keystone-enclave · evgenyp67 · Mar 6, 2024 · Mar 22, 2024 · Mar 23, 2024 · Mar 26, 2024
diff --git a/examples/attestation/host/host.cpp b/examples/attestation/host/host.cpp
@@ -235,7 +235,7 @@ Host::dispatch_ocall(RunData& run_data) {
 Report
 Host::run(const std::string& nonce) {
   Keystone::Enclave enclave;
-  enclave.init(eapp_file_.c_str(), rt_file_.c_str(), ld_file_.c_str(), params_);
+  enclave.finalize(eapp_file_.c_str(), rt_file_.c_str(), ld_file_.c_str(), params_);
 
   RunData run_data{
       SharedBuffer{enclave.getSharedBuffer(), enclave.getSharedBufferSize()},

diff --git a/examples/attestation/host/verifier.cpp b/examples/attestation/host/verifier.cpp
@@ -78,7 +78,7 @@ Verifier::verify_data(Report& report, const std::string& nonce) {
 
 void
 Verifier::compute_expected_enclave_hash(byte* expected_enclave_hash) {
-  Keystone::Enclave::measure((char*) expected_enclave_hash, eapp_file_.c_str(), rt_file_.c_str(), ld_file_.c_str());
+  Keystone::Enclave::measure((char*) expected_enclave_hash, eapp_file_.c_str(), rt_file_.c_str(), ld_file_.c_str(), params_);
 }
 
 void

diff --git a/examples/hello-native/host/host_native.cpp b/examples/hello-native/host/host_native.cpp
@@ -30,7 +30,7 @@ main(int argc, char** argv) {
   params.setFreeMemSize(1024 * 1024);
   params.setUntrustedSize(1024 * 1024);
 
-  enclave.init(argv[1], argv[2], argv[3], params);
+  enclave.finalize(argv[1], argv[2], argv[3], params);
 
   enclave.registerOcallDispatch(incoming_call_dispatch);
 

diff --git a/examples/hello/host/host.cpp b/examples/hello/host/host.cpp
@@ -15,7 +15,7 @@ main(int argc, char** argv) {
   params.setFreeMemSize(256 * 1024);
   params.setUntrustedSize(256 * 1024);
 
-  enclave.init(argv[1], argv[2], argv[3], params);
+  enclave.finalize(argv[1], argv[2], argv[3], params);
 
   enclave.registerOcallDispatch(incoming_call_dispatch);
   edge_call_init_internals(

diff --git a/examples/tests/test-runner.cpp b/examples/tests/test-runner.cpp
@@ -117,7 +117,7 @@ main(int argc, char** argv) {
     asm volatile("rdcycle %0" : "=r"(cycles1));
   }
 
-  enclave.init(eapp_file, rt_file, ld_file, params);
+  enclave.finalize(eapp_file, rt_file, ld_file, params);
 
   if (self_timing) {
     asm volatile("rdcycle %0" : "=r"(cycles2));

diff --git a/linux-keystone-driver/keystone-ioctl.c b/linux-keystone-driver/keystone-ioctl.c
@@ -56,6 +56,7 @@ int keystone_finalize_enclave(unsigned long arg)
   /* SBI Call */
   create_args.epm_region.paddr = enclave->epm->pa;
   create_args.epm_region.size = enclave->epm->size;
+  create_args.free_offset = enclp->free_offset;
 
   utm = enclave->utm;
 
@@ -67,16 +68,10 @@ int keystone_finalize_enclave(unsigned long arg)
     create_args.utm_region.size = 0;
   }
 
