed (and is a 
+    /* In a general purpose allocator, free of NULL is allowed (and is a
      * nop). We might want to enforce stricter rules for our allocator if
      * we're sure that no clients rely on being able to free NULL. */
     if (!obj)

Pal/lib/stdlib/printfmt.c

@@ -52,7 +52,7 @@ getuint(va_list *ap, int lflag)
 #if !defined(__i386__)
 	if (lflag >= 2)
 		return va_arg(*ap, unsigned long long);
-	else 
+	else
 #endif
 	if (lflag)
 		return va_arg(*ap, unsigned long);
@@ -120,7 +120,7 @@ vfprintfmt(int (*_fputch)(void *, int, void *), void * f, void * putdat,
 		case '-':
 			padc = ' ';
 			goto reswitch;
-			
+
 		// flag to pad with 0's instead of spaces
 		case '0':
 			padc = '0';
@@ -262,7 +262,7 @@ vfprintfmt(int (*_fputch)(void *, int, void *), void * f, void * putdat,
 		case '%':
 			(*_fputch) (f, ch, putdat);
 			break;
-			
+
 		// unrecognized escape sequence - just print it literally
 		default:
 			(*_fputch) (f, '%', putdat);

Pal/linux-kernel/graphene/graphene.c

@@ -1281,7 +1281,7 @@ int net_check (int family,
 		goto port;
 	if (flags1 & ADDR_ANY)
 		goto port;
-	
+
 	switch (family) {
 	case AF_INET:
 		if (memcmp(&addr1->addr.sin_addr,

Pal/regression/AtomicMath.c

@@ -13,10 +13,10 @@ int main (int argc, char ** argv, char ** envp)
   int64_t my_int = 0;
   struct atomic_int a_int;
   atomic_set(&a_int, 0);
-  
-  /* Check that INT_MIN and INT_MAX wrap around consistently 
+
+  /* Check that INT_MIN and INT_MAX wrap around consistently
    * with atomic values.
-   * 
+   *
    * Check atomic_sub specifically.
    */
   my_int -= INT_MIN;
@@ -37,11 +37,11 @@ int main (int argc, char ** argv, char ** envp)
     pal_printf("Subtract INT_MAX: Both values match %ld\n", my_int);
   else
     pal_printf("Subtract INT_MAX: Values do not match %ld, %ld\n", my_int, atomic_read(&a_int));
-  
+
   /* Check that 64-bit signed values also wrap properly. */
   atomic_set(&a_int, 0);
   my_int = 0;
-  
+
   my_int -= LLONG_MIN;
   atomic_sub(LLONG_MIN, &a_int);
 
@@ -61,6 +61,6 @@ int main (int argc, char ** argv, char ** envp)
   else
     pal_printf("Subtract LLONG_MAX: Values do not match %ld, %ld\n", my_int, atomic_read(&a_int));
 
-  
+
   return 0;
 }

Pal/regression/AvxDisable.c

@@ -13,8 +13,8 @@ int main(){
 
   /* Display the elements of the result vector */
   float f = result[0];
-  
-  PAL_HANDLE file1 = DkStreamOpen("file:avxRes", PAL_ACCESS_RDWR, 0, 0, 0); 
+
+  PAL_HANDLE file1 = DkStreamOpen("file:avxRes", PAL_ACCESS_RDWR, 0, 0, 0);
   if (file1) {
     DkStreamWrite(file1, 0, sizeof(f), &f, NULL);
     DkObjectClose(file1);

Pal/regression/Bootstrap7.c

@@ -12,7 +12,7 @@ int main (int argc, char ** argv, char ** envp)
     /* print all environmental variables */
     /* environmental variables in Manifest should appear */
     for (int i = 0; envp[i]; i++) {
-        pal_printf("%s\n", envp[i]);    
+        pal_printf("%s\n", envp[i]);
     }
 
     return 0;

Pal/regression/Pipe.c

@@ -21,7 +21,7 @@ int main (int argc, char ** argv, char ** envp)
         if (!DkStreamAttributesQueryByHandle(pipe1, &attr)) {
             pal_printf("Failed to get any attributes from the pipesrv\n");
             return -1;
-        } else 
+        } else
             pal_printf("Pipe Attribute Query 1 on pipesrv returned OK\n");
         // DEP: would be nice to sanity check the attributes.
         // Job for another day...

Pal/regression/Semaphore.c

@@ -19,9 +19,9 @@ void helper_timeout(PAL_NUM timeout) {
     PAL_HANDLE rv = DkObjectsWaitAny(1, &sem1, timeout);
     if (rv == NULL)
         pal_printf("Locked binary semaphore timed out (%ld).\n", timeout);
-    else 
+    else
         pal_printf("Acquired locked binary semaphore!?! Got back %p; sem1 is %p (%ld)\n", rv, sem1, timeout);
-    
+
     DkObjectClose(sem1);
 }
 
@@ -39,9 +39,9 @@ void helper_success(PAL_NUM timeout) {
     PAL_HANDLE rv = DkObjectsWaitAny(1, &sem1, timeout);
     if (rv == sem1)
         pal_printf("Locked binary semaphore successfully (%ld).\n", timeout);
-    else 
+    else
         pal_printf("Failed to lock binary semaphore: Got back %p; sem1 is %p\n", rv, sem1);
-    
+
     DkObjectClose(sem1);
 }
 

Pal/src/db_exception.c

@@ -91,7 +91,7 @@ void __abort(void) {
 }
 
 void warn (const char *format, ...)
-{ 
+{
     va_list args;
     va_start (args, format);
     vprintf(format, &args);

