mirror of
https://github.com/corda/corda.git
synced 2025-01-22 12:28:11 +00:00
9441de4c38
This release is used in conjunction with the linux-sgx-driver Intial release: https://github.com/01org/linux-sgx-driver commit-id: 0e865ce5e6b297a787bcdc12d98bada8174be6d7 Intel-id: 33399 Signed-off-by: Angie Chinchilla <angie.v.chinchilla@intel.com>
1553 lines
63 KiB
OCaml
1553 lines
63 KiB
OCaml
(*
|
|
* Copyright (C) 2011-2016 Intel Corporation. All rights reserved.
|
|
*
|
|
* Redistribution and use in source and binary forms, with or without
|
|
* modification, are permitted provided that the following conditions
|
|
* are met:
|
|
*
|
|
* * Redistributions of source code must retain the above copyright
|
|
* notice, this list of conditions and the following disclaimer.
|
|
* * Redistributions in binary form must reproduce the above copyright
|
|
* notice, this list of conditions and the following disclaimer in
|
|
* the documentation and/or other materials provided with the
|
|
* distribution.
|
|
* * Neither the name of Intel Corporation nor the names of its
|
|
* contributors may be used to endorse or promote products derived
|
|
* from this software without specific prior written permission.
|
|
*
|
|
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
|
|
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
* OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
*
|
|
*)
|
|
|
|
open Printf
|
|
open Util (* for failwithf *)
|
|
|
|
(* --------------------------------------------------------------------
|
|
* We first introduce a `parse_enclave_ast' function (see below) to
|
|
* parse a value of type `Ast.enclave' into a `enclave_content' record.
|
|
* --------------------------------------------------------------------
|
|
*)
|
|
|
|
(* This record type is used to better organize a value of Ast.enclave *)
|
|
type enclave_content = {
|
|
file_shortnm : string; (* the short name of original EDL file *)
|
|
enclave_name : string; (* the normalized C identifier *)
|
|
|
|
include_list : string list;
|
|
import_exprs : Ast.import_decl list;
|
|
comp_defs : Ast.composite_type list;
|
|
tfunc_decls : Ast.trusted_func list;
|
|
ufunc_decls : Ast.untrusted_func list;
|
|
}
|
|
|
|
(* Whether to prefix untrusted proxy with Enclave name *)
|
|
let g_use_prefix = ref false
|
|
let g_untrusted_dir = ref "."
|
|
let g_trusted_dir = ref "."
|
|
|
|
let empty_ec =
|
|
{ file_shortnm = "";
|
|
enclave_name = "";
|
|
include_list = [];
|
|
import_exprs = [];
|
|
comp_defs = [];
|
|
tfunc_decls = [];
|
|
ufunc_decls = []; }
|
|
|
|
let get_tf_fname (tf: Ast.trusted_func) =
|
|
tf.Ast.tf_fdecl.Ast.fname
|
|
|
|
let is_priv_ecall (tf: Ast.trusted_func) =
|
|
tf.Ast.tf_is_priv
|
|
|
|
let get_uf_fname (uf: Ast.untrusted_func) =
|
|
uf.Ast.uf_fdecl.Ast.fname
|
|
|
|
let get_trusted_func_names (ec: enclave_content) =
|
|
List.map get_tf_fname ec.tfunc_decls
|
|
|
|
let get_untrusted_func_names (ec: enclave_content) =
|
|
List.map get_uf_fname ec.ufunc_decls
|
|
|
|
let tf_list_to_fd_list (tfs: Ast.trusted_func list) =
|
|
List.map (fun (tf: Ast.trusted_func) -> tf.Ast.tf_fdecl) tfs
|
|
|
|
let tf_list_to_priv_list (tfs: Ast.trusted_func list) =
|
|
List.map is_priv_ecall tfs
|
|
|
|
(* Get a list of names of all private ECALLs *)
|
|
let get_priv_ecall_names (tfs: Ast.trusted_func list) =
|
|
List.filter is_priv_ecall tfs |> List.map get_tf_fname
|
|
|
|
let uf_list_to_fd_list (ufs: Ast.untrusted_func list) =
|
|
List.map (fun (uf: Ast.untrusted_func) -> uf.Ast.uf_fdecl) ufs
|
|
|
|
(* Get a list of names of all allowed ECALLs from `allow(...)' *)
|
|
let get_allowed_names (ufs: Ast.untrusted_func list) =
|
|
let allow_lists =
|
|
List.map (fun (uf: Ast.untrusted_func) -> uf.Ast.uf_allow_list) ufs
|
|
in
|
|
List.flatten allow_lists |> dedup_list
|
|
|
|
(* With `parse_enclave_ast', each enclave AST is traversed only once. *)
|
|
let parse_enclave_ast (e: Ast.enclave) =
|
|
let ac_include_list = ref [] in
|
|
let ac_import_exprs = ref [] in
|
|
let ac_comp_defs = ref [] in
|
|
let ac_tfunc_decls = ref [] in
|
|
let ac_ufunc_decls = ref [] in
|
|
List.iter (fun ex ->
|
|
match ex with
|
|
Ast.Composite x -> ac_comp_defs := x :: !ac_comp_defs
|
|
| Ast.Include x -> ac_include_list := x :: !ac_include_list
|
|
| Ast.Importing x -> ac_import_exprs := x :: !ac_import_exprs
|
|
| Ast.Interface xs ->
|
|
List.iter (fun ef ->
|
|
match ef with
|
|
Ast.Trusted f ->
|
|
ac_tfunc_decls := f :: !ac_tfunc_decls
|
|
| Ast.Untrusted f ->
|
|
ac_ufunc_decls := f :: !ac_ufunc_decls) xs
|
|
) e.Ast.eexpr;
|
|
{ file_shortnm = e.Ast.ename;
|
|
enclave_name = Util.to_c_identifier e.Ast.ename;
|
|
include_list = List.rev !ac_include_list;
|
|
import_exprs = List.rev !ac_import_exprs;
|
|
comp_defs = List.rev !ac_comp_defs;
|
|
tfunc_decls = List.rev !ac_tfunc_decls;
|
|
ufunc_decls = List.rev !ac_ufunc_decls; }
|
|
|
|
let is_foreign_array (pt: Ast.parameter_type) =
|
|
match pt with
|
|
Ast.PTVal _ -> false
|
|
| Ast.PTPtr(t, a) ->
|
|
match t with
|
|
Ast.Foreign _ -> a.Ast.pa_isary
|
|
| _ -> false
|
|
|
|
(* A naked function has neither parameters nor return value. *)
|
|
let is_naked_func (fd: Ast.func_decl) =
|
|
fd.Ast.rtype = Ast.Void && fd.Ast.plist = []
|
|
|
|
(*
|
|
* If user only defined a trusted function w/o neither parameter nor
|
|
* return value, the generated trusted bridge will not call any tRTS
|
|
* routines. If the real trusted function doesn't call tRTS function
|
|
* either (highly possible), then the MSVC linker will not link tRTS
|
|
* into the result enclave.
|
|
*)
|
|
let tbridge_gen_dummy_variable (ec: enclave_content) =
|
|
let _dummy_variable =
|
|
sprintf "\n#ifdef _MSC_VER\n\
|
|
\t/* In case enclave `%s' doesn't call any tRTS function. */\n\
|
|
\tvolatile int force_link_trts = sgx_is_within_enclave(NULL, 0);\n\
|
|
\t(void) force_link_trts; /* avoid compiler warning */\n\
|
|
#endif\n\n" ec.enclave_name
|
|
in
|
|
if ec.ufunc_decls <> [] then ""
|
|
else
|
|
if List.for_all (fun tfd -> is_naked_func tfd.Ast.tf_fdecl) ec.tfunc_decls
|
|
then _dummy_variable
|
|
else ""
|
|
|
|
(* This function is used to convert Array form into Pointer form.
|
|
* e.g.: int array[10][20] => [count = 200] int* array
|
|
*
|
|
* This function is called when generating proxy/bridge code and
|
|
* the marshaling structure.
|
|
*)
|
|
let conv_array_to_ptr (pd: Ast.pdecl): Ast.pdecl =
|
|
let (pt, declr) = pd in
|
|
let get_count_attr ilist =
|
|
(* XXX: assume the size of each dimension will be > 0. *)
|
|
Ast.ANumber (List.fold_left (fun acc i -> acc*i) 1 ilist)
|
|
in
|
|
match pt with
|
|
Ast.PTVal _ -> (pt, declr)
|
|
| Ast.PTPtr(aty, pa) ->
|
|
if Ast.is_array declr then
|
|
let tmp_declr = { declr with Ast.array_dims = [] } in
|
|
let tmp_aty = Ast.Ptr aty in
|
|
let tmp_cnt = get_count_attr declr.Ast.array_dims in
|
|
let tmp_pa = { pa with Ast.pa_size = { Ast.empty_ptr_size with Ast.ps_count = Some tmp_cnt } }
|
|
in (Ast.PTPtr(tmp_aty, tmp_pa), tmp_declr)
|
|
else (pt, declr)
|
|
|
|
(* ------------------------------------------------------------------
|
|
* Code generation for edge-routines.