-  // physical addresses for runtime, user, and freemem
-  create_args.runtime_paddr = enclp->runtime_paddr;
-  create_args.user_paddr = enclp->user_paddr;
-  create_args.free_paddr = enclp->free_paddr;
-  create_args.free_requested = enclp->free_requested;
-
   ret = sbi_sm_create_enclave(&create_args);
 
   if (ret.error) {
-    keystone_err("keystone_create_enclave: SBI call failed with error code %ld\n", ret.error);
+    keystone_err("keystone_finalize_enclave: SBI create call failed with error code %ld\n", ret.error);
     goto error_destroy_enclave;
   }
 

diff --git a/linux-keystone-driver/keystone.c b/linux-keystone-driver/keystone.c
@@ -41,7 +41,7 @@ int keystone_mmap(struct file* filp, struct vm_area_struct *vma)
   struct utm* utm;
   struct epm* epm;
   struct enclave* enclave;
-  unsigned long vsize, psize;
+  unsigned long vsize, psize, offset;
   vaddr_t paddr;
   enclave = get_enclave_by_id((unsigned long) filp->private_data);
   if(!enclave) {
@@ -54,9 +54,11 @@ int keystone_mmap(struct file* filp, struct vm_area_struct *vma)
   vsize = vma->vm_end - vma->vm_start;
 
   if(enclave->is_init){
-    if (vsize > PAGE_SIZE)
+    psize = epm->size;
+    offset = vma->vm_pgoff << PAGE_SHIFT;
+    if (offset >= psize || vsize + offset > psize)
       return -EINVAL;
-    paddr = epm->pa + (vma->vm_pgoff << PAGE_SHIFT);
+    paddr = epm->pa + offset;
     remap_pfn_range(vma,
                     vma->vm_start,
                     paddr >> PAGE_SHIFT,

diff --git a/runtime/include/loader/loader.h b/runtime/include/loader/loader.h
@@ -1,3 +1,5 @@
 #include "loader/elf.h"
+#include "sm_call.h"
 
+resource_ptr_t* findIdentityResident(uintptr_t dram_base, const char* filename);
 int loadElf(elf_t* elf, bool user);
diff --git a/runtime/loader-binary/loader-binary.c b/runtime/loader-binary/loader-binary.c
@@ -5,6 +5,7 @@
 #include "mm/freemem.h"
 #include "util/printf.h"
 #include <asm/csr.h>
+#include "sm_call.h"
 
 /* root page table */
 pte root_page_table_storage[BIT(RISCV_PT_INDEX_BITS)] __attribute__((aligned(RISCV_PAGE_SIZE)));
@@ -40,9 +41,8 @@ int map_untrusted_memory(uintptr_t untrusted_ptr, uintptr_t untrusted_size) {
 }
 
 int load_runtime(uintptr_t dummy,
-                uintptr_t dram_base, uintptr_t dram_size, 
-                uintptr_t runtime_base, uintptr_t user_base, 
-                uintptr_t free_base, uintptr_t untrusted_ptr, 
+                uintptr_t dram_base, uintptr_t dram_size,
+                uintptr_t free_base, uintptr_t untrusted_base,
                 uintptr_t untrusted_size) {
   int ret = 0;
 
@@ -51,15 +51,15 @@ int load_runtime(uintptr_t dummy,
   // initialize freemem
   spa_init(free_base, dram_base + dram_size - free_base);
 
-  // validate runtime elf 
-  size_t runtime_size = user_base - runtime_base;
-  if (((void*) runtime_base == NULL) || (runtime_size <= 0)) {
-    return -1; 
+  // find runtime
+  resource_ptr_t* runtime_ptr = findIdentityResident(dram_base, MSR_RUNTIME_FILENAME);
+  if (!runtime_ptr) {
+    return -1;
   }
 
   // create runtime elf struct
   elf_t runtime_elf;
-  ret = elf_newFile((void*) runtime_base, runtime_size, &runtime_elf);
+  ret = elf_newFile((void*) (dram_base + runtime_ptr->offset), runtime_ptr->size, &runtime_elf);
   if (ret != 0) {
     return ret;
   }
@@ -74,7 +74,7 @@ int load_runtime(uintptr_t dummy,
   map_physical_memory(dram_base, dram_size);
 