Pal/src/db_process.c

@@ -40,7 +40,7 @@ DkProcessCreate (PAL_STR uri, PAL_STR * args)
 {
     ENTER_PAL_CALL(DkProcessCreate);
 
-    /* DEP 3/22/17: There seems to be a default semantics that 
+    /* DEP 3/22/17: There seems to be a default semantics that
      * a NULL URI should replicate the parent. I think we may want
      * this to become an error in the future, but keep the behavior
      * for now, and make it consistent across hosts. */

Pal/src/db_streams.c

@@ -729,13 +729,13 @@ PAL_BOL DkSendHandle(PAL_HANDLE handle, PAL_HANDLE cargo)
 }
 
 /* PAL call DkRecvHandle: Read a handle to a pipe/process handle.
-   Return the received PAL_HANDLE by reference and 0 on success and 
+   Return the received PAL_HANDLE by reference and 0 on success and
    negative number on failure */
-/* 1. Should i take the received PAL_HANDLE as an input argument and 
-      pass by reference or return it rather? 
+/* 1. Should i take the received PAL_HANDLE as an input argument and
+      pass by reference or return it rather?
     Ans - We are not aware of the size of the variable members to return
    2. Would the recieved PAL_HANDLE start functioning automatically in
-      the new process environment? Should we initialize/modify some 
+      the new process environment? Should we initialize/modify some
       attibutes of the handle?
     Ans - Yes, Initialize and make it compatibile in the target process
    3. Should malloc_copy be done or the process shares the same references?

Pal/src/host/FreeBSD/db_exception2.c

@@ -213,11 +213,11 @@ static bool _DkGenericSignalHandle (int event_num, siginfo_t * info,
  * that was saved upon entry to the PAL, if an exception/interrupt
  * comes in during a PAL call.  This is needed to support the behavior that an
  * exception in the PAL has Unix-style, EAGAIN semantics.
- * 
- * The PAL_FRAME is supposed to be in the first PAL frame, and we look for 
+ *
+ * The PAL_FRAME is supposed to be in the first PAL frame, and we look for
  * it by matching a special magic number, that should only appear on the stack
  * once.
- * 
+ *
  * If an exception comes in while we are not in the PAL, this PAL_FRAME won't
  * exist, and it is ok to return NULL.
  */

Pal/src/host/FreeBSD/db_files.c

@@ -391,7 +391,7 @@ int dir_read (PAL_HANDLE handle, int offset, int count, void * buf)
             break;
 
         int size = INLINE_SYSCALL(getdents, 3, handle->dir.fd, dent_buf,
-                                  DIRBUF_SIZE); 
+                                  DIRBUF_SIZE);
 
         if (IS_ERR(size))
             return -PAL_ERROR_DENIED;

Pal/src/host/FreeBSD/db_main.c

@@ -220,7 +220,7 @@ void pal_bsd_main (void * args)
     bsd_state.pid = INLINE_SYSCALL(getpid, 0);
     bsd_state.uid = uid;
     bsd_state.gid = gid;
-    
+
     if (!bsd_state.parent_pid)
         bsd_state.parent_pid = bsd_state.pid;
 
@@ -360,10 +360,10 @@ void _DkGetCPUInfo (PAL_CPU_INFO * ci)
     ci->cpu_model    = BIT_EXTRACT_LE(words[PAL_CPUID_WORD_EAX],  4,  8);
     ci->cpu_stepping = BIT_EXTRACT_LE(words[PAL_CPUID_WORD_EAX],  0,  4);
 
-    /* According to SDM: EBX[15:0] is to enumerate processor topology 
+    /* According to SDM: EBX[15:0] is to enumerate processor topology
      * of the system. However this value is intended for display/diagnostic
      * purposes. The actual number of logical processors available to
-     * BIOS/OS/App may be different. We use this leaf for now as it's the 
+     * BIOS/OS/App may be different. We use this leaf for now as it's the
      * best option we have so far to get the cpu number  */
 
     cpuid(0xb, 1, words, 0);

Pal/src/host/FreeBSD/db_sockets.c

@@ -460,7 +460,7 @@ static int tcp_connect (PAL_HANDLE * handle, char * uri, int options)
     int ret, fd = -1;
 
     options = HOST_SOCKET_OPTIONS(options);
-	
+
     /* accepting two kind of different uri:
        dest-ip:dest-port or bind-ip:bind-port:dest-ip:dest-port */
     if ((ret = socket_parse_uri(uri, &bind_addr, &bind_addrlen,
@@ -614,7 +614,7 @@ static int tcp_write (PAL_HANDLE handle, int offset, int len, const void * buf)
     hdr.msg_control = NULL;
     hdr.msg_controllen = 0;
     hdr.msg_flags = 0;
-    
+
     int bytes = INLINE_SYSCALL(sendmsg, 3, handle->sock.fd, &hdr, MSG_NOSIGNAL);
 
     if (IS_ERR(bytes))
@@ -716,7 +716,7 @@ static int udp_connect (PAL_HANDLE * handle, char * uri, int options)
 #endif
 
     options = HOST_SOCKET_OPTIONS(options);
-	
+
     fd = INLINE_SYSCALL(socket, 3, dest_addr ? dest_addr->sa_family : AF_INET,
                         SOCK_DGRAM|SOCK_CLOEXEC|options, 0);
 
