1 // SPDX-License-Identifier: GPL-2.0 2 /* Copyright(c) 2016-20 Intel Corporation. */ 3 4 #include <assert.h> 5 #include <elf.h> 6 #include <errno.h> 7 #include <fcntl.h> 8 #include <stdbool.h> 9 #include <stdio.h> 10 #include <stdint.h> 11 #include <stdlib.h> 12 #include <string.h> 13 #include <unistd.h> 14 #include <sys/ioctl.h> 15 #include <sys/mman.h> 16 #include <sys/stat.h> 17 #include <sys/time.h> 18 #include <sys/types.h> 19 #include "defines.h" 20 #include "main.h" 21 22 void encl_delete(struct encl *encl) 23 { 24 if (encl->encl_base) 25 munmap((void *)encl->encl_base, encl->encl_size); 26 27 if (encl->bin) 28 munmap(encl->bin, encl->bin_size); 29 30 if (encl->fd) 31 close(encl->fd); 32 33 if (encl->segment_tbl) 34 free(encl->segment_tbl); 35 36 memset(encl, 0, sizeof(*encl)); 37 } 38 39 static bool encl_map_bin(const char *path, struct encl *encl) 40 { 41 struct stat sb; 42 void *bin; 43 int ret; 44 int fd; 45 46 fd = open(path, O_RDONLY); 47 if (fd == -1) { 48 perror("enclave executable open()"); 49 return false; 50 } 51 52 ret = stat(path, &sb); 53 if (ret) { 54 perror("enclave executable stat()"); 55 goto err; 56 } 57 58 bin = mmap(NULL, sb.st_size, PROT_READ, MAP_PRIVATE, fd, 0); 59 if (bin == MAP_FAILED) { 60 perror("enclave executable mmap()"); 61 goto err; 62 } 63 64 encl->bin = bin; 65 encl->bin_size = sb.st_size; 66 67 close(fd); 68 return true; 69 70 err: 71 close(fd); 72 return false; 73 } 74 75 static bool encl_ioc_create(struct encl *encl) 76 { 77 struct sgx_secs *secs = &encl->secs; 78 struct sgx_enclave_create ioc; 79 int rc; 80 81 assert(encl->encl_base != 0); 82 83 memset(secs, 0, sizeof(*secs)); 84 secs->ssa_frame_size = 1; 85 secs->attributes = SGX_ATTR_MODE64BIT; 86 secs->xfrm = 3; 87 secs->base = encl->encl_base; 88 secs->size = encl->encl_size; 89 90 ioc.src = (unsigned long)secs; 91 rc = ioctl(encl->fd, SGX_IOC_ENCLAVE_CREATE, &ioc); 92 if (rc) { 93 perror("SGX_IOC_ENCLAVE_CREATE failed"); 94 munmap((void *)secs->base, encl->encl_size); 95 return false; 96 } 97 98 return true; 99 } 100 101 static bool encl_ioc_add_pages(struct encl *encl, struct encl_segment *seg) 102 { 103 struct sgx_enclave_add_pages ioc; 104 struct sgx_secinfo secinfo; 105 int rc; 106 107 memset(&secinfo, 0, sizeof(secinfo)); 108 secinfo.flags = seg->flags; 109 110 ioc.src = (uint64_t)encl->src + seg->offset; 111 ioc.offset = seg->offset; 112 ioc.length = seg->size; 113 ioc.secinfo = (unsigned long)&secinfo; 114 ioc.flags = SGX_PAGE_MEASURE; 115 116 rc = ioctl(encl->fd, SGX_IOC_ENCLAVE_ADD_PAGES, &ioc); 117 if (rc < 0) { 118 perror("SGX_IOC_ENCLAVE_ADD_PAGES failed"); 119 return false; 120 } 121 122 return true; 123 } 124 125 126 127 bool encl_load(const char *path, struct encl *encl) 128 { 129 const char device_path[] = "/dev/sgx_enclave"; 130 Elf64_Phdr *phdr_tbl; 131 off_t src_offset; 132 Elf64_Ehdr *ehdr; 133 struct stat sb; 134 void *ptr; 135 int i, j; 136 int ret; 137 int fd = -1; 138 139 memset(encl, 0, sizeof(*encl)); 140 141 fd = open(device_path, O_RDWR); 142 if (fd < 0) { 143 perror("Unable to open /dev/sgx_enclave"); 144 goto err; 145 } 146 147 ret = stat(device_path, &sb); 148 if (ret) { 149 perror("device file stat()"); 150 goto err; 151 } 152 153 /* 154 * This just checks if the /dev file has these permission 155 * bits set. It does not check that the current user is 156 * the owner or in the owning group. 157 */ 158 if (!(sb.st_mode & (S_IXUSR | S_IXGRP | S_IXOTH))) { 159 fprintf(stderr, "no execute permissions on device file %s\n", device_path); 160 goto err; 161 } 162 163 ptr = mmap(NULL, PAGE_SIZE, PROT_READ, MAP_SHARED, fd, 0); 164 if (ptr == (void *)-1) { 165 perror("mmap for read"); 166 goto err; 167 } 168 munmap(ptr, PAGE_SIZE); 169 170 #define ERR_MSG \ 171 "mmap() succeeded for PROT_READ, but failed for PROT_EXEC.