[Experimental] Add EDMM support

.gitmodules

@@ -17,3 +17,7 @@
 	path = external/protobuf/protobuf_code
 	url = https://github.com/protocolbuffers/protobuf.git
 	branch = 3.14.x
+[submodule "external/sgx-emm/emm_src"]
+	path = external/sgx-emm/emm_src
+	url = https://github.com/intel/sgx-emm
+	branch = dev

SampleCode/SampleEnclave/Enclave/Enclave.config.xml

@@ -1,12 +1,23 @@
 <EnclaveConfiguration>
   <ProdID>0</ProdID>
   <ISVSVN>0</ISVSVN>
-  <StackMaxSize>0x40000</StackMaxSize>
-  <HeapMaxSize>0x100000</HeapMaxSize>
-  <TCSNum>10</TCSNum>
+  <TCSNum>1</TCSNum>
+  <TCSMinPool>5</TCSMinPool>
   <TCSPolicy>1</TCSPolicy>
+  <TCSMaxNum>13</TCSMaxNum>
+
+  <!-- For a static thread, total available stack is 0x40000 -->
+  <!-- For a dynamic thread, once it is creted, available stack is
+       0x2000, the gap, that is 0x40000 - 0x2000, can be dynamically
+       expanded as necessary.
+  -->
+  <StackMaxSize>0x4000</StackMaxSize>
+  <StackMinSize>0x2000</StackMinSize>
+  <HeapMaxSize>0x5000</HeapMaxSize>
+  <UserRegionSize>0x50000</UserRegionSize>
+
   <!-- Recommend changing 'DisableDebug' to 1 to make the enclave undebuggable for enclave release -->
   <DisableDebug>0</DisableDebug>
-  <MiscSelect>0</MiscSelect>
+  <MiscSelect>1</MiscSelect>
   <MiscMask>0xFFFFFFFF</MiscMask>
 </EnclaveConfiguration>

SampleCode/SampleEnclave/Enclave/config.01.xml

@@ -23,6 +23,6 @@
 
   <!-- Recommend changing 'DisableDebug' to 1 to make the enclave undebuggable for enclave release -->
   <DisableDebug>0</DisableDebug>
-  <MiscSelect>0</MiscSelect>
+  <MiscSelect>1</MiscSelect>
   <MiscMask>0xFFFFFFFF</MiscMask>
 </EnclaveConfiguration>

SampleCode/SampleEnclave/Enclave/config.02.xml

@@ -20,6 +20,6 @@
   <TCSPolicy>1</TCSPolicy>
   <!-- Recommend changing 'DisableDebug' to 1 to make the enclave undebuggable for enclave release -->
   <DisableDebug>0</DisableDebug>
-  <MiscSelect>0</MiscSelect>
+  <MiscSelect>1</MiscSelect>
   <MiscMask>0xFFFFFFFF</MiscMask>
 </EnclaveConfiguration>

SampleCode/SampleEnclave/Enclave/config.03.xml

@@ -22,6 +22,6 @@
 
   <!-- Recommend changing 'DisableDebug' to 1 to make the enclave undebuggable for enclave release -->
   <DisableDebug>0</DisableDebug>
-  <MiscSelect>0</MiscSelect>
+  <MiscSelect>1</MiscSelect>
   <MiscMask>0xFFFFFFFF</MiscMask>
 </EnclaveConfiguration>

SampleCode/SampleEnclave/Enclave/config.04.xml

@@ -18,6 +18,6 @@
 
   <!-- Recommend changing 'DisableDebug' to 1 to make the enclave undebuggable for enclave release -->
   <DisableDebug>0</DisableDebug>
-  <MiscSelect>0</MiscSelect>
+  <MiscSelect>1</MiscSelect>
   <MiscMask>0xFFFFFFFF</MiscMask>
 </EnclaveConfiguration>

common/inc/internal/arch.h

@@ -124,6 +124,8 @@ typedef struct _exit_info_t
 #define SE_VECTOR_BP    3
 #define SE_VECTOR_BR    5
 #define SE_VECTOR_UD    6
+#define SE_VECTOR_GP    13
+#define SE_VECTOR_PF    14
 #define SE_VECTOR_MF    16
 #define SE_VECTOR_AC    17
 #define SE_VECTOR_XM    19
@@ -156,6 +158,15 @@ typedef struct _ssa_gpr_t
     uint64_t    gs;                     /* (176) GS register */
 } ssa_gpr_t;
 
+typedef struct _misc_exinfo
+{
+    uint64_t maddr; // address for #PF, #GP.
+    uint32_t errcd;
+    uint32_t reserved;
+} misc_exinfo_t;
+
+#define MISC_BYTE_SIZE sizeof(misc_exinfo_t)
+
 typedef uint64_t si_flags_t;
 
