Skip to content

Commit

Permalink
Update SGX SDK to 2.20.100.4 (#430)
Browse files Browse the repository at this point in the history
  • Loading branch information
nick-mobilecoin authored Oct 17, 2023
2 parents 90d236e + d7f8968 commit c890555
Show file tree
Hide file tree
Showing 13 changed files with 161 additions and 62 deletions.
4 changes: 2 additions & 2 deletions .devcontainer/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -12,14 +12,14 @@ RUN apt-get update \
&& rm -r /var/lib/apt/lists

# Install SGX_SDK
ARG SGX_URL=https://download.01.org/intel-sgx/sgx-linux/2.19/distro/ubuntu22.04-server/sgx_linux_x64_sdk_2.19.100.3.bin
ARG SGX_URL=https://download.01.org/intel-sgx/sgx-linux/2.20/distro/ubuntu22.04-server/sgx_linux_x64_sdk_2.20.100.4.bin
RUN curl -o sgx.bin "${SGX_URL}" \
&& chmod +x ./sgx.bin \
&& ./sgx.bin --prefix=/opt/intel \
&& rm ./sgx.bin

# Install DCAP libraries
ARG DCAP_VERSION=1.16.100.2-jammy1
ARG DCAP_VERSION=1.17.100.4-jammy1
RUN mkdir -p /etc/apt/keyrings \
&& wget -qO - https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key | gpg --dearmor | tee /etc/apt/keyrings/intel-sgx.gpg > /dev/null \
&& echo "deb [arch=amd64 signed-by=/etc/apt/keyrings/intel-sgx.gpg] https://download.01.org/intel-sgx/sgx_repo/ubuntu jammy main" | tee /etc/apt/sources.list.d/intel-sgx.list \
Expand Down
18 changes: 9 additions & 9 deletions .github/workflows/ci.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,7 @@ jobs:
- uses: actions/checkout@v4
- uses: mobilecoinfoundation/actions/dcap-libs@main
with:
version: 1.16.100.2-jammy1
version: 1.17.100.4-jammy1
- id: suppression
run: |
if [ "${{ matrix.rust }}" == "stable" ]; then
Expand Down Expand Up @@ -98,10 +98,10 @@ jobs:
- uses: actions/checkout@v4
- uses: mobilecoinfoundation/actions/sgxsdk@main
with:
version: 2.19.100.3
version: 2.20.100.4
- uses: mobilecoinfoundation/actions/dcap-libs@main
with:
version: 1.16.100.2-jammy1
version: 1.17.100.4-jammy1
- uses: dtolnay/rust-toolchain@master
with:
toolchain: ${{ matrix.rust }}
Expand All @@ -122,10 +122,10 @@ jobs:
- uses: actions/checkout@v4
- uses: mobilecoinfoundation/actions/sgxsdk@main
with:
version: 2.19.100.3
version: 2.20.100.4
- uses: mobilecoinfoundation/actions/dcap-libs@main
with:
version: 1.16.100.2-jammy1
version: 1.17.100.4-jammy1
- uses: dtolnay/rust-toolchain@master
with:
toolchain: ${{ matrix.rust }}
Expand All @@ -146,10 +146,10 @@ jobs:
- uses: actions/checkout@v4
- uses: mobilecoinfoundation/actions/sgxsdk@main
with:
version: 2.19.100.3
version: 2.20.100.4
- uses: mobilecoinfoundation/actions/dcap-libs@main
with:
version: 1.16.100.2-jammy1
version: 1.17.100.4-jammy1
- uses: dtolnay/rust-toolchain@master
with:
toolchain: ${{ matrix.rust }}
Expand Down Expand Up @@ -187,10 +187,10 @@ jobs:
- uses: actions/checkout@v4
- uses: mobilecoinfoundation/actions/sgxsdk@main
with:
version: 2.19.100.3
version: 2.20.100.4
- uses: mobilecoinfoundation/actions/dcap-libs@main
with:
version: 1.16.100.2-jammy1
version: 1.17.100.4-jammy1
- uses: dtolnay/rust-toolchain@stable
with:
components: llvm-tools-preview
Expand Down
4 changes: 4 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0

