Generate valid xfrm when required

Author: raoulstrackx

intel-sgx/enclave-runner/src/loader.rs

@@ -4,6 +4,7 @@
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
+use std::arch::x86_64::{self, CpuidResult};
 use std::fs::File;
 use std::io::{Error as IoError, ErrorKind, Read, Result as IoResult};
 use std::ops::RangeInclusive;
@@ -21,6 +22,7 @@ use openssl::{
 };
 
 use sgx_isa::{Attributes, AttributesFlags, Miscselect, Sigstruct};
+use sgxs::sgxs::PageReader;
 use sgxs::crypto::{SgxHashOps, SgxRsaOps};
 use sgxs::loader::{Load, MappingInfo, Tcs};
 use sgxs::sigstruct::{self, EnclaveHash, Signer};
@@ -163,11 +165,67 @@ impl<'a> EnclaveBuilder<'a> {
         ret
     }
 
-    fn generate_dummy_signature(&mut self) -> Result<Sigstruct, anyhow::Error> {
+    fn cpuid(eax: u32, ecx: u32) -> Option<CpuidResult> {
+        unsafe {
+            if eax <= x86_64::__get_cpuid_max(0).0 {
+                Some(x86_64::__cpuid_count(eax, ecx))
+            } else {
+                None
+            }
+        }
+    }
+
+    fn generate_xfrm(max_ssaframesize_in_pages: u32) -> u64 {
         fn xgetbv0() -> u64 {
             unsafe { arch::x86_64::_xgetbv(0) }
         }
 
+        debug_assert!(0 < max_ssaframesize_in_pages);
+        let xcr0 = xgetbv0();
+
+        // See allorithm of Intel dev manual Chpt 40.7.2.2
+        let xfrm = (0..64)
+            .map(|bit| {
+                let select = 0x1 << bit;
+                match bit {
+                    0 | 1 => select, // Bit 0 and 1 always need to be set
+                    _ => {
+                        if xcr0 & select == 0 {
+                            return 0;
+                        }
+
+                        let (base, size) = {
+                            let cpuid = Self::cpuid(0x0d, bit);
+                            let base = cpuid.map_or(0, |c| c.ebx);
+                            let size = cpuid.map_or(0, |c| c.eax);
+                            (base, size)
+                        };
+                        if max_ssaframesize_in_pages * 0x1000 <= base + size {
+                            return 0;
+                        }
+
+                        select
+                    }
+                }
+            })
+            .fold(0, |xfrm, b| xfrm | b);
+
+        // Intel x86 manual Vol 3 Chpt 13.3:
+        // "Executing the XSETBV instruction causes a general-protection fault (#GP) if ECX = 0
+        // and EAX[17] ≠ EAX[18] (TILECFG and TILEDATA must be enabled together). This implies
+        // that the value of XCR0[18:17] is always either 00b or 11b."
+        // The enclave entry code executes xrstor, and we may have just cleared bit 18, so we
+        // need to correct the invariant
+        if (xfrm & (0x1 << 17)) != (xfrm & (0x1 << 18)) {
+            xfrm & !(0x11 << 17)
+        } else {
+            xfrm
+        }
+    }
+
+    fn generate_dummy_signature(&mut self) -> Result<Sigstruct, anyhow::Error> {
+        let mut enclave = self.enclave.try_clone().unwrap();
+        let create_info = PageReader::new(&mut enclave)?;
         let mut enclave = self.enclave.try_clone().unwrap();
         let hash = match self.hash_enclave.take() {
             Some(f) => f(&mut enclave)?,
@@ -177,7 +235,7 @@ impl<'a> EnclaveBuilder<'a> {
 
         let attributes = self.attributes.unwrap_or_else(|| Attributes {
             flags: AttributesFlags::DEBUG | AttributesFlags::MODE64BIT,
-            xfrm: xgetbv0(),
+            xfrm: Self::generate_xfrm(create_info.0.ecreate.ssaframesize),
         });
         signer
             .attributes_flags(attributes.flags, !0)

intel-sgx/sgxs-loaders/src/isgx/mod.rs

@@ -198,6 +198,7 @@ impl EnclaveLoad for InnerDevice {
             ..Default::default()
         };
         let createdata = ioctl::CreateData { secs: &secs };
+
         ioctl_unsafe!(
             Create,
             ioctl::create(mapping.device.fd.as_raw_fd(), &createdata)