@@ -1016,7 +1016,7 @@ static int socket_attrquerybyhdl (PAL_HANDLE handle, PAL_STREAM_ATTR  * attr)
     if (handle->sock.conn) {
         /* try use ioctl FIONEAD to get the size of socket */
         ret = INLINE_SYSCALL(ioctl, 3, fd, FIONREAD, &val);
-		
+
         if (IS_ERR(ret))
             return unix_to_pal_error(ERRNO(ret));
 

Pal/src/host/FreeBSD/db_threading.c

@@ -54,10 +54,10 @@ int _DkThreadCreate (PAL_HANDLE * handle, int (*callback) (void *),
                               PAL_PROT_READ|PAL_PROT_WRITE) < 0)
         return -PAL_ERROR_NOMEM;
 
-    // move child_stack to the top of stack. 
+    // move child_stack to the top of stack.
     child_stack += THREAD_STACK_SIZE;
 
-    // align child_stack to 16 
+    // align child_stack to 16
     child_stack = ALIGN_DOWN_PTR(child_stack, 16);
 
     flags &= PAL_THREAD_MASK;

Pal/src/host/FreeBSD/pal_freebsd.h

@@ -59,7 +59,7 @@ extern struct pal_bsd_state {
     unsigned int    parent_pid;
     /* currently enabled signals */
     _sigset_t       sigset;
-  
+
     unsigned long   memory_quota;
 } bsd_state;
 
@@ -97,7 +97,7 @@ extern struct pal_bsd_state {
 
 static inline int HOST_FLAGS (int alloc_type, int prot)
 {
-    return 
+    return
            ((prot & PAL_PROT_WRITECOPY) ? MAP_PRIVATE : MAP_SHARED);
 }
 
@@ -143,11 +143,11 @@ static inline int HOST_PERM (int share_type)
             0)|
            (share_type & PAL_SHARE_GLOBAL_R ? S_IRUSR | S_IRGRP | S_IROTH :
             0)|
-           (share_type & PAL_SHARE_GROUP_X ? S_IXGRP : 0) | 
-           (share_type & PAL_SHARE_GROUP_W ? S_IWGRP : 0) | 
-           (share_type & PAL_SHARE_GROUP_R ? S_IRGRP : 0) | 
-           (share_type & PAL_SHARE_OWNER_X ? S_IXUSR : 0) | 
-           (share_type & PAL_SHARE_OWNER_W ? S_IWUSR : 0) | 
+           (share_type & PAL_SHARE_GROUP_X ? S_IXGRP : 0) |
+           (share_type & PAL_SHARE_GROUP_W ? S_IWGRP : 0) |
+           (share_type & PAL_SHARE_GROUP_R ? S_IRGRP : 0) |
+           (share_type & PAL_SHARE_OWNER_X ? S_IXUSR : 0) |
+           (share_type & PAL_SHARE_OWNER_W ? S_IWUSR : 0) |
            (share_type & PAL_SHARE_OWNER_R ? S_IRUSR : 0));
 }
 

Pal/src/host/FreeBSD/pal_host.h

@@ -235,11 +235,11 @@ struct pal_frame {
 };
 
 /* When a PAL call is issued, a special PAL_FRAME is placed on the stack.
- * This stores both a magic identifier, debugging information, 
+ * This stores both a magic identifier, debugging information,
  * as well as callee-saved state.  This is used as a way to deal
  * with PAL-internal failures where the goal is to exit the PAL and return a
  * failure.
- * 
+ *
  * Arguably, an alternative is to unwind the stack and handle error cases at
  * each stage.  In general, this is probably more robust, but would take work
  * in the short term.  The one exception where the current strategy is
@@ -248,7 +248,7 @@ struct pal_frame {
  */
 
 /* DEP 12/25/17: This frame storage thing is important to mark volatile.
- * The compiler should not optimize out any of these changes, and 
+ * The compiler should not optimize out any of these changes, and
  * because some accesses can happen during an exception, these are not
  * visible to the compiler in an otherwise stack-local variable (so the
  * compiler will try to optimize out these assignments.

Pal/src/host/FreeBSD/rfork_thread.S

@@ -71,7 +71,7 @@ ENTRY(rfork_thread)
 	 */
 1:
 	movq	%rsi, %rsp
-	movq	%r12, %rdi 
+	movq	%r12, %rdi
 	call	*%rbx
 	movl	%eax, %edi
 
@@ -100,7 +100,7 @@ ENTRY(rfork_thread)
 	movq	$SYS_sys_exit, %rax
 #endif
 	int	$0x80
-		
+
 END(rfork_thread)
 
 	.section .note.GNU-stack,"",%progbits

Pal/src/host/FreeBSD/sysdep-x86_64.h

@@ -107,7 +107,7 @@ INTERNAL_SYSCALL_NCS(SYS_ifyBSD(name), err, nr, ##args)
 #define INTERNAL_SYSCALL_ERRNO_P(val) (-((long) val))
 
 /*
-If a syscall fails, it generally sets the carry flag and returns the error code in rax. 
+If a syscall fails, it generally sets the carry flag and returns the error code in rax.
 To simplify matters and reuse a lot of the Linux code, we change rax to negative after checking the carry flag.
 */
 

