Initial release of Intel SGX for Linux.

This release is used in conjunction with the linux-sgx-driver Intial release:
https://github.com/01org/linux-sgx-driver
commit-id: 0e865ce5e6b297a787bcdc12d98bada8174be6d7

Intel-id: 33399

Signed-off-by: Angie Chinchilla <angie.v.chinchilla@intel.com>

SampleCode/SampleEnclave/Enclave/TrustedLibrary/Libc.cpp

@@ -0,0 +1,59 @@
+/*
+ * Copyright (C) 2011-2016 Intel Corporation. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ *   * Redistributions of source code must retain the above copyright
+ *     notice, this list of conditions and the following disclaimer.
+ *   * Redistributions in binary form must reproduce the above copyright
+ *     notice, this list of conditions and the following disclaimer in
+ *     the documentation and/or other materials provided with the
+ *     distribution.
+ *   * Neither the name of Intel Corporation nor the names of its
+ *     contributors may be used to endorse or promote products derived
+ *     from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#include <string.h>
+#include <sgx_cpuid.h>
+
+#include "sgx_trts.h"
+#include "../Enclave.h"
+#include "Enclave_t.h"
+
+/* ecall_malloc_free:
+ *   Uses malloc/free to allocate/free trusted memory.
+ */
+void ecall_malloc_free(void)
+{
+    void *ptr = malloc(100);
+    assert(ptr != NULL);
+    memset(ptr, 0x0, 100);
+    free(ptr);
+}
+
+/* ecall_sgx_cpuid:
+ *   Uses sgx_cpuid to get CPU features and types.
+ */
+void ecall_sgx_cpuid(int cpuinfo[4], int leaf)
+{
+    sgx_status_t ret = sgx_cpuid(cpuinfo, leaf);
+    if (ret != SGX_SUCCESS)
+        abort();
+}

SampleCode/SampleEnclave/Enclave/TrustedLibrary/Libc.edl

@@ -0,0 +1,55 @@
+/*
+ * Copyright (C) 2011-2016 Intel Corporation. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ *   * Redistributions of source code must retain the above copyright
+ *     notice, this list of conditions and the following disclaimer.
+ *   * Redistributions in binary form must reproduce the above copyright
+ *     notice, this list of conditions and the following disclaimer in
+ *     the documentation and/or other materials provided with the
+ *     distribution.
+ *   * Neither the name of Intel Corporation nor the names of its
+ *     contributors may be used to endorse or promote products derived
+ *     from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+/* Libc.edl - EDL sample for trusted C library. */
+
+enclave {
+    
+    from "sgx_tstdc.edl" import sgx_oc_cpuidex;
+
+    /* 
+     * A subset of the C99 standard is supported as well as SGX customized functions: 
+     *  sgx_cpuid, etc.
+     */
+
+    trusted {
+        /*
+         * Utilize malloc/free in enclave.
+         */
+        public void ecall_malloc_free(void);
+
+        /*
+         * Utilize SGX version __cpuid() in enclave.
+         */
+        public void ecall_sgx_cpuid([in, out] int cpuinfo[4], int leaf);
+    };
+};

SampleCode/SampleEnclave/Enclave/TrustedLibrary/Libcxx.cpp

@@ -0,0 +1,89 @@
+/*
+ * Copyright (C) 2011-2016 Intel Corporation. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ *   * Redistributions of source code must retain the above copyright
+ *     notice, this list of conditions and the following disclaimer.
+ *   * Redistributions in binary form must reproduce the above copyright
+ *     notice, this list of conditions and the following disclaimer in
+ *     the documentation and/or other materials provided with the
+ *     distribution.
+ *   * Neither the name of Intel Corporation nor the names of its
+ *     contributors may be used to endorse or promote products derived
+ *     from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#include <cstdlib>
+#include <string>
+
+#include "../Enclave.h"
+#include "Enclave_t.h"
+
+/*
+ * ecall_exception:
+ *   throw/catch C++ exception inside the enclave.
+ */
+
+void ecall_exception(void)
+{
+    std::string foo = "foo";
+    try {
+        throw std::runtime_error(foo);
+    }
+    catch (std::runtime_error const& e) {
+        assert( foo == e.what() );
+        std::runtime_error clone("");
+        clone = e;
+        assert(foo == clone.what() );
+    }
+    catch (...) {
+        assert( false );
+    }
+}
+
+#include <map>
+#include <algorithm>
+
+using namespace std;
+
+/*
+ * ecall_map:
+ *   Utilize STL <map> in the enclave.
+ */
+void ecall_map(void)
+{
+    typedef map<char, int, less<char> > map_t;
+    typedef map_t::value_type map_value;
+    map_t m;
+
+    m.insert(map_value('a', 1));
+    m.insert(map_value('b', 2));
+    m.insert(map_value('c', 3));
+    m.insert(map_value('d', 4));
+
+    assert(m['a'] == 1);
+    assert(m['b'] == 2);
+    assert(m['c'] == 3);
+    assert(m['d'] == 4);
+
+    assert(m.find('e') == m.end());
+    
+    return;
+}

