From 16012460d1973c856e9c7db419667a79f99afbdc Mon Sep 17 00:00:00 2001
From: Jia Zhang <zhang.jia@linux.alibaba.com>
Date: Fri, 3 Jul 2020 10:13:29 +0000
Subject: [PATCH] rune/libenclave/intelsgx: Refactor cpuid implementation

Current cpuid is implemented in assembly, which disallows using cgo.

Signed-off-by: Jia Zhang <zhang.jia@linux.alibaba.com>
---
 rune/libenclave/intelsgx/arch.go           | 20 +--------
 rune/libenclave/intelsgx/cpuid.go          | 47 ++++++++++++++++++++++
 rune/libenclave/intelsgx/cpuid_low.s       | 12 ------
 rune/libenclave/intelsgx/epc.go            |  2 +-
 rune/libenclave/intelsgx/launch_control.go |  2 +-
 rune/libenclave/intelsgx/secs.go           |  2 +-
 6 files changed, 52 insertions(+), 33 deletions(-)
 create mode 100644 rune/libenclave/intelsgx/cpuid.go
 delete mode 100644 rune/libenclave/intelsgx/cpuid_low.s

diff --git a/rune/libenclave/intelsgx/arch.go b/rune/libenclave/intelsgx/arch.go
index b48a638..94aef13 100644
--- a/rune/libenclave/intelsgx/arch.go
+++ b/rune/libenclave/intelsgx/arch.go
@@ -9,20 +9,6 @@ var (
 	maxEnclaveSizeBits      uint32
 )
 
-// CPUID leafs
-const (
-	cpuidExtendedFeatureFlags = 0x7
-	cpuidSgxFeature           = 0x12
-)
-
-// CPUID leaf 0x12 sub-leafs
-const (
-	sgxCapabilties    = 0
-	sgxAttributes     = 1
-	sgxEpcBaseSection = 2
-	maxSgxEpcSections = 8
-)
-
 const (
 	SigStructLength       = 1808
 	EinittokenLength      = 304
@@ -145,11 +131,9 @@ type QuoteBody struct {
 	Basename      [32]byte `struct:"[32]byte"`
 }
 
-func cpuid_low(leaf, subLeaf uint32) (eax, ebx, ecx, edx uint32)
-
 // Check whether CPUs support SGX or not
 func IsSgxSupported() bool {
-	_, ebx, _, _ := cpuid_low(cpuidExtendedFeatureFlags, 0)
+	_, ebx, _, _ := cpuid(cpuidExtendedFeatureFlags, 0)
 	if (ebx & 0x4) == 0x0 {
 		return false
 	}
@@ -163,7 +147,7 @@ func GetSgxFeatures() {
 		return
 	}
 
