You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@teaclave.apache.org by rd...@apache.org on 2022/08/20 07:07:43 UTC
[incubator-teaclave-sgx-sdk] branch v2.0.0-preview updated: Support intel sgx sdk 2.17.1
This is an automated email from the ASF dual-hosted git repository.
rduan pushed a commit to branch v2.0.0-preview
in repository https://gitbox.apache.org/repos/asf/incubator-teaclave-sgx-sdk.git
The following commit(s) were added to refs/heads/v2.0.0-preview by this push:
new 057f1781 Support intel sgx sdk 2.17.1
057f1781 is described below
commit 057f1781cda6ca2a1f57b7ae9d3594044f1fe052
Author: volcano <vo...@163.com>
AuthorDate: Sat Aug 20 15:07:24 2022 +0800
Support intel sgx sdk 2.17.1
---
common/inc/tlibc/string.h | 1 +
sgx_libc/sgx_tlibc_sys/tlibc/string/memcpy.c | 89 +++++++++++++++++++++++-----
sgx_trts/src/version.rs | 2 +-
tools/docker/Dockerfile.centos8 | 13 ++--
tools/docker/Dockerfile.ubuntu18.04 | 13 ++--
tools/docker/Dockerfile.ubuntu20.04 | 13 ++--
6 files changed, 101 insertions(+), 30 deletions(-)
diff --git a/common/inc/tlibc/string.h b/common/inc/tlibc/string.h
index 1140fcc5..00a89fde 100644
--- a/common/inc/tlibc/string.h
+++ b/common/inc/tlibc/string.h
@@ -60,6 +60,7 @@ __BEGIN_DECLS
void * _TLIBC_CDECL_ memchr(const void *, int, size_t);
int _TLIBC_CDECL_ memcmp(const void *, const void *, size_t);
+void * _TLIBC_CDECL_ memcpy_nochecks(void *, const void *, size_t);
void * _TLIBC_CDECL_ memcpy(void *, const void *, size_t);
void * _TLIBC_CDECL_ memcpy_verw(void *, const void *, size_t);
void * _TLIBC_CDECL_ memmove(void *, const void *, size_t);
diff --git a/sgx_libc/sgx_tlibc_sys/tlibc/string/memcpy.c b/sgx_libc/sgx_tlibc_sys/tlibc/string/memcpy.c
index 6e33927f..a83c3744 100644
--- a/sgx_libc/sgx_tlibc_sys/tlibc/string/memcpy.c
+++ b/sgx_libc/sgx_tlibc_sys/tlibc/string/memcpy.c
@@ -34,6 +34,8 @@
#include <string.h>
#include <stdlib.h>
#include <sys/types.h>
+#include "sgx_trts.h"
+#include <stdbool.h>
/*
* sizeof(word) MUST BE A POWER OF TWO
@@ -62,12 +64,6 @@ __memcpy(void *dst0, const void *src0, size_t length)
if (length == 0 || dst == src) /* nothing to do */
goto done;
- if ((dst < src && dst + length > src) ||
- (src < dst && src + length > dst)) {
- /* backwards memcpy */
- abort();
- }
-
/*
* Macros: loop-t-times; and loop-t-times, t>0
*/
@@ -113,13 +109,6 @@ void* memcpy_verw(void *dst0, const void *src0, size_t len)
return dst0;
}
- //abort if overlap exist
- if ((dst < src && dst + len > src) ||
- (src < dst && src + len > dst))
- {
- abort();
- }
-
while (len >= 8) {
if((unsigned long long)dst%8 == 0) {
// 8-byte-aligned - don't need <VERW><MFENCE LFENCE> bracketing
@@ -146,7 +135,7 @@ void* memcpy_verw(void *dst0, const void *src0, size_t len)
}
void *
-memcpy(void *dst0, const void *src0, size_t length)
+memcpy_nochecks(void *dst0, const void *src0, size_t length)
{
#ifdef _TLIBC_USE_INTEL_FAST_STRING_
if (__intel_cpu_feature_indicator)
@@ -157,3 +146,75 @@ memcpy(void *dst0, const void *src0, size_t length)
return __memcpy(dst0, src0, length);
#endif
}
+
+
