v1.0.4 release

Signed-off-by: Yu Ding <[email protected]>

Author: dingelish

Readme.md

@@ -3,7 +3,8 @@ Rust SGX SDK helps developers write Intel SGX applications in Rust programming l
 
 To achieve better security, we recommend developers to apply [Non-bypassable Security Paradigm (NbSP)](https://github.com/baidu/rust-sgx-sdk/blob/master/documents/nbsp.pdf) to the system design and implementation.
 
-* Current master support **`nightly-2018-08-25-x86_64-unknown-linux-gnu`**
+## v1.0.4 Release
+This version supports Rust nightly build (nightly-2018-10-01) in the master branch and the most recent stable build (stable-2018-09-25) in the rust-stable branch. It supports the latest Intel SGX SDK **v2.3.1** and Ubuntu Linux 18.04. It now contains further third party libraries including: bit-vec, chrono, erased-serde, fxhash, nan-preserving-float, num-bigint, quick-error, raft-rs, time, webpki-roots, and yasna. Some third party libraries, like untrusted, parity-wasm and lazy-static, are removed because they support `no_std` and can be used directly from crates.io. We strongly recommend developers upgrade to v1.0.4 and use the most recent Rust release to build it due to the [Security advisory for the standard library](https://blog.rust-lang.org/2018/09/21/Security-advisory-for-std.html). Please refer to [release_notes](release_notes.md) for further details.
 
 ## v1.0.1 Release
 This version supports the Rust nightly build (nightly-2018-07-16) in master branch and the most recent Rust stable build (stable-2018-07-10). And it supports the latest Intel SGX SDK **v2.2**. New third party libraries include: bytes, http, iovec, rust-crypto, rust-fnv and rust-threshold-secret-sharing. New code sample 'secretsharing' and 'rust-threshold-secret-sharing' is provided by @davidp94. Please refer to [release_notes](release_notes.md) for further details.
@@ -22,9 +23,9 @@ This version provides a new namespace: `sgx_tstd::untrusted`, including `sgx_tst
 
 ## Requirement
 
-Ubuntu 16.04
+Ubuntu 16.04 or 18.04
 
-[Intel SGX SDK 2.2 for Linux](https://01.org/intel-software-guard-extensions/downloads) installed
+[Intel SGX SDK 2.3.1 for Linux](https://01.org/intel-software-guard-extensions/downloads) installed
 
 Docker (Recommended)
 
@@ -35,11 +36,13 @@ The docker image now supports Intel ME. If you need it, please refer to the sgxt
 
 ### Native without docker (Not recommended)
 
-Install Intel SGX driver and SDK first. And refer to [Dockerfile](https://github.com/baidu/rust-sgx-sdk/blob/master/dockerfile/Dockerfile) or stable branch [Dockerfile](https://github.com/baidu/rust-sgx-sdk/blob/master/dockerfile/rust-stable/Dockerfile) to setup your own native Rust-SGX environment.
+Install Intel SGX driver and SDK first. And refer to [Dockerfile](dockerfile/Dockerfile.1604.nightly) or stable branch [Dockerfile](Dockerfile.1604.stable) to setup your own native Rust-SGX environment.
 
 ### Using docker (Recommended) without ME support
 
-First, make sure Intel SGX Driver 2.2 is installed and functions well. `/dev/isgx` should be appeared.
+* As of v1.0.4, we provide 4 docker images: `baiduxlab/sgx-rust:1604` `baiduxlab/sgx-rust:1804` `baiduxlab/sgx-rust-stable:1604` `baiduxlab/sgx-rust-stable:1804`. The `latest` tag pins on `baiduxlab/sgx-rust:1604`.
+
+First, make sure Intel SGX Driver 2.3.1 is installed and functions well. `/dev/isgx` should appear.
 
 Second, pull the docker image. If you'd like to work on stable branch of Rust and `rust-stable` branch of this SDK, please pull `baiduxlab/sgx-rust-stable` instead.
 
