Skip to content

Commit

Permalink
v0.9.7 release. Provides sgx_tstd::untrusted
Browse files Browse the repository at this point in the history
  • Loading branch information
Yu Ding committed Feb 13, 2018
1 parent 06936bc commit 6535a00
Show file tree
Hide file tree
Showing 91 changed files with 418 additions and 96 deletions.
3 changes: 3 additions & 0 deletions Readme.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,9 @@
# Rust SGX SDK
Rust SGX SDK helps developers write Intel SGX applications in Rust programming language. [[Paper pdf]](documents/ccsp17.pdf)

## v0.9.7 Release
This version provides a new namespace: `sgx_tstd::untrusted`, including `sgx_tstd::untrusted::fs` `sgx_tstd::untrusted::time` and `sgx_tstd::untrusted::path`, providing supports to operation to ocalls in a **untrusted** namespace. The **untrusted** namespace is always enabled no matter `untrusted_*` is set or not. We **urge** the developers to use the `sgx_tstd::untrusted` namespace to port their crates, instead of enabling the `untrusted_` series of features. Also, we renamed the `untrusted_net` feature to `net` for feature name unification. Please refer to [release_notes](release_notes.md) for further details.

## v0.9.6 Release
This version provides security enhancement for untrusted IO and additional support for monotonic counter. Untrusted IO operations in `sgx_tstd::fs` `sgx_tstd::net` and `sgx_tstd::time` are **DISABLED by default** to reduce the untrusted surface, and can be enabled by features. Trusted time support is moved to `sgx_tservice::sgxtime` and monotonic counter is provided by `sgx_tservice::sgxcounter`. Please refer to [release_notes](release_notes.md) for further details.

Expand Down
5 changes: 5 additions & 0 deletions release_notes.md
Original file line number Diff line number Diff line change
@@ -1,3 +1,8 @@
# Rust SGX SDK v0.9.7 Release Notes
**Provide `sgx_tstd::untrusted` namespace** v0.9.7 provides `sgx_tstd::untrusted::{fs,path,time}` which related to ocall functions. They are always enabled no matter `untrusted_fs` or `untrusted_time` feature is enabled or not. The major concern of providing such a namespace is that we want the developer to know they are invoking ocall related functions which brings **untrusted data** into the trusted execution engine. For the best security practice, explicitly importing from `sgx_tstd::untrusted` is better than enabling feature in `Cargo.toml`. We stress that `untrusted_fs` and `untrusted_time` features are designed to be **contingency plans** and should only be enabled when porting an very complex Rust crate to Rust-SGX enclaves.

**Rename feature `untrusted_net` to `net`** `net` is well-known as untrusted and we think `net` is a better choice and similar to current features: `backtrace` and `stdio`.

# Rust SGX SDK v0.9.6 Release Notes
**Support latest Rust nightly build (nightly-2018-02-05-x86_64-unknown-linux-gnu)**

Expand Down
2 changes: 1 addition & 1 deletion samplecode/backtrace/enclave/Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "Backtracesampleenclave"
version = "0.9.6"
version = "0.9.7"
authors = ["Baidu"]

[lib]
Expand Down
2 changes: 1 addition & 1 deletion samplecode/crypto/enclave/Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "Cryptosampleenclave"
version = "0.9.6"
version = "0.9.7"
authors = ["Baidu"]

[lib]
Expand Down
2 changes: 1 addition & 1 deletion samplecode/file/enclave/Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "Filesampleenclave"
version = "0.9.6"
version = "0.9.7"
authors = ["Baidu"]

[lib]
Expand Down
2 changes: 1 addition & 1 deletion samplecode/hello-rust/app/Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "app"
version = "0.9.6"
version = "0.9.7"
authors = ["duanran01 <duanran01@baidu.com>"]
build = "build.rs"

Expand Down
2 changes: 1 addition & 1 deletion samplecode/hello-rust/enclave/Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "Helloworldsampleenclave"
version = "0.9.6"
version = "0.9.7"
authors = ["Baidu"]

[lib]
Expand Down
2 changes: 1 addition & 1 deletion samplecode/helloworld/enclave/Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "Helloworldsampleenclave"
version = "0.9.6"
version = "0.9.7"
authors = ["Baidu"]

[lib]
Expand Down
2 changes: 1 addition & 1 deletion samplecode/hugemem/enclave/Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "Hugememsampleenclave"
version = "0.9.6"
version = "0.9.7"
authors = ["Baidu"]

[lib]
Expand Down
2 changes: 1 addition & 1 deletion samplecode/localattestation/attestation/Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "attestation"
version = "0.9.6"
version = "0.9.7"
authors = ["Baidu"]

[features]
Expand Down
2 changes: 1 addition & 1 deletion samplecode/localattestation/enclave1/Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "enclave1"
version = "0.9.6"
version = "0.9.7"
authors = ["Baidu"]

[lib]
Expand Down
2 changes: 1 addition & 1 deletion samplecode/localattestation/enclave2/Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "enclave2"
version = "0.9.6"
version = "0.9.7"
authors = ["Baidu"]

[lib]
Expand Down
2 changes: 1 addition & 1 deletion samplecode/localattestation/enclave3/Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "enclave3"
version = "0.9.6"
version = "0.9.7"
authors = ["Baidu"]

[lib]
Expand Down
2 changes: 1 addition & 1 deletion samplecode/machine-learning/app/Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "app"
version = "0.9.6"
version = "0.9.7"
authors = ["duanran01 <duanran01@baidu.com>"]
build = "build.rs"

Expand Down
2 changes: 1 addition & 1 deletion samplecode/machine-learning/enclave/Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "Machinelearningsampleenclave"
version = "0.9.6"
version = "0.9.7"
authors = ["Baidu"]

[lib]
Expand Down
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "RAenclave"
version = "0.9.6"
version = "0.9.7"
authors = ["Baidu"]

[lib]
Expand Down
2 changes: 1 addition & 1 deletion samplecode/sealeddata/enclave/Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "Sealdatasampleenclave"
version = "0.9.6"
version = "0.9.7"
authors = ["Baidu"]

[lib]
Expand Down
2 changes: 1 addition & 1 deletion samplecode/serialize/enclave/Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "Serializesampleenclave"
version = "0.9.6"
version = "0.9.7"
authors = ["Baidu"]

[lib]
Expand Down
2 changes: 1 addition & 1 deletion samplecode/sgxtime/app/Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "app"
version = "0.9.6"
version = "0.9.7"
authors = ["duanran01 <duanran01@baidu.com>"]
build = "build.rs"

Expand Down
2 changes: 1 addition & 1 deletion samplecode/sgxtime/enclave/Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "Sgxtimeenclave"
version = "0.9.6"
version = "0.9.7"
authors = ["Baidu"]

[lib]
Expand Down
2 changes: 1 addition & 1 deletion samplecode/thread/enclave/Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "Threadsampleenclave"
version = "0.9.6"
version = "0.9.7"
authors = ["Baidu"]

[lib]
Expand Down
2 changes: 1 addition & 1 deletion samplecode/tls/tlsclient/app/Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "app"
version = "0.9.6"
version = "0.9.7"
authors = ["duanran01 <duanran01@baidu.com>"]
build = "build.rs"

Expand Down
4 changes: 2 additions & 2 deletions samplecode/tls/tlsclient/enclave/Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "tlsclient"
version = "0.9.6"
version = "0.9.7"
authors = ["Baidu"]

[lib]
Expand All @@ -13,7 +13,7 @@ default = []
[target.'cfg(not(target_env = "sgx"))'.dependencies]
sgx_types = { path = "../../../../sgx_types" }
sgx_trts = { path = "../../../../sgx_trts" }
sgx_tstd = { path = "../../../../sgx_tstd", features = ["untrusted_fs", "untrusted_net", "untrusted_time"] }
sgx_tstd = { path = "../../../../sgx_tstd", features = ["net"] }

[dependencies]
rustls = { path = "../../../../third_party/rustls" }
Expand Down
1 change: 0 additions & 1 deletion samplecode/tls/tlsclient/enclave/Enclave.edl
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,6 @@
enclave {
from "sgx_tstd.edl" import *;
from "sgx_stdio.edl" import *;
from "sgx_backtrace.edl" import *;
from "sgx_net.edl" import *;
from "sgx_time.edl" import *;
from "sgx_tstdc.edl" import *;
Expand Down
2 changes: 1 addition & 1 deletion samplecode/tls/tlsclient/enclave/Xargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ stage = 1

[dependencies.std]
path = "../../../../xargo/sgx_tstd"
features = ["untrusted_fs", "untrusted_net", "untrusted_time"]
features = ["net"]
stage = 2

[dependencies.sgx_rand]
Expand Down
2 changes: 1 addition & 1 deletion samplecode/tls/tlsclient/enclave/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ extern crate sgx_tstd as std;
use sgx_types::*;
use std::collections;

use std::fs;
use std::untrusted::fs;
use std::io::BufReader;

use std::ffi::CStr;
Expand Down
2 changes: 1 addition & 1 deletion samplecode/tls/tlsserver/app/Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "app"
version = "0.9.6"
version = "0.9.7"
authors = ["duanran01 <duanran01@baidu.com>"]
build = "build.rs"

Expand Down
6 changes: 3 additions & 3 deletions samplecode/tls/tlsserver/enclave/Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "tlsclient"
version = "0.9.6"
name = "tlsserver"
version = "0.9.7"
authors = ["Baidu"]

[lib]
Expand All @@ -13,7 +13,7 @@ default = []
[target.'cfg(not(target_env = "sgx"))'.dependencies]
sgx_types = { path = "../../../../sgx_types" }
sgx_trts = { path = "../../../../sgx_trts" }
sgx_tstd = { path = "../../../../sgx_tstd", features = ["untrusted_fs", "untrusted_net", "untrusted_time"] }
sgx_tstd = { path = "../../../../sgx_tstd", features = ["net"] }

