[Pal/Linux-SGX] Use more symbolic values in pal-sgx-sign

Pal/src/host/Linux-SGX/generated-offsets.c

@@ -10,6 +10,15 @@
 
 void dummy(void)
 {
+    /* defines in sgx_arch.h */
+    DEFINE(SGX_FLAGS_DEBUG, SGX_FLAGS_DEBUG);
+    DEFINE(SGX_FLAGS_MODE64BIT, SGX_FLAGS_MODE64BIT);
+    DEFINE(SGX_XFRM_LEGACY, SGX_XFRM_LEGACY);
+    DEFINE(SGX_XFRM_AVX, SGX_XFRM_AVX);
+    DEFINE(SGX_XFRM_MPX, SGX_XFRM_MPX);
+    DEFINE(SGX_XFRM_AVX512, SGX_XFRM_AVX512);
+    DEFINE(SGX_MISCSELECT_EXINFO, SGX_MISCSELECT_EXINFO);
+
     /* sgx_arch_gpr_t */
     OFFSET_T(SGX_GPR_RAX, sgx_arch_gpr_t, rax);
     OFFSET_T(SGX_GPR_RCX, sgx_arch_gpr_t, rcx);
@@ -87,6 +96,26 @@ void dummy(void)
     /* sgx_arch_attributes_t */
     OFFSET_T(SGX_ARCH_ATTRIBUTES_XFRM, sgx_arch_attributes_t, xfrm);
 
+    /* sgx_arch_sigstruct_t */
+    OFFSET_T(SGX_ARCH_SIGSTRUCT_HEADER, sgx_arch_sigstruct_t, header);
+    OFFSET_T(SGX_ARCH_SIGSTRUCT_VENDOR, sgx_arch_sigstruct_t, vendor);
+    OFFSET_T(SGX_ARCH_SIGSTRUCT_DATE, sgx_arch_sigstruct_t, date);
+    OFFSET_T(SGX_ARCH_SIGSTRUCT_HEADER2, sgx_arch_sigstruct_t, header2);
+    OFFSET_T(SGX_ARCH_SIGSTRUCT_SWDEFINED, sgx_arch_sigstruct_t, swdefined);
+    OFFSET_T(SGX_ARCH_SIGSTRUCT_MODULUS, sgx_arch_sigstruct_t, modulus);
+    OFFSET_T(SGX_ARCH_SIGSTRUCT_EXPONENT, sgx_arch_sigstruct_t, exponent);
+    OFFSET_T(SGX_ARCH_SIGSTRUCT_SIGNATURE, sgx_arch_sigstruct_t, signature);
+    OFFSET_T(SGX_ARCH_SIGSTRUCT_MISCSELECT, sgx_arch_sigstruct_t, miscselect);
+    OFFSET_T(SGX_ARCH_SIGSTRUCT_MISCSELECT_MASK, sgx_arch_sigstruct_t, miscselect_mask);
+    OFFSET_T(SGX_ARCH_SIGSTRUCT_ATTRIBUTES, sgx_arch_sigstruct_t, attributes);
+    OFFSET_T(SGX_ARCH_SIGSTRUCT_ATTRIBUTES_MASK, sgx_arch_sigstruct_t, attribute_mask);
+    OFFSET_T(SGX_ARCH_SIGSTRUCT_ENCLAVE_HASH, sgx_arch_sigstruct_t, enclave_hash);
+    OFFSET_T(SGX_ARCH_SIGSTRUCT_ISVPRODID, sgx_arch_sigstruct_t, isvprodid);
+    OFFSET_T(SGX_ARCH_SIGSTRUCT_ISVSVN, sgx_arch_sigstruct_t, isvsvn);
+    OFFSET_T(SGX_ARCH_SIGSTRUCT_Q1, sgx_arch_sigstruct_t, q1);
+    OFFSET_T(SGX_ARCH_SIGSTRUCT_Q2, sgx_arch_sigstruct_t, q2);
+    DEFINE(SGX_ARCH_SIGSTRUCT_SIZE, sizeof(sgx_arch_sigstruct_t));
+
     /* struct pal_sec */
     OFFSET(PAL_SEC_ENCLAVE_ATTRIBUTES, pal_sec, enclave_attributes);
 

Pal/src/host/Linux-SGX/sgx_arch.h

@@ -44,6 +44,8 @@ typedef struct {
 
 #define SGX_XFRM_LEGACY          0x03ULL
 #define SGX_XFRM_AVX             0x06ULL
+#define SGX_XFRM_MPX             0x18ULL
+#define SGX_XFRM_AVX512          0xe6ULL
 
