Skip to content

Commit 212d9f4

Browse files
committed
v1.0.4 release
Signed-off-by: Yu Ding <[email protected]>
1 parent bdd75ca commit 212d9f4

File tree

328 files changed

+51351
-982
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

328 files changed

+51351
-982
lines changed

Readme.md

+13-17
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,8 @@ Rust SGX SDK helps developers write Intel SGX applications in Rust programming l
33

44
To achieve better security, we recommend developers to apply [Non-bypassable Security Paradigm (NbSP)](https://github.com/baidu/rust-sgx-sdk/blob/master/documents/nbsp.pdf) to the system design and implementation.
55

6-
* Current master support **`nightly-2018-08-25-x86_64-unknown-linux-gnu`**
6+
## v1.0.4 Release
7+
This version supports Rust nightly build (nightly-2018-10-01) in the master branch and the most recent stable build (stable-2018-09-25) in the rust-stable branch. It supports the latest Intel SGX SDK **v2.3.1** and Ubuntu Linux 18.04. It now contains further third party libraries including: bit-vec, chrono, erased-serde, fxhash, nan-preserving-float, num-bigint, quick-error, raft-rs, time, webpki-roots, and yasna. Some third party libraries, like untrusted, parity-wasm and lazy-static, are removed because they support `no_std` and can be used directly from crates.io. We strongly recommend developers upgrade to v1.0.4 and use the most recent Rust release to build it due to the [Security advisory for the standard library](https://blog.rust-lang.org/2018/09/21/Security-advisory-for-std.html). Please refer to [release_notes](release_notes.md) for further details.
78

89
## v1.0.1 Release
910
This version supports the Rust nightly build (nightly-2018-07-16) in master branch and the most recent Rust stable build (stable-2018-07-10). And it supports the latest Intel SGX SDK **v2.2**. New third party libraries include: bytes, http, iovec, rust-crypto, rust-fnv and rust-threshold-secret-sharing. New code sample 'secretsharing' and 'rust-threshold-secret-sharing' is provided by @davidp94. Please refer to [release_notes](release_notes.md) for further details.
@@ -22,9 +23,9 @@ This version provides a new namespace: `sgx_tstd::untrusted`, including `sgx_tst
2223

2324
## Requirement
2425

25-
Ubuntu 16.04
26+
Ubuntu 16.04 or 18.04
2627

27-
[Intel SGX SDK 2.2 for Linux](https://01.org/intel-software-guard-extensions/downloads) installed
28+
[Intel SGX SDK 2.3.1 for Linux](https://01.org/intel-software-guard-extensions/downloads) installed
2829

2930
Docker (Recommended)
3031

@@ -35,11 +36,13 @@ The docker image now supports Intel ME. If you need it, please refer to the sgxt
3536

3637
### Native without docker (Not recommended)
3738

38-
Install Intel SGX driver and SDK first. And refer to [Dockerfile](https://github.com/baidu/rust-sgx-sdk/blob/master/dockerfile/Dockerfile) or stable branch [Dockerfile](https://github.com/baidu/rust-sgx-sdk/blob/master/dockerfile/rust-stable/Dockerfile) to setup your own native Rust-SGX environment.
39+
Install Intel SGX driver and SDK first. And refer to [Dockerfile](dockerfile/Dockerfile.1604.nightly) or stable branch [Dockerfile](Dockerfile.1604.stable) to setup your own native Rust-SGX environment.
3940

4041
### Using docker (Recommended) without ME support
4142

42-
First, make sure Intel SGX Driver 2.2 is installed and functions well. `/dev/isgx` should be appeared.
43+
* As of v1.0.4, we provide 4 docker images: `baiduxlab/sgx-rust:1604` `baiduxlab/sgx-rust:1804` `baiduxlab/sgx-rust-stable:1604` `baiduxlab/sgx-rust-stable:1804`. The `latest` tag pins on `baiduxlab/sgx-rust:1604`.
44+
45+
First, make sure Intel SGX Driver 2.3.1 is installed and functions well. `/dev/isgx` should appear.
4346

4447
Second, pull the docker image. If you'd like to work on stable branch of Rust and `rust-stable` branch of this SDK, please pull `baiduxlab/sgx-rust-stable` instead.
4548

@@ -51,14 +54,7 @@ Third, start a docker with sgx device support and the Rust SGX SDK.
5154

