A working 2.18 version for NGO EDMM support

common/inc/internal/bit_array.h

@@ -0,0 +1 @@
+../../../external/sgx-emm/emm_src/include/bit_array.h

common/inc/internal/bit_array_imp.h

@@ -0,0 +1 @@
+../../../external/sgx-emm/emm_src/include/bit_array_imp.h

common/inc/internal/ema.h

@@ -0,0 +1 @@
+../../../external/sgx-emm/emm_src/include/ema.h

common/inc/internal/ema_imp.h

@@ -0,0 +1 @@
+../../../external/sgx-emm/emm_src/include/ema_imp.h

common/inc/internal/emm_private.h

@@ -0,0 +1 @@
+../../../external/sgx-emm/emm_src/include/emm_private.h

common/inc/sgx_mm.h

@@ -0,0 +1 @@
+../../external/sgx-emm/emm_src/include/sgx_mm.h

common/inc/sgx_mm_primitives.h

@@ -0,0 +1 @@
+../../external/sgx-emm/emm_src/include/sgx_mm_primitives.h

common/inc/sgx_mm_rt_abstraction.h

@@ -0,0 +1 @@
+../../external/sgx-emm/emm_src/include/sgx_mm_rt_abstraction.h

docker/build/Dockerfile

@@ -59,6 +59,7 @@ RUN make sdk_install_pkg_no_mitigation
 WORKDIR /opt/intel
 RUN sh -c 'echo yes | /linux-sgx/linux/installer/bin/sgx_linux_x64_sdk_*.bin'
 
+ENV SGX_SDK=/opt/intel/sgxsdk
 WORKDIR /linux-sgx
 RUN make psw_install_pkg
 

docker/build/build_and_run_aesm_deb_docker.sh

@@ -0,0 +1,41 @@
+#!/bin/sh
+#
+# Copyright (C) 2022 Intel Corporation. All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+#
+#   * Redistributions of source code must retain the above copyright
+#     notice, this list of conditions and the following disclaimer.
+#   * Redistributions in binary form must reproduce the above copyright
+#     notice, this list of conditions and the following disclaimer in
+#     the documentation and/or other materials provided with the
+#     distribution.
+#   * Neither the name of Intel Corporation nor the names of its
+#     contributors may be used to endorse or promote products derived
+#     from this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+
+set -e
+docker build --target aesm_deb --build-arg https_proxy=$https_proxy \
+             --build-arg http_proxy=$http_proxy -t sgx_aesm_deb -f ./Dockerfile ../../
+
+docker volume create --driver local --opt type=tmpfs --opt device=tmpfs --opt o=rw aesmd-socket
+
+# If you use the Legacy Launch Control driver, replace /dev/sgx_enclave with /dev/isgx, and remove
+# --device=/dev/sgx_provision
+
+docker run --env http_proxy --env https_proxy --device=/dev/sgx_enclave --device=/dev/sgx_provision -v /dev/log:/dev/log -v aesmd-socket:/var/run/aesmd -it sgx_aesm_deb

docker/build/build_and_run_aesm_docker.sh

@@ -35,7 +35,7 @@ docker build --target aesm --build-arg https_proxy=$https_proxy \
 
 docker volume create --driver local --opt type=tmpfs --opt device=tmpfs --opt o=rw aesmd-socket
 
-# If you use the Legacy Launch Control driver, replace /dev/sgx/enclave with /dev/isgx, and remove
-# --device=/dev/sgx/provision
+# If you use the Legacy Launch Control driver, replace /dev/sgx_enclave with /dev/isgx, and remove
+# --device=/dev/sgx_provision
 
-docker run --env http_proxy --env https_proxy --device=/dev/sgx/enclave --device=/dev/sgx/provision -v /dev/log:/dev/log -v aesmd-socket:/var/run/aesmd -it sgx_aesm
+docker run --env http_proxy --env https_proxy --device=/dev/sgx_enclave --device=/dev/sgx_provision -v /dev/log:/dev/log -v aesmd-socket:/var/run/aesmd -it sgx_aesm

docker/build/build_and_run_qgs_docker.sh

@@ -35,7 +35,7 @@ docker build --target qgs --build-arg https_proxy=$https_proxy \
 
 docker volume create --driver local --opt type=tmpfs --opt device=tmpfs --opt o=rw qgs-socket
 
-# If you use the Legacy Launch Control driver, replace /dev/sgx/enclave with /dev/isgx, and remove
-# --device=/dev/sgx/provision
+# If you use the Legacy Launch Control driver, replace /dev/sgx_enclave with /dev/isgx, and remove
+# --device=/dev/sgx_provision
 