|
|
* ------------------------------------------------------------------
|
|
*)
|
|
|
|
(* Little functions for naming of a struct and its members etc *)
|
|
let retval_name = "retval"
|
|
let retval_declr = { Ast.identifier = retval_name; Ast.array_dims = []; }
|
|
let eid_name = "eid"
|
|
let ms_ptr_name = "pms"
|
|
let ms_struct_val = "ms"
|
|
let mk_ms_member_name (pname: string) = "ms_" ^ pname
|
|
let mk_ms_struct_name (fname: string) = "ms_" ^ fname ^ "_t"
|
|
let ms_retval_name = mk_ms_member_name retval_name
|
|
let mk_tbridge_name (fname: string) = "sgx_" ^ fname
|
|
let mk_parm_accessor name = sprintf "%s->%s" ms_struct_val (mk_ms_member_name name)
|
|
let mk_tmp_var name = "_tmp_" ^ name
|
|
let mk_len_var name = "_len_" ^ name
|
|
let mk_in_var name = "_in_" ^ name
|
|
let mk_ocall_table_name enclave_name = "ocall_table_" ^ enclave_name
|
|
|
|
(* Un-trusted bridge name is prefixed with enclave file short name. *)
|
|
let mk_ubridge_name (file_shortnm: string) (funcname: string) =
|
|
sprintf "%s_%s" file_shortnm funcname
|
|
|
|
let mk_ubridge_proto (file_shortnm: string) (funcname: string) =
|
|
sprintf "static sgx_status_t SGX_CDECL %s(void* %s)"
|
|
(mk_ubridge_name file_shortnm funcname) ms_ptr_name
|
|
|
|
(* Common macro definitions. *)
|
|
let common_macros = "#include <stdlib.h> /* for size_t */\n\n\
|
|
#define SGX_CAST(type, item) ((type)(item))\n\n\
|
|
#ifdef __cplusplus\n\
|
|
extern \"C\" {\n\
|
|
#endif\n"
|
|
|
|
(* Header footer *)
|
|
let header_footer = "\n#ifdef __cplusplus\n}\n#endif /* __cplusplus */\n\n#endif\n"
|
|
|
|
(* Little functions for generating file names. *)
|
|
let get_uheader_short_name (file_shortnm: string) = file_shortnm ^ "_u.h"
|
|
let get_uheader_name (file_shortnm: string) =
|
|
!g_untrusted_dir ^ separator_str ^ (get_uheader_short_name file_shortnm)
|
|
|
|
let get_usource_name (file_shortnm: string) =
|
|
!g_untrusted_dir ^ separator_str ^ file_shortnm ^ "_u.c"
|
|
|
|
let get_theader_short_name (file_shortnm: string) = file_shortnm ^ "_t.h"
|
|
let get_theader_name (file_shortnm: string) =
|
|
!g_trusted_dir ^ separator_str ^ (get_theader_short_name file_shortnm)
|
|
|
|
let get_tsource_name (file_shortnm: string) =
|
|
!g_trusted_dir ^ separator_str ^ file_shortnm ^ "_t.c"
|
|
|
|
(* Construct the string of structure definition *)
|
|
let mk_struct_decl (fs: string) (name: string) =
|
|
sprintf "typedef struct %s {\n%s} %s;\n" name fs name
|
|
|
|
(* Construct the string of union definition *)
|
|
let mk_union_decl (fs: string) (name: string) =
|
|
sprintf "typedef union %s {\n%s} %s;\n" name fs name
|
|
|
|
(* Generate a definition of enum *)
|
|
let mk_enum_def (e: Ast.enum_def) =
|
|
let gen_enum_ele_str (ele: Ast.enum_ele) =
|
|
let k, v = ele in
|
|
match v with
|
|
Ast.EnumValNone -> k
|
|
| Ast.EnumVal ev -> sprintf "%s = %s" k (Ast.attr_value_to_string ev)
|
|
in
|
|
let enname = e.Ast.enname in
|
|
let enbody = e.Ast.enbody in
|
|
let enbody_str =
|
|
if enbody = [] then ""
|
|
else List.fold_left (fun acc ele ->
|
|
acc ^ "\t" ^ gen_enum_ele_str ele ^ ",\n") "" enbody
|
|
in
|
|
if enname = "" then sprintf "enum {\n%s};\n" enbody_str
|
|
else sprintf "typedef enum %s {\n%s} %s;\n" enname enbody_str enname
|
|
|
|
let get_array_dims (ns: int list) =
|
|
(* Get the array declaration from a list of array dimensions.
|
|
* Empty `ns' indicates the corresponding declarator is a simple identifier.
|
|
* Element of value -1 means that user does not specify the dimension size.
|
|
*)
|
|
let get_dim n = if n = -1 then "[]" else sprintf "[%d]" n
|
|
in
|
|
if ns = [] then ""
|
|
else List.fold_left (fun acc n -> acc ^ get_dim n) "" ns
|
|
|
|
let get_typed_declr_str (ty: Ast.atype) (declr: Ast.declarator) =
|
|
let tystr = Ast.get_tystr ty in
|
|
let dmstr = get_array_dims declr.Ast.array_dims in
|
|
sprintf "%s %s%s" tystr declr.Ast.identifier dmstr
|
|
|
|
(* Construct a member declaration string *)
|
|
let mk_member_decl (ty: Ast.atype) (declr: Ast.declarator) =
|
|
sprintf "\t%s;\n" (get_typed_declr_str ty declr)
|
|
|
|
(* Note that, for a foreign array type `foo_array_t' we will generate
|
|
* foo_array_t* ms_field;
|
|
* in the marshaling data structure to keep the pass-by-address scheme
|
|
* as in the C programming language.
|
|
*)
|
|
let mk_ms_member_decl (pt: Ast.parameter_type) (declr: Ast.declarator) =
|
|
let aty = Ast.get_param_atype pt in
|
|
let tystr = Ast.get_tystr aty in
|
|
let ptr = if is_foreign_array pt then "* " else "" in
|
|
let field = mk_ms_member_name declr.Ast.identifier in
|
|
let dmstr = get_array_dims declr.Ast.array_dims in
|
|
sprintf "\t%s%s %s%s;\n" tystr ptr field dmstr
|
|
|
|
(* Generate data structure definition *)
|
|
let gen_comp_def (st: Ast.composite_type) =
|
|
let gen_member_list mlist =
|
|
List.fold_left (fun acc (ty, declr) ->
|
|
acc ^ mk_member_decl ty declr) "" mlist
|
|
in
|
|
match st with
|
|
Ast.StructDef s -> mk_struct_decl (gen_member_list s.Ast.mlist) s.Ast.sname
|
|
| Ast.UnionDef u -> mk_union_decl (gen_member_list u.Ast.mlist) u.Ast.sname
|
|
| Ast.EnumDef e -> mk_enum_def e
|
|
|
|
(* Generate a list of '#include' *)
|
|
let gen_include_list (xs: string list) =
|
|
List.fold_left (fun acc s -> acc ^ sprintf "#include \"%s\"\n" s) "" xs
|
|
|
|
(* Get the type string from 'parameter_type' *)
|
|
let get_param_tystr (pt: Ast.parameter_type) =
|
|
Ast.get_tystr (Ast.get_param_atype pt)
|
|
|
|
(* Generate marshaling structure definition *)
|
|
let gen_marshal_struct (fd: Ast.func_decl) (errno: string) =
|
|
let member_list_str = errno ^
|
|
let new_param_list = List.map conv_array_to_ptr fd.Ast.plist in
|
|
List.fold_left (fun acc (pt, declr) ->
|
|
acc ^ mk_ms_member_decl pt declr) "" new_param_list in
|
|
let struct_name = mk_ms_struct_name fd.Ast.fname in
|
|
match fd.Ast.rtype with
|
|
(* A function w/o return value and parameters doesn't need
|
|
a marshaling struct. *)
|
|
Ast.Void -> if fd.Ast.plist = [] && errno = "" then ""
|
|
else mk_struct_decl member_list_str struct_name
|
|
| _ -> let rv_str = mk_ms_member_decl (Ast.PTVal fd.Ast.rtype) retval_declr
|
|
in mk_struct_decl (rv_str ^ member_list_str) struct_name
|
|
|
|
let gen_ecall_marshal_struct (tf: Ast.trusted_func) =
|
|
gen_marshal_struct tf.Ast.tf_fdecl ""
|
|
|
|
let gen_ocall_marshal_struct (uf: Ast.untrusted_func) =
|
|
let errno_decl = if uf.Ast.uf_propagate_errno then "\tint ocall_errno;\n" else "" in
|
|
gen_marshal_struct uf.Ast.uf_fdecl errno_decl
|
|
|
|
(* Check whether given parameter is `const' specified. *)
|
|
let is_const_ptr (pt: Ast.parameter_type) =
|
|
let aty = Ast.get_param_atype pt in
|
|
match pt with
|
|
Ast.PTVal _ -> false
|
|
| Ast.PTPtr(_, pa) ->
|
|
if not pa.Ast.pa_rdonly then false
|
|
else
|
|
match aty with
|
|
Ast.Foreign _ -> false
|
|
| _ -> true
|
|
|
|
(* Generate parameter representation. *)
|
|
let gen_parm_str (p: Ast.pdecl) =
|
|
let (pt, (declr : Ast.declarator)) = p in
|
|
let aty = Ast.get_param_atype pt in
|
|
let str = get_typed_declr_str aty declr in
|
|
if is_const_ptr pt then "const " ^ str else str
|
|
|
|
(* Generate parameter representation of return value. *)
|
|
let gen_parm_retval (rt: Ast.atype) =
|
|
if rt = Ast.Void then ""
|
|
else Ast.get_tystr rt ^ "* " ^ retval_name
|
|
|
|
(* ---------------------------------------------------------------------- *)
|
|
|
|
(* `gen_ecall_table' is used to generate ECALL table with the following form:
|
|
SGX_EXTERNC const struct {
|
|
size_t nr_ecall; /* number of ECALLs */
|
|
struct {
|
|
void *ecall_addr;
|
|
uint8_t is_priv;
|
|
} ecall_table [nr_ecall];
|
|
} g_ecall_table = {
|
|
2, { {sgx_foo, 1}, {sgx_bar, 0} }
|
|
};
|
|
*)
|
|
let gen_ecall_table (tfs: Ast.trusted_func list) =
|
|
let ecall_table_name = "g_ecall_table" in
|
|
let ecall_table_size = List.length tfs in
|
|
let trusted_fds = tf_list_to_fd_list tfs in
|
|
let priv_bits = tf_list_to_priv_list tfs in
|
|
let tbridge_names = List.map (fun (fd: Ast.func_decl) ->
|
|
mk_tbridge_name fd.Ast.fname) trusted_fds in
|
|
let ecall_table =
|
|
let bool_to_int b = if b then 1 else 0 in
|
|
let inner_table =
|
|
List.fold_left2 (fun acc s b ->
|
|
sprintf "%s\t\t{(void*)(uintptr_t)%s, %d},\n" acc s (bool_to_int b)) "" tbridge_names priv_bits
|
|
in "\t{\n" ^ inner_table ^ "\t}\n"
|
|
in
|
|
sprintf "SGX_EXTERNC const struct {\n\
|
|
\tsize_t nr_ecall;\n\
|
|
\tstruct {void* ecall_addr; uint8_t is_priv;} ecall_table[%d];\n\
|
|
} %s = {\n\
|
|
\t%d,\n\
|
|
%s};\n" ecall_table_size
|
|
ecall_table_name
|
|
ecall_table_size
|
|
(if ecall_table_size = 0 then "" else ecall_table)
|
|
|
|
(* `gen_entry_table' is used to generate Dynamic Entry Table with the form:
|
|
SGX_EXTERNC const struct {
|
|
/* number of OCALLs (number of ECALLs can be found in ECALL table) */
|
|
size_t nr_ocall;
|
|
|
|
/* entry_table[m][n] = 1 iff. ECALL n is allowed in the OCALL m. */
|
|
uint8_t entry_table[NR_OCALL][NR_ECALL];
|
|
} g_dyn_entry_table = {
|
|
3, {{0, 0}, {0, 1}, {1, 0}}
|
|
};
|
|
*)
|
|
let gen_entry_table (ec: enclave_content) =
|
|
let dyn_entry_table_name = "g_dyn_entry_table" in
|
|
let ocall_table_size = List.length ec.ufunc_decls in
|
|
let trusted_func_names = get_trusted_func_names ec in
|
|
let ecall_table_size = List.length trusted_func_names in
|
|
let get_entry_array (allowed_ecalls: string list) =
|
|
List.fold_left (fun acc name ->
|
|
acc ^ (if List.exists (fun x -> x=name) allowed_ecalls
|
|
then "1"
|
|
else "0") ^ ", ") "" trusted_func_names in
|
|
let entry_table =
|
|
let inner_table =
|
|
List.fold_left (fun acc (uf: Ast.untrusted_func) ->
|
|
let entry_array = get_entry_array uf.Ast.uf_allow_list
|
|
in acc ^ "\t\t{" ^ entry_array ^ "},\n") "" ec.ufunc_decls
|
|
in
|
|
"\t{\n" ^ inner_table ^ "\t}\n"
|
|
in
|
|
(* Generate dynamic entry table iff. both sgx_ecall/ocall_table_size > 0 *)
|
|
let gen_table_p = (ecall_table_size > 0) && (ocall_table_size > 0) in
|
|
(* When NR_ECALL is 0, or NR_OCALL is 0, there will be no entry table field. *)
|
|
let entry_table_field =
|
|
if gen_table_p then
|
|
sprintf "\tuint8_t entry_table[%d][%d];\n" ocall_table_size ecall_table_size
|
|
else
|
|
""
|
|
in
|
|
sprintf "SGX_EXTERNC const struct {\n\
|
|
\tsize_t nr_ocall;\n%s\
|
|
} %s = {\n\
|
|
\t%d,\n\
|
|
%s};\n" entry_table_field
|
|
dyn_entry_table_name
|
|
ocall_table_size
|
|
(if gen_table_p then entry_table else "")
|
|
|
|
(* ---------------------------------------------------------------------- *)
|
|
|
|
(* Generate the function prototype for untrusted proxy in COM style.