@@ -51,14 +54,7 @@ Third, start a docker with sgx device support and the Rust SGX SDK.
 
 Next, start the aesm service inside the docker
 
-`root@docker:/# /opt/intel/sgxpsw/aesm/aesm_service &`
-
-Next, upgrade the toolchain (to the aforementioned version) to use the **master** branch
-
-```
-root@docker:/# rustup default nightly-2018-08-25-x86_64-unknown-linux-gnu
-root@docker:/# rustup component add rust-src
-```
+`root@docker:/# /opt/intel/libsgx-enclave-common/aesm/aesm_service &`
 
 Finally, check if the sample code works
 
@@ -70,7 +66,7 @@ Finally, check if the sample code works
 
 ## Build the docker image by yourself
 
-Make sure Intel SGX SDK is properly installed and service started on the host OS. Then `cd dockerfile` and run `docker build -t rust-sgx-docker` to build.
+Make sure Intel SGX SDK is properly installed and service started on the host OS. Then `cd dockerfile` and run `docker build -t rust-sgx-docker -f Dockerfile.1604.nightly .` to build.
 
 ## Use simulation mode for non SGX-enabled machine (includes macOS)
 
@@ -163,9 +159,9 @@ We provide eighteen sample codes to help developers understand how to write Encl
 
 * `switchless` shows the usage of latest "switchless" execution model provided by intel. Please pay attention to the Makefile and the position of link flag "-lsgx_tswitchless".
 
-# Samples of ported third-party libraries
+* `mutual-ra` provides remote attestation based TLS connection between SGX enclaves. See the [readme](samplecode/mutual-ra/Readme.md) for details.
 
-As of v0.9.5, we provide 25 ported third-party libraries. All of them could be compiled using xargo (`XARGO_SGX=1` make) or cargo (`make`).
+* `ue-ra` provides remote attestation based TLS connection between an untrusted party and one SGX enclave. See the [readme](samplecode/ue-ra/Readme.md) for details.
 
 # Tips for writing enclaves in Rust
 
@@ -189,7 +185,7 @@ Baidu Rust-SGX SDK is provided under the BSD license. Please refer to the [Licen
 
 # Authors
 
-Ran Duan, Long Li, Shi Jia, Yu Ding, Lenx Wei, Tanghui Chen
+Ran Duan, Long Li, Shi Jia, Yu Ding, Yulong Zhang, Yueqiang Cheng, Lenx Wei, Tanghui Chen
 
 ![Baidu X-Lab Logo](https://raw.githubusercontent.com/baidu/rust-sgx-sdk/master/logo_25.png)
 

