general/occlum
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Release resources when processes destroyed

Browse Source
This commit is contained in:
Tate, Hongliang Tian 2018-09-23 21:17:44 +08:00
parent 4fbfe7bf0c
commit b041dee55c
5 changed files with 46 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/libos/Enclave_config.xml
View File

@ -2,7 +2,7 @@
<EnclaveConfiguration> <EnclaveConfiguration>
<ProdID>0</ProdID> <ProdID>0</ProdID>
<ISVSVN>0</ISVSVN> <ISVSVN>0</ISVSVN>
<StackMaxSize>0x400000</StackMaxSize> <StackMaxSize>0x80000</StackMaxSize>
<HeapMaxSize>0x1000000</HeapMaxSize> <HeapMaxSize>0x1000000</HeapMaxSize>
<TCSNum>8</TCSNum> <TCSNum>8</TCSNum>
<TCSPolicy>1</TCSPolicy> <TCSPolicy>1</TCSPolicy>

6
src/libos/src/mm.rs
View File

@ -27,9 +27,9 @@ impl MemObj {
unsafe { memset(mem_ptr, 0 as c_int, mem_size as size_t) }; unsafe { memset(mem_ptr, 0 as c_int, mem_size as size_t) };
Ok(MemObj { Ok(MemObj {
mem_ptr: mem_ptr, mem_ptr,
mem_size: mem_size, mem_size,
mem_align: mem_align, mem_align,
}) })
} }

26
src/libos/src/process.rs
View File

@ -91,6 +91,17 @@ pub fn set_current(process: &ProcessRef) {
}); });
} }
pub fn reset_current() {
let mut process_ptr = 0 as *const SgxMutex<Process>;
_CURRENT_PROCESS_PTR.with(|cp| {
process_ptr = cp.get();
cp.set(0 as *const SgxMutex<Process>);
});
// Prevent memory leakage
unsafe { drop(Arc::from_raw(process_ptr)); }
}
pub fn get_current() -> &'static SgxMutex<Process> { pub fn get_current() -> &'static SgxMutex<Process> {
let mut process_ptr : *const SgxMutex<Process> = 0 as *const SgxMutex<Process>; let mut process_ptr : *const SgxMutex<Process> = 0 as *const SgxMutex<Process>;
_CURRENT_PROCESS_PTR.with(|cp| { _CURRENT_PROCESS_PTR.with(|cp| {
@ -124,6 +135,7 @@ pub fn do_wait4(child_pid: u32, exit_code: &mut i32) -> Result<(), &'static str>
*exit_code = guard.exit_code; *exit_code = guard.exit_code;
break; break;
} }
del_from_pid_table(guard.pid);
drop(guard); drop(guard);
} }
Ok(()) Ok(())
@ -133,16 +145,26 @@ pub fn run_task() -> Result<(), &'static str> {
let new_process : ProcessRef = dequeue_new_process().ok_or("No new process to run")?; let new_process : ProcessRef = dequeue_new_process().ok_or("No new process to run")?;
set_current(&new_process); set_current(&new_process);
let pid;
let new_task; let new_task;
{ {
let guard = new_process.lock().unwrap(); let guard = new_process.lock().unwrap();
let process : &Process = &guard; let process : &Process = &guard;
println!("Run process: {:#x?}", process); pid = process.pid;
//println!("Run process: {:#x?}", process);
println!("Run process (pid = {})", process.pid);
new_task = &process.task as *const Task new_task = &process.task as *const Task
}; };
unsafe { do_run_task(new_task as *const Task); } unsafe { do_run_task(new_task as *const Task); }
// Init process does not have any parent, so it has to release itself
if pid == 1 {
del_from_pid_table(1);
}
reset_current();
Ok(()) Ok(())
} }
@ -152,6 +174,7 @@ fn open_elf<P: AsRef<Path>>(path: &P) -> io::Result<Vec<u8>> {
let mut elf_buf = Vec::<u8>::new(); let mut elf_buf = Vec::<u8>::new();
elf_file.read_to_end(&mut elf_buf); elf_file.read_to_end(&mut elf_buf);
drop(elf_file);
Ok(elf_buf) Ok(elf_buf)
} }
@ -251,7 +274,6 @@ impl Process {
impl Drop for Process { impl Drop for Process {
fn drop(&mut self) { fn drop(&mut self) {
del_from_pid_table(self.pid);
free_pid(self.pid); free_pid(self.pid);
} }
} }

7
src/libos/src/vma.rs
View File

@ -141,7 +141,10 @@ pub fn mprotect_batch(vma_list: &[&Vma])
let size = (vma.mem_end - vma.mem_begin) as size_t; let size = (vma.mem_end - vma.mem_begin) as size_t;
let perms = vma.mem_flags.0 as uint64_t; let perms = vma.mem_flags.0 as uint64_t;
let status = unsafe { let status = unsafe {
trts_mprotect(start, size, perms) //TODO: use proper permissions
//TODO: reset the permissions when drop VMA
//trts_mprotect(start, size, perms)
trts_mprotect(start, size, (PERM_R | PERM_W | PERM_X) as uint64_t)
}; };
if (status != sgx_status_t::SGX_SUCCESS) { if (status != sgx_status_t::SGX_SUCCESS) {
return Err("trts_mprotect failed"); return Err("trts_mprotect failed");
@ -151,7 +154,7 @@ pub fn mprotect_batch(vma_list: &[&Vma])
} }
#[derive(Copy, Clone, Debug, Default)] #[derive(Copy, Clone, Debug, Default, PartialEq)]
pub struct Perms(pub u32); pub struct Perms(pub u32);
pub const PERM_R: u32 = 0x1; pub const PERM_R: u32 = 0x1;

21
test/spawn_and_wait4_raw/main.c
View File

@ -7,18 +7,23 @@ static void print_ok(void) {
__rusgx_write(1, success_str_buf, success_str_size); __rusgx_write(1, success_str_buf, success_str_size);
} }
#define NUM_CHILDREN 100
void _start(void) { void _start(void) {
int ret = 0; for (int ci = 0; ci < NUM_CHILDREN; ci++) {
int pid = 0; int ret = 0;
int pid = 0;
ret = __rusgx_spawn(&pid, "hello_world_raw/bin.encrypted", NULL, NULL); ret = __rusgx_spawn(&pid, "hello_world_raw/bin.encrypted", NULL, NULL);
if (ret < 0) { __rusgx_exit(0); } if (ret < 0) { __rusgx_exit(0); }
print_ok();
int status; int status;
ret = __rusgx_wait4(pid, &status, 0); ret = __rusgx_wait4(pid, &status, 0);
if (ret < 0) { __rusgx_exit(0); } if (ret < 0) { __rusgx_exit(0); }
print_ok(); //print_ok();
}
__rusgx_exit(0); __rusgx_exit(0);
} }