[Pal/Linux-SGX] OCALL cleanup: remove ocall_sock_recv_fd()/ocall_sock_send_fd()

Previously, there were two similar OCALLs to recv/send messages on sockets:
- ocall_sock_recv() vs ocall_sock_recv_fd(), and
- ocall_sock_send() vs ocall_sock_send_fd().

This commit merges these similar OCALLs into ocall_sock_recv() and
ocall_sock_send() respectively. The *_fd() versions are removed.

Pal/src/host/Linux-SGX/db_pipes.c

@@ -188,7 +188,7 @@ static int64_t pipe_read(PAL_HANDLE handle, uint64_t offset, uint64_t len, void*
         return -PAL_ERROR_INVAL;
 
     int fd    = IS_HANDLE_TYPE(handle, pipeprv) ? handle->pipeprv.fds[0] : handle->pipe.fd;
-    int bytes = ocall_sock_recv(fd, buffer, len, NULL, NULL);
+    int bytes = ocall_sock_recv(fd, buffer, len, NULL, NULL, NULL, NULL);
 
     if (IS_ERR(bytes))
         return unix_to_pal_error(ERRNO(bytes));
@@ -212,7 +212,7 @@ static int64_t pipe_write(PAL_HANDLE handle, uint64_t offset, uint64_t len, cons
         return -PAL_ERROR_INVAL;
 
     int fd    = IS_HANDLE_TYPE(handle, pipeprv) ? handle->pipeprv.fds[1] : handle->pipe.fd;
-    int bytes = ocall_sock_send(fd, buffer, len, NULL, 0);
+    int bytes = ocall_sock_send(fd, buffer, len, NULL, 0, NULL, 0);
 
     PAL_FLG writable = IS_HANDLE_TYPE(handle, pipeprv) ? WRITABLE(1) : WRITABLE(0);
 

Pal/src/host/Linux-SGX/db_sockets.c

@@ -470,7 +470,7 @@ static int64_t tcp_read(PAL_HANDLE handle, uint64_t offset, uint64_t len, void*
     if (len >= (1ULL << (sizeof(unsigned int) * 8)))
         return -PAL_ERROR_INVAL;
 
-    int bytes = ocall_sock_recv(handle->sock.fd, buf, len, NULL, NULL);
+    int bytes = ocall_sock_recv(handle->sock.fd, buf, len, NULL, NULL, NULL, NULL);
 
     if (IS_ERR(bytes))
         return unix_to_pal_error(ERRNO(bytes));
@@ -495,7 +495,7 @@ static int64_t tcp_write(PAL_HANDLE handle, uint64_t offset, uint64_t len, const
     if (len >= (1ULL << (sizeof(unsigned int) * 8)))
         return -PAL_ERROR_INVAL;
 
-    int bytes = ocall_sock_send(handle->sock.fd, buf, len, NULL, 0);
+    int bytes = ocall_sock_send(handle->sock.fd, buf, len, NULL, 0, NULL, 0);
 
     if (IS_ERR(bytes)) {
         bytes = unix_to_pal_error(ERRNO(bytes));
@@ -630,7 +630,7 @@ static int64_t udp_receive(PAL_HANDLE handle, uint64_t offset, uint64_t len, voi
     if (len >= (1ULL << (sizeof(unsigned int) * 8)))
         return -PAL_ERROR_INVAL;
 
-    int ret = ocall_sock_recv(handle->sock.fd, buf, len, NULL, NULL);
+    int ret = ocall_sock_recv(handle->sock.fd, buf, len, NULL, NULL, NULL, NULL);
     return IS_ERR(ret) ? unix_to_pal_error(ERRNO(ret)) : ret;
 }
 
@@ -651,7 +651,7 @@ static int64_t udp_receivebyaddr(PAL_HANDLE handle, uint64_t offset, uint64_t le
     struct sockaddr conn_addr;
     socklen_t conn_addrlen = sizeof(struct sockaddr);
 
-    int bytes = ocall_sock_recv(handle->sock.fd, buf, len, &conn_addr, &conn_addrlen);
+    int bytes = ocall_sock_recv(handle->sock.fd, buf, len, &conn_addr, &conn_addrlen, NULL, NULL);
 
     if (IS_ERR(bytes))
         return unix_to_pal_error(ERRNO(bytes));
@@ -680,7 +680,7 @@ static int64_t udp_send(PAL_HANDLE handle, uint64_t offset, uint64_t len, const
     if (len >= (1ULL << (sizeof(unsigned int) * 8)))
         return -PAL_ERROR_INVAL;
 
