Skip to content

I
inclavare-containers

openanolis / inclavare-containers

通知 4
Star 7
Fork 0
I
inclavare-containers
提交 e37be9ed 编写于 作者: Y YiLin.Li 提交者: jia zhang
浏览文件
操作

rune/libenclave/skeleton: add sanity check in skeleton PAL APIs. 

Signed-off-by: NYilin Li <YiLin.Li@linux.alibaba.com>
上级 cae308f6
显示空白变更内容
内联 并排
Showing with 38 addition and 3 deletion
rune/libenclave/internal/runtime/pal/skeleton/liberpal-skeleton.c
浏览文件 @ e37be9ed
...@@ -33,6 +33,7 @@ ...@@ -33,6 +33,7 @@
#define TOKEN "encl.token" #define TOKEN "encl.token"
static struct sgx_secs secs; static struct sgx_secs secs;
static pal_stdio_fds pal_stdio;
static bool initialized = false; static bool initialized = false;
static char *sgx_dev_path; static char *sgx_dev_path;
static bool no_sgx_flc = false; static bool no_sgx_flc = false;
...@@ -437,6 +438,10 @@ int __pal_init(pal_attr_t *attr) ...@@ -437,6 +438,10 @@ int __pal_init(pal_attr_t *attr)
int __pal_exec(char *path, char *argv[], pal_stdio_fds *stdio, int *exit_code) int __pal_exec(char *path, char *argv[], pal_stdio_fds *stdio, int *exit_code)
{ {
if (path == NULL || argv == NULL || stdio == NULL || exit_code == NULL) {
return -1;
}
FILE *fp = fdopen(stdio->stderr, "w"); FILE *fp = fdopen(stdio->stderr, "w");
if (!fp) if (!fp)
return -1; return -1;
...@@ -447,6 +452,8 @@ int __pal_exec(char *path, char *argv[], pal_stdio_fds *stdio, int *exit_code) ...@@ -447,6 +452,8 @@ int __pal_exec(char *path, char *argv[], pal_stdio_fds *stdio, int *exit_code)
return -1; return -1;
} }
memcpy(&pal_stdio, stdio, sizeof(pal_stdio_fds));
uint64_t result = 0; uint64_t result = 0;
int ret = SGX_ENTER_1_ARG(ECALL_MAGIC, (void *)secs.base, &result); int ret = SGX_ENTER_1_ARG(ECALL_MAGIC, (void *)secs.base, &result);
if (ret) { if (ret) {
...@@ -476,9 +483,20 @@ int __pal_create_process(pal_create_process_args *args) ...@@ -476,9 +483,20 @@ int __pal_create_process(pal_create_process_args *args)
return -1; return -1;
} }
if ((pid = fork()) < 0) FILE *fp = fdopen(args->stdio->stderr, "w");
if (!fp)
return -1; return -1;
else if (pid == 0) {
if (!initialized) {
fprintf(fp, "Enclave runtime skeleton uninitialized yet!\n");
fclose(fp);
return -1;
}
if ((pid = fork()) < 0) {
fclose(fp);
return -1;
} else if (pid == 0) {
int exit_code, ret; int exit_code, ret;
ret = __pal_exec(args->path, args->argv, args->stdio, &exit_code); ret = __pal_exec(args->path, args->argv, args->stdio, &exit_code);
...@@ -486,6 +504,7 @@ int __pal_create_process(pal_create_process_args *args) ...@@ -486,6 +504,7 @@ int __pal_create_process(pal_create_process_args *args)
} else } else
*args->pid = pid; *args->pid = pid;
fclose(fp);
return 0; return 0;
} }
...@@ -497,6 +516,11 @@ int wait4child(pal_exec_args *attr) ...@@ -497,6 +516,11 @@ int wait4child(pal_exec_args *attr)
return -1; return -1;
} }
if (!initialized) {
fprintf(stderr, "Enclave runtime skeleton uninitialized yet!\n");
return -1;
}
waitpid(attr->pid, &status, 0); waitpid(attr->pid, &status, 0);
if (WIFEXITED(status) || WIFSIGNALED(status)) if (WIFEXITED(status) || WIFSIGNALED(status))
...@@ -507,17 +531,28 @@ int wait4child(pal_exec_args *attr) ...@@ -507,17 +531,28 @@ int wait4child(pal_exec_args *attr)
int __pal_kill(int pid, int sig) int __pal_kill(int pid, int sig)
{ {
if (!initialized) {
fprintf(stderr, "Enclave runtime skeleton uninitialized yet!\n");
return -1;
}
/* No implementation */ /* No implementation */
return 0; return 0;
} }
int __pal_destory(void) int __pal_destory(void)
{ {
FILE *fp = fdopen(pal_stdio.stderr, "w");
if (!fp)
return -1;
if (!initialized) { if (!initialized) {
fprintf(stderr, "Enclave runtime skeleton uninitialized yet!\n"); fprintf(fp, "Enclave runtime skeleton uninitialized yet!\n");
fclose(fp);
return -1; return -1;
} }
fclose(fp);
close(enclave_fd); close(enclave_fd);
return 0; return 0;
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册