Re: [apache/incubator-teaclave-sgx-sdk] Sqlite3 Port (#274)

Tue, 20 Oct 2020 17:21:32 -0700 

Hi, I found that you introduce some ocalls to help your porting:

```
        void ocall_print_error([in, string] const char *str);
        void ocall_print_string([in, string] const char *str);
        void ocall_println_string([in, string] const char *str);

        int ocall_lstat([in, string] const char *path, [in, out, size=size] 
struct stat *buf, size_t size) propagate_errno;
        int ocall_stat([in, string] const char *path, [in, out, size=size] 
struct stat *buf, size_t size);
        int ocall_fstat(int fd, [in, out, size=size] struct stat* buf, size_t 
size);
        int ocall_ftruncate(int fd, off_t length);

        char* ocall_getcwd([out, size=size] char *buf, size_t size) 
propagate_errno;
        int ocall_getpid(void);
        int ocall_getuid(void);
        char* ocall_getenv([in, string] const char *name);

        int ocall_open64([in, string] const char *filename, int flags, mode_t 
mode);
        int ocall_close(int fd);
        off_t ocall_lseek64(int fd, off_t offset, int whence) propagate_errno;
        int ocall_read(int fd, [out, size=count] void *buf, size_t count) 
propagate_errno;
        int ocall_write(int fd, [in, size=count] const void *buf, size_t count) 
propagate_errno;
        int ocall_fsync(int fd);
        int ocall_fcntl(int fd, int cmd, [in, size=size] void* arg, size_t 
size) propagate_errno;
        int ocall_unlink([in, string] const char *pathname);
        int ocall_fchmod(int fd, mode_t mode);
        int ocall_fchown(int fd, uid_t owner, gid_t group);
```

Seems like you miss something of the threat model we face in SGX. When you use 
`ocall_write` to write data into the disk, it's still plaintext. There is no 
integrity and confidentiality for the database implementation.

If we want to provide a sample code of database in SGX, we need to rethink the 
interfaces between trusted and untrusted world. For file IO, we should consider 
using protected FS. For other unrelated APIs, we can remove them. We already 
have a level-db implementation in the Teaclave platform: 
https://github.com/apache/incubator-teaclave/tree/master/common.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/apache/incubator-teaclave-sgx-sdk/pull/274#issuecomment-713214022

Reply via email to