-    int bytes = ocall_sock_send(handle->sock.fd, buf, len, NULL, 0);
+    int bytes = ocall_sock_send(handle->sock.fd, buf, len, NULL, 0, NULL, 0);
 
     if (IS_ERR(bytes)) {
         bytes = unix_to_pal_error(ERRNO(bytes));
@@ -727,7 +727,7 @@ static int64_t udp_sendbyaddr(PAL_HANDLE handle, uint64_t offset, uint64_t len,
     if (ret < 0)
         return ret;
 
-    int bytes = ocall_sock_send(handle->sock.fd, buf, len, &conn_addr, conn_addrlen);
+    int bytes = ocall_sock_send(handle->sock.fd, buf, len, &conn_addr, conn_addrlen, NULL, 0);
 
     if (IS_ERR(bytes)) {
         bytes = unix_to_pal_error(ERRNO(bytes));
@@ -1045,7 +1045,7 @@ static int64_t mcast_send(PAL_HANDLE handle, uint64_t offset, uint64_t size, con
     if (size >= (1ULL << (sizeof(unsigned int) * 8)))
         return -PAL_ERROR_INVAL;
 
-    int bytes = ocall_sock_send(handle->mcast.srv, buf, size, NULL, 0);
+    int bytes = ocall_sock_send(handle->mcast.srv, buf, size, NULL, 0, NULL, 0);
 
     if (IS_ERR(bytes)) {
         bytes = unix_to_pal_error(ERRNO(bytes));
@@ -1072,7 +1072,7 @@ static int64_t mcast_receive(PAL_HANDLE handle, uint64_t offset, uint64_t size,
     if (size >= (1ULL << (sizeof(unsigned int) * 8)))
         return -PAL_ERROR_INVAL;
 
-    int bytes = ocall_sock_recv(handle->mcast.cli, buf, size, NULL, NULL);
+    int bytes = ocall_sock_recv(handle->mcast.cli, buf, size, NULL, NULL, NULL, NULL);
 
     if (IS_ERR(bytes))
         bytes = unix_to_pal_error(ERRNO(bytes));

Pal/src/host/Linux-SGX/db_streams.c

@@ -272,19 +272,24 @@ int _DkSendHandle(PAL_HANDLE hdl, PAL_HANDLE cargo) {
             fds[nfds++] = cargo->generic.fds[i];
         }
 
-    // ~ Initialize common parameter formessage passing
-    // Channel between parent and child
     int ch = hdl->process.cargo;
-    ret    = ocall_sock_send(ch, &hdl_hdr, sizeof(struct hdl_header), NULL, 0);
+    ret    = ocall_sock_send(ch, &hdl_hdr, sizeof(struct hdl_header), NULL, 0, NULL, 0);
 
-    // Unlock is error
     if (IS_ERR(ret)) {
         free(hdl_data);
         return unix_to_pal_error(ERRNO(ret));
     }
 
-    //  Send message
-    ret = ocall_sock_send_fd(ch, hdl_data, hdl_hdr.data_size, fds, nfds);
+    uint64_t fds_size = nfds * sizeof(unsigned int);
+    char cbuf[sizeof(struct cmsghdr) + fds_size];
+
+    struct cmsghdr* chdr = (struct cmsghdr*)cbuf;
+    chdr->cmsg_level = SOL_SOCKET;
+    chdr->cmsg_type = SCM_RIGHTS;
+    chdr->cmsg_len = CMSG_LEN(fds_size);
+    memcpy(CMSG_DATA(chdr), fds, fds_size);
+
+    ret = ocall_sock_send(ch, hdl_data, hdl_hdr.data_size, NULL, 0, chdr, chdr->cmsg_len);
 
     free(hdl_data);
     return IS_ERR(ret) ? unix_to_pal_error(ERRNO(ret)) : 0;
@@ -295,26 +300,23 @@ int _DkSendHandle(PAL_HANDLE hdl, PAL_HANDLE cargo) {
 int _DkReceiveHandle(PAL_HANDLE hdl, PAL_HANDLE* cargo) {
     struct hdl_header hdl_hdr;
 