5255
Next, start the aesm service inside the docker
5356

54-
`root@docker:/# /opt/intel/sgxpsw/aesm/aesm_service &`
55-
56-
Next, upgrade the toolchain (to the aforementioned version) to use the **master** branch
57-
58-
```
59-
root@docker:/# rustup default nightly-2018-08-25-x86_64-unknown-linux-gnu
60-
root@docker:/# rustup component add rust-src
61-
```
57+
`root@docker:/# /opt/intel/libsgx-enclave-common/aesm/aesm_service &`
6258

6359
Finally, check if the sample code works
6460

@@ -70,7 +66,7 @@ Finally, check if the sample code works
7066

7167
## Build the docker image by yourself
7268

73-
Make sure Intel SGX SDK is properly installed and service started on the host OS. Then `cd dockerfile` and run `docker build -t rust-sgx-docker` to build.
69+
Make sure Intel SGX SDK is properly installed and service started on the host OS. Then `cd dockerfile` and run `docker build -t rust-sgx-docker -f Dockerfile.1604.nightly .` to build.
7470

7571
## Use simulation mode for non SGX-enabled machine (includes macOS)
7672

@@ -163,9 +159,9 @@ We provide eighteen sample codes to help developers understand how to write Encl
163159

164160
* `switchless` shows the usage of latest "switchless" execution model provided by intel. Please pay attention to the Makefile and the position of link flag "-lsgx_tswitchless".
165161

166-
# Samples of ported third-party libraries
162+
* `mutual-ra` provides remote attestation based TLS connection between SGX enclaves. See the [readme](samplecode/mutual-ra/Readme.md) for details.
167163

168-
As of v0.9.5, we provide 25 ported third-party libraries. All of them could be compiled using xargo (`XARGO_SGX=1` make) or cargo (`make`).
164+
* `ue-ra` provides remote attestation based TLS connection between an untrusted party and one SGX enclave. See the [readme](samplecode/ue-ra/Readme.md) for details.
169165

170166
# Tips for writing enclaves in Rust
171167

@@ -189,7 +185,7 @@ Baidu Rust-SGX SDK is provided under the BSD license. Please refer to the [Licen
189185

190186
# Authors
191187

192-
Ran Duan, Long Li, Shi Jia, Yu Ding, Lenx Wei, Tanghui Chen
188+
Ran Duan, Long Li, Shi Jia, Yu Ding, Yulong Zhang, Yueqiang Cheng, Lenx Wei, Tanghui Chen
193189

194190
![Baidu X-Lab Logo](https://raw.githubusercontent.com/baidu/rust-sgx-sdk/master/logo_25.png)
195191

