Some functions call cpuid

[mechalas]

Some functions inside of OpenSSL make calls to cpuid via OPENSSL_ia32_cpuid which are not captured by this library, leading to a SIGILL at runtime:

Program received signal SIGILL, Illegal instruction.
OPENSSL_ia32_cpuid () at crypto/x86_64cpuid.s:43
43	crypto/x86_64cpuid.s: No such file or directory.
(gdb) where
#0  OPENSSL_ia32_cpuid () at crypto/x86_64cpuid.s:43
#1  0x00007ffff30a7397 in OPENSSL_cpuid_setup () at crypto/cryptlib.c:66
#2  0x00007ffff3076f3b in ossl_init_base () at crypto/init.c:81
#3  ossl_init_base_ossl_ () at crypto/init.c:66
#4  0x00007ffff3062201 in sgxssl_pthread_once (
    once_control=0x7ffff3470658 <base>, 
    init_routine=0x7ffff3076f00 <ossl_init_base_ossl_>) at tpthread.cpp:383
#5  0x00007ffff3083df9 in CRYPTO_THREAD_run_once (
    once=once@entry=0x7ffff3470658 <base>, 
    init=init@entry=0x7ffff3076f00 <ossl_init_base_ossl_>)
    at crypto/threads_pthread.c:106
#6  0x00007ffff307737b in OPENSSL_init_crypto (opts=opts@entry=2, 
    settings=settings@entry=0x0) at crypto/init.c:513

The source for OPENSSL_ia32_cpuid is in crypto/x86_64cpuid.s (and crypto/x86cpuid.s when in 32-bit ode). These files are dynamically-generated assembly, created when OpenSSL is being compiled via the perl script in crypto/x86_64cpuid.pl (and crypto/x86cpuid.pl when building in 32-bit mode).

[akryeem-INTC]

It's not a bug, this SIGILL is by design.
SGXSSL implements an exception handler for this, it uses sgx_cpuid to return the cpuid.
In debug hitting continue will resume the application execution.

[jasiek]

If I understand correctly, once this package is built, the TestApp should be launched to see if everything works as intended. There appears to be a bug in the build_sgxssl.sh script which prevents it from being executed unless an extra parameter (doesn't matter what) is passed in on the command line.

Once this is in place, the build fails - upon more detailed examination, this causes TestApp to blow up with a core dump. I've narrowed it down to the same spot as @mechalas . This leads me to think that the exception handler which you have referenced wasn't set up properly to handle invocations of the CPUID instruction.

I suspect this may have something to do with the constructor attribute of:

sgx/libsgx_tsgxssl/texceptions.c:__attribute__((constructor)) void init_exception_handler(void)

What are your thoughts on this?

Here's my build output and gcc -v:
https://gist.github.com/jasiek/435fbeda2be857d8872f6698baba9974

[akryeem-INTC]

If I understand correctly, once this package is built, the TestApp should be launched to see if everything works as intended.
That's right. I'll check if there is a bug there.

Regarding the CPUID exception handler, when debugging your enclave using sgx-gdb you'll get 4 SIGILL signals once this CPUID instruction called and cpuid exception handler invoked, hitting "c" 4 times should make the enclave continue executing. This is a know behavior that doesn't terminated or affect enclave execution.

Regarding the code dump, I'll check it.
Can you please tell what SGX SDK version you're using?

[jasiek]

Upon further investigation, I've determined that the exception handler gets initialized and called, and appears to handle CPUID gracefully. It appears to be bailing out here:

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff219643e in free ()
(gdb) bt
#0  0x00007ffff219643e in free ()
#1  0x00007ffff208fa58 in RSA_free (r=0x7ffff247f138) at crypto/rsa/rsa_lib.c:123
#2  0x00007ffff2037772 in rsa_key_gen() ()
#3  0x00007ffff2037ac0 in t_sgxssl_call_apis ()
#4  0x00007ffff2036e4b in sgx_t_sgxssl_call_apis ()
#5  0x00007ffff21924d0 in enter_enclave ()
#6  0x00007ffff2193c17 in enclave_entry ()
#7  0x00007ffff7bbb43b in __morestack () from /usr/lib/libsgx_urts.so
#8  0x00007ffff7bbe227 in CEnclave::ecall(int, void const*, void*) () from /usr/lib/libsgx_urts.so
#9  0x00007ffff7bbfb22 in sgx_ecall () from /usr/lib/libsgx_urts.so
#10 0x00005555555551ae in main ()

[jasiek]

So it seems that free() calls fail when they are called by RSA_free and EC_KEY_free. Once I comment those out, everything works and all tests pass.