From 27627e719222ca96652e310dec4fa65730df0598 Mon Sep 17 00:00:00 2001
From: Jia Zhang <zhang.jia@linux.alibaba.com>
Date: Sun, 28 Jun 2020 08:55:25 +0000
Subject: [PATCH] rune/libenclave: Implement new ecall get_report() for
 skeleton

Signed-off-by: Jia Zhang <zhang.jia@linux.alibaba.com>
---
 .../internal/runtime/pal/skeleton/Makefile    |  4 +-
 .../internal/runtime/pal/skeleton/arch.h      | 57 +++++++++++++++++++
 .../internal/runtime/pal/skeleton/encl.c      | 26 ++++++++-
 .../runtime/pal/skeleton/liberpal-skeleton.c  |  7 ++-
 .../internal/runtime/pal/skeleton/sgx_call.h  | 18 +++++-
 5 files changed, 105 insertions(+), 7 deletions(-)

diff --git a/rune/libenclave/internal/runtime/pal/skeleton/Makefile b/rune/libenclave/internal/runtime/pal/skeleton/Makefile
index 46cdae4..1870e4e 100644
--- a/rune/libenclave/internal/runtime/pal/skeleton/Makefile
+++ b/rune/libenclave/internal/runtime/pal/skeleton/Makefile
@@ -4,9 +4,9 @@ endif
 
 OUTPUT ?= ./
 HOST_CFLAGS := -Wall -Werror -g -fPIC -z noexecstack \
-		-Wno-unused-const-variable
+	       -Wno-unused-const-variable -std=gnu11
 ENCL_CFLAGS := -Wall -Werror -static -nostdlib -nostartfiles -fPIC \
-	       -fno-stack-protector -mrdrnd
+	       -fno-stack-protector -mrdrnd -std=gnu11
 HOST_LDFLAGS := -fPIC -shared -Wl,-Bsymbolic
 
 TEST_CUSTOM_PROGS := $(OUTPUT)/encl.bin $(OUTPUT)/encl.ss $(OUTPUT)/liberpal-skeleton.so $(OUTPUT)/signing_key.pem $(OUTPUT)/encl.token
diff --git a/rune/libenclave/internal/runtime/pal/skeleton/arch.h b/rune/libenclave/internal/runtime/pal/skeleton/arch.h
index d43acc1..0720aec 100644
--- a/rune/libenclave/internal/runtime/pal/skeleton/arch.h
+++ b/rune/libenclave/internal/runtime/pal/skeleton/arch.h
@@ -10,6 +10,7 @@
 #ifndef _ASM_X86_SGX_ARCH_H
 #define _ASM_X86_SGX_ARCH_H
 
+#include <assert.h>
 #include <linux/types.h>
 
 #define SGX_CPUID				0x12
@@ -19,6 +20,8 @@
 #define BIT(nr)			(1UL << (nr))
 #endif
 
+#define EREPORT			0
+
 /**
  * enum sgx_return_code - The return code type for ENCLS, ENCLU and ENCLV
  * %SGX_NOT_TRACKED:		Previous ETRACK's shootdown sequence has not
@@ -369,4 +372,58 @@ struct sgx_einittoken {
 
 #define SGX_LAUNCH_TOKEN_SIZE 304
 
+#define SGX_TARGET_INFO_SIZE 512
+
+struct sgx_target_info {
+    uint8_t mrenclave[32];
+    uint64_t attributes;
+    uint64_t xfrm;
+    uint8_t cetattributes;
+    uint8_t reserved1;
+    uint16_t config_svn;
+    uint32_t miscselect;
+    uint8_t reserved2[8];
+    uint32_t config_id[16];
+    uint8_t reserved3[384];
+} __packed __aligned(SGX_TARGET_INFO_SIZE);
+static_assert(sizeof(struct sgx_target_info) == SGX_TARGET_INFO_SIZE, "incorrect size of sgx_target_info");
+
+#define SGX_REPORT_DATA_SIZE 64
+
+struct sgx_report_data {
+	uint8_t report_data[SGX_REPORT_DATA_SIZE];
+} __packed __aligned(128);
+static_assert(sizeof(struct sgx_report_data) == 128, "incorrect size of sgx_report_data");
+
+struct sgx_report_body {
+    uint8_t cpusvn[16];
+    uint32_t miscselect;
+    uint8_t cetattributes;
+    uint8_t reserved1[11];
+    uint16_t isv_ext_prod_id[8];
+    uint64_t attributes;
+    uint64_t xfrm;
+    uint8_t mrenclave[32];
+    uint8_t reserved2[32];
+    uint8_t mrsigner[32];
+    uint8_t reserved3[32];
+    uint32_t config_id[16];
+    uint16_t isv_prod_id;
+    uint16_t isv_svn;
+    uint16_t config_svn;
+    uint8_t reserved4[42];
+    uint8_t isv_family_id[16];
+    uint8_t report_data[64];
+} __packed;
+static_assert(sizeof(struct sgx_report_body) == 384, "incorrect size of sgx_report_body");
+
+#define SGX_REPORT_SIZE 432
+
+struct sgx_report {
+    struct sgx_report_body body;
+    uint8_t key_id[32];
+    uint8_t mac[16];
+} __packed __aligned(512);
+static_assert(sizeof(struct sgx_report) == 512, "incorrect size of sgx_report");
+
 #endif /* _ASM_X86_SGX_ARCH_H */
diff --git a/rune/libenclave/internal/runtime/pal/skeleton/encl.c b/rune/libenclave/internal/runtime/pal/skeleton/encl.c
index 60cdde7..607ffff 100644
--- a/rune/libenclave/internal/runtime/pal/skeleton/encl.c
+++ b/rune/libenclave/internal/runtime/pal/skeleton/encl.c
@@ -25,6 +25,30 @@ static int encl_init(void *dst)
 	return 0;
 }
 
