/
erthost.cpp
280 lines (240 loc) · 7.79 KB
/
erthost.cpp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
// Copyright (c) Edgeless Systems GmbH.
// Licensed under the MIT License.
#include <openenclave/ert_args.h>
#include <openenclave/host.h>
#include <openenclave/internal/trace.h>
#include <openenclave/trace.h>
#include <semaphore.h>
#include <unistd.h>
#include <algorithm>
#include <array>
#include <cassert>
#include <cerrno>
#include <climits>
#include <csignal>
#include <cstdlib>
#include <exception>
#include <iostream>
#include <regex>
#include <stdexcept>
#include <string>
#include <string_view>
#include <system_error>
#include "../../ert/common/final_action.h"
#include "../../ert/host/enclave_thread_manager.h"
#include "../host/sgx/cpuid.h"
#include "emain_u.h"
using namespace std;
using namespace ert;
using namespace open_enclave;
extern "C" char** environ;
static ert_args_t _args;
ert_args_t ert_get_args_ocall()
{
assert(_args.argc > 0);
return _args;
}
static void _init_args(int argc, char* argv[], char* envp[])
{
assert(argc > 0);
assert(argv);
assert(envp);
_args.argc = argc;
_args.argv = argv;
_args.envp = envp;
// count envp elements
while (envp[_args.envc])
++_args.envc;
#ifndef NDEBUG
// initially, envp should be equal to environ
{
int i = 0;
while (environ[i])
++i;
assert(i == _args.envc);
}
#endif
_args.auxv = reinterpret_cast<const long*>(_args.envp + _args.envc + 1);
// count auxv elements
while (_args.auxv[2 * _args.auxc] || _args.auxv[2 * _args.auxc + 1])
++_args.auxc;
// add cwd to env
array<char, PATH_MAX> cwd{};
if (getcwd(cwd.data(), cwd.size()) != cwd.data())
throw system_error(errno, system_category(), "getcwd");
if (setenv("EDG_CWD", cwd.data(), 0) != 0)
throw system_error(errno, system_category(), "setenv");
_args.envp = environ;
++_args.envc;
}
static int run(const char* path, bool simulate)
{
assert(path);
// The semaphore will be unlocked if the program should exit, either because
// the enclave main thread returned or SIGINT occurred. (Semaphore is the
// only synchronization primitive that can be used inside a signal handler.)
static sem_t sem_exit;
if (sem_init(&sem_exit, 0, 0) != 0)
throw system_error(errno, system_category(), "sem_init");
if (simulate)
cout << "[erthost] running in simulation mode\n";
oe_enclave_t* enclave = nullptr;
cout << "[erthost] loading enclave ...\n";
if (oe_create_emain_enclave(
path,
OE_ENCLAVE_TYPE_AUTO,
OE_ENCLAVE_FLAG_DEBUG_AUTO |
(simulate ? OE_ENCLAVE_FLAG_SIMULATE : 0),
nullptr,
0,
&enclave) != OE_OK ||
!enclave)
throw runtime_error("oe_create_enclave failed. (Set OE_SIMULATION=1 "
"for simulation mode.)");
static int return_value = EXIT_FAILURE;
{
const FinalAction terminateEnclave([enclave] {
signal(SIGINT, SIG_DFL);
oe_terminate_enclave(enclave);
});
// SIGPIPE is received, among others, if a socket connection is lost. We
// don't have signal handling inside the enclave yet and most
// applications ignore the signal anyway and directly handle the errors
// returned by the socket functions. Thus, we just ignore it.
