[all] Update to v1.0.0 (#67)

Updates:
* [all] Change to follow SM v1.0 SBI (OpenSBI)
* [all] Fix compilation error for the new toolchain (RV32/RV64)
* [CI] moved from TravisCI to CircleCI
* [examples] Add return value checking for tests (`--retval` flag in the test runner)
* [src/host] Host doesn't need to initialize Untrusted Memory Resolves #48 
* [all] Fix formatting
* [tests] Replace ValidMeasure test with deterministic measurement test

Issues Resolved:
#48

Author: dayeol

.circleci/config.yml

@@ -0,0 +1,69 @@
+# Use the latest 2.1 version of CircleCI pipeline process engine. See: https://circleci.com/docs/2.0/configuration-reference
+version: 2.1
+
+# prebuilt docker images with toolchain
+executors:
+  setup-rv64gc:
+    docker:
+      - image: keystoneenclaveorg/keystone:init-rv64gc
+  setup-rv32gc:
+    docker:
+      - image: keystoneenclaveorg/keystone:init-rv32gc
+
+
+commands:
+  update-riscv-toolchain-path:
+    steps:
+      - run: echo 'export PATH=/keystone/riscv64/bin:/keystone/riscv32/bin:$PATH' >> $BASH_ENV
+  setup-test:
+    steps:
+      - run:
+          command: |
+              /keystone/sdk/tests/scripts/setup_test.sh
+              apt -y update
+              apt -y install python3-pip clang-format
+              pip3 install cpplint
+
+jobs:
+  build-install-examples-test-format-64:
+    executor: setup-rv64gc
+    working_directory: /keystone/sdk
+    steps:
+      - checkout
+      - update-riscv-toolchain-path
+      - setup-test
+      - run:
+          name: "Build, install, build examples, test, and format check (rv64)"
+          command: |
+              mkdir build64
+              cd build64
+              export KEYSTONE_SDK_DIR=$(pwd)
+              cmake ..
+              make
+              make install
+              make examples
+              make check
+              make uninstall
+              make format
+  build-install-examples-32:
+    executor: setup-rv32gc
+    working_directory: /keystone/sdk
+    steps:
+      - checkout
+      - update-riscv-toolchain-path
+      - run:
+          name: "Build, install, build examples (rv32)"
+          command: |
+              mkdir build32
+              cd build32
+              export KEYSTONE_SDK_DIR=$(pwd)
+              cmake .. -DRISCV32=y
+              make
+              make install
+              make examples
+
+workflows:
+  build-and-test:
+    jobs:
+      - build-install-examples-test-format-64
+      - build-install-examples-32

.travis.yml

@@ -36,7 +36,7 @@ target_include_directories(${host_bin}
 
 set(eyrie_files_to_copy .options_log eyrie-rt)
 add_eyrie_runtime(${eapp_bin}-eyrie
-  "origin/master"
+  "v1.0.0"
   ${eyrie_plugins}
   ${eyrie_files_to_copy})
 

examples/hello-native/CMakeLists.txt

@@ -25,7 +25,7 @@ target_link_libraries(${host_bin} ${KEYSTONE_LIB_HOST} ${KEYSTONE_LIB_EDGE})
 
 set(eyrie_files_to_copy .options_log eyrie-rt)
 add_eyrie_runtime(${eapp_bin}-eyrie
-  "origin/master"
+  "v1.0.0"
   ${eyrie_plugins}
   ${eyrie_files_to_copy})
 

examples/hello/CMakeLists.txt

@@ -46,7 +46,7 @@ add_custom_command(OUTPUT ${CMAKE_CURRENT_BINARY_DIR}/add_long.S
   ${CMAKE_CURRENT_BINARY_DIR}/add_long.S
   ${CMAKE_CURRENT_SOURCE_DIR}/long-nop/nop.s
   ${CMAKE_CURRENT_SOURCE_DIR}/long-nop/func_base.s
-  ${CMAKE_CURRENT_SOURCE_DIR}/long-nop/nop.h 
+  ${CMAKE_CURRENT_SOURCE_DIR}/long-nop/nop.h
 )
 target_link_libraries(long-nop ${KEYSTONE_LIB_EAPP})
 
