Add EDMM support from https://github.com/mingweishih/openenclave/tree…

…/edmm
data-capsule · Jan 13, 2024 · 591cb80 · 591cb80
1 parent 7b16408
commit 591cb80
Show file tree

Hide file tree

Showing 33 changed files with 4,933 additions and 46 deletions.
diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -5,6 +5,8 @@
 #
 # Please read The Ultimate Guide to CMake:
 # https://rix0r.nl/blog/2015/08/13/cmake-guide/
+set(CMAKE_VERBOSE_MAKEFILE on)
+
 cmake_minimum_required(VERSION 3.12 FATAL_ERROR)
 
 if (${CMAKE_VERSION} GREATER_EQUAL "3.24.0")

diff --git a/README.md b/README.md
@@ -1,6 +1,8 @@
 Open Enclave SDK
 ================
 
+PSL version of OpenEnclave with EDMM support copied from https://github.com/mingweishih/openenclave.
+
 [![Bors enabled](https://bors.tech/images/badge_small.svg)](https://app.bors.tech/repositories/21855)
 [![Join the chat at https://gitter.im/openenclave/community](https://badges.gitter.im/openenclave/community.svg)](https://gitter.im/openenclave/community?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
 

diff --git a/enclave/core/CMakeLists.txt b/enclave/core/CMakeLists.txt
@@ -62,6 +62,8 @@ if (OE_SGX)
     sgx/backtrace.c
     sgx/calls.c
     sgx/cpuid.c
+    sgx/edmm.S
+    sgx/edmm.c
     sgx/enter.S
     sgx/entropy.c
     sgx/errno.c
@@ -97,50 +99,47 @@ if (OE_SGX)
 
   # Switch compiler from MSVC to Clang for compiling enclave libraries
   if (WIN32 AND MSVC)
-    find_program(CLANG_C_COMPILER
-                 NAMES clang
-                 PATHS "C:/Program Files/LLVM/bin"
-                 NO_DEFAULT_PATH
-                 REQUIRED)
+    find_program(
+      CLANG_C_COMPILER
+      NAMES clang
+      PATHS "C:/Program Files/LLVM/bin"
+      NO_DEFAULT_PATH REQUIRED)
     execute_process(
       COMMAND ${CLANG_C_COMPILER} --version
       OUTPUT_VARIABLE CLANG_C_COMPILER_VERSION
       OUTPUT_STRIP_TRAILING_WHITESPACE)
-    if (CLANG_C_COMPILER_VERSION MATCHES "clang version ([0-9]+\.[0-9]+\.[0-9]+)")
+    if (CLANG_C_COMPILER_VERSION MATCHES
+        "clang version ([0-9]+\.[0-9]+\.[0-9]+)")
       set(CLANG_C_COMPILER_VERSION ${CMAKE_MATCH_1})
     else ()
       message(
-        FATAL_ERROR
-        "Could not determine Clang version from ${CLANG_C_COMPILER}"
+        FATAL_ERROR "Could not determine Clang version from ${CLANG_C_COMPILER}"
       )
     endif ()
     set(CMAKE_C_COMPILER ${CLANG_C_COMPILER})
     set(CMAKE_C_COMPILER_VERSION ${CLANG_C_COMPILER_VERSION})
     message(
       STATUS
-      "${CMAKE_C_COMPILER} (version: ${CMAKE_C_COMPILER_VERSION}) will be used to compile enclave libraries"
+        "${CMAKE_C_COMPILER} (version: ${CMAKE_C_COMPILER_VERSION}) will be used to compile enclave libraries"
     )
-    if (CMAKE_C_COMPILER_VERSION VERSION_LESS 10 
-        OR CMAKE_C_COMPILER_VERSION VERSION_GREATER 11.99)
-      message(
-        WARNING "Open Enclave officially supports Clang 11 and 10 only, "
-        "but your Clang version (${CMAKE_C_COMPILER_VERSION}) "
-        "is older or newer than that. Build problems may occur.")
+    if (CMAKE_C_COMPILER_VERSION VERSION_LESS 10 OR CMAKE_C_COMPILER_VERSION
+                                                    VERSION_GREATER 11.99)
+      message(WARNING "Open Enclave officially supports Clang 11 and 10 only, "
+                      "but your Clang version (${CMAKE_C_COMPILER_VERSION}) "
+                      "is older or newer than that. Build problems may occur.")
     endif ()
   endif ()
 
   # Adding "-Wno-frame-address" because, for clang-11 and above, usage of
-  # __builtin_frame_address() with a non-zero argument is triggering 
+  # __builtin_frame_address() with a non-zero argument is triggering
   # -Wframe-address.
-  # -Wno-frame-address is not used for clang-10 as it does not emit such 
+  # -Wno-frame-address is not used for clang-10 as it does not emit such
   # an error, and does not support the option.
   if (CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL 11)
     set(C_CALLS_CFLAGS "-Wno-frame-address")
   endif ()
-  set_source_files_properties(
-    sgx/calls.c
-    PROPERTIES
-      COMPILE_OPTIONS "${C_CALLS_CFLAGS}")
+  set_source_files_properties(sgx/calls.c PROPERTIES COMPILE_OPTIONS
+                                                     "${C_CALLS_CFLAGS}")
 
