12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151 |
- #include <pal_linux.h>
- #include <pal_linux_error.h>
- #include <pal_rtld.h>
- #include <hex.h>
- #include "sgx_internal.h"
- #include "sgx_tls.h"
- #include "sgx_enclave.h"
- #include "debugger/sgx_gdb.h"
- #include <asm/fcntl.h>
- #include <asm/socket.h>
- #include <linux/fs.h>
- #include <linux/in.h>
- #include <linux/in6.h>
- #include <asm/errno.h>
- #include <ctype.h>
- #include <sysdep.h>
- #include <sysdeps/generic/ldsodefs.h>
- size_t g_page_size = PRESET_PAGESIZE;
- struct pal_enclave pal_enclave;
- static inline
- char * alloc_concat(const char * p, size_t plen,
- const char * s, size_t slen)
- {
- plen = (plen != (size_t)-1) ? plen : (p ? strlen(p) : 0);
- slen = (slen != (size_t)-1) ? slen : (s ? strlen(s) : 0);
- char * buf = malloc(plen + slen + 1);
- if (!buf)
- return NULL;
- if (plen)
- memcpy(buf, p, plen);
- if (slen)
- memcpy(buf + plen, s, slen);
- buf[plen + slen] = '\0';
- return buf;
- }
- static unsigned long parse_int (const char * str)
- {
- unsigned long num = 0;
- int radix = 10;
- char c;
- if (str[0] == '0') {
- str++;
- radix = 8;
- if (str[0] == 'x') {
- str++;
- radix = 16;
- }
- }
- while ((c = *(str++))) {
- int8_t val = hex2dec(c);
- if (val < 0)
- break;
- if ((uint8_t) val >= radix)
- break;
- num = num * radix + (uint8_t) val;
- }
- if (c == 'G' || c == 'g')
- num *= 1024 * 1024 * 1024;
- else if (c == 'M' || c == 'm')
- num *= 1024 * 1024;
- else if (c == 'K' || c == 'k')
- num *= 1024;
- return num;
- }
- static char * resolve_uri (const char * uri, const char ** errstring)
- {
- if (!strstartswith_static(uri, "file:")) {
- *errstring = "Invalid URI";
- return NULL;
- }
- char path_buf[URI_MAX];
- size_t len = URI_MAX;
- int ret = get_norm_path(uri + 5, path_buf, &len);
- if (ret < 0) {
- *errstring = "Invalid URI";
- return NULL;
- }
- return alloc_concat("file:", static_strlen("file:"), path_buf, len);
- }
- static
- int scan_enclave_binary (int fd, unsigned long * base, unsigned long * size,
- unsigned long * entry)
- {
- int ret = 0;
- if (IS_ERR(ret = INLINE_SYSCALL(lseek, 3, fd, 0, SEEK_SET)))
- return -ERRNO(ret);
- char filebuf[FILEBUF_SIZE];
- ret = INLINE_SYSCALL(read, 3, fd, filebuf, FILEBUF_SIZE);
- if (IS_ERR(ret))
- return -ERRNO(ret);
- if ((size_t)ret < sizeof(ElfW(Ehdr)))
- return -ENOEXEC;
- const ElfW(Ehdr) * header = (void *) filebuf;
- const ElfW(Phdr) * phdr = (void *) filebuf + header->e_phoff;
- const ElfW(Phdr) * ph;
- if (memcmp(header->e_ident, ELFMAG, SELFMAG) != 0)
- return -ENOEXEC;
- struct loadcmd {
- ElfW(Addr) mapstart, mapend;
- } loadcmds[16], *c;
- int nloadcmds = 0;
- for (ph = phdr ; ph < &phdr[header->e_phnum] ; ph++)
- if (ph->p_type == PT_LOAD) {
- if (nloadcmds == 16)
- return -EINVAL;
- c = &loadcmds[nloadcmds++];
- c->mapstart = ALLOC_ALIGN_DOWN(ph->p_vaddr);
- c->mapend = ALLOC_ALIGN_UP(ph->p_vaddr + ph->p_memsz);
- }
- *base = loadcmds[0].mapstart;
- *size = loadcmds[nloadcmds - 1].mapend - loadcmds[0].mapstart;
- if (entry)
- *entry = header->e_entry;
- return 0;
- }
- static
- int load_enclave_binary (sgx_arch_secs_t * secs, int fd,
- unsigned long base, unsigned long prot)
- {
- int ret = 0;
- if (IS_ERR(ret = INLINE_SYSCALL(lseek, 3, fd, 0, SEEK_SET)))
- return -ERRNO(ret);
- char filebuf[FILEBUF_SIZE];
- ret = INLINE_SYSCALL(read, 3, fd, filebuf, FILEBUF_SIZE);
- if (IS_ERR(ret))
- return -ERRNO(ret);
- const ElfW(Ehdr) * header = (void *) filebuf;
- const ElfW(Phdr) * phdr = (void *) filebuf + header->e_phoff;
- const ElfW(Phdr) * ph;
- struct loadcmd {
- ElfW(Addr) mapstart, mapend, datastart, dataend, allocend;
- unsigned int mapoff;
- int prot;
- } loadcmds[16], *c;
- int nloadcmds = 0;
- for (ph = phdr ; ph < &phdr[header->e_phnum] ; ph++)
- if (ph->p_type == PT_LOAD) {
- if (nloadcmds == 16)
- return -EINVAL;
- c = &loadcmds[nloadcmds++];
- c->mapstart = ALLOC_ALIGN_DOWN(ph->p_vaddr);