|
|
* For example, un-trusted functions
|
|
* int foo(double d);
|
|
* void bar(float f);
|
|
*
|
|
* will have an untrusted proxy like below:
|
|
* sgx_status_t foo(int* retval, double d);
|
|
* sgx_status_t bar(float f);
|
|
*)
|
|
let gen_tproxy_proto (fd: Ast.func_decl) =
|
|
let parm_list =
|
|
match fd.Ast.plist with
|
|
[] -> ""
|
|
| x :: xs ->
|
|
List.fold_left (fun acc pd ->
|
|
acc ^ ", " ^ gen_parm_str pd) (gen_parm_str x) xs
|
|
in
|
|
let retval_parm_str = gen_parm_retval fd.Ast.rtype in
|
|
if fd.Ast.plist = [] then
|
|
sprintf "sgx_status_t SGX_CDECL %s(%s)" fd.Ast.fname retval_parm_str
|
|
else if fd.Ast.rtype = Ast.Void then
|
|
sprintf "sgx_status_t SGX_CDECL %s(%s)" fd.Ast.fname parm_list
|
|
else
|
|
sprintf "sgx_status_t SGX_CDECL %s(%s, %s)" fd.Ast.fname retval_parm_str parm_list
|
|
|
|
(* Generate the function prototype for untrusted proxy in COM style.
|
|
* For example, trusted functions
|
|
* int foo(double d);
|
|
* void bar(float f);
|
|
*
|
|
* will have an untrusted proxy like below:
|
|
* sgx_status_t foo(sgx_enclave_id_t eid, int* retval, double d);
|
|
* sgx_status_t foo(sgx_enclave_id_t eid, float f);
|
|
*
|
|
* When `g_use_prefix' is true, the untrusted proxy name is prefixed
|
|
* with the `prefix' parameter.
|
|
*
|
|
*)
|
|
let gen_uproxy_com_proto (fd: Ast.func_decl) (prefix: string) =
|
|
let retval_parm_str = gen_parm_retval fd.Ast.rtype in
|
|
|
|
let eid_parm_str =
|
|
if fd.Ast.rtype = Ast.Void then sprintf "(sgx_enclave_id_t %s" eid_name
|
|
else sprintf "(sgx_enclave_id_t %s, " eid_name in
|
|
let parm_list =
|
|
List.fold_left (fun acc pd -> acc ^ ", " ^ gen_parm_str pd)
|
|
retval_parm_str fd.Ast.plist in
|
|
let fname =
|
|
if !g_use_prefix then sprintf "%s_%s" prefix fd.Ast.fname
|
|
else fd.Ast.fname
|
|
in "sgx_status_t " ^ fname ^ eid_parm_str ^ parm_list ^ ")"
|
|
|
|
let get_ret_tystr (fd: Ast.func_decl) = Ast.get_tystr fd.Ast.rtype
|
|
let get_plist_str (fd: Ast.func_decl) =
|
|
if fd.Ast.plist = [] then ""
|
|
else List.fold_left (fun acc pd -> acc ^ ", " ^ gen_parm_str pd)
|
|
(gen_parm_str (List.hd fd.Ast.plist))
|
|
(List.tl fd.Ast.plist)
|
|
|
|
(* Generate the function prototype as is. *)
|
|
let gen_func_proto (fd: Ast.func_decl) =
|
|
let ret_tystr = get_ret_tystr fd in
|
|
let plist_str = get_plist_str fd in
|
|
sprintf "%s %s(%s)" ret_tystr fd.Ast.fname plist_str
|
|
|
|
(* Generate prototypes for untrusted function. *)
|
|
let gen_ufunc_proto (uf: Ast.untrusted_func) =
|
|
let dllimport = if uf.Ast.uf_fattr.Ast.fa_dllimport then "SGX_DLLIMPORT " else "" in
|
|
let ret_tystr = get_ret_tystr uf.Ast.uf_fdecl in
|
|
let cconv_str = "SGX_" ^ Ast.get_call_conv_str uf.Ast.uf_fattr.Ast.fa_convention in
|
|
let func_name = uf.Ast.uf_fdecl.Ast.fname in
|
|
let plist_str = get_plist_str uf.Ast.uf_fdecl in
|
|
sprintf "%s%s SGX_UBRIDGE(%s, %s, (%s))"
|
|
dllimport ret_tystr cconv_str func_name plist_str
|
|
|
|
(* The preemble contains common include expressions. *)
|
|
let gen_uheader_preemble (guard: string) (inclist: string)=
|
|
let grd_hdr = sprintf "#ifndef %s\n#define %s\n\n" guard guard in
|
|
let inc_exp = "#include <stdint.h>\n\
|
|
#include <wchar.h>\n\
|
|
#include <stddef.h>\n\
|
|
#include <string.h>\n\
|
|
#include \"sgx_edger8r.h\" /* for sgx_satus_t etc. */\n" in
|
|
grd_hdr ^ inc_exp ^ "\n" ^ inclist ^ "\n" ^ common_macros
|
|
|
|
let ms_writer out_chan ec =
|
|
let ms_struct_ecall = List.map gen_ecall_marshal_struct ec.tfunc_decls in
|
|
let ms_struct_ocall = List.map gen_ocall_marshal_struct ec.ufunc_decls in
|
|
List.iter (fun s -> output_string out_chan (s ^ "\n")) ms_struct_ecall;
|
|
List.iter (fun s -> output_string out_chan (s ^ "\n")) ms_struct_ocall
|
|
|
|
|
|
(* Generate untrusted header for enclave *)
|
|
let gen_untrusted_header (ec: enclave_content) =
|
|
let header_fname = get_uheader_name ec.file_shortnm in
|
|
let guard_macro = sprintf "%s_U_H__" (String.uppercase ec.enclave_name) in
|
|
let preemble_code =
|
|
let include_list = gen_include_list (ec.include_list @ !untrusted_headers) in
|
|
gen_uheader_preemble guard_macro include_list
|
|
in
|
|
let comp_def_list = List.map gen_comp_def ec.comp_defs in
|
|
let func_proto_ufunc = List.map gen_ufunc_proto ec.ufunc_decls in
|
|
let uproxy_com_proto =
|
|
List.map (fun (tf: Ast.trusted_func) ->
|
|
gen_uproxy_com_proto tf.Ast.tf_fdecl ec.enclave_name)
|
|
ec.tfunc_decls
|
|
in
|
|
let out_chan = open_out header_fname in
|
|
output_string out_chan (preemble_code ^ "\n");
|
|
List.iter (fun s -> output_string out_chan (s ^ "\n")) comp_def_list;
|
|
List.iter (fun s -> output_string out_chan (s ^ ";\n")) func_proto_ufunc;
|
|
output_string out_chan "\n";
|
|
List.iter (fun s -> output_string out_chan (s ^ ";\n")) uproxy_com_proto;
|
|
output_string out_chan header_footer;
|
|
close_out out_chan
|
|
|
|
(* It generates preemble for trusted header file. *)
|
|
let gen_theader_preemble (guard: string) (inclist: string) =
|
|
let grd_hdr = sprintf "#ifndef %s\n#define %s\n\n" guard guard in
|
|
let inc_exp = "#include <stdint.h>\n\
|
|
#include <wchar.h>\n\
|
|
#include <stddef.h>\n\
|
|
#include \"sgx_edger8r.h\" /* for sgx_ocall etc. */\n\n" in
|
|
grd_hdr ^ inc_exp ^ inclist ^ "\n" ^ common_macros
|
|
|
|
|
|
(* Generate function prototype for functions used by `sizefunc' attribute. *)
|
|
let gen_sizefunc_proto out_chan (ec: enclave_content) =
|
|
let tfunc_decls = tf_list_to_fd_list ec.tfunc_decls in
|
|
let ufunc_decls = uf_list_to_fd_list ec.ufunc_decls in
|
|
|
|
let dict = Hashtbl.create 4 in
|
|
let get_sizefunc_proto s =
|
|
let (pt, ns) = Hashtbl.find dict s in
|
|
let tmpdeclr = { Ast.identifier = "val"; Ast.array_dims = ns; } in
|
|
sprintf "size_t %s(const %s);\n" s (get_typed_declr_str pt tmpdeclr)
|
|
in
|
|
|
|
let add_item (fname: string) (ty: Ast.atype * int list) =
|
|
try
|
|
let v = Hashtbl.find dict fname
|
|
in
|
|
if v <> ty then
|
|
failwithf "`%s' requires different parameter types" fname
|
|
with Not_found -> Hashtbl.add dict fname ty
|
|
in
|
|
let fill_dict (pd: Ast.pdecl) =
|
|
let (pt, declr) = pd in
|
|
match pt with
|
|
Ast.PTVal _ -> ()
|
|
| Ast.PTPtr(aty, pattr) ->
|
|
match pattr.Ast.pa_size.Ast.ps_sizefunc with
|
|
Some s -> add_item s (aty, declr.Ast.array_dims)
|
|
| _ -> ()
|
|
in
|
|
List.iter (fun (fd: Ast.func_decl) ->
|
|
List.iter fill_dict fd.Ast.plist) (tfunc_decls @ ufunc_decls);
|
|
Hashtbl.iter (fun x y ->
|
|
output_string out_chan (get_sizefunc_proto x)) dict;
|
|
output_string out_chan "\n"
|
|
|
|
(* Generate trusted header for enclave *)
|
|
let gen_trusted_header (ec: enclave_content) =
|
|
let header_fname = get_theader_name ec.file_shortnm in
|
|
let guard_macro = sprintf "%s_T_H__" (String.uppercase ec.enclave_name) in
|
|
let guard_code =
|
|
let include_list = gen_include_list (ec.include_list @ !trusted_headers) in
|
|
gen_theader_preemble guard_macro include_list in
|
|
let comp_def_list = List.map gen_comp_def ec.comp_defs in
|
|
let func_proto_list = List.map gen_func_proto (tf_list_to_fd_list ec.tfunc_decls) in
|
|
let func_tproxy_list= List.map gen_tproxy_proto (uf_list_to_fd_list ec.ufunc_decls) in
|
|
|
|
let out_chan = open_out header_fname in
|
|
output_string out_chan (guard_code ^ "\n");
|
|
List.iter (fun s -> output_string out_chan (s ^ "\n")) comp_def_list;
|
|
gen_sizefunc_proto out_chan ec;
|
|
List.iter (fun s -> output_string out_chan (s ^ ";\n")) func_proto_list;
