This is an automated email from the ASF dual-hosted git repository. rduan pushed a commit to branch revert-394-intel-2.17 in repository https://gitbox.apache.org/repos/asf/incubator-teaclave-sgx-sdk.git
commit 55b8333b46280d86fe1f4aa45ae2026dc3715c69 Author: volcano <[email protected]> AuthorDate: Tue Jun 28 10:49:23 2022 +0800 Revert "Support Intel SGX SDK 2.17 and DCAP 1.14" This reverts commit 4888ed855078bbe95df3dbda9c42841848e9143f. --- .gitignore | 5 +- buildenv.mk | 2 - common/inc/mbusafecrt.h | 2 - common/inc/string.h | 4 -- dockerfile/02_binutils.sh | 2 +- dockerfile/03_sdk.sh | 4 +- dockerfile/Dockerfile.1804.nightly | 6 +- dockerfile/Dockerfile.2004.nightly | 6 +- dockerfile/Dockerfile.centos8.nightly | 4 +- sgx_trts/src/enclave.rs | 9 +-- sgx_types/src/function.rs | 19 ----- sgx_types/src/types.rs | 126 +--------------------------------- 12 files changed, 16 insertions(+), 173 deletions(-) diff --git a/.gitignore b/.gitignore index 64b8cb63..32335406 100644 --- a/.gitignore +++ b/.gitignore @@ -4,9 +4,6 @@ Cargo.lock #object file *.o -#app -app - #library *.a @@ -36,7 +33,6 @@ bazel-testlogs #libunwind sgx_unwind/libunwind/INSTALL -sgx_unwind/libunwind/m4/* sgx_unwind/libunwind/config/* sgx_unwind/libunwind/include/config.h.* sgx_unwind/libunwind/Makefile.in @@ -44,3 +40,4 @@ sgx_unwind/libunwind/aclocal.m4 sgx_unwind/libunwind/autom4te.cache/* sgx_unwind/libunwind/configure sgx_unwind/libunwind/src/Makefile.in +sgx_unwind/libunwind/m4/* diff --git a/buildenv.mk b/buildenv.mk index 146649cf..c8349889 100644 --- a/buildenv.mk +++ b/buildenv.mk @@ -72,8 +72,6 @@ else COMMON_FLAGS += -O2 -D_FORTIFY_SOURCE=2 -UDEBUG -DNDEBUG endif -COMMON_FLAGS += -ffunction-sections -fdata-sections - # turn on compiler warnings as much as possible COMMON_FLAGS += -Wall -Wextra -Winit-self -Wpointer-arith -Wreturn-type \ -Waddress -Wsequence-point -Wformat-security \ diff --git a/common/inc/mbusafecrt.h b/common/inc/mbusafecrt.h index 91d888b3..3bdfe7ae 100644 --- a/common/inc/mbusafecrt.h +++ b/common/inc/mbusafecrt.h @@ -74,9 +74,7 @@ extern int _vswprintf_s( WCHAR* string, size_t sizeInWords, const WCHAR* format, extern int _vsnwprintf_s( WCHAR* string, size_t sizeInWords, size_t count, const WCHAR* format, va_list arglist ); extern errno_t memcpy_s( void * dst, size_t sizeInBytes, const void * src, size_t count ); -extern errno_t memcpy_verw_s( void * dst, size_t sizeInBytes, const void * src, size_t count ); extern errno_t memmove_s( void * dst, size_t sizeInBytes, const void * src, size_t count ); -extern errno_t memmove_verw_s( void * dst, size_t sizeInBytes, const void * src, size_t count ); #ifdef __cplusplus } diff --git a/common/inc/string.h