-
Notifications
You must be signed in to change notification settings - Fork 98
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Async usercall interface for SGX enclaves #291
Conversation
MIO 0.7 port to SGX using this interface: https://github.com/mzohreva/mio/tree/mz/sgx-port-0.7 |
7356b0f
to
c05aae4
Compare
@@ -0,0 +1,168 @@ | |||
//! this file contains code duplicated from libstd's sys/sgx |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you think of a logical division of the code in this PR between std
and an external crate that reduces duplication?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think these parts can live in std
:
- Most of the allocator (except
io_bufs.rs
) callback.rs
which is the main user of the duplicated code
c37d9ac
to
95b558e
Compare
f4a9544
to
34340f5
Compare
95b558e
to
57b0325
Compare
34340f5
to
e7d7cd9
Compare
e741386
to
2639806
Compare
e7d7cd9
to
77ab85a
Compare
6d52998
to
e381dca
Compare
…ulacrum Add Metadata in std::os::fortanix_sgx::io::FromRawFd Needed for fortanix/rust-sgx#291 cc `@jethrogb`
…acrum Add Metadata in std::os::fortanix_sgx::io::FromRawFd Needed for fortanix/rust-sgx#291 cc `@jethrogb`
ref range, | ||
} => &mut user[range.start..range.end], | ||
UserBufKind::Shared { ref user, ref range } => { | ||
let user = unsafe { &mut *user.get() }; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why is this safe? Aren't there multiple references to this UnsafeCell?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There is exactly one way to construct this variant of UserBufKind
and that's through WriteBuffer::consumable_chunk()
which ensures there is at most 1 instance of this at a time. The other reference is inside the WriteBuffer
which will not access the range specified here.
/// running in the enclave while a portion of it can be passed to a `write` | ||
/// usercall running concurrently. It ensures that enclave code does not write | ||
/// to the portion sent to userspace. | ||
pub struct WriteBuffer { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Where/how is this used?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's used in my MIO implementation.
7ae56e2
to
06f6667
Compare
The PR looks good to me. When the other conversations have been resolved, I'll accept. |
2639806
to
4908696
Compare
06f6667
to
de6b5f3
Compare
I've cherry-picked the commit in #336 to unblock a compiler update. Will need to create a branch preserving this history before rebase/merge. |
I'm curious why this branch has not been merged. Did async support already land some other way? |
@kaimast Not really there yet. I think async IO is inaccessible so far. I don't think they are going to pursue full async support anymore. |
We are still planning to add async support. I have no concrete timeline yet. |
`UsercallEvent::Start` was being sent in `fn handle_usercall`, which is too late. It needs to be sent before we receive the next usercall from the enclave so we can maintain the invariant that "we only need to keep track of cancels received before the actual usercall if the read position has not moved past the write position when cancel was received."
393: [PLAT-896] Verify fifo descriptor pointers r=jethrogb a=raoulstrackx Some checks are missing when allocating and processing `FifoDescriptor` Co-authored-by: Raoul Strackx <[email protected]>
398: [PLAT-838] Refactor `ipc_queue` backport r=jethrogb a=raoulstrackx Backports #396 Co-authored-by: Raoul Strackx <[email protected]>
400: Rust nightly compatibility r=jethrogb a=raoulstrackx The `mz/async-usercalls` is a rather old branch that hasn't been kept up to date with the latest Rust nightly compilers. This PR corrects this situation by backporting many of the changes already on master. Co-authored-by: Raoul Strackx <[email protected]>
432: Enable `enclave_loader()` fallback to libsgx_enclave_common.so.1 r=Taowyoo a=raoulstrackx The `aesmd` service depends on a `dcap_quoteprov.so` library (the DCAP provider) to aid in DCAP attestations. For it to work correctly, it may need to (recursively) request a DCAP attestation itself. For that a `dcap-ql::enclave_loader` call is required. Unfortunately, when this happens as part of the `aesmd` service, `Dl::this()` returns `/opt/intel/sgx-aesm-service/aesm/aesm_service`. This leads to an error as the expected symbols can't be located. This PR adds a fallback to the `libsgx_enclave_common.so.1` library (or `sgx_enclave_common.dll` on windows). Co-authored-by: Raoul Strackx <[email protected]> Co-authored-by: Yuxiang Cao <[email protected]>
Close this since this is done by #515 |
No description provided.