123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008 |
- /*
- * Copyright (C) 2011-2018 Intel Corporation. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- * * Neither the name of Intel Corporation nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
- #include "elfparser.h"
- #include "cpputil.h"
- #include "se_trace.h"
- #include "se_memcpy.h"
- #include "global_data.h"
- #include <sys/mman.h>
- #include <vector>
- #include <tuple>
- namespace {
- /** the callback function to filter a section.
- *
- * @shstrtab: the section header string table
- * @shdr: the current section header to be examined
- * @user_data: user supplied data for the callback
- *
- * @return: true if current section header is what we are looking for.
- */
- typedef bool (* section_filter_f)(const char* shstrtab,
- const ElfW(Shdr)* shdr,
- const void* user_data);
- bool compare_section_name(const char* shstrtab,
- const ElfW(Shdr)* shdr,
- const void* user_data)
- {
- // `shstrtab + shdr->sh_name' is the section name.
- return (!strcmp(shstrtab + shdr->sh_name, (const char*)user_data));
- }
- bool compare_section_addr(const char* shstrtab,
- const ElfW(Shdr)* shdr,
- const void* user_data)
- {
- UNUSED(shstrtab);
- return (shdr->sh_addr == (ElfW(Addr))(size_t)user_data);
- }
- const ElfW(Shdr)* get_section(const ElfW(Ehdr) *elf_hdr,
- section_filter_f f,
- const void* user_data)
- {
- const ElfW(Shdr) *shdr = GET_PTR(ElfW(Shdr), elf_hdr, elf_hdr->e_shoff);
- assert(sizeof(ElfW(Shdr)) == elf_hdr->e_shentsize);
- // section header string table
- const char *shstrtab = GET_PTR(char, elf_hdr, shdr[elf_hdr->e_shstrndx].sh_offset);
- for (unsigned idx = 0; idx < elf_hdr->e_shnum; ++idx, ++shdr)
- {
- SE_TRACE(SE_TRACE_DEBUG, "section [%u] %s: sh_addr = %x, sh_size = %x, sh_offset = %x, sh_name = %x\n",
- idx, shstrtab + shdr->sh_name, shdr->sh_addr, shdr->sh_size, shdr->sh_offset, shdr->sh_name);
- if (f(shstrtab, shdr, user_data))
- return shdr;
- }
- return NULL;
- }
- const ElfW(Shdr)* get_section_by_name(const ElfW(Ehdr) *elf_hdr, const char *name)
- {
- return get_section(elf_hdr, compare_section_name, name);
- }
- const ElfW(Shdr)* get_section_by_addr(const ElfW(Ehdr) *elf_hdr, ElfW(Addr) start_addr)
- {
- return get_section(elf_hdr, compare_section_addr, (const void*)(size_t)start_addr);
- }
- template <typename T>
- const T* get_section_raw_data(const ElfW(Ehdr) *elf_hdr, ElfW(Addr) start_addr)
- {
- const ElfW(Shdr)* shdr = get_section_by_addr(elf_hdr, start_addr);
- if (shdr == NULL)
- return NULL;
- return GET_PTR(T, elf_hdr, shdr->sh_offset);
- }
- bool validate_elf_header(const ElfW(Ehdr) *elf_hdr)
- {
- // validate magic number
- if (memcmp(&elf_hdr->e_ident, ELFMAG, SELFMAG))
- return false;
- #if RTS_SYSTEM_WORDSIZE == 64
- if (ELFCLASS64 != elf_hdr->e_ident[EI_CLASS])
- return false;
- #else
- if (ELFCLASS32 != elf_hdr->e_ident[EI_CLASS])
- return false;
- #endif
- if (ELFDATA2LSB!= elf_hdr->e_ident[EI_DATA])
- return false;
- if (EV_CURRENT != elf_hdr->e_ident[EI_VERSION])
- return false;
- if (ET_DYN != elf_hdr->e_type)
- return false;
- if (sizeof(ElfW(Phdr)) != elf_hdr->e_phentsize)
- return false;
- return true;
- }
- bool parse_dyn(const ElfW(Ehdr) *elf_hdr, ElfW(Dyn)* dyn_info)
- {
- const ElfW(Phdr) *prg_hdr = GET_PTR(ElfW(Phdr), elf_hdr, elf_hdr->e_phoff);
- bool has_dyn = false;
- for (unsigned idx = 0; idx < elf_hdr->e_phnum; ++idx, ++prg_hdr)
- {
- if (PT_DYNAMIC == prg_hdr->p_type)
- {
- const ElfW(Dyn) *dyn_entry = GET_PTR(ElfW(Dyn), elf_hdr, prg_hdr->p_offset);
- // parse dynamic segment
- // An entry with a DT_NULL tag marks the end.
