Merge pull request #307 from keystone-enclave/feature/mono-eyrie

Include Eyrie runtime to the Monorepo

.circleci/config.yml

@@ -12,14 +12,60 @@ executors:
 
 
 commands:
+  ######################
+  ## General commands ##
+  ######################
+
   update-riscv-toolchain-path-64:
     steps:
       - run: echo 'export PATH=/keystone/riscv64/bin:$PATH' >> $BASH_ENV
   update-riscv-toolchain-path-32:
     steps:
       - run: echo 'export PATH=/keystone/riscv32/bin:$PATH' >> $BASH_ENV
 
+  ######################
+  ## Runtime commands ##
+  ######################
+
+  build-sdk:
+    steps:
+      - run: |
+          cd /keystone/sdk
+          rm -rf build
+          mkdir build
+          cd build
+          KEYSTONE_SDK_DIR=$(pwd) cmake ..
+          make install
+  build-runtime:
+    parameters:
+      build-name:
+        type: string
+      build-dir:
+        type: string
+        default: build
+      build-args:
+        type: string
+        default: ''
+    steps:
+      - run:
+          name: << parameters.build-name >>
+          environment:
+            KEYSTONE_SDK_DIR: /keystone/sdk/build
+          command: |
+              cd runtime
+              mkdir -p << parameters.build-dir >>
+              cd << parameters.build-dir >>
+              cmake -DCMAKE_C_COMPILER=$(which riscv64-unknown-linux-gnu-gcc) \
+                     -DCMAKE_OBJCOPY=$(which riscv64-unknown-linux-gnu-objcopy) \
+                     << parameters.build-args >> ..
+              make
+          no-output-timeout: 120m
+
 jobs:
+  ######################
+  ## Full stack tests ##
+  ######################
+
   build-and-test-rv64-qemu:
     executor: setup-rv64gc
     working_directory: /keystone
@@ -70,9 +116,149 @@ jobs:
               make run-tests
           no_output_timeout: 120m
 
+  ###################
+  ## Runtime tests ##
+  ###################
+
+  # The format job essentially runs clang-format against the Eyrie codebase. To
+  # do so, we first query which clang-format git prefers. Then, we run git with
+  # this clang-format. This ensures that the tool only checks files that have
+  # been modified. Finally, we check the output of the tool and return an error
+  # if some formatting changes are necessary.
+
+  format:
+    executor: setup-rv64gc
+    steps:
+      - checkout
+      - update-riscv-toolchain-path-64
+      - run: apt-get install clang-format -y
+      - run:
+          name: "test"
+          environment:
+            KEYSTONE_SDK_DIR: /keystone/sdk/build
+          command: |
+              FORMAT=$(git help -a | grep clang-format | tail -n1)
+              FORMAT_RESULT=$(git $FORMAT)
+              [ "$FORMAT_RESULT" = "no modified files to format" ] || [ "$FORMAT_RESULT" = "clang-format did not modify any files" ]
+          no_output_timeout: 120m
+  default-build:
+    executor: setup-rv64gc
+    steps:
+      - checkout
+      - update-riscv-toolchain-path-64
+      - build-sdk
+      - build-runtime:
+          build-name: "Default build"
+  use-freemem:
+    executor: setup-rv64gc
+    steps:
+      - checkout
+      - update-riscv-toolchain-path-64
+      - build-sdk
+      - build-runtime:
+          build-name: "USE_FREEMEM"
+          build-dir: build_freemem
+          build-args: -DFREEMEM=on
+  use_linux_syscall_use_freemem:
+    executor: setup-rv64gc
+    steps:
+      - checkout
+      - update-riscv-toolchain-path-64
+      - build-sdk
+      - build-runtime:
+          build-name: "USE_LINUX_SYSCALL + USE_FREEMEM"
+          build-dir: build_syscall_freemem
+          build-args: -DLINUX_SYSCALL=on -DFREEMEM=on
+  use_paging:
+    executor: setup-rv64gc
+    steps:
+      - checkout
+      - update-riscv-toolchain-path-64
+      - build-sdk
+      - build-runtime:
+          build-name: "USE_PAGING"
+          build-dir: build_paging
+          build-args: -DFREEMEM=on -DPAGING=on
+  use_package_crypto:
+    executor: setup-rv64gc
+    steps:
+      - checkout
+      - update-riscv-toolchain-path-64
+      - build-sdk
+      - build-runtime:
+          build-name: "USE_PAGE_CRYPTO"
+          build-dir: build_paging_crypto
+          build-args: -DFREEMEM=on -DPAGING=on -DPAGE_CRYPTO=on
+  use_page_hash:
+    executor: setup-rv64gc
+    steps:
+      - checkout
+      - update-riscv-toolchain-path-64
+      - build-sdk
+      - build-runtime:
+          build-name: "USE_PAGE_HASH"
+          build-dir: build_paging_hash
+          build-args: -DFREEMEM=on -DPAGING=on -DPAGE_HASH=on
+  use_page_crypto_use_page_hash:
+    executor: setup-rv64gc
+    steps:
+      - checkout
+      - update-riscv-toolchain-path-64
+      - build-sdk
+      - build-runtime:
+          build-name: "USE_PAGE_CRYPTO + USE_PAGE_HASH"
+          build-dir: build_paging_crypto_hash
+          build-args: -DFREEMEM=on -DPAGING=on -DPAGE_CRYPTO=on -DPAGE_HASH=on
+  test:
+    executor: setup-rv64gc
+    steps:
+      - checkout
+      - update-riscv-toolchain-path-64
+      - build-sdk
+      - run:
+          name: "test"
+          environment:
+            KEYSTONE_SDK_DIR: /keystone/sdk/build
+          command: |
+              cd runtime
+              git submodule sync
+              git submodule update --init ./test/cmocka
+              mkdir -p obj/test
+              pushd obj/test
+              cmake ../../test
+              make
+              ctest -VV || ( cat obj/test/Testing/Temporary/LastTest.log && false )
+              popd
+          no_output_timeout: 120m
+
 workflows:
-  build-and-test:
+  build-and-test-system:
     jobs:
       - build-and-test-rv64-qemu
       # - build-and-test-rv32-qemu
       # - build-rv64-fu540
+  build-and-test-runtime:
+    jobs:
+      - default-build
+      - format
+      - use-freemem:
+          requires:
+            - default-build
+      - use_linux_syscall_use_freemem:
+          requires:
+            - default-build
+      - use_package_crypto:
+          requires:
+            - default-build
+      - use_paging:
+          requires:
+            - default-build
+      - use_page_hash:
+          requires:
+            - default-build
+      - use_page_crypto_use_page_hash:
+          requires:
+            - default-build
+      - test:
+          requires:
+            - default-build

