Review fix ups

fortanix · Jul 12, 2023 · 5d62085 · 5d62085
1 parent 796645a
commit 5d62085
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 12 deletions.
diff --git a/intel-sgx/enclave-runner/src/tcs.rs b/intel-sgx/enclave-runner/src/tcs.rs
@@ -97,7 +97,7 @@ pub(crate) fn coenter<T: Tcs>(
     debug_buf: Option<&RefCell<DebugBuffer>>
 ) -> ThreadResult<T> {
 
-    let mut sgx_result = Enclu::EEnter as u32;
+    let mut enclu_leaf = Enclu::EEnter as u32;
 
     unsafe {
         let mut uninit_debug_buf: std::mem::MaybeUninit<DebugBuffer>;
@@ -170,8 +170,8 @@ pub(crate) fn coenter<T: Tcs>(
                 options(att_syntax)
             );
             if ret == 0 {
-                sgx_result = run.function;
-                match sgx_result.try_into() {
+                enclu_leaf = run.function;
+                match enclu_leaf.try_into() {
                     Ok(Enclu::EExit) => { /* normal case */ },
                     Ok(Enclu::EResume) => {
                         if let Some(mut debug_buf) = debug_buf {
@@ -190,15 +190,16 @@ pub(crate) fn coenter<T: Tcs>(
                 panic!("Error entering enclave (VDSO): ret = {:?}, run = {:?}", std::io::Error::from_raw_os_error(-ret), run);
             }
         } else {
-            while !exiting.load(Ordering::SeqCst) && sgx_result != (Enclu::EExit as u32) {
+            while !exiting.load(Ordering::SeqCst) && enclu_leaf != (Enclu::EExit as u32) {
                 asm!("
                         lea 1f(%rip), %rcx // set SGX AEP
-                        xchg {0}, %rbx
+                        push %rbx          // store original rbx value on the stack
+                        mov {0}, %rbx
                         enclu
-1:                      xchg %rbx, {0}
+1:                      pop %rbx           // restore original rbx value in case we interrupt enclave during AEX
                     ",
                     inout(reg) tcs.address() => _, // rbx is used internally by LLVM and cannot be used as an operand for inline asm (#84658)
-                    inout("eax") sgx_result as u32 => sgx_result,
+                    inout("eax") enclu_leaf as u32 => enclu_leaf,
                     out("rcx") _,
                     inout("rdx") p3,
                     inout("rdi") p1,
@@ -221,8 +222,8 @@ pub(crate) fn coenter<T: Tcs>(
         return CoResult::Abort
     }
 
-    if sgx_result != (Enclu::EExit as u32) {
-        panic!("Invalid return value in EAX! eax={}", sgx_result);
+    if enclu_leaf != (Enclu::EExit as u32) {
+        panic!("Invalid return value in EAX! eax={}", enclu_leaf);
     }
 
     if p1 == 0 {

diff --git a/intel-sgx/enclave-runner/src/usercalls/mod.rs b/intel-sgx/enclave-runner/src/usercalls/mod.rs
@@ -1012,7 +1012,7 @@ impl EnclaveState {
                 // Issuing a signal to return execution control back to the enclave-runner's worker thread.
                 // * In non-vdso case execution control is claimed during AEX using special handler provided by AEP address
                 // in coenter() function and signal is not required
-                unsafe { libc::pthread_kill(handler.as_pthread_t() as _, signal::SIGUSR1 as _); }
+                unsafe { libc::pthread_kill(handler.as_pthread_t() as _, signal::SIGHUP as _); }
             }
             let _ = handler.join();
         }

diff --git a/intel-sgx/fortanix-sgx-tools/src/bin/ftxsgx-runner.rs b/intel-sgx/fortanix-sgx-tools/src/bin/ftxsgx-runner.rs
@@ -21,8 +21,6 @@ use nix::sys::signal;
 use sgxs_loaders::isgx::Device as IsgxDevice;
 #[cfg(windows)]
 use sgxs_loaders::enclaveapi::Sgx as IsgxDevice;
-#[cfg(unix)]
-use libc::{ucontext_t, REG_RIP};
 use clap::{App, Arg};
 
 arg_enum!{