fix open sgx file. add key in open.

6 years ago · da42736223
parent ef4e619d89
commit da42736223
4 changed files with 25 additions and 19 deletions
--- a/rcore-fs-sefs/src/lib.rs
+++ b/rcore-fs-sefs/src/lib.rs
@ -457,7 +457,7 @@ impl SEFS {
        }.wrap();

        // Init root INode
-        let root = sefs._new_inode(BLKN_ROOT, Dirty::new_dirty(DiskINode::new_dir()));
+        let root = sefs._new_inode(BLKN_ROOT, Dirty::new_dirty(DiskINode::new_dir()), true);
        root.dirent_init(BLKN_ROOT)?;
        root.nlinks_inc();  //for .
        root.nlinks_inc();  //for ..(root's parent is itself)
@ -501,11 +501,14 @@ impl SEFS {

    /// Create a new INode struct, then insert it to self.inodes
    /// Private used for load or create INode
-    fn _new_inode(&self, id: INodeId, disk_inode: Dirty<DiskINode>) -> Arc<INodeImpl> {
+    fn _new_inode(&self, id: INodeId, disk_inode: Dirty<DiskINode>, create: bool) -> Arc<INodeImpl> {
        let inode = Arc::new(INodeImpl {
            id,
            disk_inode: RwLock::new(disk_inode),
-            file: self.device.create(id).unwrap(),
+            file: match create {
+                true => self.device.create(id).unwrap(),
+                false => self.device.open(id).unwrap(),
+            },
            fs: self.self_ptr.upgrade().unwrap(),
        });
        self.inodes.write().insert(id, Arc::downgrade(&inode));
@ -524,19 +527,19 @@ impl SEFS {
        }
        // Load if not in set, or is weak ref.
        let disk_inode = Dirty::new(self.meta_file.load_struct::<DiskINode>(id).unwrap());
-        self._new_inode(id, disk_inode)
+        self._new_inode(id, disk_inode, false)
    }
    /// Create a new INode file
    fn new_inode_file(&self) -> vfs::Result<Arc<INodeImpl>> {
        let id = self.alloc_block().ok_or(FsError::NoDeviceSpace)?;
        let disk_inode = Dirty::new_dirty(DiskINode::new_file());
-        Ok(self._new_inode(id, disk_inode))
+        Ok(self._new_inode(id, disk_inode, true))
    }
    /// Create a new INode dir
    fn new_inode_dir(&self, parent: INodeId) -> vfs::Result<Arc<INodeImpl>> {
        let id = self.alloc_block().ok_or(FsError::NoDeviceSpace)?;
        let disk_inode = Dirty::new_dirty(DiskINode::new_dir());
-        let inode = self._new_inode(id, disk_inode);
+        let inode = self._new_inode(id, disk_inode, true);
        inode.dirent_init(parent)?;
        Ok(inode)
    }
--- a/sefs-fuse/app/src/sgx_dev.rs
+++ b/sefs-fuse/app/src/sgx_dev.rs
@ -21,14 +21,14 @@ impl SgxStorage {

 impl Storage for SgxStorage {
    fn open(&self, file_id: usize) -> DevResult<Box<File>> {
-        match file_open(file_id) {
+        match file_open(file_id, false, &[0u8; 16]) {
            0 => Ok(Box::new(SgxFile { fd: file_id })),
            _ => panic!(),
        }
    }

    fn create(&self, file_id: usize) -> DevResult<Box<File>> {
-        match file_open(file_id) {
+        match file_open(file_id, true, &[0u8; 16]) {
            0 => Ok(Box::new(SgxFile { fd: file_id })),
            _ => panic!(),
        }
@ -87,7 +87,7 @@ impl Drop for SgxFile {
 /// Ecall functions to access SgxFile
 extern {
    fn ecall_set_sefs_dir(eid: sgx_enclave_id_t, retval: *mut i32, path: *const u8, len: size_t) -> sgx_status_t;
-    fn ecall_file_open(eid: sgx_enclave_id_t, retval: *mut i32, fd: size_t) -> sgx_status_t;
+    fn ecall_file_open(eid: sgx_enclave_id_t, retval: *mut i32, fd: size_t, create: uint8_t, key: *const sgx_key_128bit_t) -> sgx_status_t;
    fn ecall_file_close(eid: sgx_enclave_id_t, retval: *mut i32, fd: size_t) -> sgx_status_t;
    fn ecall_file_flush(eid: sgx_enclave_id_t, retval: *mut i32, fd: size_t) -> sgx_status_t;
    fn ecall_file_read_at(eid: sgx_enclave_id_t, retval: *mut i32, fd: size_t, offset: size_t, buf: *mut uint8_t, len: size_t) -> sgx_status_t;
@ -107,10 +107,10 @@ fn set_sefs_dir(path: &str) -> i32 {
    ret_val
 }