- c->mapend = ALLOC_ALIGN_UP(ph->p_vaddr + ph->p_filesz);
- c->datastart = ph->p_vaddr;
- c->dataend = ph->p_vaddr + ph->p_filesz;
- c->allocend = ph->p_vaddr + ph->p_memsz;
- c->mapoff = ALLOC_ALIGN_DOWN(ph->p_offset);
- c->prot = (ph->p_flags & PF_R ? PROT_READ : 0)|
- (ph->p_flags & PF_W ? PROT_WRITE : 0)|
- (ph->p_flags & PF_X ? PROT_EXEC : 0)|prot;
- }
- base -= loadcmds[0].mapstart;
- for (c = loadcmds; c < &loadcmds[nloadcmds] ; c++) {
- ElfW(Addr) zero = c->dataend;
- ElfW(Addr) zeroend = ALLOC_ALIGN_UP(c->allocend);
- ElfW(Addr) zeropage = ALLOC_ALIGN_UP(zero);
- if (zeroend < zeropage)
- zeropage = zeroend;
- if (c->mapend > c->mapstart) {
- void * addr = (void *) INLINE_SYSCALL(mmap, 6, NULL,
- c->mapend - c->mapstart,
- PROT_READ|PROT_WRITE,
- MAP_PRIVATE | MAP_FILE,
- fd, c->mapoff);
- if (IS_ERR_P(addr))
- return -ERRNO_P(addr);
- if (c->datastart > c->mapstart)
- memset(addr, 0, c->datastart - c->mapstart);
- if (zeropage > zero)
- memset(addr + zero - c->mapstart, 0, zeropage - zero);
- ret = add_pages_to_enclave(secs, (void *) base + c->mapstart, addr,
- c->mapend - c->mapstart,
- SGX_PAGE_REG, c->prot, 0,
- (c->prot & PROT_EXEC) ? "code" : "data");
- INLINE_SYSCALL(munmap, 2, addr, c->mapend - c->mapstart);
- if (ret < 0)
- return ret;
- }
- if (zeroend > zeropage) {
- ret = add_pages_to_enclave(secs, (void *) base + zeropage, NULL,
- zeroend - zeropage,
- SGX_PAGE_REG, c->prot, false, "bss");
- if (ret < 0)
- return ret;
- }
- }
- return 0;
- }
- int initialize_enclave (struct pal_enclave * enclave)
- {
- int ret = 0;
- int enclave_image;
- sgx_arch_token_t enclave_token;
- sgx_arch_enclave_css_t enclave_sigstruct;
- sgx_arch_secs_t enclave_secs;
- unsigned long enclave_entry_addr;
- unsigned long heap_min = DEFAULT_HEAP_MIN;
- /* this array may overflow the stack, so we allocate it in BSS */
- static void* tcs_addrs[MAX_DBG_THREADS];
- enclave_image = INLINE_SYSCALL(open, 3, ENCLAVE_FILENAME, O_RDONLY, 0);
- if (IS_ERR(enclave_image)) {
- SGX_DBG(DBG_E, "Cannot find %s\n", ENCLAVE_FILENAME);
- ret = -ERRNO(enclave_image);
- goto out;
- }
- char cfgbuf[CONFIG_MAX];
- /* Reading sgx.enclave_size from manifest */
- if (get_config(enclave->config, "sgx.enclave_size", cfgbuf, sizeof(cfgbuf)) <= 0) {
- SGX_DBG(DBG_E, "Enclave size is not specified\n");
- ret = -EINVAL;
- goto out;
- }
- enclave->size = parse_int(cfgbuf);
- if (!enclave->size || !IS_POWER_OF_2(enclave->size)) {
- SGX_DBG(DBG_E, "Enclave size not a power of two (an SGX-imposed requirement)\n");
- ret = -EINVAL;
- goto out;
- }
- /* Reading sgx.thread_num from manifest */
- if (get_config(enclave->config, "sgx.thread_num", cfgbuf, sizeof(cfgbuf)) > 0) {
- enclave->thread_num = parse_int(cfgbuf);
- if (enclave->thread_num > MAX_DBG_THREADS) {
- SGX_DBG(DBG_E, "Too many threads to debug\n");
- ret = -EINVAL;
- goto out;
- }
- } else {
- enclave->thread_num = 1;
- }
- if (get_config(enclave->config, "sgx.static_address", cfgbuf, sizeof(cfgbuf)) > 0 && cfgbuf[0] == '1') {
- enclave->baseaddr = ALIGN_DOWN_POW2(heap_min, enclave->size);
- } else {
- enclave->baseaddr = ENCLAVE_HIGH_ADDRESS;
- heap_min = 0;
- }
- ret = read_enclave_token(enclave->token, &enclave_token);
- if (ret < 0) {
- SGX_DBG(DBG_E, "Reading enclave token failed: %d\n", -ret);
- goto out;
- }
- ret = read_enclave_sigstruct(enclave->sigfile, &enclave_sigstruct);
- if (ret < 0) {
- SGX_DBG(DBG_E, "Reading enclave sigstruct failed: %d\n", -ret);
- goto out;
- }
- memset(&enclave_secs, 0, sizeof(enclave_secs));
- enclave_secs.base = enclave->baseaddr;
- enclave_secs.size = enclave->size;
- ret = create_enclave(&enclave_secs, &enclave_token);
- if (ret < 0) {
- SGX_DBG(DBG_E, "Creating enclave failed: %d\n", -ret);
- goto out;
- }
- enclave->ssaframesize = enclave_secs.ssa_frame_size * g_page_size;
- struct stat stat;
- ret = INLINE_SYSCALL(fstat, 2, enclave->manifest, &stat);
- if (IS_ERR(ret)) {