   # To avoid the `unused-command-line-argument` warning, which we treat as an
   # error, we explicitly turn off the warning when compiling these assembly
@@ -241,28 +240,26 @@ list(APPEND NEEDS_STDC_NAMES ${MUSL_SRC_DIR}/prng/rand.c
 
 list(APPEND W_NO_CONVERSION ${MUSL_SRC_DIR}/prng/rand.c)
 
-set_property(
-  SOURCE ${W_NO_CONVERSION}
-  APPEND_STRING
-  PROPERTY COMPILE_FLAGS "-Wno-conversion")
+set_property(SOURCE ${W_NO_CONVERSION} APPEND_STRING PROPERTY COMPILE_FLAGS
+                                                              "-Wno-conversion")
 
-set_property(
-  SOURCE ${NEEDS_STDC_NAMES}
-  APPEND_STRING
-  PROPERTY COMPILE_FLAGS " -I${CORELIBC_INCLUDES}")
-set_property(
-  SOURCE ${NEEDS_STDC_NAMES}
-  APPEND
-  PROPERTY COMPILE_DEFINITIONS OE_NEED_STDC_NAMES)
+set_property(SOURCE ${NEEDS_STDC_NAMES} APPEND_STRING
+             PROPERTY COMPILE_FLAGS " -I${CORELIBC_INCLUDES}")
+set_property(SOURCE ${NEEDS_STDC_NAMES} APPEND PROPERTY COMPILE_DEFINITIONS
+                                                        OE_NEED_STDC_NAMES)
 
 maybe_build_using_clangw(oecore)
 
 add_enclave_dependencies(oecore core_trusted_edl)
 if (OE_SGX)
   add_enclave_dependencies(oecore platform_trusted_edl)
+  enclave_include_directories(
+    oecore PRIVATE ${PROJECT_SOURCE_DIR}/include/openenclave/corelibc)
 endif ()
 
 enclave_include_directories(oecore PRIVATE ${CMAKE_CURRENT_BINARY_DIR})
+enclave_include_directories(oecore PRIVATE
+                            ${PROJECT_SOURCE_DIR}/enclave/core/sgx/include)
 
 enclave_link_libraries(oecore PUBLIC oe_includes)
 if (OE_TRUSTZONE)
@@ -345,10 +342,8 @@ if (OE_SGX)
     ${MUSL_SRC_DIR}/string/x86_64/memmove.s
     ${MUSL_SRC_DIR}/string/x86_64/memset.s)
 
-  set_property(
-    SOURCE ${DEFAULT_VISIBILITY}
-    APPEND_STRING
-    PROPERTY COMPILE_FLAGS " -fvisibility=default")
+  set_property(SOURCE ${DEFAULT_VISIBILITY} APPEND_STRING
+               PROPERTY COMPILE_FLAGS " -fvisibility=default")
 endif ()
 
 enclave_compile_options(oecore INTERFACE $<$<COMPILE_LANGUAGE:CXX>:-nostdinc++>)

diff --git a/enclave/core/sgx/asmdefs.h b/enclave/core/sgx/asmdefs.h
@@ -12,6 +12,9 @@
 #define ENCLU_EGETKEY 1
 #define ENCLU_EENTER 2
 #define ENCLU_EEXIT 4
+#define ENCLU_EACCEPT 5
+#define ENCLU_EMODPE 6
+#define ENCLU_EACCEPTCOPY 7
 
 #define PAGE_SIZE 4096
 #define STATIC_STACK_SIZE 8 * 100

diff --git a/enclave/core/sgx/edmm.S b/enclave/core/sgx/edmm.S
@@ -0,0 +1,69 @@
+// Copyright (c) Open Enclave SDK contributors.
+// Licensed under the MIT License.
+
+#include "asmdefs.h"
+#include "asmcommon.inc"
+
+//==============================================================================
+// This file implements the necessary wrappers of Intel SGX primitives required
+// by the Enclave Memory Manager (emm) library that supports the Enclave Dynamic
+// Memory Management (EDMM) feature on SGX2 CPUs.
+//==============================================================================
+
+.globl do_eaccept
+.type do_eaccept, @function
+do_eaccept:
+.cfi_startproc
+
+    push %rbx
+    push %rcx
+    movq %rdi, %rbx
+    movq %rsi, %rcx
+
+    // Execute EACCEPT.
+    movq $ENCLU_EACCEPT, %rax
+    ENCLU
+
+    pop %rcx
+    pop %rbx
+
+    ret
+.cfi_endproc
+
+.globl do_eacceptcopy
+.type do_eacceptcopy, @function
+do_eacceptcopy:
+.cfi_startproc
+    push %rbx
+    push %rcx
+    movq %rdi, %rbx
+    movq %rsi, %rcx
+
+    // Execute EACCEPTCOPY
+    movq $ENCLU_EACCEPTCOPY, %rax
+    ENCLU
+
+    pop %rcx
+    pop %rbx
+
+    ret
+.cfi_endproc
+
+.globl do_emodpe
+.type do_emodpe, @function
+do_emodpe:
+.cfi_startproc
+    push %rbx
+    push %rcx
+    movq %rdi, %rbx
+    movq %rsi, %rcx
+
+    // Execute EMODPE
+    movq $ENCLU_EMODPE, %rax
+    ENCLU
+
+    pop %rcx
+    pop %rbx
+
+    ret
+.cfi_endproc