+//deal the case that src is outside the enclave, count <= 8
+static void
+copy_external_memory(void* dst, const void* src, size_t count, bool is_dst_external)
+{
+ unsigned char tmp_buf[16]={0};
+ unsigned int off_src = (unsigned long long)src%8;
+ if(count == 0)
+ {
+ return;
+ }
+
+ //if src is 8-byte-aligned, copy 8 bytes from outside the enclave to the buffer
+ //if src is not 8-byte-aligned and off_src + count > 8, copy 16 bytes from outside the enclave to the buffer
+ __memcpy_8a(tmp_buf, src - off_src);
+ if(off_src != 0 && off_src + count > 8)
+ {
+ __memcpy_8a(tmp_buf + 8, src - off_src + 8);
+ }
+ if(is_dst_external)
+ {
+ memcpy_verw(dst, tmp_buf + off_src, count);
+ }
+ else
+ {
+ memcpy_nochecks(dst, tmp_buf + off_src, count);
+ }
+ return;
+}
+
+void *
+memcpy(void *dst0, const void *src0, size_t length)
+{
+ if(length == 0 || dst0 == src0)
+ {
+ return dst0;
+ }
+
+ bool is_src_external = !sgx_is_within_enclave(src0, length);
+ bool is_dst_external = !sgx_is_within_enclave(dst0, length);
+
+ //src is inside the enclave
+ if(!is_src_external)
+ {
+ if(is_dst_external)
+ {
+ return memcpy_verw(dst0, src0, length);
+ }
+ else
+ {
+ return memcpy_nochecks(dst0, src0, length);
+ }
+ }
+
+ //src is outside the enclave
+ unsigned int len = 0;
+ char* dst = dst0;
+ const char *src = (const char *)src0;
+ while(length >= 8)
+ {
+ len = 8 - (unsigned long long)dst%8;
+ copy_external_memory(dst, src, len, is_dst_external);
+ src += len;
+ dst += len;
+ length -= len;
+ }
+ //less than 8 bytes left
+ copy_external_memory(dst, src, length, is_dst_external);
+
+ return dst0;
+}
diff --git a/sgx_trts/src/version.rs b/sgx_trts/src/version.rs
index b5ca569e..e253c711 100644
--- a/sgx_trts/src/version.rs
+++ b/sgx_trts/src/version.rs
@@ -17,5 +17,5 @@
pub const MAJOR_VERSION: usize = 2;
pub const MINOR_VERSION: usize = 17;
-pub const REVISION_VERSION: usize = 100;
+pub const REVISION_VERSION: usize = 101;
pub const VERSION_UINT: usize = (MAJOR_VERSION << 32) | (MINOR_VERSION << 16) | REVISION_VERSION;
diff --git a/tools/docker/Dockerfile.centos8 b/tools/docker/Dockerfile.centos8
index 7d68659a..19fe2d26 100644
--- a/tools/docker/Dockerfile.centos8
+++ b/tools/docker/Dockerfile.centos8
@@ -73,14 +73,17 @@ RUN yum install epel-release -y && \
ENV SGX_SDK_RELEASE_VERSION 2.17
ENV SGX_DCAP_RELEASE_VERSION 1.14
-ENV SGX_SDK_CODE_VERSION 2.17.100.3
-ENV SGX_DCAP_CODE_VERSION 1.14.100.3
-ENV SGX_SDK_VERSION ${SGX_SDK_CODE_VERSION}
-ENV SGX_DCAP_VERSION ${SGX_DCAP_CODE_VERSION}
+ENV SGX_SDK_CODE_VERSION 2.17.1
+ENV SGX_DCAP_CODE_VERSION 1.14
+ENV SGX_SDK_BIN_VERSION 2.17.101.1
+ENV SGX_SDK_PKGS_VERSION 2.17.100.3
+ENV SGX_DCAP_PKGS_VERSION 1.14.100.3
+ENV SGX_SDK_VERSION ${SGX_SDK_PKGS_VERSION}
+ENV SGX_DCAP_VERSION ${SGX_DCAP_PKGS_VERSION}
ENV RUST_TOOLCHAIN nightly-2022-02-23
ENV OS_NAME centos
ENV BINUTILS_DIST centos8
-ENV SGX_SDK_URL "https://download.01.org/intel-sgx/sgx-linux/${SGX_SDK_RELEASE_VERSION}/distro/${OS_NAME}-stream/sgx_linux_x64_sdk_${SGX_SDK_CODE_VERSION}.bin"
+ENV SGX_SDK_URL "https://download.01.org/intel-sgx/sgx-linux/${SGX_SDK_CODE_VERSION}/distro/${OS_NAME}-stream/sgx_linux_x64_sdk_${SGX_SDK_BIN_VERSION}.bin"