## [Unreleased] - ReleaseDate

### Changed

- The SGX SDK version is now 2.20.100.4

## [0.8.0] - 2023-09-21

### Added
Expand Down
8 changes: 6 additions & 2 deletions core/build/headers/sgx_attributes.h
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,9 @@
#define SGX_FLAGS_MODE64BIT 0x0000000000000004ULL /* If set, then the enclave is 64 bit */
#define SGX_FLAGS_PROVISION_KEY 0x0000000000000010ULL /* If set, then the enclave has access to provision key */
#define SGX_FLAGS_EINITTOKEN_KEY 0x0000000000000020ULL /* If set, then the enclave has access to EINITTOKEN key */
#define SGX_FLAGS_KSS 0x0000000000000080ULL /* If set enclave uses KSS */
#define SGX_FLAGS_KSS 0x0000000000000080ULL /* If set, then the enclave uses KSS */
#define SGX_FLAGS_AEX_NOTIFY 0x0000000000000400ULL /* If set, then the enclave enables AEX Notify */


#define SGX_FLAGS_NON_CHECK_BITS 0x00FF000000000000ULL /* BIT[55-48] will not be checked */

Expand All @@ -60,7 +62,9 @@ typedef struct _attributes_t
uint64_t xfrm;
} sgx_attributes_t;

/* define MISCSELECT - all bits are currently reserved */
/* Define MISCSELECT
* bit 0: EXINFO
* bit 31-1: reserved(0) */
typedef uint32_t sgx_misc_select_t;

typedef struct _sgx_misc_attribute_t {
Expand Down
4 changes: 2 additions & 2 deletions core/build/headers/sgx_dcap_quoteverify.h
Original file line number Diff line number Diff line change
Expand Up @@ -187,7 +187,7 @@ quote3_error_t tdx_qv_get_quote_supplemental_data_size(uint32_t *p_data_size);
* @param p_quote_verification_result[OUT] - Address of the outputted quote verification result.
* @param p_qve_report_info[IN/OUT] - This parameter can be used in 2 ways.
* If p_qve_report_info is NOT NULL, the API will use Intel QvE to perform quote verification, and QvE will generate a report using the target_info in sgx_ql_qe_report_info_t structure.
* if p_qve_report_info is NULL, the API will use QVL library to perform quote verification, not that the results can not be cryptographically authenticated in this mode.
* if p_qve_report_info is NULL, the API will use QVL library to perform quote verification, note that the results can not be cryptographically authenticated in this mode.
* @param supplemental_data_size[IN] - Size of the buffer pointed to by p_quote (in bytes).
* @param p_supplemental_data[OUT] - The parameter is optional. If it is NULL, supplemental_data_size must be 0.
*
Expand All @@ -203,7 +203,7 @@ quote3_error_t tdx_qv_get_quote_supplemental_data_size(uint32_t *p_data_size);
quote3_error_t tdx_qv_verify_quote(
const uint8_t *p_quote,
uint32_t quote_size,
const tdx_ql_qve_collateral_t *p_quote_collateral,
const tdx_ql_qv_collateral_t *p_quote_collateral,
const time_t expiration_check_date,
uint32_t *p_collateral_expiration_status,
sgx_ql_qv_result_t *p_quote_verification_result,
Expand Down
17 changes: 14 additions & 3 deletions core/build/headers/sgx_ql_lib_common.h
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,7 @@ typedef enum _quote3_error_t {
SGX_QL_ATT_KEY_BLOB_ERROR = SGX_QL_MK_ERROR(0x000a), ///< There is a problem with the attestation key blob.
SGX_QL_UNSUPPORTED_ATT_KEY_ID = SGX_QL_MK_ERROR(0x000b), ///< Unsupported attestation key ID.
SGX_QL_UNSUPPORTED_LOADING_POLICY = SGX_QL_MK_ERROR(0x000c), ///< Unsupported enclave loading policy.
SGX_QL_INTERFACE_UNAVAILABLE = SGX_QL_MK_ERROR(0x000d), ///< Unable to load the QE enclave
SGX_QL_INTERFACE_UNAVAILABLE = SGX_QL_MK_ERROR(0x000d), ///< Unable to load the PCE enclave
SGX_QL_PLATFORM_LIB_UNAVAILABLE = SGX_QL_MK_ERROR(0x000e), ///< Unable to find the platform library with the dependent APIs. Not fatal.
SGX_QL_ATT_KEY_NOT_INITIALIZED = SGX_QL_MK_ERROR(0x000f), ///< The attestation key doesn't exist or has not been certified.
SGX_QL_ATT_KEY_CERT_DATA_INVALID = SGX_QL_MK_ERROR(0x0010), ///< The certification data retrieved from the platform library is invalid.
Expand Down Expand Up @@ -141,6 +141,8 @@ typedef enum _quote3_error_t {