|
|
output_string out_chan "\n";
|
|
List.iter (fun s -> output_string out_chan (s ^ ";\n")) func_tproxy_list;
|
|
output_string out_chan header_footer;
|
|
close_out out_chan
|
|
|
|
(* It generates function invocation expression. *)
|
|
let mk_parm_name_raw (pt: Ast.parameter_type) (declr: Ast.declarator) =
|
|
let cast_expr =
|
|
if Ast.is_array declr && List.length declr.Ast.array_dims > 1
|
|
then
|
|
let tystr = get_param_tystr pt in
|
|
let dims = get_array_dims (List.tl declr.Ast.array_dims) in
|
|
sprintf "(%s (*)%s)" tystr dims
|
|
else ""
|
|
in
|
|
cast_expr ^ mk_parm_accessor declr.Ast.identifier
|
|
|
|
(* We passed foreign array `foo_array_t foo' as `&foo[0]', thus we
|
|
* need to get back `foo' by '* array_ptr' where
|
|
* array_ptr = &foo[0]
|
|
*)
|
|
let add_foreign_array_ptrref
|
|
(f: Ast.parameter_type -> Ast.declarator -> string)
|
|
(pt: Ast.parameter_type)
|
|
(declr: Ast.declarator) =
|
|
let arg = f pt declr in
|
|
if is_foreign_array pt
|
|
then sprintf "(%s != NULL) ? (*%s) : NULL" arg arg
|
|
else arg
|
|
|
|
let mk_parm_name_ubridge (pt: Ast.parameter_type) (declr: Ast.declarator) =
|
|
add_foreign_array_ptrref mk_parm_name_raw pt declr
|
|
|
|
let mk_parm_name_ext (pt: Ast.parameter_type) (declr: Ast.declarator) =
|
|
let name = declr.Ast.identifier in
|
|
match pt with
|
|
Ast.PTVal _ -> mk_parm_name_raw pt declr
|
|
| Ast.PTPtr (_, attr) ->
|
|
match attr.Ast.pa_direction with
|
|
| Ast.PtrNoDirection -> mk_parm_name_raw pt declr
|
|
| _ -> mk_in_var name
|
|
|
|
let gen_func_invoking (fd: Ast.func_decl)
|
|
(mk_parm_name: Ast.parameter_type -> Ast.declarator -> string) =
|
|
let gen_parm_str pt declr =
|
|
let parm_name = mk_parm_name pt declr in
|
|
let tystr = get_param_tystr pt in
|
|
if is_const_ptr pt then sprintf "(const %s)%s" tystr parm_name else parm_name
|
|
in
|
|
match fd.Ast.plist with
|
|
[] -> sprintf "%s();" fd.Ast.fname
|
|
| (pt, (declr : Ast.declarator)) :: ps ->
|
|
sprintf "%s(%s);"
|
|
fd.Ast.fname
|
|
(let p0 = gen_parm_str pt declr in
|
|
List.fold_left (fun acc (pty, dlr) ->
|
|
acc ^ ", " ^ gen_parm_str pty dlr) p0 ps)
|
|
|
|
(* Generate untrusted bridge code for a given untrusted function. *)
|
|
let gen_func_ubridge (file_shortnm: string) (ufunc: Ast.untrusted_func) =
|
|
let fd = ufunc.Ast.uf_fdecl in
|
|
let propagate_errno = ufunc.Ast.uf_propagate_errno in
|
|
let func_open = sprintf "%s\n{\n" (mk_ubridge_proto file_shortnm fd.Ast.fname) in
|
|
let func_close = "\treturn SGX_SUCCESS;\n}\n" in
|
|
let set_errno = if propagate_errno then "\tms->ocall_errno = errno;" else "" in
|
|
let ms_struct_name = mk_ms_struct_name fd.Ast.fname in
|
|
let declare_ms_ptr = sprintf "%s* %s = SGX_CAST(%s*, %s);"
|
|
ms_struct_name
|
|
ms_struct_val
|
|
ms_struct_name
|
|
ms_ptr_name in
|
|
let call_with_pms =
|
|
let invoke_func = gen_func_invoking fd mk_parm_name_ubridge in
|
|
if fd.Ast.rtype = Ast.Void then invoke_func
|
|
else sprintf "%s = %s" (mk_parm_accessor retval_name) invoke_func
|
|
in
|
|
if (is_naked_func fd) && (propagate_errno = false) then
|
|
let check_pms =
|
|
sprintf "if (%s != NULL) return SGX_ERROR_INVALID_PARAMETER;" ms_ptr_name
|
|
in
|
|
sprintf "%s\t%s\n\t%s\n%s" func_open check_pms call_with_pms func_close
|
|
else
|
|
sprintf "%s\t%s\n\t%s\n%s\n%s" func_open declare_ms_ptr call_with_pms set_errno func_close
|
|
|
|
let fill_ms_field (isptr: bool) (pd: Ast.pdecl) =
|
|
let accessor = if isptr then "->" else "." in
|
|
let (pt, declr) = pd in
|
|
let param_name = declr.Ast.identifier in
|
|
let ms_member_name = mk_ms_member_name param_name in
|
|
let assignment_str (use_cast: bool) (aty: Ast.atype) =
|
|
let cast_str = if use_cast then sprintf "(%s)" (Ast.get_tystr aty) else ""
|
|
in
|
|
sprintf "%s%s%s = %s%s;" ms_struct_val accessor ms_member_name cast_str param_name
|
|
in
|
|
let gen_setup_foreign_array aty =
|
|
sprintf "%s%s%s = (%s *)&%s[0];"
|
|
ms_struct_val accessor ms_member_name (Ast.get_tystr aty) param_name
|
|
in
|
|
if declr.Ast.array_dims = [] then
|
|
match pt with
|
|
Ast.PTVal(aty) -> assignment_str false aty
|
|
| Ast.PTPtr(aty, pattr) ->
|
|
if pattr.Ast.pa_isary
|
|
then gen_setup_foreign_array aty
|
|
else
|
|
if pattr.Ast.pa_rdonly then assignment_str true aty
|
|
else assignment_str false aty
|
|
else
|
|
(* Arrays are passed by address. *)
|
|
let tystr = Ast.get_tystr (Ast.Ptr (Ast.get_param_atype pt)) in
|
|
sprintf "%s%s%s = (%s)%s;" ms_struct_val accessor ms_member_name tystr param_name
|
|
|
|
(* Generate untrusted proxy code for a given trusted function. *)
|
|
let gen_func_uproxy (fd: Ast.func_decl) (idx: int) (ec: enclave_content) =
|
|
let func_open =
|
|
gen_uproxy_com_proto fd ec.enclave_name ^
|
|
"\n{\n\tsgx_status_t status;\n"
|
|
in
|
|
let func_close = "\treturn status;\n}\n" in
|
|
let ocall_table_name = mk_ocall_table_name ec.enclave_name in
|
|
let ms_struct_name = mk_ms_struct_name fd.Ast.fname in
|
|
let declare_ms_expr = sprintf "%s %s;" ms_struct_name ms_struct_val in
|
|
let ocall_table_ptr =
|
|
sprintf "&%s" ocall_table_name in
|
|
|
|
(* Normal case - do ECALL with marshaling structure*)
|
|
let ecall_with_ms = sprintf "status = sgx_ecall(%s, %d, %s, &%s);"
|
|
eid_name idx ocall_table_ptr ms_struct_val in
|
|
|
|
(* Rare case - the trusted function doesn't have parameter nor return value.
|
|
* In this situation, no marshaling structure is required - passing in NULL.
|
|
*)
|
|
let ecall_null = sprintf "status = sgx_ecall(%s, %d, %s, NULL);"
|
|
eid_name idx ocall_table_ptr
|
|
in
|
|
let update_retval = sprintf "if (status == SGX_SUCCESS && %s) *%s = %s.%s;"
|
|
retval_name retval_name ms_struct_val ms_retval_name in
|
|
let func_body = ref [] in
|
|
if is_naked_func fd then
|
|
sprintf "%s\t%s\n%s" func_open ecall_null func_close
|
|
else
|
|
begin
|
|
func_body := declare_ms_expr :: !func_body;
|
|
List.iter (fun pd -> func_body := fill_ms_field false pd :: !func_body) fd.Ast.plist;
|
|
func_body := ecall_with_ms :: !func_body;
|
|
if fd.Ast.rtype <> Ast.Void then func_body := update_retval :: !func_body;
|
|
List.fold_left (fun acc s -> acc ^ "\t" ^ s ^ "\n") func_open (List.rev !func_body) ^ func_close
|
|
end
|
|
|
|
(* Generate an expression to check the pointers. *)
|
|
let mk_check_ptr (name: string) (lenvar: string) =
|
|
let checker = "CHECK_UNIQUE_POINTER"
|
|
in sprintf "\t%s(%s, %s);\n" checker name lenvar
|
|
|
|
(* Pointer to marshaling structure should never be NULL. *)
|
|
let mk_check_pms (fname: string) =
|
|
let lenvar = sprintf "sizeof(%s)" (mk_ms_struct_name fname)
|
|
in sprintf "\t%s(%s, %s);\n" "CHECK_REF_POINTER" ms_ptr_name lenvar
|
|
|
|
(* Generate code to get the size of the pointer. *)
|
|
let gen_ptr_size (ty: Ast.atype) (pattr: Ast.ptr_attr) (name: string) (get_parm: string -> string) =
|
|
let len_var = mk_len_var name in
|
|
let parm_name = get_parm name in
|
|
|
|
let mk_len_size v =
|
|
match v with
|
|
Ast.AString s -> get_parm s
|
|
| Ast.ANumber n -> sprintf "%d" n in
|
|
|
|
let mk_len_count v size_str =
|
|
match v with
|
|
Ast.AString s -> sprintf "%s * %s" (get_parm s) size_str
|
|
| Ast.ANumber n -> sprintf "%d * %s" n size_str in
|
|
|
|
let mk_len_sizefunc s = sprintf "((%s) ? %s(%s) : 0)" parm_name s parm_name in
|
|
|
|
(* Note, during the parsing stage, we already eliminated the case that
|
|
* user specified both 'size' and 'sizefunc' attribute.