-docker run --device=/dev/sgx/enclave --device=/dev/sgx/provision -v /dev/log:/dev/log -v qgs-socket:/var/run/tdx-qgs/ -it --add-host=host.docker.internal:host-gateway tdx_qgs /opt/intel/tdx-qgs/qgs --no-daemon
+docker run --device=/dev/sgx_enclave --device=/dev/sgx_provision -v /dev/log:/dev/log -v qgs-socket:/var/run/tdx-qgs/ -it --add-host=host.docker.internal:host-gateway tdx_qgs /opt/intel/tdx-qgs/qgs --no-daemon

docker/build/build_and_run_sample_deb_docker.sh

@@ -0,0 +1,38 @@
+#!/bin/sh
+#
+# Copyright (C) 2022 Intel Corporation. All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+#
+#   * Redistributions of source code must retain the above copyright
+#     notice, this list of conditions and the following disclaimer.
+#   * Redistributions in binary form must reproduce the above copyright
+#     notice, this list of conditions and the following disclaimer in
+#     the documentation and/or other materials provided with the
+#     distribution.
+#   * Neither the name of Intel Corporation nor the names of its
+#     contributors may be used to endorse or promote products derived
+#     from this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+
+set -e
+docker build --target sample_deb --build-arg https_proxy=$https_proxy \
+             --build-arg http_proxy=$http_proxy -t sgx_sample_deb -f ./Dockerfile ../../
+
+# Another container should expose AESM and its socket in aesmd-socket volume.
+# Replace /dev/sgx_enclave with /dev/isgx if you use the Legacy Launch Control driver
+docker run --env http_proxy --env https_proxy --device=/dev/sgx_enclave -v aesmd-socket:/var/run/aesmd -it sgx_sample_deb

docker/build/build_and_run_sample_docker.sh

@@ -34,5 +34,5 @@ docker build --target sample --build-arg https_proxy=$https_proxy \
              --build-arg http_proxy=$http_proxy -t sgx_sample -f ./Dockerfile ../../
 
 # Another container should expose AESM and its socket in aesmd-socket volume.
-# Replace /dev/sgx/enclave with /dev/isgx if you use the Legacy Launch Control driver
-docker run --env http_proxy --env https_proxy --device=/dev/sgx/enclave -v aesmd-socket:/var/run/aesmd -it sgx_sample
+# Replace /dev/sgx_enclave with /dev/isgx if you use the Legacy Launch Control driver
+docker run --env http_proxy --env https_proxy --device=/dev/sgx_enclave -v aesmd-socket:/var/run/aesmd -it sgx_sample

external/sgx-emm/Makefile

@@ -41,6 +41,8 @@ C_Files := $(EMM_DIR)/bit_array.c   \
            $(EMM_DIR)/emm_private.c \
            $(EMM_DIR)/sgx_mm.c
 
+CPPFLAGS += -mno-sse
+
 OBJS := $(C_Files:.c=.o)
 OBJS := $(sort $(OBJS))
 

linux/installer/common/psw/Makefile

@@ -46,6 +46,8 @@ ECL_VER=1.0.0
 LCH_VER=1.0.0
 EPID_VER=1.0.0
 QEX_VER=1.0.0
+URTS_VER:= 2.0.0.0
+QE3L_VER:=1.0.0
 
 default:
 
@@ -63,6 +65,9 @@ install:
 	mv $(PSW_LIB_PATH)/libsgx_enclave_common.so $(USR_LIB_PATH)
 	rmdir $(PSW_LIB_PATH)
 	cd $(USR_LIB_PATH) && \
+	mv libsgx_urts.so libsgx_urts.so.$(URTS_VER) && \
+	ln -fs libsgx_urts.so.$(URTS_VER) libsgx_urts.so.$(call SPLIT_VERSION,$(URTS_VER),1) && \
+	ln -fs libsgx_urts.so.$(call SPLIT_VERSION,$(URTS_VER),1) libsgx_urts.so &&\
 	mv libsgx_enclave_common.so libsgx_enclave_common.so.$(ECL_VER) && \
 	ln -fs libsgx_enclave_common.so.$(ECL_VER) libsgx_enclave_common.so.$(call SPLIT_VERSION,$(ECL_VER),1) && \
 	ln -fs libsgx_enclave_common.so.$(call SPLIT_VERSION,$(ECL_VER),1) libsgx_enclave_common.so && \
@@ -76,4 +81,5 @@ install:
 	ln -fs libsgx_quote_ex.so.$(QEX_VER) libsgx_quote_ex.so.$(call SPLIT_VERSION,$(QEX_VER),1) && \
 	ln -fs libsgx_quote_ex.so.$(call SPLIT_VERSION,$(QEX_VER),1) libsgx_quote_ex.so
 	cd $(INSTALL_PATH)/aesm && \
-	ln -fs liburts_internal.so libsgx_urts.so
+	ln -fs liburts_internal.so libsgx_urts.so.$(call SPLIT_VERSION,$(URTS_VER),1) && \
+	ln -fs libsgx_qe3_logic.so.$(call SPLIT_VERSION,$(QE3L_VER),1) libsgx_qe3_logic.so