-    // ~ Check connection PAL_HANDLE - is of process type for sending handle
-    // else fail
     if (!IS_HANDLE_TYPE(hdl, process))
         return -PAL_ERROR_BADHANDLE;
 
-    // ~ Initialize common parameter for message passing
-    // Channel between parent and child
     int ch = hdl->process.cargo;
 
-    int ret = ocall_sock_recv(ch, &hdl_hdr, sizeof(struct hdl_header), NULL, NULL);
+    int ret = ocall_sock_recv(ch, &hdl_hdr, sizeof(struct hdl_header), NULL, NULL, NULL, NULL);
 
     if (IS_ERR(ret))
         return unix_to_pal_error(ERRNO(ret));
+
     if ((size_t)ret < sizeof(struct hdl_header)) {
         /*
          * This code block is just in case to cover all the possibilities
          * to shield Iago attack.
          * We know that the file descriptor is an unix domain socket with
          * blocking mode and that the sender, _DkSendHandle() above, sends the
-         * header with single sendto syscall by ocall_sock_send() which
+         * header with single sendmsg syscall by ocall_sock_send() which
          * transfers a message atomically.
          *
          * read size == 0: return error for the caller to try again.
@@ -330,21 +332,29 @@ int _DkReceiveHandle(PAL_HANDLE hdl, PAL_HANDLE* cargo) {
         return -PAL_ERROR_DENIED;
     }
 
-    // initialize variables to get body
-    void* buffer  = __alloca(hdl_hdr.data_size);
     uint32_t nfds = 0;
-
     for (int i = 0; i < MAX_FDS; i++)
         if (hdl_hdr.fds & (1U << i))
             nfds++;
 
-    uint32_t* fds = __alloca(sizeof(unsigned int) * nfds);
+    uint64_t fds_size  = nfds * sizeof(unsigned int);
+    uint64_t cbuf_size = sizeof(struct cmsghdr) + fds_size;
 
-    ret = ocall_sock_recv_fd(ch, buffer, hdl_hdr.data_size, fds, &nfds);
+    char buffer[hdl_hdr.data_size];
+    char cbuf[cbuf_size];
+    ret = ocall_sock_recv(ch, buffer, hdl_hdr.data_size, NULL, NULL, cbuf, &cbuf_size);
 
     if (IS_ERR(ret))
         return unix_to_pal_error(ERRNO(ret));
 
+    nfds = 0;
+    uint32_t fds[fds_size];
+    struct cmsghdr* chdr = (struct cmsghdr*)cbuf;
+    if (chdr->cmsg_type == SCM_RIGHTS) {
+        nfds = (chdr->cmsg_len - sizeof(struct cmsghdr)) / sizeof(int);
+        memcpy(fds, CMSG_DATA(chdr), nfds * sizeof(int));
+    }
+
     PAL_HANDLE handle = NULL;
     ret               = handle_deserialize(&handle, buffer, hdl_hdr.data_size);
     if (ret < 0)

Pal/src/host/Linux-SGX/enclave_ocalls.c

@@ -711,15 +711,17 @@ int ocall_sock_connect (int domain, int type, int protocol,
 }
 
 int ocall_sock_recv (int sockfd, void * buf, unsigned int count,
-                     struct sockaddr * addr, unsigned int * addrlen)
+                     struct sockaddr * addr, unsigned int * addrlenptr,
+                     void * control, uint64_t * controllenptr)
 {
     int retval = 0;
     void * obuf = NULL;
     unsigned int copied;
-    unsigned int len = addrlen ? *addrlen : 0;
+    unsigned int addrlen = addrlenptr ? *addrlenptr : 0;
+    uint64_t controllen  = controllenptr ? *controllenptr : 0;
     ms_ocall_sock_recv_t * ms;
 
