From d42f36469c2c5e627ec1144b13ccdb41e32ec388 Mon Sep 17 00:00:00 2001 From: houmingyong Date: Mon, 19 Dec 2022 19:32:47 +0800 Subject: [PATCH] destroy enclave release remain shared memory --- ...enclave-release-remain-shared-memory.patch | 127 ++++++++++++++++++ secGear.spec | 6 +- 2 files changed, 132 insertions(+), 1 deletion(-) create mode 100644 0056-destroy-enclave-release-remain-shared-memory.patch diff --git a/0056-destroy-enclave-release-remain-shared-memory.patch b/0056-destroy-enclave-release-remain-shared-memory.patch new file mode 100644 index 0000000..59f6ac1 --- /dev/null +++ b/0056-destroy-enclave-release-remain-shared-memory.patch @@ -0,0 +1,127 @@ +From b722d85901dbe0906ddb8fed5f5aa9f0646ba9fb Mon Sep 17 00:00:00 2001 +From: houmingyong +Date: Mon, 19 Dec 2022 19:26:22 +0800 +Subject: [PATCH] destory enclave release remain shared memory + +--- + src/host_src/gp/gp_enclave.c | 5 +++ + src/host_src/gp/gp_shared_memory.c | 54 ++++++++++++++++++++++++------ + src/host_src/gp/gp_shared_memory.h | 2 +- + 3 files changed, 50 insertions(+), 11 deletions(-) + +diff --git a/src/host_src/gp/gp_enclave.c b/src/host_src/gp/gp_enclave.c +index 521a850..952d584 100644 +--- a/src/host_src/gp/gp_enclave.c ++++ b/src/host_src/gp/gp_enclave.c +@@ -520,11 +520,16 @@ cc_enclave_result_t _gp_destroy(cc_enclave_t *context) + { + int res; + TEEC_Result ret; ++ cc_enclave_result_t cc_ret; + + if (!context || !context->private_data) { + print_error_term("The input parameters are wrong \n"); + return CC_ERROR_BAD_PARAMETERS; + } ++ cc_ret = gp_release_all_shared_memory(context); ++ if (cc_ret != CC_SUCCESS) { ++ print_error_goto("Fail to release all shared memory, errno:%x\n", cc_ret); ++ } + + fini_features(context); + +diff --git a/src/host_src/gp/gp_shared_memory.c b/src/host_src/gp/gp_shared_memory.c +index 60520a4..b6a958d 100644 +--- a/src/host_src/gp/gp_shared_memory.c ++++ b/src/host_src/gp/gp_shared_memory.c +@@ -195,19 +195,10 @@ cc_enclave_result_t gp_register_shared_memory(cc_enclave_t *enclave, void *ptr) + return CC_SUCCESS; + } + +-cc_enclave_result_t gp_unregister_shared_memory(cc_enclave_t *enclave, void* ptr) ++cc_enclave_result_t unregister_shared_memory(cc_enclave_t *enclave, gp_shared_memory_t* gp_shared_mem) + { + uint32_t ms = TEE_SECE_AGENT_ID; + +- if (!gp_is_shared_mem_start_addr(ptr)) { +- return CC_ERROR_SHARED_MEMORY_START_ADDR_INVALID; +- } +- +- if (GP_SHARED_MEMORY_ENTRY(ptr)->enclave != enclave) { +- return CC_ERROR_INVALID_HANDLE; +- } +- +- gp_shared_memory_t *gp_shared_mem = GP_SHARED_MEMORY_ENTRY(ptr); + if (!