signal(SIGPIPE, SIG_IGN);
cout << "[erthost] entering enclave ...\n";
// create enclave main thread
host::EnclaveThreadManager::get_instance().create_thread(
enclave, [](oe_enclave_t* e) {
if (emain(e, &return_value) != OE_OK ||
sem_post(&sem_exit) != 0)
abort();
});
signal(SIGINT, [](int) {
if (sem_post(&sem_exit) != 0)
abort();
});
// wait until either the enclave main thread returned or SIGINT occurred
while (sem_wait(&sem_exit) != 0)
if (errno != EINTR)
throw system_error(errno, system_category(), "sem_wait");
}
return return_value;
}
static void _trim_space(string& str)
{
int (&isspace)(int) = ::isspace; // isspace is overloaded, select the wanted
str.erase(find_if_not(str.rbegin(), str.rend(), isspace).base(), str.end());
str.erase(str.begin(), find_if_not(str.begin(), str.end(), isspace));
}
static void _trim_prefix(string& str, string_view prefix)
{
if (str.compare(0, prefix.size(), prefix) == 0)
str.erase(0, prefix.size());
}
static void _log(
void* /*context*/,
bool is_enclave,
const tm* /*t*/,
long /*usecs*/,
oe_log_level_t level,
uint64_t /*host_thread_id*/,
const char* message)
{
assert(message && *message);
if (level > oe_get_current_logging_level())
return;
const auto level_string = oe_log_level_strings[level];
// split message of the form "log message ... [/path/to/source:func:line]"
static const regex re_message(R"(([^]+) \[(.+):(\w+:\d+)]\n)");
cmatch ma_message;
if (!regex_match(message, ma_message, re_message))
{
// not this form, so just print it
cout << level_string << ": " << message << '\n';
return;
}
string msg = ma_message[1];
string path = ma_message[2];
const auto& func_and_line = ma_message[3];
// strip enclave name
if (is_enclave)
msg.erase(0, msg.find(':') + 1);
// Check if the message contains the same OE error value as the last one.
// This is a heuristic, but should be good enough.
static const regex re_error("OE_[A-Z_]+");
thread_local string last_error;
if (smatch ma_error; regex_search(msg, ma_error, re_error))
{
string error = ma_error.str();
if (error == last_error)
{
// If it's a propagated error without additional info, don't print
// it.
if (msg == ':' + last_error)
return;
}
else
last_error = move(error);
}
else
last_error.clear();
// shorten the path
const string_view oe_path = "/3rdparty/openenclave/";
if (const size_t pos = path.find(oe_path); pos != string::npos)
path.erase(0, pos + oe_path.size());
else
_trim_prefix(
path,
{__FILE__,
sizeof __FILE__ - sizeof "src/tools/erthost/erthost.cpp"});
_trim_space(msg);
cout << level_string << ": " << msg << " [" << path << ':' << func_and_line
<< "]\n";
}
int main(int argc, char* argv[], char* envp[])
{
OE_TRACE_INFO("erthost v" OE_VERSION);
if (argc < 2)
{
cout << "Usage: " << argv[0]
<< " enclave_image_path [enclave args...]\n"
"Set OE_SIMULATION=1 for simulation mode.\n";
return EXIT_FAILURE;
}
const char* const env_simulation = getenv("OE_SIMULATION");
const bool simulation = env_simulation && *env_simulation == '1';
// Configure detailed logging. Prefer OE_LOG_DETAILED value. If not set,
// enable detailed logging for verbose level.
bool log_detailed = false;
const char* const env_log_detailed = getenv("OE_LOG_DETAILED");
if (env_log_detailed && *env_log_detailed)
{
if (*env_log_detailed == '1')
log_detailed = true;
}
else if (oe_get_current_logging_level() >= OE_LOG_LEVEL_VERBOSE)
log_detailed = true;
if (!log_detailed)
oe_log_set_callback(nullptr, _log);
try
{
_init_args(argc - 1, argv + 1, envp);
return run(argv[1], simulation);
}
catch (const exception& e)
{
OE_TRACE_ERROR("%s", e.what());
}
return EXIT_FAILURE;
}
void ert_cpuid_ocall(
unsigned int leaf,
unsigned int subleaf,
unsigned int* eax,
unsigned int* ebx,
unsigned int* ecx,
unsigned int* edx)
{
oe_get_cpuid(leaf, subleaf, eax, ebx, ecx, edx);
}