[Pal/Linux-SGX] OCALL cleanup: remove ocall_alloc_untrusted()

Previously, ocall_alloc_untrusted() was a redundant OCALL. This commit removes
it and replaces all its usages with ocall_mmap_untrusted().

Pal/src/host/Linux-SGX/enclave_ocalls.c

@@ -35,32 +35,6 @@ noreturn void ocall_exit(int exitcode, int is_exitgroup)
     }
 }
 
-int ocall_alloc_untrusted (uint64_t size, void ** mem)
-{
-    int retval = 0;
-    ms_ocall_alloc_untrusted_t * ms;
-
-    ms = sgx_alloc_on_ustack(sizeof(*ms));
-    if (!ms) {
-        sgx_reset_ustack();
-        return -EPERM;
-    }
-
-    ms->ms_size = size;
-
-    retval = sgx_ocall(OCALL_ALLOC_UNTRUSTED, ms);
-
-    if (!retval) {
-        if (!sgx_copy_ptr_to_enclave(mem, ms->ms_mem, size)) {
-            sgx_reset_ustack();
-            return -EPERM;
-        }
-    }
-
-    sgx_reset_ustack();
-    return retval;
-}
-
 int ocall_mmap_untrusted (int fd, uint64_t offset,
                          uint64_t size, unsigned short prot,
                          void ** mem)
@@ -198,7 +172,7 @@ int ocall_read (int fd, void * buf, unsigned int count)
     ms_ocall_read_t * ms;
 
     if (count > MAX_UNTRUSTED_STACK_BUF) {
-        retval = ocall_alloc_untrusted(ALLOC_ALIGNUP(count), &obuf);
+        retval = ocall_mmap_untrusted(-1, 0, ALLOC_ALIGNUP(count), PROT_READ | PROT_WRITE, &obuf);
         if (IS_ERR(retval))
             return retval;
     }
@@ -250,7 +224,7 @@ int ocall_write (int fd, const void * buf, unsigned int count)
         /* typical case of buf inside of enclave memory */
         if (count > MAX_UNTRUSTED_STACK_BUF) {
             /* buf is too big and may overflow untrusted stack, so use untrusted heap */
-            retval = ocall_alloc_untrusted(ALLOC_ALIGNUP(count), &obuf);
+            retval = ocall_mmap_untrusted(-1, 0, ALLOC_ALIGNUP(count), PROT_READ | PROT_WRITE, &obuf);
             if (IS_ERR(retval))
                 return retval;
             memcpy(obuf, buf, count);
@@ -740,7 +714,7 @@ int ocall_sock_recv (int sockfd, void * buf, unsigned int count,
     ms_ocall_sock_recv_t * ms;
 
     if ((count + len) > MAX_UNTRUSTED_STACK_BUF) {
-        retval = ocall_alloc_untrusted(ALLOC_ALIGNUP(count), &obuf);
+        retval = ocall_mmap_untrusted(-1, 0, ALLOC_ALIGNUP(count), PROT_READ | PROT_WRITE, &obuf);
         if (IS_ERR(retval))
             return retval;
     }
@@ -804,7 +778,7 @@ int ocall_sock_send (int sockfd, const void * buf, unsigned int count,
         /* typical case of buf inside of enclave memory */
         if ((count + addrlen) > MAX_UNTRUSTED_STACK_BUF) {
             /* buf is too big and may overflow untrusted stack, so use untrusted heap */
-            retval = ocall_alloc_untrusted(ALLOC_ALIGNUP(count), &obuf);
+            retval = ocall_mmap_untrusted(-1, 0, ALLOC_ALIGNUP(count), PROT_READ | PROT_WRITE, &obuf);
             if (IS_ERR(retval))
                 return retval;
             memcpy(obuf, buf, count);

Pal/src/host/Linux-SGX/enclave_ocalls.h

@@ -10,8 +10,6 @@
 
 noreturn void ocall_exit (int exitcode, int is_exitgroup);
 
-int ocall_alloc_untrusted (uint64_t size, void ** mem);
-
 int ocall_mmap_untrusted (int fd, uint64_t offset,
                          uint64_t size, unsigned short prot,
                          void ** mem);

Pal/src/host/Linux-SGX/enclave_untrusted.c

@@ -32,7 +32,7 @@ static int pagesize         = PRESET_PAGESIZE;
 static inline void* __malloc(int size) {
     void* addr = NULL;
 
-    ocall_alloc_untrusted(size, &addr);
+    ocall_mmap_untrusted(-1, 0, size, PROT_READ | PROT_WRITE, &addr);
     return addr;
 }
 

Pal/src/host/Linux-SGX/ocall_types.h

@@ -21,7 +21,6 @@ typedef int (*sgx_ocall_fn_t)(void*);
 
 enum {
     OCALL_EXIT = 0,
-    OCALL_ALLOC_UNTRUSTED,
     OCALL_MMAP_UNTRUSTED,
     OCALL_MUNMAP_UNTRUSTED,
     OCALL_CPUID,
@@ -67,11 +66,6 @@ typedef struct {
     int ms_is_exitgroup;
 } ms_ocall_exit_t;
 
-typedef struct {
-    uint64_t ms_size;
-    void * ms_mem;
-} ms_ocall_alloc_untrusted_t;
-
 typedef struct {
     int ms_fd;
     uint64_t ms_offset;

Pal/src/host/Linux-SGX/sgx_enclave.c

@@ -44,29 +44,16 @@ static int sgx_ocall_exit(void* pms)
     return 0;
 }
 
-static int sgx_ocall_alloc_untrusted(void * pms)
-{
-    ms_ocall_alloc_untrusted_t * ms = (ms_ocall_alloc_untrusted_t *) pms;
-    void * addr;
-    ODEBUG(OCALL_ALLOC_UNTRUSTED, ms);
-    addr = (void *) INLINE_SYSCALL(mmap, 6, NULL, ms->ms_size,
-                                   PROT_READ|PROT_WRITE,
-                                   MAP_ANONYMOUS|MAP_PRIVATE, -1, 0);
-    if (IS_ERR_P(addr))
-        return -ERRNO_P(addr);
-
-    ms->ms_mem = addr;
-    return 0;
-}
-
 static int sgx_ocall_mmap_untrusted(void * pms)
 {
     ms_ocall_mmap_untrusted_t * ms = (ms_ocall_mmap_untrusted_t *) pms;
     void * addr;
+
     ODEBUG(OCALL_MMAP_UNTRUSTED, ms);
     addr = (void *) INLINE_SYSCALL(mmap, 6, NULL, ms->ms_size,
                                    ms->ms_prot,
-                                   MAP_FILE|MAP_SHARED,
+                                   (ms->ms_fd == -1) ? MAP_ANONYMOUS | MAP_PRIVATE
+                                                     : MAP_FILE | MAP_SHARED,
                                    ms->ms_fd, ms->ms_offset);
     if (IS_ERR_P(addr))
         return -ERRNO_P(addr);
@@ -689,7 +676,6 @@ static int sgx_ocall_get_attestation(void* pms) {
 
 sgx_ocall_fn_t ocall_table[OCALL_NR] = {
         [OCALL_EXIT]            = sgx_ocall_exit,
-        [OCALL_ALLOC_UNTRUSTED] = sgx_ocall_alloc_untrusted,
         [OCALL_MMAP_UNTRUSTED]  = sgx_ocall_mmap_untrusted,
         [OCALL_MUNMAP_UNTRUSTED]= sgx_ocall_munmap_untrusted,
         [OCALL_CPUID]           = sgx_ocall_cpuid,