SGX_QL_TCB_NOT_SUPPORTED = SGX_QL_MK_ERROR(0x0066), ///< Current TCB level cannot be found in platform/enclave TCB info

SGX_QL_CONFIG_INVALID_JSON = SGX_QL_MK_ERROR(0x0067), ///< The QPL's config file is in JSON format but has a format error

SGX_QL_ERROR_MAX = SGX_QL_MK_ERROR(0x00FF), ///< Indicate max error to allow better translation.

} quote3_error_t;
Expand All @@ -159,7 +161,7 @@ typedef struct _sgx_ql_pck_cert_id_t
uint32_t qe3_id_size; ///< The Size of hte QE_ID (currenlty 16 bytes)
sgx_cpu_svn_t *p_platform_cpu_svn; ///< Pointer to the platform's raw CPUSVN
sgx_isv_svn_t *p_platform_pce_isv_svn; ///< Pointer to the platform's raw PCE ISVSVN
uint8_t *p_encrypted_ppid; ///< Pointer to the enccrypted PPID (Optional)
uint8_t *p_encrypted_ppid; ///< Pointer to the encrypted PPID (Optional)
uint32_t encrypted_ppid_size; ///< Size of encrytped PPID.
uint8_t crypto_suite; ///< Crypto algorithm used to encrypt the PPID
uint16_t pce_id; ///< Identifies the PCE-Version used to generate the encrypted PPID.
Expand All @@ -178,7 +180,7 @@ typedef struct _sgx_ql_config_t
sgx_cpu_svn_t cert_cpu_svn; ///< The CPUSVN used to generate the PCK Signature used to certify the attestation key.
sgx_isv_svn_t cert_pce_isv_svn; ///< The PCE ISVSVN used to generate the PCK Signature used to certify the attestation key.
uint32_t cert_data_size; ///< The size of the buffer pointed to by p_cert_data
uint8_t *p_cert_data; ///< The certificaton data used for the quote.
uint8_t *p_cert_data; ///< The certification data used for the quote.
///todo: It is the assumed to be the PCK Cert Chain. May want to change to support other cert types.
} sgx_ql_config_t;

Expand Down Expand Up @@ -244,8 +246,17 @@ typedef enum _sgx_prod_type_t {
SGX_PROD_TYPE_TDX = 1,
} sgx_prod_type_t;

typedef enum _sgx_qpl_cache_type_t {
SGX_QPL_CACHE_CERTIFICATE = 1 << 0,
SGX_QPL_CACHE_QV_COLLATERAL = 1 << 1,
SGX_QPL_CACHE_MULTICERTS = 1 << 2,
} sgx_qpl_cache_type_t;

#ifndef tdx_ql_qve_collateral_t
typedef sgx_ql_qve_collateral_t tdx_ql_qve_collateral_t;

// Deprecate structure name tdx_ql_qve_collateral_t
typedef tdx_ql_qve_collateral_t tdx_ql_qv_collateral_t;
#endif

#endif //_SGX_QL_LIB_COMMON_H_
6 changes: 4 additions & 2 deletions core/build/headers/sgx_qve_header.h
Original file line number Diff line number Diff line change
Expand Up @@ -77,8 +77,10 @@ typedef enum _pck_cert_flag_enum_t {
#define PLATFORM_INSTANCE_ID_SIZE 16

// Each Intel Advisory size is ~16 bytes
// Assume each TCB level has 10 advisoryIDs at the very most
#define MAX_SA_LIST_SIZE 160
// Assume each TCB level has 20 advisoryIDs at the very most
#define MAX_SA_SIZE 20
#define MAX_SA_NUMBER_PER_TCB 20
#define MAX_SA_LIST_SIZE 320

// Nameless struct generates C4201 warning in MS compiler, but it is allowed in c++ 11 standard
// Should remove the pragma after Microsoft fixes this issue
Expand Down
99 changes: 99 additions & 0 deletions core/build/headers/sgx_trts_aex.h
Original file line number Diff line number Diff line change
@@ -0,0 +1,99 @@
/*
* Copyright (C) 2011-2021 Intel Corporation. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* * Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* * Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
* * Neither the name of Intel Corporation nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
* OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/



