-
Notifications
You must be signed in to change notification settings - Fork 7
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Compatibility with the new SSA convention #33
Conversation
Okay great, we can keep this for now I think. Even when having one SSA and a scheduler we might need this. Also, later we should have a field here for the caller_id.
Hm, I see you aliased sm_sp now to the SSA location. I think this is not always okay though(!) The current stubs use sm_sp in the entry/exit logic for inter-enclave calls/rets. Be aware that the SSA registers are supposed to be fully transparent and can be overwritten at any moment (outside dint/eint region) by the HW IRQ logic. Any global variables like _sm_sp would have to be stored above the SSA frame, as a thread-local var. To make this clearer, I suggest to rename things to |
Latest changes:
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
partial review of compiler
This anticipates expected changes to the behavior of the sancus_get_caller_id() runtime function to be merged in sancus-tee/sancus-compiler#33
I added some notes on caller_id behavior changes above. Thinking further about it, I think you do need to implement this with a compiler intrinsic, at least partially. Otherwise you'd have to pass the name of the calling SM all the time to rewrite the symbol to the function that will be inserted by the linker. Maybe the cleanest/most maintainable is a hybrid approach:
|
I added a commit that implements the compiler intrinsic for |
I'd like #13 to be still fixed before merging, because it directly affects the availability guarantees of Aion and should be fixable now that we're already rewriting the entry/exit stubs thoroughly. Best to have this all merged at once, so we can update the CI tests (and nemesis/sancus-step calibration etc) as needed and hopefully have everything working nicely together :) |
#13 is now addressed in the newest commits.
|
the current design with a single ocall_id doesn't work when considering nested ecalls (where an SM can call back into the caller SM which may itself call other SMs again, which is possible in C function calls and with the current stubs). If we want to support that we prob need to save them on the stack. The bigger issue is that we cannot guarantee thread isolation in this case: eg consider 2 mutually distrusting threads: T1 with enclaves A-B and T2 with enclave C T1:A -ocall-> B ; IRQ, scheduler-ecall-> T2:C -ecall-> A; IRQ, scheduler-reti-> T1:B-oret->A At this point A has context for both T1 and T2 on the same call stack, plus an SSA frame for T2 (!) I don't see an easy solution for this (apart from maintaining a threadID as I did in my earlier availability prototype, to maintain the invariant that an enclave allocates max 1 SSA/stack per thread) or disallowing nested ecalls altogether (ie a type of restricted call graph without backarrows, which puts some burden on the programmer, but can be enforced in the stub I think) |
I think you're mixing up nested ecalls with multiple SSAs here. Nested ECALLs: A -> B -> C. This should work with the current solution. We decided earlier that our solution for now only supports a single SSA frame. If we want to change this, that would be a whole bunch of other changes but even then, the ocall_id would still be on the SSA frame and would not need changing. If you really want, we can address this in future PRs but I don't see the benefit that much in adding it right now |
wait now I'm confused myself 🤔 does one SSA mean that nested ecalls are not allowed? where is this enforced in the stub? |
I tried to code up my proposal to properly enforce this (and not allow backcalls) as per 1dd1beb but I'd be happy to revert this if it turns out not needed? |
I agree to properly support this we'd have to use multiple SSAs. My point is that afaik the call from C->A should not be allowed, but will not return an error without my modifications in the latest commit above. In this case, C is the attacker and will call into A to try to break availability of thread T1. To properly support backcalls, one would need a notion of trusted threadIDs, even with a single SSA per SM. Note that this can be totally legitimate use case as well, eg A calls B and B calls back into A and A returns to B and B finally retuns to A, right? |
This simplifies the entry stub considerably and enables thread isolation guarantees for Aion.
good point, nice catch! 👍 That can be fixed though I think by sanitizing r6 on entry, eg a simple fix would be to mask the highest bit of r6 on entry ( Do you agree that would be a way forward to fix this issue and finalize the merge? |
hm good idea, I think this could work on aion-cores, but then we again have issue on non-aion sancus-cores right? So, unless there's a security counterargument, I would simply sanitize r6 on entry |
no .Lerror is a local label and I'm now preparing a commit proposal fix |
Since now we use a dedicated SSA region, instead of the stack, to store interrupted execution context, we don't need to setup the stack within the atomic region anymore. Also note that the atomic entry section will already take care of restoring the SSA (including sm_ssa_sp) if the enclave was interrupted.
@fritzalder the 2 above commits could use a careful review to make sure I didn't screw anything up? xD |
These are small changes in the linker and the sm_entry and sm_exit stubs to make the linker compatible with the upcoming SSA changes (see sancus-tee/sancus-core#24 )
The linker contains SSA labels for:
Additionally, the linker also has a ssa_thread_id which lies above the SSA at ssa_base+2 for later compatibility when adding actual threading to the SSAs. This can be removed if you find it unclean to add this now.
Also, since we technically only need ssa_base from now on, we could refactor all stubs to recalculate the SP or PC etc from ssa_base on instead of keeping the ssa_sp and ssa_pc labels. But I am not sure whether sm_pc is needed elsewhere so I refrained from renaming it.