- SGX_DBG(DBG_E, "Reading manifest file's size failed: %d\n", -ret);
- ret = -ERRNO(ret);
- goto out;
- }
- int manifest_size = stat.st_size;
- /* Start populating enclave memory */
- struct mem_area {
- const char * desc;
- bool skip_eextend;
- int fd;
- bool is_binary; /* only meaningful if fd != -1 */
- unsigned long addr, size, prot;
- enum sgx_page_type type;
- };
- struct mem_area * areas =
- __alloca(sizeof(areas[0]) * (10 + enclave->thread_num));
- int area_num = 0;
- /* The manifest needs to be allocated at the upper end of the enclave
- * memory. That's used by pal_linux_main to find the manifest area. So add
- * it first to the list with memory areas. */
- areas[area_num] = (struct mem_area) {
- .desc = "manifest", .skip_eextend = false, .fd = enclave->manifest,
- .is_binary = false, .addr = 0, .size = ALLOC_ALIGN_UP(manifest_size),
- .prot = PROT_READ, .type = SGX_PAGE_REG
- };
- area_num++;
- areas[area_num] = (struct mem_area) {
- .desc = "ssa", .skip_eextend = false, .fd = -1,
- .is_binary = false, .addr = 0,
- .size = enclave->thread_num * enclave->ssaframesize * SSAFRAMENUM,
- .prot = PROT_READ | PROT_WRITE, .type = SGX_PAGE_REG
- };
- struct mem_area* ssa_area = &areas[area_num++];
- areas[area_num] = (struct mem_area) {
- .desc = "tcs", .skip_eextend = false, .fd = -1,
- .is_binary = false, .addr = 0, .size = enclave->thread_num * g_page_size,
- .prot = 0, .type = SGX_PAGE_TCS
- };
- struct mem_area* tcs_area = &areas[area_num++];
- areas[area_num] = (struct mem_area) {
- .desc = "tls", .skip_eextend = false, .fd = -1,
- .is_binary = false, .addr = 0, .size = enclave->thread_num * g_page_size,
- .prot = PROT_READ | PROT_WRITE, .type = SGX_PAGE_REG
- };
- struct mem_area* tls_area = &areas[area_num++];
- struct mem_area* stack_areas = &areas[area_num]; /* memorize for later use */
- for (uint32_t t = 0; t < enclave->thread_num; t++) {
- areas[area_num] = (struct mem_area) {
- .desc = "stack", .skip_eextend = false, .fd = -1,
- .is_binary = false, .addr = 0, .size = ENCLAVE_STACK_SIZE,
- .prot = PROT_READ | PROT_WRITE, .type = SGX_PAGE_REG
- };
- area_num++;
- }
- areas[area_num] = (struct mem_area) {
- .desc = "pal", .skip_eextend = false, .fd = enclave_image,
- .is_binary = true, .addr = 0, .size = 0 /* set below */,
- .prot = 0, .type = SGX_PAGE_REG
- };
- struct mem_area* pal_area = &areas[area_num++];
- ret = scan_enclave_binary(enclave_image, &pal_area->addr, &pal_area->size, &enclave_entry_addr);
- if (ret < 0) {
- SGX_DBG(DBG_E, "Scanning Pal binary (%s) failed: %d\n", ENCLAVE_FILENAME, -ret);
- goto out;
- }
- struct mem_area* exec_area = NULL;
- if (enclave->exec != -1) {
- areas[area_num] = (struct mem_area) {
- .desc = "exec", .skip_eextend = false, .fd = enclave->exec,
- .is_binary = true, .addr = 0, .size = 0 /* set below */,
- .prot = PROT_WRITE, .type = SGX_PAGE_REG
- };
- exec_area = &areas[area_num++];
- ret = scan_enclave_binary(enclave->exec, &exec_area->addr, &exec_area->size, NULL);
- if (ret < 0) {
- SGX_DBG(DBG_E, "Scanning application binary failed: %d\n", -ret);
- goto out;
- }
- }
- unsigned long populating = enclave->size;
- for (int i = 0 ; i < area_num ; i++) {
- if (areas[i].addr)
- continue;
- areas[i].addr = populating - areas[i].size;
- populating = SATURATED_P_SUB(areas[i].addr, MEMORY_GAP, 0);
- }
- enclave_entry_addr += pal_area->addr;
- if (exec_area) {
- if (exec_area->addr + exec_area->size > pal_area->addr - MEMORY_GAP) {
- SGX_DBG(DBG_E, "Application binary overlaps with Pal binary\n");
- ret = -EINVAL;
- goto out;
- }
- if (exec_area->addr + exec_area->size + MEMORY_GAP < populating) {
- if (populating > heap_min) {
- unsigned long addr = exec_area->addr + exec_area->size + MEMORY_GAP;
- if (addr < heap_min)
- addr = heap_min;
- areas[area_num] = (struct mem_area) {
- .desc = "free", .skip_eextend = true, .fd = -1,
- .is_binary = false, .addr = addr, .size = populating - addr,
