sgx_enclave.c 22 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715
  1. /* -*- mode:c; c-file-style:"k&r"; c-basic-offset: 4; tab-width:4; indent-tabs-mode:nil; mode:auto-fill; fill-column:78; -*- */
  2. /* vim: set ts=4 sw=4 et tw=78 fo=cqt wm=0: */
  3. #include "ocall_types.h"
  4. #include "ecall_types.h"
  5. #include "sgx_internal.h"
  6. #include "pal_security.h"
  7. #include "pal_linux_error.h"
  8. #include <asm/mman.h>
  9. #include <asm/ioctls.h>
  10. #include <asm/socket.h>
  11. #include <linux/fs.h>
  12. #include <linux/in.h>
  13. #include <linux/in6.h>
  14. #include <math.h>
  15. #include <asm/errno.h>
  16. #ifndef SOL_IPV6
  17. # define SOL_IPV6 41
  18. #endif
  19. #define ODEBUG(code, ms) do {} while (0)
  20. static int sgx_ocall_exit(void * pms)
  21. {
  22. ODEBUG(OCALL_EXIT, NULL);
  23. INLINE_SYSCALL(exit, 1, 0);
  24. return 0;
  25. }
  26. static int sgx_ocall_print_string(void * pms)
  27. {
  28. ms_ocall_print_string_t * ms = (ms_ocall_print_string_t *) pms;
  29. INLINE_SYSCALL(write, 3, 2, ms->ms_str, ms->ms_length);
  30. return 0;
  31. }
  32. static int sgx_ocall_alloc_untrusted(void * pms)
  33. {
  34. ms_ocall_alloc_untrusted_t * ms = (ms_ocall_alloc_untrusted_t *) pms;
  35. void * addr;
  36. ODEBUG(OCALL_ALLOC_UNTRUSTED, ms);
  37. addr = (void *) INLINE_SYSCALL(mmap, 6, NULL, ms->ms_size,
  38. PROT_READ|PROT_WRITE,
  39. MAP_ANONYMOUS|MAP_PRIVATE, -1, 0);
  40. if (IS_ERR_P(addr))
  41. return -PAL_ERROR_NOMEM;
  42. ms->ms_mem = addr;
  43. return 0;
  44. }
  45. static int sgx_ocall_map_untrusted(void * pms)
  46. {
  47. ms_ocall_map_untrusted_t * ms = (ms_ocall_map_untrusted_t *) pms;
  48. void * addr;
  49. ODEBUG(OCALL_MAP_UNTRUSTED, ms);
  50. addr = (void *) INLINE_SYSCALL(mmap, 6, NULL, ms->ms_size,
  51. ms->ms_prot,
  52. MAP_FILE|MAP_SHARED,
  53. ms->ms_fd, ms->ms_offset);
  54. if (IS_ERR_P(addr))
  55. return -PAL_ERROR_NOMEM;
  56. ms->ms_mem = addr;
  57. return 0;
  58. }
  59. static int sgx_ocall_unmap_untrusted(void * pms)
  60. {
  61. ms_ocall_unmap_untrusted_t * ms = (ms_ocall_unmap_untrusted_t *) pms;
  62. ODEBUG(OCALL_UNMAP_UNTRUSTED, ms);
  63. INLINE_SYSCALL(munmap, 2, ALLOC_ALIGNDOWN(ms->ms_mem),
  64. ALLOC_ALIGNUP(ms->ms_mem + ms->ms_size) -
  65. ALLOC_ALIGNDOWN(ms->ms_mem));
  66. return 0;
  67. }
  68. static int sgx_ocall_cpuid(void * pms)
  69. {
  70. ms_ocall_cpuid_t * ms = (ms_ocall_cpuid_t *) pms;
  71. ODEBUG(OCALL_CPUID, ms);
  72. asm volatile ("cpuid"
  73. : "=a"(ms->ms_values[0]),
  74. "=b"(ms->ms_values[1]),
  75. "=c"(ms->ms_values[2]),
  76. "=d"(ms->ms_values[3])
  77. : "a"(ms->ms_leaf), "c"(ms->ms_subleaf) : "memory");
  78. return 0;
  79. }
  80. static int sgx_ocall_open(void * pms)
  81. {
  82. ms_ocall_open_t * ms = (ms_ocall_open_t *) pms;
  83. int ret;
  84. ODEBUG(OCALL_OPEN, ms);