|
|
*)
|
|
let do_attribute (pattr: Ast.ptr_attr) =
|
|
let do_ps_attribute (sattr: Ast.ptr_size) =
|
|
let size_str =
|
|
match sattr.Ast.ps_size with
|
|
Some a -> mk_len_size a
|
|
| None ->
|
|
match sattr.Ast.ps_sizefunc with
|
|
None -> sprintf "sizeof(*%s)" parm_name
|
|
| Some a -> mk_len_sizefunc a
|
|
in
|
|
match sattr.Ast.ps_count with
|
|
None -> size_str
|
|
| Some a -> mk_len_count a size_str
|
|
in
|
|
if pattr.Ast.pa_isstr then
|
|
sprintf "%s ? strlen(%s) + 1 : 0" parm_name parm_name
|
|
else if pattr.Ast.pa_iswstr then
|
|
sprintf "%s ? (wcslen(%s) + 1) * sizeof(wchar_t) : 0" parm_name parm_name
|
|
else
|
|
do_ps_attribute pattr.Ast.pa_size
|
|
in
|
|
sprintf "size_t %s = %s;\n"
|
|
len_var
|
|
(if pattr.Ast.pa_isary
|
|
then sprintf "sizeof(%s)" (Ast.get_tystr ty)
|
|
else do_attribute pattr)
|
|
|
|
(* Find the data type of a parameter. *)
|
|
let find_param_type (name: string) (plist: Ast.pdecl list) =
|
|
try
|
|
let (pt, _) = List.find (fun (pd: Ast.pdecl) ->
|
|
let (pt, declr) = pd
|
|
in declr.Ast.identifier = name) plist
|
|
in get_param_tystr pt
|
|
with
|
|
Not_found -> failwithf "parameter `%s' not found." name
|
|
|
|
(* Generate code to check the length of buffers. *)
|
|
let gen_check_tbridge_length_overflow (plist: Ast.pdecl list) =
|
|
let gen_check_length (ty: Ast.atype) (attr: Ast.ptr_attr) (declr: Ast.declarator) =
|
|
let name = declr.Ast.identifier in
|
|
let tmp_ptr_name= mk_tmp_var name in
|
|
|
|
let mk_len_size v =
|
|
match v with
|
|
Ast.AString s -> mk_tmp_var s
|
|
| Ast.ANumber n -> sprintf "%d" n in
|
|
|
|
let mk_len_sizefunc s = sprintf "((%s) ? %s(%s) : 0)" tmp_ptr_name s tmp_ptr_name in
|
|
|
|
let gen_check_overflow cnt size_str =
|
|
let if_statement =
|
|
match cnt with
|
|
Ast.AString s -> sprintf "\tif ((size_t)%s > (SIZE_MAX / %s)) {\n" (mk_tmp_var s) size_str
|
|
| Ast.ANumber n -> sprintf "\tif (%d > (SIZE_MAX / %s)) {\n" n size_str
|
|
in
|
|
sprintf "%s\t\tstatus = SGX_ERROR_INVALID_PARAMETER;\n\t\tgoto err;\n\t}" if_statement
|
|
in
|
|
let size_str =
|
|
match attr.Ast.pa_size.Ast.ps_size with
|
|
Some a -> mk_len_size a
|
|
| None ->
|
|
match attr.Ast.pa_size.Ast.ps_sizefunc with
|
|
None -> sprintf "sizeof(*%s)" tmp_ptr_name
|
|
| Some a -> mk_len_sizefunc a
|
|
in
|
|
match attr.Ast.pa_size.Ast.ps_count with
|
|
None -> ""
|
|
| Some a -> sprintf "%s\n\n" (gen_check_overflow a size_str)
|
|
in
|
|
List.fold_left
|
|
(fun acc (pty, declr) ->
|
|
match pty with
|
|
Ast.PTVal _ -> acc
|
|
| Ast.PTPtr(ty, attr) -> acc ^ gen_check_length ty attr declr) "" plist
|
|
|
|
(* Generate code to check all function parameters which are pointers. *)
|
|
let gen_check_tbridge_ptr_parms (plist: Ast.pdecl list) =
|
|
let gen_check_ptr (ty: Ast.atype) (pattr: Ast.ptr_attr) (declr: Ast.declarator) =
|
|
if not pattr.Ast.pa_chkptr then ""
|
|
else
|
|
let name = declr.Ast.identifier in
|
|
let len_var = mk_len_var name in
|
|
let parm_name = mk_tmp_var name in
|
|
if pattr.Ast.pa_chkptr
|
|
then mk_check_ptr parm_name len_var
|
|
else ""
|
|
in
|
|
let new_param_list = List.map conv_array_to_ptr plist
|
|
in
|
|
List.fold_left
|
|
(fun acc (pty, declr) ->
|
|
match pty with
|
|
Ast.PTVal _ -> acc
|
|
| Ast.PTPtr(ty, attr) -> acc ^ gen_check_ptr ty attr declr) "" new_param_list
|
|
|
|
(* If a foreign type is a readonly pointer, we cast it to 'void*' for memcpy() and free() *)
|
|
let mk_in_ptr_dst_name (rdonly: bool) (ptr_name: string) =
|
|
if rdonly then "(void*)" ^ ptr_name
|
|
else ptr_name
|
|
|
|
(* Generate the code to handle function pointer parameter direction,
|
|
* which is to be inserted before actually calling the trusted function.
|
|
*)
|
|
let gen_parm_ptr_direction_pre (plist: Ast.pdecl list) =
|
|
let clone_in_ptr (ty: Ast.atype) (attr: Ast.ptr_attr) (declr: Ast.declarator) =
|
|
let name = declr.Ast.identifier in
|
|
let is_ary = (Ast.is_array declr || attr.Ast.pa_isary) in
|
|
let in_ptr_name = mk_in_var name in
|
|
let in_ptr_type = sprintf "%s%s" (Ast.get_tystr ty) (if is_ary then "*" else "") in
|
|
let len_var = mk_len_var name in
|
|
let in_ptr_dst_name = mk_in_ptr_dst_name attr.Ast.pa_rdonly in_ptr_name in
|
|
let tmp_ptr_name= mk_tmp_var name in
|
|
|
|
let check_sizefunc_ptr (fn: string) =
|
|
sprintf "\t\t/* check whether the pointer is modified. */\n\
|
|
\t\tif (%s(%s) != %s) {\n\
|
|
\t\t\tstatus = SGX_ERROR_INVALID_PARAMETER;\n\
|
|
\t\t\tgoto err;\n\
|
|
\t\t}" fn in_ptr_name len_var
|
|
in
|
|
let malloc_and_copy pre_indent =
|
|
match attr.Ast.pa_direction with
|
|
Ast.PtrIn | Ast.PtrInOut ->
|
|
let code_template = [
|
|
sprintf "if (%s != NULL) {" tmp_ptr_name;
|
|
sprintf "\t%s = (%s)malloc(%s);" in_ptr_name in_ptr_type len_var;
|
|
sprintf "\tif (%s == NULL) {" in_ptr_name;
|
|
"\t\tstatus = SGX_ERROR_OUT_OF_MEMORY;";
|
|
"\t\tgoto err;";
|
|
"\t}\n";
|
|
sprintf "\tmemcpy(%s, %s, %s);" in_ptr_dst_name tmp_ptr_name len_var;
|
|
]
|
|
in
|
|
let s1 = List.fold_left (fun acc s -> acc ^ pre_indent ^ s ^ "\n") "" code_template in
|
|
let s2 =
|
|
if attr.Ast.pa_isstr
|
|
then sprintf "%s\t\t%s[%s - 1] = '\\0';\n" s1 in_ptr_name len_var
|
|
else if attr.Ast.pa_iswstr
|
|
then sprintf "%s\t\t%s[(%s - sizeof(wchar_t))/sizeof(wchar_t)] = (wchar_t)0;\n" s1 in_ptr_name len_var
|
|
else s1 in
|
|
let s3 =
|
|
match attr.Ast.pa_size.Ast.ps_sizefunc with
|
|
None -> s2
|
|
| Some s -> sprintf "%s\n%s\n" s2 (check_sizefunc_ptr(s))
|
|
in sprintf "%s\t}\n" s3
|
|
| Ast.PtrOut ->
|
|
let code_template = [
|
|
sprintf "if (%s != NULL) {" tmp_ptr_name;
|
|
sprintf "\tif ((%s = (%s)malloc(%s)) == NULL) {" in_ptr_name in_ptr_type len_var;
|
|
"\t\tstatus = SGX_ERROR_OUT_OF_MEMORY;";
|
|
"\t\tgoto err;";
|
|
"\t}\n";
|
|
sprintf "\tmemset((void*)%s, 0, %s);" in_ptr_name len_var;
|
|
"}"]
|
|
in
|
|
List.fold_left (fun acc s -> acc ^ pre_indent ^ s ^ "\n") "" code_template
|
|
| _ -> ""
|
|
in
|
|
malloc_and_copy "\t"
|
|
in List.fold_left
|
|
(fun acc (pty, declr) ->
|
|
match pty with
|
|
Ast.PTVal _ -> acc
|
|
| Ast.PTPtr (ty, attr) -> acc ^ clone_in_ptr ty attr declr) "" plist
|
|
|
|
(* Generate the code to handle function pointer parameter direction,
|
|
* which is to be inserted after finishing calling the trusted function.