[dependencies]
rustls = { path = "../../../../third_party/rustls" }
Expand Down
1 change: 0 additions & 1 deletion samplecode/tls/tlsserver/enclave/Enclave.edl
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,6 @@
enclave {
from "sgx_tstd.edl" import *;
from "sgx_stdio.edl" import *;
from "sgx_backtrace.edl" import *;
from "sgx_net.edl" import *;
from "sgx_time.edl" import *;
from "sgx_tstdc.edl" import *;
Expand Down
2 changes: 1 addition & 1 deletion samplecode/tls/tlsserver/enclave/Xargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ stage = 1

[dependencies.std]
path = "../../../../xargo/sgx_tstd"
features = ["untrusted_fs", "untrusted_net", "untrusted_time"]
features = ["net"]
stage = 2

[dependencies.sgx_rand]
Expand Down
2 changes: 1 addition & 1 deletion samplecode/tls/tlsserver/enclave/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ extern crate sgx_tstd as std;

use sgx_types::*;

use std::fs;
use std::untrusted::fs;
use std::io::BufReader;

use std::ffi::CStr;
Expand Down
2 changes: 1 addition & 1 deletion samplecode/unit-test/app/Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "app"
version = "0.9.6"
version = "0.9.7"
authors = ["duanran01 <duanran01@baidu.com>"]
build = "build.rs"

Expand Down
4 changes: 2 additions & 2 deletions samplecode/unit-test/enclave/Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "Unittestsampleenclave"
version = "0.9.6"
version = "0.9.7"
authors = ["Baidu"]

[lib]
Expand All @@ -12,7 +12,7 @@ default = []

[target.'cfg(not(target_env = "sgx"))'.dependencies]
sgx_types = { path = "../../../sgx_types" }
sgx_tstd = { path = "../../../sgx_tstd", features = ["untrusted_fs", "untrusted_time"] }
sgx_tstd = { path = "../../../sgx_tstd",features = ["untrusted_fs"]}
sgx_tcrypto = { path = "../../../sgx_tcrypto" }
sgx_tunittest = { path = "../../../sgx_tunittest" }
sgx_trts = { path = "../../../sgx_trts" }
Expand Down
4 changes: 2 additions & 2 deletions samplecode/unit-test/enclave/Xargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ stage = 1

[dependencies.std]
path = "../../../xargo/sgx_tstd"
features = ["untrusted_fs", "untrusted_time"]
features = ["untrusted_fs"]
stage = 2

[dependencies.sgx_rand]
Expand All @@ -23,4 +23,4 @@ stage = 3

[dependencies.sgx_tunittest]
path = "../../../xargo/sgx_tunittest"
stage = 3
stage = 3
2 changes: 2 additions & 0 deletions samplecode/unit-test/enclave/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -134,6 +134,8 @@ fn test_main_entrance() -> sgx_status_t {
test_sgxfs,
// std::fs
test_fs,
// std::fs untrusted mode
test_fs_untrusted_fs_feature_enabled,
// std::time
test_std_time
);
Expand Down
26 changes: 24 additions & 2 deletions samplecode/unit-test/enclave/src/test_file.rs
Original file line number Diff line number Diff line change
Expand Up @@ -28,8 +28,8 @@

use sgx_rand::{Rng, StdRng};
use std::sgxfs::{self, SgxFile};
use std::fs::File;
use std::fs::remove_file;
use std::untrusted::fs::File;
use std::untrusted::fs::remove_file;
use std::io::{Read, Write};
use std::string::*;

Expand Down Expand Up @@ -116,3 +116,25 @@ pub fn test_fs () {
assert!(f.is_ok());
}
}

pub fn test_fs_untrusted_fs_feature_enabled() {
{
use std::fs;
let f = fs::File::create("foo.txt");
assert!(f.is_ok());

let result = f.unwrap().write_all(b"Hello, world!");
assert!(result.is_ok());

let f = fs::File::open("foo.txt");
assert!(f.is_ok());

let mut s = String::new();
let result = f.unwrap().read_to_string(&mut s);
assert!(result.is_ok());
assert_eq!(s, "Hello, world!");

let f = remove_file("foo.txt");
assert!(f.is_ok());
}
}
2 changes: 1 addition & 1 deletion samplecode/unit-test/enclave/src/test_time.rs
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
use std::time::*;
use std::panic;
//use std::thread::sleep;
use std::untrusted::time::{InstantEx, SystemTimeEx};

pub fn test_std_time() {
macro_rules! assert_almost_eq {
Expand Down
2 changes: 1 addition & 1 deletion samplecode/zlib-lazy-static-sample/app/Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "app"
version = "0.9.6"
version = "0.9.7"
authors = ["duanran01 <duanran01@baidu.com>"]
build = "build.rs"

Expand Down
2 changes: 1 addition & 1 deletion samplecode/zlib-lazy-static-sample/enclave/Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "Zlibsampleenclave"
version = "0.9.6"
version = "0.9.7"
authors = ["Baidu"]

[lib]
Expand Down
2 changes: 1 addition & 1 deletion sgx_alloc/Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "sgx_alloc"
version = "0.9.6"
version = "0.9.7"
authors = ["Baidu"]

[lib]
Expand Down
Loading

0 comments on commit 6535a00

Please sign in to comment.