  85. ret = INLINE_SYSCALL(open, 3, ms->ms_pathname, ms->ms_flags|O_CLOEXEC,
  86. ms->ms_mode);
  87. return IS_ERR(ret) ? unix_to_pal_error(ERRNO(ret)) : ret;
  88. }
  89. static int sgx_ocall_close(void * pms)
  90. {
  91. ms_ocall_close_t * ms = (ms_ocall_close_t *) pms;
  92. ODEBUG(OCALL_CLOSE, ms);
  93. INLINE_SYSCALL(close, 1, ms->ms_fd);
  94. return 0;
  95. }
  96. static int sgx_ocall_read(void * pms)
  97. {
  98. ms_ocall_read_t * ms = (ms_ocall_read_t *) pms;
  99. int ret;
  100. ODEBUG(OCALL_READ, ms);
  101. ret = INLINE_SYSCALL(read, 3, ms->ms_fd, ms->ms_buf, ms->ms_count);
  102. return IS_ERR(ret) ? unix_to_pal_error(ERRNO(ret)) : ret;
  103. }
  104. static int sgx_ocall_write(void * pms)
  105. {
  106. ms_ocall_write_t * ms = (ms_ocall_write_t *) pms;
  107. int ret;
  108. ODEBUG(OCALL_WRITE, ms);
  109. ret = INLINE_SYSCALL(write, 3, ms->ms_fd, ms->ms_buf, ms->ms_count);
  110. return IS_ERR(ret) ? unix_to_pal_error(ERRNO(ret)) : ret;
  111. }
  112. static int sgx_ocall_fstat(void * pms)
  113. {
  114. ms_ocall_fstat_t * ms = (ms_ocall_fstat_t *) pms;
  115. int ret;
  116. ODEBUG(OCALL_FSTAT, ms);
  117. ret = INLINE_SYSCALL(fstat, 2, ms->ms_fd, &ms->ms_stat);
  118. return IS_ERR(ret) ? unix_to_pal_error(ERRNO(ret)) : ret;
  119. }
  120. static int sgx_ocall_fionread(void * pms)
  121. {
  122. ms_ocall_fionread_t * ms = (ms_ocall_fionread_t *) pms;
  123. int ret, val;
  124. ODEBUG(OCALL_FIONREAD, ms);
  125. ret = INLINE_SYSCALL(ioctl, 3, ms->ms_fd, FIONREAD, &val);
  126. return IS_ERR(ret) ? unix_to_pal_error(ERRNO(ret)) : val;
  127. }
  128. static int sgx_ocall_fsetnonblock(void * pms)
  129. {
  130. ms_ocall_fsetnonblock_t * ms = (ms_ocall_fsetnonblock_t *) pms;
  131. int ret, flags;
  132. ODEBUG(OCALL_FSETNONBLOCK, ms);
  133. ret = INLINE_SYSCALL(fcntl, 2, ms->ms_fd, F_GETFL);
  134. if (IS_ERR(ret))
  135. return -ERRNO(ret);
  136. flags = ret;
  137. if (ms->ms_nonblocking) {
  138. if (!(flags & O_NONBLOCK))
  139. ret = INLINE_SYSCALL(fcntl, 3, ms->ms_fd, F_SETFL,
  140. flags | O_NONBLOCK);
  141. } else {
  142. if (flags & O_NONBLOCK)
  143. ret = INLINE_SYSCALL(fcntl, 3, ms->ms_fd, F_SETFL,
  144. flags & ~O_NONBLOCK);
  145. }
  146. return IS_ERR(ret) ? unix_to_pal_error(ERRNO(ret)) : 0;
  147. }
  148. static int sgx_ocall_fchmod(void * pms)
  149. {
  150. ms_ocall_fchmod_t * ms = (ms_ocall_fchmod_t *) pms;
  151. int ret;
  152. ODEBUG(OCALL_FCHMOD, ms);
  153. ret = INLINE_SYSCALL(fchmod, 2, ms->ms_fd, ms->ms_mode);
  154. return IS_ERR(ret) ? unix_to_pal_error(ERRNO(ret)) : ret;
  155. }
  156. static int sgx_ocall_fsync(void * pms)
  157. {
  158. ms_ocall_fsync_t * ms = (ms_ocall_fsync_t *) pms;
  159. ODEBUG(OCALL_FSYNC, ms);
  160. INLINE_SYSCALL(fsync, 1, ms->ms_fd);
  161. return 0;
  162. }
  163. static int sgx_ocall_ftruncate(void * pms)