 #define SI_FLAG_NONE                0x0

common/inc/internal/bit_array.h

@@ -0,0 +1 @@
+../../../external/sgx-emm/emm_src/include/bit_array.h

common/inc/internal/bit_array_imp.h

@@ -0,0 +1 @@
+../../../external/sgx-emm/emm_src/include/bit_array_imp.h

common/inc/internal/ema.h

@@ -0,0 +1 @@
+../../../external/sgx-emm/emm_src/include/ema.h

common/inc/internal/ema_imp.h

@@ -0,0 +1 @@
+../../../external/sgx-emm/emm_src/include/ema_imp.h

common/inc/internal/emm_private.h

@@ -0,0 +1 @@
+../../../external/sgx-emm/emm_src/include/emm_private.h

common/inc/internal/enclave_creator.h

@@ -81,10 +81,10 @@ class EnclaveCreator : private Uncopyable
     virtual uint32_t handle_page_fault(uint64_t pf_address) { UNUSED(pf_address); return (uint32_t)SGX_ERROR_UNEXPECTED; }
 #endif
     virtual int emodpr(uint64_t addr, uint64_t size, uint64_t flag) = 0;
+    virtual int alloc(uint64_t addr, uint64_t size, int flag) = 0;
     virtual int mktcs(uint64_t tcs_addr) = 0;
     virtual int trim_range(uint64_t fromaddr, uint64_t toaddr) = 0;
     virtual int trim_accept(uint64_t addr) = 0;
-    virtual int remove_range(uint64_t fromaddr, uint64_t numpages) = 0;
 
     // destructor
     virtual ~EnclaveCreator() {};

common/inc/internal/inst.h

@@ -46,7 +46,9 @@ typedef enum {
     SE_ERESUME,
     SE_EEXIT,
     SE_EACCEPT,
-    SE_EVERIFYREPORT2 = 0x8,
+    SE_EMODPE,
+    SE_EACCEPTCOPY,
+    SE_EVERIFYREPORT2,
     SE_LAST_RING3,
 
     SE_ECREATE = 0x0,

common/inc/internal/linux/linux-regs.h

@@ -88,6 +88,7 @@
 #define SE_EEXIT      4
 #define SE_EACCEPT    5
 #define SE_EMODPE     6
+#define SE_EACCEPTCOPY   7
 #define SE_EVERIFYREPORT2 8
 
 

common/inc/internal/metadata.h

@@ -37,10 +37,10 @@
 #pragma pack(1)
 
  /* version of metadata */
-#define MAJOR_VERSION 2                 //MAJOR_VERSION should not larger than 0ffffffff
-#define MINOR_VERSION 4                 //MINOR_VERSION should not larger than 0ffffffff
+#define MAJOR_VERSION 3                 //MAJOR_VERSION should not larger than 0ffffffff
+#define MINOR_VERSION 0                 //MINOR_VERSION should not larger than 0ffffffff
 
-#define SGX_2_ELRANGE_MAJOR_VERSION 12
+#define SGX_2_ELRANGE_MAJOR_VERSION 13
 #define SGX_1_ELRANGE_MAJOR_VERSION 11
 
 #define SGX_MAJOR_VERSION_GAP 10
@@ -84,6 +84,7 @@
 #define HEAP_SIZE_MAX       0x1000000 /*  16 MB */
 #define RSRV_SIZE_MIN       0x0000000 /*   0 KB */
 #define RSRV_SIZE_MAX       0x0000000 /*   0 KB */
+#define USER_REGION_SIZE    0x0000000 /*   0 KB */
 #define DEFAULT_MISC_SELECT 0
 #define DEFAULT_MISC_MASK   0xFFFFFFFF
 #define ISVFAMILYID_MAX     0xFFFFFFFFFFFFFFFFULL
@@ -128,6 +129,7 @@ typedef enum
 #define LAYOUT_ID_RSRV_MIN     (20)
 #define LAYOUT_ID_RSRV_INIT    (21)
 #define LAYOUT_ID_RSRV_MAX     (22)
+#define LAYOUT_ID_USER_REGION  (23)
 
 extern const char * layout_id_str[];
 

common/inc/internal/rts.h

@@ -65,7 +65,8 @@ typedef enum
     SDK_VERSION_2_0,
     SDK_VERSION_2_1,
     SDK_VERSION_2_2,
-    SDK_VERSION_2_3
+    SDK_VERSION_2_3,
+    SDK_VERSION_3_0,
 } sdk_version_t;
 
 typedef struct _system_features
@@ -95,17 +96,21 @@ typedef struct _system_features
 #define BUILTIN_OCALL_2  -3
 #define BUILTIN_OCALL_3  -4
 #define BUILTIN_OCALL_4  -5
+#define BUILTIN_OCALL_5  -6
+#define BUILTIN_OCALL_6  -7
 
 typedef enum
 {
     EDMM_TRIM = BUILTIN_OCALL_1,
     EDMM_TRIM_COMMIT = BUILTIN_OCALL_2,
     EDMM_MODPR = BUILTIN_OCALL_3,
     EDMM_MPROTECT = BUILTIN_OCALL_4,
+    EDMM_ALLOC = BUILTIN_OCALL_5,
+    EDMM_MODIFY = BUILTIN_OCALL_6,
 }edmm_ocall_t;
 