Pal/src/host/Linux-SGX/Makefile

@@ -9,8 +9,8 @@ defs	= -DIN_PAL -DPAL_DIR=$(PAL_DIR) -DRUNTIME_DIR=$(RUNTIME_DIR)
 enclave-objs = $(addprefix db_,files devices pipes sockets streams memory \
 		 threading mutex events process object main rtld \
 		 exception misc ipc spinlock) \
-	       $(addprefix enclave_,ocalls ecalls framework pages untrusted) 
-enclave-asm-objs = enclave_entry 
+	       $(addprefix enclave_,ocalls ecalls framework pages untrusted)
+enclave-asm-objs = enclave_entry
 urts-objs = $(addprefix sgx_,enclave framework main rtld thread process exception graphene)
 urts-asm-objs = sgx_entry
 graphene_lib = .lib/graphene-lib.a

Pal/src/host/Linux-SGX/db_main.c

@@ -483,10 +483,10 @@ void _DkGetCPUInfo (PAL_CPU_INFO * ci)
     brand[BRAND_SIZE - 1] = '\0';
     ci->cpu_brand = brand;
 
-    /* According to SDM: EBX[15:0] is to enumerate processor topology 
+    /* According to SDM: EBX[15:0] is to enumerate processor topology
      * of the system. However this value is intended for display/diagnostic
      * purposes. The actual number of logical processors available to
-     * BIOS/OS/App may be different. We use this leaf for now as it's the 
+     * BIOS/OS/App may be different. We use this leaf for now as it's the
      * best option we have so far to get the cpu number  */
 
     cpuid(0xb, 1, words);

Pal/src/host/Linux-SGX/enclave_framework.c

@@ -221,7 +221,7 @@ int load_trusted_file (PAL_HANDLE file, sgx_stub_t ** stubptr,
     char normpath[URI_MAX];
     int ret, fd = file->file.fd, uri_len, len;
 
-    if (!(HANDLE_HDR(file)->flags & RFD(0))) 
+    if (!(HANDLE_HDR(file)->flags & RFD(0)))
         return -PAL_ERROR_DENIED;
 
     uri_len = _DkStreamGetName(file, uri, URI_MAX);
@@ -655,7 +655,7 @@ static int init_trusted_file (const char * key, const char * uri)
     char cskey[URI_MAX], * tmp;
     char checksum[URI_MAX];
     char normpath[URI_MAX];
-    
+
     tmp = strcpy_static(cskey, "sgx.trusted_checksum.", URI_MAX);
     memcpy(tmp, key, strlen(key) + 1);
 

Pal/src/host/Linux-SGX/enclave_pages.c

@@ -98,9 +98,9 @@ void * get_reserved_pages(void * addr, uint64_t size)
 
     /* Allocating in the heap region.  This loop searches the vma list to
      * find the first vma with a starting address lower than the requested
-     * address.  Recall that vmas are in descending order.  
-     * 
-     * If the very first vma matches, prev will be null.  
+     * address.  Recall that vmas are in descending order.
+     *
+     * If the very first vma matches, prev will be null.
      */
     if (addr && addr >= heap_base &&
         addr + size <= heap_base + heap_size) {
@@ -144,13 +144,13 @@ allocated:
         // If this is the last entry, don't wrap around
         if (prev->list.next == listp_first_entry(&heap_vma_list, struct heap_vma, list))
             next = NULL;
-        else 
+        else
             next = prev->list.next;
     } else {
-        /* In this case, the list is empty, or 
+        /* In this case, the list is empty, or
          * first vma starts at or below the allocation site.
-         * 
-         * The next field will be used to merge vmas with the allocation, if 
+         *
+         * The next field will be used to merge vmas with the allocation, if
          * they overlap, until the vmas drop below the requested addr
          * (traversing in decreasing virtual address order)
          */
@@ -257,7 +257,7 @@ void free_pages(void * addr, uint64_t size)
     void * addr_top = addr + size;
 
     SGX_DBG(DBG_M, "free_pages: trying to free %p %lu\n", addr, size);
-    
+
     if (!addr || !size)
         return;
 

Pal/src/host/Linux-SGX/pal_host.h

@@ -243,7 +243,7 @@ struct pal_frame {
 };
 
 /* DEP 12/25/17: This frame storage thing is important to mark volatile.
- * The compiler should not optimize out any of these changes, and 
+ * The compiler should not optimize out any of these changes, and
  * because some accesses can happen during an exception, these are not
  * visible to the compiler in an otherwise stack-local variable (so the
  * compiler will try to optimize out these assignments.

Pal/src/host/Linux-SGX/sgx_arch.h

@@ -30,7 +30,7 @@ typedef uint8_t sgx_arch_key_t [384];
 typedef uint8_t sgx_arch_hash_t[32];
 typedef uint8_t sgx_arch_mac_t [16];
 // This if for passing a mac to hex2str
-#define MACBUF_SIZE ((sizeof(sgx_arch_mac_t)*2)+1) 
+#define MACBUF_SIZE ((sizeof(sgx_arch_mac_t)*2)+1)
 
 typedef struct {
     uint64_t flags, xfrm;

Pal/src/host/Linux-SGX/test-sgx.c

@@ -28,7 +28,7 @@ int main(int argc, char **argv)
   printf("processor type %d\n", (eax >> 12) & 0x3); // Bit 13-12
   printf("extended model %d\n", (eax >> 16) & 0xF); // Bit 19-16
   printf("extended family %d\n", (eax >> 20) & 0xFF); // Bit 27-20
-  
+
   // if smx set - SGX global enable is supported
   printf("smx: %d\n", (ecx >> 6) & 1); // CPUID.1:ECX.[bit6]
 