- while (dyn_entry->d_tag != DT_NULL)
- {
- SE_TRACE(SE_TRACE_DEBUG, "dynamic tag = %x, ptr = %x\n", dyn_entry->d_tag, dyn_entry->d_un.d_ptr);
- if (dyn_entry->d_tag < DT_NUM)
- {
- memcpy_s(&dyn_info[dyn_entry->d_tag], sizeof(ElfW(Dyn)), dyn_entry, sizeof(ElfW(Dyn)));
- }
- else if (dyn_entry->d_tag > DT_ADDRRNGLO && dyn_entry->d_tag <= DT_ADDRRNGHI)
- {
- memcpy_s(&dyn_info[DT_ADDRTAGIDX(dyn_entry->d_tag) + DT_NUM], sizeof(ElfW(Dyn)), dyn_entry, sizeof(ElfW(Dyn)));
- }
- dyn_entry++;
- has_dyn = true;
- }
- return has_dyn;
- }
- }
- return false;
- }
- /** Check whether there are undefined symbols and save the address
- * for a few reserved symbols.
- *
- * ELF format defined two symbol tables, `.symtab' and `.dynsym'.
- *
- * `.symtab' is non-allocable, and might be stripped.
- * `.dynsym' is allocable, and only contains global symbols.
- *
- * We only need to search `.dynsym' for undefined symbols.
- */
- bool check_symbol_table(const ElfW(Ehdr) *elf_hdr, const ElfW(Dyn) *dyn_info,
- map<string, uint64_t>& sym_table)
- {
- const ElfW(Shdr) *sh_symtab = get_section_by_addr(elf_hdr, dyn_info[DT_SYMTAB].d_un.d_ptr);
- if (sh_symtab == NULL)
- {
- // We must at least have "enclave_entry"
- SE_TRACE(SE_TRACE_WARNING, "There is no .dynsym section");
- return false;
- }
- if (sh_symtab->sh_entsize == 0)
- {
- SE_TRACE(SE_TRACE_WARNING, "In section .dynsym, sh_entsize is 0.");
- return false;
- }
- const ElfW(Sym) *symtab = GET_PTR(ElfW(Sym), elf_hdr, sh_symtab->sh_offset);
- uint32_t sym_num = (uint32_t)(sh_symtab->sh_size/sh_symtab->sh_entsize);
- const char *strtab = get_section_raw_data<char>(elf_hdr, dyn_info[DT_STRTAB].d_un.d_ptr);
- // We only store "enclave_entry", "g_global_data_sim" and "g_peak_heap_used".
- // To export new symbols, add them here.
- //
- // "g_global_data_sim" is needed so that we can check that whether
- // an simulated enclave is given when running an HW loader.
- const char* str[] = { "enclave_entry", "g_global_data_sim", "g_peak_heap_used", "g_global_data" };
- // The first entry is reserved, and must be all zeros
- for (uint32_t idx = 1; idx < sym_num; ++idx)
- {
- // st_name == 0 indicates the symble table entry has no name.
- if (symtab[idx].st_name == 0) continue;
- const char* sym = strtab + symtab[idx].st_name;
- if (sym == NULL)
- {
- SE_TRACE(SE_TRACE_WARNING, "Malformed enclave with NULL symbol name\n");
- return false;
- }
- if (SHN_UNDEF == symtab[idx].st_shndx
- && STB_WEAK != ELFW(ST_BIND)(symtab[idx].st_info))
- {
- SE_TRACE(SE_TRACE_WARNING, "symbol '%s' is undefined\n", sym);
- return false;
- }
- #define SYMBOL_NUM (ARRAY_LENGTH(str))
- for (size_t i = 0; i < SYMBOL_NUM; ++i)
- {
- if (0 == strcmp(str[i], sym))
- {
- sym_table[sym] = (uint64_t)symtab[idx].st_value;
- }
- }
- }
- // If the enclave if compiled/linked with -fpie/-pie, and setting the
- // enclave entry to `enclave_entry', the `st_name' for `enclave_entry'
- // will be 0 in `.dynsym'.
