From d23874b11a5dc22f760b40f6fc0acf99fb088fbf Mon Sep 17 00:00:00 2001 From: zhengxiaoxiao Date: Mon, 12 Aug 2024 21:38:05 +0800 Subject: [PATCH] register shared memory by open session Reference:https://gitee.com/openeuler/secGear/commit/d23874b11a5dc22f760b40f6fc0acf99fb088fbf Conflict:NA --- inc/common_inc/gp/gp_shared_memory_defs.h | 1 + src/enclave_src/gp/gp.c | 2 + src/enclave_src/gp/itrustee/CMakeLists.txt | 3 +- .../gp/itrustee/itrustee_shared_memory.c | 62 ++++++++++++++++ .../gp/itrustee/itrustee_shared_memory.h | 28 +++++++ src/host_src/gp/gp_enclave.c | 73 ++++++++++++++++++- src/host_src/gp/gp_shared_memory.c | 20 ++++- 7 files changed, 185 insertions(+), 4 deletions(-) create mode 100644 src/enclave_src/gp/itrustee/itrustee_shared_memory.h diff --git a/inc/common_inc/gp/gp_shared_memory_defs.h b/inc/common_inc/gp/gp_shared_memory_defs.h index 87c9a13..8af2411 100644 --- a/inc/common_inc/gp/gp_shared_memory_defs.h +++ b/inc/common_inc/gp/gp_shared_memory_defs.h @@ -46,6 +46,7 @@ typedef struct { bool is_registered; // the shared memory can be used only after being registered void *enclave; // refer to cc_enclave_t pthread_t register_tid; + void *reg_session; // register shared memory by open session list_node_t node; } gp_shared_memory_t; diff --git a/src/enclave_src/gp/gp.c b/src/enclave_src/gp/gp.c index 57c280f..97d02ef 100644 --- a/src/enclave_src/gp/gp.c +++ b/src/enclave_src/gp/gp.c @@ -16,6 +16,8 @@ #include "tee_mem_mgmt_api.h" #include "gp.h" #include "caller.h" +#include "tee_log.h" +#include "itrustee/itrustee_shared_memory.h" #define PARAMNUM 4 #define POS_IN 0 diff --git a/src/enclave_src/gp/itrustee/CMakeLists.txt b/src/enclave_src/gp/itrustee/CMakeLists.txt index 14b3c64..b194c41 100644 --- a/src/enclave_src/gp/itrustee/CMakeLists.txt +++ b/src/enclave_src/gp/itrustee/CMakeLists.txt @@ -50,7 +50,8 @@ target_include_directories(${target_lib} PRIVATE ${LOCAL_ROOT_PATH}/inc/enclave_inc/gp/itrustee ${ITRUSTEE_TEEDIR}/include/CA ${LOCAL_ROOT_PATH}/inc/common_inc - ${LOCAL_ROOT_PATH}/inc/common_inc/gp) + ${LOCAL_ROOT_PATH}/inc/common_inc/gp + ${CMAKE_CURRENT_SOURCE_DIR}/) install(TARGETS ${target_lib} ARCHIVE diff --git a/src/enclave_src/gp/itrustee/itrustee_shared_memory.c b/src/enclave_src/gp/itrustee/itrustee_shared_memory.c index 32b8d8e..d6f0913 100644 --- a/src/enclave_src/gp/itrustee/itrustee_shared_memory.c +++ b/src/enclave_src/gp/itrustee/itrustee_shared_memory.c @@ -156,6 +156,41 @@ cc_enclave_result_t ecall_register_shared_memory(uint8_t *in_buf, return CC_SUCCESS; } +cc_enclave_result_t register_shared_memory_by_session(uint8_t *in_buf, uint8_t *registered_buf, void **sessionContext) +{ + /* Parse input parameters from in_buf */ + size_t in_buf_offset = size_to_aligned_size(sizeof(gp_register_shared_memory_size_t)); + gp_register_shared_memory_size_t *args_size = (gp_register_shared_memory_size_t *)in_buf; + + uint8_t *host_buf_p = NULL; + uint8_t *host_buf_len_p = NULL; + uint8_t *is_control_buf_p = NULL; + SET_PARAM_IN_1(host_buf_p, size_t, host_buf, args_size->shared_buf_size); + SET_PARAM_IN_1(host_buf_len_p, size_t, host_buf_len, args_size->shared_buf_len_size); + SET_PARAM_IN_1(is_control_buf_p, bool, is_control_buf, args_size->is_control_buf_size); + + cc_enclave_result_t ret = CC_FAIL; + + shared_memory_block_t *shared_mem = create_shared_memory_block((void *)host_buf, host_buf_len, registered_buf); + if (shared_mem == NULL) { + return CC_ERROR_OUT_OF_MEMORY; + } + + if (is_control_buf) { + ret = tswitchless_init((void *)shared_mem->enclave_addr, &shared_mem->pool, &shared_mem->tid_arr); + if (ret != CC_SUCCESS) { + destroy_shared_memory_block(shared_mem); + return CC_ERROR_TSWITCHLESS_INIT_FAILED; + } + } + + add_shared_memory_block_to_list(shared_mem); + __atomic_store_n(&(((gp_shared_memory_t *)registered_buf)->is_registered), true, __ATOMIC_RELEASE); + *sessionContext = (void *)shared_mem->enclave_addr; + + return CC_SUCCESS; +} + size_t addr_host_to_enclave(size_t host_addr) { list_node_t *cur = NULL; @@ -234,3 +269,30 @@ cc_enclave_result_t ecall_unregister_shared_memory(uint8_t *in_buf, return CC_SUCCESS; } + +void open_session_unregister_shared_memory(void *sessionContext) +{ + list_node_t *cur = NULL; + shared_memory_block_t *mem_block = NULL; + + CC_RWLOCK_LOCK_WR(&g_shared_memory_list_lock); + + list_for_each(cur, &g_shared_memory_list) { + mem_block = list_entry(cur, shared_memory_block_t, node); + tlogi("[secGear] unregister shared_mem:%p, cur_mem:%p", sessionContext, mem_block->enclave_addr); + if (sessionContext == (void *)mem_block->enclave_addr) { + __atomic_store_n(&((GP_SHARED_MEMORY_ENTRY(mem_block->enclave_addr))->is_registered), + false, __ATOMIC_RELEASE); + + list_remove(&mem_block->node); + if ((GP_SHARED_MEMORY_ENTRY(mem_block->enclave_addr))->is_control_buf) { + tswitchless_fini(mem_block->pool, mem_block->tid_arr); + } + destroy_shared_memory_block(mem_block); + break; + } + } + CC_RWLOCK_UNLOCK(&g_shared_memory_list_lock); + + return; +} diff --git a/src/enclave_src/gp/itrustee/itrustee_shared_memory.h b/src/enclave_src/gp/itrustee/itrustee_shared_memory.h new file mode 100644 index 0000000..35ae829 --- /dev/null +++ b/src/enclave_src/gp/itrustee/itrustee_shared_memory.h @@ -0,0 +1,28 @@ +/* + * Copyright (c) Huawei Technologies Co., Ltd. 2020. All rights reserved. + * secGear is licensed under the Mulan PSL v2. + * You can use this software according to the terms and conditions of the Mulan PSL v2. + * You may obtain a copy of Mulan PSL v2 at: + * http://license.coscl.org.cn/MulanPSL2 + * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR + * PURPOSE. + * See the Mulan PSL v2 for more details. + */ + +#ifndef __ITRUSTEE_SHARED_MEMORY_H__ +#define __ITRUSTEE_SHARED_MEMORY_H__ + +#include "status.h" + +#ifdef __cplusplus +extern "C" { +#endif + +cc_enclave_result_t register_shared_memory_by_session(uint8_t *in_buf, uint8_t *registered_buf, void **sessionContext); +void open_session_unregister_shared_memory(void *sessionContext); + +#ifdef __cplusplus +} +#endif +#endif diff --git a/src/host_src/gp/gp_enclave.c b/src/host_src/gp/gp_enclave.c index 952d584..ad07c30 100644 --- a/src/host_src/gp/gp_enclave.c +++ b/src/host_src/gp/gp_enclave.c @@ -698,6 +698,63 @@ cc_enclave_result_t handle_ecall_function_register_shared_memory(cc_enclave_t *e return CC_SUCCESS; } +/* TEEC_OpenSession 用户只能用param[0]和param[1], 2,3被底层默认占用了 */ +static cc_enclave_result_t init_open_session_register_memory_oper(TEEC_Operation *operation, + cc_enclave_call_function_args_t *args) +{ + const int input_pos = 0; + const int shared_pos = 1; + memset(operation, 0x00, sizeof(TEEC_Operation)); + operation->started = 1; + uint32_t paramtypes[] = { TEEC_NONE, TEEC_NONE, TEEC_NONE, TEEC_NONE }; + /* Fill input buffer */ + if (args->input_buffer_size) { + operation->params[input_pos].tmpref.buffer = (void *)args->input_buffer; + operation->params[input_pos].tmpref.size = (uint32_t)args->input_buffer_size; + paramtypes[input_pos] = TEEC_MEMREF_TEMP_INPUT; + } + + /* Fill shared buffer */ + gp_shared_memory_t *shared_mem = GP_SHARED_MEMORY_ENTRY(GET_HOST_BUF_FROM_INPUT_PARAMS(args->input_buffer)); + TEEC_SharedMemory *teec_shared_mem = (TEEC_SharedMemory *)(&shared_mem->shared_mem); + operation->params[shared_pos].memref.parent = teec_shared_mem; + operation->params[shared_pos].memref.size = teec_shared_mem->size; + paramtypes[shared_pos] = TEEC_MEMREF_REGISTER_INOUT; + + operation->paramTypes = TEEC_PARAM_TYPES(paramtypes[input_pos], paramtypes[shared_pos], TEEC_NONE, TEEC_NONE); + + return CC_SUCCESS; +} + +cc_enclave_result_t handle_open_session_register_shared_memory(cc_enclave_t *enclave, + cc_enclave_call_function_args_t *args, void *session) +{ + if (args->function_id == fid_register_shared_memory) { + gp_context_t *gp = (gp_context_t *)(enclave->private_data); + uint32_t origin; + TEEC_Operation oper; + memset(&oper, 0, sizeof(oper)); + oper.started = 1; + oper.paramTypes = TEEC_PARAM_TYPES(TEEC_NONE, TEEC_NONE, TEEC_MEMREF_TEMP_INPUT, TEEC_MEMREF_TEMP_INPUT); + cc_enclave_result_t cc_res = init_open_session_register_memory_oper(&oper, args); + if (cc_res != CC_SUCCESS) { + print_error_term("Handle ecall with new session, failed to init operation, ret:%x\n", cc_res); + return CC_FAIL; + } + TEEC_Result result = TEEC_OpenSession(&gp->ctx, session, &gp->uuid, TEEC_LOGIN_IDENTIFY, + NULL, &oper, &origin); + if (result != TEEC_SUCCESS) { + print_error_term("Handle ecall with new session, failed to open session, ret:%x, origin:%x\n", + result, origin); + cc_res = conversion_res_status(result, enclave->type); + return cc_res; + } + } else { // shared_mem->reg_session close by unregister shared memory + TEEC_CloseSession(session); + } + + return CC_SUCCESS; +} static cc_enclave_result_t handle_ecall_function(cc_enclave_t *enclave, cc_enclave_call_function_args_t *args) { @@ -706,7 +763,21 @@ static cc_enclave_result_t handle_ecall_function(cc_enclave_t *enclave, cc_encla TEEC_Operation operation; uint32_t origin; gp_context_t *gp = (gp_context_t*)enclave->private_data; - + if (args->function_id == fid_register_shared_memory || args->function_id == fid_unregister_shared_memory) { + gp_shared_memory_t *shared_mem = NULL; + if (args->function_id == fid_register_shared_memory) { + shared_mem = GP_SHARED_MEMORY_ENTRY(GET_HOST_BUF_FROM_INPUT_PARAMS(args->input_buffer)); + } else { + void *ptr = NULL; + (void)memcpy(&ptr, (char *)(args->input_buffer) + + size_to_aligned_size(sizeof(gp_unregister_shared_memory_size_t)), sizeof(void *)); + shared_mem = GP_SHARED_MEMORY_ENTRY(ptr); + } + TEEC_SharedMemory *teec_shared_mem = (TEEC_SharedMemory *)(&shared_mem->shared_mem); + if (teec_shared_mem->flags == TEEC_MEM_REGISTER_INOUT) { + return handle_open_session_register_shared_memory(enclave, args, shared_mem->reg_session); + } + } if (args->function_id == fid_register_shared_memory) { return handle_ecall_function_register_shared_memory(enclave, args); } diff --git a/src/host_src/gp/gp_shared_memory.c b/src/host_src/gp/gp_shared_memory.c index b6a958d..cd1a4c5 100644 --- a/src/host_src/gp/gp_shared_memory.c +++ b/src/host_src/gp/gp_shared_memory.c @@ -54,14 +54,26 @@ void *gp_malloc_shared_memory(cc_enclave_t *context, size_t size, bool is_contro .is_control_buf = is_control_buf, .is_registered = false, .enclave = (void *) context, - .register_tid = 0 + .register_tid = 0, + .reg_session = NULL }; + gp_shared_mem.reg_session = malloc(sizeof(TEEC_Session)); + if (gp_shared_mem.reg_session == NULL) { + return NULL; + } TEEC_SharedMemory *teec_shared_mem = (TEEC_SharedMemory *)(&gp_shared_mem.shared_mem); teec_shared_mem->size = size + sizeof(gp_shared_memory_t); - teec_shared_mem->flags = TEEC_MEM_SHARED_INOUT; + teec_shared_mem->flags = TEEC_MEM_REGISTER_INOUT; TEEC_Result result = TEEC_AllocateSharedMemory(&gp_context->ctx, teec_shared_mem); + if (result == TEEC_ERROR_BAD_PARAMETERS) { + print_warning("not support register type, try shared type again.\n"); + teec_shared_mem->flags = TEEC_MEM_SHARED_INOUT; + result = TEEC_AllocateSharedMemory(&gp_context->ctx, teec_shared_mem); + } + if (result != TEEC_SUCCESS) { + free(gp_shared_mem.reg_session); return NULL; } @@ -106,6 +118,10 @@ cc_enclave_result_t gp_free_shared_memory(cc_enclave_t *enclave, void *ptr) } gp_remove_shared_mem_from_list(GP_SHARED_MEMORY_ENTRY(ptr)); + if (GP_SHARED_MEMORY_ENTRY(ptr)->reg_session != NULL) { + free(GP_SHARED_MEMORY_ENTRY(ptr)->reg_session); + GP_SHARED_MEMORY_ENTRY(ptr)->reg_session = NULL; + } TEEC_SharedMemory sharedMem = *TEEC_SHARED_MEMORY_ENTRY(ptr); TEEC_ReleaseSharedMemory(&sharedMem); -- 2.27.0