SampleCode/SampleEnclave/Enclave/TrustedLibrary/Libcxx.edl

@@ -0,0 +1,52 @@
+/*
+ * Copyright (C) 2011-2016 Intel Corporation. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ *   * Redistributions of source code must retain the above copyright
+ *     notice, this list of conditions and the following disclaimer.
+ *   * Redistributions in binary form must reproduce the above copyright
+ *     notice, this list of conditions and the following disclaimer in
+ *     the documentation and/or other materials provided with the
+ *     distribution.
+ *   * Neither the name of Intel Corporation nor the names of its
+ *     contributors may be used to endorse or promote products derived
+ *     from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+/* Libcxx.edl - EDL sample for trusted C++ library. */
+
+enclave {
+    
+    /* 
+     * A subset of the C++03 standard is supported.
+     */
+
+    trusted {
+        /*
+         * Throw/catch exception inside the enclave.
+         */
+        public void ecall_exception(void);
+
+        /*
+         * Utilize <map> inside the enclave.
+         */
+        public void ecall_map(void);
+    };
+};

SampleCode/SampleEnclave/Enclave/TrustedLibrary/Thread.cpp

@@ -0,0 +1,104 @@
+/*
+ * Copyright (C) 2011-2016 Intel Corporation. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ *   * Redistributions of source code must retain the above copyright
+ *     notice, this list of conditions and the following disclaimer.
+ *   * Redistributions in binary form must reproduce the above copyright
+ *     notice, this list of conditions and the following disclaimer in
+ *     the documentation and/or other materials provided with the
+ *     distribution.
+ *   * Neither the name of Intel Corporation nor the names of its
+ *     contributors may be used to endorse or promote products derived
+ *     from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+#include "../Enclave.h"
+#include "Enclave_t.h"
+
+#include <sgx_thread.h>
+
+static size_t global_counter = 0;
+static sgx_thread_mutex_t global_mutex = SGX_THREAD_MUTEX_INITIALIZER;
+
+#define BUFFER_SIZE 50
+
+typedef struct {
+    int buf[BUFFER_SIZE];
+    int occupied;
+    int nextin;
+    int nextout;
+    sgx_thread_mutex_t mutex;
+    sgx_thread_cond_t more;
+    sgx_thread_cond_t less;
+} cond_buffer_t;
+
+static cond_buffer_t buffer = {{0, 0, 0, 0, 0, 0}, 0, 0, 0,
+    SGX_THREAD_MUTEX_INITIALIZER, SGX_THREAD_COND_INITIALIZER, SGX_THREAD_COND_INITIALIZER};
+
+/*
+ * ecall_increase_counter:
+ *   Utilize thread APIs inside the enclave.
+ */
+size_t ecall_increase_counter(void)
+{
+    size_t ret = 0;
+    for (int i = 0; i < LOOPS_PER_THREAD; i++) {
+        sgx_thread_mutex_lock(&global_mutex);
+        /* mutually exclusive adding */
+        size_t tmp = global_counter;
+        global_counter = ++tmp;
+        if (4*LOOPS_PER_THREAD == global_counter)
+            ret = global_counter;
+        sgx_thread_mutex_unlock(&global_mutex);
+    }
+    return ret;
+}
+
+void ecall_producer(void)
+{
+    for (int i = 0; i < 4*LOOPS_PER_THREAD; i++) {
+        cond_buffer_t *b = &buffer;
+        sgx_thread_mutex_lock(&b->mutex);
+        while (b->occupied >= BUFFER_SIZE)
+            sgx_thread_cond_wait(&b->less, &b->mutex);
+        b->buf[b->nextin] = b->nextin;
+        b->nextin++;
+        b->nextin %= BUFFER_SIZE;
+        b->occupied++;
+        sgx_thread_cond_signal(&b->more);
+        sgx_thread_mutex_unlock(&b->mutex);
+    }
+}
+
+void ecall_consumer(void)
+{
+    for (int i = 0; i < LOOPS_PER_THREAD; i++) {
+        cond_buffer_t *b = &buffer;
+        sgx_thread_mutex_lock(&b->mutex);
+        while(b->occupied <= 0)
+            sgx_thread_cond_wait(&b->more, &b->mutex);
+        b->buf[b->nextout++] = 0;
+        b->nextout %= BUFFER_SIZE;
+        b->occupied--;
+        sgx_thread_cond_signal(&b->less);
+        sgx_thread_mutex_unlock(&b->mutex);
+    }
+}

SampleCode/SampleEnclave/Enclave/TrustedLibrary/Thread.edl

@@ -0,0 +1,51 @@
+/*
+ * Copyright (C) 2011-2016 Intel Corporation. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ *   * Redistributions of source code must retain the above copyright
+ *     notice, this list of conditions and the following disclaimer.
+ *   * Redistributions in binary form must reproduce the above copyright
+ *     notice, this list of conditions and the following disclaimer in
+ *     the documentation and/or other materials provided with the
+ *     distribution.
+ *   * Neither the name of Intel Corporation nor the names of its
+ *     contributors may be used to endorse or promote products derived
+ *     from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+/* Thread.edl - EDL sample for trusted thread library. */
+
+enclave {
+
+    from "sgx_tstdc.edl" import sgx_thread_wait_untrusted_event_ocall, sgx_thread_set_untrusted_event_ocall, sgx_thread_setwait_untrusted_events_ocall, sgx_thread_set_multiple_untrusted_events_ocall;
+
+    trusted {
+        /*
+         * Use SGX mutex.
+         */
+        public size_t ecall_increase_counter();
+
+        /*
+         * Use SGX condition variables.
+         */
+        public void ecall_producer();
+        public void ecall_consumer();
+
+    };
+};