b/common/inc/string.h index 1140fcc5..0cc7206e 100644 --- a/common/inc/string.h +++ b/common/inc/string.h @@ -61,11 +61,8 @@ __BEGIN_DECLS void * _TLIBC_CDECL_ memchr(const void *, int, size_t); int _TLIBC_CDECL_ memcmp(const void *, const void *, size_t); void * _TLIBC_CDECL_ memcpy(void *, const void *, size_t); -void * _TLIBC_CDECL_ memcpy_verw(void *, const void *, size_t); void * _TLIBC_CDECL_ memmove(void *, const void *, size_t); -void * _TLIBC_CDECL_ memmove_verw(void *, const void *, size_t); void * _TLIBC_CDECL_ memset(void *, int, size_t); -void * _TLIBC_CDECL_ memset_verw(void *, int, size_t); char * _TLIBC_CDECL_ strchr(const char *, int); int _TLIBC_CDECL_ strcmp(const char *, const char *); int _TLIBC_CDECL_ strcoll(const char *, const char *); @@ -83,7 +80,6 @@ char * _TLIBC_CDECL_ strtok(char *, const char *); size_t _TLIBC_CDECL_ strxfrm(char *, const char *, size_t); size_t _TLIBC_CDECL_ strlcpy(char *, const char *, size_t); errno_t _TLIBC_CDECL_ memset_s(void *s, size_t smax, int c, size_t n); -errno_t _TLIBC_CDECL_ memset_verw_s(void *s, size_t smax, int c, size_t n); /* * Deprecated C99. diff --git a/dockerfile/02_binutils.sh b/dockerfile/02_binutils.sh index bf52603c..eb4ed9c9 100644 --- a/dockerfile/02_binutils.sh +++ b/dockerfile/02_binutils.sh @@ -1,7 +1,7 @@ if [ $BINUTILS_DIST != "SELF_BUILT" ] then cd /root && \ - wget https://download.01.org/intel-sgx/sgx-linux/2.17/as.ld.objdump.r4.tar.gz && \ + wget https://download.01.org/intel-sgx/sgx-linux/2.16/as.ld.objdump.r4.tar.gz && \ tar xzf as.ld.objdump.r4.tar.gz && \ cp -r external/toolset/$BINUTILS_DIST/* /usr/bin/ && \ rm -rf ./external ./as.ld.objdump.r4.tar.gz diff --git a/dockerfile/03_sdk.sh b/dockerfile/03_sdk.sh index f5ff31d8..bc4e5a28 100644 --- a/dockerfile/03_sdk.sh +++ b/dockerfile/03_sdk.sh @@ -10,10 +10,10 @@ else cd /root && \ git clone --recursive https://github.com/intel/linux-sgx && \ cd linux-sgx && \ - git checkout sgx_2.17 && \ + git checkout sgx_2.16 && \ ./download_prebuilt.sh && \ make -j "$(nproc)" sdk_install_pkg && \ - echo -e 'no\n/opt' | ./linux/installer/bin/sgx_linux_x64_sdk_2.17.100.3.bin && \ + echo -e 'no\n/opt' | ./linux/installer/bin/sgx_linux_x64_sdk_2.16.100.4.bin && \ echo 'source /opt/sgxsdk/environment' >> /root/.bashrc && \ cd /root && \ rm -rf /root/linux-sgx diff --git a/dockerfile/Dockerfile.1804.nightly b/dockerfile/Dockerfile.1804.nightly index 7b7d5f65..7618c980 100644 --- a/dockerfile/Dockerfile.1804.nightly +++ b/dockerfile/Dockerfile.1804.nightly @@ -15,7 +15,7 @@ ADD 02_binutils.sh /root RUN bash /root/02_binutils.sh ENV SDK_DIST="INTEL_BUILT" -ENV SDK_URL="https://download.01.org/intel-sgx/sgx-linux/2.17/distro/ubuntu18.04-server/sgx_linux_x64_sdk_2.17.100.3.bin"; +ENV