|
| 1 | +/* |
| 2 | + * Copyright (C) 2011-2018 Intel Corporation. All rights reserved. |
| 3 | + * |
| 4 | + * Redistribution and use in source and binary forms, with or without |
| 5 | + * modification, are permitted provided that the following conditions |
| 6 | + * are met: |
| 7 | + * |
| 8 | + * * Redistributions of source code must retain the above copyright |
| 9 | + * notice, this list of conditions and the following disclaimer. |
| 10 | + * * Redistributions in binary form must reproduce the above copyright |
| 11 | + * notice, this list of conditions and the following disclaimer in |
| 12 | + * the documentation and/or other materials provided with the |
| 13 | + * distribution. |
| 14 | + * * Neither the name of Intel Corporation nor the names of its |
| 15 | + * contributors may be used to endorse or promote products derived |
| 16 | + * from this software without specific prior written permission. |
| 17 | + * |
| 18 | + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS |
| 19 | + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT |
| 20 | + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR |
| 21 | + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT |
| 22 | + * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
| 23 | + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT |
| 24 | + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
| 25 | + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
| 26 | + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
| 27 | + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE |
| 28 | + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| 29 | + * |
| 30 | + */ |
| 31 | + |
| 32 | + |
| 33 | +#include <stdio.h> |
| 34 | +#include <string.h> |
| 35 | +#include <assert.h> |
| 36 | +#include <sys/time.h> |
| 37 | + |
| 38 | +# include <unistd.h> |
| 39 | +# include <pwd.h> |
| 40 | +# define MAX_PATH FILENAME_MAX |
| 41 | + |
| 42 | +#include <sgx_urts.h> |
| 43 | +#include <sgx_uswitchless.h> |
| 44 | +#include "App.h" |
| 45 | +#include "Enclave_u.h" |
| 46 | + |
| 47 | +/* Global EID shared by multiple threads */ |
| 48 | +sgx_enclave_id_t global_eid = 0; |
| 49 | + |
| 50 | +typedef struct _sgx_errlist_t { |
| 51 | + sgx_status_t err; |
| 52 | + const char *msg; |
| 53 | + const char *sug; /* Suggestion */ |
| 54 | +} sgx_errlist_t; |
| 55 | + |
| 56 | +#define REPEATS 500000 |
| 57 | + |
| 58 | +/* Error code returned by sgx_create_enclave */ |
| 59 | +static sgx_errlist_t sgx_errlist[] = { |
| 60 | + { |
| 61 | + SGX_ERROR_UNEXPECTED, |
| 62 | + "Unexpected error occurred.", |
| 63 | + NULL |
| 64 | + }, |
| 65 | + { |
| 66 | + SGX_ERROR_INVALID_PARAMETER, |
| 67 | + "Invalid parameter.", |
| 68 | + NULL |
| 69 | + }, |
| 70 | + { |
| 71 | + SGX_ERROR_OUT_OF_MEMORY, |
| 72 | + "Out of memory.", |
| 73 | + NULL |
| 74 | + }, |
| 75 | + { |
| 76 | + SGX_ERROR_ENCLAVE_LOST, |
| 77 | + "Power transition occurred.", |
| 78 | + "Please refer to the sample \"PowerTransition\" for details." |
| 79 | + }, |
| 80 | + { |
| 81 | + SGX_ERROR_INVALID_ENCLAVE, |
| 82 | + "Invalid enclave image.", |
| 83 | + NULL |
| 84 | + }, |
| 85 | + { |
| 86 | + SGX_ERROR_INVALID_ENCLAVE_ID, |
| 87 | + "Invalid enclave identification.", |
| 88 | + NULL |
| 89 | + }, |
| 90 | + { |
| 91 | + SGX_ERROR_INVALID_SIGNATURE, |
| 92 | + "Invalid enclave signature.", |
| 93 | + NULL |
| 94 | + }, |
| 95 | + { |
| 96 | + SGX_ERROR_OUT_OF_EPC, |
| 97 | + "Out of EPC memory.", |
| 98 | + NULL |
| 99 | + }, |
| 100 | + { |
| 101 | + SGX_ERROR_NO_DEVICE, |
| 102 | + "Invalid SGX device.", |
| 103 | + "Please make sure SGX module is enabled in the BIOS, and install SGX driver afterwards." |
| 104 | + }, |
| 105 | + { |
| 106 | + SGX_ERROR_MEMORY_MAP_CONFLICT, |
| 107 | + "Memory map conflicted.", |
| 108 | + NULL |
| 109 | + }, |
| 110 | + { |
| 111 | + SGX_ERROR_INVALID_METADATA, |
| 112 | + "Invalid enclave metadata.", |
| 113 | + NULL |