@@ -78,7 +78,12 @@ set(test_script ${CMAKE_CURRENT_BINARY_DIR}/run-test.sh)
 file(WRITE ${test_script_tmp} "")
 foreach (test IN ITEMS ${all_test_bins})
   file(APPEND ${test_script_tmp} "echo 'testing ${test}'\n")
-  file(APPEND ${test_script_tmp} "./${host_bin} ${test} eyrie-rt\n")
+  if (EXISTS ${CMAKE_CURRENT_SOURCE_DIR}/${test}/retval)
+    execute_process(COMMAND cat ${CMAKE_CURRENT_SOURCE_DIR}/${test}/retval OUTPUT_VARIABLE retval)
+    file(APPEND ${test_script_tmp} "./${host_bin} ${test} eyrie-rt --retval ${retval}")
+  else()
+    file(APPEND ${test_script_tmp} "./${host_bin} ${test} eyrie-rt\n")
+  endif()
 endforeach(test)
 
 file(COPY ${test_script_tmp} DESTINATION ${CMAKE_CURRENT_BINARY_DIR}
@@ -99,7 +104,7 @@ target_link_libraries(${host_bin} ${KEYSTONE_LIB_HOST} ${KEYSTONE_LIB_EDGE} ${KE
 
 set(eyrie_files_to_copy .options_log eyrie-rt)
 add_eyrie_runtime(test-eyrie
-  "origin/master"
+  "v1.0.0"
   ${eyrie_plugins}
   ${eyrie_files_to_copy})
 

examples/tests/CMakeLists.txt

@@ -0,0 +1 @@
+0

examples/tests/attestation/retval

@@ -0,0 +1 @@
+0

examples/tests/data-sealing/retval

@@ -0,0 +1 @@
+14930352

examples/tests/fibonacci/retval

@@ -0,0 +1 @@
+12345

examples/tests/long-nop/retval

@@ -0,0 +1 @@
+54321

examples/tests/loop/retval

@@ -0,0 +1 @@
+11411

examples/tests/malloc/retval

@@ -0,0 +1 @@
+12345

examples/tests/stack/retval

@@ -58,7 +58,7 @@ main(int argc, char** argv) {
   if (argc < 3 || argc > 8) {
     printf(
         "Usage: %s <eapp> <runtime> [--utm-size SIZE(K)] [--freemem-size "
-        "SIZE(K)] [--time] [--load-only] [--utm-ptr 0xPTR]\n",
+        "SIZE(K)] [--time] [--load-only] [--utm-ptr 0xPTR] [--retval EXPECTED]\n",
         argv[0]);
     return 0;
   }
@@ -69,13 +69,16 @@ main(int argc, char** argv) {
   size_t untrusted_size = 2 * 1024 * 1024;
   size_t freemem_size   = 48 * 1024 * 1024;
   uintptr_t utm_ptr     = (uintptr_t)DEFAULT_UNTRUSTED_PTR;
+  bool retval_exist = false;
+  unsigned long retval = 0;
 
   static struct option long_options[] = {
       {"time", no_argument, &self_timing, 1},
       {"load-only", no_argument, &load_only, 1},
       {"utm-size", required_argument, 0, 'u'},
       {"utm-ptr", required_argument, 0, 'p'},
       {"freemem-size", required_argument, 0, 'f'},
+      {"retval", required_argument, 0, 'r'},
       {0, 0, 0, 0}};
 
   char* eapp_file = argv[1];
@@ -100,6 +103,10 @@ main(int argc, char** argv) {
       case 'f':
         freemem_size = atoi(optarg) * 1024;
         break;
+      case 'r':
+        retval_exist = true;
+        retval = atoi(optarg);
+        break;
     }
   }
 
