Add support for AMX

etc/template/Occlum.json

@@ -34,7 +34,8 @@
             "high": "0x0",
             "low": "0x0"
         },
-        "pkru": 0
+        "pkru": 0,
+        "amx": 0
     },
     "mount": [
         {

src/libos/src/process/do_arch_prctl.rs

@@ -1,17 +1,40 @@
 use crate::prelude::*;
+use crate::util::mem_util::from_user::check_mut_ptr;
 
 pub fn do_arch_prctl(code: ArchPrctlCode, addr: *mut usize) -> Result<()> {
     debug!("do_arch_prctl: code: {:?}, addr: {:?}", code, addr);
     match code {
         ArchPrctlCode::ARCH_SET_FS => {
+            check_mut_ptr(addr)?;
             current!().task().set_user_fs(addr as usize);
         }
         ArchPrctlCode::ARCH_GET_FS => unsafe {
+            check_mut_ptr(addr)?;
             *addr = current!().task().user_fs();
         },
         ArchPrctlCode::ARCH_SET_GS | ArchPrctlCode::ARCH_GET_GS => {
+            check_mut_ptr(addr)?;
             return_errno!(EINVAL, "GS cannot be accessed from the user space");
         }
+        ArchPrctlCode::ARCH_REQ_XCOMP_PERM => {
+            // Allows to request permission for a dynamically enabled feature or a feature set
+            // Currently only used to enable AMX
+            use crate::util::sgx::get_self_target;
+            const XFEATURE_XTILEDATA: u64 = 18;
+
+            let features = addr as u64;
+            if features == XFEATURE_XTILEDATA {
+                // Check if AMX is enabled for current Enclave
+                let target_info = get_self_target()?;
+                if target_info.attributes.xfrm & SGX_XFRM_AMX != SGX_XFRM_AMX {
+                    return_errno!(EINVAL, "AMX is not enabled for this enclave");
+                } else {
+                    info!("AMX is enabled for this enclave");
+                }
+            } else {
+                return_errno!(ENOSYS, "feature not supported");
+            }
+        }
     }
     Ok(())
 }
@@ -23,6 +46,7 @@ pub enum ArchPrctlCode {
     ARCH_SET_FS = 0x1002,
     ARCH_GET_FS = 0x1003,
     ARCH_GET_GS = 0x1004,
+    ARCH_REQ_XCOMP_PERM = 0x1023,
 }
 
 impl ArchPrctlCode {
@@ -32,6 +56,7 @@ impl ArchPrctlCode {
             0x1002 => Ok(ArchPrctlCode::ARCH_SET_FS),
             0x1003 => Ok(ArchPrctlCode::ARCH_GET_FS),
             0x1004 => Ok(ArchPrctlCode::ARCH_GET_GS),
+            0x1023 => Ok(ArchPrctlCode::ARCH_REQ_XCOMP_PERM),
             _ => return_errno!(EINVAL, "Unknown code for arch_prctl"),
         }
     }

src/libos/src/process/syscalls.rs

@@ -345,7 +345,6 @@ pub fn do_prctl(option: i32, arg2: u64, arg3: u64, arg4: u64, arg5: u64) -> Resu
 
 pub fn do_arch_prctl(code: u32, addr: *mut usize) -> Result<isize> {
     let code = ArchPrctlCode::from_u32(code)?;
-    check_mut_ptr(addr)?;
     super::do_arch_prctl::do_arch_prctl(code, addr).map(|_| 0)
 }
 

tools/gen_internal_conf/src/main.rs

@@ -461,6 +461,7 @@ fn main() {
             ISVFAMILYID_H: kss_tuple.3,
             ISVFAMILYID_L: kss_tuple.4,
             PKRU: occlum_config.metadata.pkru,
+            AMX: occlum_config.metadata.amx,
         };
         let enclave_config = serde_xml_rs::to_string(&sgx_enclave_configuration).unwrap();
         debug!("The enclave config:{:?}", enclave_config);
@@ -724,6 +725,8 @@ struct OcclumMetadata {
     ext_prod_id: OcclumMetaID,
     #[serde(default)]
     pkru: u32,
+    #[serde(default)]
+    amx: u32,
 }
 
 #[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
@@ -792,6 +795,7 @@ struct EnclaveConfiguration {
     ISVFAMILYID_H: u64,
     ISVFAMILYID_L: u64,
     PKRU: u32,
+    AMX: u32,
 }
 
 #[derive(Debug, PartialEq, Clone, Serialize)]