- map<string, uint64_t>::const_iterator it = sym_table.find("enclave_entry");
- if (it == sym_table.end())
- {
- sym_table["enclave_entry"] = (uint64_t)elf_hdr->e_entry;
- }
- return true;
- }
- bool do_validate_reltab(const ElfW(Rel) *reltab, size_t nr_rel)
- {
- if (reltab == NULL && nr_rel != 0) return false;
- #if RTS_SYSTEM_WORDSIZE == 64
- const ElfW(Rel) *rela = reltab;
- for (unsigned idx = 0; idx < nr_rel; idx++, rela++)
- {
- switch (ELF64_R_TYPE(rela->r_info))
- {
- case R_X86_64_RELATIVE:
- break;
- case R_X86_64_GLOB_DAT:
- case R_X86_64_JUMP_SLOT:
- case R_X86_64_64:
- break;
- case R_X86_64_NONE:
- break;
- case R_X86_64_DTPMOD64:
- case R_X86_64_DTPOFF64:
- case R_X86_64_TPOFF64:
- break;
- #else
- const ElfW(Rel) *rel = reltab;
- for (unsigned idx = 0; idx < nr_rel; idx++, rel++)
- {
- switch (ELF32_R_TYPE(rel->r_info))
- {
- case R_386_RELATIVE: /* B+A */
- break;
- case R_386_GLOB_DAT:
- case R_386_JMP_SLOT: /* S */
- break;
- case R_386_32: /* S+A */
- break;
- case R_386_PC32: /* S+A-P */
- break;
- case R_386_NONE:
- break;
- case R_386_TLS_DTPMOD32:
- break;
- case R_386_TLS_DTPOFF32:
- break;
- case R_386_TLS_TPOFF:
- break;
- case R_386_TLS_TPOFF32:
- break;
- #endif
- default: /* unsupported relocs */
- SE_TRACE(SE_TRACE_WARNING, "unsupported relocation type detected\n");
- return false;
- }
- }
- return true;
- }
- bool validate_reltabs(const ElfW(Ehdr) *elf_hdr, const ElfW(Dyn) *dyn_info)
- {
- #if RTS_SYSTEM_WORDSIZE == 64
- // The relocation struct must be rela on x64.
- if (dyn_info[DT_REL].d_un.d_ptr)
- {
- SE_TRACE(SE_TRACE_WARNING, "Rel struct detected on x64\n");
- return false;
- }
- #else
- // The relocation struct must be rel on x86.
- if (dyn_info[DT_RELA].d_un.d_ptr)
- {
- SE_TRACE(SE_TRACE_WARNING, "Rela struct detected on x86\n");
- return false;
- }
- #endif
- const ElfW(Rel) *reltab = get_section_raw_data<ElfW(Rel)>(elf_hdr, dyn_info[RTS_DT_REL].d_un.d_ptr);
- const ElfW(Word) reltab_sz = (ElfW(Word))dyn_info[RTS_DT_RELSZ].d_un.d_val;
- const ElfW(Rel) *jmpreltab = get_section_raw_data<ElfW(Rel)>(elf_hdr, dyn_info[DT_JMPREL].d_un.d_ptr);
- const ElfW(Word) jmpreltab_sz = (ElfW(Word))dyn_info[DT_PLTRELSZ].d_un.d_val;
- return (do_validate_reltab(reltab, reltab_sz / sizeof(ElfW(Rel)))
- && do_validate_reltab(jmpreltab, jmpreltab_sz / sizeof(ElfW(Rel))));
- }
- bool has_ctor_section(const ElfW(Ehdr) *elf_hdr)
- {
- const ElfW(Shdr) *shdr = get_section_by_name(elf_hdr, ".ctors");
- if (NULL == shdr) return false;
- se_trace(SE_TRACE_ERROR, "ERROR: .ctors section is found, global initializers will not be invoked correctly!\n");
- return true;
- }
- inline bool is_tls_segment(const ElfW(Phdr)* prg_hdr)
- {
- return (PT_TLS == prg_hdr->p_type);
- }
- bool get_meta_property(const uint8_t *start_addr, const ElfW(Ehdr) *elf_hdr, uint64_t &meta_offset, uint64_t &meta_block_size)
- {
- const ElfW(Shdr)* shdr = get_section_by_name(elf_hdr, ".note.sgxmeta");
- if (shdr == NULL)
- {
- se_trace(SE_TRACE_ERROR, "ERROR: The enclave image should have '.note.sgxmeta' section\n");
- return false;
- }
- /* We require that enclaves should have .note.sgxmeta section to store the metadata information
- * We limit this section is used for metadata only and ISV should not extend this section.