-    if ((count + len) > MAX_UNTRUSTED_STACK_BUF) {
+    if ((count + addrlen + controllen) > MAX_UNTRUSTED_STACK_BUF) {
         retval = ocall_mmap_untrusted(-1, 0, ALLOC_ALIGNUP(count), PROT_READ | PROT_WRITE, &obuf);
         if (IS_ERR(retval))
             return retval;
@@ -733,8 +735,10 @@ int ocall_sock_recv (int sockfd, void * buf, unsigned int count,
 
     ms->ms_sockfd = sockfd;
     ms->ms_count = count;
-    ms->ms_addrlen = len;
-    ms->ms_addr = addr ? sgx_alloc_on_ustack(len) : NULL;
+    ms->ms_addrlen = addrlen;
+    ms->ms_addr = addr ? sgx_alloc_on_ustack(addrlen) : NULL;
+    ms->ms_controllen = controllen;
+    ms->ms_control = control ? sgx_alloc_on_ustack(controllen) : NULL;
     if (obuf)
         ms->ms_buf = obuf;
     else
@@ -748,13 +752,22 @@ int ocall_sock_recv (int sockfd, void * buf, unsigned int count,
     retval = sgx_ocall(OCALL_SOCK_RECV, ms);
 
     if (retval >= 0) {
-        if (addr && len) {
-            copied = sgx_copy_to_enclave(addr, len, ms->ms_addr, ms->ms_addrlen);
+        if (addr && addrlen) {
+            copied = sgx_copy_to_enclave(addr, addrlen, ms->ms_addr, ms->ms_addrlen);
             if (!copied) {
                 retval = -EPERM;
                 goto out;
             }
-            *addrlen = copied;
+            *addrlenptr = copied;
+        }
+
+        if (control && controllen) {
+            copied = sgx_copy_to_enclave(control, controllen, ms->ms_control, ms->ms_controllen);
+            if (!copied) {
+                retval = -EPERM;
+                goto out;
+            }
+            *controllenptr = copied;
         }
 
         if (retval > 0 && !sgx_copy_to_enclave(buf, count, ms->ms_buf, retval)) {
@@ -771,7 +784,8 @@ out:
 }
 
 int ocall_sock_send (int sockfd, const void * buf, unsigned int count,
-                     const struct sockaddr * addr, unsigned int addrlen)
+                     const struct sockaddr * addr, unsigned int addrlen,
+                     void * control, uint64_t controllen)
 {
     int retval = 0;
     void * obuf = NULL;
@@ -782,7 +796,7 @@ int ocall_sock_send (int sockfd, const void * buf, unsigned int count,
         obuf = (void*)buf;
     } else if (sgx_is_completely_within_enclave(buf, count)) {
         /* typical case of buf inside of enclave memory */
-        if ((count + addrlen) > MAX_UNTRUSTED_STACK_BUF) {
+        if ((count + addrlen + controllen) > MAX_UNTRUSTED_STACK_BUF) {
             /* buf is too big and may overflow untrusted stack, so use untrusted heap */
             retval = ocall_mmap_untrusted(-1, 0, ALLOC_ALIGNUP(count), PROT_READ | PROT_WRITE, &obuf);
             if (IS_ERR(retval))
@@ -804,6 +818,8 @@ int ocall_sock_send (int sockfd, const void * buf, unsigned int count,
     ms->ms_count = count;
     ms->ms_addrlen = addrlen;
     ms->ms_addr = addr ? sgx_copy_to_ustack(addr, addrlen) : NULL;
+    ms->ms_controllen = controllen;
+    ms->ms_control = control ? sgx_copy_to_ustack(control, controllen) : NULL;
     if (obuf)
         ms->ms_buf = obuf;
     else
@@ -823,83 +839,6 @@ out:
     return retval;
 }
 
