You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@teaclave.apache.org by ms...@apache.org on 2020/10/23 00:34:34 UTC
[incubator-teaclave-website] branch master updated: Pull SDK's
document from the repo
This is an automated email from the ASF dual-hosted git repository.
mssun pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-teaclave-website.git
The following commit(s) were added to refs/heads/master by this push:
new b25816c Pull SDK's document from the repo
b25816c is described below
commit b25816c6bef4c61fa00f4a36b95bed826f0aeb0a
Author: Mingshen Sun <bo...@mssun.me>
AuthorDate: Thu Oct 22 17:34:04 2020 -0700
Pull SDK's document from the repo
---
.gitignore | 1 +
sgx-sdk-api-docs/Cargo.lock | 118 +++++++++++++++++++++
{sgx-sdk-docs => sgx-sdk-api-docs}/Cargo.toml | 0
{sgx-sdk-docs => sgx-sdk-api-docs}/lib.rs | 0
site/.vuepress/config.js | 12 +--
site/Makefile | 22 ++--
site/api-docs/README.md | 5 +
site/sgx-sdk-docs/README.md | 9 --
.../sgx-sdk-docs/everything-about-cve-2020-5499.md | 68 ------------
9 files changed, 142 insertions(+), 93 deletions(-)
diff --git a/.gitignore b/.gitignore
index a7932ea..e6519df 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,5 +1,6 @@
dist
teaclave
+teaclave-sgx-sdk
node_modules
target
sgx-sdk-docs/Cargo.lock
diff --git a/sgx-sdk-api-docs/Cargo.lock b/sgx-sdk-api-docs/Cargo.lock
new file mode 100644
index 0000000..afc66ee
--- /dev/null
+++ b/sgx-sdk-api-docs/Cargo.lock
@@ -0,0 +1,118 @@
+# This file is automatically @generated by Cargo.
+# It is not intended for manual editing.
+[[package]]
+name = "autocfg"
+version = "1.0.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f8aac770f1885fd7e387acedd76065302551364496e46b3dd00860b2f8359b9d"
+
+[[package]]
+name = "cc"
+version = "1.0.54"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7bbb73db36c1246e9034e307d0fba23f9a2e251faa47ade70c1bd252220c8311"
+
+[[package]]
+name = "hashbrown_tstd"
+version = "0.7.1"
+source = "git+https://github.com/apache/incubator-teaclave-sgx-sdk.git?tag=v1.1.2#253b3ac982b2d09d32f5fa5a2011e3c36bcbed1e"
+dependencies = [
+ "autocfg",
+]
+
+[[package]]
+name = "sgx_alloc"
+version = "1.1.2"
+source = "git+https://github.com/apache/incubator-teaclave-sgx-sdk.git?tag=v1.1.2#253b3ac982b2d09d32f5fa5a2011e3c36bcbed1e"
+
+[[package]]
+name = "sgx_backtrace_sys"
+version = "1.1.2"
+source = "git+https://github.com/apache/incubator-teaclave-sgx-sdk.git?tag=v1.1.2#253b3ac982b2d09d32f5fa5a2011e3c36bcbed1e"
+dependencies = [
+ "cc",
+ "sgx_build_helper",
+ "sgx_libc",
+]
+
+[[package]]
+name = "sgx_build_helper"
+version = "0.1.3"
+source = "git+https://github.com/apache/incubator-teaclave-sgx-sdk.git?tag=v1.1.2#253b3ac982b2d09d32f5fa5a2011e3c36bcbed1e"
+
+[[package]]
+name = "sgx_demangle"
+version = "1.1.2"
+source = "git+https://github.com/apache/incubator-teaclave-sgx-sdk.git?tag=v1.1.2#253b3ac982b2d09d32f5fa5a2011e3c36bcbed1e"
+
+[[package]]
+name = "sgx_libc"
+version = "1.1.2"
+source = "git+https://github.com/apache/incubator-teaclave-sgx-sdk.git?tag=v1.1.2#253b3ac982b2d09d32f5fa5a2011e3c36bcbed1e"
