123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140 |
- /* Copyright (C) 2014 Stony Brook University
- This file is part of Graphene Library OS.
- Graphene Library OS is free software: you can redistribute it and/or
- modify it under the terms of the GNU Lesser General Public License
- as published by the Free Software Foundation, either version 3 of the
- License, or (at your option) any later version.
- Graphene Library OS is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU Lesser General Public License for more details.
- You should have received a copy of the GNU Lesser General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>. */
- /*
- * db_memory.c
- *
- * This files contains APIs that allocate, free or protect virtual memory.
- */
- #include "pal_defs.h"
- #include "pal_linux_defs.h"
- #include "pal.h"
- #include "pal_internal.h"
- #include "pal_linux.h"
- #include "pal_security.h"
- #include "pal_error.h"
- #include "pal_debug.h"
- #include "api.h"
- #include <asm/mman.h>
- #include "enclave_pages.h"
- #define PAL_VMA_MAX 64
- static struct pal_vma {
- void * top, * bottom;
- } pal_vmas[PAL_VMA_MAX];
- static uint32_t pal_nvmas = 0;
- static struct spinlock pal_vma_lock;
- bool _DkCheckMemoryMappable (const void * addr, size_t size)
- {
- if (addr < DATA_END && addr + size > TEXT_START) {
- printf("address %p-%p is not mappable\n", addr, addr + size);
- return true;
- }
- _DkSpinLock(&pal_vma_lock);
- for (uint32_t i = 0 ; i < pal_nvmas ; i++)
- if (addr < pal_vmas[i].top && addr + size > pal_vmas[i].bottom) {
- printf("address %p-%p is not mappable\n", addr, addr + size);
- _DkSpinUnlock(&pal_vma_lock);
- return true;
- }
- _DkSpinUnlock(&pal_vma_lock);
- return false;
- }
- int _DkVirtualMemoryAlloc (void ** paddr, uint64_t size, int alloc_type, int prot)
- {
- if (!WITHIN_MASK(prot, PAL_PROT_MASK))
- return -PAL_ERROR_INVAL;
- void * addr = *paddr, * mem;
- if ((alloc_type & PAL_ALLOC_INTERNAL) && addr)
- return -PAL_ERROR_INVAL;
- if (size == 0)
- __asm__ volatile ("int $3");
- mem = get_reserved_pages(addr, size);
- if (!mem)
- return addr ? -PAL_ERROR_DENIED : -PAL_ERROR_NOMEM;
- if (addr && mem != addr) {
- // TODO: This case should be made impossible by fixing
- // `get_reserved_pages` semantics.
- free_pages(mem, size);
- return -PAL_ERROR_INVAL; // `addr` was unaligned.
- }
- memset(mem, 0, size);
- if (alloc_type & PAL_ALLOC_INTERNAL) {
- SGX_DBG(DBG_M, "pal allocates %p-%p for internal use\n", mem, mem + size);
- _DkSpinLock(&pal_vma_lock);
- assert(pal_nvmas < PAL_VMA_MAX);
- pal_vmas[pal_nvmas].bottom = mem;
- pal_vmas[pal_nvmas].top = mem + size;
- pal_nvmas++;
- _DkSpinUnlock(&pal_vma_lock);
- }
- *paddr = mem;
- return 0;
- }
- int _DkVirtualMemoryFree (void * addr, uint64_t size)
- {
- if (sgx_is_completely_within_enclave(addr, size)) {
- free_pages(addr, size);
- } else {
- /* Possible to have untrusted mapping. Simply unmap
- the memory outside the enclave */
- ocall_unmap_untrusted(addr, size);
- }
- return 0;
- }
- int _DkVirtualMemoryProtect (void * addr, uint64_t size, int prot)
- {
- static struct atomic_int at_cnt = {.counter = 0};
- if (atomic_cmpxchg(&at_cnt, 0, 1) == 0)
- SGX_DBG(DBG_M, "[Warning] DkVirtualMemoryProtect (0x%p, %lu, %d) is unimplemented",
- addr, size, prot);
- return 0;
- }
- unsigned long _DkMemoryQuota (void)
- {
- return pal_sec.heap_max - pal_sec.heap_min;
- }
- extern struct atomic_int alloced_pages;
- extern unsigned int pagesz;
- unsigned long _DkMemoryAvailableQuota (void)
- {
- return (pal_sec.heap_max - pal_sec.heap_min) -
- atomic_read(&alloced_pages) * pagesz;
- }
|