-int ocall_sock_recv_fd (int sockfd, void * buf, unsigned int count,
-                        unsigned int * fds, unsigned int * nfds)
-{
-    int retval = 0;
-    unsigned int copied = 0;
-    unsigned int max_nfds_bytes = (*nfds) * sizeof(int);
-    ms_ocall_sock_recv_fd_t * ms;
-
-    ms = sgx_alloc_on_ustack(sizeof(*ms));
-    if (!ms) {
-        sgx_reset_ustack();
-        return -EPERM;
-    }
-
-    ms->ms_sockfd = sockfd;
-    ms->ms_count = count;
-    ms->ms_nfds = *nfds;
-    ms->ms_buf = sgx_alloc_on_ustack(count);
-    ms->ms_fds = sgx_alloc_on_ustack(max_nfds_bytes);
-
-    if (!ms->ms_buf || !ms->ms_fds) {
-        sgx_reset_ustack();
-        return -EPERM;
-    }
-
-    retval = sgx_ocall(OCALL_SOCK_RECV_FD, ms);
-
-    if (retval >= 0) {
-        if (retval > 0 && !sgx_copy_to_enclave(buf, count, ms->ms_buf, retval)) {
-            sgx_reset_ustack();
-            return -EPERM;
-        }
-
-        if (ms->ms_nfds > 0) {
-            /* TOCTOU on ms_nfds is possible, but it is benign */
-            copied = sgx_copy_to_enclave(fds, max_nfds_bytes, ms->ms_fds, ms->ms_nfds * sizeof(int));
-            if (!copied) {
-                sgx_reset_ustack();
-                return -EPERM;
-            }
-        }
-        *nfds = copied / sizeof(int);
-    }
-
-    sgx_reset_ustack();
-    return retval;
-}
-
-int ocall_sock_send_fd (int sockfd, const void * buf, unsigned int count,
-                        const unsigned int * fds, unsigned int nfds)
-{
-    int retval = 0;
-    ms_ocall_sock_send_fd_t * ms;
-
-    ms = sgx_alloc_on_ustack(sizeof(*ms));
-    if (!ms) {
-        sgx_reset_ustack();
-        return -EPERM;
-    }
-
-    ms->ms_sockfd = sockfd;
-    ms->ms_count = count;
-    ms->ms_nfds = nfds;
-    ms->ms_buf = sgx_copy_to_ustack(buf, count);
-    ms->ms_fds = sgx_copy_to_ustack(fds, nfds * sizeof(int));
-
-    if (!ms->ms_buf || !ms->ms_fds) {
-        sgx_reset_ustack();
-        return -EPERM;
-    }
-
-    retval = sgx_ocall(OCALL_SOCK_SEND_FD, ms);
-
-    sgx_reset_ustack();
-    return retval;
-}
-
 int ocall_sock_setopt (int sockfd, int level, int optname,
                        const void * optval, unsigned int optlen)
 {

Pal/src/host/Linux-SGX/enclave_ocalls.h

@@ -60,16 +60,12 @@ int ocall_sock_connect (int domain, int type, int protocol,
                         unsigned int * connaddrlen, struct sockopt * opt);
 
 int ocall_sock_recv (int sockfd, void * buf, unsigned int count,
-                     struct sockaddr * addr, unsigned int * addrlen);
+                     struct sockaddr * addr, unsigned int * addrlenptr,
+                     void * control, uint64_t * controllenptr);
 
 int ocall_sock_send (int sockfd, const void * buf, unsigned int count,
-                     const struct sockaddr * addr, unsigned int addrlen);
-
-int ocall_sock_recv_fd (int sockfd, void * buf, unsigned int count,
-                        unsigned int * fds, unsigned int * nfds);
-
-int ocall_sock_send_fd (int sockfd, const void * buf, unsigned int count,
-                        const unsigned int * fds, unsigned int nfds);
+                     const struct sockaddr * addr, unsigned int addrlen,
+                     void * control, uint64_t controllen);
 
 int ocall_sock_setopt (int sockfd, int level, int optname,
                        const void * optval, unsigned int optlen);

Pal/src/host/Linux-SGX/ocall_types.h

@@ -47,8 +47,6 @@ enum {
     OCALL_SOCK_CONNECT,
     OCALL_SOCK_RECV,
     OCALL_SOCK_SEND,
-    OCALL_SOCK_RECV_FD,
-    OCALL_SOCK_SEND_FD,
     OCALL_SOCK_SETOPT,
     OCALL_SOCK_SHUTDOWN,
     OCALL_GETTIME,
@@ -201,6 +199,8 @@ typedef struct {
     unsigned int ms_count;
     struct sockaddr * ms_addr;
     unsigned int ms_addrlen;
+    void * ms_control;
+    uint64_t ms_controllen;
 } ms_ocall_sock_recv_t;
 
 typedef struct {
@@ -209,24 +209,10 @@ typedef struct {
     unsigned int ms_count;
     const struct sockaddr * ms_addr;
     unsigned int ms_addrlen;
+    void * ms_control;
+    uint64_t ms_controllen;
 } ms_ocall_sock_send_t;
 