- .prot = PROT_READ | PROT_WRITE | PROT_EXEC, .type = SGX_PAGE_REG
- };
- area_num++;
- }
- populating = SATURATED_P_SUB(exec_area->addr, MEMORY_GAP, 0);
- }
- }
- if (populating > heap_min) {
- areas[area_num] = (struct mem_area) {
- .desc = "free", .skip_eextend = true, .fd = -1,
- .is_binary = false, .addr = heap_min, .size = populating - heap_min,
- .prot = PROT_READ | PROT_WRITE | PROT_EXEC, .type = SGX_PAGE_REG
- };
- area_num++;
- }
- for (int i = 0 ; i < area_num ; i++) {
- if (areas[i].fd != -1 && areas[i].is_binary) {
- ret = load_enclave_binary(&enclave_secs, areas[i].fd, areas[i].addr, areas[i].prot);
- if (ret < 0) {
- SGX_DBG(DBG_E, "Loading enclave binary failed: %d\n", -ret);
- goto out;
- }
- continue;
- }
- void * data = NULL;
- if (!strcmp_static(areas[i].desc, "tls")) {
- data = (void *) INLINE_SYSCALL(mmap, 6, NULL, areas[i].size,
- PROT_READ|PROT_WRITE,
- MAP_ANONYMOUS|MAP_PRIVATE, -1, 0);
- if (IS_ERR_P(data) || data == NULL) {
- /* Note that Graphene currently doesn't handle 0x0 addresses */
- SGX_DBG(DBG_E, "Allocating memory for tls pages failed\n");
- goto out;
- }
- for (uint32_t t = 0 ; t < enclave->thread_num ; t++) {
- struct enclave_tls * gs = data + g_page_size * t;
- memset(gs, 0, g_page_size);
- assert(sizeof(*gs) <= g_page_size);
- gs->common.self = (PAL_TCB *)(
- tls_area->addr + g_page_size * t + enclave_secs.base);
- gs->enclave_size = enclave->size;
- gs->tcs_offset = tcs_area->addr + g_page_size * t;
- gs->initial_stack_offset =
- stack_areas[t].addr + ENCLAVE_STACK_SIZE;
- gs->ssa = (void *) ssa_area->addr +
- enclave->ssaframesize * SSAFRAMENUM * t +
- enclave_secs.base;
- gs->gpr = gs->ssa +
- enclave->ssaframesize - sizeof(sgx_pal_gpr_t);
- gs->manifest_size = manifest_size;
- gs->heap_min = (void *) enclave_secs.base + heap_min;
- gs->heap_max = (void *) enclave_secs.base + pal_area->addr - MEMORY_GAP;
- if (exec_area) {
- gs->exec_addr = (void *) enclave_secs.base + exec_area->addr;
- gs->exec_size = exec_area->size;
- }
- gs->thread = NULL;
- }
- } else if (!strcmp_static(areas[i].desc, "tcs")) {
- data = (void *) INLINE_SYSCALL(mmap, 6, NULL, areas[i].size,
- PROT_READ|PROT_WRITE,
- MAP_ANONYMOUS|MAP_PRIVATE, -1, 0);
- if (IS_ERR_P(data) || data == NULL) {
- /* Note that Graphene currently doesn't handle 0x0 addresses */
- SGX_DBG(DBG_E, "Allocating memory for tcs pages failed\n");
- goto out;
- }
- for (uint32_t t = 0 ; t < enclave->thread_num ; t++) {
- sgx_arch_tcs_t * tcs = data + g_page_size * t;
- memset(tcs, 0, g_page_size);
- tcs->ossa = ssa_area->addr +
- enclave->ssaframesize * SSAFRAMENUM * t;
- tcs->nssa = SSAFRAMENUM;
- tcs->oentry = enclave_entry_addr;
- tcs->ofs_base = 0;
- tcs->ogs_base = tls_area->addr + t * g_page_size;
- tcs->ofs_limit = 0xfff;
- tcs->ogs_limit = 0xfff;
- tcs_addrs[t] = (void *) enclave_secs.base + tcs_area->addr + g_page_size * t;
- }
- } else if (areas[i].fd != -1) {
- data = (void *) INLINE_SYSCALL(mmap, 6, NULL, areas[i].size,
- PROT_READ,
- MAP_FILE|MAP_PRIVATE,
- areas[i].fd, 0);
- if (IS_ERR_P(data) || data == NULL) {
- /* Note that Graphene currently doesn't handle 0x0 addresses */
- SGX_DBG(DBG_E, "Allocating memory for file %s failed\n", areas[i].desc);
- goto out;
- }
- }
- ret = add_pages_to_enclave(&enclave_secs, (void *) areas[i].addr, data, areas[i].size,
- areas[i].type, areas[i].prot, areas[i].skip_eextend, areas[i].desc);
- if (data)
- INLINE_SYSCALL(munmap, 2, data, areas[i].size);
- if (ret < 0) {
- SGX_DBG(DBG_E, "Adding pages (%s) to enclave failed: %d\n", areas[i].desc, -ret);
- goto out;
- }
- }
- ret = init_enclave(&enclave_secs, &enclave_sigstruct, &enclave_token);
- if (ret < 0) {
- SGX_DBG(DBG_E, "Initializing enclave failed: %d\n", -ret);
- goto out;
- }
- create_tcs_mapper((void *) enclave_secs.base + tcs_area->addr, enclave->thread_num);
- struct enclave_dbginfo * dbg = (void *)
- INLINE_SYSCALL(mmap, 6, DBGINFO_ADDR,
- sizeof(struct enclave_dbginfo),