/**
* File: sgx_trts_aex.h
* Description:
* Header file for aex notify handling APIs.
*/

#ifndef _SGX_TRTS_AEX_H_
#define _SGX_TRTS_AEX_H_

#include <stdint.h>
#include <stddef.h>
#include "sgx_defs.h"
#include "sgx_trts_exception.h"
#include "sgx_error.h"

typedef void (*sgx_aex_mitigation_fn_t)(const sgx_exception_info_t *info, const void * args);

typedef struct _aex_mitigation_node_t
{
sgx_aex_mitigation_fn_t handler;
const void *args;
struct _aex_mitigation_node_t * next;
} sgx_aex_mitigation_node_t;


#ifdef __cplusplus
extern "C" {
#endif

/* sgx_set_ssa_aexnotify()
* Parameters:
* flag - 0 to disable AEX-Notify
* non-zero to enable AEX-Notify
* Return Value:
* SGX_SUCCESS - success
* SGX_ERROR_UNEXPECTED - unexpected error
*/
sgx_status_t SGXAPI sgx_set_ssa_aexnotify(int flag);


/* sgx_register_aex_handler()
* Parameters:
* aex_node - A pointer to an AEX mitigation node. The mitigation node must exist and be valid until it is unregistered.
* handler - A function handler to call after being notified of an AEX
* args - Arguments to pass to the handler
* Return Value:
* SGX_SUCCESS - success
* SGX_ERROR_INVALID_PARAMETER - aex_node or handler are NULL
*/
sgx_status_t SGXAPI sgx_register_aex_handler(sgx_aex_mitigation_node_t *aex_node, sgx_aex_mitigation_fn_t handler, const void *args);

/* sgx_unregister_aex_handler()
* Parameters:
* handler - A function handler that was previously registered
* Return Value:
* SGX_SUCCESS - success
* SGX_ERROR_INVALID_PARAMETER - handler was NULL or has not been previously registered
* SGX_ERROR_UNEXPECTED - There currently are no registered handlers
*/
sgx_status_t SGXAPI sgx_unregister_aex_handler(sgx_aex_mitigation_fn_t handler);

#ifdef __cplusplus
}
#endif

#endif
10 changes: 10 additions & 0 deletions core/build/headers/sgx_trts_exception.h
Original file line number Diff line number Diff line change
Expand Up @@ -112,12 +112,22 @@ typedef struct _exinfo_t
uint32_t reserved;
}sgx_misc_exinfo_t;

__attribute__((aligned(64)))
typedef struct _exception_info_t
{
sgx_cpu_context_t cpu_context;
sgx_exception_vector_t exception_vector;
sgx_exception_type_t exception_type;
sgx_misc_exinfo_t exinfo;
uint32_t exception_valid;
uint32_t do_aex_mitigation;
uint64_t xsave_size;
#if defined (_M_X64) || defined (__x86_64__)
uint64_t reserved[1];
#else
uint64_t reserved[6];
#endif
uint8_t xsave_area[0]; // 64-byte aligned
} sgx_exception_info_t;