-typedef struct {
-    int ms_sockfd;
-    void * ms_buf;
-    unsigned int ms_count;
-    unsigned int * ms_fds;
-    unsigned int ms_nfds;
-} ms_ocall_sock_recv_fd_t;
-
-typedef struct {
-    int ms_sockfd;
-    const void * ms_buf;
-    unsigned int ms_count;
-    const unsigned int * ms_fds;
-    unsigned int ms_nfds;
-} ms_ocall_sock_send_fd_t;
-
 typedef struct {
     int ms_sockfd;
     int ms_level;

Pal/src/host/Linux-SGX/sgx_enclave.c

@@ -425,15 +425,35 @@ static int sgx_ocall_sock_recv(void * pms)
     struct sockaddr * addr = ms->ms_addr;
     socklen_t addrlen = ms->ms_addr ? ms->ms_addrlen : 0;
 
-    if (ms->ms_sockfd == pal_enclave.pal_sec.mcast_srv)
+    if (ms->ms_sockfd == pal_enclave.pal_sec.mcast_srv) {
         addr = NULL;
+        addrlen = 0;
+    }
 
-    ret = INLINE_SYSCALL(recvfrom, 6,
-                         ms->ms_sockfd, ms->ms_buf, ms->ms_count, 0,
-                         addr, addr ? &addrlen : NULL);
+    struct msghdr hdr;
+    struct iovec iov[1];
 
-    if (!IS_ERR(ret) && addr)
-        ms->ms_addrlen = addrlen;
+    iov[0].iov_base    = ms->ms_buf;
+    iov[0].iov_len     = ms->ms_count;
+    hdr.msg_name       = addr;
+    hdr.msg_namelen    = addrlen;
+    hdr.msg_iov        = iov;
+    hdr.msg_iovlen     = 1;
+    hdr.msg_control    = ms->ms_control;
+    hdr.msg_controllen = ms->ms_controllen;
+    hdr.msg_flags      = 0;
+
+    ret = INLINE_SYSCALL(recvmsg, 3, ms->ms_sockfd, &hdr, 0);
+
+    if (!IS_ERR(ret) && hdr.msg_name) {
+        /* note that ms->ms_addr is filled by recvmsg() itself */
+        ms->ms_addrlen = hdr.msg_namelen;
+    }
+
+    if (!IS_ERR(ret) && hdr.msg_control) {
+        /* note that ms->ms_control is filled by recvmsg() itself */
+        ms->ms_controllen = hdr.msg_controllen;
+    }
 
     return ret;
 }
@@ -455,107 +475,20 @@ static int sgx_ocall_sock_send(void * pms)
         addrlen = sizeof(struct sockaddr_in);
     }
 
-    ret = INLINE_SYSCALL(sendto, 6,
-                         ms->ms_sockfd, ms->ms_buf, ms->ms_count, MSG_NOSIGNAL,
-                         addr, addrlen);
-
-    return ret;
-}
-
-static int sgx_ocall_sock_recv_fd(void * pms)
-{
-    ms_ocall_sock_recv_fd_t * ms = (ms_ocall_sock_recv_fd_t *) pms;
-    int ret;
-    ODEBUG(OCALL_SOCK_RECV_FD, ms);
-
     struct msghdr hdr;
     struct iovec iov[1];
 
