> Hi, I found that you introduce some ocalls to help your porting: > > ``` > void ocall_print_error([in, string] const char *str); > void ocall_print_string([in, string] const char *str); > void ocall_println_string([in, string] const char *str); > > int ocall_lstat([in, string] const char *path, [in, out, size=size] > struct stat *buf, size_t size) propagate_errno; > int ocall_stat([in, string] const char *path, [in, out, size=size] > struct stat *buf, size_t size); > int ocall_fstat(int fd, [in, out, size=size] struct stat* buf, size_t > size); > int ocall_ftruncate(int fd, off_t length); > > char* ocall_getcwd([out, size=size] char *buf, size_t size) > propagate_errno; > int ocall_getpid(void); > int ocall_getuid(void); > char* ocall_getenv([in, string] const char *name); > > int ocall_open64([in, string] const char *filename, int flags, mode_t > mode); > int ocall_close(int fd); > off_t ocall_lseek64(int fd, off_t offset, int whence) propagate_errno; > int ocall_read(int fd, [out, size=count] void *buf, size_t count) > propagate_errno; > int ocall_write(int fd, [in, size=count] const void *buf, size_t > count) propagate_errno; > int ocall_fsync(int fd); > int ocall_fcntl(int fd, int cmd, [in, size=size] void* arg, size_t > size) propagate_errno; > int ocall_unlink([in, string] const char *pathname); > int ocall_fchmod(int fd, mode_t mode); > int ocall_fchown(int fd, uid_t owner, gid_t group); > ``` > > Seems like you miss something of the threat model we face in SGX. When you > use `ocall_write` to write data into the disk, it's still plaintext. There is > no integrity and confidentiality for the database implementation. > > If we want to provide a sample code of database in SGX, we need to rethink > the interfaces between trusted and untrusted world. For file IO, we should > consider using protected FS. For other unrelated APIs, we can remove them. We > already have a level-db implementation in the Teaclave platform: > https://github.com/apache/incubator-teaclave/tree/master/common.
Thanks for your quick response! Yes, indeed you are right, I used several ocall for resolving and proxy syscall inside enclave. And yes, thank you for noticing my comments for the untrusted ocall of file io in the README file! Do you have any suggestions on how you would like me to proceed? I think I could replace file io with protected-fs. Or do you have any other thoughts? Thanks for your comments again! -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/apache/incubator-teaclave-sgx-sdk/pull/274#issuecomment-713261609