  164. {
  165. ms_ocall_ftruncate_t * ms = (ms_ocall_ftruncate_t *) pms;
  166. int ret;
  167. ODEBUG(OCALL_FTRUNCATE, ms);
  168. ret = INLINE_SYSCALL(ftruncate, 2, ms->ms_fd, ms->ms_length);
  169. return IS_ERR(ret) ? unix_to_pal_error(ERRNO(ret)) : ret;
  170. }
  171. static int sgx_ocall_mkdir(void * pms)
  172. {
  173. ms_ocall_mkdir_t * ms = (ms_ocall_mkdir_t *) pms;
  174. int ret;
  175. ODEBUG(OCALL_MKDIR, ms);
  176. ret = INLINE_SYSCALL(mkdir, 2, ms->ms_pathname, ms->ms_mode);
  177. return IS_ERR(ret) ? unix_to_pal_error(ERRNO(ret)) : ret;
  178. }
  179. static int sgx_ocall_getdents(void * pms)
  180. {
  181. ms_ocall_getdents_t * ms = (ms_ocall_getdents_t *) pms;
  182. int ret;
  183. ODEBUG(OCALL_GETDENTS, ms);
  184. ret = INLINE_SYSCALL(getdents64, 3, ms->ms_fd, ms->ms_dirp, ms->ms_size);
  185. return IS_ERR(ret) ? unix_to_pal_error(ERRNO(ret)) : ret;
  186. }
  187. static int sgx_ocall_wake_thread(void * pms)
  188. {
  189. ODEBUG(OCALL_WAKE_THREAD, pms);
  190. return pms ? interrupt_thread(pms) : clone_thread();
  191. }
  192. int sgx_create_process (const char * uri,
  193. int nargs, const char ** args,
  194. int * retfds);
  195. static int sgx_ocall_create_process(void * pms)
  196. {
  197. ms_ocall_create_process_t * ms = (ms_ocall_create_process_t *) pms;
  198. ODEBUG(OCALL_CREATE_PROCESS, ms);
  199. int ret = sgx_create_process(ms->ms_uri, ms->ms_nargs, ms->ms_args,
  200. ms->ms_proc_fds);
  201. if (ret < 0)
  202. return ret;
  203. ms->ms_pid = ret;
  204. return 0;
  205. }
  206. static int sgx_ocall_futex(void * pms)
  207. {
  208. ms_ocall_futex_t * ms = (ms_ocall_futex_t *) pms;
  209. int ret;
  210. ODEBUG(OCALL_FUTEX, ms);
  211. struct timespec * ts = NULL;
  212. if (ms->ms_timeout != OCALL_NO_TIMEOUT) {
  213. ts = __alloca(sizeof(struct timespec));
  214. ts->tv_sec = ms->ms_timeout / 1000000;
  215. ts->tv_nsec = (ms->ms_timeout - ts->tv_sec * 1000000) * 1000;
  216. }
  217. ret = INLINE_SYSCALL(futex, 6, ms->ms_futex, ms->ms_op, ms->ms_val,
  218. ts, NULL, 0);
  219. return IS_ERR(ret) ? unix_to_pal_error(ERRNO(ret)) : ret;
  220. }
  221. static int sgx_ocall_socketpair(void * pms)
  222. {
  223. ms_ocall_socketpair_t * ms = (ms_ocall_socketpair_t *) pms;
  224. int ret;
  225. ODEBUG(OCALL_SOCKETPAIR, ms);
  226. ret = INLINE_SYSCALL(socketpair, 4, ms->ms_domain,
  227. ms->ms_type|SOCK_CLOEXEC,
  228. ms->ms_protocol, &ms->ms_sockfds);
  229. return IS_ERR(ret) ? unix_to_pal_error(ERRNO(ret)) : ret;
  230. }
  231. static int sock_getopt(int fd, struct sockopt * opt)
  232. {
  233. return 0;
  234. }
  235. static int sgx_ocall_sock_listen(void * pms)
  236. {
  237. ms_ocall_sock_listen_t * ms = (ms_ocall_sock_listen_t *) pms;
  238. int ret, fd;
  239. ODEBUG(OCALL_SOCK_LISTEN, ms);
  240. ret = INLINE_SYSCALL(socket, 3, ms->ms_domain,