- PROT_READ|PROT_WRITE,
- MAP_PRIVATE|MAP_ANONYMOUS|MAP_FIXED,
- -1, 0);
- if (IS_ERR_P(dbg)) {
- SGX_DBG(DBG_E, "Cannot allocate debug information (GDB will not work)\n");
- } else {
- dbg->pid = INLINE_SYSCALL(getpid, 0);
- dbg->base = enclave->baseaddr;
- dbg->size = enclave->size;
- dbg->ssaframesize = enclave->ssaframesize;
- dbg->aep = async_exit_pointer;
- dbg->thread_tids[0] = dbg->pid;
- for (int i = 0 ; i < MAX_DBG_THREADS ; i++)
- dbg->tcs_addrs[i] = tcs_addrs[i];
- }
- ret = 0;
- out:
- if (enclave_image >= 0)
- INLINE_SYSCALL(close, 1, enclave_image);
- return ret;
- }
- static int mcast_s (int port)
- {
- struct sockaddr_in addr;
- int ret = 0;
- addr.sin_family = AF_INET;
- addr.sin_addr.s_addr = INADDR_ANY;
- addr.sin_port = htons(port);
- int fd = INLINE_SYSCALL(socket, 3, AF_INET, SOCK_DGRAM, 0);
- if (IS_ERR(fd))
- return -ERRNO(fd);
- ret = INLINE_SYSCALL(setsockopt, 5, fd, IPPROTO_IP, IP_MULTICAST_IF,
- &addr.sin_addr.s_addr, sizeof(addr.sin_addr.s_addr));
- if (IS_ERR(ret))
- return -ERRNO(ret);
- return fd;
- }
- static int mcast_c (int port)
- {
- int ret = 0, fd;
- struct sockaddr_in addr;
- addr.sin_family = AF_INET;
- addr.sin_addr.s_addr = INADDR_ANY;
- addr.sin_port = htons(port);
- fd = INLINE_SYSCALL(socket, 3, AF_INET, SOCK_DGRAM, 0);
- if (IS_ERR(fd))
- return -ERRNO(fd);
- int reuse = 1;
- INLINE_SYSCALL(setsockopt, 5, fd, SOL_SOCKET, SO_REUSEADDR,
- &reuse, sizeof(reuse));
- ret = INLINE_SYSCALL(bind, 3, fd, &addr, sizeof(addr));
- if (IS_ERR(ret))
- return -ERRNO(ret);
- ret = INLINE_SYSCALL(setsockopt, 5, fd, IPPROTO_IP, IP_MULTICAST_IF,
- &addr.sin_addr.s_addr, sizeof(addr.sin_addr.s_addr));
- if (IS_ERR(ret))
- return -ERRNO(ret);
- inet_pton4(MCAST_GROUP, sizeof(MCAST_GROUP) - 1,
- &addr.sin_addr.s_addr);
- struct ip_mreq group;
- group.imr_multiaddr.s_addr = addr.sin_addr.s_addr;
- group.imr_interface.s_addr = INADDR_ANY;
- ret = INLINE_SYSCALL(setsockopt, 5, fd, IPPROTO_IP, IP_ADD_MEMBERSHIP,
- &group, sizeof(group));
- if (IS_ERR(ret))
- return -ERRNO(ret);
- return fd;
- }
- static unsigned long randval = 0;
- void getrand (void * buffer, size_t size)
- {
- size_t bytes = 0;
- while (bytes + sizeof(uint64_t) <= size) {
- *(uint64_t*) (buffer + bytes) = randval;
- randval = hash64(randval);
- bytes += sizeof(uint64_t);
- }
- if (bytes < size) {
- memcpy(buffer + bytes, &randval, size - bytes);
- randval = hash64(randval);
- }
- }
- static void create_instance (struct pal_sec * pal_sec)
- {
- PAL_NUM id;
- getrand(&id, sizeof(id));
- snprintf(pal_sec->pipe_prefix, sizeof(pal_sec->pipe_prefix), "/graphene/%016lx/", id);
- pal_sec->instance_id = id;
- }
- static int load_manifest (int fd, struct config_store ** config_ptr)
- {
- int ret = 0;
- int nbytes = INLINE_SYSCALL(lseek, 3, fd, 0, SEEK_END);
- if (IS_ERR(nbytes)) {
- SGX_DBG(DBG_E, "Cannot detect size of manifest file\n");
- return -ERRNO(nbytes);
- }
- struct config_store * config = malloc(sizeof(struct config_store));
- if (!config) {
- SGX_DBG(DBG_E, "Not enough memory for config_store of manifest\n");
- return -ENOMEM;
- }
- void * config_raw = (void *)
- INLINE_SYSCALL(mmap, 6, NULL, nbytes, PROT_READ, MAP_PRIVATE, fd, 0);
- if (IS_ERR_P(config_raw)) {
- SGX_DBG(DBG_E, "Cannot mmap manifest file\n");
- ret = -ERRNO_P(config_raw);
- goto out;
- }
- config->raw_data = config_raw;
- config->raw_size = nbytes;
- config->malloc = malloc;
- config->free = NULL;
- const char * errstring = NULL;
- ret = read_config(config, NULL, &errstring);
- if (ret < 0) {
- SGX_DBG(DBG_E, "Cannot read manifest: %s\n", errstring);
- goto out;
- }
- *config_ptr = config;
- ret = 0;
- out:
- if (ret < 0) {
- free(config);
- if (!IS_ERR_P(config_raw))
- INLINE_SYSCALL(munmap, 2, config_raw, nbytes);
- }
- return ret;
- }
- /*
- * Returns the number of online CPUs read from /sys/devices/system/cpu/online, -errno on failure.
- * Understands complex formats like "1,3-5,6".
