general/occlum
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Reduce redundant mprotect ocall

Browse Source
This commit is contained in:
Hui, Chunyang 2021-02-04 07:24:10 +00:00 committed by Zongmin.Gu
parent 79b264a6c8
commit a2959c17df
3 changed files with 15 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/libos/src/vm/user_space_vm.rs
View File

@ -19,11 +19,11 @@ impl UserSpaceVMManager {
pub fn alloc(&self, size: usize) -> Result<UserSpaceVMRange> { pub fn alloc(&self, size: usize) -> Result<UserSpaceVMRange> {
let vm_range = unsafe { let vm_range = unsafe {
let ptr = sgx_alloc_rsrv_mem(size); let ptr = sgx_alloc_rsrv_mem(size);
let perm = MemPerm::READ | MemPerm::WRITE | MemPerm::EXEC; let perm = MemPerm::READ | MemPerm::WRITE;
if ptr.is_null() { if ptr.is_null() {
return_errno!(ENOMEM, "run out of reserved memory"); return_errno!(ENOMEM, "run out of reserved memory");
} }
// Change the page permission to RWX // Change the page permission to RW (default)
assert!(sgx_tprotect_rsrv_mem(ptr, size, perm.bits()) == sgx_status_t::SGX_SUCCESS); assert!(sgx_tprotect_rsrv_mem(ptr, size, perm.bits()) == sgx_status_t::SGX_SUCCESS);
let addr = ptr as usize; let addr = ptr as usize;

8
src/libos/src/vm/vm_manager.rs
View File

@ -319,7 +319,9 @@ impl VMManager {
options.initializer.init_slice(buf)?; options.initializer.init_slice(buf)?;
} }
// Set memory permissions // Set memory permissions
Self::apply_perms(&new_vma, new_vma.perms()); if !options.perms.is_default() {
Self::apply_perms(&new_vma, new_vma.perms());
}
// After initializing, we can safely insert the new VMA // After initializing, we can safely insert the new VMA
self.insert_new_vma(insert_idx, new_vma); self.insert_new_vma(insert_idx, new_vma);
@ -371,7 +373,9 @@ impl VMManager {
Self::flush_file_vma(&intersection_vma); Self::flush_file_vma(&intersection_vma);
// Reset memory permissions // Reset memory permissions
Self::apply_perms(&intersection_vma, VMPerms::default()); if !&intersection_vma.perms().is_default() {
Self::apply_perms(&intersection_vma, VMPerms::default());
}
vma.subtract(&intersection_vma) vma.subtract(&intersection_vma)
}) })

9
src/libos/src/vm/vm_perms.rs
View File

@ -6,7 +6,8 @@ bitflags! {
const READ = 0x1; const READ = 0x1;
const WRITE = 0x2; const WRITE = 0x2;
const EXEC = 0x4; const EXEC = 0x4;
const ALL = Self::READ.bits | Self::WRITE.bits | Self::EXEC.bits; const DEFAULT = Self::READ.bits | Self::WRITE.bits;
const ALL = Self::DEFAULT.bits | Self::EXEC.bits;
} }
} }
@ -26,10 +27,14 @@ impl VMPerms {
pub fn can_execute(&self) -> bool { pub fn can_execute(&self) -> bool {
self.contains(VMPerms::EXEC) self.contains(VMPerms::EXEC)
} }
pub fn is_default(&self) -> bool {
self.bits == Self::DEFAULT.bits
}
} }
impl Default for VMPerms { impl Default for VMPerms {
fn default() -> Self { fn default() -> Self {
VMPerms::ALL VMPerms::DEFAULT
} }
} }