+dependencies = [
+ "sgx_types",
+]
+
+[[package]]
+name = "sgx_tprotected_fs"
+version = "1.1.2"
+source = "git+https://github.com/apache/incubator-teaclave-sgx-sdk.git?tag=v1.1.2#253b3ac982b2d09d32f5fa5a2011e3c36bcbed1e"
+dependencies = [
+ "sgx_trts",
+ "sgx_types",
+]
+
+[[package]]
+name = "sgx_trts"
+version = "1.1.2"
+source = "git+https://github.com/apache/incubator-teaclave-sgx-sdk.git?tag=v1.1.2#253b3ac982b2d09d32f5fa5a2011e3c36bcbed1e"
+dependencies = [
+ "sgx_libc",
+ "sgx_types",
+]
+
+[[package]]
+name = "sgx_tse"
+version = "1.1.2"
+source = "git+https://github.com/apache/incubator-teaclave-sgx-sdk.git?tag=v1.1.2#253b3ac982b2d09d32f5fa5a2011e3c36bcbed1e"
+dependencies = [
+ "sgx_types",
+]
+
+[[package]]
+name = "sgx_tstd"
+version = "1.1.2"
+source = "git+https://github.com/apache/incubator-teaclave-sgx-sdk.git?tag=v1.1.2#253b3ac982b2d09d32f5fa5a2011e3c36bcbed1e"
+dependencies = [
+ "hashbrown_tstd",
+ "sgx_alloc",
+ "sgx_backtrace_sys",
+ "sgx_demangle",
+ "sgx_libc",
+ "sgx_tprotected_fs",
+ "sgx_trts",
+ "sgx_types",
+ "sgx_unwind",
+]
+
+[[package]]
+name = "sgx_types"
+version = "1.1.2"
+source = "git+https://github.com/apache/incubator-teaclave-sgx-sdk.git?tag=v1.1.2#253b3ac982b2d09d32f5fa5a2011e3c36bcbed1e"
+
+[[package]]
+name = "sgx_unwind"
+version = "0.1.1"
+source = "git+https://github.com/apache/incubator-teaclave-sgx-sdk.git?tag=v1.1.2#253b3ac982b2d09d32f5fa5a2011e3c36bcbed1e"
+dependencies = [
+ "sgx_build_helper",
+]
+
+[[package]]
+name = "teaclave-sgx-sdk-docs"
+version = "0.1.0"
+dependencies = [
+ "sgx_trts",
+ "sgx_tse",
+ "sgx_tstd",
+]
diff --git a/sgx-sdk-docs/Cargo.toml b/sgx-sdk-api-docs/Cargo.toml
similarity index 100%
rename from sgx-sdk-docs/Cargo.toml
rename to sgx-sdk-api-docs/Cargo.toml
diff --git a/sgx-sdk-docs/lib.rs b/sgx-sdk-api-docs/lib.rs
similarity index 100%
rename from sgx-sdk-docs/lib.rs
rename to sgx-sdk-api-docs/lib.rs
diff --git a/site/.vuepress/config.js b/site/.vuepress/config.js
index 505547b..bc0b7e8 100644
--- a/site/.vuepress/config.js
+++ b/site/.vuepress/config.js
@@ -25,10 +25,10 @@ module.exports = {
{
text: 'API Docs',
items: [
- { text: 'Teaclave Client SDK (Python)', link: 'https://teaclave.apache.org/docs/client-sdk-python/', target: '_self', rel: '' },
- { text: 'Teaclave SGX SDK', link: 'https://teaclave.apache.org/docs/sgx-sdk/', target: '_self', rel: '' },
- { text: 'Crates in Teaclave (Enclave)', link: 'https://teaclave.apache.org/docs/crates-enclave/', target: '_self', rel: '' },
- { text: 'Crates in Teaclave (App)', link: 'https://teaclave.apache.org/docs/crates-app/', target: '_self', rel: '' },
+ { text: 'Teaclave Client SDK (Python)', link: 'https://teaclave.apache.org/api-docs/client-sdk-python/', target: '_self', rel: '' },
+ { text: 'Teaclave SGX SDK', link: 'https://teaclave.apache.org/api-docs/sgx-sdk/', target: '_self', rel: '' },
+ { text: 'Crates in Teaclave (Enclave)', link: 'https://teaclave.apache.org/api-docs/crates-enclave/', target: '_self', rel: '' },