- */
- static int get_cpu_count(void) {
- int fd = INLINE_SYSCALL(open, 3, "/sys/devices/system/cpu/online", O_RDONLY|O_CLOEXEC, 0);
- if (fd < 0)
- return unix_to_pal_error(ERRNO(fd));
- char buf[64];
- int ret = INLINE_SYSCALL(read, 3, fd, buf, sizeof(buf) - 1);
- if (ret < 0) {
- INLINE_SYSCALL(close, 1, fd);
- return unix_to_pal_error(ERRNO(ret));
- }
- buf[ret] = '\0'; /* ensure null-terminated buf even in partial read */
- char* end;
- char* ptr = buf;
- int cpu_count = 0;
- while (*ptr) {
- while (*ptr == ' ' || *ptr == '\t' || *ptr == ',')
- ptr++;
- int firstint = (int)strtol(ptr, &end, 10);
- if (ptr == end)
- break;
- if (*end == '\0' || *end == ',') {
- /* single CPU index, count as one more CPU */
- cpu_count++;
- } else if (*end == '-') {
- /* CPU range, count how many CPUs in range */
- ptr = end + 1;
- int secondint = (int)strtol(ptr, &end, 10);
- if (secondint > firstint)
- cpu_count += secondint - firstint + 1; // inclusive (e.g., 0-7, or 8-16)
- }
- ptr = end;
- }
- INLINE_SYSCALL(close, 1, fd);
- if (cpu_count == 0)
- return -PAL_ERROR_STREAMNOTEXIST;
- return cpu_count;
- }
- static int load_enclave (struct pal_enclave * enclave,
- int manifest_fd,
- char * manifest_uri,
- char * exec_uri,
- char * args, size_t args_size,
- char * env, size_t env_size,
- bool exec_uri_inferred)
- {
- struct pal_sec * pal_sec = &enclave->pal_sec;
- int ret;
- struct timeval tv;
- #if PRINT_ENCLAVE_STAT == 1
- INLINE_SYSCALL(gettimeofday, 2, &tv, NULL);
- pal_sec->start_time = tv.tv_sec * 1000000UL + tv.tv_usec;
- #endif
- ret = open_gsgx();
- if (ret < 0)
- return ret;
- if (!is_wrfsbase_supported())
- return -EPERM;
- INLINE_SYSCALL(gettimeofday, 2, &tv, NULL);
- randval = tv.tv_sec * 1000000UL + tv.tv_usec;
- pal_sec->pid = INLINE_SYSCALL(getpid, 0);
- pal_sec->uid = INLINE_SYSCALL(getuid, 0);
- pal_sec->gid = INLINE_SYSCALL(getgid, 0);
- int num_cpus = get_cpu_count();
- if (num_cpus < 0) {
- return num_cpus;
- }
- pal_sec->num_cpus = num_cpus;
- #ifdef DEBUG
- size_t env_i = 0;
- while (env_i < env_size) {
- if (!strcmp_static(&env[env_i], "IN_GDB=1")) {
- SGX_DBG(DBG_I, "[ Running under GDB ]\n");
- pal_sec->in_gdb = true;
- } else if (strstartswith_static(&env[env_i], "LD_PRELOAD=")) {
- uint64_t env_i_size = strnlen(&env[env_i], env_size - env_i) + 1;
- memmove(&env[env_i], &env[env_i + env_i_size], env_size - env_i - env_i_size);
- env_size -= env_i_size;
- continue;
- }
- env_i += strnlen(&env[env_i], env_size - env_i) + 1;
- }
- #endif
- enclave->manifest = manifest_fd;
- ret = load_manifest(enclave->manifest, &enclave->config);
- if (ret < 0) {
- SGX_DBG(DBG_E, "Invalid manifest: %s\n", manifest_uri);
- return -EINVAL;
- }
- char cfgbuf[CONFIG_MAX];
- const char * errstring;
- // A manifest can specify an executable with a different base name
- // than the manifest itself. Always give the exec field of the manifest
- // precedence if specified.
- if (get_config(enclave->config, "loader.exec", cfgbuf, sizeof(cfgbuf)) > 0) {
- exec_uri = resolve_uri(cfgbuf, &errstring);
- exec_uri_inferred = false;
- if (!exec_uri) {
- SGX_DBG(DBG_E, "%s: %s\n", errstring, cfgbuf);
- return -EINVAL;
- }
- }
- enclave->exec = INLINE_SYSCALL(open, 3, exec_uri + static_strlen("file:"),
- O_RDONLY|O_CLOEXEC, 0);
- if (IS_ERR(enclave->exec)) {
- if (exec_uri_inferred) {
- // It is valid for an enclave not to have an executable.
- // We need to catch the case where we inferred the executable
- // from the manifest file name, but it doesn't exist, and let
- // the enclave go a bit further. Go ahead and warn the user,
- // though.