.gitmodules

@@ -13,3 +13,6 @@
 [submodule "opensbi"]
 	path = sm/opensbi
 	url = https://github.com/riscv/opensbi
+[submodule "runtime/test/cmocka"]
+        path = runtime/test/cmocka
+        url = https://gitlab.com/cmocka/cmocka

runtime/.clang-format

@@ -0,0 +1,10 @@
+BasedOnStyle: Google
+IndentWidth: 2
+TabWidth: 2
+ColumnLimit: 80
+AlignAfterOpenBracket: AlwaysBreak
+AlwaysBreakAfterReturnType: TopLevel
+DerivePointerAlignment: false
+PointerAlignment: Left
+AlignConsecutiveAssignments: true
+SpacesInAngles: false

runtime/.fast-setup.sh

@@ -0,0 +1,30 @@
+#!/bin/bash
+
+# This script is only for Travis test. Do not run in your local repository
+echo "Starting..."
+if ( $(command -v riscv64-unknown-linux-gnu-gcc > /dev/null) &&
+  $(command -v riscv64-unknown-elf-gcc > /dev/null) )
+then
+  echo "RISCV tools are already installed"
+else
+  echo "Downloading Prebuilt RISC-V Toolchain... "
+
+  # The 1.0 version expected libmpfr.so.4, modern Ubuntu has .6
+  TOOL_VER=1.0
+  if [[ $(ldconfig -p | grep "libmpfr.so.6") ]]; then
+      echo "Downloading tools v2.0 (support for libmpfr.so.6)"
+      TOOL_VER=2.0
+  fi
+
+  export RISCV=$(pwd)/riscv
+  export PATH=$PATH:$RISCV/bin
+  wget https://github.com/keystone-enclave/firesim-riscv-tools-prebuilt/archive/${TOOL_VER}.tar.gz
+  tar -xzvf ${TOOL_VER}.tar.gz
+  cd firesim-riscv-tools-prebuilt-${TOOL_VER}
+  ./installrelease.sh > riscv-tools-install.log
+  mv distrib riscv
+  cp -R riscv ../
+  cd ..
+  echo "Toolchain has been installed in $RISCV"
+fi
+