  241. ms->ms_type|SOCK_CLOEXEC,
  242. ms->ms_protocol);
  243. if (IS_ERR(ret)) {
  244. ret = -PAL_ERROR_DENIED;
  245. goto err;
  246. }
  247. fd = ret;
  248. if (ms->ms_addr->sa_family == AF_INET6) {
  249. int ipv6only = 1;
  250. INLINE_SYSCALL(setsockopt, 5, fd, SOL_IPV6, IPV6_V6ONLY, &ipv6only,
  251. sizeof(int));
  252. }
  253. /* must set the socket to be reuseable */
  254. int reuseaddr = 1;
  255. INLINE_SYSCALL(setsockopt, 5, fd, SOL_SOCKET, SO_REUSEADDR, &reuseaddr,
  256. sizeof(int));
  257. ret = INLINE_SYSCALL(bind, 3, fd, ms->ms_addr, ms->ms_addrlen);
  258. if (IS_ERR(ret)) {
  259. ret = unix_to_pal_error(ERRNO(ret));
  260. goto err_fd;
  261. }
  262. if (ms->ms_type & SOCK_STREAM) {
  263. ret = INLINE_SYSCALL(listen, 2, fd, DEFAULT_BACKLOG);
  264. if (IS_ERR(ret)) {
  265. ret = -PAL_ERROR_DENIED;
  266. goto err_fd;
  267. }
  268. }
  269. ret = sock_getopt(fd, &ms->ms_sockopt);
  270. if (ret < 0)
  271. goto err_fd;
  272. return fd;
  273. err_fd:
  274. INLINE_SYSCALL(close, 1, fd);
  275. err:
  276. return ret;
  277. }
  278. static int sgx_ocall_sock_accept(void * pms)
  279. {
  280. ms_ocall_sock_accept_t * ms = (ms_ocall_sock_accept_t *) pms;
  281. int ret, fd;
  282. ODEBUG(OCALL_SOCK_ACCEPT, ms);
  283. socklen_t addrlen = ms->ms_addrlen;
  284. ret = INLINE_SYSCALL(accept4, 4, ms->ms_sockfd, ms->ms_addr,
  285. &addrlen, O_CLOEXEC);
  286. if (IS_ERR(ret)) {
  287. ret = unix_to_pal_error(ERRNO(ret));
  288. goto err;
  289. }
  290. fd = ret;
  291. ret = sock_getopt(fd, &ms->ms_sockopt);
  292. if (ret < 0)
  293. goto err_fd;
  294. ms->ms_addrlen = addrlen;
  295. return fd;
  296. err_fd:
  297. INLINE_SYSCALL(close, 1, fd);
  298. err:
  299. return ret;
  300. }
  301. static int sgx_ocall_sock_connect(void * pms)
  302. {
  303. ms_ocall_sock_connect_t * ms = (ms_ocall_sock_connect_t *) pms;
  304. int ret, fd;
  305. ODEBUG(OCALL_SOCK_CONNECT, ms);
  306. ret = INLINE_SYSCALL(socket, 3, ms->ms_domain,
  307. ms->ms_type|SOCK_CLOEXEC,
  308. ms->ms_protocol);
  309. if (IS_ERR(ret)) {
  310. ret = -PAL_ERROR_DENIED;
  311. goto err;
  312. }
  313. fd = ret;
  314. if (ms->ms_addr->sa_family == AF_INET6) {
  315. int ipv6only = 1;
  316. INLINE_SYSCALL(setsockopt, 5, fd, SOL_IPV6, IPV6_V6ONLY, &ipv6only,
  317. sizeof(int));
  318. }
  319. if (ms->ms_bind_addr && ms->ms_bind_addr->sa_family) {
  320. ret = INLINE_SYSCALL(bind, 3, fd, ms->ms_bind_addr,
  321. ms->ms_bind_addrlen);
  322. if (IS_ERR(ret)) {
  323. ret = unix_to_pal_error(ERRNO(ret));
  324. goto err_fd;
  325. }
  326. }
  327. ret = INLINE_SYSCALL(connect, 3, fd, ms->ms_addr, ms->ms_addrlen);
  328. if (IS_ERR(ret) && ERRNO(ret) == EINPROGRESS) {
  329. do {
  330. struct pollfd pfd = { .fd = fd, .events = POLLOUT, .revents = 0, };
  331. ret = INLINE_SYSCALL(ppoll, 4, &pfd, 1, NULL, NULL);
