Skip to content

Latest commit

 

History

History
59 lines (56 loc) · 4.05 KB

LibcSupport.md

File metadata and controls

59 lines (56 loc) · 4.05 KB

Open Enclave Support for libc

Header Supported Comments
assert.h Yes -
complex.h Partial Unsupported functions: cacos(), cacosh(), cacoshl(), cacosl(), casin(), casinh(), casinhl(), casinl(), csqrt(), csqrtl(), cpow(), cpowf(), cpowl()
ctype.h Partial Only basic support for C/POSIX locale.
errno.h Yes -
execinfo.h Partial Supported functions: backtrace(), backtrace_symbols().
Enclaves must be compiled with -fno-omit-frame-pointer for accurate backtraces.
fenv.h Yes -
float.h Yes -
inttypes.h Yes -
iso646.h Yes -
limits.h Yes -
locale.h Partial Only basic support for C/POSIX locale
malloc.h Partial -
math.h Partial Unsupported functions: fmal(), tgamma()
setjmp.h Yes -
signal.h No -
stdalign.h No -
stdarg.h Yes -
stdatomic.h No -
socket.h Partial Functions implicitly call out to untrusted host. Full support available on Linux hosts. Partial support available on Windows hosts.
stdbool.h Yes -
stddef.h Yes -
stdint.h Yes -
stdio.h Partial All I/O functions implicitly call out to untrusted host.
Supported functions: snprintf(), sscanf(), vfscanf()*, vsnprintf(), vsscanf(), sprintf(), vsprintf(), puts(), putchar(), vprintf(), printf(), fprintf()*, getc()*, ungetc()*, fwrite()*, fflush()*, fputs()*, fputc()*
* Only has support for the streams stderr and stdout, and does not set ferror
stdlib.h Yes -
stdnoreturn.h No -
string.h Partial Only basic support for C/POSIX locale.
tgmath.h Partial Unsupported functions: fmal(), scalbn(), scalbnf(), scalbnl(), tgamma()
pthread.h Partial Synchronization primitives are not secure across calls to host. Threads are still scheduled by the untrusted host process and an enclave cannot rely on threads making forward progress.
Supported functions:
- General: pthread_self(), pthread_equal(), pthread_once()
- Spinlock: pthread_spin_init(), pthread_spin_lock(), pthread_spin_unlock(), pthread_spin_destroy()
- Mutex: pthread_mutexattr_init(), pthread_mutexattr_settype(), pthread_mutexattr_destroy(), pthread_mutex_init(), pthread_mutex_lock(), pthread_mutex_trylock(), pthread_mutex_unlock(), pthread_mutex_destroy()
- RW Lock: pthread_rwlock_init(), pthread_rwlock_rdlock(), pthread_rwlock_wrlock(), pthread_rwlock_unlock(), pthread_rwlock_destroy()
- Cond: pthread_cond_init(), pthread_cond_wait(), pthread_cond_timedwait(), pthread_cond_signal(), pthread_cond_broadcast(), pthread_cond_destroy()
- Thread local storage: pthread_key_create(), pthread_key_delete(), pthread_setspecific(), pthread_getspecific()
threads.h No -
time.h Partial All time functions implicitly call out to untrusted host for time values. The resulting time values should not be used for security purposes.
Supported functions: time(), gettimeofday(), clock_gettime(), nanosleep(). Please note that clock_gettime() only supports CLOCK_REALTIME
uchar.h Yes -
wchar.h Partial Only basic support for C/POSIX locale.
Unsupported functions:
- All I/O (e.g. swprintf())
- All multi-byte & wide string conversions (e.g. mbrtowc())
wctype.h Yes -

<socket.h>

Function OCall Linux Support Windows Support Comments
accept Yes Yes Yes -
bind Yes Yes Yes -
connect Yes Yes Yes -
getpeername Yes Yes Yes -
getsockname Yes Yes Yes -
getsockopt Yes Yes Partial Only socket-level options are supported on Windows.
listen Yes Yes Yes -
recv Yes Yes Yes -
recvfrom Yes Yes Yes -
recvmsg Yes Yes No -
send Yes Yes Yes -
sendmsg Yes Yes No -
sendto Yes Yes Yes -
setsockopt Yes Yes Partial Only socket-level options are supported on Windows.
shutdown Yes Yes Yes -
socket Yes Yes Yes -
socketpair Yes Yes No -