Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Async usercall interface for SGX enclaves #291

Closed
wants to merge 26 commits into from

Conversation

mzohreva
Copy link
Contributor

@mzohreva mzohreva commented Oct 2, 2020

No description provided.

@mzohreva mzohreva requested a review from jethrogb October 2, 2020 18:40
@mzohreva
Copy link
Contributor Author

mzohreva commented Oct 2, 2020

MIO 0.7 port to SGX using this interface: https://github.com/mzohreva/mio/tree/mz/sgx-port-0.7

@mzohreva mzohreva force-pushed the mz/async-usercalls branch from 7356b0f to c05aae4 Compare October 5, 2020 20:20
@mzohreva mzohreva requested a review from jseyfried October 6, 2020 17:14
async-usercalls/src/lib.rs Outdated Show resolved Hide resolved
async-usercalls/src/hacks/unsafe_typecasts.rs Show resolved Hide resolved
async-usercalls/src/alloc/mod.rs Outdated Show resolved Hide resolved
async-usercalls/src/lib.rs Outdated Show resolved Hide resolved
async-usercalls/src/provider_core.rs Show resolved Hide resolved
@@ -0,0 +1,168 @@
//! this file contains code duplicated from libstd's sys/sgx
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you think of a logical division of the code in this PR between std and an external crate that reduces duplication?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think these parts can live in std:

  • Most of the allocator (except io_bufs.rs)
  • callback.rs which is the main user of the duplicated code

@jethrogb jethrogb mentioned this pull request Nov 5, 2020
4 tasks
@mzohreva mzohreva force-pushed the mz/async-usercalls branch 2 times, most recently from 6d52998 to e381dca Compare November 21, 2020 02:24
Dylan-DPC-zz pushed a commit to Dylan-DPC-zz/rust that referenced this pull request Nov 24, 2020
…ulacrum

Add Metadata in std::os::fortanix_sgx::io::FromRawFd

Needed for fortanix/rust-sgx#291

cc `@jethrogb`
bors added a commit to rust-lang-ci/rust that referenced this pull request Nov 24, 2020
…acrum

Add Metadata in std::os::fortanix_sgx::io::FromRawFd

Needed for fortanix/rust-sgx#291

cc `@jethrogb`
async-usercalls/Cargo.toml Outdated Show resolved Hide resolved
async-usercalls/src/batch_drop.rs Outdated Show resolved Hide resolved
async-usercalls/src/callback.rs Outdated Show resolved Hide resolved
ref range,
} => &mut user[range.start..range.end],
UserBufKind::Shared { ref user, ref range } => {
let user = unsafe { &mut *user.get() };
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why is this safe? Aren't there multiple references to this UnsafeCell?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There is exactly one way to construct this variant of UserBufKind and that's through WriteBuffer::consumable_chunk() which ensures there is at most 1 instance of this at a time. The other reference is inside the WriteBuffer which will not access the range specified here.

/// running in the enclave while a portion of it can be passed to a `write`
/// usercall running concurrently. It ensures that enclave code does not write
/// to the portion sent to userspace.
pub struct WriteBuffer {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Where/how is this used?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's used in my MIO implementation.

async-usercalls/rustfmt.toml Outdated Show resolved Hide resolved
async-usercalls/src/lib.rs Outdated Show resolved Hide resolved
async-usercalls/src/lib.rs Outdated Show resolved Hide resolved
async-usercalls/src/lib.rs Outdated Show resolved Hide resolved
async-usercalls/src/queues.rs Outdated Show resolved Hide resolved
async-usercalls/src/queues.rs Show resolved Hide resolved
async-usercalls/src/queues.rs Outdated Show resolved Hide resolved
async-usercalls/src/queues.rs Outdated Show resolved Hide resolved
async-usercalls/src/tests.rs Outdated Show resolved Hide resolved
async-usercalls/src/io_bufs.rs Show resolved Hide resolved
@raoulstrackx
Copy link
Contributor

The PR looks good to me. When the other conversations have been resolved, I'll accept.

@mzohreva
Copy link
Contributor Author

I've cherry-picked the commit in #336 to unblock a compiler update. Will need to create a branch preserving this history before rebase/merge.

@kaimast
Copy link

kaimast commented Oct 3, 2021

I'm curious why this branch has not been merged. Did async support already land some other way?

@dingxiangfei2009
Copy link

dingxiangfei2009 commented Oct 12, 2021

@kaimast Not really there yet. I think async IO is inaccessible so far. I don't think they are going to pursue full async support anymore.

@alexanderheuts
Copy link

We are still planning to add async support. I have no concrete timeline yet.

mzohreva and others added 10 commits October 18, 2021 18:37
`UsercallEvent::Start` was being sent in `fn handle_usercall`,
which is too late. It needs to be sent before we receive the next
usercall from the enclave so we can maintain the invariant that
"we only need to keep track of cancels received before the actual
usercall if the read position has not moved past the write position
when cancel was received."
393: [PLAT-896] Verify fifo descriptor pointers r=jethrogb a=raoulstrackx

Some checks are missing when allocating and processing `FifoDescriptor`

Co-authored-by: Raoul Strackx <raoul.strackx@fortanix.com>
398: [PLAT-838] Refactor `ipc_queue` backport r=jethrogb a=raoulstrackx

Backports #396

Co-authored-by: Raoul Strackx <raoul.strackx@fortanix.com>
400: Rust nightly compatibility r=jethrogb a=raoulstrackx

The `mz/async-usercalls` is a rather old branch that hasn't been kept up to date with the latest Rust nightly compilers. This PR corrects this situation by backporting many of the changes already on master.

Co-authored-by: Raoul Strackx <raoul.strackx@fortanix.com>
raoulstrackx and others added 3 commits February 3, 2023 09:50
432: Enable `enclave_loader()` fallback to libsgx_enclave_common.so.1 r=Taowyoo a=raoulstrackx

The `aesmd` service depends on a `dcap_quoteprov.so` library (the DCAP provider) to aid in DCAP attestations. For it to work correctly, it may need to (recursively) request a DCAP attestation itself. For that a `dcap-ql::enclave_loader` call is required. Unfortunately, when this happens as part of the `aesmd` service, `Dl::this()` returns `/opt/intel/sgx-aesm-service/aesm/aesm_service`. This leads to an error as the expected symbols can't be located. This PR adds a fallback to the `libsgx_enclave_common.so.1` library (or `sgx_enclave_common.dll` on windows).

Co-authored-by: Raoul Strackx <raoul.strackx@fortanix.com>
Co-authored-by: Yuxiang Cao <yuxiang.cao@fortanix.com>
@Taowyoo
Copy link
Collaborator

Taowyoo commented Apr 13, 2024

Close this since this is done by #515

@Taowyoo Taowyoo closed this Apr 13, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

7 participants