common/inc/mbusafecrt.h

@@ -0,0 +1,83 @@
+//
+// Copyright (c) Microsoft. All rights reserved.
+// Licensed under the MIT license. See LICENSE file in the project root for full license information. 
+//
+
+/***
+*   mbusafecrt.h - public declarations for SafeCRT lib
+*
+
+*
+*   Purpose:
+*       This file contains the public declarations SafeCRT
+*       functions ported to MacOS. These are the safe versions of
+*       functions standard functions banned by SWI
+*
+
+****/
+
+/* shields! */
+
+#ifndef MBUSAFECRT_H
+#define MBUSAFECRT_H
+#include <string.h>
+#include <stdarg.h>
+#include <wchar.h>
+typedef wchar_t WCHAR;
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+extern errno_t strcat_s( char* ioDest, size_t inDestBufferSize, const char* inSrc );
+extern errno_t wcscat_s( WCHAR* ioDest, size_t inDestBufferSize, const WCHAR* inSrc );
+
+extern errno_t strncat_s( char* ioDest, size_t inDestBufferSize, const char* inSrc, size_t inCount );
+extern errno_t wcsncat_s( WCHAR* ioDest, size_t inDestBufferSize, const WCHAR* inSrc, size_t inCount );
+
+extern errno_t strcpy_s( char* outDest, size_t inDestBufferSize, const char* inSrc );
+extern errno_t wcscpy_s( WCHAR* outDest, size_t inDestBufferSize, const WCHAR* inSrc );
+
+extern errno_t strncpy_s( char* outDest, size_t inDestBufferSize, const char* inSrc, size_t inCount );
+extern errno_t wcsncpy_s( WCHAR* outDest, size_t inDestBufferSize, const WCHAR* inSrc, size_t inCount );
+
+extern char* strtok_s( char* inString, const char* inControl, char** ioContext );
+extern WCHAR* wcstok_s( WCHAR* inString, const WCHAR* inControl, WCHAR** ioContext );
+
+extern size_t wcsnlen( const WCHAR* inString, size_t inMaxSize );
+
+extern errno_t _itoa_s( int inValue, char* outBuffer, size_t inDestBufferSize, int inRadix );
+extern errno_t _itow_s( int inValue, WCHAR* outBuffer, size_t inDestBufferSize, int inRadix );
+
+extern errno_t _ltoa_s( long inValue, char* outBuffer, size_t inDestBufferSize, int inRadix );
+extern errno_t _ltow_s( long inValue, WCHAR* outBuffer, size_t inDestBufferSize, int inRadix );
+
+extern errno_t _ultoa_s( unsigned long inValue, char* outBuffer, size_t inDestBufferSize, int inRadix );
+extern errno_t _ultow_s( unsigned long inValue, WCHAR* outBuffer, size_t inDestBufferSize, int inRadix );
+
+extern errno_t _i64toa_s( long long inValue, char* outBuffer, size_t inDestBufferSize, int inRadix );
+extern errno_t _i64tow_s( long long inValue, WCHAR* outBuffer, size_t inDestBufferSize, int inRadix );
+
+extern errno_t _ui64toa_s( unsigned long long inValue, char* outBuffer, size_t inDestBufferSize, int inRadix );
+extern errno_t _ui64tow_s( unsigned long long inValue, WCHAR* outBuffer, size_t inDestBufferSize, int inRadix );
+
+extern int sprintf_s( char *string, size_t sizeInBytes, const char *format, ... );
+extern int swprintf_s( WCHAR *string, size_t sizeInWords, const WCHAR *format, ... );
+
+extern int _snprintf_s( char *string, size_t sizeInBytes, size_t count, const char *format, ... );
+extern int _snwprintf_s( WCHAR *string, size_t sizeInWords, size_t count, const WCHAR *format, ... );
+
+extern int _vsprintf_s( char* string, size_t sizeInBytes, const char* format, va_list arglist );
+extern int _vsnprintf_s( char* string, size_t sizeInBytes, size_t count, const char* format, va_list arglist );
+
+extern int _vswprintf_s( WCHAR* string, size_t sizeInWords, const WCHAR* format, va_list arglist );
+extern int _vsnwprintf_s( WCHAR* string, size_t sizeInWords, size_t count, const WCHAR* format, va_list arglist );
+
+extern errno_t memcpy_s( void * dst, size_t sizeInBytes, const void * src, size_t count );
+extern errno_t memmove_s( void * dst, size_t sizeInBytes, const void * src, size_t count );
+
+#ifdef __cplusplus
+    }
+#endif
+
+#endif	/* MBUSAFECRT_H */

common/inc/setjmp.h

@@ -40,11 +40,11 @@
 #define _SETJMP_H_
 
 #ifndef _JB_ATTRIBUTES
-#define _JB_ATTRIBUTES	/**/
+#define _JB_ATTRIBUTES /**/
 #else
 #endif
 #ifndef _BSD_JBSLOT_T_
-#define	_BSD_JBSLOT_T_	long
+#define _BSD_JBSLOT_T_ long
 #endif
 
 #define _JBLEN 8
@@ -55,9 +55,10 @@ typedef _BSD_JBSLOT_T_ jmp_buf[_JBLEN] _JB_ATTRIBUTES;
 #define __returns_twice __attribute__((__returns_twice__))
 #define __dead
 