@@ -45,9 +45,9 @@ int main(int argc, char **argv)
   /* SGX has to be enabled in MSR.IA32_Feature_Control.SGX_Enable
 	check with msr-tools: rdmsr -ax 0x3a
 	SGX_Enable is Bit 18
-	if SGX_Enable = 0 no leaf information will appear. 
+	if SGX_Enable = 0 no leaf information will appear.
      for more information check Intel Docs Architectures-software-developer-system-programming-manual - 35.1 Architectural MSRS
-  */	
+  */
 
   /* CPUID Leaf 12H, Sub-Leaf 0 Enumeration of Intel SGX Capabilities (EAX=12H,ECX=0) */
   printf("\nCPUID Leaf 12H, Sub-Leaf 0 of Intel SGX Capabilities (EAX=12H,ECX=0)\n");

Pal/src/host/Linux/db_mutex.c

@@ -49,13 +49,13 @@
 #define MUTEX_LOCKED   1
 
 /* Interplay between locked and nwaiters:
- * 
+ *
  * If lock is unlocked and uncontended, just set the locked state.
- * 
+ *
  * Important possible interleavings of lock and unlock:
- * 
- * Case 1: 
- * 
+ *
+ * Case 1:
+ *
  * Owner:                Locker:
  *                       Try lock and fail; increment nwaiters; sleep
  * Set state to unlocked
@@ -64,8 +64,8 @@
  *
  * ***************************************************
  *
- * Case 2: 
- * 
+ * Case 2:
+ *
  * Owner:                Locker:
  *                       Try lock and fail
  * Set state to unlocked

Pal/src/host/Linux/pal_host.h

@@ -32,7 +32,7 @@
 
 #include <atomic.h>
 
-/* Simpler mutex design: a single variable that tracks whether the 
+/* Simpler mutex design: a single variable that tracks whether the
  * mutex is locked (just waste a 64 bit word for now).  State is 1 (locked) or
  * 0 (unlocked).
  * Keep a count of how many threads are waiting on the mutex.
@@ -78,7 +78,7 @@ typedef struct pal_handle
      * handles, so we hide the type name of these handles on purpose.
      */
     PAL_HDR hdr;
-    
+
     union {
         struct {
             PAL_IDX fds[2];
@@ -97,7 +97,7 @@ typedef struct pal_handle
              */
             PAL_PTR map_start;
         } file;
-        
+
         struct {
             PAL_IDX fd;
             PAL_NUM pipeid;

Pal/src/host/Skeleton/pal_host.h

@@ -41,7 +41,7 @@ typedef struct pal_handle
      * handles, so we hide the type name of these handles on purpose.
      */
     PAL_HDR hdr;
-    
+
     union {
         struct {
             PAL_IDX fds[2];
@@ -54,48 +54,48 @@ typedef struct pal_handle
         struct {
             PAL_IDX fd;
         } file;
-        
+
         struct {
             PAL_IDX fd;
         } pipe;
-        
+
         struct {
             PAL_IDX fd;
         } pipeprv;
-        
+
         struct {
             PAL_IDX fd;
             PAL_IDX dev_type;
         } dev;
-        
+
         struct {
             PAL_IDX fd;
         } dir;
-        
+
         struct {
             PAL_IDX fd;
         } gipc;
-        
+
         struct {
             PAL_IDX fd;
         } sock;
-        
+
         struct {
             PAL_IDX fd;
         } process;
-        
+
         struct {
             PAL_IDX fd;
         } mcast;
-        
+
         struct {
             PAL_IDX fd;
         } thread;
-        
+
         struct {
             PAL_IDX fd;
         } semaphore;
-        
+
         struct {
             PAL_IDX fd;
         } event;

Pal/src/pal.h

@@ -253,8 +253,8 @@ DkProcessExit (PAL_NUM exitCode);
 PAL_BOL
 DkProcessSandboxCreate (PAL_STR manifest, PAL_FLG flags);
 
-/* The stream ABI includes nine calls to open, read, write, map, unmap, 
- * truncate, flush, delete and wait for I/O streams and three calls to 
+/* The stream ABI includes nine calls to open, read, write, map, unmap,
+ * truncate, flush, delete and wait for I/O streams and three calls to
  * access metadata about an I/O stream. The ABI purposefully does not
  * provide an ioctl call. Supported URI schemes include file:, pipe:,
  * http:, https:, tcp:, udp:, pipe.srv:, http.srv, tcp.srv:, and udp.srv:.
@@ -439,7 +439,7 @@ void DkExceptionReturn (PAL_PTR event);
  */
 /* Create a Mutex.
  * initialCount of 0 is totally unlocked; an initialCount of 1
- * is initialized to locked. */ 
+ * is initialized to locked. */
 PAL_HANDLE
 DkMutexCreate (PAL_NUM initialCount);
 
@@ -466,7 +466,7 @@ DkEventClear (PAL_HANDLE eventHandle);
 
 #define NO_TIMEOUT      ((PAL_NUM) -1)
 
-/* assuming timeout to be in microseconds 
+/* assuming timeout to be in microseconds
  * NO_TIMEOUT means no timeout, as the name implies.
  */
 /* Returns: NULL if the call times out, the ready handle on success */

