From 413586f729a04e21ae4b8b88f315792df3858272 Mon Sep 17 00:00:00 2001 From: WangRunji Date: Fri, 26 Apr 2019 22:44:10 +0800 Subject: [PATCH] add integrity_only_opt and sgx_file_cache feature --- src/libos/Cargo.toml | 6 ++++-- src/libos/src/fs/mod.rs | 1 - src/libos/src/fs/sgx_impl.rs | 6 ++++++ src/libos/src/process/spawn/segment.rs | 9 +++++++-- src/libos/src/vm/process_vm.rs | 4 ++-- 5 files changed, 19 insertions(+), 7 deletions(-) diff --git a/src/libos/Cargo.toml b/src/libos/Cargo.toml index 1627c480..86a75d71 100644 --- a/src/libos/Cargo.toml +++ b/src/libos/Cargo.toml @@ -14,8 +14,10 @@ rcore-fs = { path = "../../deps/sefs/rcore-fs" } rcore-fs-sefs = { path = "../../deps/sefs/rcore-fs-sefs" } [features] -default = [] -syscall_timing = [] +default = ["integrity_only_opt", "sgx_file_cache"] +syscall_timing = [] # Timing for each syscall. But it has cost from more ocall. +integrity_only_opt = [] # Clear bss only. It should be disabled if checking memory reads. +sgx_file_cache = [] # Cache SgxFile objects. Invalidation is unimplemented. [target.'cfg(not(target_env = "sgx"))'.dependencies] xmas-elf = { path = "../../deps/xmas-elf" } diff --git a/src/libos/src/fs/mod.rs b/src/libos/src/fs/mod.rs index 1fd92bb3..560554a1 100644 --- a/src/libos/src/fs/mod.rs +++ b/src/libos/src/fs/mod.rs @@ -499,7 +499,6 @@ impl OpenFlags { } } -#[derive(Debug)] #[repr(packed)] // Don't use 'C'. Or its size will align up to 8 bytes. pub struct LinuxDirent64 { /// Inode number diff --git a/src/libos/src/fs/sgx_impl.rs b/src/libos/src/fs/sgx_impl.rs index 2f03cac2..bc3620d5 100644 --- a/src/libos/src/fs/sgx_impl.rs +++ b/src/libos/src/fs/sgx_impl.rs @@ -25,6 +25,7 @@ impl SgxStorage { /// Get file by `file_id`. /// It lookups cache first, if miss, then call `open_fn` to open one, /// and add it to cache before return. + #[cfg(feature = "sgx_file_cache")] fn get(&self, file_id: usize, open_fn: impl FnOnce(&Self) -> LockedFile) -> LockedFile { // query cache let mut caches = self.file_cache.lock().unwrap(); @@ -38,6 +39,11 @@ impl SgxStorage { caches.insert(file_id, locked_file.clone()); locked_file } + /// Get file by `file_id` without cache. + #[cfg(not(feature = "sgx_file_cache"))] + fn get(&self, file_id: usize, open_fn: impl FnOnce(&Self) -> LockedFile) -> LockedFile { + open_fn(self) + } } impl Storage for SgxStorage { diff --git a/src/libos/src/process/spawn/segment.rs b/src/libos/src/process/spawn/segment.rs index d8846a14..59947aff 100644 --- a/src/libos/src/process/spawn/segment.rs +++ b/src/libos/src/process/spawn/segment.rs @@ -66,10 +66,15 @@ impl Segment { let mut target_buf = unsafe { slice::from_raw_parts_mut( (self.process_base_addr + self.mem_addr) as *mut u8, - self.file_size, + self.mem_size, ) }; - target_buf.copy_from_slice(&elf_buf[self.file_offset..(self.file_offset + self.file_size)]); + target_buf[0..self.file_size] + .copy_from_slice(&elf_buf[self.file_offset..(self.file_offset + self.file_size)]); + #[cfg(feature = "integrity_only_opt")] + for i in &mut target_buf[self.file_size..self.mem_size] { + *i = 0; + } } pub fn set_runtime_info( diff --git a/src/libos/src/vm/process_vm.rs b/src/libos/src/vm/process_vm.rs index bb64864e..f2c471b0 100644 --- a/src/libos/src/vm/process_vm.rs +++ b/src/libos/src/vm/process_vm.rs @@ -116,7 +116,7 @@ impl ProcessVM { code_size, rx_flags, VMGrowthType::Fixed, - true, + !cfg!(feature = "integrity_only_opt"), )?; let data_vma = alloc_vma_continuously( &mut addr, @@ -124,7 +124,7 @@ impl ProcessVM { data_size, rw_flags, VMGrowthType::Fixed, - true, + !cfg!(feature = "integrity_only_opt"), )?; let heap_vma = alloc_vma_continuously( &mut addr,