ENV PSW_REPO_URL "https://download.01.org/intel-sgx/sgx-linux/${SGX_SDK_RELEASE_VERSION}/distro/${OS_NAME}-stream/sgx_rpm_local_repo.tgz"
ADD 02_binutils.sh /root
diff --git a/tools/docker/Dockerfile.ubuntu18.04 b/tools/docker/Dockerfile.ubuntu18.04
index 25c6906b..6f48c927 100644
--- a/tools/docker/Dockerfile.ubuntu18.04
+++ b/tools/docker/Dockerfile.ubuntu18.04
@@ -80,14 +80,17 @@ RUN apt-get update && DEBIAN_FRONTEND="noninteractive" apt-get install -y --no-i
ENV CODENAME bionic
ENV SGX_SDK_RELEASE_VERSION 2.17
ENV SGX_DCAP_RELEASE_VERSION 1.14
-ENV SGX_SDK_CODE_VERSION 2.17.100.3
-ENV SGX_DCAP_CODE_VERSION 1.14.100.3
-ENV SGX_SDK_VERSION ${SGX_SDK_CODE_VERSION}-bionic1
-ENV SGX_DCAP_VERSION ${SGX_DCAP_CODE_VERSION}-bionic1
+ENV SGX_SDK_CODE_VERSION 2.17.1
+ENV SGX_DCAP_CODE_VERSION 1.14
+ENV SGX_SDK_BIN_VERSION 2.17.101.1
+ENV SGX_SDK_PKGS_VERSION 2.17.100.3
+ENV SGX_DCAP_PKGS_VERSION 1.14.100.3
+ENV SGX_SDK_VERSION ${SGX_SDK_PKGS_VERSION}-focal1
+ENV SGX_DCAP_VERSION ${SGX_DCAP_PKGS_VERSION}-focal1
ENV RUST_TOOLCHAIN nightly-2022-02-23
ENV OS_NAME ubuntu
ENV BINUTILS_DIST ubuntu18.04
-ENV SGX_SDK_URL "https://download.01.org/intel-sgx/sgx-linux/${SGX_SDK_RELEASE_VERSION}/distro/${BINUTILS_DIST}-server/sgx_linux_x64_sdk_${SGX_SDK_CODE_VERSION}.bin"
+ENV SGX_SDK_URL "https://download.01.org/intel-sgx/sgx-linux/${SGX_SDK_CODE_VERSION}/distro/${BINUTILS_DIST}-server/sgx_linux_x64_sdk_${SGX_SDK_BIN_VERSION}.bin"
ENV LD_LIBRARY_PATH=/usr/lib:/usr/local/lib
ENV LD_RUN_PATH=/usr/lib:/usr/local/lib
diff --git a/tools/docker/Dockerfile.ubuntu20.04 b/tools/docker/Dockerfile.ubuntu20.04
index 5082ecba..9b8855b8 100644
--- a/tools/docker/Dockerfile.ubuntu20.04
+++ b/tools/docker/Dockerfile.ubuntu20.04
@@ -79,14 +79,17 @@ RUN apt-get update && DEBIAN_FRONTEND="noninteractive" apt-get install -y --no-i
ENV CODENAME focal
ENV SGX_SDK_RELEASE_VERSION 2.17
ENV SGX_DCAP_RELEASE_VERSION 1.14
-ENV SGX_SDK_CODE_VERSION 2.17.100.3
-ENV SGX_DCAP_CODE_VERSION 1.14.100.3
-ENV SGX_SDK_VERSION ${SGX_SDK_CODE_VERSION}-focal1
-ENV SGX_DCAP_VERSION ${SGX_DCAP_CODE_VERSION}-focal1
+ENV SGX_SDK_CODE_VERSION 2.17.1
+ENV SGX_DCAP_CODE_VERSION 1.14
+ENV SGX_SDK_BIN_VERSION 2.17.101.1
+ENV SGX_SDK_PKGS_VERSION 2.17.100.3
+ENV SGX_DCAP_PKGS_VERSION 1.14.100.3
+ENV SGX_SDK_VERSION ${SGX_SDK_PKGS_VERSION}-focal1
+ENV SGX_DCAP_VERSION ${SGX_DCAP_PKGS_VERSION}-focal1
ENV RUST_TOOLCHAIN nightly-2022-02-23
ENV OS_NAME ubuntu
ENV BINUTILS_DIST ubuntu20.04
-ENV SGX_SDK_URL "https://download.01.org/intel-sgx/sgx-linux/${SGX_SDK_RELEASE_VERSION}/distro/${BINUTILS_DIST}-server/sgx_linux_x64_sdk_${SGX_SDK_CODE_VERSION}.bin"
+ENV SGX_SDK_URL "https://download.01.org/intel-sgx/sgx-linux/${SGX_SDK_CODE_VERSION}/distro/${BINUTILS_DIST}-server/sgx_linux_x64_sdk_${SGX_SDK_BIN_VERSION}.bin"
ENV LD_LIBRARY_PATH=/usr/lib:/usr/local/lib
ENV LD_RUN_PATH=/usr/lib:/usr/local/lib
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@teaclave.apache.org
For additional commands, e-mail: commits-help@teaclave.apache.org