-	eax, ebx, _, edx := cpuid_low(cpuidSgxFeature, sgxCapabilties)
+	eax, ebx, _, edx := cpuid(cpuidSgxFeature, sgxCapabilties)
 	if (eax & 0x1) != 0 {
 		sgx1Supported = true
 	}
diff --git a/rune/libenclave/intelsgx/cpuid.go b/rune/libenclave/intelsgx/cpuid.go
new file mode 100644
index 0000000..81f2912
--- /dev/null
+++ b/rune/libenclave/intelsgx/cpuid.go
@@ -0,0 +1,47 @@
+package intelsgx // import "github.com/opencontainers/runc/libenclave/intelsgx"
+
+/*
+#include <stdlib.h>
+#include <unistd.h>
+
+static void cpuid(__uint32_t leaf, __uint32_t sub_leaf,
+		  __uint32_t *eax, __uint32_t *ebx,
+		  __uint32_t *ecx, __uint32_t *edx)
+{
+        asm volatile("cpuid"
+                     : "=a"(*eax), "=b"(*ebx), "=c"(*ecx), "=d"(*edx)
+                     : "0"(leaf), "2"(sub_leaf)
+                     : "memory");
+}
+*/
+import "C"
+import "unsafe"
+
+// CPUID leafs
+const (
+	cpuidExtendedFeatureFlags = 0x7
+	cpuidSgxFeature           = 0x12
+)
+
+// CPUID leaf 0x12 sub-leafs
+const (
+	sgxCapabilties    = 0
+	sgxAttributes     = 1
+	sgxEpcBaseSection = 2
+	maxSgxEpcSections = 8
+)
+
+func cpuid(leaf uint32, subLeaf uint32) (uint32, uint32, uint32, uint32) {
+	var (
+		eax uint32
+		ebx uint32
+		ecx uint32
+		edx uint32
+	)
+
+	C.cpuid(C.uint(leaf), C.uint(subLeaf), (*C.uint)(unsafe.Pointer(&eax)),
+		(*C.uint)(unsafe.Pointer(&ebx)), (*C.uint)(unsafe.Pointer(&ecx)),
+		(*C.uint)(unsafe.Pointer(&edx)))
+
+	return eax, ebx, ecx, edx
+}
diff --git a/rune/libenclave/intelsgx/cpuid_low.s b/rune/libenclave/intelsgx/cpuid_low.s
deleted file mode 100644
index 9b6b5c4..0000000
--- a/rune/libenclave/intelsgx/cpuid_low.s
+++ /dev/null
@@ -1,12 +0,0 @@
-#include "textflag.h"
-
-// func cpuid_low(leaf, subLeaf uint32) (eax, ebx, ecx, edx uint32)
-TEXT ·cpuid_low(SB),NOSPLIT,$0-24
-    MOVL    arg1+0(FP), AX
-    MOVL    arg2+4(FP), CX
-    CPUID
-    MOVL AX, eax+8(FP)
-    MOVL BX, ebx+12(FP)
-    MOVL CX, ecx+16(FP)
-    MOVL DX, edx+20(FP)
-    RET
diff --git a/rune/libenclave/intelsgx/epc.go b/rune/libenclave/intelsgx/epc.go
index d11b021..d8bde07 100644
--- a/rune/libenclave/intelsgx/epc.go
+++ b/rune/libenclave/intelsgx/epc.go
@@ -10,7 +10,7 @@ func GetEpcSections() []SgxEpcSection {
 	sections := []SgxEpcSection{}
 
 	for i := 0; i < maxSgxEpcSections; i++ {
-		eax, ebx, ecx, edx := cpuid_low(cpuidSgxFeature, uint32(sgxEpcBaseSection+i))
+		eax, ebx, ecx, edx := cpuid(cpuidSgxFeature, uint32(sgxEpcBaseSection+i))
 
 		if (eax & 0xf) == 0x0 {
 			break
diff --git a/rune/libenclave/intelsgx/launch_control.go b/rune/libenclave/intelsgx/launch_control.go
index c5807f0..b9481fd 100644
--- a/rune/libenclave/intelsgx/launch_control.go
+++ b/rune/libenclave/intelsgx/launch_control.go
@@ -5,7 +5,7 @@ var (
 )
 
 func GetSgxLaunchControl() {
-	_, _, ecx, _ := cpuid_low(cpuidExtendedFeatureFlags, 0)
+	_, _, ecx, _ := cpuid(cpuidExtendedFeatureFlags, 0)
 	if (ecx & 0x40000000) != 0 {
 		sgxLaunchControlSupported = true
 	}
diff --git a/rune/libenclave/intelsgx/secs.go b/rune/libenclave/intelsgx/secs.go
index 300ed45..5288db7 100644
--- a/rune/libenclave/intelsgx/secs.go
+++ b/rune/libenclave/intelsgx/secs.go
@@ -1,6 +1,6 @@
 package intelsgx // import "github.com/opencontainers/runc/libenclave/intelsgx"
 
 func getSecsAttributes() (uint32, uint32, uint32, uint32) {
-	eax, ebx, ecx, edx := cpuid_low(cpuidSgxFeature, sgxAttributes)
+	eax, ebx, ecx, edx := cpuid(cpuidSgxFeature, sgxAttributes)
 	return eax, ebx, ecx, edx
 }
-- 
GitLab