- *
- * .note.sgxmeta layout:
- *
- * | namesz |
- * | metadata size |
- * | type |
- * | name |
- * | metadata |
- */
- const ElfW(Note) *note = GET_PTR(ElfW(Note), start_addr, shdr->sh_offset);
- assert(note != NULL);
- if (shdr->sh_size != ROUND_TO(sizeof(ElfW(Note)) + note->namesz + note->descsz, shdr->sh_addralign ))
- {
- se_trace(SE_TRACE_ERROR, "ERROR: The '.note.sgxmeta' section size is not correct.\n");
- return false;
- }
-
- const char * meta_name = "sgx_metadata";
- if (note->namesz != (strlen(meta_name)+1) || memcmp(GET_PTR(void, start_addr, shdr->sh_offset + sizeof(ElfW(Note))), meta_name, note->namesz))
- {
- se_trace(SE_TRACE_ERROR, "ERROR: The note in the '.note.sgxmeta' section must be named as \"sgx_metadata\"\n");
- return false;
- }
- meta_offset = static_cast<uint64_t>(shdr->sh_offset + sizeof(ElfW(Note)) + note->namesz);
- meta_block_size = note->descsz;
- return true;
- }
- bool validate_segment(const ElfW(Ehdr) *elf_hdr, uint64_t len)
- {
- const ElfW(Phdr) *prg_hdr = GET_PTR(ElfW(Phdr), elf_hdr, elf_hdr->e_phoff);
- assert(sizeof(ElfW(Phdr)) == elf_hdr->e_phentsize);
- std::vector< std::pair<ElfW(Addr), ElfW(Addr)> > load_seg(elf_hdr->e_phnum, std::make_pair(0, 0));
- int k = 0;
- for (int idx = 0; idx < elf_hdr->e_phnum; idx++, prg_hdr++)
- {
- /* Validate the size of the buffer */
- if (len < (uint64_t)prg_hdr->p_offset + prg_hdr->p_filesz)
- return false;
- if (PT_LOAD == prg_hdr->p_type)
- {
- // The default align is max page size. On x86-64, the max page size is 2M, but EPC page size is 4K,
- // so in x86-64, we just treat it as EPC page size. The (2M - 4K) size is not eadded. We leave it
- // as a hole.
- if (!IS_PAGE_ALIGNED(prg_hdr->p_align))
- {
- SE_TRACE(SE_TRACE_WARNING, "A segment is not PAGE aligned, alignment = %x\n", prg_hdr->p_align);
- return false;
- }
- // Verify the overlap of segment. we don't verify here, because a well compiled file has no overlapped segment.
- load_seg[k].first = prg_hdr->p_vaddr;
- load_seg[k].second = ROUND_TO(prg_hdr->p_vaddr + prg_hdr->p_memsz, prg_hdr->p_align) - 1;
- for (int j = 0; j < k; j++)
- {
- if (is_overlap(load_seg[k], load_seg[j]))
- {
- SE_TRACE(SE_TRACE_WARNING, "there is overlap segment [%x : %x] [%x : %x]\n",
- load_seg[k].first, load_seg[k].second, load_seg[j].first, load_seg[j].second);
- return false;
- }
- }
- k++;
- }
- }
- return true;
- }
- bool get_bin_fmt(const ElfW(Ehdr) *elf_hdr, bin_fmt_t& bf)
- {
- switch(elf_hdr->e_machine)
- {
- #if RTS_SYSTEM_WORDSIZE == 32
- case EM_386:
- bf = BF_ELF32;
- return true;
- #endif
- #if RTS_SYSTEM_WORDSIZE == 64
- case EM_X86_64:
- bf = BF_ELF64;
- return true;
- #endif
- }
- return false;
- }
- si_flags_t page_attr_to_si_flags(uint32_t page_attr)
- {
- si_flags_t res = SI_FLAG_REG;
- if (page_attr & PF_R)
- res |= SI_FLAG_R;
- if (page_attr & PF_W)
- res |= SI_FLAG_W;
- if (page_attr & PF_X)
- res |= SI_FLAG_X;
- return res;
- }
- Section* build_section(const uint8_t* raw_data, uint64_t size, uint64_t virtual_size,
- uint64_t rva, uint32_t page_attr)
- {
- si_flags_t sf = page_attr_to_si_flags(page_attr);
- if (sf != SI_FLAG_REG)
- return new Section(raw_data, size, virtual_size, rva, sf);
- return NULL;
- }
- bool build_regular_sections(const uint8_t* start_addr,
- vector<Section *>& sections,
- const Section*& tls_sec,
- uint64_t& metadata_offset,
- uint64_t& metadata_block_size)
- {
- const ElfW(Ehdr) *elf_hdr = (const ElfW(Ehdr) *)start_addr;
- const ElfW(Phdr) *prg_hdr = GET_PTR(ElfW(Phdr), start_addr, elf_hdr->e_phoff);