-    // receive PAL_HANDLE contents in the body
-    char cbuf[sizeof(struct cmsghdr) + ms->ms_nfds * sizeof(int)];
-
-    iov[0].iov_base = ms->ms_buf;
-    iov[0].iov_len = ms->ms_count;
-
-    // clear body memory
-    memset(&hdr, 0, sizeof(struct msghdr));
-
-    // set message header values
-    hdr.msg_iov = iov;
-    hdr.msg_iovlen = 1;
-    hdr.msg_control = cbuf;
-    hdr.msg_controllen = sizeof(struct cmsghdr) + sizeof(int) *
-                         ms->ms_nfds;
-    hdr.msg_flags = 0;
-
-    ret = INLINE_SYSCALL(recvmsg, 3, ms->ms_sockfd, &hdr, 0);
-
-    if (!IS_ERR(ret)) {
-        struct cmsghdr * chdr = CMSG_FIRSTHDR(&hdr);
-        if (chdr &&
-            chdr->cmsg_type == SCM_RIGHTS) {
-            ms->ms_nfds = (chdr->cmsg_len - sizeof(struct cmsghdr)) /
-                          sizeof(int);
-            memcpy(ms->ms_fds, CMSG_DATA(chdr), sizeof(int) * ms->ms_nfds);
-        } else {
-            ms->ms_nfds = 0;
-        }
-    }
-
-    return ret;
-}
-
-static int sgx_ocall_sock_send_fd(void * pms)
-{
-    ms_ocall_sock_send_fd_t * ms = (ms_ocall_sock_send_fd_t *) pms;
-    int ret;
-    ODEBUG(OCALL_SOCK_SEND_FD, ms);
-
-    // Declare variables required for sending the message
-    struct msghdr hdr; // message header
-    struct cmsghdr * chdr; //control message header
-    struct iovec iov[1]; // IO Vector
-
-    /* Message Body Composition:
-       IOVEC[0]: PAL_HANDLE
-       IOVEC[1..n]: Additional handle member follow
-       Control Message: file descriptors */
-
-    // Control message buffer with added space for 2 fds (ie. max size
-    // that it will have)
-    char cbuf[sizeof(struct cmsghdr) + ms->ms_nfds * sizeof(int)];
-
-    iov[0].iov_base = (void *) ms->ms_buf;
-    iov[0].iov_len = ms->ms_count;
-
-    hdr.msg_name = NULL;
-    hdr.msg_namelen = 0;
-    hdr.msg_iov = iov;
-    hdr.msg_iovlen = 1;
-    hdr.msg_flags = 0;
-
-    hdr.msg_control = cbuf; // Control Message Buffer
-    hdr.msg_controllen = sizeof(struct cmsghdr) + sizeof(int) * ms->ms_nfds;
-
-    // Fill control message infomation for the file descriptors
-    // Check hdr.msg_controllen >= sizeof(struct cmsghdr) to point to
-    // cbuf, which is redundant based on the above code as we have
-    // statically allocated memory.
-    // or (struct cmsghdr*) cbuf
-    chdr = CMSG_FIRSTHDR(&hdr); // Pointer to msg_control
-    chdr->cmsg_level = SOL_SOCKET; // Originating Protocol
-    chdr->cmsg_type = SCM_RIGHTS; // Protocol Specific Type
-    // Length of control message = sizeof(struct cmsghdr) + nfds
-    chdr->cmsg_len = CMSG_LEN(sizeof(int) * ms->ms_nfds);
-
-    // Copy the fds below control header
-    memcpy(CMSG_DATA(chdr), ms->ms_fds, sizeof(int) * ms->ms_nfds);
-
-    // Also, Update main header with control message length (duplicate)
-    hdr.msg_controllen = chdr->cmsg_len;
+    iov[0].iov_base    = (void*)ms->ms_buf;
+    iov[0].iov_len     = ms->ms_count;
+    hdr.msg_name       = (void*)addr;
+    hdr.msg_namelen    = addrlen;
+    hdr.msg_iov        = iov;
+    hdr.msg_iovlen     = 1;
+    hdr.msg_control    = ms->ms_control;
+    hdr.msg_controllen = ms->ms_controllen;
+    hdr.msg_flags      = 0;
 
     ret = INLINE_SYSCALL(sendmsg, 3, ms->ms_sockfd, &hdr, MSG_NOSIGNAL);
-
     return ret;
 }
 
@@ -709,8 +642,6 @@ sgx_ocall_fn_t ocall_table[OCALL_NR] = {
         [OCALL_SOCK_CONNECT]    = sgx_ocall_sock_connect,
         [OCALL_SOCK_RECV]       = sgx_ocall_sock_recv,
         [OCALL_SOCK_SEND]       = sgx_ocall_sock_send,
-        [OCALL_SOCK_RECV_FD]    = sgx_ocall_sock_recv_fd,
-        [OCALL_SOCK_SEND_FD]    = sgx_ocall_sock_send_fd,
         [OCALL_SOCK_SETOPT]     = sgx_ocall_sock_setopt,
         [OCALL_SOCK_SHUTDOWN]   = sgx_ocall_sock_shutdown,
         [OCALL_GETTIME]         = sgx_ocall_gettime,