Comments (6)
If you want to set the compilation flags on the top level crate you can just use cargo rustc
.
from rust-sgx.
Thanks for the reply! My project layout is this:
.
├── app
│ ├── src
│ │ └── lib.rs
│ └── Cargo.toml
├── enclave
│ ├── src
│ │ └── main.rs
│ └── Cargo.toml
├── Cargo.lock
└── Cargo.toml
The app/src/lib.rs looks like this:
pub fn foo() -> i32 {
5
}
If I now run cargo rustc -p app -- -Cpasses=sancov-module -Cllvm-args=-sanitizer-coverage-level=1 -Cllvm-args=-sanitizer-coverage-trace-pc-guard
, it creates the libapp.rlib and when checking the disassembly of the object file in the incremental folder, it correctly instruments it:
Disassembly of section .text._ZN3app3foo17h0966669265df2a47E:
0000000000000000 <_ZN3app3foo17h0966669265df2a47E>:
0: 50 push %rax
1: 48 8d 3d 00 00 00 00 lea 0x0(%rip),%rdi # 8 <_ZN3app3foo17h0966669265df2a47E+0x8>
8: e8 00 00 00 00 call d <_ZN3app3foo17h0966669265df2a47E+0xd>
d: b8 05 00 00 00 mov $0x5,%eax
12: 59 pop %rcx
13: c3 ret
Unfortunately, if I then run cargo rustc -p enclave
, it will compile the “app” crate again, this time without the instrumentation:
Disassembly of section .text._ZN3app3foo17h0966669265df2a47E:
0000000000000000 <_ZN3app3foo17h0966669265df2a47E>:
0: b8 05 00 00 00 mov $0x5,%eax
5: c3 ret
But I would also be fine with linking the rlib manually to the enclave crate; although then I get this "Unsupported dynamic entry: .init functions" error.
from rust-sgx.
It's not clear from your directory tree what your dependency tree looks like. Rlibs are not designed for manual linking, you must use rustc
. If you want to change the compile flags for a single crate that's not the top crate, you should modify cargo or run rustc
manually for all the crates in your dependency tree.
Closing as this is not really an EDP issue.
from rust-sgx.
Thanks for your answer. My main problem was actually not the Rust linking, but a problem with the init section loaded by the EDP. The init sections is automatically inserted by SanitizerCoverage.
Here is a small example in C of the problem:
int helloworld(int a) {
return a;
}
If I compile this and link this to the Rust enclave:
$ clang -g -fsanitize-coverage=trace-pc-guard -fPIC helloworld.c -c
$ ar -crs libhelloworld.a helloworld.o
$ mv libhelloworld.a target/x86_64-fortanix-unknown-sgx/debug/deps
I get this error:
Running `ftxsgx-runner-cargo target/x86_64-fortanix-unknown-sgx/debug/enclave`
ERROR: Unsupported dynamic entry: .init functions
ERROR: while running "ftxsgx-elf2sgxs" "target/x86_64-fortanix-unknown-sgx/debug/enclave" "--heap-size" "33554432" "--ssaframesize" "1" "--stack-size" "131072" "--threads" "4" "--debug" got exit status: 1
I've identified the error because LLVM will insert a call to the function module_ctor_trace_pc_guard
in the .init_array.2
section. As far as I understand it, this is normally executed before loading, but unfortunately, ftxsgx-elf2sgxs does not seem to support it.
I managed to start the enclave by removing the section with objcopy --remove-section .init_array.2 helloworld.o
as the second step, but then the initialization function is not called (I think it may be possible to do it manually, but this seems to get a bit ugly quick).
I wonder if it would be manageable for a relative newcomer to the EDP project to add support for the init sections?
from rust-sgx.
I wonder if it would be manageable for a relative newcomer to the EDP project to add support for the init sections?
It would probably be manageable, but Rust has a pretty strict "no life before main" policy. As such, EDP doesn't support it today and it's not clear if it should be supported. Constructors are difficult for verification and determinism, and it would add additional complexity to the entry code, which is a security risk. Is there a way to achieve what you want without constructors?
from rust-sgx.
Ah okay, I see. On the other hand, it works with the normal Rust toolchain. Might also be necessary if C++ libraries are used in the EDP (whether this is a good idea is of course a different question).
I think I can do it manually by removing the init_array
section like above and initialize the sancov data structure at the beginning of main manually. I guess I somehow need to manually add an array of function pointers as an exported symbol and then call those manually from Rust.
from rust-sgx.
Related Issues (20)
- Rebase tokio crate HOT 1
- Upstream SGX support to tokio crate
- Fix rust-sgx CI HOT 1
- [Async I/O] Limit size of call queue
- Compilation failure of `rustc-serialize` breaks CI HOT 1
- Fix `em-app` vulnerability
- Update `time` crate
- Update `tokio` dependency of `enclave-runner`
- Publish new version of sgxs to crates.io HOT 1
- CI is currently broken on the latest nightly compiler
- Indicate that `em_app` 0.1.x is compatible with `pkix` v0.1.x and v0.2.x.
- [BUG]: "I/O ctl failed" in sgx-detect HOT 9
- dcap-ql: Update mbedtls? HOT 1
- Upgrade mbedtls dependency and publish new releasees of crates
- Update/fix examples
- In-enclave source code link broken
- [BUG]: Input Exceeds Length Limit Causes Read Limitation and Infinite Wait
- Discrepancy in Handling Large Data Writes: tokio::net::TcpStream vs std::net::TcpStream`
- [dcap-ql] Update [email protected] to 0.5
- Update nix dependency in enclave-runner and sgxs-loaders
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from rust-sgx.