+
 __BEGIN_DECLS
-int	_setjmp(jmp_buf) __returns_twice;
-void	_longjmp(jmp_buf, int) __dead;
+int setjmp(jmp_buf) __returns_twice;
+void longjmp(jmp_buf, int) __dead;
 __END_DECLS
 
 #endif /* !_SETJMP_H_ */

common/inc/stdlib.h

@@ -43,20 +43,13 @@
 typedef __size_t    size_t;
 #endif
 
-#ifdef _TLIBC_WIN_
-#if !defined(_WCHAR_T_DEFINED) && !defined (_NATIVE_WCHAR_T_DEFINED)
-#define _WCHAR_T_DEFINED
-typedef unsigned short  wchar_t;
-#endif
-#else
 #if !defined(_WCHAR_T_DEFINED_) && !defined(__cplusplus)
 #define _WCHAR_T_DEFINED_
 #ifndef __WCHAR_TYPE__
 #define __WCHAR_TYPE__ int
 #endif
 typedef __WCHAR_TYPE__ wchar_t;
 #endif
-#endif
 
 #ifndef _DIV_T_DEFINED
 typedef struct {
@@ -93,6 +86,7 @@ typedef struct {
 __BEGIN_DECLS
 
 _TLIBC_NORETURN_ void _TLIBC_CDECL_ abort(void);
+int     _TLIBC_CDECL_ atexit(void (*)(void));
 int     _TLIBC_CDECL_ abs(int);
 double  _TLIBC_CDECL_ atof(const char *);
 int     _TLIBC_CDECL_ atoi(const char *);

common/inc/sys/_types.h

@@ -42,8 +42,13 @@ typedef short               __int16_t;
 typedef unsigned short      __uint16_t;
 typedef int                 __int32_t;
 typedef unsigned int        __uint32_t;
+#ifdef __x86_64__
+typedef long                __int64_t;
+typedef unsigned long       __uint64_t;
+#else
 typedef long long           __int64_t;
 typedef unsigned long long  __uint64_t;
+#endif
 
 /* 7.18.1.2 Minimum-width integer types */
 typedef __int8_t            __int_least8_t;
@@ -77,6 +82,11 @@ typedef __uint64_t          __uint_fast64_t;
 #endif
 
 typedef long                __off_t;
+#ifdef __x86_64__
+typedef long int 			__off64_t;
+#else
+typedef long long int 		__off64_t;
+#endif
 
 /* 7.18.1.4 Integer types capable of holding object pointers */
 #ifdef __i386__
@@ -105,7 +115,7 @@ typedef long                __clock_t;
 
 typedef long                __time_t;
 typedef __builtin_va_list   __va_list;
-typedef int                 __wint_t;
+typedef unsigned int        __wint_t;
 /* wctype_t and wctrans_t are defined in wchar.h */
 typedef unsigned long int   __wctype_t;
 typedef int *               __wctrans_t;
@@ -127,6 +137,28 @@ typedef struct {
 typedef __int64_t           __intmax_t;
 typedef __uint64_t          __uintmax_t;
 
+
+typedef unsigned long int 		__ino_t;
+typedef unsigned int 			__mode_t;
+typedef unsigned int 			__uid_t;
+typedef unsigned int 			__gid_t;
+typedef long int 				__blksize_t;
+typedef long int 				__blkcnt_t;
+
+#ifdef __x86_64__
+typedef unsigned long int 		__dev_t;
+typedef long int 				__off64_t;
+typedef unsigned long int		__nlink_t;
+typedef long int 				__blkcnt64_t;
+typedef unsigned long int 		__ino64_t;
+#else
+typedef unsigned long long int 	__dev_t;
+typedef long long int 			__off64_t;
+typedef unsigned int 			__nlink_t;
+typedef long long int 			__blkcnt64_t;
+typedef unsigned long long int 	__ino64_t;
+#endif
+
 #endif /* !_SYS__TYPES_H_ */