This is an automated email from the ASF dual-hosted git repository.
rduan pushed a commit to branch v2.0.0-preview
in repository https://gitbox.apache.org/repos/asf/incubator-teaclave-sgx-sdk.git
The following commit(s) were added to refs/heads/v2.0.0-preview by this push:
new 9903639b Fix memory alignment issue when calling SGX instruction
9903639b is described below
commit 9903639b9efed50b28c0b2b7598d3c1eb17043c6
Author: volcano <[email protected]>
AuthorDate: Mon Sep 19 19:52:13 2022 +0800
Fix memory alignment issue when calling SGX instruction
---
sgx_trts/src/edmm/epc.rs | 4 +-
sgx_trts/src/inst/hw/inst.rs | 85 +++++++++++++++--------------------------
sgx_trts/src/inst/hyper/inst.rs | 4 +-
sgx_trts/src/inst/sim/inst.rs | 4 +-
sgx_tseal/src/internal.rs | 2 +-
5 files changed, 38 insertions(+), 61 deletions(-)
diff --git a/sgx_trts/src/edmm/epc.rs b/sgx_trts/src/edmm/epc.rs
index 9d806882..446ecec8 100644
--- a/sgx_trts/src/edmm/epc.rs
+++ b/sgx_trts/src/edmm/epc.rs
@@ -205,11 +205,11 @@ impl Page {
pub fn accept(&self) -> SgxResult {
let secinfo: Secinfo = self.info.into();
- EncluInst::eaccept(self.addr, &secinfo).map_err(|_|
SgxStatus::Unexpected)
+ EncluInst::eaccept(&secinfo, self.addr).map_err(|_|
SgxStatus::Unexpected)
}
pub fn modpe(&self) -> SgxResult {
let secinfo: Secinfo = self.info.into();
- EncluInst::emodpe(self.addr, &secinfo).map_err(|_|
SgxStatus::Unexpected)
+ EncluInst::emodpe(&secinfo, self.addr).map_err(|_|
SgxStatus::Unexpected)
}
}
diff --git a/sgx_trts/src/inst/hw/inst.rs b/sgx_trts/src/inst/hw/inst.rs
index 74a80e81..c5264f2b 100644
--- a/sgx_trts/src/inst/hw/inst.rs
+++ b/sgx_trts/src/inst/hw/inst.rs
@@ -28,23 +28,15 @@ impl EncluInst {
pub fn ereport(ti: &AlignTargetInfo, rd: &AlignReportData) ->
Result<AlignReport, u32> {
unsafe {
let mut report = MaybeUninit::uninit();
- asm!("
- push rbx
- push rcx
- push rdx
-
- mov rbx, {ti}
- mov rcx, {rd}
- mov rdx, {report_ptr}
- enclu
-
- pop rdx
- pop rcx
- pop rbx",
- ti = in(reg) ti,
- rd = in(reg) rd,
- report_ptr = in(reg) report.as_mut_ptr(),
+ asm!(
+ "xchg rbx, {0}",
+ "enclu",
+ "mov rbx, {0}",
+ inout(reg) ti => _,
in("eax") Enclu::EReport as u32,
+ in("rcx") rd,
+ in("rdx") report.as_mut_ptr(),
+ options(preserves_flags, nostack),
);
Ok(report.assume_init())
}
@@ -66,19 +58,14 @@ impl EncluInst {
unsafe {
let mut key = MaybeUninit::uninit();
let error;
- asm!("
- push rbx
- push rcx
-
- mov rbx, {kr}
- mov rcx, {key_ptr}
- enclu
-
- pop rcx
- pop rbx",
- kr = in(reg) kr,
- key_ptr = in(reg) key.as_mut_ptr(),
+ asm!(
+ "xchg rbx, {0}",
+ "enclu",
+ "mov rbx, {0}",
+ inout(reg) kr => _,
inlateout("eax") Enclu::EGetkey as u32 => error,