- SGX_DBG(DBG_I, "Inferred executable cannot be opened: %s. This may be ok, "
- "or may represent a manifest misconfiguration. This typically "
- "represents advanced usage, and if it is not what you intended, "
- "try setting the loader.exec field in the manifest.\n", exec_uri);
- enclave->exec = -1;
- } else {
- SGX_DBG(DBG_E, "Cannot open executable %s\n", exec_uri);
- return -EINVAL;
- }
- }
- if (get_config(enclave->config, "sgx.sigfile", cfgbuf, sizeof(cfgbuf)) < 0) {
- SGX_DBG(DBG_E, "Sigstruct file not found ('sgx.sigfile' must be specified in manifest)\n");
- return -EINVAL;
- }
- char * sig_uri = resolve_uri(cfgbuf, &errstring);
- if (!sig_uri) {
- SGX_DBG(DBG_E, "%s: %s\n", errstring, cfgbuf);
- return -EINVAL;
- }
- if (!strendswith(sig_uri, ".sig")) {
- SGX_DBG(DBG_E, "Invalid sigstruct file URI as %s\n", cfgbuf);
- free(sig_uri);
- return -EINVAL;
- }
- enclave->sigfile = INLINE_SYSCALL(open, 3, sig_uri + static_strlen("file:"),
- O_RDONLY|O_CLOEXEC, 0);
- if (IS_ERR(enclave->sigfile)) {
- SGX_DBG(DBG_E, "Cannot open sigstruct file %s\n", sig_uri);
- free(sig_uri);
- return -EINVAL;
- }
- char * token_uri = alloc_concat(sig_uri, strlen(sig_uri) - static_strlen(".sig"), ".token", -1);
- free(sig_uri);
- if (!token_uri) {
- INLINE_SYSCALL(close, 1, enclave->sigfile);
- return -ENOMEM;
- }
- enclave->token = INLINE_SYSCALL(open, 3, token_uri + static_strlen("file:"),
- O_RDONLY|O_CLOEXEC, 0);
- if (IS_ERR(enclave->token)) {
- SGX_DBG(DBG_E, "Cannot open token \'%s\'. Use \'"
- PAL_FILE("pal-sgx-get-token")
- "\' on the runtime host or run \'make SGX=1 sgx-tokens\' "
- "in the Graphene source to create the token file.\n",
- token_uri);
- free(token_uri);
- return -EINVAL;
- }
- SGX_DBG(DBG_I, "Token file: %s\n", token_uri);
- free(token_uri);
- ret = initialize_enclave(enclave);
- if (ret < 0)
- return ret;
- if (!pal_sec->instance_id)
- create_instance(&enclave->pal_sec);
- memcpy(pal_sec->manifest_name, manifest_uri, strlen(manifest_uri) + 1);
- if (enclave->exec == -1) {
- memset(pal_sec->exec_name, 0, sizeof(PAL_SEC_STR));
- } else {
- memcpy(pal_sec->exec_name, exec_uri, strlen(exec_uri) + 1);
- }
- if (!pal_sec->mcast_port) {
- unsigned short mcast_port;
- getrand(&mcast_port, sizeof(unsigned short));
- pal_sec->mcast_port = mcast_port > 1024 ? mcast_port : mcast_port + 1024;
- }
- if ((ret = mcast_s(pal_sec->mcast_port)) >= 0) {
- pal_sec->mcast_srv = ret;
- if ((ret = mcast_c(pal_sec->mcast_port)) >= 0) {
- pal_sec->mcast_cli = ret;
- } else {
- INLINE_SYSCALL(close, 1, pal_sec->mcast_srv);
- pal_sec->mcast_srv = 0;
- }
- }
- ret = sgx_signal_setup();
- if (ret < 0)
- return ret;
- ret = init_aesm_targetinfo(&pal_sec->aesm_targetinfo);
- if (ret < 0)
- return ret;
- void* alt_stack = (void*)INLINE_SYSCALL(mmap, 6, NULL, ALT_STACK_SIZE,
- PROT_READ | PROT_WRITE,
- MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
- if (IS_ERR_P(alt_stack))
- return -ENOMEM;
- /* initialize TCB at the top of the alternative stack */
- PAL_TCB_LINUX* tcb = alt_stack + ALT_STACK_SIZE - sizeof(PAL_TCB_LINUX);
- tcb->common.self = &tcb->common;
- tcb->alt_stack = alt_stack;
- tcb->stack = NULL; /* main thread uses the stack provided by Linux */
- tcb->tcs = NULL; /* initialized by child thread */
- pal_thread_init(tcb);
- /* start running trusted PAL */
- ecall_enclave_start(args, args_size, env, env_size);
- #if PRINT_ENCLAVE_STAT == 1
- PAL_NUM exit_time = 0;
- INLINE_SYSCALL(gettimeofday, 2, &tv, NULL);
- exit_time = tv.tv_sec * 1000000UL + tv.tv_usec;
- #endif
- unmap_tcs();
- INLINE_SYSCALL(munmap, 2, alt_stack, ALT_STACK_SIZE);
- INLINE_SYSCALL(exit, 0);
- return 0;
- }
- /* Grow stack of main thread to THREAD_STACK_SIZE by allocating a large dummy array and probing
- * each stack page (Linux dynamically grows the stack of the main thread but gets confused with
- * huge-jump stack accesses coming from within the enclave). Note that other, non-main threads
- * are created manually via clone(.., THREAD_STACK_SIZE, ..) and thus do not need this hack. */
- static void __attribute__ ((noinline)) force_linux_to_grow_stack() {
- char dummy[THREAD_STACK_SIZE];
- for (uint64_t i = 0; i < sizeof(dummy); i += PRESET_PAGESIZE) {
- /* touch each page on the stack just to make it is not optimized away */
- __asm__ volatile("movq %0, %%rbx\r\n"
- "movq (%%rbx), %%rbx\r\n"
- : : "r"(&dummy[i]) : "%rbx");
- }
- }
- int main (int argc, char ** argv, char ** envp)
- {
