linux-sgx: Implement SGX IPFS as POSIX backend for file interaction (b…

…ytecodealliance#1489) This PR integrates an Intel SGX feature called Intel Protection File System Library (IPFS) into the runtime to create, operate and delete files inside the enclave, while guaranteeing the confidentiality and integrity of the data persisted. IPFS can be referred to here: https://www.intel.com/content/www/us/en/developer/articles/technical/overview-of-intel-protected-file-system-library-using-software-guard-extensions.html Introduce a cmake variable `WAMR_BUILD_SGX_IPFS`, when enabled, the files interaction API of WASI will leverage IPFS, instead of the regular POSIX OCALLs. The implementation has been written with light changes to sgx platform layer, so all the security aspects WAMR relies on are conserved. In addition to this integration, the following changes have been made: - The CI workflow has been adapted to test the compilation of the runtime and sample with the flag `WAMR_BUILD_SGX_IPFS` set to true - Introduction of a new sample that demonstrates the interaction of the files (called `file`), - Documentation of this new feature
fairhopeweb · Sep 28, 2022 · dfd16f8 · dfd16f8
1 parent fa736d1
commit dfd16f8
Show file tree

Hide file tree

Showing 20 changed files with 1,211 additions and 4 deletions.
diff --git a/.github/workflows/compilation_on_android_ubuntu.yml b/.github/workflows/compilation_on_android_ubuntu.yml
@@ -413,6 +413,15 @@ jobs:
           ./build.sh
           ./run.sh
 
+      - name: Build Sample [file]
+        if: ${{ matrix.light == 'green' }}
+        run: |
+          cd samples/file
+          mkdir build && cd build
+          cmake ..
+          cmake --build . --config Release --parallel 4
+          ./src/iwasm -f wasm-app/file.wasm -d .
+
       - name: Build Sample [multi-thread]
         if: ${{ matrix.light == 'green' }}
         run: |

diff --git a/.github/workflows/compilation_on_macos.yml b/.github/workflows/compilation_on_macos.yml
@@ -356,6 +356,15 @@ jobs:
           ./build.sh
           ./run.sh
 
+      - name: Build Sample [file]
+        if: ${{ matrix.light == 'green' }}
+        run: |
+          cd samples/file
+          mkdir build && cd build
+          cmake ..
+          cmake --build . --config Release --parallel 4
+          ./src/iwasm -f wasm-app/file.wasm -d .
+
       - name: Build Sample [multi-thread]
         if: ${{ matrix.light == 'green' }}
         run: |

diff --git a/.github/workflows/compilation_on_sgx.yml b/.github/workflows/compilation_on_sgx.yml
@@ -140,6 +140,7 @@ jobs:
             # "-DWAMR_BUILD_SIMD=1",
             "-DWAMR_BUILD_TAIL_CALL=1",
             "-DWAMR_DISABLE_HW_BOUND_CHECK=1",
+            "-DWAMR_BUILD_SGX_IPFS=1",
           ]
         os: [ubuntu-20.04]
         platform: [linux-sgx]
@@ -363,6 +364,15 @@ jobs:
           ./build.sh
           ./run.sh
 
+      - name: Build Sample [file]
+        if: ${{ matrix.light == 'green' }}
+        run: |
+          cd samples/file
+          mkdir build && cd build
+          cmake ..
+          cmake --build . --config Release --parallel 4
+          ./src/iwasm -f wasm-app/file.wasm -d .
+
       - name: Build Sample [multi-thread]
         if: ${{ matrix.light == 'green' }}
         run: |

diff --git a/README.md b/README.md
@@ -151,6 +151,7 @@ The WAMR [samples](./samples) integrate the iwasm VM core, application manager a
 
 - [**basic**](./samples/basic): Demonstrating how to use runtime exposed API's to call WASM functions, how to register native functions and call them, and how to call WASM function from native function.
 - **[simple](./samples/simple/README.md)**: The runtime is integrated with most of the WAMR APP libraries, and a few WASM applications are provided for testing the WAMR APP API set. It uses **built-in libc** and executes apps in **interpreter** mode by default.
+- **[file](./samples/file/README.md)**: Demonstrating the supported file interaction API of WASI. This sample can also demonstrate the SGX IPFS (Intel Protected File System), enabling an enclave to seal and unseal data at rest.
 - **[littlevgl](./samples/littlevgl/README.md)**: Demonstrating the graphic user interface application usage on WAMR. The whole [LVGL](https://github.com/lvgl/lvgl) 2D user graphic library and the UI application are built into WASM application.  It uses **WASI libc** and executes apps in **AOT mode** by default.
 - **[gui](./samples/gui/README.md)**: Move the [LVGL](https://github.com/lvgl/lvgl) library into the runtime and define a WASM application interface by wrapping the littlevgl API. It uses **WASI libc** and executes apps in **interpreter** mode by default.
 - **[multi-thread](./samples/multi-thread/)**: Demonstrating how to run wasm application which creates multiple threads to execute wasm functions concurrently, and uses mutex/cond by calling pthread related API's.

diff --git a/build-scripts/config_common.cmake b/build-scripts/config_common.cmake
@@ -287,3 +287,7 @@ if (WAMR_BUILD_STACK_GUARD_SIZE GREATER 0)
     add_definitions (-DWASM_STACK_GUARD_SIZE=${WAMR_BUILD_STACK_GUARD_SIZE})
     message ("     Custom stack guard size: " ${WAMR_BUILD_STACK_GUARD_SIZE})
 endif ()
+if (WAMR_BUILD_SGX_IPFS EQUAL 1)
+    add_definitions (-DWASM_ENABLE_SGX_IPFS=1)
+    message ("     SGX IPFS enabled")
+endif ()
diff --git a/core/config.h b/core/config.h
@@ -407,4 +407,8 @@
 #define WASM_ENABLE_REF_TYPES 0
 #endif
 