  332. } while (IS_ERR(ret) &&
  333. ERRNO(ret) == -EWOULDBLOCK);
  334. }
  335. if (IS_ERR(ret)) {
  336. ret = unix_to_pal_error(ERRNO(ret));
  337. goto err_fd;
  338. }
  339. if (ms->ms_bind_addr && !ms->ms_bind_addr->sa_family) {
  340. socklen_t addrlen;
  341. ret = INLINE_SYSCALL(getsockname, 3, fd, ms->ms_bind_addr,
  342. &addrlen);
  343. if (IS_ERR(ret)) {
  344. ret = -PAL_ERROR_DENIED;
  345. goto err_fd;
  346. }
  347. ms->ms_bind_addrlen = addrlen;
  348. }
  349. ret = sock_getopt(fd, &ms->ms_sockopt);
  350. if (ret < 0)
  351. goto err_fd;
  352. return fd;
  353. err_fd:
  354. INLINE_SYSCALL(close, 1, fd);
  355. err:
  356. return ret;
  357. }
  358. static int sgx_ocall_sock_recv(void * pms)
  359. {
  360. ms_ocall_sock_recv_t * ms = (ms_ocall_sock_recv_t *) pms;
  361. int ret;
  362. ODEBUG(OCALL_SOCK_RECV, ms);
  363. struct sockaddr * addr = ms->ms_addr;
  364. socklen_t addrlen = ms->ms_addr ? ms->ms_addrlen : 0;
  365. if (ms->ms_sockfd == PAL_SEC()->mcast_srv)
  366. addr = NULL;
  367. ret = INLINE_SYSCALL(recvfrom, 6,
  368. ms->ms_sockfd, ms->ms_buf, ms->ms_count, 0,
  369. addr, addr ? &addrlen : NULL);
  370. if (!IS_ERR(ret) && addr)
  371. ms->ms_addrlen = addrlen;
  372. return IS_ERR(ret) ? unix_to_pal_error(ERRNO(ret)) : ret;
  373. }
  374. static int sgx_ocall_sock_send(void * pms)
  375. {
  376. ms_ocall_sock_send_t * ms = (ms_ocall_sock_send_t *) pms;
  377. int ret;
  378. ODEBUG(OCALL_SOCK_SEND, ms);
  379. const struct sockaddr * addr = ms->ms_addr;
  380. socklen_t addrlen = ms->ms_addr ? ms->ms_addrlen : 0;
  381. if (ms->ms_sockfd == PAL_SEC()->mcast_srv) {
  382. struct sockaddr_in * mcast_addr = __alloca(sizeof(struct sockaddr_in));
  383. mcast_addr->sin_family = AF_INET;
  384. inet_pton4(MCAST_GROUP, sizeof(MCAST_GROUP), &mcast_addr->sin_addr.s_addr);
  385. mcast_addr->sin_port = htons(PAL_SEC()->mcast_port);
  386. addr = (struct sockaddr *) mcast_addr;
  387. addrlen = sizeof(struct sockaddr_in);
  388. }
  389. ret = INLINE_SYSCALL(sendto, 6,
  390. ms->ms_sockfd, ms->ms_buf, ms->ms_count, MSG_NOSIGNAL,
  391. addr, addrlen);
  392. return IS_ERR(ret) ? unix_to_pal_error(ERRNO(ret)) : ret;
  393. }
  394. static int sgx_ocall_sock_recv_fd(void * pms)
  395. {
  396. ms_ocall_sock_recv_fd_t * ms = (ms_ocall_sock_recv_fd_t *) pms;
  397. int ret;
  398. ODEBUG(OCALL_SOCK_RECV_FD, ms);
  399. struct msghdr hdr;
  400. struct iovec iov[1];
  401. // receive PAL_HANDLE contents in the body
  402. char cbuf[sizeof(struct cmsghdr) + ms->ms_nfds * sizeof(int)];
  403. iov[0].iov_base = ms->ms_buf;
  404. iov[0].iov_len = ms->ms_count;
  405. // clear body memory
  406. memset(&hdr, 0, sizeof(struct msghdr));
  407. // set message header values
  408. hdr.msg_iov = iov;
  409. hdr.msg_iovlen = 1;
  410. hdr.msg_control = cbuf;