common/inc/mbusafecrt.h

+83
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,83 @@
1+
//
2+
// Copyright (c) Microsoft. All rights reserved.
3+
// Licensed under the MIT license. See LICENSE file in the project root for full license information.
4+
//
5+
6+
/***
7+
* mbusafecrt.h - public declarations for SafeCRT lib
8+
*
9+
10+
*
11+
* Purpose:
12+
* This file contains the public declarations SafeCRT
13+
* functions ported to MacOS. These are the safe versions of
14+
* functions standard functions banned by SWI
15+
*
16+
17+
****/
18+
19+
/* shields! */
20+
21+
#ifndef MBUSAFECRT_H
22+
#define MBUSAFECRT_H
23+
#include <string.h>
24+
#include <stdarg.h>
25+
#include <wchar.h>
26+
typedef wchar_t WCHAR;
27+
28+
#ifdef __cplusplus
29+
extern "C" {
30+
#endif
31+
32+
extern errno_t strcat_s( char* ioDest, size_t inDestBufferSize, const char* inSrc );
33+
extern errno_t wcscat_s( WCHAR* ioDest, size_t inDestBufferSize, const WCHAR* inSrc );
34+
35+
extern errno_t strncat_s( char* ioDest, size_t inDestBufferSize, const char* inSrc, size_t inCount );
36+
extern errno_t wcsncat_s( WCHAR* ioDest, size_t inDestBufferSize, const WCHAR* inSrc, size_t inCount );
37+
38+
extern errno_t strcpy_s( char* outDest, size_t inDestBufferSize, const char* inSrc );
39+
extern errno_t wcscpy_s( WCHAR* outDest, size_t inDestBufferSize, const WCHAR* inSrc );
40+
41+
extern errno_t strncpy_s( char* outDest, size_t inDestBufferSize, const char* inSrc, size_t inCount );
42+
extern errno_t wcsncpy_s( WCHAR* outDest, size_t inDestBufferSize, const WCHAR* inSrc, size_t inCount );
43+
44+
extern char* strtok_s( char* inString, const char* inControl, char** ioContext );
45+
extern WCHAR* wcstok_s( WCHAR* inString, const WCHAR* inControl, WCHAR** ioContext );
46+
47+
extern size_t wcsnlen( const WCHAR* inString, size_t inMaxSize );
48+
49+
extern errno_t _itoa_s( int inValue, char* outBuffer, size_t inDestBufferSize, int inRadix );
50+
extern errno_t _itow_s( int inValue, WCHAR* outBuffer, size_t inDestBufferSize, int inRadix );
51+
52+
extern errno_t _ltoa_s( long inValue, char* outBuffer, size_t inDestBufferSize, int inRadix );
53+
extern errno_t _ltow_s( long inValue, WCHAR* outBuffer, size_t inDestBufferSize, int inRadix );
54+
55+
extern errno_t _ultoa_s( unsigned long inValue, char* outBuffer, size_t inDestBufferSize, int inRadix );
56+
extern errno_t _ultow_s( unsigned long inValue, WCHAR* outBuffer, size_t inDestBufferSize, int inRadix );
57+
58+
extern errno_t _i64toa_s( long long inValue, char* outBuffer, size_t inDestBufferSize, int inRadix );
59+
extern errno_t _i64tow_s( long long inValue, WCHAR* outBuffer, size_t inDestBufferSize, int inRadix );
60+
61+
extern errno_t _ui64toa_s( unsigned long long inValue, char* outBuffer, size_t inDestBufferSize, int inRadix );
62+
extern errno_t _ui64tow_s( unsigned long long inValue, WCHAR* outBuffer, size_t inDestBufferSize, int inRadix );
63+
64+
extern int sprintf_s( char *string, size_t sizeInBytes, const char *format, ... );
65+
extern int swprintf_s( WCHAR *string, size_t sizeInWords, const WCHAR *format, ... );
66+
67+
extern int _snprintf_s( char *string, size_t sizeInBytes, size_t count, const char *format, ... );
68+
extern int _snwprintf_s( WCHAR *string, size_t sizeInWords, size_t count, const WCHAR *format, ... );
69+
70+
extern int _vsprintf_s( char* string, size_t sizeInBytes, const char* format, va_list arglist );
71+
extern int _vsnprintf_s( char* string, size_t sizeInBytes, size_t count, const char* format, va_list arglist );
72+
73+
extern int _vswprintf_s( WCHAR* string, size_t sizeInWords, const WCHAR* format, va_list arglist );
74+
extern int _vsnwprintf_s( WCHAR* string, size_t sizeInWords, size_t count, const WCHAR* format, va_list arglist );
75+
76+
extern errno_t memcpy_s( void * dst, size_t sizeInBytes, const void * src, size_t count );
77+
extern errno_t memmove_s( void * dst, size_t sizeInBytes, const void * src, size_t count );
78+
79+
#ifdef __cplusplus
80+
}
81+
#endif
82+
83+
#endif /* MBUSAFECRT_H */

common/inc/setjmp.h

+5-4
Original file line numberDiff line numberDiff line change
@@ -40,11 +40,11 @@
4040
#define _SETJMP_H_
4141

4242
#ifndef _JB_ATTRIBUTES
43-
#define _JB_ATTRIBUTES /**/
43+
#define _JB_ATTRIBUTES /**/
4444
#else
4545
#endif
4646
#ifndef _BSD_JBSLOT_T_
47-
#define _BSD_JBSLOT_T_ long
47+
#define _BSD_JBSLOT_T_ long
4848
#endif
4949

5050
#define _JBLEN 8
@@ -55,9 +55,10 @@ typedef _BSD_JBSLOT_T_ jmp_buf[_JBLEN] _JB_ATTRIBUTES;
5555
#define __returns_twice __attribute__((__returns_twice__))
5656
#define __dead
5757