- uint64_t virtual_size = 0, alignment = 0, aligned_virtual_size = 0;
- if (get_meta_property(start_addr, elf_hdr, metadata_offset, metadata_block_size) == false)
- return false;
- for (unsigned idx = 0; idx < elf_hdr->e_phnum; ++idx, ++prg_hdr)
- {
- Section* sec = NULL;
- switch (prg_hdr->p_type)
- {
- case PT_LOAD:
- sec = build_section(GET_PTR(uint8_t, start_addr, prg_hdr->p_offset),
- (uint64_t)prg_hdr->p_filesz, (uint64_t)prg_hdr->p_memsz,
- (uint64_t)prg_hdr->p_vaddr, (uint32_t) prg_hdr->p_flags);
- break;
- case PT_TLS:
- virtual_size = (uint64_t)prg_hdr->p_memsz;
- alignment = (uint64_t)prg_hdr->p_align;
- /* according to ELF spec, alignment equals zero or one means no align requirement */
- if (alignment == 0 || alignment == 1)
- aligned_virtual_size = virtual_size;
- else
- aligned_virtual_size = (virtual_size + alignment - 1) & (~(alignment - 1));
- sec = build_section(GET_PTR(uint8_t, start_addr, prg_hdr->p_offset),
- (uint64_t)prg_hdr->p_filesz, aligned_virtual_size,
- (uint64_t)prg_hdr->p_vaddr, (uint32_t) prg_hdr->p_flags);
- break;
- default:
- continue;
- }
- if (sec == NULL)
- return false;
- /* We've filtered segments that are not of PT_LOAD or PT_TLS type. */
- if (!is_tls_segment(prg_hdr))
- {
- /* A PT_LOAD segment. */
- sections.push_back(sec);
- continue;
- }
- /* It is a TLS segment. */
- tls_sec = sec;
- }
- return true;
- }
- const Section* get_max_rva_section(const vector<Section*> sections)
- {
- size_t sec_size = sections.size();
- if (sec_size == 0)
- return NULL;
- const Section* psec = sections[0];
- for (size_t idx = 1; idx < sec_size; ++idx)
- {
- if (sections[idx]->get_rva() > psec->get_rva())
- psec = sections[idx];
- }
- return psec;
- }
- }
- ElfParser::ElfParser (const uint8_t* start_addr, uint64_t len)
- :m_start_addr(start_addr), m_len(len), m_bin_fmt(BF_UNKNOWN),
- m_tls_section(NULL), m_metadata_offset(0), m_metadata_block_size(0)
- {
- memset(&m_dyn_info, 0, sizeof(m_dyn_info));
- }
- sgx_status_t ElfParser::run_parser()
- {
- /* We only need to run the parser once. */
- if (m_sections.size() != 0) return SGX_SUCCESS;
- const ElfW(Ehdr) *elf_hdr = (const ElfW(Ehdr) *)m_start_addr;
- if (elf_hdr == NULL || m_len < sizeof(ElfW(Ehdr)))
- return SGX_ERROR_INVALID_ENCLAVE;
- /* Check elf header*/
- if (!validate_elf_header(elf_hdr))
- return SGX_ERROR_INVALID_ENCLAVE;
- /* Get and check machine mode */
- if (!get_bin_fmt(elf_hdr, m_bin_fmt))
- return SGX_ERROR_MODE_INCOMPATIBLE;
- /* Check if there is any overlap segment, and make sure the segment is 1 page aligned;
- * TLS segment must exist.
- */
- if (!validate_segment(elf_hdr, m_len))
- return SGX_ERROR_INVALID_ENCLAVE;
- if (!parse_dyn(elf_hdr, &m_dyn_info[0]))
- return SGX_ERROR_INVALID_ENCLAVE;
- /* Check if there is any undefined symbol */
- if (!check_symbol_table(elf_hdr, m_dyn_info, m_sym_table))
- {
- return SGX_ERROR_UNDEFINED_SYMBOL;
- }
- /* Check if there is unexpected relocation type */
- if (!validate_reltabs(elf_hdr, m_dyn_info))
- return SGX_ERROR_INVALID_ENCLAVE;
- /* Check if there is .ctor section */
- if (has_ctor_section(elf_hdr))
- return SGX_ERROR_INVALID_ENCLAVE;
- /* build regular sections */
- if (build_regular_sections(m_start_addr, m_sections, m_tls_section, m_metadata_offset, m_metadata_block_size))
- return SGX_SUCCESS;
- else
- return SGX_ERROR_INVALID_ENCLAVE;
- }
- ElfParser::~ElfParser()
- {
- delete_ptrs_from_container(m_sections);
- if (m_tls_section) delete m_tls_section;
- }