- char * manifest_uri = NULL;
- char * exec_uri = NULL;
- const char * pal_loader = argv[0];
- int fd = -1;
- int ret = 0;
- bool exec_uri_inferred = false; // Handle the case where the exec uri is
- // inferred from the manifest name somewhat
- // differently
- force_linux_to_grow_stack();
- argc--;
- argv++;
- int is_child = sgx_init_child_process(&pal_enclave.pal_sec);
- if (is_child < 0) {
- ret = is_child;
- goto out;
- }
- if (!is_child) {
- /* occupy PROC_INIT_FD so no one will use it */
- INLINE_SYSCALL(dup2, 2, 0, PROC_INIT_FD);
- if (!argc)
- goto usage;
- if (!strcmp_static(argv[0], "file:")) {
- exec_uri = alloc_concat(argv[0], -1, NULL, -1);
- } else {
- exec_uri = alloc_concat("file:", -1, argv[0], -1);
- }
- } else {
- exec_uri = alloc_concat(pal_enclave.pal_sec.exec_name, -1, NULL, -1);
- }
- if (!exec_uri) {
- ret = -ENOMEM;
- goto out;
- }
- fd = INLINE_SYSCALL(open, 3, exec_uri + static_strlen("file:"), O_RDONLY|O_CLOEXEC, 0);
- if (IS_ERR(fd)) {
- SGX_DBG(DBG_E, "Input file not found: %s\n", exec_uri);
- ret = fd;
- goto usage;
- }
- char file_first_four_bytes[4];
- ret = INLINE_SYSCALL(read, 3, fd, file_first_four_bytes, sizeof(file_first_four_bytes));
- if (IS_ERR(ret)) {
- goto out;
- }
- if (ret != sizeof(file_first_four_bytes)) {
- ret = -EINVAL;
- goto out;
- }
- char manifest_base_name[URI_MAX];
- size_t manifest_base_name_len = sizeof(manifest_base_name);
- ret = get_base_name(exec_uri + static_strlen("file:"), manifest_base_name,
- &manifest_base_name_len);
- if (ret < 0) {
- goto out;
- }
- if (strendswith(manifest_base_name, ".manifest")) {
- if (!strcpy_static(manifest_base_name + manifest_base_name_len, ".sgx",
- sizeof(manifest_base_name) - manifest_base_name_len)) {
- ret = -E2BIG;
- goto out;
- }
- } else if (!strendswith(manifest_base_name, ".manifest.sgx")) {
- if (!strcpy_static(manifest_base_name + manifest_base_name_len, ".manifest.sgx",
- sizeof(manifest_base_name) - manifest_base_name_len)) {
- ret = -E2BIG;
- goto out;
- }
- }
- int manifest_fd = -1;
- if (memcmp(file_first_four_bytes, "\177ELF", sizeof(file_first_four_bytes))) {
- /* exec_uri doesn't refer to ELF executable, so it must refer to the
- * manifest. Verify this and update exec_uri with the manifest suffix
- * removed.
- */
- size_t exec_uri_len = strlen(exec_uri);
- if (strendswith(exec_uri, ".manifest")) {
- exec_uri[exec_uri_len - static_strlen(".manifest")] = '\0';
- } else if (strendswith(exec_uri, ".manifest.sgx")) {
- INLINE_SYSCALL(lseek, 3, fd, 0, SEEK_SET);
- manifest_fd = fd;
- exec_uri[exec_uri_len - static_strlen(".manifest.sgx")] = '\0';
- } else {
- SGX_DBG(DBG_E, "Invalid manifest file specified: %s\n", exec_uri);
- goto usage;
- }
- exec_uri_inferred = true;
- }
- if (manifest_fd == -1) {
- INLINE_SYSCALL(close, 1, fd);
- fd = manifest_fd = INLINE_SYSCALL(open, 3, manifest_base_name, O_RDONLY|O_CLOEXEC, 0);
- if (IS_ERR(fd)) {
- SGX_DBG(DBG_E, "Cannot open manifest file: %s\n", manifest_base_name);
- goto usage;
- }
- }
- manifest_uri = alloc_concat("file:", static_strlen("file:"), manifest_base_name, -1);
- if (!manifest_uri) {
- ret = -ENOMEM;
- goto out;
- }
- SGX_DBG(DBG_I, "Manifest file: %s\n", manifest_uri);
- if (exec_uri_inferred)
- SGX_DBG(DBG_I, "Inferred executable file: %s\n", exec_uri);
- else
- SGX_DBG(DBG_I, "Executable file: %s\n", exec_uri);
- /*
- * While C does not guarantee that the argv[i] and envp[i] strings are
- * continuous we know that we are running on Linux, which does this. This
- * saves us creating a copy of all argv and envp strings.
- */
- char * args = argv[0];
- size_t args_size = argc > 0 ? (argv[argc - 1] - argv[0]) + strlen(argv[argc - 1]) + 1: 0;
- int envc = 0;
- while (envp[envc] != NULL) {
- envc++;
- }
- char * env = envp[0];
- size_t env_size = envc > 0 ? (envp[envc - 1] - envp[0]) + strlen(envp[envc - 1]) + 1: 0;
- ret = load_enclave(&pal_enclave, manifest_fd, manifest_uri, exec_uri, args, args_size, env, env_size,
- exec_uri_inferred);
- out:
- if (pal_enclave.exec >= 0)
- INLINE_SYSCALL(close, 1, pal_enclave.exec);
- if (pal_enclave.sigfile >= 0)
- INLINE_SYSCALL(close, 1, pal_enclave.sigfile);
- if (pal_enclave.token >= 0)
- INLINE_SYSCALL(close, 1, pal_enclave.token);
- if (!IS_ERR(fd))
- INLINE_SYSCALL(close, 1, fd);
- free(exec_uri);
- free(manifest_uri);
- return ret;
- usage:
- SGX_DBG(DBG_E, "USAGE: %s [executable|manifest] args ...\n", pal_loader);
- ret = -EINVAL;
- goto out;
- }
|