   // map untrusted memory
-  ret = map_untrusted_memory(untrusted_ptr, untrusted_size);
+  ret = map_untrusted_memory(untrusted_base, untrusted_size);
   if (ret != 0) {
     return ret;
   }

diff --git a/runtime/loader-binary/loader.S b/runtime/loader-binary/loader.S
@@ -7,24 +7,20 @@
 _start:
   // a1: dram_base
   // a2: dram_size
-  // a3: runtime_base
-  // a4: user_base
-  // a5: free_base
-  // a6: untrusted_ptr
-  // a7: untrusted_size
+  // a3: free_base
+  // a4: untrusted_base
+  // a5: untrusted_size
 
   // use designated stack
   la sp, _estack
 
   // save all args to stack 
-  addi sp, sp, -(REGBYTES*7)
+  addi sp, sp, -(REGBYTES*5)
   STORE a1, 0(sp)
   STORE a2, 1*REGBYTES(sp)
   STORE a3, 2*REGBYTES(sp)
   STORE a4, 3*REGBYTES(sp)
   STORE a5, 4*REGBYTES(sp)
-  STORE a6, 5*REGBYTES(sp)
-  STORE a7, 6*REGBYTES(sp)
 
   // call load_runtime
   call load_runtime 
@@ -52,11 +48,9 @@ _start:
   // set arguments for eyrie_boot
   LOAD a1, 0(sp)
   LOAD a2, 1*REGBYTES(sp)
-  LOAD a3, 2*REGBYTES(sp)
+  LOAD a3, free_base_final
   LOAD a4, 3*REGBYTES(sp)
-  LOAD a5, free_base_final
-  LOAD a6, 5*REGBYTES(sp)
-  LOAD a7, 6*REGBYTES(sp)
+  LOAD a5, 4*REGBYTES(sp)
 
   // flush TLB's just in case
   fence.i

diff --git a/runtime/loader/loader.c b/runtime/loader/loader.c
@@ -6,6 +6,20 @@
 #include "mm/vm_defs.h"
 #include "mm/vm.h"
 
+resource_ptr_t* findIdentityResident(uintptr_t dram_base, const char* filename) {
+  // note: SM validates all pointers and sizes are within epm
+  enclave_bundle_header_t* ebundle_h = (enclave_bundle_header_t*) dram_base;
+  resource_ptr_t* id_res_resource = (resource_ptr_t*) (dram_base + ebundle_h->id_res_arr);
+  resource_ptr_t* id_abs_arr = (resource_ptr_t*) (dram_base + ebundle_h->id_abs_arr);
+  for (; id_res_resource < id_abs_arr; id_res_resource++) {
+    if (strcmp(id_res_resource->name, filename) == 0) {
+      return id_res_resource;
+    }
+  }
+  printf("findIdentityResident: filename \"%s\" not found\n", filename);
+  return 0;
+}
+
 static inline int pt_mode_from_elf(int elf_pt_mode) {
   return 
     (((elf_pt_mode & PF_X) > 0) * PTE_X) |
@@ -31,7 +45,7 @@ int loadElf(elf_t* elf, bool user) {
     /* va is not page-aligned, so it doesn't own some of the page. Page may already be mapped. */
     if (RISCV_PAGE_OFFSET(va)) {
       if (RISCV_PAGE_OFFSET(va) != RISCV_PAGE_OFFSET((uintptr_t) src)) {
-        printf("loadElf: va and src are misaligned");
+        printf("loadElf: va and src are misaligned\n");
         return -1;
       }
       uintptr_t new_page = alloc_page(vpn(va), pt_mode);

diff --git a/runtime/sys/boot.c b/runtime/sys/boot.c
@@ -39,7 +39,7 @@ int verify_and_load_elf_file(uintptr_t ptr, size_t file_size, bool is_eapp) {
   }
 