typedef int (*sgx_exception_handler_t)(sgx_exception_info_t *info);
Expand Down
1 change: 1 addition & 0 deletions core/sys/types/build.rs
Original file line number Diff line number Diff line change
Expand Up @@ -83,6 +83,7 @@ const CORE_CONSTS: &[&str] = &[
"SGX_FLAGS_PROVISION_KEY",
"SGX_FLAGS_EINITTOKEN_KEY",
"SGX_FLAGS_KSS",
"SGX_FLAGS_AEX_NOTIFY",
"SGX_FLAGS_NON_CHECK_BITS",
"SGX_XFRM_LEGACY",
"SGX_XFRM_AVX",
Expand Down
10 changes: 6 additions & 4 deletions core/types/src/attributes.rs
Original file line number Diff line number Diff line change
Expand Up @@ -7,10 +7,10 @@ use bitflags::bitflags;
use core::fmt::{Display, Formatter};
use core::ops::BitAnd;
use mc_sgx_core_sys_types::{
sgx_attributes_t, sgx_misc_attribute_t, sgx_misc_select_t, SGX_FLAGS_DEBUG,
SGX_FLAGS_EINITTOKEN_KEY, SGX_FLAGS_INITTED, SGX_FLAGS_KSS, SGX_FLAGS_MODE64BIT,
SGX_FLAGS_NON_CHECK_BITS, SGX_FLAGS_PROVISION_KEY, SGX_XFRM_AMX, SGX_XFRM_AVX, SGX_XFRM_AVX512,
SGX_XFRM_LEGACY, SGX_XFRM_MPX, SGX_XFRM_PKRU,
sgx_attributes_t, sgx_misc_attribute_t, sgx_misc_select_t, SGX_FLAGS_AEX_NOTIFY,
SGX_FLAGS_DEBUG, SGX_FLAGS_EINITTOKEN_KEY, SGX_FLAGS_INITTED, SGX_FLAGS_KSS,
SGX_FLAGS_MODE64BIT, SGX_FLAGS_NON_CHECK_BITS, SGX_FLAGS_PROVISION_KEY, SGX_XFRM_AMX,
SGX_XFRM_AVX, SGX_XFRM_AVX512, SGX_XFRM_LEGACY, SGX_XFRM_MPX, SGX_XFRM_PKRU,
};

/// Attributes of the enclave
Expand Down Expand Up @@ -122,6 +122,8 @@ bitflags! {
const EINIT_TOKEN_KEY = SGX_FLAGS_EINITTOKEN_KEY as u64;
/// If set, then the enclave uses KSS(Key Separation and Sharing)
const KSS = SGX_FLAGS_KSS as u64;
/// If set, then the enclave enables AEX Notify
const AEX_NOTIFY = SGX_FLAGS_AEX_NOTIFY as u64;
/// BIT[55-48] will not be checked */
const NON_CHECK_BITS = SGX_FLAGS_NON_CHECK_BITS;
/// Value used by `sgx_seal_data()`. See `attribute_mask` description in
Expand Down
4 changes: 4 additions & 0 deletions dcap/types/src/error.rs
Original file line number Diff line number Diff line change
Expand Up @@ -283,6 +283,8 @@ pub enum QlError {
RootCaUntrusted = quote3_error_t::SGX_QL_ROOT_CA_UNTRUSTED.0,
/// The current TCB level cannot be found in the platform/enclave TCB info
TcbNotSupported = quote3_error_t::SGX_QL_TCB_NOT_SUPPORTED.0,
/// The QPL's config file is in JSON format but has a format error
ConfigInvalidJson = quote3_error_t::SGX_QL_CONFIG_INVALID_JSON.0,

/// Indicate max error to allow better translation
Max = quote3_error_t::SGX_QL_ERROR_MAX.0,
Expand Down Expand Up @@ -420,6 +422,7 @@ impl TryFrom<quote3_error_t> for QlError {
}
quote3_error_t::SGX_QL_ROOT_CA_UNTRUSTED => Ok(QlError::RootCaUntrusted),
quote3_error_t::SGX_QL_TCB_NOT_SUPPORTED => Ok(QlError::TcbNotSupported),
quote3_error_t::SGX_QL_CONFIG_INVALID_JSON => Ok(QlError::ConfigInvalidJson),
quote3_error_t::SGX_QL_ERROR_MAX => Ok(QlError::Max),
// Map all unknowns to the unexpected error
_ => Ok(QlError::Unexpected),
Expand Down Expand Up @@ -527,6 +530,7 @@ mod test {
supplemental_data_version_not_supported = { quote3_error_t::SGX_QL_SUPPLEMENTAL_DATA_VERSION_NOT_SUPPORTED, QlError::SupplementalDataVersionNotSupported },
root_ca_untrusted = { quote3_error_t::SGX_QL_ROOT_CA_UNTRUSTED, QlError::RootCaUntrusted },
tcb_not_supported = { quote3_error_t::SGX_QL_TCB_NOT_SUPPORTED, QlError::TcbNotSupported },
config_invalid_json = { quote3_error_t::SGX_QL_CONFIG_INVALID_JSON, QlError::ConfigInvalidJson },
max = { quote3_error_t::SGX_QL_ERROR_MAX, QlError::Max }
)]
fn error_from_ffi(ffi: quote3_error_t, expected: QlError) {
Expand Down
Loading

0 comments on commit c890555

Please sign in to comment.