occlum · superajun-wsj · Jan 26, 2024 · Feb 2, 2024
diff --git a/src/runtime/extern.go b/src/runtime/extern.go
@@ -320,3 +320,14 @@ const GOOS string = goos.GOOS
 // GOARCH is the running program's architecture target:
 // one of 386, amd64, arm, s390x, and so on.
 const GOARCH string = goarch.GOARCH
+
+// Variable occlumentry is a flag to distinguish a tee environment or not.
+// occlumentry's value is from Auxv, 0 is default value, nonzero if execution
+// binary was loaded by a tee libos, for example occlum.
+var occlumentry uintptr = 0x0
+var teeFlag = false
+
+// isTeeEnvironment return true if it's in a TEE environment.
+func isTeeEnvironment() bool {
+	return teeFlag
+}
diff --git a/src/runtime/internal/syscall/asm_linux_amd64.s b/src/runtime/internal/syscall/asm_linux_amd64.s
@@ -32,7 +32,14 @@ TEXT ·Syscall6<ABIInternal>(SB),NOSPLIT,$0
 	MOVQ	CX, SI  // a2
 	MOVQ	BX, DI  // a1
 	// num already in AX.
-	SYSCALL
+    CMPQ runtime·occlumentry(SB), $0x0
+    JBE  12(PC)
+    BYTE $0x48; BYTE $0x8d; BYTE $0x0d; BYTE $0x0a; BYTE $0x00; BYTE $0x00; BYTE $0x00
+    MOVQ runtime·occlumentry(SB), R11
+    JMP  R11
+    PXOR X15, X15
+    JMP  2(PC)
+    SYSCALL
 	CMPQ	AX, $0xfffffffffffff001
 	JLS	ok
 	NEGQ	AX

diff --git a/src/runtime/malloc.go b/src/runtime/malloc.go
@@ -608,7 +608,8 @@ func (h *mheap) sysAlloc(n uintptr, hintList **arenaHint, register bool) (v unsa
 	}
 
 	// Try to grow the heap at a hint address.
-	for *hintList != nil {
+	// Skip hintlist address malloc in Tee environment.
+	for !teeFlag && *hintList != nil {
 		hint := *hintList
 		p := hint.addr
 		if hint.down {
@@ -662,13 +663,15 @@ func (h *mheap) sysAlloc(n uintptr, hintList **arenaHint, register bool) (v unsa
 			return nil, 0
 		}
 
-		// Create new hints for extending this region.
-		hint := (*arenaHint)(h.arenaHintAlloc.alloc())
-		hint.addr, hint.down = uintptr(v), true
-		hint.next, mheap_.arenaHints = mheap_.arenaHints, hint
-		hint = (*arenaHint)(h.arenaHintAlloc.alloc())
-		hint.addr = uintptr(v) + size
-		hint.next, mheap_.arenaHints = mheap_.arenaHints, hint
+		if !teeFlag {
+			// Create new hints for extending this region.
+			hint := (*arenaHint)(h.arenaHintAlloc.alloc())
+			hint.addr, hint.down = uintptr(v), true
+			hint.next, mheap_.arenaHints = mheap_.arenaHints, hint
+			hint = (*arenaHint)(h.arenaHintAlloc.alloc())
+			hint.addr = uintptr(v) + size
+			hint.next, mheap_.arenaHints = mheap_.arenaHints, hint
+		}
 	}
 
 	// Check for bad pointers or pointers we can't use.

diff --git a/src/runtime/os_linux.go b/src/runtime/os_linux.go
@@ -219,6 +219,7 @@ const (
 	_AT_SECURE = 23 // secure mode boolean
 	_AT_RANDOM = 25 // introduced in 2.6.29
 	_AT_HWCAP2 = 26 // hardware capability bit vector 2
+	_AT_OCCLUM = 48 // gnu syscall ABI entry address
 )
 
 var procAuxv = []byte("/proc/self/auxv\x00")
@@ -304,6 +305,10 @@ func sysauxv(auxv []uintptr) int {
 
 		case _AT_SECURE:
 			secureMode = val == 1
+
+		case _AT_OCCLUM:
+			occlumentry = val
+			teeFlag = true
 		}
 
 		archauxv(tag, val)