| 114 | + }, |
| 115 | + { |
| 116 | + SGX_ERROR_DEVICE_BUSY, |
| 117 | + "SGX device was busy.", |
| 118 | + NULL |
| 119 | + }, |
| 120 | + { |
| 121 | + SGX_ERROR_INVALID_VERSION, |
| 122 | + "Enclave version was invalid.", |
| 123 | + NULL |
| 124 | + }, |
| 125 | + { |
| 126 | + SGX_ERROR_INVALID_ATTRIBUTE, |
| 127 | + "Enclave was not authorized.", |
| 128 | + NULL |
| 129 | + }, |
| 130 | + { |
| 131 | + SGX_ERROR_ENCLAVE_FILE_ACCESS, |
| 132 | + "Can't open enclave file.", |
| 133 | + NULL |
| 134 | + }, |
| 135 | +}; |
| 136 | + |
| 137 | +/* Check error conditions for loading enclave */ |
| 138 | +void print_error_message(sgx_status_t ret) |
| 139 | +{ |
| 140 | + size_t idx = 0; |
| 141 | + size_t ttl = sizeof sgx_errlist/sizeof sgx_errlist[0]; |
| 142 | + |
| 143 | + for (idx = 0; idx < ttl; idx++) { |
| 144 | + if(ret == sgx_errlist[idx].err) { |
| 145 | + if(NULL != sgx_errlist[idx].sug) |
| 146 | + printf("Info: %s\n", sgx_errlist[idx].sug); |
| 147 | + printf("Error: %s\n", sgx_errlist[idx].msg); |
| 148 | + break; |
| 149 | + } |
| 150 | + } |
| 151 | + |
| 152 | + if (idx == ttl) |
| 153 | + printf("Error: Unexpected error occurred.\n"); |
| 154 | +} |
| 155 | + |
| 156 | +/* Initialize the enclave: |
| 157 | + * Step 1: try to retrieve the launch token saved by last transaction |
| 158 | + * Step 2: call sgx_create_enclave to initialize an enclave instance |
| 159 | + * Step 3: save the launch token if it is updated |
| 160 | + */ |
| 161 | +int initialize_enclave(const sgx_uswitchless_config_t* us_config) |
| 162 | +{ |
| 163 | + char token_path[MAX_PATH] = {'\0'}; |
| 164 | + sgx_launch_token_t token = {0}; |
| 165 | + sgx_status_t ret = SGX_ERROR_UNEXPECTED; |
| 166 | + int updated = 0; |
| 167 | + |
| 168 | + /* Step 1: try to retrieve the launch token saved by last transaction |
| 169 | + * if there is no token, then create a new one. |
| 170 | + */ |
| 171 | + /* try to get the token saved in $HOME */ |
| 172 | + const char *home_dir = getpwuid(getuid())->pw_dir; |
| 173 | + |
| 174 | + if (home_dir != NULL && |
| 175 | + (strlen(home_dir)+strlen("/")+sizeof(TOKEN_FILENAME)+1) <= MAX_PATH) { |
| 176 | + /* compose the token path */ |
| 177 | + strncpy(token_path, home_dir, strlen(home_dir)); |
| 178 | + strncat(token_path, "/", strlen("/")); |
| 179 | + strncat(token_path, TOKEN_FILENAME, sizeof(TOKEN_FILENAME)+1); |
| 180 | + } else { |
| 181 | + /* if token path is too long or $HOME is NULL */ |
| 182 | + strncpy(token_path, TOKEN_FILENAME, sizeof(TOKEN_FILENAME)); |
| 183 | + } |
| 184 | + |
| 185 | + FILE *fp = fopen(token_path, "rb"); |
| 186 | + if (fp == NULL && (fp = fopen(token_path, "wb")) == NULL) { |
| 187 | + printf("Warning: Failed to create/open the launch token file \"%s\".\n", token_path); |
| 188 | + } |
| 189 | + |
| 190 | + if (fp != NULL) { |
| 191 | + /* read the token from saved file */ |
| 192 | + size_t read_num = fread(token, 1, sizeof(sgx_launch_token_t), fp); |
| 193 | + if (read_num != 0 && read_num != sizeof(sgx_launch_token_t)) { |
| 194 | + /* if token is invalid, clear the buffer */ |
| 195 | + memset(&token, 0x0, sizeof(sgx_launch_token_t)); |
| 196 | + printf("Warning: Invalid launch token read from \"%s\".\n", token_path); |
| 197 | + } |
| 198 | + } |
| 199 | + /* Step 2: call sgx_create_enclave to initialize an enclave instance */ |
| 200 | + /* Debug Support: set 2nd parameter to 1 */ |
| 201 | + |
| 202 | + void* enclave_ex_p[32] = { 0 }; |
| 203 | + |
| 204 | + enclave_ex_p[SGX_CREATE_ENCLAVE_EX_SWITCHLESS_BIT_IDX] = (void*)us_config; |
| 205 | + |
| 206 | + ret = sgx_create_enclave_ex(ENCLAVE_FILENAME, SGX_DEBUG_FLAG, &token, &updated, &global_eid, NULL, SGX_CREATE_ENCLAVE_EX_SWITCHLESS, enclave_ex_p); |
| 207 | + if (ret != SGX_SUCCESS) { |
| 208 | + print_error_message(ret); |
| 209 | + if (fp != NULL) fclose(fp); |
| 210 | + return -1; |
| 211 | + } |
| 212 | + |
| 213 | + /* Step 3: save the launch token if it is updated */ |
