-
Notifications
You must be signed in to change notification settings - Fork 202
/
host_internal.h
189 lines (148 loc) · 6.38 KB
/
host_internal.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
/* SPDX-License-Identifier: LGPL-3.0-or-later */
/* Copyright (C) 2014 Stony Brook University */
/*
* This file contains definitions of functions, variables and data structures for internal uses.
*/
#pragma once
#include "api.h"
#include "host_syscall.h"
#include "pal_linux.h"
#include "sgx_arch.h"
#include "toml.h"
extern const size_t g_page_size;
extern pid_t g_host_pid;
#undef IS_ALLOC_ALIGNED
#undef IS_ALLOC_ALIGNED_PTR
#undef ALLOC_ALIGN_UP
#undef ALLOC_ALIGN_UP_PTR
#undef ALLOC_ALIGN_DOWN
#undef ALLOC_ALIGN_DOWN_PTR
#define IS_ALLOC_ALIGNED(addr) IS_ALIGNED_POW2(addr, g_page_size)
#define IS_ALLOC_ALIGNED_PTR(addr) IS_ALIGNED_PTR_POW2(addr, g_page_size)
#define ALLOC_ALIGN_UP(addr) ALIGN_UP_POW2(addr, g_page_size)
#define ALLOC_ALIGN_UP_PTR(addr) ALIGN_UP_PTR_POW2(addr, g_page_size)
#define ALLOC_ALIGN_DOWN(addr) ALIGN_DOWN_POW2(addr, g_page_size)
#define ALLOC_ALIGN_DOWN_PTR(addr) ALIGN_DOWN_PTR_POW2(addr, g_page_size)
struct pal_enclave {
/* attributes */
bool is_first_process; // Initial process in Gramine instance is special.
char* application_path;
char* raw_manifest_data;
unsigned long baseaddr;
unsigned long size;
unsigned long thread_num;
unsigned long rpc_thread_num;
unsigned long ssa_frame_size;
bool edmm_enabled;
enum sgx_attestation_type attestation_type;
char* libpal_uri; /* Path to the PAL binary */
#ifdef DEBUG
/* profiling */
bool profile_enable;
int profile_mode;
char profile_filename[64];
bool profile_with_stack;
int profile_frequency;
#endif
};
extern struct pal_enclave g_pal_enclave;
int open_sgx_driver(void);
bool is_wrfsbase_supported(void);
bool is_aexnotify_supported(void);
int read_enclave_token(int token_file, sgx_arch_token_t* out_token);
int create_dummy_enclave_token(sgx_sigstruct_t* sig, sgx_arch_token_t* out_token);
int read_enclave_sigstruct(int sigfile, sgx_sigstruct_t* sig);
int create_enclave(sgx_arch_secs_t* secs, sgx_arch_token_t* token);
int add_pages_to_enclave(sgx_arch_secs_t* secs, void* addr, void* user_addr, unsigned long size,
enum sgx_page_type type, int prot, bool skip_eextend, const char* comment);
int edmm_restrict_pages_perm(uint64_t addr, size_t count, uint64_t prot);
int edmm_modify_pages_type(uint64_t addr, size_t count, uint64_t type);
int edmm_remove_pages(uint64_t addr, size_t count);
int edmm_supported_by_driver(bool* out_supported);
/*!
* \brief Retrieve Quoting Enclave's sgx_target_info_t by talking to AESMD.
*
* \param is_epid Use EPID attestation if true, DCAP/ECDSA if false.
* \param[out] qe_targetinfo Retrieved Quoting Enclave's target info.
*
* \returns 0 on success, negative error code otherwise.
*/
int init_quoting_enclave_targetinfo(bool is_epid, sgx_target_info_t* qe_targetinfo);
/*!
* \brief Obtain SGX Quote from the Quoting Enclave (communicate via AESM).
*
* \param spid Software provider ID (SPID); if NULL then DCAP/ECDSA is used.
* \param linkable Quote type (linkable vs unlinkable); ignored if DCAP/ECDSA is used.
* \param report Enclave report to convert into a quote.
* \param nonce 16B nonce to be included in the quote for freshness; ignored if
* DCAP/ECDSA is used.
* \param[out] quote Quote returned by the Quoting Enclave (allocated via mmap() in this
* function; the caller gets the ownership of the quote).
* \param[out] quote_len Length of the quote returned by the Quoting Enclave.
*
* \returns 0 on success, negative Linux error code otherwise.
*/
int retrieve_quote(const sgx_spid_t* spid, bool linkable, const sgx_report_t* report,
const sgx_quote_nonce_t* nonce, char** quote, size_t* quote_len);
int init_enclave(sgx_arch_secs_t* secs, sgx_sigstruct_t* sigstruct, sgx_arch_token_t* token);
int sgx_ecall(long ecall_no, void* ms);
int sgx_raise(int event);
void async_exit_pointer(void);
void eresume_pointer(void);
void async_exit_pointer_end(void);
int get_tid_from_tcs(void* tcs);
int clone_thread(void);
void create_tcs_mapper(void* tcs_base, unsigned int thread_num);
int pal_thread_init(void* tcbptr);
void map_tcs(unsigned int tid);
void unmap_tcs(void);
int current_enclave_thread_cnt(void);
void thread_exit(int status);
int sgx_signal_setup(void);
int block_async_signals(bool block);
#ifdef DEBUG
/* SGX profiling (sgx_profile.c) */
/*
* Default and maximum sampling frequency. We depend on Linux scheduler to interrupt us, so it's not
* possible to achieve higher than 250.
*/
#define SGX_PROFILE_DEFAULT_FREQUENCY 50
#define SGX_PROFILE_MAX_FREQUENCY 250
enum {
SGX_PROFILE_MODE_AEX = 1,
SGX_PROFILE_MODE_OCALL_INNER = 2,
SGX_PROFILE_MODE_OCALL_OUTER = 3,
};
/* Filenames for saved data */
#define SGX_PROFILE_FILENAME "sgx-perf.data"
#define SGX_PROFILE_FILENAME_WITH_PID "sgx-perf-%d.data"
/* Initialize based on g_pal_enclave settings */
int sgx_profile_init(void);
/* Finalize and close file */
void sgx_profile_finish(void);
/* Record a sample during AEX */
void sgx_profile_sample_aex(void* tcs);
/* Record a sample during OCALL (inner state) */
void sgx_profile_sample_ocall_inner(void* enclave_gpr);
/* Record a sample during OCALL (function to be executed) */
void sgx_profile_sample_ocall_outer(void* ocall_func);
/* Record a new mapped ELF */
void sgx_profile_report_elf(const char* filename, void* addr);
#endif
/* perf.data output (sgx_perf_data.h) */
#define PD_STACK_SIZE 8192
struct perf_data;
struct perf_data* pd_open(const char* file_name, bool with_stack);
/* Finalize and close; returns resulting file size */
ssize_t pd_close(struct perf_data* pd);
/* Write PERF_RECORD_COMM (report command name) */
int pd_event_command(struct perf_data* pd, const char* command, uint32_t pid, uint32_t tid);
/* Write PERF_RECORD_MMAP (report mmap of executable region) */
int pd_event_mmap(struct perf_data* pd, const char* filename, uint32_t pid, uint64_t addr,
uint64_t len, uint64_t pgoff);
/* Write PERF_RECORD_SAMPLE (simple version) */
int pd_event_sample_simple(struct perf_data* pd, uint64_t ip, uint32_t pid, uint32_t tid,
uint64_t period);
/* Write PERF_RECORD_SAMPLE (with stack sample, at most PD_STACK_SIZE bytes) */
int pd_event_sample_stack(struct perf_data* pd, uint64_t ip, uint32_t pid, uint32_t tid,
uint64_t period, sgx_pal_gpr_t* gpr, void* stack, size_t stack_size);