- bin_fmt_t ElfParser::get_bin_format() const
- {
- return m_bin_fmt;
- }
- uint64_t ElfParser::get_enclave_max_size() const
- {
- if(m_bin_fmt == BF_ELF64)
- return ENCLAVE_MAX_SIZE_64;
- else
- return ENCLAVE_MAX_SIZE_32;
- }
- uint64_t ElfParser::get_metadata_offset() const
- {
- return m_metadata_offset;
- }
- uint64_t ElfParser::get_metadata_block_size() const
- {
- return m_metadata_block_size;
- }
- const uint8_t* ElfParser::get_start_addr() const
- {
- return m_start_addr;
- }
- const vector<Section *>& ElfParser::get_sections() const
- {
- return m_sections;
- }
- const Section* ElfParser::get_tls_section() const
- {
- return m_tls_section;
- }
- uint64_t ElfParser::get_symbol_rva(const char* name) const
- {
- map<string, uint64_t>::const_iterator it = m_sym_table.find(name);
- if (it != m_sym_table.end())
- return it->second;
- else
- return 0;
- }
- bool ElfParser::has_text_reloc() const
- {
- if (m_dyn_info[DT_TEXTREL].d_tag)
- {
- return true;
- }
- return false;
- }
- bool ElfParser::get_reloc_bitmap(vector<uint8_t>& bitmap)
- {
- // Clear the `bitmap' so that it is in a known state
- bitmap.clear();
- if (!m_dyn_info[DT_TEXTREL].d_tag)
- return true;
- const ElfW(Ehdr) *elf_hdr = (const ElfW(Ehdr) *)m_start_addr;
- const ElfW(Rel) *rel[4] = { NULL, NULL, NULL, NULL };
- if (m_dyn_info[DT_JMPREL].d_tag)
- {
- rel[2] = get_section_raw_data<ElfW(Rel)>(elf_hdr, m_dyn_info[DT_JMPREL].d_un.d_ptr);
- rel[3] = GET_PTR(const ElfW(Rel), rel[2], m_dyn_info[DT_PLTRELSZ].d_un.d_val);
- }
- if (m_dyn_info[RTS_DT_REL].d_tag)
- {
- rel[0] = get_section_raw_data<ElfW(Rel)>(elf_hdr, m_dyn_info[RTS_DT_REL].d_un.d_ptr);
- rel[1] = GET_PTR(const ElfW(Rel), rel[0], m_dyn_info[RTS_DT_RELSZ].d_un.d_val);
- assert(sizeof(ElfW(Rel)) == m_dyn_info[RTS_DT_RELENT].d_un.d_val);
- }
- // The enclave size mapped in memory is calculated by
- // sec->get_rva() + sec->virtual_size();
- // where the `sec' is the section with maximum RVA value.
- uint64_t image_size = 0;
- const Section* max_rva_sec = get_max_rva_section(this->m_sections);
- if (max_rva_sec == NULL)
- return false;
- image_size = max_rva_sec->get_rva() + max_rva_sec->virtual_size();
- // NOTE:
- // Current enclave size is not beyond 64G, so the type-casting from (uint64>>15) to (size_t) is OK.
- // In the future, if the max enclave size is extended to beyond 1<<49, this type-casting will not work.
- // It only impacts the enclave signing process. (32bit signing tool to sign 64 bit enclaves)
- // allocate bitmap
- bitmap.resize((size_t)((((image_size + (SE_PAGE_SIZE - 1)) >> SE_PAGE_SHIFT) + 7) / 8));
- for (unsigned idx = 0; idx < ARRAY_LENGTH(rel); idx += 2)
- {
- const ElfW(Rel) *rel_entry = rel[idx], *rel_end = rel[idx+1];
- if (NULL == rel_entry)
- continue;
- for (; rel_entry < rel_end; rel_entry++)
- {
- #if RTS_SYSTEM_WORDSIZE == 64
- if (ELF64_R_TYPE(rel_entry->r_info) == R_X86_64_NONE)
- #else
- if (ELF32_R_TYPE(rel_entry->r_info) == R_386_NONE)
- #endif
- continue;
- ElfW(Addr) reloc_addr = rel_entry->r_offset;
- uint64_t page_frame = (uint64_t)(reloc_addr >> SE_PAGE_SHIFT);
- // NOTE:
- // Current enclave size is not beyond 64G, so the type-casting from (uint64>>15) to (size_t) is OK.
- // In the future, if the max enclave size is extended to beyond 1<<49, this type-casting will not work.
- // It only impacts the enclave signing process. (32bit signing tool to sign 64 bit enclaves)
- // If there is more than one relocation in one page, then "|" works as there
- // is only one relocation in one page.