@@ -126,7 +133,12 @@ main(int argc, char** argv) {
     asm volatile("rdcycle %0" : "=r"(cycles3));
   }
 
-  if (!load_only) enclave.run();
+  uintptr_t encl_ret;
+  if (!load_only) enclave.run(&encl_ret);
+
+  if (retval_exist && encl_ret != retval) {
+    printf("[FAIL] enclave returned a wrong value (%d != %d)\r\n", encl_ret, retval);
+  }
 
   if (self_timing) {
     asm volatile("rdcycle %0" : "=r"(cycles4));

examples/tests/test-runner.cpp

@@ -0,0 +1 @@
+13

examples/tests/untrusted/retval

@@ -16,20 +16,19 @@
 #define SYSCALL_GET_SEALING_KEY 1004
 #define SYSCALL_EXIT 1101
 
-#define SYSCALL(which, arg0, arg1, arg2, arg3, arg4)      \
-  ({                                                      \
-    register uintptr_t a0 asm("a0") = (uintptr_t)(arg0);  \
-    register uintptr_t a1 asm("a1") = (uintptr_t)(arg1);  \
-    register uintptr_t a2 asm("a2") = (uintptr_t)(arg2);  \
-    register uintptr_t a3 asm("a3") = (uintptr_t)(arg3);  \
-    register uintptr_t a4 asm("a4") = (uintptr_t)(arg4);  \
-    register uintptr_t a7 asm("a7") = (uintptr_t)(which); \
-    asm volatile(                                         \
-        "ecall"                                           \
-        : "+r"(a0)                                        \
-        : "r"(a1), "r"(a2), "r"(a3), "r"(a4), "r"(a7)     \
-        : "memory");                                      \
-    a0;                                                   \
+#define SYSCALL(which, arg0, arg1, arg2, arg3, arg4)           \
+  ({                                                           \
+    register uintptr_t a0 asm("a0") = (uintptr_t)(arg0);       \
+    register uintptr_t a1 asm("a1") = (uintptr_t)(arg1);       \
+    register uintptr_t a2 asm("a2") = (uintptr_t)(arg2);       \
+    register uintptr_t a3 asm("a3") = (uintptr_t)(arg3);       \
+    register uintptr_t a4 asm("a4") = (uintptr_t)(arg4);       \
+    register uintptr_t a7 asm("a7") = (uintptr_t)(which);      \
+    asm volatile("ecall"                                       \
+                 : "+r"(a0)                                    \
+                 : "r"(a1), "r"(a2), "r"(a3), "r"(a4), "r"(a7) \
+                 : "memory");                                  \
+    a0;                                                        \
   })
 
 #define SYSCALL_0(which) SYSCALL(which, 0, 0, 0, 0, 0)

include/app/syscall.h

@@ -66,7 +66,7 @@ class Enclave {
       const char* eapppath, const char* runtimepath, Params _params,
       uintptr_t alternatePhysAddr);
   Error destroy();
-  Error run();
+  Error run(uintptr_t* ret = nullptr);
 };
 
 uint64_t

include/host/Enclave.hpp

@@ -28,7 +28,7 @@ class KeystoneDevice {
 
  private:
   int fd;
-  Error __run(bool resume);
+  Error __run(bool resume, uintptr_t* ret);
 
  public:
   virtual uintptr_t getPhysAddr() { return physAddr; }
@@ -42,8 +42,8 @@ class KeystoneDevice {
       uintptr_t runtimePhysAddr, uintptr_t eappPhysAddr, uintptr_t freePhysAddr,
       struct runtime_params_t params);
   virtual Error destroy();
-  virtual Error run();
-  virtual Error resume();
+  virtual Error run(uintptr_t* ret);
+  virtual Error resume(uintptr_t* ret);
   virtual void* map(uintptr_t addr, size_t size);
 };
 
@@ -62,8 +62,8 @@ class MockKeystoneDevice : public KeystoneDevice {
       uintptr_t runtimePhysAddr, uintptr_t eappPhysAddr, uintptr_t freePhysAddr,
       struct runtime_params_t params);
   Error destroy();
-  Error run();
-  Error resume();
+  Error run(uintptr_t* ret);
+  Error resume(uintptr_t* ret);
   void* map(uintptr_t addr, size_t size);
 };
 

include/host/KeystoneDevice.hpp

@@ -23,7 +23,9 @@ namespace Keystone {
 /*
  * These are used to make use of C type-checking..
  */
-typedef struct { uintptr_t pte; } pte;
+typedef struct {
+  uintptr_t pte;
+} pte;
 
 #define pte_val(x) ((x).pte)
 
@@ -70,11 +72,11 @@ class Memory {
   Memory();
   ~Memory() {}
   virtual void init(
-      KeystoneDevice* dev, uintptr_t phys_addr, size_t min_pages) = 0;
-  virtual uintptr_t readMem(uintptr_t src, size_t size) = 0;
+      KeystoneDevice* dev, uintptr_t phys_addr, size_t min_pages)  = 0;
+  virtual uintptr_t readMem(uintptr_t src, size_t size)            = 0;
   virtual void writeMem(uintptr_t src, uintptr_t dst, size_t size) = 0;
-  virtual uintptr_t allocMem(size_t size) = 0;
-  virtual uintptr_t allocUtm(size_t size) = 0;
+  virtual uintptr_t allocMem(size_t size)                          = 0;
+  virtual uintptr_t allocUtm(size_t size)                          = 0;
   bool allocPage(uintptr_t eva, uintptr_t src, unsigned int mode);
   size_t epmAllocVspace(uintptr_t addr, size_t num_pages);
 

include/host/Memory.hpp

@@ -28,7 +28,7 @@
 /* Currently we have only one command avaiable from the enclave.
  * We need to move it out to other header file (e.g., keystone-sm.h) */
 #define KEYSTONE_ENCLAVE_DONE 0
-#define KEYSTONE_ENCLAVE_INTERRUPTED 2
-#define KEYSTONE_ENCLAVE_EDGE_CALL_HOST 11
+#define KEYSTONE_ENCLAVE_INTERRUPTED 100002
+#define KEYSTONE_ENCLAVE_EDGE_CALL_HOST 100011
 
 #endif

include/host/common.h

@@ -7,7 +7,6 @@
 
 #include <linux/ioctl.h>
 #include <linux/types.h>
-#include <stdint.h>
 // Linux generic TEE subsystem magic defined in <linux/tee.h>
 #define KEYSTONE_IOC_MAGIC 0xa4
 
@@ -25,6 +24,12 @@
 #define KEYSTONE_IOC_UTM_INIT \
   _IOR(KEYSTONE_IOC_MAGIC, 0x07, struct keystone_ioctl_create_enclave)
 
+#define RT_NOEXEC 0
+#define USER_NOEXEC 1
+#define RT_FULL 2
+#define USER_FULL 3
+#define UTM_FULL 4
+
 struct runtime_params_t {
   uintptr_t runtime_entry;
   uintptr_t user_entry;
@@ -61,24 +66,8 @@ struct keystone_ioctl_create_enclave {
 
 struct keystone_ioctl_run_enclave {
   uintptr_t eid;
-  uintptr_t entry;
-  uintptr_t args_ptr;
-  uintptr_t args_size;
-  uintptr_t ret;
-};
-
-struct keystone_hash_enclave {
-  uintptr_t epm_paddr;
-  uintptr_t epm_size;
-  uintptr_t utm_paddr;
-  uintptr_t utm_size;
-
-  uintptr_t runtime_paddr;
-  uintptr_t user_paddr;
-  uintptr_t free_paddr;
-
-  uintptr_t untrusted_ptr;
-  uintptr_t untrusted_size;
+  uintptr_t error;
+  uintptr_t value;
 };
 
 #endif