OE/mbedTLS related memory allocation problems

Makefile

@@ -19,7 +19,9 @@ ifeq ($(OE_SDK_ROOT),$(OE_SDK_ROOT_DEFAULT))
 $(addprefix $(OE_SDK_ROOT)/lib/openenclave/, $(OE_LIBS)):
  mkdir -p $(OE_SUBMODULE)/build
  cd $(OE_SUBMODULE)/build && cmake -G "Unix Makefiles" -DCMAKE_BUILD_TYPE=$(CMAKE_BUILD_TYPE) -DCMAKE_INSTALL_PREFIX=$(OE_SDK_ROOT) \
- -DENABLE_REFMAN=OFF -DCOMPILE_SYSTEM_EDL=OFF -DWITH_EEID=ON -DBUILD_TESTS=OFF -DUSE_DEBUG_MALLOC=OFF OE_HEAP_ALLOTTED_PAGE_COUNT=8192 ..
+ -DENABLE_REFMAN=OFF -DCOMPILE_SYSTEM_EDL=OFF -DWITH_EEID=ON -DBUILD_TESTS=OFF -DUSE_DEBUG_MALLOC=OFF OE_HEAP_ALLOTTED_PAGE_COUNT=8192 \
+ -DCMAKE_C_FLAGS="-DMBEDTLS_PLATFORM_MEMORY -DMBEDTLS_PLATFORM_TIME_ALT" \
+ ..
  $(MAKE) -C $(OE_SUBMODULE)/build -j$(scripts/ncore.sh) && $(MAKE) -C $(OE_SUBMODULE)/build install
 endif
 

src/enclave/enclave_init.c

@@ -1,5 +1,6 @@
 #include "lkl/asm/host_ops.h"
 #include "lkl/setup.h"
+#include "sys/auxv.h"
 
 #include <openenclave/internal/globals.h>
 #include "openenclave/corelibc/oemalloc.h"
@@ -100,6 +101,32 @@ static void init_wireguard_peers()
  wgu_list_devices();
 }
 
+static void add_attestation_evidence()
+{
+ uint8_t* evidence = (uint8_t*)getauxval(AT_ATT_EVIDENCE);
+ unsigned long evidence_size = getauxval(AT_ATT_EVIDENCE_SIZE);
+ if (evidence_size > 0)
+ {
+ const char* filename = "/run/sgxlkl-evidence";
+ FILE* f = fopen(filename, "wb");
+ size_t written = fwrite(evidence, 1, evidence_size, f);
+ fclose(f);
+ SGXLKL_VERBOSE(
+ "%lu bytes of attestation evidence in %s\n", written, filename);
+ }
+
+ uint8_t* endorsements = (uint8_t*)getauxval(AT_ATT_ENDORSEMENTS);
+ unsigned long endorsements_size = getauxval(AT_ATT_ENDORSEMENTS_SIZE);
+ if (endorsements_size > 0)
+ {
+ const char* filename = "/run/sgxlkl-endorsements";
+ FILE* f = fopen(filename, "wb");
+ size_t written = fwrite(endorsements, 1, endorsements_size, f);
+ fclose(f);
+ SGXLKL_VERBOSE(
+ "%lu bytes of attestation endorsements in %s\n", written, filename);
+ }
+}
 
 static void _enter_user_space(
  int argc,
@@ -133,6 +160,8 @@ static void _enter_user_space(
  args.__gdb_load_debug_symbols_alive_ptr = &__gdb_load_debug_symbols_alive;
  memcpy(args.clock_res, clock_res, sizeof(args.clock_res));
 
