[RFC PATCH v2 0/3] An alternative __vdso_sgx_enter_enclave() to allow enclave/host parameter passing using untrusted stack

From: Cedric Xing
Date: Wed Apr 24 2019 - 02:26:27 EST

Next message: Cedric Xing: "[RFC PATCH v2 2/3] x86/vdso: Modify __vdso_sgx_enter_enclave() to allow parameter passing on untrusted stack"
Previous message: Icenowy Zheng: "[PATCH] arm64: dts: allwinner: h6: add PIO VCC bank supplies for Pine H64"
Next in thread: Cedric Xing: "[RFC PATCH v2 2/3] x86/vdso: Modify __vdso_sgx_enter_enclave() to allow parameter passing on untrusted stack"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The current proposed __vdso_sgx_enter_enclave() requires enclaves to preserve
%rsp, which prohibits enclaves from allocating space on the untrusted stack.
However, there are existing enclaves (e.g. those built with current Intel SGX
SDK libraries) relying on the untrusted stack for passing parameters to
untrusted functions (aka. o-calls), which requires allocating space on the
untrusted stack by enclaves. And given its simplicity and convenience, it could
be desired by future SGX applications as well.

This patchset introduces a new ABI for __vdso_sgx_enter_enclave() to anchor its
stack frame on %rbp (instead of %rsp), so as to allow enclaves to "push" onto
the untrusted stack by decrementing the untrusted %rsp. Additionally, this new
__vdso_sgx_enter_enclave() will take one more parameter - a callback function,
to be invoked upon all enclave exits (both AEX and normal exits). The callback
function will be given the value of %rsp left off by the enclave, so that data
"pushed" by the enclave (if any) could be addressed/accessed. Please note that
the callback function is optional, and if not supplied (i.e. null),
__vdso_sgx_enter_enclave() will just return (i.e. behave the same as the
current implementation) after the enclave exits (or AEX due to exceptions).

The SGX selftest is augmented by two new tests. One exercises the new callback
interface, and serves as a simple example to showcase how to use it; while the
other validates the hand-crafted CFI directives in __vdso_sgx_enter_enclave()
by single-stepping through it and unwinding call stack at every instruction.

v2:
- Revised comments in __vdso_sgx_enter_enclave(). See patch 2/3.
- Added stack unwind test. See patch 3/3.

v1: https://lkml.org/lkml/2019/4/22/871

Note: This patchset is based upon SGX1 patch v20
(https://lkml.org/lkml/2019/4/17/344) by Jarkko Sakkinen

Cedric Xing (3):
selftests/x86: Fixed Makefile for SGX selftest
x86/vdso: Modify __vdso_sgx_enter_enclave() to allow parameter passing
on untrusted stack
selftests/x86: Augment SGX selftest to test new
__vdso_sgx_enter_enclave() and its callback interface

arch/x86/entry/vdso/vsgx_enter_enclave.S | 175 +++++++----
arch/x86/include/uapi/asm/sgx.h | 14 +-
tools/testing/selftests/x86/Makefile | 12 +-
tools/testing/selftests/x86/sgx/Makefile | 49 ++--
tools/testing/selftests/x86/sgx/main.c | 323 ++++++++++++++++++---
tools/testing/selftests/x86/sgx/sgx_call.S | 40 ++-
6 files changed, 471 insertions(+), 142 deletions(-)

--
2.17.1

Next message: Cedric Xing: "[RFC PATCH v2 2/3] x86/vdso: Modify __vdso_sgx_enter_enclave() to allow parameter passing on untrusted stack"
Previous message: Icenowy Zheng: "[PATCH] arm64: dts: allwinner: h6: add PIO VCC bank supplies for Pine H64"
Next in thread: Cedric Xing: "[RFC PATCH v2 2/3] x86/vdso: Modify __vdso_sgx_enter_enclave() to allow parameter passing on untrusted stack"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]