|
|
*)
|
|
let gen_parm_ptr_direction_post (plist: Ast.pdecl list) =
|
|
let copy_and_free (attr: Ast.ptr_attr) (declr: Ast.declarator) =
|
|
let name = declr.Ast.identifier in
|
|
let in_ptr_name = mk_in_var name in
|
|
let len_var = mk_len_var name in
|
|
let in_ptr_dst_name = mk_in_ptr_dst_name attr.Ast.pa_rdonly in_ptr_name in
|
|
match attr.Ast.pa_direction with
|
|
Ast.PtrIn -> sprintf "\tif (%s) free(%s);\n" in_ptr_name in_ptr_dst_name
|
|
| Ast.PtrInOut | Ast.PtrOut ->
|
|
sprintf "\tif (%s) {\n\t\tmemcpy(%s, %s, %s);\n\t\tfree(%s);\n\t}\n"
|
|
in_ptr_name
|
|
(mk_tmp_var name)
|
|
in_ptr_name
|
|
len_var
|
|
in_ptr_name
|
|
| _ -> ""
|
|
in List.fold_left
|
|
(fun acc (pty, declr) ->
|
|
match pty with
|
|
Ast.PTVal _ -> acc
|
|
| Ast.PTPtr (ty, attr) -> acc ^ copy_and_free attr declr) "" plist
|
|
|
|
|
|
(* Generate an "err:" goto mark if necessary. *)
|
|
let gen_err_mark (plist: Ast.pdecl list) =
|
|
let has_inout_p (attr: Ast.ptr_attr): bool =
|
|
attr.Ast.pa_direction <> Ast.PtrNoDirection
|
|
in
|
|
if List.exists (fun (pt, name) ->
|
|
match pt with
|
|
Ast.PTVal _ -> false
|
|
| Ast.PTPtr(_, attr) -> has_inout_p attr) plist
|
|
then "err:"
|
|
else ""
|
|
|
|
(* It is used to save the parameters used as the value of size/count attribute. *)
|
|
let param_cache = Hashtbl.create 1
|
|
let is_in_param_cache s = Hashtbl.mem param_cache s
|
|
|
|
(* Try to generate a temporary value to save the size of the buffer. *)
|
|
let gen_tmp_size (pattr: Ast.ptr_attr) (plist: Ast.pdecl list) =
|
|
let do_gen_temp_var (s: string) =
|
|
if is_in_param_cache s then ""
|
|
else
|
|
let param_tystr = find_param_type s plist in
|
|
let tmp_var = mk_tmp_var s in
|
|
let parm_str = mk_parm_accessor s in
|
|
Hashtbl.add param_cache s true;
|
|
sprintf "\t%s %s = %s;\n" param_tystr tmp_var parm_str
|
|
in
|
|
let gen_temp_var (v: Ast.attr_value) =
|
|
match v with
|
|
Ast.ANumber _ -> ""
|
|
| Ast.AString s -> do_gen_temp_var s
|
|
in
|
|
let tmp_size_str =
|
|
match pattr.Ast.pa_size.Ast.ps_size with
|
|
Some v -> gen_temp_var v
|
|
| None -> ""
|
|
in
|
|
let tmp_count_str =
|
|
match pattr.Ast.pa_size.Ast.ps_count with
|
|
Some v -> gen_temp_var v
|
|
| None -> ""
|
|
in
|
|
sprintf "%s%s" tmp_size_str tmp_count_str
|
|
|
|
let is_ptr (pt: Ast.parameter_type) =
|
|
match pt with
|
|
Ast.PTVal _ -> false
|
|
| Ast.PTPtr _ -> true
|
|
|
|
let is_ptr_type (aty: Ast.atype) =
|
|
match aty with
|
|
Ast.Ptr _ -> true
|
|
| _ -> false
|
|
|
|
let ptr_has_direction (pt: Ast.parameter_type) =
|
|
match pt with
|
|
Ast.PTVal _ -> false
|
|
| Ast.PTPtr(_, a) -> a.Ast.pa_direction <> Ast.PtrNoDirection
|
|
|
|
let tbridge_mk_parm_name_ext (pt: Ast.parameter_type) (declr: Ast.declarator) =
|
|
if is_in_param_cache declr.Ast.identifier || (is_ptr pt && (not (is_foreign_array pt)))
|
|
then
|
|
if ptr_has_direction pt
|
|
then mk_in_var declr.Ast.identifier
|
|
else mk_tmp_var declr.Ast.identifier
|
|
else mk_parm_name_ext pt declr
|
|
|
|
let mk_parm_name_tbridge (pt: Ast.parameter_type) (declr: Ast.declarator) =
|
|
add_foreign_array_ptrref tbridge_mk_parm_name_ext pt declr
|
|
|
|
(* Generate local variables required for the trusted bridge. *)
|
|
let gen_tbridge_local_vars (plist: Ast.pdecl list) =
|
|
let status_var = "\tsgx_status_t status = SGX_SUCCESS;\n" in
|
|
let do_gen_local_var (ty: Ast.atype) (attr: Ast.ptr_attr) (name: string) =
|
|
let tmp_var =
|
|
(* Save a copy of pointer in case it might be modified in the marshaling structure. *)
|
|
sprintf "\t%s %s = %s;\n" (Ast.get_tystr ty) (mk_tmp_var name) (mk_parm_accessor name)
|
|
in
|
|
let len_var =
|
|
if not attr.Ast.pa_chkptr then ""
|
|
else gen_tmp_size attr plist ^ "\t" ^ gen_ptr_size ty attr name mk_tmp_var in
|
|
let in_ptr =
|
|
match attr.Ast.pa_direction with
|
|
Ast.PtrNoDirection -> ""
|
|
| _ -> sprintf "\t%s %s = NULL;\n" (Ast.get_tystr ty) (mk_in_var name)
|
|
in
|
|
tmp_var ^ len_var ^ in_ptr
|
|
in
|
|
let gen_local_var_for_foreign_array (ty: Ast.atype) (attr: Ast.ptr_attr) (name: string) =
|
|
let tystr = Ast.get_tystr ty in
|
|
let tmp_var =
|
|
sprintf "\t%s* %s = %s;\n" tystr (mk_tmp_var name) (mk_parm_accessor name)
|
|
in
|
|
let len_var = sprintf "\tsize_t %s = sizeof(%s);\n" (mk_len_var name) tystr
|
|
in
|
|
let in_ptr = sprintf "\t%s* %s = NULL;\n" tystr (mk_in_var name)
|
|
in
|
|
match attr.Ast.pa_direction with
|
|
Ast.PtrNoDirection -> ""
|
|
| _ -> tmp_var ^ len_var ^ in_ptr
|
|
in
|
|
let gen_local_var (pd: Ast.pdecl) =
|
|
let (pty, declr) = pd in
|
|
match pty with
|
|
Ast.PTVal _ -> ""
|
|
| Ast.PTPtr (ty, attr) ->
|
|
if is_foreign_array pty
|
|
then gen_local_var_for_foreign_array ty attr declr.Ast.identifier
|
|
else do_gen_local_var ty attr declr.Ast.identifier
|
|
in
|
|
let new_param_list = List.map conv_array_to_ptr plist
|
|
in
|
|
Hashtbl.clear param_cache;
|
|
List.fold_left (fun acc pd -> acc ^ gen_local_var pd) status_var new_param_list
|
|
|
|
(* It generates trusted bridge code for a trusted function. *)
|
|
let gen_func_tbridge (fd: Ast.func_decl) (dummy_var: string) =
|
|
let func_open = sprintf "static sgx_status_t SGX_CDECL %s(void* %s)\n{\n"
|
|
(mk_tbridge_name fd.Ast.fname)
|
|
ms_ptr_name in
|
|
let local_vars = gen_tbridge_local_vars fd.Ast.plist in
|
|
let func_close = "\treturn status;\n}\n" in
|
|
|
|
let ms_struct_name = mk_ms_struct_name fd.Ast.fname in
|
|
let declare_ms_ptr = sprintf "%s* %s = SGX_CAST(%s*, %s);"
|
|
ms_struct_name
|
|
ms_struct_val
|
|
ms_struct_name
|
|
ms_ptr_name in
|
|
|
|
let invoke_func = gen_func_invoking fd mk_parm_name_tbridge in
|
|
let update_retval = sprintf "%s = %s"
|
|
(mk_parm_accessor retval_name)
|
|
invoke_func in
|
|
|
|
if is_naked_func fd then
|
|
let check_pms =
|
|
sprintf "if (%s != NULL) return SGX_ERROR_INVALID_PARAMETER;" ms_ptr_name
|
|
in
|
|
sprintf "%s%s%s\t%s\n\t%s\n%s" func_open local_vars dummy_var check_pms invoke_func func_close
|
|
else
|
|
sprintf "%s\t%s\n%s\n%s%s%s\n%s\t%s\n%s\n%s\n%s"
|
|
func_open
|
|
declare_ms_ptr
|
|
local_vars
|
|
(gen_check_tbridge_length_overflow fd.Ast.plist)
|
|
(mk_check_pms fd.Ast.fname)
|
|
(gen_check_tbridge_ptr_parms fd.Ast.plist)
|
|
(gen_parm_ptr_direction_pre fd.Ast.plist)
|
|
(if fd.Ast.rtype <> Ast.Void then update_retval else invoke_func)
|
|
(gen_err_mark fd.Ast.plist)
|
|
(gen_parm_ptr_direction_post fd.Ast.plist)
|
|
func_close
|
|
|
|
let tproxy_fill_ms_field (pd: Ast.pdecl) =
|
|
let (pt, declr) = pd in
|
|
let name = declr.Ast.identifier in
|
|
let len_var = mk_len_var name in
|
|
let parm_accessor = mk_parm_accessor name in
|
|
match pt with
|
|
Ast.PTVal _ -> fill_ms_field true pd
|
|
| Ast.PTPtr(ty, attr) ->
|
|
let is_ary = (Ast.is_array declr || attr.Ast.pa_isary) in
|
|
let tystr = sprintf "%s%s" (get_param_tystr pt) (if is_ary then "*" else "") in
|
|
if is_ary && is_ptr_type ty then
|
|
sprintf "\n#pragma message(\"Pointer array `%s' in trusted proxy `\"\
|
|
__FUNCTION__ \"' is dangerous. No code generated.\")\n" name
|
|
else
|
|
let in_ptr_dst_name = mk_in_ptr_dst_name attr.Ast.pa_rdonly parm_accessor in
|
|
if not attr.Ast.pa_chkptr (* [user_check] specified *)
|
|
then sprintf "%s = SGX_CAST(%s, %s);" parm_accessor tystr name
|
|
else
|
|
match attr.Ast.pa_direction with
|
|
Ast.PtrOut ->
|
|
let code_template =
|
|
[sprintf "if (%s != NULL && sgx_is_within_enclave(%s, %s)) {" name name len_var;
|
|
sprintf "\t%s = (%s)__tmp;" parm_accessor tystr;
|
|
sprintf "\t__tmp = (void *)((size_t)__tmp + %s);" len_var;
|
|
sprintf "\tmemset(%s, 0, %s);" in_ptr_dst_name len_var;
|
|
sprintf "} else if (%s == NULL) {" name;
|
|
sprintf "\t%s = NULL;" parm_accessor;
|
|
"} else {";
|
|
"\tsgx_ocfree();";
|
|
"\treturn SGX_ERROR_INVALID_PARAMETER;";
|
|
"}"
|
|
]
|
|
in List.fold_left (fun acc s -> acc ^ s ^ "\n\t") "" code_template
|
|
| _ ->
|
|
let code_template =
|
|
[sprintf "if (%s != NULL && sgx_is_within_enclave(%s, %s)) {" name name len_var;
|
|
sprintf "\t%s = (%s)__tmp;" parm_accessor tystr;
|
|
sprintf "\t__tmp = (void *)((size_t)__tmp + %s);" len_var;
|
|
sprintf "\tmemcpy(%s, %s, %s);" in_ptr_dst_name name len_var;
|
|
sprintf "} else if (%s == NULL) {" name;
|