+ { text: 'Crates in Teaclave (App)', link: 'https://teaclave.apache.org/api-docs/crates-app/', target: '_self', rel: '' },
]
},
{
@@ -118,13 +118,13 @@ module.exports = {
],
},
],
- '/sgx-sdk-docs/': [
+ '/teaclave-sgx-sdk/documents/': [
{
title: 'Security',
collapsable: false,
sidebarDepth: 0,
children: [
- '/sgx-sdk-docs/everything-about-cve-2020-5499',
+ '/teaclave-sgx-sdk/documents/everything-about-cve-2020-5499',
],
},
]
diff --git a/site/Makefile b/site/Makefile
index 424ba2a..9ff1b1f 100644
--- a/site/Makefile
+++ b/site/Makefile
@@ -6,32 +6,34 @@ staging: build
site: build
ghp-import .vuepress/dist -b asf-site
-sgx-sdk-docs: teaclave-docs
- cd ../sgx-sdk-docs && cargo doc
- cp -r ../sgx-sdk-docs/target/doc .vuepress/dist/docs/sgx-sdk
- @echo "<meta http-equiv=refresh content=0;url=`echo sgx_tstd | cut -d '/' -f 2`/index.html>" > .vuepress/dist/docs/sgx-sdk/index.html
+sgx-sdk-api-docs: teaclave-docs
+ cd ../sgx-sdk-api-docs && cargo doc
+ cp -r ../sgx-sdk-api-docs/target/doc .vuepress/dist/api-docs/sgx-sdk
+ @echo "<meta http-equiv=refresh content=0;url=`echo sgx_tstd | cut -d '/' -f 2`/index.html>" > .vuepress/dist/api-docs/sgx-sdk/index.html
client-sdk-python-docs: teaclave-docs
- pdoc teaclave/sdk/python/teaclave.py -o .vuepress/dist/docs/client-sdk-python --html
- @echo "<meta http-equiv=refresh content=0;url=teaclave.html>" > .vuepress/dist/docs/client-sdk-python/index.html
+ pdoc teaclave/sdk/python/teaclave.py -o .vuepress/dist/api-docs/client-sdk-python --html
+ @echo "<meta http-equiv=refresh content=0;url=teaclave.html>" > .vuepress/dist/api-docs/client-sdk-python/index.html
crate-docs:
- cp ${TEACLAVE_TARGET_DIR}/trusted/doc .vuepress/dist/docs/crates-enclave -r
- cp ${TEACLAVE_TARGET_DIR}/untrusted/doc .vuepress/dist/docs/crates-app -r
+ cp ${TEACLAVE_TARGET_DIR}/trusted/doc .vuepress/dist/api-docs/crates-enclave -r
+ cp ${TEACLAVE_TARGET_DIR}/untrusted/doc .vuepress/dist/api-docs/crates-app -r
teaclave-docs:
git clone https://github.com/apache/incubator-teaclave.git teaclave || cd teaclave && git pull
+ git clone https://github.com/apache/incubator-teaclave-sgx-sdk.git teaclave-sgx-sdk || cd teaclave-sgx-sdk && git pull
vuepress build
dev:
git clone https://github.com/apache/incubator-teaclave.git teaclave || cd teaclave && git pull
+ git clone https://github.com/apache/incubator-teaclave-sgx-sdk.git teaclave-sgx-sdk || cd teaclave-sgx-sdk && git pull
vuepress dev
preview:
cd .vuepress/dist && python3 -m http.server
-build: teaclave-docs sgx-sdk-docs client-sdk-python-docs crate-docs
+build: teaclave-docs sgx-sdk-api-docs client-sdk-python-docs crate-docs
cp ../.asf.yaml .vuepress/dist
clean:
- rm -rf .vuepress/dist teaclave
+ rm -rf .vuepress/dist teaclave teaclave-sgx-sdk
diff --git a/site/api-docs/README.md b/site/api-docs/README.md
new file mode 100644
index 0000000..73c5021
--- /dev/null
+++ b/site/api-docs/README.md
@@ -0,0 +1,5 @@
+---
+permalink: /api-docs
+---
+
+# Teaclave API Documentation