Pal/src/security/Linux/bpf-helper.h

@@ -156,7 +156,7 @@ union arg64 {
 /* Loads the arg into A */
 #define ARG_32(idx) \
 	BPF_STMT(BPF_LD+BPF_W+BPF_ABS, LO_ARG(idx))
-	
+
 /* Loads the arg&flag into A */
 #define ARG_FLAG_32(idx, flag) \
 	BPF_STMT(BPF_LD+BPF_W+BPF_ABS, LO_ARG(idx)), \
@@ -184,7 +184,7 @@ union arg64 {
 	BPF_STMT(BPF_LD+BPF_W+BPF_ABS, HI_ARG(idx)), \
 	BPF_STMT(BPF_ALU+BPF_AND+BPF_K, HI_FLAG(flag)), \
 	BPF_STMT(BPF_ST, 1) /* hi -> M[1] */
-	
+
 #define JEQ32(value, jt) \
 	BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, (value), 0, 1), \
 	jt

Pal/src/security/Linux/main.c

@@ -593,7 +593,7 @@ void __abort(void) {
 }
 
 void warn (const char *format, ...)
-{ 
+{
     va_list args;
     va_start (args, format);
     printf(format, args);

Pal/src/security/Linux/printf.c

@@ -2,7 +2,7 @@
 // based on printfmt() and the sys_cputs() system call.
 //
 // cprintf is a debugging statement, not a generic output statement.
-// It is very important that it always go to the console, especially when 
+// It is very important that it always go to the console, especially when
 // debugging file descriptor code!
 
 #include <linux/unistd.h>

Pal/src/slab.c

@@ -154,7 +154,7 @@ char * strdup (const char *s)
 
     if (new)
         memcpy(new, s, len);
-    
+
     return new;
 }
 

Pal/test/HandleSend.c

@@ -12,7 +12,7 @@ int main (int argc, char ** argv)
     int nsend = 5 , i;
     PAL_HANDLE handles[nsend];
 
-    if (argc == 1)  /* parent */ 
+    if (argc == 1)  /* parent */
     {
         pal_printf("Parent: Executing the program\n");
 

Pal/test/Server.c

@@ -3,8 +3,8 @@
 
 /* The server test program that accept multiple TCP connection at the same
  * time. A port number is taken as argument. If a port is locked up, try
- * another one. 
- * 
+ * another one.
+ *
  * Run this progam with a simple tcp client, like netcat.  For instance:
  *
  * Start the server:

README.md

@@ -10,12 +10,12 @@
 
 Graphene Library OS is a project which provides lightweight guest OSes with
 support for Linux multi-process applications. Graphene can run applications
-in an isolated environment with virtualization benefits such as guest 
+in an isolated environment with virtualization benefits such as guest
 customization, platform independence, and migration, which is comparable
 to other virtual machines.
 
 Graphene Library OS supports native, unmodified Linux applications on
-any platform. Currently, Graphene Library OS is successfully ported to 
+any platform. Currently, Graphene Library OS is successfully ported to
 Linux, FreeBSD and Intel SGX enclaves upon Linux platforms.
 
 With the Intel:registered: SGX support, Graphene Library OS can secure a critical
@@ -108,7 +108,7 @@ Wiki page: <https://github.com/oscarlab/graphene/wiki>.
 
 ### 2.2 BUILD WITH INTEL:registered: SGX SUPPORT
 
-#### 2.1.1 Prerequisites 
+#### 2.1.1 Prerequisites
 
 (1) Generating signing keys
 A 3072-bit RSA private key (PEM format) is required for signing the enclaves.
@@ -118,7 +118,7 @@ If you don't have a private key, create it with the following command:
 
 You could either put the generated enclave key to the default path,
 'host/Linux-SGX/signer/enclave-key.pem', or specify the key through environment
-variable 'SGX_SIGNER_KEY' when building Graphene with SGX support. 
+variable 'SGX_SIGNER_KEY' when building Graphene with SGX support.
 
 After signing the enclaves, users may ship the application files with the
 built Graphene Library OS, along with a SGX-specific manifest (.manifest.sgx
@@ -159,31 +159,31 @@ There are a few built-in examples under LibOS/shim/test/. The "native" folder in
 
 (1) Build and run a Hello World program with Graphene on SGX
 - go to LibOS/shim/test/native, build the enclaves via command:
-    
+
       make SGX=1
-  
+
   The command will build enclaves for all the programs in the folder
 - Generate the token from aesmd service, via command:
 
       make SGX_RUN=1
 
 - Run Hello World program with Graphene on SGX:
-  
+
       SGX=1 ./pal_loader helloworld   or  ./pal_loader SGX helloworld
-  
+
 (2) Build and run python helloworld script in Graphene on SGX
 - go to LibOS/shim/test/apps/python, build the enclave:
-  
+
       make SGX=1
-      
+
 - Generate token:
 
       make SGX_RUN=1
-      
+
 - Run python helloworld with Graphene-SGX via:
 
       SGX=1 ./python.manifest.sgx scripts/helloworld.py
-       
+
 
 ## 3. HOW TO RUN AN APPLICATION IN GRAPHENE?
 
@@ -194,16 +194,16 @@ file" given from the command line. Graphene provides three options for
 specifying the programs and manifest files:
 
    - option 1: (automatic manifest)
-   
+
     [PATH TO Runtime]/pal_loader [PROGRAM] [ARGUMENTS]...
     (Manifest file: "[PROGRAM].manifest" or "manifest")
 
    - option 2: (given manifest)
-   
+
     [PATH TO Runtime]/pal_loader [MANIFEST] [ARGUMENTS]...
 