|
sprintf "\t%s = NULL;" parm_accessor;
|
|
"} else {";
|
|
"\tsgx_ocfree();";
|
|
"\treturn SGX_ERROR_INVALID_PARAMETER;";
|
|
"}"
|
|
]
|
|
in List.fold_left (fun acc s -> acc ^ s ^ "\n\t") "" code_template
|
|
|
|
(* Generate local variables required for the trusted proxy. *)
|
|
let gen_tproxy_local_vars (plist: Ast.pdecl list) =
|
|
let status_var = "sgx_status_t status = SGX_SUCCESS;\n" in
|
|
let do_gen_local_var (ty: Ast.atype) (attr: Ast.ptr_attr) (name: string) =
|
|
if not attr.Ast.pa_chkptr then ""
|
|
else "\t" ^ gen_ptr_size ty attr name (fun x -> x)
|
|
in
|
|
let gen_local_var (pd: Ast.pdecl) =
|
|
let (pty, declr) = pd in
|
|
match pty with
|
|
Ast.PTVal _ -> ""
|
|
| Ast.PTPtr (ty, attr) -> do_gen_local_var ty attr declr.Ast.identifier
|
|
in
|
|
let new_param_list = List.map conv_array_to_ptr plist
|
|
in
|
|
List.fold_left (fun acc pd -> acc ^ gen_local_var pd) status_var new_param_list
|
|
|
|
(* Generate only one ocalloc block required for the trusted proxy. *)
|
|
let gen_ocalloc_block (fname: string) (plist: Ast.pdecl list) =
|
|
let ms_struct_name = mk_ms_struct_name fname in
|
|
let local_vars_block = sprintf "%s* %s = NULL;\n\tsize_t ocalloc_size = sizeof(%s);\n\tvoid *__tmp = NULL;\n\n" ms_struct_name ms_struct_val ms_struct_name in
|
|
let count_ocalloc_size (ty: Ast.atype) (attr: Ast.ptr_attr) (name: string) =
|
|
if not attr.Ast.pa_chkptr then ""
|
|
else sprintf "\tocalloc_size += (%s != NULL && sgx_is_within_enclave(%s, %s)) ? %s : 0;\n" name name (mk_len_var name) (mk_len_var name)
|
|
in
|
|
let do_count_ocalloc_size (pd: Ast.pdecl) =
|
|
let (pty, declr) = pd in
|
|
match pty with
|
|
Ast.PTVal _ -> ""
|
|
| Ast.PTPtr (ty, attr) -> count_ocalloc_size ty attr declr.Ast.identifier
|
|
in
|
|
let do_gen_ocalloc_block = [
|
|
"\n\t__tmp = sgx_ocalloc(ocalloc_size);\n";
|
|
"\tif (__tmp == NULL) {\n";
|
|
"\t\tsgx_ocfree();\n";
|
|
"\t\treturn SGX_ERROR_UNEXPECTED;\n";
|
|
"\t}\n";
|
|
sprintf "\t%s = (%s*)__tmp;\n" ms_struct_val ms_struct_name;
|
|
sprintf "\t__tmp = (void *)((size_t)__tmp + sizeof(%s));\n" ms_struct_name;
|
|
]
|
|
in
|
|
let new_param_list = List.map conv_array_to_ptr plist
|
|
in
|
|
let s1 = List.fold_left (fun acc pd -> acc ^ do_count_ocalloc_size pd) local_vars_block new_param_list in
|
|
List.fold_left (fun acc s -> acc ^ s) s1 do_gen_ocalloc_block
|
|
|
|
(* Generate trusted proxy code for a given untrusted function. *)
|
|
let gen_func_tproxy (ufunc: Ast.untrusted_func) (idx: int) =
|
|
let fd = ufunc.Ast.uf_fdecl in
|
|
let propagate_errno = ufunc.Ast.uf_propagate_errno in
|
|
let func_open = sprintf "%s\n{\n" (gen_tproxy_proto fd) in
|
|
let local_vars = gen_tproxy_local_vars fd.Ast.plist in
|
|
let ocalloc_ms_struct = gen_ocalloc_block fd.Ast.fname fd.Ast.plist in
|
|
let gen_ocfree rtype plist =
|
|
if rtype = Ast.Void && plist = [] then "" else "\tsgx_ocfree();\n"
|
|
in
|
|
let handle_out_ptr plist =
|
|
let copy_memory (attr: Ast.ptr_attr) (declr: Ast.declarator) =
|
|
let name = declr.Ast.identifier in
|
|
match attr.Ast.pa_direction with
|
|
Ast.PtrInOut | Ast.PtrOut ->
|
|
sprintf "\tif (%s) memcpy((void*)%s, %s, %s);\n" name name (mk_parm_accessor name) (mk_len_var name)
|
|
| _ -> ""
|
|
in List.fold_left (fun acc (pty, declr) ->
|
|
match pty with
|
|
Ast.PTVal _ -> acc
|
|
| Ast.PTPtr(ty, attr) -> acc ^ copy_memory attr declr) "" plist in
|
|
|
|
let set_errno = if propagate_errno then "\terrno = ms->ocall_errno;" else "" in
|
|
let func_close = sprintf "%s%s\n%s%s\n"
|
|
(handle_out_ptr fd.Ast.plist)
|
|
set_errno
|
|
(gen_ocfree fd.Ast.rtype fd.Ast.plist)
|
|
"\treturn status;\n}" in
|
|
let ocall_null = sprintf "status = sgx_ocall(%d, NULL);\n" idx in
|
|
let ocall_with_ms = sprintf "status = sgx_ocall(%d, %s);\n"
|
|
idx ms_struct_val in
|
|
let update_retval = sprintf "if (%s) *%s = %s;"
|
|
retval_name retval_name (mk_parm_accessor retval_name) in
|
|
let func_body = ref [] in
|
|
if (is_naked_func fd) && (propagate_errno = false) then
|
|
sprintf "%s\t%s\t%s%s" func_open local_vars ocall_null func_close
|
|
else
|
|
begin
|
|
func_body := local_vars :: !func_body;
|
|
func_body := ocalloc_ms_struct:: !func_body;
|
|
List.iter (fun pd -> func_body := tproxy_fill_ms_field pd :: !func_body) fd.Ast.plist;
|
|
func_body := ocall_with_ms :: !func_body;
|
|
if fd.Ast.rtype <> Ast.Void then func_body := update_retval :: !func_body;
|
|
List.fold_left (fun acc s -> acc ^ "\t" ^ s ^ "\n") func_open (List.rev !func_body) ^ func_close
|
|
end
|
|
|
|
(* It generates OCALL table and the untrusted proxy to setup OCALL table. *)
|
|
let gen_ocall_table (ec: enclave_content) =
|
|
let func_proto_ubridge = List.map (fun (uf: Ast.untrusted_func) ->
|
|
let fd : Ast.func_decl = uf.Ast.uf_fdecl in
|
|
mk_ubridge_name ec.file_shortnm fd.Ast.fname)
|
|
ec.ufunc_decls in
|
|
let nr_ocall = List.length ec.ufunc_decls in
|
|
let ocall_table_name = mk_ocall_table_name ec.enclave_name in
|
|
let ocall_table =
|
|
let ocall_members =
|
|
List.fold_left
|
|
(fun acc proto -> acc ^ "\t\t(void*)" ^ proto ^ ",\n") "" func_proto_ubridge
|
|
in "\t{\n" ^ ocall_members ^ "\t}\n"
|
|
in
|
|
sprintf "static const struct {\n\
|
|
\tsize_t nr_ocall;\n\
|
|
\tvoid * table[%d];\n\
|
|
} %s = {\n\
|
|
\t%d,\n\
|
|
%s};\n" (max nr_ocall 1)
|
|
ocall_table_name
|
|
nr_ocall
|
|
(if nr_ocall <> 0 then ocall_table else "\t{ NULL },\n")
|
|
|
|
(* It generates untrusted code to be saved in a `.c' file. *)
|
|
let gen_untrusted_source (ec: enclave_content) =
|
|
let code_fname = get_usource_name ec.file_shortnm in
|
|
let include_hd = "#include \"" ^ get_uheader_short_name ec.file_shortnm ^ "\"\n" in
|
|
let include_errno = "#include <errno.h>\n" in
|
|
let uproxy_list =
|
|
List.map2 (fun fd ecall_idx -> gen_func_uproxy fd ecall_idx ec)
|
|
(tf_list_to_fd_list ec.tfunc_decls)
|
|
(Util.mk_seq 0 (List.length ec.tfunc_decls - 1))
|
|
in
|
|
let ubridge_list =
|
|
List.map (fun fd -> gen_func_ubridge ec.file_shortnm fd)
|
|
(ec.ufunc_decls) in
|
|
let out_chan = open_out code_fname in
|
|
output_string out_chan (include_hd ^ include_errno ^ "\n");
|
|
ms_writer out_chan ec;
|
|
List.iter (fun s -> output_string out_chan (s ^ "\n")) ubridge_list;
|
|
output_string out_chan (gen_ocall_table ec);
|
|
List.iter (fun s -> output_string out_chan (s ^ "\n")) uproxy_list;
|
|
close_out out_chan
|
|
|
|
(* It generates trusted code to be saved in a `.c' file. *)
|
|
let gen_trusted_source (ec: enclave_content) =
|
|
let code_fname = get_tsource_name ec.file_shortnm in
|
|
let include_hd = "#include \"" ^ get_theader_short_name ec.file_shortnm ^ "\"\n\n\
|
|
#include \"sgx_trts.h\" /* for sgx_ocalloc, sgx_is_outside_enclave */\n\n\
|
|
#include <errno.h>\n\
|
|
#include <string.h> /* for memcpy etc */\n\
|
|
#include <stdlib.h> /* for malloc/free etc */\n\
|
|
\n\
|
|
#define CHECK_REF_POINTER(ptr, siz) do {\t\\\n\
|
|
\tif (!(ptr) || ! sgx_is_outside_enclave((ptr), (siz)))\t\\\n\
|
|
\t\treturn SGX_ERROR_INVALID_PARAMETER;\\\n\
|
|
} while (0)\n\
|
|
\n\
|
|
#define CHECK_UNIQUE_POINTER(ptr, siz) do {\t\\\n\
|
|
\tif ((ptr) && ! sgx_is_outside_enclave((ptr), (siz)))\t\\\n\
|
|
\t\treturn SGX_ERROR_INVALID_PARAMETER;\\\n\
|
|
} while (0)\n\
|
|
\n" in
|
|
let trusted_fds = tf_list_to_fd_list ec.tfunc_decls in
|
|
let tbridge_list =
|
|
let dummy_var = tbridge_gen_dummy_variable ec in
|
|
List.map (fun tfd -> gen_func_tbridge tfd dummy_var) trusted_fds in
|
|
let ecall_table = gen_ecall_table ec.tfunc_decls in
|
|
let entry_table = gen_entry_table ec in
|
|
let tproxy_list = List.map2
|
|
(fun fd idx -> gen_func_tproxy fd idx)
|
|
(ec.ufunc_decls)
|
|
(Util.mk_seq 0 (List.length ec.ufunc_decls - 1)) in
|
|
let out_chan = open_out code_fname in
|
|
output_string out_chan (include_hd ^ "\n");
|
|
ms_writer out_chan ec;
|
|
List.iter (fun s -> output_string out_chan (s ^ "\n")) tbridge_list;
|
|
output_string out_chan (ecall_table ^ "\n");
|
|
output_string out_chan (entry_table ^ "\n");
|
|
output_string out_chan "\n";
|
|
List.iter (fun s -> output_string out_chan (s ^ "\n")) tproxy_list;
|
|
close_out out_chan
|
|
|
|
(* We use a stack to keep record of imported files.
