Add Abort to enclave's CoResult enum

fortanix · Jul 10, 2023 · a501d3e · a501d3e
1 parent a1a2e0f
commit a501d3e
Show file tree

Hide file tree

Showing 3 changed files with 19 additions and 6 deletions.
diff --git a/intel-sgx/enclave-runner/src/tcs.rs b/intel-sgx/enclave-runner/src/tcs.rs
@@ -21,6 +21,7 @@ pub(crate) type DebugBuffer = [u8; 1024];
 pub enum CoResult<Y, R> {
     Yield(Y),
     Return(R),
+    Abort,
 }
 
 #[derive(Debug)]
@@ -207,9 +208,14 @@ pub(crate) fn coenter<T: Tcs>(
     if sgx_result != (Enclu::EExit as u32) {
         panic!("Invalid return value in EAX! eax={}", sgx_result);
     }
-
+    
     if p1 == 0 {
-        CoResult::Return((tcs, p2, p3))
+        if p3 == 0 {
+            CoResult::Return((tcs, p2, p3))
+        } else {
+            // p3 (RDX reg) flag is set - interrupt the enclave
+            CoResult::Abort
+        }
     } else {
         CoResult::Yield(Usercall {
             tcs: tcs,

diff --git a/intel-sgx/enclave-runner/src/usercalls/mod.rs b/intel-sgx/enclave-runner/src/usercalls/mod.rs
@@ -937,6 +937,9 @@ impl EnclaveState {
                         };
                         tokio::task::spawn_local(fut);
                     }
+                    UsercallSendData::Sync(CoResult::Abort, _, _) => {
+                        // enclave interuption - do nothing
+                    }
                 };
             }
             unreachable!();
@@ -996,6 +999,8 @@ impl EnclaveState {
 
         for handler in join_handlers {
             #[cfg(unix)]
+            // The enclave thread may be in a long-running `AEX/enclu[ERESUME]` loop.
+            // Issuing a signal to return execution control back to the enclave-runner's worker thread.
             unsafe { libc::pthread_kill(handler.as_pthread_t() as _, signal::SIGUSR1 as _); }
             let _ = handler.join();
         }
@@ -1031,7 +1036,7 @@ impl EnclaveState {
             entry: CoEntry::Initial(main.tcs, argv as _, argc as _, 0, 0, 0),
         };
 
-        let num_of_worker_threads = if num_cpus::get() == 1 {2} else {num_cpus::get()};
+        let num_of_worker_threads = num_cpus::get();
 
         let kind = EnclaveKind::Command(Command {
             panic_reason: Mutex::new(PanicReason {

diff --git a/intel-sgx/fortanix-sgx-tools/src/bin/ftxsgx-runner.rs b/intel-sgx/fortanix-sgx-tools/src/bin/ftxsgx-runner.rs
@@ -22,7 +22,7 @@ use sgxs_loaders::isgx::Device as IsgxDevice;
 #[cfg(windows)]
 use sgxs_loaders::enclaveapi::Sgx as IsgxDevice;
 #[cfg(unix)]
-use libc::{ucontext_t, REG_RIP};
+use libc::{ucontext_t, REG_RIP, REG_RDX};
 use clap::{App, Arg};
 
 arg_enum!{
@@ -54,14 +54,16 @@ fn catch_sigusr1() {
         extern "C" fn handle_sigusr1(_signo: c_int, _info: *mut siginfo_t, _context: *mut c_void) {
             eprintln!("SIGUSR1 triggered, thread_id: {:?}", std::thread::current().id());
             let instruction_ptr = unsafe { (*(_context as *mut ucontext_t)).uc_mcontext.gregs[REG_RIP as usize] as *const u8};
+            // enclu instruction code
             const ENCLU: [u8; 3] = [0x0f, 0x01, 0xd7];
             let is_enclu = ENCLU.iter().enumerate().all(|(idx, v)| {
                 unsafe { *instruction_ptr.offset(idx as isize) == *v }
             });
             if is_enclu {
-                // At enclu instruction - force IP to the next instruction after enclu
+                // Interrupt enclave execution by setting IP to the instruction following the ENCLU to mimic normal ENCLU[EXIT])
                 unsafe { (*(_context as *mut ucontext_t)).uc_mcontext.gregs[REG_RIP as usize] += 3 }
-                eprintln!("Enclave thread {:?} hanged and aboarted by the signal", std::thread::current().id());
+                // Set RDX register to indicate that enclu has been interrupted and should not been re-entered
+                unsafe { (*(_context as *mut ucontext_t)).uc_mcontext.gregs[REG_RDX as usize] = 1 }
             }
             let _ = stderr().flush();
         }