-fn file_open(fd: usize) -> i32 {
+fn file_open(fd: usize, create: bool, key: &sgx_key_128bit_t) -> i32 {
    let mut ret_val = -1;
    unsafe {
-        let ret = ecall_file_open(EID, &mut ret_val, fd);
+        let ret = ecall_file_open(EID, &mut ret_val, fd, create as uint8_t, key);
        assert_eq!(ret, sgx_status_t::SGX_SUCCESS);
    }
    ret_val
--- a/sefs-fuse/enclave/Enclave.edl
+++ b/sefs-fuse/enclave/Enclave.edl
@ -30,6 +30,7 @@
 */

 enclave {
+    include "sgx_key.h"
    from "sgx_tstd.edl" import *;
    from "sgx_stdio.edl" import *;
    from "sgx_backtrace.edl" import *;
@ -40,7 +41,7 @@ enclave {
        /* define ECALLs here. */

        public int ecall_set_sefs_dir([in, size=len] const char* path, size_t len);
-        public int ecall_file_open(size_t fd);
+        public int ecall_file_open(size_t fd, uint8_t create, [in] sgx_key_128bit_t* key);
        public int ecall_file_close(size_t fd);
        public int ecall_file_flush(size_t fd);
        public int ecall_file_read_at(size_t fd, size_t offset, [out, size=len] uint8_t* buf, size_t len);
--- a/sefs-fuse/enclave/src/lib.rs
+++ b/sefs-fuse/enclave/src/lib.rs
@ -45,6 +45,7 @@ use std::path::PathBuf;
 use std::sgxfs::{OpenOptions, SgxFile};
 use std::sync::{SgxMutex as Mutex, SgxRwLock as RwLock};
 use std::vec::Vec;
+use sgx_types::sgx_key_128bit_t;

 #[no_mangle]
 pub extern "C" fn ecall_set_sefs_dir(path: *const u8, len: usize) -> i32 {
@ -67,10 +68,15 @@ macro_rules! try_io {
 }

 #[no_mangle]
-pub extern "C" fn ecall_file_open(fd: usize) -> i32 {
+pub extern "C" fn ecall_file_open(fd: usize, create: bool, key: &sgx_key_128bit_t) -> i32 {
    let path = get_path(fd);
-    let file = try_io!(OpenOptions::new().append(true).update(true).binary(true).open(&path));
-    println!("open fd = {}", fd);
+    let mut oo = OpenOptions::new();
+    match create {
+        true => oo.write(true).update(true).binary(true),
+        false => oo.read(true).update(true).binary(true),
+    };
+    let file = try_io!(oo.open_ex(&path, key));
+    println!("{} fd = {} key = {:?}", if create {"create"} else {"open"}, fd, key);
    let file = LockedFile(Mutex::new(file));
    let mut files = FILES.write().unwrap();
    files.insert(fd, file);
@ -102,12 +108,10 @@ pub extern "C" fn ecall_file_read_at(fd: usize, offset: usize, buf: *mut u8, len
    let offset = offset as u64;
    println!("read_at fd = {}, offset = {}, len = {}", fd, offset, len);
    try_io!(file.seek(SeekFrom::Start(offset)));
-    println!("pos = {}", try_io!(file.seek(SeekFrom::Current(0))));

    let buf = unsafe { std::slice::from_raw_parts_mut(buf, len) };
    let len = try_io!(file.read(buf)) as i32;
    println!("{:?}", buf);
-    println!("end pos = {}", try_io!(file.seek(SeekFrom::Current(0))));

    len
 }
@ -120,11 +124,9 @@ pub extern "C" fn ecall_file_write_at(fd: usize, offset: usize, buf: *const u8,
    let offset = offset as u64;
    println!("write_at fd = {}, offset = {}, len = {}", fd, offset, len);
    try_io!(file.seek(SeekFrom::Start(offset)));
-    println!("pos = {}", try_io!(file.seek(SeekFrom::Current(0))));
    let buf = unsafe { std::slice::from_raw_parts(buf, len) };
    let ret = try_io!(file.write(buf)) as i32;
    println!("{:?}", buf);
-    println!("end pos = {}", try_io!(file.seek(SeekFrom::Current(0))));

    ret
 }