|
|
*
|
|
* A file will be pushed to the stack before we parsing it,
|
|
* and we will pop the stack after each `parse_import_file'.
|
|
*)
|
|
let already_read = SimpleStack.create ()
|
|
let save_file fullpath =
|
|
if SimpleStack.mem fullpath already_read
|
|
then failwithf "detected circled import for `%s'" fullpath
|
|
else SimpleStack.push fullpath already_read
|
|
|
|
(* The entry point of the Edger8r parser front-end.
|
|
* ------------------------------------------------
|
|
*)
|
|
let start_parsing (fname: string) : Ast.enclave =
|
|
let set_initial_pos lexbuf filename =
|
|
lexbuf.Lexing.lex_curr_p <- {
|
|
lexbuf.Lexing.lex_curr_p with Lexing.pos_fname = fname;
|
|
}
|
|
in
|
|
try
|
|
let chan =
|
|
let fullpath = Util.get_file_path fname
|
|
in save_file fullpath; open_in fullpath in
|
|
let lexbuf = Lexing.from_channel chan in
|
|
try
|
|
set_initial_pos lexbuf fname;
|
|
let e : Ast.enclave = Parser.start_parsing Lexer.tokenize lexbuf in
|
|
let short_name = Util.get_short_name fname in
|
|
if short_name = ""
|
|
then (eprintf "error: %s: file short name is empty\n" fname; exit 1;)
|
|
else
|
|
let res = { e with Ast.ename = short_name } in
|
|
if Util.is_c_identifier short_name then res
|
|
else (eprintf "warning: %s: file short name `%s' is not a valid C identifier\n" fname short_name; res)
|
|
with exn -> close_in chan;
|
|
begin match exn with
|
|
| Parsing.Parse_error ->
|
|
let curr = lexbuf.Lexing.lex_curr_p in
|
|
let line = curr.Lexing.pos_lnum in
|
|
let cnum = curr.Lexing.pos_cnum - curr.Lexing.pos_bol in
|
|
let tok = Lexing.lexeme lexbuf in
|
|
failwithf "%s:%d:%d: unexpected token: %s\n" fname line cnum tok
|
|
| _ -> raise exn
|
|
end
|
|
with Sys_error s -> failwithf "%s\n" s
|
|
|
|
(* Check duplicated ECALL/OCALL names.
|
|
*
|
|
* This is a pretty simple implementation - to improve it, the
|
|
* location information of each token should be carried to AST.
|
|
*)
|
|
let check_duplication (ec: enclave_content) =
|
|
let dict = Hashtbl.create 10 in
|
|
let trusted_fds = tf_list_to_fd_list ec.tfunc_decls in
|
|
let untrusted_fds = uf_list_to_fd_list ec.ufunc_decls in
|
|
let check_and_add fname =
|
|
if Hashtbl.mem dict fname then
|
|
failwithf "Multiple definition of function \"%s\" detected." fname
|
|
else
|
|
Hashtbl.add dict fname true
|
|
in
|
|
List.iter (fun (fd: Ast.func_decl) ->
|
|
check_and_add fd.Ast.fname) (trusted_fds @ untrusted_fds)
|
|
|
|
(* For each untrusted functions, check that allowed ECALL does exist. *)
|
|
let check_allow_list (ec: enclave_content) =
|
|
let trusted_func_names = get_trusted_func_names ec in
|
|
let do_check_allow_list fname allowed_ecalls =
|
|
List.iter (fun trusted_func ->
|
|
if List.exists (fun x -> x = trusted_func) trusted_func_names
|
|
then ()
|
|
else
|
|
failwithf "\"%s\" declared to allow unknown function \"%s\"."
|
|
fname trusted_func) allowed_ecalls
|
|
in
|
|
List.iter (fun (uf: Ast.untrusted_func) ->
|
|
let fd = uf.Ast.uf_fdecl in
|
|
let allowed_ecalls = uf.Ast.uf_allow_list in
|
|
do_check_allow_list fd.Ast.fname allowed_ecalls) ec.ufunc_decls
|
|
|
|
(* Report private ECALL not used in any "allow(...)" expression. *)
|
|
let report_orphaned_priv_ecall (ec: enclave_content) =
|
|
let priv_ecall_names = get_priv_ecall_names ec.tfunc_decls in
|
|
let allowed_names = get_allowed_names ec.ufunc_decls in
|
|
let check_ecall n = if List.mem n allowed_names then ()
|
|
else eprintf "warning: private ECALL `%s' is not used by any OCALL\n" n
|
|
in
|
|
List.iter check_ecall priv_ecall_names
|
|
|
|
(* Check that there is at least one public ECALL function. *)
|
|
let check_priv_funcs (ec: enclave_content) =
|
|
let priv_bits = tf_list_to_priv_list ec.tfunc_decls in
|
|
if List.for_all (fun is_priv -> is_priv) priv_bits
|
|
then failwithf "the enclave `%s' contains no public root ECALL.\n" ec.file_shortnm
|
|
else report_orphaned_priv_ecall ec
|
|
|
|
(* When generating edge-routines, it need first to check whether there
|
|
* are `import' expressions inside EDL. If so, it will parse the given
|
|
* importing file to get an `enclave_content' record, recursively.
|
|
*
|
|
* `ec' is the toplevel `enclave_content' record.
|
|
|
|
* Here, a tree reduce algorithm is used. `ec' is the root-node, each
|
|
* `import' expression is considerred as a children.
|
|
*)
|
|
let reduce_import (ec: enclave_content) =
|
|
let combine (ec1: enclave_content) (ec2: enclave_content) =
|
|
{ ec1 with
|
|
include_list = ec1.include_list @ ec2.include_list;
|
|
import_exprs = [];
|
|
comp_defs = ec1.comp_defs @ ec2.comp_defs;
|
|
tfunc_decls = ec1.tfunc_decls @ ec2.tfunc_decls;
|
|
ufunc_decls = ec1.ufunc_decls @ ec2.ufunc_decls; }
|
|
in
|
|
let parse_import_file fname =
|
|
let ec = parse_enclave_ast (start_parsing fname)
|
|
in
|
|
match ec.import_exprs with
|
|
[] -> (SimpleStack.pop already_read |> ignore; ec )
|
|
| _ -> ec
|
|
in
|
|
let check_funs funcs (ec: enclave_content) =
|
|
(* Check whether `funcs' are listed in `ec'. It returns a
|
|
production (x, y), where:
|
|
x - functions not listed in `ec';
|
|
y - a new `ec' that contains functions from `funcs' listed in `ec'.
|
|
*)
|
|
let enclave_funcs =
|
|
let trusted_func_names = get_trusted_func_names ec in
|
|
let untrusted_func_names = get_untrusted_func_names ec in
|
|
trusted_func_names @ untrusted_func_names
|
|
in
|
|
let in_ec_def name = List.exists (fun x -> x = name) enclave_funcs in
|
|
let in_import_list name = List.exists (fun x -> x = name) funcs in
|
|
let x = List.filter (fun name -> not (in_ec_def name)) funcs in
|
|
let y =
|
|
{ empty_ec with
|
|
tfunc_decls = List.filter (fun tf ->
|
|
in_import_list (get_tf_fname tf)) ec.tfunc_decls;
|
|
ufunc_decls = List.filter (fun uf ->
|
|
in_import_list (get_uf_fname uf)) ec.ufunc_decls; }
|
|
in (x, y)
|
|
in
|
|
(* Import functions listed in `funcs' from `importee'. *)
|
|
let rec import_funcs (funcs: string list) (importee: enclave_content) =
|
|
(* A `*' means importing all the functions. *)
|
|
if List.exists (fun x -> x = "*") funcs
|
|
then
|
|
List.fold_left (fun acc (ipd: Ast.import_decl) ->
|
|
let next_ec = parse_import_file ipd.Ast.mname
|
|
in combine acc (import_funcs ipd.Ast.flist next_ec)) importee importee.import_exprs
|
|
else
|
|
let (x, y) = check_funs funcs importee
|
|
in
|
|
if x = [] then y (* Resolved all importings *)
|
|
else
|
|
match importee.import_exprs with
|
|
[] -> failwithf "import failed - functions `%s' not found" (List.hd x)
|
|
| ex -> List.fold_left (fun acc (ipd: Ast.import_decl) ->
|
|
let next_ec = parse_import_file ipd.Ast.mname
|
|
in combine acc (import_funcs x next_ec)) y ex
|
|
in
|
|
import_funcs ["*"] ec
|
|
|
|
(* Generate the Enclave code. *)
|
|
let gen_enclave_code (e: Ast.enclave) (ep: edger8r_params) =
|
|
let ec = reduce_import (parse_enclave_ast e) in
|
|
g_use_prefix := ep.use_prefix;
|
|
g_untrusted_dir := ep.untrusted_dir;
|
|
g_trusted_dir := ep.trusted_dir;
|
|
create_dir ep.untrusted_dir;
|
|
create_dir ep.trusted_dir;
|
|
check_duplication ec;
|
|
check_allow_list ec;
|
|
(if not ep.header_only then check_priv_funcs ec);
|
|
(if ep.gen_untrusted then (gen_untrusted_header ec; if not ep.header_only then gen_untrusted_source ec));
|
|
(if ep.gen_trusted then (gen_trusted_header ec; if not ep.header_only then gen_trusted_source ec))
|