+ in("rcx") key.as_mut_ptr(),
+ options(nostack),
);
if error == 0 {
Ok(key.assume_init())
@@ -88,22 +75,17 @@ impl EncluInst {
}
}
- pub fn eaccept(addr: usize, info: &Secinfo) -> Result<(), u32> {
+ pub fn eaccept(info: &Secinfo, addr: usize) -> Result<(), u32> {
unsafe {
let error;
- asm!("
- push rbx
- push rcx
-
- mov rbx, {info}
- mov rcx, {addr}
- enclu
-
- pop rcx
- pop rbx",
- info = in(reg) info,
- addr = in(reg) addr,
+ asm!(
+ "xchg rbx, {0}",
+ "enclu",
+ "mov rbx, {0}",
+ inout(reg) info => _,
inlateout("eax") Enclu::EAccept as u32 => error,
+ in("rcx") addr,
+ options(nostack),
);
match error {
0 => Ok(()),
@@ -112,21 +94,16 @@ impl EncluInst {
}
}
- pub fn emodpe(addr: usize, info: &Secinfo) -> Result<(), u32> {
+ pub fn emodpe(info: &Secinfo, addr: usize) -> Result<(), u32> {
unsafe {
- asm!("
- push rbx
- push rcx
-
- mov rbx, {info}
- mov rcx, {addr}
- enclu
-
- pop rcx
- pop rbx",
- info = in(reg) info,
- addr = in(reg) addr,
+ asm!(
+ "xchg rbx, {0}",
+ "enclu",
+ "mov rbx, {0}",
+ inout(reg) info => _,
in("eax") Enclu::EModpe as u32,
+ in("rcx") addr,
+ options(preserves_flags, nostack),
);
Ok(())
}
diff --git a/sgx_trts/src/inst/hyper/inst.rs b/sgx_trts/src/inst/hyper/inst.rs
index 2453b22a..16d577f0 100644
--- a/sgx_trts/src/inst/hyper/inst.rs
+++ b/sgx_trts/src/inst/hyper/inst.rs
@@ -106,12 +106,12 @@ impl EncluInst {
}
#[inline]
- pub fn eaccept(_addr: usize, _info: &Secinfo) -> Result<(), u32> {
+ pub fn eaccept(_info: &Secinfo, _addr: usize) -> Result<(), u32> {
Ok(())
}
#[inline]
- pub fn emodpe(_addr: usize, _info: &Secinfo) -> Result<(), u32> {
+ pub fn emodpe(_info: &Secinfo, _addr: usize) -> Result<(), u32> {
Ok(())
}
}
diff --git a/sgx_trts/src/inst/sim/inst.rs b/sgx_trts/src/inst/sim/inst.rs
index a0a94112..69464dd8 100644
--- a/sgx_trts/src/inst/sim/inst.rs
+++ b/sgx_trts/src/inst/sim/inst.rs
@@ -320,12 +320,12 @@ impl EncluInst {
}
#[inline]
- pub fn eaccept(_addr: usize, _info: &Secinfo) -> Result<(), u32> {
+ pub fn eaccept(_info: &Secinfo, _addr: usize) -> Result<(), u32> {
Ok(())
}
#[inline]
- pub fn emodpe(_addr: usize, _info: &Secinfo) -> Result<(), u32> {
+ pub fn emodpe(_info: &Secinfo, _addr: usize) -> Result<(), u32> {
Ok(())
}
diff --git a/sgx_tseal/src/internal.rs b/sgx_tseal/src/internal.rs
index a51233f4..82975fe2 100644
--- a/sgx_tseal/src/internal.rs
+++ b/sgx_tseal/src/internal.rs
@@ -191,7 +191,7 @@ impl InnerSealedData {
.flags
.intersects(AttributesFlags::KSS)
{
- key_policy = KeyPolicy::MRSIGNER | KeyPolicy::KSS;
+ key_policy |= KeyPolicy::KSS;
}
Self::seal_with_key_policy(
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