psw/urts/linux/edmm_utility.cpp

@@ -101,6 +101,11 @@ bool get_driver_type(int *driver_type)
 
     int hdev = open("/dev/sgx/enclave", O_RDWR);    //attempt to open the in-kernel driver
     if (-1 == hdev)
+    {
+        //if /dev/sgx/enclave is not present, try to open /dev/sgx_enclave
+        hdev = open("/dev/sgx_enclave", O_RDWR);
+    }
+    if (-1 == hdev)
     {
         hdev = open("/dev/isgx", O_RDWR);    //attempt to open the out-of-tree driver
         if (-1 == hdev)
@@ -150,6 +155,11 @@ extern "C" bool open_se_device(int driver_type, int *hdevice)
     if (driver_type == SGX_DRIVER_IN_KERNEL)
     {
         *hdevice = open("/dev/sgx/enclave", O_RDWR);    //attempt to open the in-kernel driver
+        //if /dev/sgx/enclave is not present, try to open /dev/sgx_enclave
+        if(-1 == *hdevice)
+        {
+            *hdevice = open("/dev/sgx_enclave", O_RDWR);
+        }
     }
     else if (driver_type == SGX_DRIVER_DCAP)
     {

psw/urts/linux/sig_handler.cpp

@@ -173,10 +173,12 @@ void sig_handler(int signum, siginfo_t* siginfo, void *priv)
         } else {
             ecmd = ECMD_INTERRUPT;
         }
+        UNUSED(ms);
 
-        CEnclave *enclave = param->trust_thread->get_enclave();
-        unsigned int ret = enclave->ecall(ecmd, param->ocall_table, ms);
-        if(SGX_SUCCESS == ret)
+        // CEnclave *enclave = param->trust_thread->get_enclave();
+        // unsigned int ret = enclave->ecall(ecmd, param->ocall_table, ms);
+        unsigned int ret = do_ecall(ecmd, param->ocall_table, NULL, param->trust_thread);
+        if (SGX_SUCCESS == ret)
         {
             //ERESUME execute
             return;
@@ -192,8 +194,8 @@ void sig_handler(int signum, siginfo_t* siginfo, void *priv)
         //If we can't fix the exception within enclave, then give the handle to other signal hanlder.
         //Call the previous signal handler. The default signal handler should terminate the application.
 
-        enclave->rdunlock();
-        CEnclavePool::instance()->unref_enclave(enclave);
+        // enclave->rdunlock();
+        // CEnclavePool::instance()->unref_enclave(enclave);
     }
     else if (signum == SIGRT_INTERRUPT)
     {

sdk/sign_tool/SignTool/manage_metadata.cpp

@@ -599,78 +599,84 @@ bool CMetadata::check_xml_parameter(const xml_parameter_t *parameter)
     return true;
 }
 
+uint64_t CMetadata::calc_overhead(uint64_t size)
+{
+    size_t bsize = ROUND_TO(size + sizeof(uint64_t), 0x8);
+    return (bsize < 0x10) ? 0x10 : bsize;
+}
+
 uint64_t CMetadata::calculate_rts_bk_overhead()
 {
     uint64_t ema_overhead = sizeof(struct ema_t_);
     uint64_t bit_array_overhead = sizeof(struct bit_array_);
 
