add integrity_only_opt and sgx_file_cache feature

2019-04-26 22:44:10 +08:00 · 2019-04-26 22:44:10 +08:00 · 413586f729
commit 413586f729
parent 6e871f7948
5 changed files with 19 additions and 7 deletions
--- a/src/libos/Cargo.toml
+++ b/src/libos/Cargo.toml
@ -14,8 +14,10 @@ rcore-fs = { path = "../../deps/sefs/rcore-fs" }
 rcore-fs-sefs = { path = "../../deps/sefs/rcore-fs-sefs" }

 [features]
-default = []
-syscall_timing = []
+default = ["integrity_only_opt", "sgx_file_cache"]
+syscall_timing = []     # Timing for each syscall. But it has cost from more ocall.
+integrity_only_opt = [] # Clear bss only. It should be disabled if checking memory reads.
+sgx_file_cache = []     # Cache SgxFile objects. Invalidation is unimplemented.

 [target.'cfg(not(target_env = "sgx"))'.dependencies]
 xmas-elf = { path = "../../deps/xmas-elf" }
--- a/src/libos/src/fs/mod.rs
+++ b/src/libos/src/fs/mod.rs
@ -499,7 +499,6 @@ impl OpenFlags {
    }
 }

-#[derive(Debug)]
 #[repr(packed)] // Don't use 'C'. Or its size will align up to 8 bytes.
 pub struct LinuxDirent64 {
    /// Inode number
--- a/src/libos/src/fs/sgx_impl.rs
+++ b/src/libos/src/fs/sgx_impl.rs
@ -25,6 +25,7 @@ impl SgxStorage {
    /// Get file by `file_id`.
    /// It lookups cache first, if miss, then call `open_fn` to open one,
    /// and add it to cache before return.
+    #[cfg(feature = "sgx_file_cache")]
    fn get(&self, file_id: usize, open_fn: impl FnOnce(&Self) -> LockedFile) -> LockedFile {
        // query cache
        let mut caches = self.file_cache.lock().unwrap();
@ -38,6 +39,11 @@ impl SgxStorage {
        caches.insert(file_id, locked_file.clone());
        locked_file
    }
+    /// Get file by `file_id` without cache.
+    #[cfg(not(feature = "sgx_file_cache"))]
+    fn get(&self, file_id: usize, open_fn: impl FnOnce(&Self) -> LockedFile) -> LockedFile {
+        open_fn(self)
+    }
 }

 impl Storage for SgxStorage {
--- a/src/libos/src/process/spawn/segment.rs
+++ b/src/libos/src/process/spawn/segment.rs
@ -66,10 +66,15 @@ impl Segment {
        let mut target_buf = unsafe {
            slice::from_raw_parts_mut(
                (self.process_base_addr + self.mem_addr) as *mut u8,
-                self.file_size,
+                self.mem_size,
            )
        };
-        target_buf.copy_from_slice(&elf_buf[self.file_offset..(self.file_offset + self.file_size)]);
+        target_buf[0..self.file_size]
+            .copy_from_slice(&elf_buf[self.file_offset..(self.file_offset + self.file_size)]);
+        #[cfg(feature = "integrity_only_opt")]
+        for i in &mut target_buf[self.file_size..self.mem_size] {
+            *i = 0;
+        }
    }

    pub fn set_runtime_info(
--- a/src/libos/src/vm/process_vm.rs
+++ b/src/libos/src/vm/process_vm.rs
@ -116,7 +116,7 @@ impl ProcessVM {
            code_size,
            rx_flags,
            VMGrowthType::Fixed,
-            true,
+            !cfg!(feature = "integrity_only_opt"),
        )?;
        let data_vma = alloc_vma_continuously(
            &mut addr,
@ -124,7 +124,7 @@ impl ProcessVM {
            data_size,
            rw_flags,
            VMGrowthType::Fixed,
-            true,
+            !cfg!(feature = "integrity_only_opt"),
        )?;
        let heap_vma = alloc_vma_continuously(
            &mut addr,