- bitmap[(size_t)(page_frame/8)] = (uint8_t)(bitmap[(size_t)(page_frame/8)] | (uint8_t)(1 << (page_frame % 8)));
- // Check if the relocation across boundary
- if ((reloc_addr & (SE_PAGE_SIZE - 1)) > (SE_PAGE_SIZE - sizeof(sys_word_t)))
- {
- page_frame++;
- bitmap[(size_t)(page_frame/8)] = (uint8_t)(bitmap[(size_t)(page_frame/8)] | (uint8_t)(1 << (page_frame % 8)));
- }
- }
- }
- return true;
- }
- void ElfParser::get_reloc_entry_offset(const char* sec_name, vector<uint64_t>& offsets)
- {
- if (sec_name == NULL)
- return;
- const ElfW(Ehdr) *ehdr = (const ElfW(Ehdr) *)m_start_addr;
- const ElfW(Shdr) *shdr = get_section_by_name(ehdr, sec_name);
- if (shdr == NULL)
- return;
- /* find the start and end offset of the target section */
- const uint64_t start = shdr->sh_addr;
- const uint64_t end = start + shdr->sh_size;
- offsets.clear();
- SE_TRACE(SE_TRACE_DEBUG, "found section '%s' - offset %#lx, size %#lx\n",
- sec_name, (long)start, (long)shdr->sh_size);
- /* iterate sections to find the relocs */
- shdr = GET_PTR(ElfW(Shdr), m_start_addr, ehdr->e_shoff);
- for (unsigned idx = 0; idx < ehdr->e_shnum; ++idx, ++shdr)
- {
- if (shdr->sh_type != SHT_RELA &&
- shdr->sh_type != SHT_REL)
- continue;
- uint64_t rel_size = shdr->sh_size;
- uint64_t rel_offset = shdr->sh_offset;
- uint64_t nr_rel = rel_size / shdr->sh_entsize;
- /* for each reloc, check its target address */
- const ElfW(Rel) *rel = GET_PTR(ElfW(Rel), m_start_addr, rel_offset);
- for (; nr_rel > 0; --nr_rel, ++rel)
- {
- if (rel->r_offset >= start && rel->r_offset < end)
- {
- uint64_t offset = DIFF64(rel, m_start_addr);
- SE_TRACE(SE_TRACE_DEBUG, "found one reloc at offset %#lx\n", offset);
- offsets.push_back(offset);
- }
- }
- }
- }
- #include "se_page_attr.h"
- #include "update_global_data.hxx"
- uint32_t ElfParser::get_global_data_size()
- {
- return (uint32_t)sizeof(global_data_t);
- }
- bool ElfParser::update_global_data(const metadata_t *const metadata,
- const create_param_t* const create_param,
- uint8_t *data,
- uint32_t *data_size)
- {
- if(*data_size < sizeof(global_data_t))
- {
- *data_size = sizeof(global_data_t);
- return false;
- }
- *data_size = sizeof(global_data_t);
- return do_update_global_data(metadata, create_param, (global_data_t *)data);
- }
- sgx_status_t ElfParser::modify_info(enclave_diff_info_t *enclave_diff_info)
- {
- UNUSED(enclave_diff_info);
- return SGX_SUCCESS;
- }
- sgx_status_t ElfParser::get_info(enclave_diff_info_t *enclave_diff_info)
- {
- UNUSED(enclave_diff_info);
- return SGX_SUCCESS;
- }
- void ElfParser::get_executable_sections(vector<const char *>& xsec_names) const
- {
- xsec_names.clear();
- const ElfW(Ehdr) *elf_hdr = (const ElfW(Ehdr) *)m_start_addr;
- const ElfW(Shdr) *shdr = GET_PTR(ElfW(Shdr), elf_hdr, elf_hdr->e_shoff);
- const char *shstrtab = GET_PTR(char, elf_hdr, shdr[elf_hdr->e_shstrndx].sh_offset);
- for (unsigned idx = 0; idx < elf_hdr->e_shnum; ++idx, ++shdr)
- {
- if ((shdr->sh_flags & SHF_EXECINSTR) == SHF_EXECINSTR)
- xsec_names.push_back(shstrtab + shdr->sh_name);
- }
- return;
- }
- bool ElfParser::set_memory_protection(uint64_t enclave_base_addr, bool is_after_initialization)
- {
- uint64_t len = 0;
- int ret = 0;
- uint64_t rva = 0;
- uint64_t rva_end = 0;
- uint64_t last_section_end = 0;
- int prot = 0;
- unsigned int i = 0;
- //for sections
- std::vector<Section*> sections = get_sections();
- for(i = 0; i < sections.size() ; i++)
- {
- //require the sec_info.rva be page aligned, we need handle the first page.