+static int encl_get_report(const struct sgx_target_info *target_info,
+			   const uint8_t *report_data,
+			   struct sgx_report *report)
+{
+	struct sgx_target_info ti;
+	memcpy(&ti, target_info, SGX_TARGET_INFO_SIZE);
+
+	struct sgx_report_data rd;
+	memcpy(&rd, report_data, SGX_REPORT_DATA_SIZE);
+
+	struct sgx_report r;
+
+	asm volatile(
+		ENCLU "\n\t"
+		:: "a" (EREPORT), "b" (&ti), "c" (&rd), "d" (&r)
+		: "memory"
+	);
+
+	memcpy(report, &r, SGX_REPORT_SIZE);
+
+	return 0;
+}
+
 unsigned long enclave_call_table[MAX_ECALLS] = {
-        (unsigned long)encl_init,
+	(unsigned long)encl_init,
+	(unsigned long)encl_get_report,
 };
diff --git a/rune/libenclave/internal/runtime/pal/skeleton/liberpal-skeleton.c b/rune/libenclave/internal/runtime/pal/skeleton/liberpal-skeleton.c
index 6a0a8e6..e9e5b93 100644
--- a/rune/libenclave/internal/runtime/pal/skeleton/liberpal-skeleton.c
+++ b/rune/libenclave/internal/runtime/pal/skeleton/liberpal-skeleton.c
@@ -104,7 +104,8 @@ static bool encl_add_pages(int dev_fd, unsigned long addr, void *data,
 }
 
 static bool encl_build(struct sgx_secs *secs, void *bin, unsigned long bin_size, 
-			struct sgx_sigstruct *sigstruct,struct sgx_einittoken *token)
+		       struct sgx_sigstruct *sigstruct,
+		       struct sgx_einittoken *token)
 {
 	struct sgx_enclave_init ioc;
 	int dev_fd;
@@ -288,7 +289,7 @@ int pal_exec(char *path, char *argv[], const char *envp[],
 		return -1;
 	}
 
-	fprintf(fp, "Enclave initialization succeeded\n");
+	fprintf(fp, "Enclave runtime skeleton initialization succeeded\n");
 	fclose(fp);
 
 	*exit_code = 0;
@@ -299,7 +300,7 @@ int pal_exec(char *path, char *argv[], const char *envp[],
 int pal_destroy(void)
 {
 	if (!initialized) {
-		fprintf(stderr, "enclave runtime skeleton uninitialized yet!\n");
+		fprintf(stderr, "Enclave runtime skeleton uninitialized yet!\n");
 		return -1;
 	}
 	return 0;
diff --git a/rune/libenclave/internal/runtime/pal/skeleton/sgx_call.h b/rune/libenclave/internal/runtime/pal/skeleton/sgx_call.h
index f606c34..1214838 100644
--- a/rune/libenclave/internal/runtime/pal/skeleton/sgx_call.h
+++ b/rune/libenclave/internal/runtime/pal/skeleton/sgx_call.h
@@ -7,7 +7,8 @@
 #define SGX_CALL_H
 
 #define ECALL_MAGIC		0
-#define MAX_ECALLS		1
+#define ECALL_REPORT		1
+#define MAX_ECALLS		2
 
 #define EEXIT			4
 
@@ -30,6 +31,21 @@
 		__ret; \
 	})
 
+#define SGX_ENTER_3_ARGS(ecall_num, tcs, a0, a1, a2) \
+	({	\
+		int __ret; \
+		asm volatile( \
+			"mov %1, %%r10\n\t" \
+			"mov %2, %%r11\n\t" \
+			"call sgx_ecall\n\t" \
+			: "=a" (__ret) \
+			: "r" ((uint64_t)ecall_num), "r" (tcs), \
+			  "D" (a0), "S" (a1), "d" (a2) \
+			: "r10", "r11" \
+		); \
+		__ret; \
+	})
+
 #define ENCLU			".byte 0x0f, 0x01, 0xd7"
 
 #else
-- 
GitLab