+ add_attestation_evidence();
+
  (*proc)(&args, sizeof(args));
 }
 

src/enclave/enclave_oe.c

@@ -1,11 +1,23 @@
 #include <stdatomic.h>
 #include <string.h>
 
+/* Some versions of the Open Enclave headers require this macro to know that
+ * they are used in in-enclave code */
+#define OE_BUILD_ENCLAVE
+
+#include <openenclave/attestation/attester.h>
+#include <openenclave/attestation/sgx/eeid_attester.h>
+#include <openenclave/attestation/sgx/eeid_plugin.h>
 #include <openenclave/bits/eeid.h>
 #include <openenclave/corelibc/oemalloc.h>
 #include <openenclave/corelibc/oestring.h>
+#include <openenclave/corelibc/oetime.h>
 #include <openenclave/internal/globals.h>
-#include "openenclave/corelibc/oestring.h"
+
+#define MBEDTLS_PLATFORM_MEMORY
+#define MBEDTLS_HAVE_TIME
+#define MBEDTLS_PLATFORM_TIME_ALT
+#include <openenclave/3rdparty/mbedtls/platform.h>
 
 #include "enclave/enclave_oe.h"
 #include "enclave/enclave_signal.h"
@@ -15,7 +27,7 @@
 #include "shared/env.h"
 #include "shared/timer_dev.h"
 
-#define AUXV_ENTRIES 13
+#define AUXV_ENTRIES 17
 
 char* at_platform = "x86_64";
 sgxlkl_enclave_state_t sgxlkl_enclave_state = {0};
@@ -95,8 +107,29 @@ static void init_auxv(size_t* auxv, char* buf_ptr, char* pn)
  auxv[21] = (size_t)rbuf;
  auxv[22] = AT_HW_MODE;
  auxv[23] = !sgxlkl_in_sw_debug_mode();
- auxv[24] = AT_NULL;
- auxv[25] = 0;
+
+ auxv[24] = AT_ATT_EVIDENCE;
+ memcpy(
+ buf_ptr,
+ sgxlkl_enclave_state.evidence,
+ sgxlkl_enclave_state.evidence_size);
+ auxv[25] = (size_t)buf_ptr;
+ buf_ptr += sgxlkl_enclave_state.evidence_size;
+ auxv[26] = AT_ATT_EVIDENCE_SIZE;
+ auxv[27] = sgxlkl_enclave_state.evidence_size;
+
+ auxv[28] = AT_ATT_ENDORSEMENTS;
+ memcpy(
+ buf_ptr,
+ sgxlkl_enclave_state.endorsements,
+ sgxlkl_enclave_state.endorsements_size);
+ auxv[29] = (size_t)buf_ptr;
+ buf_ptr += sgxlkl_enclave_state.endorsements_size;
+ auxv[30] = AT_ATT_ENDORSEMENTS_SIZE;
+ auxv[31] = sgxlkl_enclave_state.endorsements_size;
+
+ auxv[32] = AT_NULL;
+ auxv[33] = 0;
 }
 
 static void _prepare_elf_stack()
@@ -145,6 +178,8 @@ static void _prepare_elf_stack()
  num_ptrs += 2 * AUXV_ENTRIES; // auxv vector entries
  num_bytes += oe_strlen(at_platform) + 1; // AT_PLATFORM
  num_bytes += 16; // AT_RANDOM
+ num_bytes += state->evidence_size;
+ num_bytes += state->endorsements_size;
 
  elf64_stack_t* stack = &sgxlkl_enclave_state.elf64_stack;
  stack->data = oe_calloc_or_die(
@@ -190,7 +225,7 @@ static void _prepare_elf_stack()
  // Check that the allocated memory was correct.
  SGXLKL_ASSERT(j + 1 == num_ptrs);
  SGXLKL_ASSERT(out[j] == NULL);
- SGXLKL_ASSERT(out[j - 4] == (char*)AT_HW_MODE);
+ SGXLKL_ASSERT(out[j - 4] == (char*)AT_ATT_ENDORSEMENTS_SIZE);
 
  oe_free(imported_env);
 }
@@ -306,6 +341,64 @@ static void _read_eeid_config()
  sgxlkl_enclave_state.config = cfg;
 }
 