 
-#define is_builtin_ocall(ocall_val) (((int)ocall_val >= BUILTIN_OCALL_4) && ((int)ocall_val <= BUILTIN_OCALL_1))
+#define is_builtin_ocall(ocall_val) (((int)ocall_val >= BUILTIN_OCALL_6) && ((int)ocall_val <= BUILTIN_OCALL_1))
 
 #pragma pack(pop)
 

common/inc/internal/rts_cmd.h

@@ -40,6 +40,8 @@
 
 #define ECMD_ECALL_PTHREAD  (-6)
 
+#define ECMD_INTERRUPT      (-32)
+
 /* Reserved for 3rd party usage */
 #define RESERVED_FOR_3RD_PARTY_START -100
 #define RESERVED_FOR_3RD_PARTY_END -1000

common/inc/internal/se_event.h

@@ -34,6 +34,8 @@
 
 # include <stdlib.h>
 # include <unistd.h>
+# include <errno.h>
+# include <time.h>
 # include <sys/syscall.h>
 typedef void * se_handle_t;
 
@@ -53,6 +55,7 @@ se_handle_t SGXAPI se_event_init(void);
 void SGXAPI se_event_destroy(se_handle_t);
 
 int SGXAPI se_event_wait(se_handle_t);
+int SGXAPI se_event_timeout_wait(se_handle_t, int, const struct timespec *, int, int *);
 int SGXAPI se_event_wait_timeout(se_handle_t se_event, uint64_t timeout);
 int SGXAPI se_event_wake(se_handle_t);
 

common/inc/internal/sethread_spinlock.h

@@ -0,0 +1,59 @@
+
+/*
+ * Copyright (C) 2022 Intel Corporation. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ *   * Redistributions of source code must retain the above copyright
+ *     notice, this list of conditions and the following disclaimer.
+ *   * Redistributions in binary form must reproduce the above copyright
+ *     notice, this list of conditions and the following disclaimer in
+ *     the documentation and/or other materials provided with the
+ *     distribution.
+ *   * Neither the name of Intel Corporation nor the names of its
+ *     contributors may be used to endorse or promote products derived
+ *     from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#ifndef _SE_THREAD_SPINLOCK_H_
+#define _SE_THREAD_SPINLOCK_H_
+#include "sgx_thread.h"
+/** a recursive spin lock */
+typedef struct _sgx_thread_spinlock_t
+{
+    size_t              m_refcount; /* number of recursive calls */
+    volatile uint32_t   m_lock;   /* use sgx_spinlock_t */
+    sgx_thread_t        m_owner;
+} sgx_thread_spinlock_t;
+
+#define SGX_THREAD_RECURSIVE_SPINLOCK_INITIALIZER \
+            {0, 0, SGX_THREAD_T_NULL}
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+int sgx_thread_spin_init(sgx_thread_spinlock_t *mutex);
+int sgx_thread_spin_destroy(sgx_thread_spinlock_t *mutex);
+
+int sgx_thread_spin_trylock(sgx_thread_spinlock_t *mutex);
+int sgx_thread_spin_unlock(sgx_thread_spinlock_t *mutex);
+#ifdef __cplusplus
+}
+#endif
+
+#endif

common/inc/internal/sgx_mm_rt_abstraction.h

@@ -0,0 +1 @@
+../../../external/sgx-emm/emm_src/include/sgx_mm_rt_abstraction.h

common/inc/internal/trts_inst.h

@@ -74,17 +74,13 @@ struct ms_tcs
 extern "C" {
 #endif
 
-int sgx_accept_forward(si_flags_t sfl, size_t lo, size_t hi);
 int do_ereport(const sgx_target_info_t *target_info, const sgx_report_data_t *report_data, sgx_report_t *report);
 int do_everifyreport2(const sgx_report2_mac_struct_t *report2_mac_struct);
 int do_egetkey(const sgx_key_request_t *key_request, sgx_key_128bit_t *key);
 uint32_t do_rdrand(uint32_t *rand);
 int do_eaccept(const sec_info_t *, size_t);
+int do_eacceptcopy(const sec_info_t *, size_t, size_t);
 int do_emodpe(const sec_info_t*, size_t);
-int apply_EPC_pages(void *start_address, size_t page_number);
-int apply_pages_within_exception(void *start_address, size_t page_count);
-int trim_EPC_pages(void *start_address, size_t page_number);
-sgx_status_t SGXAPI trts_mprotect(size_t start, size_t size, uint64_t perms);
 sgx_status_t do_add_thread(void *ms);
 int is_dynamic_thread(void *tcs);
 int is_dynamic_thread_exist(void);