| 214 | + if (updated == FALSE || fp == NULL) { |
| 215 | + /* if the token is not updated, or file handler is invalid, do not perform saving */ |
| 216 | + if (fp != NULL) fclose(fp); |
| 217 | + return 0; |
| 218 | + } |
| 219 | + |
| 220 | + /* reopen the file with write capablity */ |
| 221 | + fp = freopen(token_path, "wb", fp); |
| 222 | + if (fp == NULL) return 0; |
| 223 | + size_t write_num = fwrite(token, 1, sizeof(sgx_launch_token_t), fp); |
| 224 | + if (write_num != sizeof(sgx_launch_token_t)) |
| 225 | + printf("Warning: Failed to save launch token to \"%s\".\n", token_path); |
| 226 | + fclose(fp); |
| 227 | + return 0; |
| 228 | +} |
| 229 | + |
| 230 | +/* OCall functions */ |
| 231 | +void ocall_print_string(const char *str) |
| 232 | +{ |
| 233 | + /* Proxy/Bridge will check the length and null-terminate |
| 234 | + * the input string to prevent buffer overflow. |
| 235 | + */ |
| 236 | + printf("%s", str); |
| 237 | +} |
| 238 | + |
| 239 | +void ocall_empty(void) {} |
| 240 | +void ocall_empty_switchless(void) {} |
| 241 | + |
| 242 | +void benchmark_empty_ocall(int is_switchless) |
| 243 | +{ |
| 244 | + unsigned long nrepeats = REPEATS; |
| 245 | + printf("Repeating an **%s** OCall that does nothing for %lu times...\n", |
| 246 | + is_switchless ? "switchless" : "ordinary", nrepeats); |
| 247 | + |
| 248 | + struct timeval tval_before, tval_after, tval_result; |
| 249 | + gettimeofday(&tval_before, NULL); |
| 250 | + |
| 251 | + sgx_status_t status = ecall_repeat_ocalls(global_eid, nrepeats, is_switchless); |
| 252 | + if (status != SGX_SUCCESS) { |
| 253 | + printf("ERROR: ECall failed\n"); |
| 254 | + print_error_message(status); |
| 255 | + exit(-1); |
| 256 | + } |
| 257 | + |
| 258 | + gettimeofday(&tval_after, NULL); |
| 259 | + timersub(&tval_after, &tval_before, &tval_result); |
| 260 | + printf("Time elapsed: %ld.%06ld seconds\n", (long int)tval_result.tv_sec, (long int)tval_result.tv_usec); |
| 261 | +} |
| 262 | + |
| 263 | +void benchmark_empty_ecall(int is_switchless) |
| 264 | +{ |
| 265 | + unsigned long nrepeats = REPEATS; |
| 266 | + printf("Repeating an **%s** ECall that does nothing for %lu times...\n", |
| 267 | + is_switchless ? "switchless" : "ordinary", nrepeats); |
| 268 | + |
| 269 | + struct timeval tval_before, tval_after, tval_result; |
| 270 | + gettimeofday(&tval_before, NULL); |
| 271 | + |
| 272 | + sgx_status_t(*ecall_fn)(sgx_enclave_id_t) = is_switchless ? ecall_empty_switchless : ecall_empty; |
| 273 | + while (nrepeats--) { |
| 274 | + ecall_fn(global_eid); |
| 275 | + } |
| 276 | + |
| 277 | + gettimeofday(&tval_after, NULL); |
| 278 | + timersub(&tval_after, &tval_before, &tval_result); |
| 279 | + printf("Time elapsed: %ld.%06ld seconds\n", (long int)tval_result.tv_sec, (long int)tval_result.tv_usec); |
| 280 | +} |
| 281 | + |
| 282 | +/* Application entry */ |
| 283 | +int SGX_CDECL main(int argc, char *argv[]) |
| 284 | +{ |
| 285 | + /* Configuration for Switchless SGX */ |
| 286 | + sgx_uswitchless_config_t us_config = SGX_USWITCHLESS_CONFIG_INITIALIZER; |
| 287 | + us_config.num_uworkers = 2; |
| 288 | + us_config.num_tworkers = 2; |
| 289 | + |
| 290 | + /* Initialize the enclave */ |
| 291 | + if(initialize_enclave(&us_config) < 0) |
| 292 | + { |
| 293 | + printf("Error: enclave initialization failed\n"); |
| 294 | + return -1; |
| 295 | + } |
| 296 | + |
| 297 | + |
| 298 | + printf("Running a benchmark that compares **ordinary** and **switchless** OCalls...\n"); |
| 299 | + benchmark_empty_ocall(1); |
| 300 | + benchmark_empty_ocall(0); |
| 301 | + printf("Done.\n"); |
| 302 | + |
| 303 | + |
| 304 | + printf("Running a benchmark that compares **ordinary** and **switchless** ECalls...\n"); |
| 305 | + benchmark_empty_ecall(1); |
| 306 | + benchmark_empty_ecall(0); |
| 307 | + printf("Done.\n"); |
| 308 | + |
| 309 | + sgx_destroy_enclave(global_eid); |
| 310 | + return 0; |
| 311 | +} |
0 commit comments