  411. hdr.msg_controllen = sizeof(struct cmsghdr) + sizeof(int) *
  412. ms->ms_nfds;
  413. hdr.msg_flags = 0;
  414. ret = INLINE_SYSCALL(recvmsg, 3, ms->ms_sockfd, &hdr, 0);
  415. if (!IS_ERR(ret)) {
  416. struct cmsghdr * chdr = CMSG_FIRSTHDR(&hdr);
  417. if (chdr &&
  418. chdr->cmsg_type == SCM_RIGHTS) {
  419. ms->ms_nfds = (chdr->cmsg_len - sizeof(struct cmsghdr)) /
  420. sizeof(int);
  421. memcpy(ms->ms_fds, CMSG_DATA(chdr), sizeof(int) * ms->ms_nfds);
  422. } else {
  423. ms->ms_nfds = 0;
  424. }
  425. return ret;
  426. }
  427. return unix_to_pal_error(ERRNO(ret));
  428. }
  429. static int sgx_ocall_sock_send_fd(void * pms)
  430. {
  431. ms_ocall_sock_send_fd_t * ms = (ms_ocall_sock_send_fd_t *) pms;
  432. int ret;
  433. ODEBUG(OCALL_SOCK_SEND_FD, ms);
  434. // Declare variables required for sending the message
  435. struct msghdr hdr; // message header
  436. struct cmsghdr * chdr; //control message header
  437. struct iovec iov[1]; // IO Vector
  438. /* Message Body Composition:
  439. IOVEC[0]: PAL_HANDLE
  440. IOVEC[1..n]: Additional handle member follow
  441. Control Message: file descriptors */
  442. // Control message buffer with added space for 2 fds (ie. max size
  443. // that it will have)
  444. char cbuf[sizeof(struct cmsghdr) + ms->ms_nfds * sizeof(int)];
  445. iov[0].iov_base = (void *) ms->ms_buf;
  446. iov[0].iov_len = ms->ms_count;
  447. hdr.msg_name = NULL;
  448. hdr.msg_namelen = 0;
  449. hdr.msg_iov = iov;
  450. hdr.msg_iovlen = 1;
  451. hdr.msg_flags = 0;
  452. hdr.msg_control = cbuf; // Control Message Buffer
  453. hdr.msg_controllen = sizeof(struct cmsghdr) + sizeof(int) * ms->ms_nfds;
  454. // Fill control message infomation for the file descriptors
  455. // Check hdr.msg_controllen >= sizeof(struct cmsghdr) to point to
  456. // cbuf, which is redundant based on the above code as we have
  457. // statically allocated memory.
  458. // or (struct cmsghdr*) cbuf
  459. chdr = CMSG_FIRSTHDR(&hdr); // Pointer to msg_control
  460. chdr->cmsg_level = SOL_SOCKET; // Originating Protocol
  461. chdr->cmsg_type = SCM_RIGHTS; // Protocol Specific Type
  462. // Length of control message = sizeof(struct cmsghdr) + nfds
  463. chdr->cmsg_len = CMSG_LEN(sizeof(int) * ms->ms_nfds);
  464. // Copy the fds below control header
  465. memcpy(CMSG_DATA(chdr), ms->ms_fds, sizeof(int) * ms->ms_nfds);
  466. // Also, Update main header with control message length (duplicate)
  467. hdr.msg_controllen = chdr->cmsg_len;
  468. ret = INLINE_SYSCALL(sendmsg, 3, ms->ms_sockfd, &hdr, MSG_NOSIGNAL);
  469. return IS_ERR(ret) ? unix_to_pal_error(ERRNO(ret)) : ret;
  470. }
  471. static int sgx_ocall_sock_setopt(void * pms)
  472. {
  473. ms_ocall_sock_setopt_t * ms = (ms_ocall_sock_setopt_t *) pms;
  474. int ret;
  475. ODEBUG(OCALL_SOCK_SETOPT, ms);
