switched random interface to rdrand style, return a register of rando…

…m data rather than touch buffers (#39)
keystone-enclave · Apr 29, 2019 · a280c5f · a280c5f
1 parent a0fb0c1
commit a280c5f
Show file tree

Hide file tree

Showing 8 changed files with 16 additions and 49 deletions.
diff --git a/machine/mtrap.c b/machine/mtrap.c
@@ -186,8 +186,8 @@ void mcall_trap(uintptr_t* regs, uintptr_t mcause, uintptr_t mepc)
     case SBI_SM_ATTEST_ENCLAVE:
       retval = mcall_sm_attest_enclave(arg0, arg1, arg2);
       break;
-    case SBI_SM_ENCLAVE_GETRANDOM:
-      retval = mcall_sm_enclave_getrandom(arg0, arg1);
+    case SBI_SM_RANDOM:
+      retval = mcall_sm_random();
       break;
     case SBI_SM_NOT_IMPLEMENTED:
       retval = mcall_sm_not_implemented(regs, arg0);

diff --git a/sm/enclave.c b/sm/enclave.c
@@ -402,9 +402,9 @@ enclave_ret_t create_enclave(struct keystone_sbi_create_t create_args)
   /* Validate memory, prepare hash and signature for attestation */
   spinlock_lock(&encl_lock);
   enclaves[eid].state = FRESH;
-
   ret = validate_and_hash_enclave(&enclaves[eid],
                                   &create_args);
+
   spinlock_unlock(&encl_lock);
 
   if(ret != ENCLAVE_SUCCESS)
@@ -451,6 +451,7 @@ enclave_ret_t destroy_enclave(eid_t eid)
   // requires no lock (single runner)
   void* base = (void*) pmp_region_get_addr(enclaves[eid].rid);
   size_t size = (size_t) pmp_region_get_size(enclaves[eid].rid);
+
   memset((void*) base, 0, size);
 
   // 2. free pmp region
@@ -608,25 +609,3 @@ enclave_ret_t attest_enclave(uintptr_t report_ptr, uintptr_t data, uintptr_t siz
 
   return ENCLAVE_SUCCESS;
 }
-
-
-#define MAX_SM_STACK_BUFFER 256
-enclave_ret_t enclave_getrandom(uint8_t* buffer, uintptr_t size, eid_t eid){
-
-  unsigned char rnd_buffer[MAX_SM_STACK_BUFFER];
-  uintptr_t copy_size;
-  enclave_ret_t ret;
-  do{
-    copy_size = size <= MAX_SM_STACK_BUFFER?size:MAX_SM_STACK_BUFFER;
-
-    platform_getrandom_fill(rnd_buffer, copy_size);
-    ret = copy_to_enclave(&(enclaves[eid]), buffer, rnd_buffer, copy_size);
-
-    if( ret != ENCLAVE_SUCCESS)
-      return ret;
-
-    size -= copy_size;
-    buffer = buffer+copy_size;
-  }while(size > 0);
-  return ENCLAVE_SUCCESS;
-}
diff --git a/sm/enclave.h b/sm/enclave.h
@@ -97,7 +97,6 @@ enclave_ret_t resume_enclave(uintptr_t* regs, eid_t eid);
 enclave_ret_t exit_enclave(uintptr_t* regs, unsigned long retval, eid_t eid);
 enclave_ret_t stop_enclave(uintptr_t* regs, uint64_t request, eid_t eid);
 enclave_ret_t attest_enclave(uintptr_t report, uintptr_t data, uintptr_t size, eid_t eid);
-enclave_ret_t enclave_getrandom(uint8_t* buffer, uintptr_t size, eid_t eid);
 /* attestation and virtual mapping validation */
 enclave_ret_t validate_and_hash_enclave(struct enclave_t* enclave, struct keystone_sbi_create_t* cargs);
 // TODO: These functions are supposed to be internal functions.

diff --git a/sm/platform.h b/sm/platform.h
@@ -19,7 +19,8 @@ void platform_switch_from_enclave(struct platform_enclave_data_t* enclave);
 // void platform_switch_between_enclaves(platform_enclave_data_t* enclaveA,
 //                                       platform_enclave_data_t* enclaveB);
 
-/* This is a required feature, it must be filled on demand and never
-   fail. If it would fail it may power off instead. */
-void platform_getrandom_fill(uint8_t* buffer, unsigned long size);
+/* This is a required feature, it must return 64bits of random data on
+   demand and never fail. If it would fail it may power off
+   instead. */
+uint64_t platform_random();
 #endif /* _PLATFORM_H_ */
diff --git a/sm/platform/default/default.c b/sm/platform/default/default.c
@@ -13,15 +13,9 @@ void platform_switch_from_enclave(struct platform_enclave_data_t* enclave){
   return;
 }
 
-
-void platform_getrandom_fill(uint8_t* buffer, unsigned long size){
-
+uint64_t platform_random(){
 #pragma message("Platform has no entropy source, this is unsafe. TEST ONLY")
   unsigned long cycles;
-  while(size > 0){
-    asm volatile ("rdcycle %0" : "=r" (cycles));
-    *buffer = cycles % 255;
-    size--;
-    buffer++;
-  }
+  asm volatile ("rdcycle %0" : "=r" (cycles));
+  return cycles;
 }
diff --git a/sm/sm-sbi.c b/sm/sm-sbi.c
@@ -8,6 +8,7 @@
 #include "page.h"
 #include "cpu.h"
 #include <errno.h>
+#include "platform.h"
 
 uintptr_t mcall_sm_create_enclave(uintptr_t create_args)
 {
@@ -111,16 +112,9 @@ uintptr_t mcall_sm_attest_enclave(uintptr_t report, uintptr_t data, uintptr_t si
   return attest_enclave(report, data, size, cpu_get_enclave_id());
 }
 
-uintptr_t mcall_sm_enclave_getrandom(uintptr_t buffer, uintptr_t size)
+uintptr_t mcall_sm_random()
 {
-  /* only an enclave itself can call this SBI */
-  if (!cpu_is_enclave_context()) {
-    return ENCLAVE_SBI_PROHIBITED;
-  }
-
-  eid_t eid = cpu_get_enclave_id();
-
-  return enclave_getrandom((uint8_t*)buffer, size, eid);
+  return platform_random();
 }
 
 /* TODO: this should be removed in the future. */

diff --git a/sm/sm-sbi.h b/sm/sm-sbi.h
@@ -20,5 +20,5 @@ uintptr_t mcall_sm_not_implemented(uintptr_t* regs, unsigned long a0);
 uintptr_t mcall_sm_stop_enclave(uintptr_t* regs, unsigned long request);
 uintptr_t mcall_sm_resume_enclave(uintptr_t* regs, unsigned long eid);
 uintptr_t mcall_sm_attest_enclave(uintptr_t report, uintptr_t data, uintptr_t size);
-uintptr_t mcall_sm_enclave_getrandom(uintptr_t buffer, uintptr_t size);
+uintptr_t mcall_sm_random();
 #endif
diff --git a/sm/sm.h b/sm/sm.h
@@ -19,7 +19,7 @@
 #define SBI_SM_RUN_ENCLAVE       105
 #define SBI_SM_STOP_ENCLAVE      106
 #define SBI_SM_RESUME_ENCLAVE    107
-#define SBI_SM_ENCLAVE_GETRANDOM 108
+#define SBI_SM_RANDOM            108
 #define SBI_SM_EXIT_ENCLAVE     1101
 #define SBI_SM_NOT_IMPLEMENTED  1111