     // MIN heap
     uint32_t page_count = (uint32_t)(m_create_param.heap_min_size >> SE_PAGE_SHIFT);
-    uint64_t heap_node_overhead = ema_overhead + bit_array_overhead + (ROUND_TO(page_count, 8) >> 3);
+    uint64_t heap_node_overhead = calc_overhead(ema_overhead) + calc_overhead(bit_array_overhead) + calc_overhead((ROUND_TO(page_count, 8) >> 3));
 
     if(m_create_param.heap_init_size > m_create_param.heap_min_size)
     {
         // INIT heap
         page_count = (uint32_t)((m_create_param.heap_init_size - m_create_param.heap_min_size) >> SE_PAGE_SHIFT);
-        heap_node_overhead += ema_overhead + bit_array_overhead + (ROUND_TO(page_count, 8) >> 3);
+        heap_node_overhead += calc_overhead(ema_overhead) + calc_overhead(bit_array_overhead) + calc_overhead((ROUND_TO(page_count, 8) >> 3));
     }
 
     if(m_create_param.heap_max_size > m_create_param.heap_init_size)
     {
         page_count = (uint32_t)((m_create_param.heap_max_size - m_create_param.heap_init_size) >> SE_PAGE_SHIFT);
-        heap_node_overhead += ema_overhead + bit_array_overhead + (ROUND_TO(page_count, 8) >> 3);
+        heap_node_overhead += calc_overhead(ema_overhead) + calc_overhead(bit_array_overhead) + calc_overhead((ROUND_TO(page_count, 8) >> 3));
     }
 
     page_count = (uint32_t)(m_create_param.rsrv_min_size >> SE_PAGE_SHIFT);
-    uint64_t rsrv_node_overhead = ema_overhead + bit_array_overhead + (ROUND_TO(page_count, 8) >> 3);
+    uint64_t rsrv_node_overhead = calc_overhead(ema_overhead) + calc_overhead(bit_array_overhead) + calc_overhead((ROUND_TO(page_count, 8) >> 3));
 
     if(m_create_param.rsrv_init_size > m_create_param.rsrv_min_size)
     {
         // INIT RSRV
         page_count = (uint32_t)((m_create_param.rsrv_init_size - m_create_param.rsrv_min_size) >> SE_PAGE_SHIFT);
-        rsrv_node_overhead += ema_overhead + bit_array_overhead + (ROUND_TO(page_count, 8) >> 3);
+        rsrv_node_overhead += calc_overhead(ema_overhead) + calc_overhead(bit_array_overhead) + calc_overhead((ROUND_TO(page_count, 8) >> 3));
     }
 
     if(m_create_param.rsrv_max_size > m_create_param.rsrv_init_size)
     {
         page_count = (uint32_t)((m_create_param.rsrv_max_size - m_create_param.rsrv_init_size) >> SE_PAGE_SHIFT);
-        rsrv_node_overhead += ema_overhead + bit_array_overhead + (ROUND_TO(page_count, 8) >> 3);
+        rsrv_node_overhead += calc_overhead(ema_overhead) + calc_overhead(bit_array_overhead) + calc_overhead((ROUND_TO(page_count, 8) >> 3));
     }
     // guard page | stack | guard page | TCS | SSA | guard page | TLS
 
     // guard page
-    uint64_t non_removed_ctx_overhead = ema_overhead;
-    uint64_t removed_ctx_overhead = ema_overhead;
+    uint64_t non_removed_ctx_overhead = calc_overhead(ema_overhead);
+    uint64_t removed_ctx_overhead = calc_overhead(ema_overhead);
 
     // stack
     page_count = (uint32_t)(m_create_param.stack_min_size >> SE_PAGE_SHIFT);
-    non_removed_ctx_overhead += ema_overhead + bit_array_overhead + (ROUND_TO(page_count, 8) >> 3);
-    removed_ctx_overhead += ema_overhead;
+    non_removed_ctx_overhead += calc_overhead(ema_overhead) + calc_overhead(bit_array_overhead) + calc_overhead((ROUND_TO(page_count, 8) >> 3));
+    removed_ctx_overhead += calc_overhead(ema_overhead);
 
     if(m_create_param.stack_max_size > m_create_param.stack_min_size)
     {
         page_count = (uint32_t)((m_create_param.stack_max_size - m_create_param.stack_min_size) >> SE_PAGE_SHIFT);
-        non_removed_ctx_overhead += ema_overhead + bit_array_overhead + (ROUND_TO(page_count, 8) >> 3);
-        removed_ctx_overhead += ema_overhead;
+        non_removed_ctx_overhead += calc_overhead(ema_overhead) + calc_overhead(bit_array_overhead) + calc_overhead((ROUND_TO(page_count, 8) >> 3));
+        removed_ctx_overhead += calc_overhead(ema_overhead);
     }
 
     // guard page
-    non_removed_ctx_overhead += ema_overhead;
-    removed_ctx_overhead += ema_overhead;
+    non_removed_ctx_overhead += calc_overhead(ema_overhead);
+    removed_ctx_overhead += calc_overhead(ema_overhead);
 