  476. ret = INLINE_SYSCALL(setsockopt, 5,
  477. ms->ms_sockfd, ms->ms_level, ms->ms_optname,
  478. ms->ms_optval, ms->ms_optlen);
  479. return IS_ERR(ret) ? unix_to_pal_error(ERRNO(ret)) : ret;
  480. }
  481. static int sgx_ocall_sock_shutdown(void * pms)
  482. {
  483. ms_ocall_sock_shutdown_t * ms = (ms_ocall_sock_shutdown_t *) pms;
  484. ODEBUG(OCALL_SOCK_SHUTDOWN, ms);
  485. INLINE_SYSCALL(shutdown, 2, ms->ms_sockfd, ms->ms_how);
  486. return 0;
  487. }
  488. static int sgx_ocall_gettime(void * pms)
  489. {
  490. ms_ocall_gettime_t * ms = (ms_ocall_gettime_t *) pms;
  491. ODEBUG(OCALL_GETTIME, ms);
  492. struct timeval tv;
  493. INLINE_SYSCALL(gettimeofday, 2, &tv, NULL);
  494. ms->ms_microsec = tv.tv_sec * 1000000UL + tv.tv_usec;
  495. return 0;
  496. }
  497. static int sgx_ocall_sleep(void * pms)
  498. {
  499. ms_ocall_sleep_t * ms = (ms_ocall_sleep_t *) pms;
  500. int ret;
  501. ODEBUG(OCALL_SLEEP, ms);
  502. if (!ms->ms_microsec) {
  503. INLINE_SYSCALL(sched_yield, 0);
  504. return 0;
  505. }
  506. struct timespec req, rem;
  507. req.tv_sec = ms->ms_microsec / 1000000;
  508. req.tv_nsec = (ms->ms_microsec - req.tv_sec * 1000000) * 1000;
  509. ret = INLINE_SYSCALL(nanosleep, 2, &req, &rem);
  510. if (IS_ERR(ret) && ERRNO(ret) == EINTR)
  511. ms->ms_microsec = rem.tv_sec * 1000000 + rem.tv_nsec / 1000;
  512. return IS_ERR(ret) ? unix_to_pal_error(ERRNO(ret)) : ret;
  513. }
  514. static int sgx_ocall_poll(void * pms)
  515. {
  516. ms_ocall_poll_t * ms = (ms_ocall_poll_t *) pms;
  517. int ret;
  518. ODEBUG(OCALL_POLL, ms);
  519. struct timespec * ts = NULL;
  520. if (ms->ms_timeout != OCALL_NO_TIMEOUT) {
  521. ts = __alloca(sizeof(struct timespec));
  522. ts->tv_sec = ms->ms_timeout / 1000000;
  523. ts->tv_nsec = (ms->ms_timeout - ts->tv_sec * 1000000) * 1000;
  524. }
  525. ret = INLINE_SYSCALL(ppoll, 4, ms->ms_fds, ms->ms_nfds, ts, NULL);
  526. return IS_ERR(ret) ? unix_to_pal_error(ERRNO(ret)) : ret;
  527. }
  528. static int sgx_ocall_rename(void * pms)
  529. {
  530. ms_ocall_rename_t * ms = (ms_ocall_rename_t *) pms;
  531. int ret;
  532. ODEBUG(OCALL_RENAME, ms);
  533. ret = INLINE_SYSCALL(rename, 2, ms->ms_oldpath, ms->ms_newpath);
  534. return IS_ERR(ret) ? unix_to_pal_error(ERRNO(ret)) : ret;
  535. }
  536. static int sgx_ocall_delete(void * pms)
  537. {
  538. ms_ocall_delete_t * ms = (ms_ocall_delete_t *) pms;
  539. int ret;
  540. ODEBUG(OCALL_DELETE, ms);
  541. ret = INLINE_SYSCALL(unlink, 1, ms->ms_pathname);
  542. if (IS_ERR(ret) && ERRNO(ret) == EISDIR)
  543. ret = INLINE_SYSCALL(rmdir, 1, ms->ms_pathname);
  544. return IS_ERR(ret) ? unix_to_pal_error(ERRNO(ret)) : ret;
  545. }
  546. void load_gdb_command (const char * command);
  547. static int sgx_ocall_load_debug(void * pms)
  548. {
  549. const char * command = (const char *) pms;
