Compile tee-worker against rust-sgx-sdk v2.0 #2623
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Kailai-Wang
added
the
C1-noteworthy
|
It's not guaranteed that I wrote out all noticeable things - if I have something later I'll add it. |
kziemianek
approved these changes
Apr 8, 2024
|
2.21 SDK update is blocked by apache/incubator-teaclave-sgx-sdk#456 (mainly CLI tools) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Context
After a few weeks' intermittent work, finally, we may rejoice.
Important
This PR is ready to be reviewed and merged, but I suggest that we wait until state provisioning is tested on some host.
In theory, the change in this PR doesn't affect the client, but I label it as
C1to mark as a hint to any unexpected error (e.g. SEGV) that might arise.Why do we need a new SDK
The main reasons are:
serde_json) have nowno_stdsupport, however, they need a newer rustc too. It's preferred to use no-std crate over ported sgx version of crates.SDK
I'm using v2.0.0-preview branch of rust sgx sdk, this branch is not "officially" released but has been there for a while. It has been sporadically worked on, the unittests and samplecode are provided too - I tested most of them - looking good.
I do need to make some small adjustments in my own fork, please check TOML files for overriding:
.cppfile compiles under ubuntu20, but not on ubutu22 due to a different (newer) gcc verisonI'm considering submitting them as upstream PRs.
The associated rust-toolchain version is
nightly-2023-11-17, but I believe it's possible to further upgrade it.Other SDK-related files
I basically follow the example code in the sdk-v2.0 for the following files:
BUILD_STD)Other SGX ported crates
I need to manually fork a bunch of sgx-ported crates to pair with the sdk-v2.0 (mainly
sgx_tstddep): https://github.com/Kailai-Wang?tab=repositories&q=sgxThey are under my personal workspace for now but can be migrated to
litentry/org after we obversing that they work well.Among those crates,
once_cellis the (only?) one that hasno_stdsupport but I still use the ported version, because it demands somecritical-sectionimplementation, which is unclear under sgx - I haven't found any either.Note
The following are the problems / issues that I've met during the re-anchoring, some are resolved, some are work-arounded, some still need further investigation.
Intel SGX-SDK version
I have to use Intel sgx-sdk version 2.17, otherwise you'll get unmatched error when signing the enclave, see apache/incubator-teaclave-sgx-sdk#387
But in general, it should be possible to adjust it for newer sdk - we can have follow-up issues. We also need to test HW mode on a real host (preferrably ubuntu22.04) to see how it goes. Both CI and my local tests are conducted in SW mode.
De-/serialization of
Rsa3072KeyPairIn sdk-v2.0, it implements
sgx_serialize::{Deserialize, Serialize}. I was thinking about replacing it with no_stdserdebut eventually ditched it, mainly because:sgx_serializeis widely used in sdk for other structs too, so I didn't mess around with it (in case others depend on the de-/serialization result of it)As a result, I use
sgx_serialize::json::{encode, decode}to deal with Rsa3072KeyPair de/ser. It should produce the same result as before and our ts-test should prove that.SgxFile could be unstable
SgxFile is moved to
sgx_tprotected_fs::SgxFile, there's a newHostFilestruct. These seem to incur some problems with SgxFile creation/open/read:u_sgxfs_open_ocall- see fix aboveeven though the file is there. This must have something to do with the new
HostFileimpl. We can further look into this, but we should always be able to provision the state via RPC.Use of
USE_OPT_LIBS ?= 0I have to use
USE_OPT_LIBS ?= 0, otherwisesgx_crypto_sysandsgx_tlibc_syscomplain prebuilt libs can't be found.There's
optimized_libs/external/libirc/efi2/libirc.abut notlibm*=> maybe we can further improve this.Use of
SGX_DEBUG=1As you can see in Makefile, I use
SGX_DEBUG=1for the enclave compilation, and strip the symbols in the end to reduce the .so size. If compiled withSGX_DEBUG=0- which basically impliesreleaseprofile forcargo- the enclave will emit a SEGV during initialization, I've narrowed it down to this line:I didn't look into it as it could lie in somewhere deep (like compiler or fundamental crates/impl). Maybe it will be self-resolved as we upgrade them, but I can ask in upstream repo again
Use of
cargo updateMost crates can be upgraded with a few exceptions:
rustls-pki-types=> has to be pinned at0.2.1substrate-bip39=> has to be pinned at0.4.4They could be self-resolved when we upgrade the crate/tc version.
Tip
So given that 371 files are changed, how to review this PR?
Mainly these files:
MakefileTOMLfiles, especiallytee-worker/Cargo.tomlandtee-worker/enclave-runtime/Cargo.toml.rsfiles with non-trivial changes, by "trivial" I mean renaming likesgx_status_t=>SgxStatus.