diff --git a/site/sgx-sdk-docs/README.md b/site/sgx-sdk-docs/README.md
deleted file mode 100644
index 9b67397..0000000
--- a/site/sgx-sdk-docs/README.md
+++ /dev/null
@@ -1,9 +0,0 @@
----
-permalink: /sgx-sdk-docs
----
-
-# Teaclave SGX SDK Documentation
-
-## Security
-
-* [Everything about CVE-2020-5499](/sgx-sdk-docs/everything-about-cve-2020-5499/)
diff --git a/site/sgx-sdk-docs/everything-about-cve-2020-5499.md b/site/sgx-sdk-docs/everything-about-cve-2020-5499.md
deleted file mode 100644
index 1d6c815..0000000
--- a/site/sgx-sdk-docs/everything-about-cve-2020-5499.md
+++ /dev/null
@@ -1,68 +0,0 @@
----
-permalink: /sgx-sdk-docs/everything-about-cve-2020-5499
----
-
-# Everything about CVE-2020-5499
-
-## The Story
-
-[CVE-2020-5499](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5499)
-reported an enclave ID racing problem. We received the report on Nov 1st, 2019
-and fixed it on Nov 5th, 2019 with commit
-[f29f4e71896589908cd4b43ed70a623a81eda0e5](https://github.com/apache/incubator-teaclave-sgx-sdk/commit/f29f4e71896589908cd4b43ed70a623a81eda0e5).
-
-## Analysis and Fix
-
-The global data "enclave ID" was designed to hold the eid of the enclave
-instance, and to be used for later provided `thread::spawn` feature. In v1.0.8,
-we didn't have `thread::spawn`. So the data racing is true, but it can hardly
-harm the enclave.
-
-To be more clear, let's look at the patch:
-
-```diff
-diff --git a/sgx_tstd/src/rt.rs b/sgx_tstd/src/rt.rs
-index fcfd0a42..3f738a53 100644
---- a/sgx_tstd/src/rt.rs
-+++ b/sgx_tstd/src/rt.rs
-@@ -36,6 +36,9 @@ use core::str;
- pub use crate::panicking::{begin_panic, begin_panic_fmt, update_panic_count};
- pub use crate::sys_common::at_exit;
- use crate::sys_common::cleanup;
-+use crate::sync::Once;
-+
-+static INIT: Once = Once::new();
-
- #[no_mangle]
- pub extern "C" fn t_global_exit_ecall() {
-@@ -43,13 +46,14 @@ pub extern "C" fn t_global_exit_ecall() {
-
- #[no_mangle]
- pub extern "C" fn t_global_init_ecall(id: u64, path: * const u8, len: usize) {
--
-- enclave::set_enclave_id(id as sgx_enclave_id_t);
-- let s = unsafe {
-- let str_slice = slice::from_raw_parts(path, len);
-- str::from_utf8_unchecked(str_slice)
-- };
-- enclave::set_enclave_path(s);
-+ INIT.call_once(|| {
-+ enclave::set_enclave_id(id as sgx_enclave_id_t);
-+ let s = unsafe {
-+ let str_slice = slice::from_raw_parts(path, len);
-+ str::from_utf8_unchecked(str_slice)
-+ };
-+ enclave::set_enclave_path(s);
-+ });
- }
-
- global_dtors_object! {
-```
-
-Basically, the initiation here should be an atomic operation. To be more safe,
-we marked it as `Once`, which means that it can only be triggered once.
-
-Overall, we think the threat is subtle. One of the necessary condition is that
-the enclave should be started with an undocumented feature of urts:
-`global_init`. Also the enclave should depend on enclave ID on critical paths.
-It's really rare.
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@teaclave.apache.org
For additional commands, e-mail: commits-help@teaclave.apache.org