  550. ODEBUG(OCALL_LOAD_DEBUG, (void *) command);
  551. load_gdb_command(command);
  552. return 0;
  553. }
  554. void * ocall_table[OCALL_NR] = {
  555. [OCALL_EXIT] = (void *) sgx_ocall_exit,
  556. [OCALL_PRINT_STRING] = (void *) sgx_ocall_print_string,
  557. [OCALL_ALLOC_UNTRUSTED] = (void *) sgx_ocall_alloc_untrusted,
  558. [OCALL_MAP_UNTRUSTED] = (void *) sgx_ocall_map_untrusted,
  559. [OCALL_UNMAP_UNTRUSTED] = (void *) sgx_ocall_unmap_untrusted,
  560. [OCALL_CPUID] = (void *) sgx_ocall_cpuid,
  561. [OCALL_OPEN] = (void *) sgx_ocall_open,
  562. [OCALL_CLOSE] = (void *) sgx_ocall_close,
  563. [OCALL_READ] = (void *) sgx_ocall_read,
  564. [OCALL_WRITE] = (void *) sgx_ocall_write,
  565. [OCALL_FSTAT] = (void *) sgx_ocall_fstat,
  566. [OCALL_FIONREAD] = (void *) sgx_ocall_fionread,
  567. [OCALL_FSETNONBLOCK] = (void *) sgx_ocall_fsetnonblock,
  568. [OCALL_FCHMOD] = (void *) sgx_ocall_fchmod,
  569. [OCALL_FSYNC] = (void *) sgx_ocall_fsync,
  570. [OCALL_FTRUNCATE] = (void *) sgx_ocall_ftruncate,
  571. [OCALL_MKDIR] = (void *) sgx_ocall_mkdir,
  572. [OCALL_GETDENTS] = (void *) sgx_ocall_getdents,
  573. [OCALL_WAKE_THREAD] = (void *) sgx_ocall_wake_thread,
  574. [OCALL_CREATE_PROCESS] = (void *) sgx_ocall_create_process,
  575. [OCALL_FUTEX] = (void *) sgx_ocall_futex,
  576. [OCALL_SOCKETPAIR] = (void *) sgx_ocall_socketpair,
  577. [OCALL_SOCK_LISTEN] = (void *) sgx_ocall_sock_listen,
  578. [OCALL_SOCK_ACCEPT] = (void *) sgx_ocall_sock_accept,
  579. [OCALL_SOCK_CONNECT] = (void *) sgx_ocall_sock_connect,
  580. [OCALL_SOCK_RECV] = (void *) sgx_ocall_sock_recv,
  581. [OCALL_SOCK_SEND] = (void *) sgx_ocall_sock_send,
  582. [OCALL_SOCK_RECV_FD] = (void *) sgx_ocall_sock_recv_fd,
  583. [OCALL_SOCK_SEND_FD] = (void *) sgx_ocall_sock_send_fd,
  584. [OCALL_SOCK_SETOPT] = (void *) sgx_ocall_sock_setopt,
  585. [OCALL_SOCK_SHUTDOWN] = (void *) sgx_ocall_sock_shutdown,
  586. [OCALL_GETTIME] = (void *) sgx_ocall_gettime,
  587. [OCALL_SLEEP] = (void *) sgx_ocall_sleep,
  588. [OCALL_POLL] = (void *) sgx_ocall_poll,
  589. [OCALL_RENAME] = (void *) sgx_ocall_rename,
  590. [OCALL_DELETE] = (void *) sgx_ocall_delete,
  591. [OCALL_LOAD_DEBUG] = (void *) sgx_ocall_load_debug,
  592. };
  593. #define EDEBUG(code, ms) do {} while (0)
  594. int ecall_enclave_start (const char ** arguments, const char ** environments)
  595. {
  596. ms_ecall_enclave_start_t ms;
  597. ms.ms_arguments = arguments;
  598. ms.ms_environments = environments;
  599. ms.ms_sec_info = PAL_SEC();
  600. EDEBUG(ECALL_ENCLAVE_START, &ms);
  601. return sgx_ecall(ECALL_ENCLAVE_START, &ms);
  602. }
  603. int ecall_thread_start (void)
  604. {
  605. EDEBUG(ECALL_THREAD_START, NULL);
  606. return sgx_ecall(ECALL_THREAD_START, NULL);
  607. }
  608. void __abort(void) {
  609. INLINE_SYSCALL(exit_group, 1, -1);
  610. }