   // parse and load elf file
-  ret = loadElf(&elf_file, 1);
+  ret = loadElf(&elf_file, is_eapp);
 
   if (is_eapp) { // setup entry point
     uintptr_t entry = elf_getEntryPoint(&elf_file);
@@ -81,22 +81,28 @@ void
 eyrie_boot(uintptr_t dummy, // $a0 contains the return value from the SBI
            uintptr_t dram_base,
            uintptr_t dram_size,
-           uintptr_t runtime_paddr,
-           uintptr_t user_paddr,
            uintptr_t free_paddr,
-           uintptr_t utm_vaddr,
+           uintptr_t utm_paddr,
            uintptr_t utm_size)
 {
+  /* find runtime and eapp */
+  resource_ptr_t* runtime_ptr = findIdentityResident(EYRIE_LOAD_START, MSR_RUNTIME_FILENAME);
+  resource_ptr_t* eapp_ptr = findIdentityResident(EYRIE_LOAD_START, MSR_EAPP_FILENAME);
+  assert(runtime_ptr);
+  assert(eapp_ptr);
+
   /* set initial values */
-  load_pa_start = dram_base;
+  load_pa_start = dram_base; // used by __va
   root_page_table = (pte*) __va(csr_read(satp) << RISCV_PAGE_BITS);
   shared_buffer = EYRIE_UNTRUSTED_START;
   shared_buffer_size = utm_size;
   runtime_va_start = (uintptr_t) &rt_base;
+  uintptr_t runtime_paddr = dram_base + runtime_ptr->offset;
+  uintptr_t user_paddr = dram_base + eapp_ptr->offset;
   kernel_offset = runtime_va_start - runtime_paddr;
 
   debug("ROOT PAGE TABLE: 0x%lx", root_page_table);
-  debug("UTM : 0x%lx-0x%lx (%u KB)", utm_vaddr, utm_vaddr+utm_size, utm_size/1024);
+  debug("UTM : 0x%lx-0x%lx (%u KB)", utm_paddr, utm_paddr+utm_size, utm_size/1024);
   debug("DRAM: 0x%lx-0x%lx (%u KB)", dram_base, dram_base + dram_size, dram_size/1024);
   debug("USER: 0x%lx-0x%lx (%u KB)", user_paddr, free_paddr, (free_paddr-user_paddr)/1024);
 
@@ -111,7 +117,7 @@ eyrie_boot(uintptr_t dummy, // $a0 contains the return value from the SBI
   init_freemem();
 
   /* load eapp elf */
-  assert(!verify_and_load_elf_file(__va(user_paddr), free_paddr-user_paddr, true));
+  assert(!verify_and_load_elf_file(__va(user_paddr), eapp_ptr->size, true));
 
   /* free leaking memory */
   // TODO: clean up after loader -- entire file no longer needed

diff --git a/sdk/include/host/ElfFile.hpp b/sdk/include/host/ElfFile.hpp
@@ -43,6 +43,10 @@ class ElfFile {
   uintptr_t getEntryPoint();
   void* getProgramSegment(size_t ph);
 
+  // delete copy constructors because ~ElfFile() unmaps
+  ElfFile (const ElfFile&) = delete;
+  ElfFile& operator= (const ElfFile&) = delete;
+
  private:
   int filep;
 

diff --git a/sdk/include/host/Enclave.hpp b/sdk/include/host/Enclave.hpp
@@ -15,6 +15,7 @@
 #include <cstring>
 #include <functional>
 #include <iostream>
+#include <vector>
 
 #include "./common.h"
 extern "C" {
@@ -23,8 +24,8 @@ extern "C" {
 #include "ElfFile.hpp"
 #include "Error.hpp"
 #include "KeystoneDevice.hpp"
-#include "Memory.hpp"
 #include "Params.hpp"
+#include "hash_util.hpp"
 
 namespace Keystone {
 
@@ -33,42 +34,55 @@ typedef std::function<void(void*)> OcallFunc;
 class Enclave {
  private:
   Params params;
-  uintptr_t runtimeElfAddr;
-  uintptr_t enclaveElfAddr;
-  Memory* pMemory;
-  KeystoneDevice* pDevice;
-  void* shared_buffer;
-  size_t shared_buffer_size;
+  KeystoneDevice pDevice;
   OcallFunc oFuncDispatch;
-  bool mapUntrusted(size_t size);
-  void copyFile(uintptr_t filePtr, size_t fileSize);
-  void allocUninitialized(ElfFile* elfFile);
-  void loadElf(ElfFile* elfFile);
 
