Inicio Explorar Ayuda
Iniciar sesión
miti
/
graphene
1
0
Fork 0
Archivos Incidencias 0 Pull Requests 0 Wiki
Árbol: b194aa17fb
Ramas Etiquetas
graphene
/
Pal
/
src
/
host
/
Linux-SGX
/
enclave_ecalls.c

enclave_ecalls.c 2.8 KB
Histórico Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192 
  1. #include "pal_linux.h"
    2. 

  2. #include "pal_security.h"
    3. 

  3. #include "pal_internal.h"
    4. 

  4. #include <api.h>
    5. 

  5. 

  6. #include "ecall_types.h"
    7. 

  7. 

  8. #define SGX_CAST(type, item) ((type)(item))
    9. 

  9. 

  10. extern void * enclave_base, * enclave_top;
    11. 

  11. 

  12. static struct atomic_int enclave_start_called = ATOMIC_INIT(0);
    13. 

  13. 

  14. 

  15. /*
    16. 

  16.  * Called from enclave_entry.S to execute ecalls.
    17. 

  17.  *
    18. 

  18.  * During normal operation handle_ecall will not return. The exception is that
    19. 

  19.  * it will return if invalid parameters are passed. In this case
    20. 

  20.  * enclave_entry.S will go into an endless loop since a clean return to urts is
    21. 

  21.  * not easy in all cases.
    22. 

  22.  *
    23. 

  23.  * Parameters:
    24. 

  24.  *
    25. 

  25.  *  ecall_index:
    26. 

  26.  *      Number of requested ecall. Untrusted.
    27. 

  27.  *
    28. 

  28.  *  ecall_args:
    29. 

  29.  *      Pointer to arguments for requested ecall. Untrusted.
    30. 

  30.  *
    31. 

  31.  *  exit_target:
    32. 

  32.  *      Address to return to after EEXIT. Untrusted.
    33. 

  33.  *
    34. 

  34.  *  untrusted_stack:
    35. 

  35.  *      Address to urts stack. Restored before EEXIT and used for ocall
    36. 

  36.  *      arguments. Untrusted.
    37. 

  37.  *
    38. 

  38.  *  enclave_base_addr:
    39. 

  39.  *      Base address of enclave. Calculated dynamically in enclave_entry.S.
    40. 

  40.  *      Trusted.
    41. 

  41.  */
    42. 

  42. void handle_ecall (long ecall_index, void * ecall_args, void * exit_target,
    43. 

  43.                    void * untrusted_stack, void * enclave_base_addr)
    44. 

  44. {
    45. 

  45.     if (ecall_index < 0 || ecall_index >= ECALL_NR)
    46. 

  46.         return;
    47. 

  47. 

  48.     if (!enclave_top) {
    49. 

  49.         enclave_base = enclave_base_addr;
    50. 

  50.         enclave_top = enclave_base_addr + GET_ENCLAVE_TLS(enclave_size);
    51. 

  51.     }
    52. 

  52. 

  53.     SET_ENCLAVE_TLS(exit_target,     exit_target);
    54. 

  54.     SET_ENCLAVE_TLS(ustack_top,      untrusted_stack);
    55. 

  55.     SET_ENCLAVE_TLS(ustack,          untrusted_stack);
    56. 

  56.     SET_ENCLAVE_TLS(clear_child_tid, NULL);
    57. 

  57. 

  58.     if (atomic_cmpxchg(&enclave_start_called, 0, 1) == 0) {
    59. 

  59.         // ENCLAVE_START not yet called, so only valid ecall is ENCLAVE_START.
    60. 

  60.         if (ecall_index != ECALL_ENCLAVE_START) {
    61. 

  61.             // To keep things simple, we treat an invalid ecall_index like an
    62. 

  62.             // unsuccessful call to ENCLAVE_START.
    63. 

  63.             return;
    64. 

  64.         }
    65. 

  65. 

  66.         ms_ecall_enclave_start_t * ms =
    67. 

  67.                 (ms_ecall_enclave_start_t *) ecall_args;
    68. 

  68. 

  69.         if (!ms || !sgx_is_completely_outside_enclave(ms, sizeof(*ms))) {
    70. 

  70.             return;
    71. 

  71.         }
    72. 

  72. 

  73.         /* pal_linux_main is responsible to check the passed arguments */
    74. 

  74.         pal_linux_main(ms->ms_args, ms->ms_args_size,
    75. 

  75.                        ms->ms_env, ms->ms_env_size,
    76. 

  76.                        ms->ms_sec_info);
    77. 

  77.     } else {
    78. 

  78.         // ENCLAVE_START already called (maybe successfully, maybe not), so
    79. 

  79.         // only valid ecall is THREAD_START.
    80. 

  80.         if (ecall_index != ECALL_THREAD_START) {
    81. 

  81.             return;
    82. 

  82.         }
    83. 

  83. 

  84.         // Only allow THREAD_START after successful enclave initialization.
    85. 

  85.         if (!(pal_enclave_state.enclave_flags & PAL_ENCLAVE_INITIALIZED)) {
    86. 

  86.             return;
    87. 

  87.         }
    88. 

  88. 

  89.         pal_start_thread();
    90. 

  90.     }
    91. 

  91.     // pal_linux_main and pal_start_thread should never return.
    92. 

  92. }
    93.