SDK_URL="https://download.01.org/intel-sgx/sgx-linux/2.16/distro/ubuntu18.04-server/sgx_linux_x64_sdk_2.16.100.4.bin"; #ENV SDK_DIST="SELF_BUILT" ADD 03_sdk.sh /root RUN bash /root/03_sdk.sh @@ -23,8 +23,8 @@ RUN bash /root/03_sdk.sh # Sixth, PSW ENV CODENAME bionic -ENV VERSION 2.17.100.3-bionic1 -ENV DCAP_VERSION 1.14.100.3-bionic1 +ENV VERSION 2.16.100.4-bionic1 +ENV DCAP_VERSION 1.13.100.4-bionic1 ADD 04_psw.sh /root RUN bash /root/04_psw.sh diff --git a/dockerfile/Dockerfile.2004.nightly b/dockerfile/Dockerfile.2004.nightly index a0b37c7d..62036705 100644 --- a/dockerfile/Dockerfile.2004.nightly +++ b/dockerfile/Dockerfile.2004.nightly @@ -19,15 +19,15 @@ RUN bash /root/02_binutils.sh #ENV SDK_DIST="SELF_BUILT" ENV SDK_DIST="INTEL_BUILT" -ENV SDK_URL="https://download.01.org/intel-sgx/sgx-linux/2.17/distro/ubuntu20.04-server/sgx_linux_x64_sdk_2.17.100.3.bin"; +ENV SDK_URL="https://download.01.org/intel-sgx/sgx-linux/2.16/distro/ubuntu20.04-server/sgx_linux_x64_sdk_2.16.100.4.bin"; ADD 03_sdk.sh /root RUN bash /root/03_sdk.sh # Sixth, PSW ENV CODENAME focal -ENV VERSION 2.17.100.3-focal1 -ENV DCAP_VERSION 1.14.100.3-focal1 +ENV VERSION 2.16.100.4-focal1 +ENV DCAP_VERSION 1.13.100.4-focal1 ADD 04_psw.sh /root RUN bash /root/04_psw.sh diff --git a/dockerfile/Dockerfile.centos8.nightly b/dockerfile/Dockerfile.centos8.nightly index 8439ac73..939f9484 100644 --- a/dockerfile/Dockerfile.centos8.nightly +++ b/dockerfile/Dockerfile.centos8.nightly @@ -13,12 +13,12 @@ ADD 02_binutils.sh /root RUN bash /root/02_binutils.sh ENV SDK_DIST="INTEL_BUILT" -ENV SDK_URL="https://download.01.org/intel-sgx/sgx-linux/2.17/distro/centos-stream/sgx_linux_x64_sdk_2.17.100.3.bin"; +ENV SDK_URL="https://download.01.org/intel-sgx/sgx-linux/2.16/distro/centos-stream/sgx_linux_x64_sdk_2.16.100.4.bin"; #ENV SDK_DIST="SELF_BUILT" ADD 03_sdk.sh /root RUN bash /root/03_sdk.sh -ENV PSW_REPO="https://download.01.org/intel-sgx/sgx-linux/2.17/distro/centos-stream/sgx_rpm_local_repo.tgz"; +ENV PSW_REPO="https://download.01.org/intel-sgx/sgx-linux/2.16/distro/centos-stream/sgx_rpm_local_repo.tgz"; ADD 04_psw_rpm.sh /root RUN bash /root/04_psw_rpm.sh diff --git a/sgx_trts/src/enclave.rs b/sgx_trts/src/enclave.rs index 374fbb18..76f510fe 100644 --- a/sgx_trts/src/enclave.rs +++ b/sgx_trts/src/enclave.rs @@ -52,7 +52,6 @@ pub struct global_data_t { pub rsrv_executable: usize, pub thread_policy: usize, pub tcs_max_num: usize, - pub tcs_num: usize, pub td_template: thread_data_t, pub tcs_template: [u8; TCS_TEMPLATE_SIZE], pub layout_entry_num: u32, @@ -560,13 +559,7 @@ pub fn rsgx_get_global_data() -> *const global_data_t { /// #[inline] pub fn