     // tcs
     page_count = TCS_SIZE >> SE_PAGE_SHIFT;
-    non_removed_ctx_overhead += ema_overhead + bit_array_overhead + (ROUND_TO(page_count, 8) >> 3);
-    removed_ctx_overhead += ema_overhead;
+    non_removed_ctx_overhead += calc_overhead(ema_overhead) + calc_overhead(bit_array_overhead) + calc_overhead((ROUND_TO(page_count, 8) >> 3));
+    removed_ctx_overhead += calc_overhead(ema_overhead);
 
     // ssa
     page_count = m_metadata->ssa_frame_size * SSA_NUM;
-    non_removed_ctx_overhead += ema_overhead + bit_array_overhead + (ROUND_TO(page_count, 8) >> 3);
+    non_removed_ctx_overhead += calc_overhead(ema_overhead) + calc_overhead(bit_array_overhead) + calc_overhead((ROUND_TO(page_count, 8) >> 3));
     removed_ctx_overhead += ema_overhead;
 
     // guard page
-    non_removed_ctx_overhead += ema_overhead;
-    removed_ctx_overhead += ema_overhead;
+    non_removed_ctx_overhead += calc_overhead(ema_overhead);
+    removed_ctx_overhead += calc_overhead(ema_overhead);
 
     // td
     page_count = 1;
@@ -679,8 +685,8 @@ uint64_t CMetadata::calculate_rts_bk_overhead()
     {
         page_count += (uint32_t)(ROUND_TO_PAGE(section->virtual_size()) >> SE_PAGE_SHIFT);
     }
-    non_removed_ctx_overhead += ema_overhead + bit_array_overhead + (ROUND_TO(page_count, 8) >> 3);
-    removed_ctx_overhead += ema_overhead;
+    non_removed_ctx_overhead += calc_overhead(ema_overhead) + calc_overhead(bit_array_overhead) + calc_overhead((ROUND_TO(page_count, 8) >> 3));
+    removed_ctx_overhead += calc_overhead(ema_overhead);
 
     uint32_t tcs_min_pool = 0; /* Number of static threads (EADD) */
     uint32_t tcs_eremove = 0;
@@ -730,9 +736,11 @@ uint64_t CMetadata::calculate_rts_bk_overhead()
     std::vector<Section*> sections = m_parser->get_sections();
     for (auto s : sections) {
         uint32_t p_count = (uint32_t)(ROUND_TO_PAGE(s->virtual_size()) >> SE_PAGE_SHIFT);
-        total_sections_overhead += ema_overhead + bit_array_overhead + (ROUND_TO(p_count, 8) >> 3);
+        total_sections_overhead += calc_overhead(ema_overhead) + calc_overhead(bit_array_overhead) + calc_overhead((ROUND_TO(p_count, 8) >> 3));
     }
 
+    printf("heap: %lx, rsrv: %lx, ctx: %lx, removed_ctx: %lx, sections: %lx\n",
+        heap_node_overhead, rsrv_node_overhead, total_non_removed_ctx_overhead, total_removed_ctx_overhead, total_sections_overhead);
     return heap_node_overhead +
            rsrv_node_overhead +
            total_non_removed_ctx_overhead +
@@ -1183,7 +1191,9 @@ bool CMetadata::build_layout_table()
     {
         // 0x20000 comes from initial emalloc reserve size (0x10000 bytes),
         // plus two guard pages (0x8000 bytes each)
-        uint64_t rts_bk_overhead = calculate_rts_bk_overhead() + 0x20000;
+        uint64_t rts_bk_overhead_tmp = ROUND_TO(calculate_rts_bk_overhead(), 0x10000);
+        printf("rts_bk_overhead: %lx\n", rts_bk_overhead_tmp);
+        uint64_t rts_bk_overhead = (rts_bk_overhead_tmp + 0x10000) * 2;
         uint64_t user_region_size = ROUND_TO_PAGE(rts_bk_overhead);
         se_trace(SE_TRACE_ERROR, "RTS bookkeeping overhead: 0x%016llX\n", user_region_size);
 

sdk/sign_tool/SignTool/manage_metadata.h

@@ -136,6 +136,7 @@ class CMetadata: private Uncopyable
     bool vaildate_elrange_config();
     bool build_elrange_config_entry();
     uint64_t calculate_rts_bk_overhead();
+    uint64_t calc_overhead(uint64_t size);
     bool check_config();
     uint8_t m_meta_verions;