+#ifndef SGXLKL_RELEASE
+#define _sgxlkl_release_fail sgxlkl_fail
+#else
+#define _sgxlkl_release_fail sgxlkl_warn
+#endif
+
+time_t ocall_time(time_t* t)
+{
+ /* oe_get_time() ocalls for the time in milliseconds in the epoch */
+ /* See also https://github.com/openenclave/openenclave/issues/3516 */
+ return oe_get_time() / 1000;
+}
+
+static void _extract_evidence()
+{
+ const void *custom_claims = NULL, *optional_parameters = NULL;
+ const size_t custom_claims_size = 0, optional_parameters_size = 0;
+
+ if (mbedtls_platform_set_calloc_free(oe_calloc, oe_free) != 0)
+ _sgxlkl_release_fail(
+ "could not register mbedTLS memory allocation functions.\n");
+
+ /* OE and mbedTLS require a (not necessarily accurate or precise) notion of
+ * time because they attempt to check certificate expiry during extraction
+ * of endorsements.
+ * Also note that mbedTLS calls gtime_r, which is not provided by OE, but it
+ * picks up sgx-lkl-musl's version, which happens to work. See also
+ * https://github.com/openenclave/openenclave/pull/3517 */
+ if (mbedtls_platform_set_time(ocall_time) != 0)
+ _sgxlkl_release_fail("could not register ocall_time for mbedTLS.\n");
+
+ if (oe_sgx_eeid_attester_initialize() != OE_OK)
+ _sgxlkl_release_fail("could not initialize EEID attester.\n");
+
+ oe_uuid_t format_id = {OE_FORMAT_UUID_SGX_EEID_ECDSA_P256};
+
+ if (oe_get_evidence(
+ &format_id,
+ OE_EVIDENCE_FLAGS_EMBED_FORMAT_ID,
+ custom_claims,
+ custom_claims_size,
+ optional_parameters,
+ optional_parameters_size,
+ &sgxlkl_enclave_state.evidence,
+ &sgxlkl_enclave_state.evidence_size,
+ &sgxlkl_enclave_state.endorsements,
+ &sgxlkl_enclave_state.endorsements_size) != OE_OK)
+ _sgxlkl_release_fail("could not extract attestation evidence.\n");
+
+ if (oe_sgx_eeid_attester_shutdown() != OE_OK)
+ _sgxlkl_release_fail("could not shut down EEID attester.\n");
+
+ sgxlkl_info(
+ "obtained EEID evidence and endorsements (%lu/%lu bytes)\n",
+ sgxlkl_enclave_state.evidence_size,
+ sgxlkl_enclave_state.endorsements_size);
+}
+
 static void _copy_shared_memory(const sgxlkl_shared_memory_t* host)
 {
  const sgxlkl_enclave_config_t* cfg = sgxlkl_enclave_state.config;
@@ -401,6 +494,7 @@ int sgxlkl_enclave_init(const sgxlkl_shared_memory_t* shared_memory)
 #endif
 
  _read_eeid_config();
+ _extract_evidence();
  _copy_shared_memory(shared_memory);
 
 #ifdef DEBUG

src/include/enclave/enclave_oe.h

@@ -18,4 +18,10 @@ bool sgxlkl_in_sw_debug_mode();
 bool sgxlkl_in_hw_debug_mode();
 bool sgxlkl_in_hw_release_mode();
 
+/* Indices to find attestation evidence in auxv */
+#define AT_ATT_EVIDENCE 101
+#define AT_ATT_EVIDENCE_SIZE 102
+#define AT_ATT_ENDORSEMENTS 103
+#define AT_ATT_ENDORSEMENTS_SIZE 104
+
 #endif /* ENCLAVE_OE_H */

src/include/enclave/enclave_state.h

@@ -53,6 +53,10 @@ typedef struct sgxlkl_enclave_state
 
  /* This flag is used by the tracing macros */
  bool verbose;
+
+ /* Attestation evidence and endorsements */
+ uint8_t *evidence, *endorsements;
+ size_t evidence_size, endorsements_size;
 } sgxlkl_enclave_state_t;
 