    - option 3: (manifest as a script)
-   
+
     [PATH TO MANIFEST]/[MANIFEST] [ARGUMENTS]...
     (Manifest must have "#![PATH_TO_PAL]/libpal.so" as the first line)
 
@@ -215,16 +215,16 @@ reference monitor loader (libpal_sec.so). Graphene provides three options for
 specifying the programs and manifest files to the loader:
 
    - option 4: (automatic manifest - with reference monitor)
-   
+
     SEC=1 [PATH TO Runtime]/pal_loader [PROGRAM] [ARGUMENTS]...
     (Manifest file: "[PROGRAM].manifest" or "manifest")
 
    - option 5: (given manifest - with reference monitor)
-   
+
     SEC=1 [PATH TO Pal/src]/pal_loader [MANIFEST] [ARGUMENTS]...
 
    - option 6: (manifest as a script - with reference monitor)
-   
+
     SEC=1 [PATH TO MANIFEST]/[MANIFEST] [ARGUMENTS]...
     (Manifest must have "#![PATH TO Pal/src]/pal_sec" as the first line)
 

Tools/README

@@ -1,16 +1,16 @@
 Graphene-SGX Secure Container
 --------------------------------
-Graphene-SGX Secure Container (GSC) is a container system where the containerized application can be protected by Graphene-SGX while it is running in a container environment. The GSC system includes two parts: (1) a Docker container instance where the application is running inside Graphene-SGX and both of them are running inside the container instance; (2) a front-end named GSCE (GSC Engine) which takes a legacy Docker container image and automatically launches the contained application inside a GSC container instance. 
+Graphene-SGX Secure Container (GSC) is a container system where the containerized application can be protected by Graphene-SGX while it is running in a container environment. The GSC system includes two parts: (1) a Docker container instance where the application is running inside Graphene-SGX and both of them are running inside the container instance; (2) a front-end named GSCE (GSC Engine) which takes a legacy Docker container image and automatically launches the contained application inside a GSC container instance.
 
-Launching a GSC container instance includes following steps: 
+Launching a GSC container instance includes following steps:
 
-(1) Make sure there is a Docker container image of your application in the local or remote image repository. 
+(1) Make sure there is a Docker container image of your application in the local or remote image repository.
 
 (2) Download and Compile Graphene-SGX;
 
 (2) Go to graphene/Tools
 
-(3) Run a GSC container via the following command: 
+(3) Run a GSC container via the following command:
 
    ./gsce run [All the arguments used for launching a normal Docker container] [docker Image Name:Tag].
 

Tools/gen_manifest

@@ -5,15 +5,15 @@ import sys
 import subprocess
 import re
 from shutil import copyfile
-runtime_libs = ['libc', 
+runtime_libs = ['libc',
                 'libdl',
                 'libm',
-                'libpthread', 
+                'libpthread',
                 'libutil',
-                'libnss_dns', 
-                'libresolv', 
+                'libnss_dns',
+                'libresolv',
                 'librt']
-  
+
 def parse_libs (bin_path) :
   print (bin_path)
   ldd_out = subprocess.check_output(['ldd', bin_path])
@@ -26,7 +26,7 @@ def parse_libs (bin_path) :
       if name_match:
         lib_name = name_match.group(1)
         lib_path = match.group(2)
-        if lib_name not in runtime_libs : 
+        if lib_name not in runtime_libs :
           lib_list.append((name_match.group(1), match.group(2)))
   return lib_list
 
@@ -42,14 +42,14 @@ def gen_manifest(app_name, bin_name, g_path) :
   make_exec(m_path)
   mf.write("#!" + g_path + "/Runtime/pal_loader \n")
   mf.write("loader.preload = file:../../../../../Runtime/libsysdb.so \n")
-  
+
   # Get Path of Binary
   bin_path = subprocess.check_output(['which', bin_name]).strip()
   mf.write('loader.exec = file:' + bin_path + '\n')
   mf.write('loader.execname = ' + bin_name + '\n')
   mf.write('loader.env.LD_LIBRARY_PATH = /graphene:/graphene/resolv:/host:/usr/local/lib:/usr/lib:/usr/lib/x86_64-linux-gnu \n')
-  mf.write('loader.env.PATH = /usr/local/bin:/usr/bin:/bin \n' + 
- 	   'loader.env.USERNAME = \n' + 
+  mf.write('loader.env.PATH = /usr/local/bin:/usr/bin:/bin \n' +
+           'loader.env.USERNAME = \n' +
            'loader.env.PWD = \n' +
            'loader.debug_type = none \n')
   mf.write('\n')
@@ -62,7 +62,7 @@ def gen_manifest(app_name, bin_name, g_path) :
   mf.write('fs.mount.lib2.type = chroot \n' +
            'fs.mount.lib2.path = /host \n' +
 	   'fs.mount.lib2.uri = file:/lib/x86_64-linux-gnu \n \n')
-  
+
   mf.write('fs.mount.bin.type = chroot \n' +
 	   'fs.mount.bin.path = /bin \n' +
 	   'fs.mount.bin.uri = file:/bin \n \n')
@@ -74,18 +74,18 @@ def gen_manifest(app_name, bin_name, g_path) :
   mf.write('fs.mount.etc.type = chroot \n' +
 	   'fs.mount.etc.path = /etc \n' +
 	   'fs.mount.etc.uri = file: \n \n')
-  
+
   # Set Dependent Libraries
-  
+
   mf.write('sgx.trusted_files.ld = file:../../../../../Runtime/ld-linux-x86-64.so.2 \n' +
            'sgx.trusted_files.libc = file:../../../../../Runtime/libc.so.6 \n' +
            'sgx.trusted_files.libdl = file:../../../../../Runtime/libdl.so.2 \n' +
            'sgx.trusted_files.libm = file:../../../../../Runtime/libm.so.6 \n' +
-           'sgx.trusted_files.libpthread = file:../../../../../Runtime/libpthread.so.0 \n' + 
-           'sgx.trusted_files.libutil = file:../../../../../Runtime/libutil.so.1 \n' + 
+           'sgx.trusted_files.libpthread = file:../../../../../Runtime/libpthread.so.0 \n' +
+           'sgx.trusted_files.libutil = file:../../../../../Runtime/libutil.so.1 \n' +
            'sgx.trusted_files.libnss3 = file:../../../../../Runtime/libnss_dns.so.2 \n' +
            'sgx.trusted_files.libresolv = file:../../../../../Runtime/libresolv.so.2 \n')
-  
+
   lib_list = parse_libs(bin_path)
   for lib_name, lib_path in lib_list :
     print ("lib name: " + lib_name)
@@ -97,9 +97,9 @@ def gen_manifest(app_name, bin_name, g_path) :
   #	   'sgx.allowed_files.usr = file:/usr \n')
 