+#ifndef WASM_ENABLE_SGX_IPFS
+#define WASM_ENABLE_SGX_IPFS 0
+#endif
+
 #endif /* end of _CONFIG_H_ */
diff --git a/core/shared/platform/linux-sgx/sgx_file.c b/core/shared/platform/linux-sgx/sgx_file.c
@@ -7,6 +7,10 @@
 #include "sgx_error.h"
 #include "sgx_file.h"
 
+#if WASM_ENABLE_SGX_IPFS != 0
+#include "sgx_ipfs.h"
+#endif
+
 #ifndef SGX_DISABLE_WASI
 
 #define TRACE_FUNC() os_printf("undefined %s\n", __FUNCTION__)
@@ -184,6 +188,22 @@ openat(int dirfd, const char *pathname, int flags, ...)
 
     if (fd == -1)
         errno = get_errno();
+
+#if WASM_ENABLE_SGX_IPFS != 0
+    // When WAMR uses Intel SGX IPFS to enabled, it opens a second
+    // file descriptor to interact with the secure file.
+    // The first file descriptor opened earlier is used to interact
+    // with the metadata of the file (e.g., time, flags, etc.).
+    int ret;
+    void *file_ptr = ipfs_fopen(fd, pathname, flags);
+    if (file_ptr == NULL) {
+        if (ocall_close(&ret, fd) != SGX_SUCCESS) {
+            TRACE_OCALL_FAIL();
+        }
+        return -1;
+    }
+#endif
+
     return fd;
 }
 
@@ -192,6 +212,13 @@ close(int fd)
 {
     int ret;
 
+#if WASM_ENABLE_SGX_IPFS != 0
+    // Close the IPFS file pointer in addition of the file descriptor
+    ret = ipfs_close(fd);
+    if (ret == -1)
+        errno = get_errno();
+#endif
+
     if (ocall_close(&ret, fd) != SGX_SUCCESS) {
         TRACE_OCALL_FAIL();
         return -1;
@@ -345,6 +372,12 @@ readv_internal(int fd, const struct iovec *iov, int iovcnt, bool has_offset,
     if (total_size >= UINT32_MAX)
         return -1;
 
+#if WASM_ENABLE_SGX_IPFS != 0
+    if (fd > 2) {
+        return ipfs_read(fd, iov, iovcnt, has_offset, offset);
+    }
+#endif
+
     iov1 = BH_MALLOC((uint32)total_size);
 
     if (iov1 == NULL)
@@ -410,6 +443,12 @@ writev_internal(int fd, const struct iovec *iov, int iovcnt, bool has_offset,
     if (total_size >= UINT32_MAX)
         return -1;
 
+#if WASM_ENABLE_SGX_IPFS != 0
+    if (fd > 2) {
+        return ipfs_write(fd, iov, iovcnt, has_offset, offset);
+    }
+#endif
+
     iov1 = BH_MALLOC((uint32)total_size);
 
     if (iov1 == NULL)
@@ -468,12 +507,18 @@ off_t
 lseek(int fd, off_t offset, int whence)
 {
     off_t ret;
+
+#if WASM_ENABLE_SGX_IPFS != 0
+    ret = ipfs_lseek(fd, offset, whence);
+#else
     if (ocall_lseek(&ret, fd, (long)offset, whence) != SGX_SUCCESS) {
         TRACE_OCALL_FAIL();
         return -1;
     }
     if (ret == -1)
         errno = get_errno();
+#endif
+
     return ret;
 }
 
@@ -482,12 +527,17 @@ ftruncate(int fd, off_t length)
 {
     int ret;
 
+#if WASM_ENABLE_SGX_IPFS != 0
+    ret = ipfs_ftruncate(fd, length);
+#else
     if (ocall_ftruncate(&ret, fd, length) != SGX_SUCCESS) {
         TRACE_OCALL_FAIL();
         return -1;
     }
     if (ret == -1)
         errno = get_errno();
+#endif
+
     return ret;
 }
 
@@ -554,12 +604,17 @@ fsync(int fd)
 {
     int ret;
 
+#if WASM_ENABLE_SGX_IPFS != 0
+    ret = ipfs_fflush(fd);
+#else
     if (ocall_fsync(&ret, fd) != SGX_SUCCESS) {
         TRACE_OCALL_FAIL();
         return -1;
     }
     if (ret == -1)
         errno = get_errno();
+#endif
+
     return ret;
 }
 
@@ -568,12 +623,17 @@ fdatasync(int fd)
 {
     int ret;
 
+#if WASM_ENABLE_SGX_IPFS != 0
+    ret = ipfs_fflush(fd);
+#else
     if (ocall_fdatasync(&ret, fd) != SGX_SUCCESS) {
         TRACE_OCALL_FAIL();
         return -1;
     }
     if (ret == -1)
         errno = get_errno();
+#endif
+
     return ret;
 }
 
@@ -801,10 +861,14 @@ posix_fallocate(int fd, off_t offset, off_t len)
 {
     int ret;
 
+#if WASM_ENABLE_SGX_IPFS != 0
+    ret = ipfs_posix_fallocate(fd, offset, len);
+#else
     if (ocall_posix_fallocate(&ret, fd, offset, len) != SGX_SUCCESS) {
         TRACE_OCALL_FAIL();
         return -1;
     }
+#endif
 
     return ret;
 }