58+
5859
__BEGIN_DECLS
59-
int _setjmp(jmp_buf) __returns_twice;
60-
void _longjmp(jmp_buf, int) __dead;
60+
int setjmp(jmp_buf) __returns_twice;
61+
void longjmp(jmp_buf, int) __dead;
6162
__END_DECLS
6263

6364
#endif /* !_SETJMP_H_ */

common/inc/stdlib.h

+1-7
Original file line numberDiff line numberDiff line change
@@ -43,20 +43,13 @@
4343
typedef __size_t size_t;
4444
#endif
4545

46-
#ifdef _TLIBC_WIN_
47-
#if !defined(_WCHAR_T_DEFINED) && !defined (_NATIVE_WCHAR_T_DEFINED)
48-
#define _WCHAR_T_DEFINED
49-
typedef unsigned short wchar_t;
50-
#endif
51-
#else
5246
#if !defined(_WCHAR_T_DEFINED_) && !defined(__cplusplus)
5347
#define _WCHAR_T_DEFINED_
5448
#ifndef __WCHAR_TYPE__
5549
#define __WCHAR_TYPE__ int
5650
#endif
5751
typedef __WCHAR_TYPE__ wchar_t;
5852
#endif
59-
#endif
6053

6154
#ifndef _DIV_T_DEFINED
6255
typedef struct {
@@ -93,6 +86,7 @@ typedef struct {
9386
__BEGIN_DECLS
9487

9588
_TLIBC_NORETURN_ void _TLIBC_CDECL_ abort(void);
89+
int _TLIBC_CDECL_ atexit(void (*)(void));
9690
int _TLIBC_CDECL_ abs(int);
9791
double _TLIBC_CDECL_ atof(const char *);
9892
int _TLIBC_CDECL_ atoi(const char *);

common/inc/sys/_types.h

+33-1
Original file line numberDiff line numberDiff line change
@@ -42,8 +42,13 @@ typedef short __int16_t;
4242
typedef unsigned short __uint16_t;
4343
typedef int __int32_t;
4444
typedef unsigned int __uint32_t;
45+
#ifdef __x86_64__
46+
typedef long __int64_t;
47+
typedef unsigned long __uint64_t;
48+
#else
4549
typedef long long __int64_t;
4650
typedef unsigned long long __uint64_t;
51+
#endif
4752

4853
/* 7.18.1.2 Minimum-width integer types */
4954
typedef __int8_t __int_least8_t;
@@ -77,6 +82,11 @@ typedef __uint64_t __uint_fast64_t;
7782
#endif
7883

7984
typedef long __off_t;
85+
#ifdef __x86_64__
86+
typedef long int __off64_t;
87+
#else
88+
typedef long long int __off64_t;
89+
#endif
8090

8191
/* 7.18.1.4 Integer types capable of holding object pointers */
8292
#ifdef __i386__
@@ -105,7 +115,7 @@ typedef long __clock_t;
105115

106116
typedef long __time_t;
107117
typedef __builtin_va_list __va_list;
108-
typedef int __wint_t;
118+
typedef unsigned int __wint_t;
109119
/* wctype_t and wctrans_t are defined in wchar.h */
110120
typedef unsigned long int __wctype_t;
111121
typedef int * __wctrans_t;
@@ -127,6 +137,28 @@ typedef struct {
127137
typedef __int64_t __intmax_t;
128138
typedef __uint64_t __uintmax_t;
129139

140+
141+
typedef unsigned long int __ino_t;
142+
typedef unsigned int __mode_t;
143+
typedef unsigned int __uid_t;
144+
typedef unsigned int __gid_t;
145+
typedef long int __blksize_t;
146+
typedef long int __blkcnt_t;
147+
148+
#ifdef __x86_64__
149+
typedef unsigned long int __dev_t;
150+
typedef long int __off64_t;
151+
typedef unsigned long int __nlink_t;
152+
typedef long int __blkcnt64_t;
153+
typedef unsigned long int __ino64_t;
154+
#else
155+
typedef unsigned long long int __dev_t;
156+
typedef long long int __off64_t;
157+
typedef unsigned int __nlink_t;
158+
typedef long long int __blkcnt64_t;
159+
typedef unsigned long long int __ino64_t;
160+
#endif
161+
130162
#endif /* !_SYS__TYPES_H_ */
131163

132164

0 commit comments

Comments
 (0)