   mf.close()
-   
+
 if __name__ == "__main__":
-  if len(sys.argv) != 4: 
+  if len(sys.argv) != 4:
    print ("Usage: gen_manifest [App Name] [bin_name] [Graphene Path]")
    exit()
   app_name = sys.argv[1]

Tools/gsce

@@ -19,7 +19,7 @@ def gen_dockerfile( image_name, app_name, bin_name, proj_dir) :
   df.write('# SWITCH to root \n')
   df.write('USER root \n')
   df.write('\n')
- 
+
   # DOWNLOAD dependencies
   df.write('# Download dependencies\n')
   df.write('RUN apt-get update \\\n')
@@ -57,16 +57,16 @@ def gen_dockerfile( image_name, app_name, bin_name, proj_dir) :
   # Sign Enclave
   df.write('# Signing Enclave \n')
   df.write('RUN cd ' + proj_dir + '/LibOS/shim/test/apps/' + app_name + ' && \ \n'
-           '    '+ proj_dir + '/Pal/src/host/Linux-SGX/signer/pal-sgx-sign -libpal ' + proj_dir + 
-           '/Pal/src/host/Linux-SGX/../../../../Runtime/libpal-Linux-SGX.so -key ' + proj_dir + 
-           '/Pal/src/host/Linux-SGX/signer/enclave-key.pem -output ' + app_name + '.manifest.sgx ' + 
+           '    '+ proj_dir + '/Pal/src/host/Linux-SGX/signer/pal-sgx-sign -libpal ' + proj_dir +
+           '/Pal/src/host/Linux-SGX/../../../../Runtime/libpal-Linux-SGX.so -key ' + proj_dir +
+           '/Pal/src/host/Linux-SGX/signer/enclave-key.pem -output ' + app_name + '.manifest.sgx ' +
            '-manifest ' + app_name + '.manifest \n')
   # Remove signing key
   df.write('# Removing key after signing \n')
   # TODO
-  
+
   # Overwrite Entry Point
-  df.write('ENTRYPOINT  ["/bin/bash", "/gbin/app_exec"] \n') 
+  df.write('ENTRYPOINT  ["/bin/bash", "/gbin/app_exec"] \n')
   df.close()
 
 def make_exec(path) :
@@ -85,13 +85,13 @@ def gen_app_executor(app_name, bin_cmd, proj_dir) :
   ef.write('#!/usr/bin/env bash\n\n')
   ef.write('cd ' + proj_dir + '/LibOS/shim/test/apps/' + app_name +'\n')
   ef.write('# Generate EINITOKEN \n')
-  ef.write(proj_dir + '/Pal/src/host/Linux-SGX/signer/pal-sgx-get-token -output ' 
+  ef.write(proj_dir + '/Pal/src/host/Linux-SGX/signer/pal-sgx-get-token -output '
            + app_name + '.token -sig ' + app_name + '.sig \n')
   ef.write('# Run the application \n')
   ef.write('SGX=1 ./' + app_name + '.manifest.sgx ' + bin_cmd + '\n')
-  
+
   ef.close()
-  
+
 if __name__ == "__main__":
   if len(sys.argv) < 3:
     print "Usage: gsce run [Image name] "
@@ -114,19 +114,19 @@ if __name__ == "__main__":
   print "bin_name: " + bin_name + " bin_cmd: " + bin_cmd
   # Store the rest arguments as docker run arguments
   docker_str = " " + " ".join(sys.argv[2:-1])
-  
+
   # print image_cmd
   proj_dir = os.path.abspath(os.getcwd() + "/../")
 
   # STEP 1: Generating Dockerfile
   gen_dockerfile(image_name, app_name, bin_name, proj_dir)
-  
+
   # STEP 2: Generating entry point execute script
   gen_app_executor(app_name, bin_cmd, proj_dir)
 
   # STEP 3: Building new docker image with generated Dockerfile
   os.chdir('..')
-  os.system("sudo docker build -f Tools/build/Dockerfile." + app_name + " -t gsc_" + app_name + " .\n") 
+  os.system("sudo docker build -f Tools/build/Dockerfile." + app_name + " -t gsc_" + app_name + " .\n")
 
   # STEP 4: Run GSC with the target app
   os.system("sudo docker run -i -t" + docker_str +" --device=/dev/gsgx --device=/dev/isgx -v /var/run/aesmd/aesm.socket:/var/run/aesmd/aesm.socket gsc_"+app_name+"\n")