 extern sgxlkl_enclave_state_t sgxlkl_enclave_state;

src/include/openenclave/corelibc/oetime.h

@@ -0,0 +1,23 @@
+#ifndef __OE_TIME_INCLUDED__
+#define __OE_TIME_INCLUDED__
+
+#include "openenclave/corelibc/bits/types.h"
+
+struct oe_tm
+{
+ int tm_sec;
+ int tm_min;
+ int tm_hour;
+ int tm_mday;
+ int tm_mon;
+ int tm_year;
+ int tm_wday;
+ int tm_yday;
+ int tm_isdst;
+};
+
+struct oe_tm* oe_gmtime_r(const time_t* timep, struct oe_tm* result);
+
+uint64_t oe_get_time(void);
+
+#endif

tests/basic/eeid-config/Makefile

@@ -34,5 +34,11 @@ run-hw-gdb: ${SGXLKL_ROOTFS}
 run-sw: ${SGXLKL_ROOTFS}
  $(SGXLKL_ENV) $(SGXLKL_STARTER) $(SGXLKL_SW_PARAMS) --enclave-config enclave_config.json $(SGXLKL_ROOTFS)
 
+verify-evidence: ${SGXLKL_ROOTFS}
+ ${SGXLKL_DISK_TOOL} mount --mnt-point=tmp ${SGXLKL_ROOTFS}
+ # Depends on https://github.com/openenclave/openenclave/pull/3464
+ -${SGXLKL_ROOT}/build/openenclave/bin/host_verify -v tmp/evidence.bin -e tmp/endorsements.bin
+ ${SGXLKL_DISK_TOOL} unmount tmp
+
 clean:
  rm -f $(SGXLKL_ROOTFS) $(PROG)

tests/basic/eeid-config/hello-eeid.c

@@ -5,31 +5,50 @@
 
 #define HW_FILE "/app/helloworld.txt"
 
-int main(int argc, char** argv)
+void copy_file(const char* from, const char* to)
 {
- char buf[100];
- FILE* f = fopen(HW_FILE, "r");
- if (!f)
- {
- fprintf(
- stderr, "Could not open file %s: %s\n", HW_FILE, strerror(errno));
- exit(1);
- }
+ FILE* from_file = fopen(from, "rb");
+ FILE* to_file = fopen(to, "wb");
+ if (!from_file || !to_file)
+ return;
+ while (!feof(from_file))
+ fputc(fgetc(from_file), to_file);
+ fclose(to_file);
+ fclose(from_file);
+}
 
- // Prints first line of file /app/helloworld.txt (max 100 characters)
- if (fgets(buf, sizeof(buf), f) == buf)
- {
- printf("%s", buf);
- }
- else
+ int main(int argc, char** argv)
  {
- fprintf(
- stderr,
- "Could not read first line of file %s: %s\n",
- HW_FILE,
- strerror(errno));
- exit(1);
- }
+ char buf[100];
+ FILE* f = fopen(HW_FILE, "r");
+ if (!f)
+ {
+ fprintf(
+ stderr,
+ "Could not open file %s: %s\n",
+ HW_FILE,
+ strerror(errno));
+ exit(1);
+ }
 
- return 0;
-}
+ // Prints first line of file /app/helloworld.txt (max 100 characters)
+ if (fgets(buf, sizeof(buf), f) == buf)
+ {
+ printf("%s", buf);
+ }
+ else
+ {
+ fprintf(
+ stderr,
+ "Could not read first line of file %s: %s\n",
+ HW_FILE,
+ strerror(errno));
+ exit(1);
+ }
+
+ // Get attestation evidence and endorsements and write them to files.
+ copy_file("/run/sgxlkl-evidence", "evidence");
+ copy_file("/run/sgxlkl-endorsements", "endorsements");
+
+ return 0;
+ }