 #define SGX_MISCSELECT_EXINFO    0x01UL
 

Pal/src/host/Linux-SGX/signer/pal-sgx-sign

@@ -133,19 +133,19 @@ def output_manifest(filename, manifest, manifest_layout):
 
 def get_enclave_attributes(manifest):
     sgx_flags = {
-        'FLAG_DEBUG'          : struct.pack("<Q", 0x02),
-        'FLAG_MODE64BIT'      : struct.pack("<Q", 0x04),
+        'FLAG_DEBUG'          : struct.pack("<Q", SGX_FLAGS_DEBUG),
+        'FLAG_MODE64BIT'      : struct.pack("<Q", SGX_FLAGS_MODE64BIT),
     }
 
     sgx_xfrms = {
-        'XFRM_LEGACY'         : struct.pack("<Q", 0x03),
-        'XFRM_AVX'            : struct.pack("<Q", 0x06),
-        'XFRM_AVX3'           : struct.pack("<Q", 0xe6),
-        'XFRM_MPX'            : struct.pack("<Q", 0x18),
+        'XFRM_LEGACY'         : struct.pack("<Q", SGX_XFRM_LEGACY),
+        'XFRM_AVX'            : struct.pack("<Q", SGX_XFRM_AVX),
+        'XFRM_AVX3'           : struct.pack("<Q", SGX_XFRM_AVX512),
+        'XFRM_MPX'            : struct.pack("<Q", SGX_XFRM_MPX),
     }
 
     sgx_miscs = {
-        'MISC_EXINFO'         : struct.pack("<L", 0x01),
+        'MISC_EXINFO'         : struct.pack("<L", SGX_MISCSELECT_EXINFO),
     }
 
     default_attributes = [
@@ -612,19 +612,31 @@ def generate_sigstruct(attr, args, mrenclave):
     # field format: (offset, type, value)
     fields = dict()
 
-    fields['header']    = (   0, "<4L",  0x00000006, 0x000000e1, 0x00010000, 0x00000000)
-    fields['vendor']    = (  16, "<L",   0x00000000)
-    fields['date']      = (  20, "<HBB", today.year, today.month, today.day)
-    fields['header2']   = (  24, "<4L",  0x00000101, 0x00000060, 0x00000060, 0x00000001)
-    fields['swdefined'] = (  40, "<L",   0x00000000)
-
-    fields['miscs']     = ( 900, "4s",   attr['miscs'])
-    fields['miscmask']  = ( 904, "4s",   attr['miscs'])
-    fields['attrs']     = ( 928, "8s8s", attr['flags'], attr['xfrms'])
-    fields['attrmask']  = ( 944, "8s8s", attr['flags'], attr['xfrms'])
-    fields['mrenclave'] = ( 960, "32s",  mrenclave)
-    fields['isvprodid'] = (1024, "<H",   attr['isvprodid'])
-    fields['isvsvn']    = (1026, "<H",   attr['isvsvn'])
+    fields['header']    = (SGX_ARCH_SIGSTRUCT_HEADER,
+                           "<4L",  0x00000006, 0x000000e1, 0x00010000, 0x00000000)
+    fields['vendor']    = (SGX_ARCH_SIGSTRUCT_VENDOR,
+                           "<L",   0x00000000)
+    fields['date']      = (SGX_ARCH_SIGSTRUCT_DATE,
+                           "<HBB", today.year, today.month, today.day)
+    fields['header2']   = (SGX_ARCH_SIGSTRUCT_HEADER2,
+                           "<4L",  0x00000101, 0x00000060, 0x00000060, 0x00000001)
+    fields['swdefined'] = (SGX_ARCH_SIGSTRUCT_SWDEFINED,
+                           "<L",   0x00000000)
+
+    fields['miscs']     = (SGX_ARCH_SIGSTRUCT_MISCSELECT,
+                           "4s",   attr['miscs'])
+    fields['miscmask']  = (SGX_ARCH_SIGSTRUCT_MISCSELECT_MASK,
+                           "4s",   attr['miscs'])
+    fields['attrs']     = (SGX_ARCH_SIGSTRUCT_ATTRIBUTES,
+                           "8s8s", attr['flags'], attr['xfrms'])
+    fields['attrmask']  = (SGX_ARCH_SIGSTRUCT_ATTRIBUTES_MASK,
+                           "8s8s", attr['flags'], attr['xfrms'])
+    fields['mrenclave'] = (SGX_ARCH_SIGSTRUCT_ENCLAVE_HASH,
+                           "32s",  mrenclave)
+    fields['isvprodid'] = (SGX_ARCH_SIGSTRUCT_ISVPRODID,
+                           "<H",   attr['isvprodid'])
+    fields['isvsvn']    = (SGX_ARCH_SIGSTRUCT_ISVSVN,
+                           "<H",   attr['isvsvn'])
 
     sign_buffer = bytearray(128 + 128)
 
@@ -673,14 +685,14 @@ def generate_sigstruct(attr, args, mrenclave):
     q1 = int_to_bytes(q1_int)
     q2 = int_to_bytes(q2_int)
 
-    fields['modulus']   = ( 128, "384s", modulus)
-    fields['exponent']  = ( 512, "<L",   3)
-    fields['signature'] = ( 516, "384s", signature)
+    fields['modulus']   = (SGX_ARCH_SIGSTRUCT_MODULUS, "384s", modulus)
+    fields['exponent']  = (SGX_ARCH_SIGSTRUCT_EXPONENT, "<L",   3)
+    fields['signature'] = (SGX_ARCH_SIGSTRUCT_SIGNATURE, "384s", signature)
 
-    fields['q1']        = (1040, "384s", q1)
-    fields['q2']        = (1424, "384s", q2)
+    fields['q1']        = (SGX_ARCH_SIGSTRUCT_Q1, "384s", q1)
+    fields['q2']        = (SGX_ARCH_SIGSTRUCT_Q2, "384s", q2)
 
-    buffer = bytearray(1808)
+    buffer = bytearray(SGX_ARCH_SIGSTRUCT_SIZE)
 
     for key, field in fields.items():
         struct.pack_into(field[1], buffer, field[0], *field[2:])