sgx_status_t SGXLaunchToken::update_launch_token(
bool force_update_tok)
{
sgx_status_t status = SGX_SUCCESS;
if (get_enclave_creator()->is_in_kernel_driver() == true)
{
memset(&m_launch, 0, sizeof(m_launch));
m_launch_updated = false;
return status;
}
if (force_update_tok ||
SE_ERROR_INVALID_LAUNCH_TOKEN == chk_launch_token(m_css, m_secs_attr, &m_launch))
{
status = ::get_launch_token(m_css, m_secs_attr, &m_launch);
if (status == SGX_SUCCESS)
m_launch_updated = true;
else
return status;
}
return status;
}
extern "C" sgx_status_t sgx_create_enclave_from_buffer_ex(uint8_t *buffer,
uint64_t buffer_size,
const int debug,
sgx_enclave_id_t *enclave_id,
sgx_misc_attribute_t *misc_attr,
const uint32_t ex_features,
const void* ex_features_p[32])
{
sgx_status_t ret = SGX_SUCCESS;
// Only true or false is valid
if (TRUE != debug && FALSE != debug)
{
return SGX_ERROR_INVALID_PARAMETER;
}
if (!_check_ex_params_(ex_features, ex_features_p))
{
return SGX_ERROR_INVALID_PARAMETER;
}
se_file_t file = {NULL, 0, false};
ret = _create_enclave_from_buffer_ex(!!debug, buffer, buffer_size, file, NULL, enclave_id,
misc_attr, ex_features, ex_features_p);
if (SGX_SUCCESS != ret && misc_attr)
{
sgx_misc_attribute_t plat_cap;
memset(&plat_cap, 0, sizeof(plat_cap));
get_enclave_creator()->get_plat_cap(&plat_cap);
memcpy_s(misc_attr, sizeof(sgx_misc_attribute_t), &plat_cap,
sizeof(sgx_misc_attribute_t));
}
return ret;
}
extern "C" sgx_status_t __sgx_create_enclave_ex(const char *file_name,
const int debug,
sgx_launch_token_t *launch_token,
int *launch_token_updated,
sgx_enclave_id_t *enclave_id,
sgx_misc_attribute_t *misc_attr,
const uint32_t ex_features,
const void* ex_features_p[32])
{
sgx_status_t ret = SGX_SUCCESS;
//Only true or false is valid
if(TRUE != debug && FALSE != debug)
return SGX_ERROR_INVALID_PARAMETER;
if (!_check_ex_params_(ex_features, ex_features_p))
{
return SGX_ERROR_INVALID_PARAMETER;
}
int fd = open(file_name, O_RDONLY);
if(-1 == fd)
{
SE_TRACE(SE_TRACE_ERROR, "Couldn't open the enclave file, error = %d\n", errno);
return SGX_ERROR_ENCLAVE_FILE_ACCESS;
}
se_file_t file = {NULL, 0, false};
char resolved_path[PATH_MAX];
file.name = realpath(file_name, resolved_path);
file.name_len = (uint32_t)strlen(resolved_path);
ret = _create_enclave_ex(!!debug, fd, file, NULL, launch_token, launch_token_updated, enclave_id, misc_attr, ex_features, ex_features_p);
if(SGX_SUCCESS != ret && misc_attr)
{
sgx_misc_attribute_t plat_cap;
memset(&plat_cap, 0, sizeof(plat_cap));
get_enclave_creator()->get_plat_cap(&plat_cap);
memcpy_s(misc_attr, sizeof(sgx_misc_attribute_t), &plat_cap, sizeof(sgx_misc_attribute_t));
}
close(fd);
return ret;
}
int CLoader::build_mem_region(const section_info_t * const sec_info)
{
int ret = SGX_SUCCESS;
uint8_t added_page[SE_PAGE_SIZE];
uint64_t offset = 0;
uint8_t *raw_ptr = NULL;
uint64_t rva = 0;
sec_info_t sinfo;
memset(&sinfo, 0, sizeof(sinfo));
rva = sec_info->rva + offset;
while(offset < TRIM_TO_PAGE(sec_info->raw_data_size))
{
raw_ptr = sec_info->raw_data + offset;
sinfo.flags = sec_info->flag;
//check if the page is writable.
if(sec_info->bitmap && sec_info->bitmap->size())
{
uint64_t page_frame = rva >> SE_PAGE_SHIFT;
//NOTE:
// Current enclave size is not beyond 64G, so the type-casting from (uint64>>15) to (size_t) is OK.
// In the future, if the max enclave size is extended to beyond (1<<49), this type-casting will not work.
// It only impacts the enclave signing process. (32bit signing tool to sign 64 bit enclaves)
if((*sec_info->bitmap)[(size_t)(page_frame / 8)] & (1 << (page_frame % 8)))
sinfo.flags = sec_info->flag | SI_FLAG_W;
}
//call driver API to add page; raw_ptr needn't be page align, driver will handle page align;
if(SGX_SUCCESS != (ret = get_enclave_creator()->add_enclave_page(ENCLAVE_ID_IOCTL, raw_ptr, rva, sinfo, ADD_EXTEND_PAGE)))
{
//if add page failed , we should remove enclave somewhere;
return ret;
}
offset += SE_PAGE_SIZE;
rva = sec_info->rva + offset;
}