-  bool initFiles(const char*, const char*);
-  bool initDevice();
-  bool prepareEnclaveMemory(size_t requiredPages, uintptr_t alternatePhysAddr);
-  bool initMemory();
+  // track added resources
+  typedef struct {
+    char name[MSR_NAME_LEN];
+    uintptr_t type;
+    std::string filepath;
+  } resource_info_t;
+  std::vector<resource_info_t> identityResident;
+  std::vector<resource_hash_t> identityAbsent;
+  std::vector<resource_info_t> resident;
+  std::vector<resource_hash_t> absent;
+  std::vector<ElfFile*> allElfFiles;
+
+  static uint64_t calculateEpmPages(std::vector<ElfFile*> allElfFiles, size_t freeMemSize);
+  // linearly advances as we write to epm
+  uintptr_t epmFreeOffset;
+  /* Returns va to write to free epm after marking size bytes rounded up unfree.
+     Copies and 0-pads from src if given. */
+  uintptr_t useEpm(uintptr_t src, uintptr_t size);
+  /* Iterates resident resources registered with the class and puts the files 
+     and their pointers into the enclave bundle in epm. */
+  Error materializeResourceInfo(resource_ptr_t residentResPtrs[],
+    ElfFile* allElfFiles[], std::vector<resource_info_t> resInfos);
+  static Error measureResidentArr(hash_ctx_t& hash_ctx, std::vector<resource_info_t> resident);
+  static bool resourceInfoCompare(const resource_info_t& a, const resource_info_t& b);
+  static bool resourceHashCompare(const resource_hash_t& a, const resource_hash_t& b);
+  void sortAllResources();
 
  public:
   Enclave();
+  Enclave(Params params);
   ~Enclave();
-  static Error measure(char* hash, const char* eapppath, const char* runtimepath, const char* loaderpath);
+  Error measureSelf(char* hash);
+  static Error measure(char* hash, const char* eapppath, const char* runtimepath, const char* loaderpath, Params params);
+  // shared buffer is utm
   void* getSharedBuffer();
   size_t getSharedBufferSize();
-  Memory* getMemory();
-  uintptr_t getRuntimeElfAddr() { return runtimeElfAddr; }
-  uintptr_t getEnclaveElfAddr() { return enclaveElfAddr; }
   Error registerOcallDispatch(OcallFunc func);
-  Error init(const char* filepath, const char* runtime, const char* loaderpath, Params parameters);
-  Error init(
-      const char* eapppath, const char* runtimepath, const char* loaderpath, Params _params,
-      uintptr_t alternatePhysAddr);
   Error destroy();
   Error run(uintptr_t* ret = nullptr);
-};
 
-uint64_t
-calculate_required_pages(ElfFile** elfFiles, size_t numElfFiles);
+  Error addResidentResource(const char* name, uintptr_t type, const char* filepath, bool identity);
+  Error addAbsentResource(const char* name, uintptr_t type, const char* hash, bool identity);
+  Error addStandard(const char* eapppath, const char* runtimepath, const char* loaderpath);
+  // Call after adding all needed resources to fully create the enclave.
+  Error finalize();
+  Error finalize(const char* filepath, const char* runtime, const char* loaderpath, Params _params);
+};
 
 }  // namespace Keystone
diff --git a/sdk/include/host/Error.hpp b/sdk/include/host/Error.hpp
@@ -25,6 +25,7 @@ enum class Error {
   PageAllocationFailure,
   EdgeCallHost,
   EnclaveInterrupted,
+  BadArgument,
 };
 
 }  // namespace Keystone