runtime/.gitignore

@@ -0,0 +1,6 @@
+eyrie-rt
+.options_log
+*.o
+obj/
+.exists
+.format-diff

runtime/CMakeLists.txt

@@ -0,0 +1,72 @@
+cmake_minimum_required(VERSION 3.13)
+project(keystone-runtime C ASM)
+
+macro(rt_option name description value)
+    option(${name} ${description} ${value})
+    if(${name})
+        add_compile_options(-DUSE_${name})
+        add_custom_target(${name}_options_log
+                            COMMAND echo -n "${name} " >> ${CMAKE_BINARY_DIR}/.options_log)
+        add_dependencies(options_log ${name}_options_log)
+
+        message(STATUS "Enabling option ${name}")
+    endif()
+endmacro()
+
+###########################
+## Set up global options ##
+###########################
+
+if(NOT DEFINED ENV{KEYSTONE_SDK_DIR})
+    message(FATAL_ERROR "Set KEYSTONE_SDK_DIR in environment")
+endif()
+
+add_custom_target(options_log
+        COMMAND touch ${CMAKE_BINARY_DIR}/.options_log)
+
+# Memory management options
+rt_option(FREEMEM "Use freemem allocator" OFF)
+rt_option(PAGING "Enable runtime paging" OFF)
+rt_option(PAGE_CRYPTO "Enable page confidentiality" OFF)
+rt_option(PAGE_HASH "Enable page integrity" OFF)
+
+# Syscall options
+rt_option(LINUX_SYSCALL "Wrap generic Linux syscalls" OFF)
+rt_option(IO_SYSCALL "Wrap Linux IO syscalls" OFF)
+rt_option(NET_SYSCALL "Wrap Linux net syscalls" OFF)
+
+# System options
+rt_option(ENV_SETUP "Set up stack environments like glibc expects" OFF)
+
+# Debugging options
+rt_option(INTERNAL_STRACE "Debug syscalls" OFF)
+rt_option(DEBUG "Enable debugging" OFF)
+
+include_directories($ENV{KEYSTONE_SDK_DIR}/include/edge)
+include_directories(tmplib)
+include_directories(include)
+
+###################
+## Build recipes ##
+###################
+
+add_compile_options(-Wall -Werror -fPIC -fno-builtin -std=c11 -g)
+
+# Generate all the library targets
+add_subdirectory(call)
+add_subdirectory(crypto)
+add_subdirectory(mm)
+add_subdirectory(tmplib)
+add_subdirectory(util)
+
+# Generate linker script target
+add_library(rt_linkscript OBJECT runtime.ld.S)
+target_compile_options(rt_linkscript PRIVATE -P -E -x c)
+target_compile_definitions(rt_linkscript PRIVATE __PREPROCESSING__)
+
+set_target_properties(rt_linkscript PROPERTIES PREFIX "")
+set_target_properties(rt_linkscript PROPERTIES OUTPUT_NAME runtime.ld)
+set_target_properties(rt_linkscript PROPERTIES SUFFIX "")
+
+# Generate final executable
+add_subdirectory(sys)

runtime/LICENSE

@@ -0,0 +1,24 @@
+Copyright (c) 2017-2018, The Regents of the University of California (Regents).
+All Rights Reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+1. Redistributions of source code must retain the above copyright
+   notice, this list of conditions and the following disclaimer.
+2. Redistributions in binary form must reproduce the above copyright
+   notice, this list of conditions and the following disclaimer in the
+   documentation and/or other materials provided with the distribution.
+3. Neither the name of the Regents nor the
+   names of its contributors may be used to endorse or promote products
+   derived from this software without specific prior written permission.
+
+IN NO EVENT SHALL REGENTS BE LIABLE TO ANY PARTY FOR DIRECT, INDIRECT,
+SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES, INCLUDING LOST PROFITS, ARISING
+OUT OF THE USE OF THIS SOFTWARE AND ITS DOCUMENTATION, EVEN IF REGENTS HAS
+BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+REGENTS SPECIFICALLY DISCLAIMS ANY WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
+THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+PURPOSE. THE SOFTWARE AND ACCOMPANYING DOCUMENTATION, IF ANY, PROVIDED
+HEREUNDER IS PROVIDED "AS IS". REGENTS HAS NO OBLIGATION TO PROVIDE
+MAINTENANCE, SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS.