Initial Implementation #1
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
billguo99
requested changes
Mar 17, 2022
| [package] | ||
| name = "dcap_attestation" | ||
| version = "0.1.0" | ||
| edition = "2018" |
There was a problem hiding this comment.
We can change edition = "2021" to the latest Rust edition. Can also change in the other Cargo.toml files.
| let bindings: bool = !env::var("CARGO_FEATURE_BINDINGS").map_or(false, |val| val == "true"); | ||
|
|
||
| if bindings { | ||
| // println!("cargo:rustc-link-lib=sgx_dcap_ql"); |
There was a problem hiding this comment.
I saw you commented this out when you were adding the quote generations. Is this meant to stay commented out?
There was a problem hiding this comment.
Good catch! I am fairly certain this needs to be uncommented, since sgx_dcap_ql is listed under the package.links. Refer to the relevant cargo documentation.
Suggested change
| // println!("cargo:rustc-link-lib=sgx_dcap_ql"); | |
| println!("cargo:rustc-link-lib=sgx_dcap_ql"); |
There was a problem hiding this comment.
Your "relevant cargo documentation" link leads to a 404 page. Could you please relink it? :)
We do want the Cargo.lock files for the enclave-test application.
This uses the file revision rather than the overall repository revision, so that we don't have to update it for SGX SDK updates that don't touch this file.
PiDelport
force-pushed
the
initial-version
branch
from
770d5dc to
4ad17e5
Compare
PiDelport
reviewed
Mar 23, 2022
There was a problem hiding this comment.
Okay, I finished a first pass, and pushed some smaller changes. Questions so far:
- Should
libmock_dcap_quoteprov.sobe removed? - Should we consider using matklad's crate / workspace layout? (This isn't a large project, but I'm growing to like the layout for Rust projects in general.)
sgx-dcap-ql-sys/src/bindings.rs
Outdated
Comment on lines
1
to
26
| use sgx_types::{ | ||
| c_char, sgx_ql_path_type_t, sgx_ql_request_policy_t, sgx_quote3_error_t, sgx_report_t, | ||
| sgx_target_info_t, uint32_t, uint8_t, | ||
| }; | ||
|
|
||
| // FROM: https://github.com/apache/incubator-teaclave-sgx-sdk/blob/d107bd0718f723221750a4f2973451b386cbf9d2/sgx_types/src/function.rs#L710 | ||
| extern "C" { | ||
| // | ||
| // sgx_dcap_ql_wrapper.h | ||
| // | ||
| pub fn sgx_qe_set_enclave_load_policy(policy: sgx_ql_request_policy_t) -> sgx_quote3_error_t; | ||
| pub fn sgx_qe_get_target_info(p_qe_target_info: *mut sgx_target_info_t) -> sgx_quote3_error_t; | ||
| pub fn sgx_qe_get_quote_size(p_quote_size: *mut uint32_t) -> sgx_quote3_error_t; | ||
| pub fn sgx_qe_get_quote( | ||
| p_app_report: *const sgx_report_t, | ||
| quote_size: uint32_t, | ||
| p_quote: *mut uint8_t, | ||
| ) -> sgx_quote3_error_t; | ||
| pub fn sgx_qe_cleanup_by_policy() -> sgx_quote3_error_t; | ||
|
|
||
| /* intel DCAP 1.6 */ | ||
| pub fn sgx_ql_set_path( | ||
| path_type: sgx_ql_path_type_t, | ||
| p_path: *const c_char, | ||
| ) -> sgx_quote3_error_t; | ||
| } |
There was a problem hiding this comment.
Can we replace these definitions with a pub use re-export?
I tried this locally, and it seems to work: is there any deeper or subtler reason not to do it this way?
Suggested change
| use sgx_types::{ | |
| c_char, sgx_ql_path_type_t, sgx_ql_request_policy_t, sgx_quote3_error_t, sgx_report_t, | |
| sgx_target_info_t, uint32_t, uint8_t, | |
| }; | |
| // FROM: https://github.com/apache/incubator-teaclave-sgx-sdk/blob/d107bd0718f723221750a4f2973451b386cbf9d2/sgx_types/src/function.rs#L710 | |
| extern "C" { | |
| // | |
| // sgx_dcap_ql_wrapper.h | |
| // | |
| pub fn sgx_qe_set_enclave_load_policy(policy: sgx_ql_request_policy_t) -> sgx_quote3_error_t; | |
| pub fn sgx_qe_get_target_info(p_qe_target_info: *mut sgx_target_info_t) -> sgx_quote3_error_t; | |
| pub fn sgx_qe_get_quote_size(p_quote_size: *mut uint32_t) -> sgx_quote3_error_t; | |
| pub fn sgx_qe_get_quote( | |
| p_app_report: *const sgx_report_t, | |
| quote_size: uint32_t, | |
| p_quote: *mut uint8_t, | |
| ) -> sgx_quote3_error_t; | |
| pub fn sgx_qe_cleanup_by_policy() -> sgx_quote3_error_t; | |
| /* intel DCAP 1.6 */ | |
| pub fn sgx_ql_set_path( | |
| path_type: sgx_ql_path_type_t, | |
| p_path: *const c_char, | |
| ) -> sgx_quote3_error_t; | |
| } | |
| // Re-export the `sgx_dcap_ql` symbols from `sgx_types`. | |
| pub use sgx_types::{ | |
| // sgx_dcap_ql_wrapper.h | |
| sgx_qe_cleanup_by_policy, | |
| sgx_qe_get_quote, | |
| sgx_qe_get_quote_size, | |
| sgx_qe_get_target_info, | |
| sgx_qe_set_enclave_load_policy, | |
| // Intel DCAP 1.6 | |
| sgx_ql_set_path, | |
| }; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
For testing, use:
cargo test --no-default-features --features=test