[incubator-teaclave-sgx-sdk] 01/01: feat: new feature gate `initenv` to disable env ocalls on demand

Tue, 29 Mar 2022 16:38:03 -0700 

This is an automated email from the ASF dual-hosted git repository.

dingyu pushed a commit to branch feat-std-feature-gate-initenv
in repository https://gitbox.apache.org/repos/asf/incubator-teaclave-sgx-sdk.git

commit 196ef144da7113d7b1c32eb7fa46135674948e50
Author: Yu Ding <[email protected]>
AuthorDate: Tue Mar 29 16:37:41 2022 -0700

    feat: new feature gate `initenv` to disable env ocalls on demand
---
 sgx_tstd/Cargo.toml     |  3 ++-
 sgx_tstd/src/rt.rs      | 43 ++++++++++++++++++++++++-------------------
 sgx_tstd/src/sys/mod.rs |  6 +++++-
 3 files changed, 31 insertions(+), 21 deletions(-)

diff --git a/sgx_tstd/Cargo.toml b/sgx_tstd/Cargo.toml
index e87b504..aa1604b 100644
--- a/sgx_tstd/Cargo.toml
+++ b/sgx_tstd/Cargo.toml
@@ -30,11 +30,12 @@ name = "sgx_tstd"
 crate-type = ["rlib"]
 
 [features]
-default = ["stdio"]
+default = ["stdio", "initenv"]
 backtrace = ["stdio", "sgx_backtrace_sys", "sgx_demangle"]
 stdio = []
 net = []
 pipe = []
+initenv = []
 thread = ["sgx_trts/thread"]
 untrusted_fs = []
 untrusted_time = []
diff --git a/sgx_tstd/src/rt.rs b/sgx_tstd/src/rt.rs
index 867c74d..628150e 100644
--- a/sgx_tstd/src/rt.rs
+++ b/sgx_tstd/src/rt.rs
@@ -25,6 +25,7 @@ pub use crate::sys_common::at_exit;
 pub use core::panicking::{panic_display, panic_fmt};
 
 use crate::enclave::Enclave;
+#[cfg(feature = "initenv")]
 use crate::ffi::CString;
 use crate::slice;
 use crate::str;
@@ -145,6 +146,7 @@ static INIT: Once = Once::new();
 static EXIT: Once = Once::new();
 
 #[no_mangle]
+#[allow(unused)]
 unsafe extern "C" fn global_init_ecall(
     eid: u64,
     path: *const u8,
@@ -164,26 +166,29 @@ unsafe extern "C" fn global_init_ecall(
             }
         }
 
-        let parse_vec = |ptr: *const u8, len: usize| -> Vec<CString> {
-            if !ptr.is_null() && len > 0 {
-                let buf = slice::from_raw_parts(ptr, len);
-                buf.split(|&c| c == 0)
-                    .filter_map(|bytes| {
-                        if !bytes.is_empty() {
-                            CString::new(bytes).ok()
-                        } else {
-                            None
-                        }
-                    })
-                    .collect()
-            } else {
-                Vec::new()
-            }
-        };
+        #[cfg(feature = "initenv")]
+        {
+            let parse_vec = |ptr: *const u8, len: usize| -> Vec<CString> {
+                if !ptr.is_null() && len > 0 {
+                    let buf = slice::from_raw_parts(ptr, len);
+                    buf.split(|&c| c == 0)
+                        .filter_map(|bytes| {
+                            if !bytes.is_empty() {
+                                CString::new(bytes).ok()
+                            } else {
+                                None
+                            }
+                        })
+                        .collect()
+                } else {
+                    Vec::new()
+                }
+            };
 
-        let env = parse_vec(env, env_len);
-        let args = parse_vec(args, args_len);
-        sys::init(env, args);
+            let env = parse_vec(env, env_len);
+            let args = parse_vec(args, args_len);
+            sys::init(env, args);
+        }
     });
 }
 
diff --git a/sgx_tstd/src/sys/mod.rs b/sgx_tstd/src/sys/mod.rs
index a517845..5dbb2e3 100644
--- a/sgx_tstd/src/sys/mod.rs
+++ b/sgx_tstd/src/sys/mod.rs
@@ -15,10 +15,13 @@
 // specific language governing permissions and limitations
 // under the License..
 
+#[cfg(feature = "initenv")]
 use crate::ffi::CString;
 use crate::io::ErrorKind;
 
-use sgx_oc::ocall::{self, OCallResult};
+#[cfg(feature = "initenv")]
+use sgx_oc::ocall;
+use sgx_oc::ocall::OCallResult;
 use sgx_oc as libc;
 use sgx_trts::error::abort;
 
@@ -59,6 +62,7 @@ pub mod unsupported;
 
 // SAFETY: must be called only once during runtime initialization.
 // NOTE: this is not guaranteed to run, for example when Rust code is called 
externally.
+#[cfg(feature = "initenv")]
 pub unsafe fn init(env: Vec<CString>, args: Vec<CString>) {
     let _ = ocall::initenv(Some(env));
     let _ = ocall::initargs(Some(args));

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to