rsgx_get_tcs_max_num() -> u32 { - unsafe { - if EDMM_supported != 0 { - g_global_data.tcs_max_num as u32 - } else { - g_global_data.tcs_num as u32 - } - } + unsafe { g_global_data.tcs_max_num as u32 } } #[allow(clippy::collapsible_if, clippy::nonminimal_bool)] diff --git a/sgx_types/src/function.rs b/sgx_types/src/function.rs index 025c4a04..900e64d4 100644 --- a/sgx_types/src/function.rs +++ b/sgx_types/src/function.rs @@ -1022,16 +1022,6 @@ extern "C" { pub fn sgx_ql_free_quote_verification_collateral( p_quote_collateral: *const sgx_ql_qve_collateral_t, ) -> sgx_quote3_error_t; - /* intel DCAP 1.14 */ - pub fn tdx_ql_get_quote_verification_collateral( - fmspc: *const uint8_t, - fmspc_size: u16, - pck_ra: *const c_char, - pp_quote_collateral: *mut *mut tdx_ql_qve_collateral_t, - ) -> sgx_quote3_error_t; - pub fn tdx_ql_free_quote_verification_collateral( - p_quote_collateral: *const sgx_ql_qve_collateral_t, - ) -> sgx_quote3_error_t; pub fn sgx_ql_get_qve_identity( pp_qve_identity: *mut *mut c_char, p_qve_identity_size: *mut uint32_t, @@ -1079,15 +1069,6 @@ extern "C" { p_tcbinfo_size: *mut uint16_t, ) -> sgx_qcnl_error_t; pub fn sgx_qcnl_free_tcbinfo(p_tcbinfo: *const uint8_t); - /* intel DCAP 1.14 */ - pub fn tdx_qcnl_get_tcbinfo( - fmspc: *const c_char, - fmspc_size: uint16_t, - custom_param_b64_string: *const c_char, - p_tcbinfo: *mut *mut uint8_t, - p_tcbinfo_size: *mut uint16_t, - ) -> sgx_qcnl_error_t; - pub fn tdx_qcnl_free_tcbinfo(p_tcbinfo: *const uint8_t); pub fn sgx_qcnl_get_qe_identity( qe_type: uint8_t, custom_param_b64_string: *const c_char, diff --git a/sgx_types/src/types.rs b/sgx_types/src/types.rs index 6241136b..2f865fb6 100644 --- a/sgx_types/src/types.rs +++ b/sgx_types/src/types.rs @@ -1373,16 +1373,7 @@ pub struct sgx_ql_qve_collateral_t { pub type tdx_ql_qve_collateral_t = sgx_ql_qve_collateral_t; -impl_enum! { - #[repr(u8)] - #[derive(Copy, Clone, PartialEq, Eq, Debug)] - pub enum sgx_prod_type_t { - SGX_PROD_TYPE_SGX = 0, - SGX_PROD_TYPE_TDX = 1, - } -} - -/* intel DCAP 1.11 */ +/* intel DCAP 2.14 */ impl_enum! { #[repr(u32)] #[derive(Copy, Clone, PartialEq, Eq, Debug)] @@ -1459,8 +1450,8 @@ impl_packed_copy_clone! { pub struct sgx_ql_ecdsa_sig_data_t { pub sig: [uint8_t; 64], pub attest_pub_key: [uint8_t; 64], - pub qe_report: sgx_report_body_t, - pub qe_report_sig: [uint8_t; 64], + pub qe3_report: sgx_report_body_t, + pub qe3_report_sig: [uint8_t; 64], pub auth_certification_data: [uint8_t; 0], } } @@ -1502,104 +1493,6 @@ impl_struct_ContiguousMemory! { sgx_quote3_t; } -/* intel DCAP 1.14 */ -// -// sgx_quote_4.h -// -pub const TEE_TCB_SVN_SIZE: usize = 16; - -impl_struct! { - pub struct tee_tcb_svn_t { - pub tcb_svn: [uint8_t; TEE_TCB_SVN_SIZE], - } -} - -pub const TD_INFO_RESERVED_BYTES: usize = 112; -pub const TD_TEE_TCB_INFO_RESERVED_BYTES: usize = 111; - -impl_packed_copy_clone! { - pub struct tee_info_t { - pub attributes: tee_attributes_t, - pub xfam: tee_attributes_t, - pub mr_td: tee_measurement_t, - pub mr_config_id: tee_measurement_t, - pub mr_owner: tee_measurement_t, - pub mr_owner_config: tee_measurement_t, - pub rt_mr: [tee_measurement_t; 4], - pub reserved: [uint8_t; TD_INFO_RESERVED_BYTES], - } - - pub struct tee_tcb_info_t { - pub valid: [uint8_t; 8], - pub tee_tcb_svn: tee_tcb_svn_t, - pub mr_seam: tee_measurement_t, - pub mr_seam_signer: tee_measurement_t, - pub attributes: tee_attributes_t, - pub reserved: [uint8_t; TD_TEE_TCB_INFO_RESERVED_BYTES], - } - - pub struct sgx_qe_report_certification_data_t { - pub qe_report: sgx_report_body_t, - pub qe_report_sig: [uint8_t; 64], - pub auth_certification_data: [uint8_t; 0], - } - - pub struct sgx_ecdsa_sig_data_v4_t { - pub sig: [uint8_t; 64], - pub attest_pub_key: [uint8_t; 64], - pub certification_data: [uint8_t; 0], - } - - pub struct sgx_quote4_t { - pub header: sgx_quote4_header_t, - pub report_body: sgx_report2_body_t, - pub signature_data_len: uint32_t, - pub signature_data: [uint8_t; 0], - } -} - -impl_struct_default! { - tee_info_t; //512 - tee_tcb_info_t; //239 - sgx_qe_report_certification_data_t; //448 - sgx_ecdsa_sig_data_v4_t; //128 - sgx_quote4_t; //636 -} - -impl_struct_ContiguousMemory! { - tee_info_t; - tee_tcb_info_t; - sgx_qe_report_certification_data_t; - sgx_ecdsa_sig_data_v4_t; - sgx_quote4_t; -} - -impl_packed_struct! { - pub struct sgx_quote4_header_t { - pub version: uint16_t, - pub att_key_type: uint16_t, - pub tee_type: uint32_t, - pub reserved: uint32_t, - pub vendor_id: [uint8_t; 16], - pub user_data: [uint8_t; 20], - } - - pub struct sgx_report2_body_t { - pub tee_tcb_svn: tee_tcb_svn_t, - pub mr_seam: tee_measurement_t, - pub mrsigner_seam: tee_measurement_t, - pub seam_attributes: tee_attributes_t, - pub td_attributes: tee_attributes_t, - pub xfam: tee_attributes_t, - pub mr_td: tee_measurement_t, - pub mr_config_id: tee_measurement_t, - pub mr_owner: tee_measurement_t, - pub mr_owner_config: tee_measurement_t, - pub rt_mr: [tee_measurement_t; 4], - pub report_data: tee_report_data_t, - } -} - // // sgx_ql_quote.h // @@ -1701,19 +1594,6 @@ impl_enum! { } } -/* intel DCAP 1.14 */ -// -// sgx_default_qcnl_wrapper.h -// -impl_enum! { - #[repr(u8)] - #[derive(Copy, Clone, PartialEq, Eq, Debug)] - pub enum sgx_qe_type_t { - SGX_QE_TYPE_ECDSA = 0, - SGX_QE_TYPE_TD = 1, - } -} - /* intel sgx sdk 2.7.1 */ // // sgx_secure_align_api.h --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