\n" \ 172 " Check that current user has execute permissions on %s and \n" \ 173 " that /dev does not have noexec set: mount | grep \"/dev .*noexec\"\n" \ 174 " If so, remount it executable: mount -o remount,exec /dev\n\n" 175 176 ptr = mmap(NULL, PAGE_SIZE, PROT_EXEC, MAP_SHARED, fd, 0); 177 if (ptr == (void *)-1) { 178 fprintf(stderr, ERR_MSG, device_path); 179 goto err; 180 } 181 munmap(ptr, PAGE_SIZE); 182 183 encl->fd = fd; 184 185 if (!encl_map_bin(path, encl)) 186 goto err; 187 188 ehdr = encl->bin; 189 phdr_tbl = encl->bin + ehdr->e_phoff; 190 191 for (i = 0; i < ehdr->e_phnum; i++) { 192 Elf64_Phdr *phdr = &phdr_tbl[i]; 193 194 if (phdr->p_type == PT_LOAD) 195 encl->nr_segments++; 196 } 197 198 encl->segment_tbl = calloc(encl->nr_segments, 199 sizeof(struct encl_segment)); 200 if (!encl->segment_tbl) 201 goto err; 202 203 for (i = 0, j = 0; i < ehdr->e_phnum; i++) { 204 Elf64_Phdr *phdr = &phdr_tbl[i]; 205 unsigned int flags = phdr->p_flags; 206 struct encl_segment *seg; 207 208 if (phdr->p_type != PT_LOAD) 209 continue; 210 211 seg = &encl->segment_tbl[j]; 212 213 if (!!(flags & ~(PF_R | PF_W | PF_X))) { 214 fprintf(stderr, 215 "%d has invalid segment flags 0x%02x.\n", i, 216 phdr->p_flags); 217 goto err; 218 } 219 220 if (j == 0 && flags != (PF_R | PF_W)) { 221 fprintf(stderr, 222 "TCS has invalid segment flags 0x%02x.\n", 223 phdr->p_flags); 224 goto err; 225 } 226 227 if (j == 0) { 228 src_offset = phdr->p_offset & PAGE_MASK; 229 230 seg->prot = PROT_READ | PROT_WRITE; 231 seg->flags = SGX_PAGE_TYPE_TCS << 8; 232 } else { 233 seg->prot = (phdr->p_flags & PF_R) ? PROT_READ : 0; 234 seg->prot |= (phdr->p_flags & PF_W) ? PROT_WRITE : 0; 235 seg->prot |= (phdr->p_flags & PF_X) ? PROT_EXEC : 0; 236 seg->flags = (SGX_PAGE_TYPE_REG << 8) | seg->prot; 237 } 238 239 seg->offset = (phdr->p_offset & PAGE_MASK) - src_offset; 240 seg->size = (phdr->p_filesz + PAGE_SIZE - 1) & PAGE_MASK; 241 242 printf("0x%016lx 0x%016lx 0x%02x\n", seg->offset, seg->size, 243 seg->prot); 244 245 j++; 246 } 247 248 assert(j == encl->nr_segments); 249 250 encl->src = encl->bin + src_offset; 251 encl->src_size = encl->segment_tbl[j - 1].offset + 252 encl->segment_tbl[j - 1].size; 253 254 for (encl->encl_size = 4096; encl->encl_size < encl->src_size; ) 255 encl->encl_size <<= 1; 256 257 return true; 258 259 err: 260 if (fd != -1) 261 close(fd); 262 encl_delete(encl); 263 return false; 264 } 265 266 static bool encl_map_area(struct encl *encl) 267 { 268 size_t encl_size = encl->encl_size; 269 void *area; 270 271 area = mmap(NULL, encl_size * 2, PROT_NONE, 272 MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); 273 if (area == MAP_FAILED) { 274 perror("reservation mmap()"); 275 return false; 276 } 277 278 encl->encl_base = ((uint64_t)area + encl_size - 1) & ~(encl_size - 1); 279 280 munmap(area, encl->encl_base - (uint64_t)area); 281 munmap((void *)(encl->encl_base + encl_size), 282 (uint64_t)area + encl_size - encl->encl_base); 283 284 return true; 285 } 286 287 bool encl_build(struct encl *encl) 288 { 289 struct sgx_enclave_init ioc; 290 int ret; 291 int i; 292 293 if (!encl_map_area(encl)) 294 return false; 295 296 if (!encl_ioc_create(encl)) 297 return false; 298 299 /* 300 * Pages must be added before mapping VMAs because their permissions 301 * cap the VMA permissions. 302 */ 303 for (i = 0; i < encl->nr_segments; i++) { 304 struct encl_segment *seg = &encl->segment_tbl[i]; 305 306 if (!encl_ioc_add_pages(encl, seg)) 307 return false; 308 } 309 310 ioc.sigstruct = (uint64_t)&encl->sigstruct; 311 ret = ioctl(encl->fd, SGX_IOC_ENCLAVE_INIT, &ioc); 312 if (ret) { 313 perror("SGX_IOC_ENCLAVE_INIT failed"); 314 return false; 315 } 316 317 return true; 318 } 319