1 // Copyright 2018 The Rust Project Developers. See the COPYRIGHT
2 // file at the top-level directory of this distribution and at
3 // http://rust-lang.org/COPYRIGHT.
5 // Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
6 // http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
7 // <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your
8 // option. This file may not be copied, modified, or distributed
9 // except according to those terms.
11 pub use fortanix_sgx_abi::*;
13 use io::{Error as IoError, Result as IoResult};
20 pub(crate) fn copy_user_buffer(buf: &alloc::UserRef<ByteBuffer>) -> Vec<u8> {
22 let buf = buf.to_enclave();
23 alloc::User::from_raw_parts(buf.data as _, buf.len).to_enclave()
27 pub fn read(fd: Fd, buf: &mut [u8]) -> IoResult<usize> {
29 let mut userbuf = alloc::User::<[u8]>::uninitialized(buf.len());
30 let len = raw::read(fd, userbuf.as_mut_ptr(), userbuf.len()).from_sgx_result()?;
31 userbuf[..len].copy_to_enclave(&mut buf[..len]);
36 pub fn read_alloc(fd: Fd) -> IoResult<Vec<u8>> {
38 let mut userbuf = alloc::User::<ByteBuffer>::uninitialized();
39 raw::read_alloc(fd, userbuf.as_raw_mut_ptr()).from_sgx_result()?;
40 Ok(copy_user_buffer(&userbuf))
44 pub fn write(fd: Fd, buf: &[u8]) -> IoResult<usize> {
46 let userbuf = alloc::User::new_from_enclave(buf);
47 raw::write(fd, userbuf.as_ptr(), userbuf.len()).from_sgx_result()
51 pub fn flush(fd: Fd) -> IoResult<()> {
52 unsafe { raw::flush(fd).from_sgx_result() }
55 pub fn close(fd: Fd) {
56 unsafe { raw::close(fd) }
59 fn string_from_bytebuffer(buf: &alloc::UserRef<ByteBuffer>, usercall: &str, arg: &str) -> String {
60 String::from_utf8(copy_user_buffer(buf))
61 .unwrap_or_else(|_| panic!("Usercall {}: expected {} to be valid UTF-8", usercall, arg))
64 pub fn bind_stream(addr: &str) -> IoResult<(Fd, String)> {
66 let addr_user = alloc::User::new_from_enclave(addr.as_bytes());
67 let mut local = alloc::User::<ByteBuffer>::uninitialized();
68 let fd = raw::bind_stream(
71 local.as_raw_mut_ptr()
73 let local = string_from_bytebuffer(&local, "bind_stream", "local_addr");
78 pub fn accept_stream(fd: Fd) -> IoResult<(Fd, String, String)> {
80 let mut bufs = alloc::User::<[ByteBuffer; 2]>::uninitialized();
81 let mut buf_it = alloc::UserRef::iter_mut(&mut *bufs); // FIXME: can this be done
82 // without forcing coercion?
83 let (local, peer) = (buf_it.next().unwrap(), buf_it.next().unwrap());
84 let fd = raw::accept_stream(
86 local.as_raw_mut_ptr(),
89 let local = string_from_bytebuffer(&local, "accept_stream", "local_addr");
90 let peer = string_from_bytebuffer(&peer, "accept_stream", "peer_addr");
95 pub fn connect_stream(addr: &str) -> IoResult<(Fd, String, String)> {
97 let addr_user = alloc::User::new_from_enclave(addr.as_bytes());
98 let mut bufs = alloc::User::<[ByteBuffer; 2]>::uninitialized();
99 let mut buf_it = alloc::UserRef::iter_mut(&mut *bufs); // FIXME: can this be done
100 // without forcing coercion?
101 let (local, peer) = (buf_it.next().unwrap(), buf_it.next().unwrap());
102 let fd = raw::connect_stream(
105 local.as_raw_mut_ptr(),
106 peer.as_raw_mut_ptr()
107 ).from_sgx_result()?;
108 let local = string_from_bytebuffer(&local, "connect_stream", "local_addr");
109 let peer = string_from_bytebuffer(&peer, "connect_stream", "peer_addr");
110 Ok((fd, local, peer))
114 pub fn launch_thread() -> IoResult<()> {
115 unsafe { raw::launch_thread().from_sgx_result() }
118 pub fn exit(panic: bool) -> ! {
119 unsafe { raw::exit(panic) }
122 pub fn wait(event_mask: u64, timeout: u64) -> IoResult<u64> {
123 unsafe { raw::wait(event_mask, timeout).from_sgx_result() }
126 pub fn send(event_set: u64, tcs: Option<Tcs>) -> IoResult<()> {
127 unsafe { raw::send(event_set, tcs).from_sgx_result() }
130 pub fn insecure_time() -> Duration {
131 let t = unsafe { raw::insecure_time() };
132 Duration::new(t / 1_000_000_000, (t % 1_000_000_000) as _)
135 pub fn alloc(size: usize, alignment: usize) -> IoResult<*mut u8> {
136 unsafe { raw::alloc(size, alignment).from_sgx_result() }
139 pub use self::raw::free;
141 fn check_os_error(err: Result) -> i32 {
142 // FIXME: not sure how to make sure all variants of Error are covered
143 if err == Error::NotFound as _ ||
144 err == Error::PermissionDenied as _ ||
145 err == Error::ConnectionRefused as _ ||
146 err == Error::ConnectionReset as _ ||
147 err == Error::ConnectionAborted as _ ||
148 err == Error::NotConnected as _ ||
149 err == Error::AddrInUse as _ ||
150 err == Error::AddrNotAvailable as _ ||
151 err == Error::BrokenPipe as _ ||
152 err == Error::AlreadyExists as _ ||
153 err == Error::WouldBlock as _ ||
154 err == Error::InvalidInput as _ ||
155 err == Error::InvalidData as _ ||
156 err == Error::TimedOut as _ ||
157 err == Error::WriteZero as _ ||
158 err == Error::Interrupted as _ ||
159 err == Error::Other as _ ||
160 err == Error::UnexpectedEof as _ ||
161 ((Error::UserRangeStart as _)..=(Error::UserRangeEnd as _)).contains(&err)
165 panic!("Usercall: returned invalid error value {}", err)
169 trait FromSgxResult {
172 fn from_sgx_result(self) -> IoResult<Self::Return>;
175 impl<T> FromSgxResult for (Result, T) {
178 fn from_sgx_result(self) -> IoResult<Self::Return> {
179 if self.0 == RESULT_SUCCESS {
182 Err(IoError::from_raw_os_error(check_os_error(self.0)))
187 impl FromSgxResult for Result {
190 fn from_sgx_result(self) -> IoResult<Self::Return> {
191 if self == RESULT_SUCCESS {
194 Err(IoError::from_raw_os_error(check_os_error(self)))