- //the first page;
- uint64_t offset = (sections[i]->get_rva() & (SE_PAGE_SIZE -1));
- uint64_t size = SE_PAGE_SIZE - offset;
- //the raw data may be smaller than the size, we get the min of them
- if(sections[i]->raw_data_size() < size)
- size = sections[i]->raw_data_size();
- len = SE_PAGE_SIZE;
- //if there is more pages, then calc the next paged aligned pages
- if((sections[i]->virtual_size() + offset) > SE_PAGE_SIZE)
- {
- uint64_t raw_data_size = sections[i]->raw_data_size() - size;
- //we need use (SE_PAGE_SIZE - offset), because (SE_PAGE_SIZE - offset) may larger than size
- uint64_t virtual_size = sections[i]->virtual_size() - (SE_PAGE_SIZE - offset);
- len += ROUND_TO_PAGE(raw_data_size);
- if(ROUND_TO_PAGE(virtual_size) > ROUND_TO_PAGE(raw_data_size))
- {
- len += ROUND_TO_PAGE(virtual_size) - ROUND_TO_PAGE(raw_data_size);
- }
- }
- rva = TRIM_TO_PAGE(sections[i]->get_rva()) + enclave_base_addr;
- prot = (int)(sections[i]->get_si_flags()&SI_MASK_MEM_ATTRIBUTE);
- ret = mprotect((void*)rva, (size_t)len, prot);
- if(ret != 0)
- {
- return false;
- }
- //there is a gap between sections, need to set those to NONE access
- if(last_section_end != 0)
- {
- prot = (int)(SI_FLAG_NONE & SI_MASK_MEM_ATTRIBUTE);
- ret = mprotect((void*)last_section_end, (size_t)(rva - last_section_end), prot);
- if(ret != 0)
- {
- return false;
- }
- }
- last_section_end = rva + len;
- }
-
-
- if(is_after_initialization == false)
- {
- return true;
- }
-
- const ElfW(Ehdr) *elf_hdr = (const ElfW(Ehdr) *)m_start_addr;
- const ElfW(Phdr) *prg_hdr = GET_PTR(ElfW(Phdr), elf_hdr, elf_hdr->e_phoff);
- for (int idx = 0; idx < elf_hdr->e_phnum; idx++, prg_hdr++)
- {
- if(prg_hdr->p_type == PT_DYNAMIC ||
- prg_hdr->p_type == PT_GNU_RELRO)
- {
- rva = TRIM_TO_PAGE(enclave_base_addr + prg_hdr->p_vaddr);
- rva_end = ROUND_TO(enclave_base_addr + prg_hdr->p_vaddr + prg_hdr->p_memsz, prg_hdr->p_align);
- len = rva_end - rva;
- prot = (int)(page_attr_to_si_flags(prg_hdr->p_flags) & SI_MASK_MEM_ATTRIBUTE);
- ret = mprotect((void*)rva, (size_t)len, prot);
- if(ret != 0)
- {
- return false;
- }
- }
- }
- return true;
- }
- void ElfParser::get_pages_to_protect(uint64_t enclave_base_addr, std::vector<std::tuple<uint64_t, uint64_t, uint32_t>>& pages_to_protect) const
- {
- uint64_t len = 0;
- uint64_t rva = 0;
- uint64_t rva_end = 0;
- const ElfW(Ehdr) *elf_hdr = (const ElfW(Ehdr) *)m_start_addr;
- const ElfW(Phdr) *prg_hdr = GET_PTR(ElfW(Phdr), elf_hdr, elf_hdr->e_phoff);
- for (int idx = 0; idx < elf_hdr->e_phnum; idx++, prg_hdr++)
- {
- if( (prg_hdr->p_type == PT_GNU_RELRO) ||
- ((prg_hdr->p_type == PT_LOAD) && has_text_reloc() && ((prg_hdr->p_flags & PF_W) == 0)) )
- {
- uint32_t perm = 0;
- rva = TRIM_TO_PAGE(enclave_base_addr + prg_hdr->p_vaddr);
- rva_end = ROUND_TO_PAGE(enclave_base_addr + prg_hdr->p_vaddr + prg_hdr->p_memsz);
- len = rva_end - rva;
- if (prg_hdr->p_flags & PF_R)
- perm |= SI_FLAG_R;
- if (prg_hdr->p_flags & PF_X)
- perm |= SI_FLAG_X;
- pages_to_protect.push_back(std::make_tuple(rva, len, perm));
- }
- }
- }
- bool ElfParser::is_enclave_encrypted() const
- {
- // if enclave is encrypted, enclave must contain section .pcltbl
- const char* sec_name = ".pcltbl";
- const ElfW(Ehdr) *ehdr = (const ElfW(Ehdr) *)m_start_addr;
- return (NULL != get_section_by_name(ehdr, sec_name));
- }
- bool ElfParser::has_init_section() const
- {
- const char * sec_name = ".init";
- const ElfW(Ehdr) *elf_hdr = (const ElfW(Ehdr) *)m_start_addr;
- return (NULL != get_section_by_name(elf_hdr, sec_name));
- }
|