__atomic_load_n(&gp_shared_mem->is_registered, __ATOMIC_ACQUIRE)) { + return CC_ERROR_SHARED_MEMORY_NOT_REGISTERED; + } +@@ -236,6 +227,7 @@ cc_enclave_result_t gp_unregister_shared_memory(cc_enclave_t *enclave, void* ptr + char *out_param_buf = param_buf + in_param_buf_size; + + /* Copy in_params to in_buf */ ++ void *ptr = (char *)gp_shared_mem + sizeof(gp_shared_memory_t); + memcpy(in_param_buf, &args_size, size_to_aligned_size(sizeof(args_size))); + memcpy(in_param_buf + ptr_offset, &ptr, sizeof(void*)); + +@@ -262,3 +254,45 @@ cc_enclave_result_t gp_unregister_shared_memory(cc_enclave_t *enclave, void* ptr + free(param_buf); + return CC_SUCCESS; + } ++cc_enclave_result_t gp_unregister_shared_memory(cc_enclave_t *enclave, void* ptr) ++{ ++ ++ if (!gp_is_shared_mem_start_addr(ptr)) { ++ return CC_ERROR_SHARED_MEMORY_START_ADDR_INVALID; ++ } ++ ++ if (GP_SHARED_MEMORY_ENTRY(ptr)->enclave != enclave) { ++ return CC_ERROR_INVALID_HANDLE; ++ } ++ ++ gp_shared_memory_t *gp_shared_mem = GP_SHARED_MEMORY_ENTRY(ptr); ++ return unregister_shared_memory(enclave, gp_shared_mem); ++} ++ ++cc_enclave_result_t gp_release_all_shared_memory(cc_enclave_t *enclave) ++{ ++ list_node_t *cur = NULL; ++ list_node_t *tmp = NULL; ++ gp_shared_memory_t *mem = NULL; ++ cc_enclave_result_t step_ret; ++ cc_enclave_result_t ret = CC_SUCCESS; ++ ++ CC_RWLOCK_LOCK_RD(&g_shared_mem_list_lock); ++ list_for_each_safe(cur, tmp, &g_shared_mem_list) { ++ mem = list_entry(cur, gp_shared_memory_t, node); ++ if (mem->is_control_buf) { ++ continue; ++ } ++ step_ret = unregister_shared_memory(enclave, mem); ++ if (step_ret != CC_SUCCESS) { ++ ret = step_ret; ++ continue; ++ } ++ list_remove(&mem->node); ++ TEEC_SharedMemory sharedMem = *(TEEC_SharedMemory *)mem; ++ TEEC_ReleaseSharedMemory(&sharedMem); ++ } ++ CC_RWLOCK_UNLOCK(&g_shared_mem_list_lock); ++ ++ return ret; ++} +diff --git a/src/host_src/gp/gp_shared_memory.h b/src/host_src/gp/gp_shared_memory.h +index 2ec66a8..6914193 100644 +--- a/src/host_src/gp/gp_shared_memory.h ++++ b/src/host_src/gp/gp_shared_memory.h +@@ -59,7 +59,7 @@ cc_enclave_result_t gp_register_shared_memory(cc_enclave_t *enclave, void *ptr); + * Return: CC_SUCCESS, success; others failed. + */ + cc_enclave_result_t gp_unregister_shared_memory(cc_enclave_t *enclave, void *ptr); +- ++cc_enclave_result_t gp_release_all_shared_memory(cc_enclave_t *enclave); + #ifdef __cplusplus + } + #endif +-- +2.27.0 + diff --git a/secGear.spec b/secGear.spec index c9ded6a..4c00f52 100644 --- a/secGear.spec +++ b/secGear.spec @@ -1,6 +1,6 @@ Name: secGear Version: 0.1.0 -Release: 31 +Release: 32 Summary: secGear is an SDK to develop confidential computing apps based on hardware enclave features @@ -64,6 +64,7 @@ Patch51: 0052-rollback-to-common-invoking-when-async-invoking-fail.patch Patch52: 0053-asynchronous-switchless-example.patch Patch53: 0054-fix-gen-ecall-header-error.patch Patch54: 0055-switchless-readme-add-async-interface.patch +Patch55: 0056-destroy-enclave-release-remain-shared-memory.patch BuildRequires: gcc python automake autoconf libtool BUildRequires: glibc glibc-devel cmake ocaml-dune rpm gcc-c++ @@ -182,6 +183,9 @@ popd systemctl restart rsyslog %changelog +* Mon Dec 19 2022 houmingyong - 0.1.0-32 +- DESC:destroy enclave release remain shared memory + * Mon Dec 19 2022 houmingyong - 0.1.0-31 - DESC:switchless readme add async interface -- Gitee