Async usercall interface for SGX enclaves #291
Conversation
|
MIO 0.7 port to SGX using this interface: https://github.com/mzohreva/mio/tree/mz/sgx-port-0.7 |
mzohreva
force-pushed
the
mz/async-usercalls
branch
from
7356b0f
to
c05aae4
Compare
| @@ -0,0 +1,168 @@ | |||
| //! this file contains code duplicated from libstd's sys/sgx | |||
There was a problem hiding this comment.
Can you think of a logical division of the code in this PR between std and an external crate that reduces duplication?
There was a problem hiding this comment.
I think these parts can live in std:
- Most of the allocator (except
io_bufs.rs) callback.rswhich is the main user of the duplicated code
mzohreva
force-pushed
the
mz/cancel_queue
branch
from
c37d9ac
to
95b558e
Compare
mzohreva
force-pushed
the
mz/async-usercalls
branch
from
f4a9544
to
34340f5
Compare
mzohreva
force-pushed
the
mz/cancel_queue
branch
from
95b558e
to
57b0325
Compare
mzohreva
force-pushed
the
mz/async-usercalls
branch
from
34340f5
to
e7d7cd9
Compare
mzohreva
force-pushed
the
mz/cancel_queue
branch
from
e741386
to
2639806
Compare
mzohreva
force-pushed
the
mz/async-usercalls
branch
from
e7d7cd9
to
77ab85a
Compare
mzohreva
force-pushed
the
mz/async-usercalls
branch
2 times, most recently
from
6d52998
to
e381dca
Compare
…ulacrum Add Metadata in std::os::fortanix_sgx::io::FromRawFd Needed for fortanix/rust-sgx#291 cc `@jethrogb`
…acrum Add Metadata in std::os::fortanix_sgx::io::FromRawFd Needed for fortanix/rust-sgx#291 cc `@jethrogb`
| ref range, | ||
| } => &mut user[range.start..range.end], | ||
| UserBufKind::Shared { ref user, ref range } => { | ||
| let user = unsafe { &mut *user.get() }; |
There was a problem hiding this comment.
Why is this safe? Aren't there multiple references to this UnsafeCell?
There was a problem hiding this comment.
There is exactly one way to construct this variant of UserBufKind and that's through WriteBuffer::consumable_chunk() which ensures there is at most 1 instance of this at a time. The other reference is inside the WriteBuffer which will not access the range specified here.
| /// running in the enclave while a portion of it can be passed to a `write` | ||
| /// usercall running concurrently. It ensures that enclave code does not write | ||
| /// to the portion sent to userspace. | ||
| pub struct WriteBuffer { |
There was a problem hiding this comment.
It's used in my MIO implementation.
mzohreva
force-pushed
the
mz/async-usercalls
branch
from
7ae56e2
to
06f6667
Compare
|
The PR looks good to me. When the other conversations have been resolved, I'll accept. |
mzohreva
force-pushed
the
mz/cancel_queue
branch
from
2639806
to
4908696
Compare
mzohreva
force-pushed
the
mz/async-usercalls
branch
from
06f6667
to
de6b5f3
Compare
|
I've cherry-picked the commit in #336 to unblock a compiler update. Will need to create a branch preserving this history before rebase/merge. |
|
I'm curious why this branch has not been merged. Did async support already land some other way? |
|
@kaimast Not really there yet. I think async IO is inaccessible so far. I don't think they are going to pursue full async support anymore. |
|
We are still planning to add async support. I have no concrete timeline yet. |
`UsercallEvent::Start` was being sent in `fn handle_usercall`, which is too late. It needs to be sent before we receive the next usercall from the enclave so we can maintain the invariant that "we only need to keep track of cancels received before the actual usercall if the read position has not moved past the write position when cancel was received."
400: Rust nightly compatibility r=jethrogb a=raoulstrackx The `mz/async-usercalls` is a rather old branch that hasn't been kept up to date with the latest Rust nightly compilers. This PR corrects this situation by backporting many of the changes already on master. Co-authored-by: Raoul Strackx <raoul.strackx@fortanix.com>
432: Enable `enclave_loader()` fallback to libsgx_enclave_common.so.1 r=Taowyoo a=raoulstrackx The `aesmd` service depends on a `dcap_quoteprov.so` library (the DCAP provider) to aid in DCAP attestations. For it to work correctly, it may need to (recursively) request a DCAP attestation itself. For that a `dcap-ql::enclave_loader` call is required. Unfortunately, when this happens as part of the `aesmd` service, `Dl::this()` returns `/opt/intel/sgx-aesm-service/aesm/aesm_service`. This leads to an error as the expected symbols can't be located. This PR adds a fallback to the `libsgx_enclave_common.so.1` library (or `sgx_enclave_common.dll` on windows). Co-authored-by: Raoul Strackx <raoul.strackx@fortanix.com> Co-authored-by: Yuxiang Cao <yuxiang.cao@fortanix.com>
|
Close this since this is done by #515 |
No description provided.