common/inc/sgx_attributes.h

@@ -49,7 +49,7 @@
 #define SGX_XFRM_MPX             0x0000000000000018ULL     /* MPX XFRM - not supported */
 #define SGX_XFRM_PKRU            0x0000000000000200ULL     /* PKRU state */
 
-#define SGX_XFRM_RESERVED        (~(SGX_XFRM_LEGACY | SGX_XFRM_AVX | SGX_XFRM_AVX512 | SGX_XFRM_PKRU))
+#define SGX_XFRM_RESERVED        (~(SGX_XFRM_LEGACY | SGX_XFRM_AVX | SGX_XFRM_AVX512 | SGX_XFRM_MPX | SGX_XFRM_PKRU))
 
 typedef struct _attributes_t
 {

common/inc/sgx_interrupt.h

@@ -0,0 +1,65 @@
+#ifndef _SGX_INTERRUPT_H_
+#define _SGX_INTERRUPT_H_
+
+// An interrupt mechanism for dynamically-loaded workloads in enclaves.
+//
+// Workloads in an enclave can be classified into two categories: statically-loaded and
+// dynamically-loaded workloads. Statically-loaded workloads are application code that
+// are built into the enclave; that is, they are part of the enclave since enclave initialization.
+// Dynamically-loaded workloads, as the name suggests, are application code loaded after
+// the enclave gets running.
+//
+// One typical example of dynamically-loaded workloads is user programs loaded by a SGX
+// LibOS. The user programs could be arbitrary code. As a result, once the user program
+// gets executed, the LibOS may never have the opportunity to take control of the CPU.
+// Without the ability to regain the control, it is impossible for the LibOS to implement
+// features like interruptible signal handler or preemptive in-enclave thread scheduling.
+//
+// To address the issue above, we implement the signal-based interrupt mechanism for
+// dynamically-loaded workloads. With the provided APIs, the users can now interrupt the
+// dynamically-loaded workloads executed in a SGX thread by simply sending a real-time
+// POSIX signal (whosenumber is 64, the max value of signal numbers on Linux) to the SGX
+// thread. The signal will be captured and (if the timing is good) a pre-registered
+// interrupt handler will get executed inside the enclave.
+//
+// Note that the interrupt mechanism only performs the signal-to-interrupt conversion
+// described above is in a best-effort manner. That is, sending a signal may not
+// result in the interrupt handler getting called. For example, if the target SGX thread is
+// executing some code outside the enclave, then the signal received will be simply
+// ignored, thus not triggering the interrupt handler to be executed. So the users of
+// the interrupt mechanism should find other means to determine if an interrupt has been
+// delivered, and if not, whether and when to resend the interrupt (via POSIX signal).
+
+#include "sgx_error.h"
+#include "sgx_trts_exception.h"
+
+// A data structure that represents an interrupt
+typedef struct _sgx_interrupt_info_t {
+    sgx_cpu_context_t   cpu_context;
+} sgx_interrupt_info_t;
+
+// A handler function that processes an interrupt
+typedef void (*sgx_interrupt_handler_t)(sgx_interrupt_info_t*);
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+// Initialize the interrupt mechanism for SGX threads.
+sgx_status_t SGXAPI sgx_interrupt_init(sgx_interrupt_handler_t handler);
+
+// Make the current thread interruptible when executing in the given code region.
+//
+// By default, a SGX thread is not interruptible. It is the responsibility of the
+// caller of this API to ensure that the given code region is ok to be interrupted,
+// e.g., not causing deadlocks.
+sgx_status_t SGXAPI sgx_interrupt_enable(size_t code_addr, size_t code_size);
+
+// Make the current thread uninterruptible.
+sgx_status_t SGXAPI sgx_interrupt_disable(void);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _SGX_INTERRUPT_H_ */

common/inc/sgx_mm.h

@@ -0,0 +1 @@
+../../external/sgx-emm/emm_src/include/sgx_mm.h

common/inc/sgx_mm_primitives.h

@@ -0,0 +1 @@
+../../external/sgx-emm/emm_src/include/sgx_mm_primitives.h

common/inc/sgx_mm_rt_abstraction.h

@@ -0,0 +1 @@
+../../external/sgx-emm/emm_src/include/sgx_mm_rt_abstraction.h