You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@teaclave.apache.org by gjj <no...@github.com.INVALID> on 2020/11/17 09:41:08 UTC
[apache/incubator-teaclave] 关于ocall、ecall函数的问题 (#435)
我模仿了teaclave的ecall_ipc_app_to_tee 这个ecall函数编写了个ocall函数,ocall函数会可能会返回一个很长的字符串。
现在这里这个
如果设置过大,底层会报错并自动退出execution_service服务.
这个该怎么解决呢?我这边d的场景是有可能会返回很长的值....
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/apache/incubator-teaclave/issues/435
Re: [apache/incubator-teaclave] 关于ocall、ecall函数的问题 (#435)
Posted by gjj <no...@github.com.INVALID>.
代码在少数据量的情况下测试是可以的
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/apache/incubator-teaclave/issues/435#issuecomment-729365862
Re: [apache/incubator-teaclave] 关于ocall、ecall函数的问题 (#435)
Posted by gjj <no...@github.com.INVALID>.
好的! 我试试 谢谢
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/apache/incubator-teaclave/issues/435#issuecomment-729397463
Re: [apache/incubator-teaclave] 关于ocall、ecall函数的问题 (#435)
Posted by gjj <no...@github.com.INVALID>.
我在对应ocall/ecall函数的服务app/main.rs 新建了个线程并修改stack_size方法,可以了。
这样应该不会对底层有什么影响吧? 走了一下流程是通的
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/apache/incubator-teaclave/issues/435#issuecomment-729540308
Re: [apache/incubator-teaclave] 关于ocall、ecall函数的问题 (#435)
Posted by gjj <no...@github.com.INVALID>.
其他teaclave所有服务都修改成unlimited 也还是不行。
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/apache/incubator-teaclave/issues/435#issuecomment-729490078
Re: [apache/incubator-teaclave] 关于ocall、ecall函数的问题 (#435)
Posted by gjj <no...@github.com.INVALID>.
针对teaclave 是修改docker容器内(teaclave_execution_service)的ulimit吧?
我修改为-1
容器内的ulimit -a 对应的stack size已经是unlimited了
宿主机我也修改成unlimited 但还是报相同的错误
是要在哪里修改这个ulimit呢?
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/apache/incubator-teaclave/issues/435#issuecomment-729489431
Re: [apache/incubator-teaclave] 关于ocall、ecall函数的问题 (#435)
Posted by Yu Ding <no...@github.com.INVALID>.
@gaojunjie03 建议你尝试这个回复里的做法,使用ulimit
https://github.com/apache/incubator-teaclave-sgx-sdk/issues/77#issuecomment-469442636
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/apache/incubator-teaclave/issues/435#issuecomment-729395381
Re: [apache/incubator-teaclave] 关于ocall、ecall函数的问题 (#435)
Posted by gjj <no...@github.com.INVALID>.
Closed #435.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/apache/incubator-teaclave/issues/435#event-4044120142
Re: [apache/incubator-teaclave] 关于ocall、ecall函数的问题 (#435)
Posted by Mingshen Sun <no...@github.com.INVALID>.
设置 `Enclave.config.xml` 文件中的 `StackMaxSize` 可以调整 SGX enclave 的 stack size。
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/apache/incubator-teaclave/issues/435#issuecomment-729271093
Re: [apache/incubator-teaclave] 关于ocall、ecall函数的问题 (#435)
Posted by Yu Ding <no...@github.com.INVALID>.
@gaojunjie03 刚才那个issue里也有人提到,主线程就是不行,新创建的线程(创建时指定更大的stack size)就可以
https://github.com/apache/incubator-teaclave-sgx-sdk/issues/77#issuecomment-469200138
如果真的一直解决不了,那就用`usercheck`传递一个指针回到enclave,再传一个长度回来。然后在enclave里手工使用memcpy把那个buffer复制进来就好。记得做好指针的有效性检测(必须是enclave外的指针,使用`rsgx_raw_is_outside_enclave`)。
https://github.com/apache/incubator-teaclave-sgx-sdk/blob/master/sgx_trts/src/trts.rs#L171
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/apache/incubator-teaclave/issues/435#issuecomment-729494029
Re: [apache/incubator-teaclave] 关于ocall、ecall函数的问题 (#435)
Posted by gjj <no...@github.com.INVALID>.
> @gaojunjie03 应该没有问题
> 换句话说,就是你的ulimit没有起作用
是的 没有作用
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/apache/incubator-teaclave/issues/435#issuecomment-730059087
Re: [apache/incubator-teaclave] 关于ocall、ecall函数的问题 (#435)
Posted by gjj <no...@github.com.INVALID>.
好的
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/apache/incubator-teaclave/issues/435#issuecomment-729495027
Re: [apache/incubator-teaclave] 关于ocall、ecall函数的问题 (#435)
Posted by Yu Ding <no...@github.com.INVALID>.
@gaojunjie03
这不是sgx的问题,这是linux线程栈大小的问题,之前有过讨论
https://github.com/apache/incubator-teaclave-sgx-sdk/issues/77
2504955这个大小已经超过了主线程的栈大小,在ecall过程中 sgx_ocalloc会分配一个栈上的空间保存数据,此时栈溢出
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/apache/incubator-teaclave/issues/435#issuecomment-729394965
Re: [apache/incubator-teaclave] 关于ocall、ecall函数的问题 (#435)
Posted by Yu Ding <no...@github.com.INVALID>.
@gaojunjie03 应该没有问题
换句话说,就是你的ulimit没有起作用
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/apache/incubator-teaclave/issues/435#issuecomment-729981410
Re: [apache/incubator-teaclave] 关于ocall、ecall函数的问题 (#435)
Posted by gjj <no...@github.com.INVALID>.
我调整到这个地步了 要求内存10g(这样看上去是足够得了 而且也有很多内存浪费)....
但依然报这个stack overflow的错误。
代码如下(ocall):
enclave端:
ocall函数的extern声明:
app端具体ocall函数实现 :
edl文件:
基本上就是按照ecall_ipc_app_to_tee实现
ocall返回的数据字节数组inner_len长度是2504955,报错 stack overflow,数据量大概7000条 不是很多
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/apache/incubator-teaclave/issues/435#issuecomment-729361190