libsgxstep: support compilation as shared library

Elementary PoC works, needs further testing. Cf #76
jovanbulck · Sep 24, 2024 · 15e89a9 · 15e89a9
1 parent 1ecc1b2
commit 15e89a9
Show file tree

Hide file tree

Showing 4 changed files with 46 additions and 36 deletions.
diff --git a/libsgxstep/Makefile b/libsgxstep/Makefile
@@ -4,6 +4,7 @@ CC          = gcc
 AS          = gcc
 AR          = ar
 ARFLAGS     = -rcs
+CFLAGS      = -fPIC
 
 ifneq "$(WITH_PSTATE)" "0"
 CPPFLAGS     += -DHAS_PSTATE
@@ -21,7 +22,7 @@ endif
 SOURCES     = $(shell ls *.c)
 ASM         = $(shell ls *.S)
 OBJECTS     = $(SOURCES:.c=.o) $(ASM:.S=.o)
-OUTPUT      = libsgx-step.a
+OUTPUT      = libsgx-step.a libsgx-step.so
 
 ifeq ($(GRAMINE), 1)
 	CFLAGS += -DSGX_SSAFRAMESIZE=16384
@@ -30,18 +31,22 @@ endif
 
 all: $(OUTPUT)
 
-$(OUTPUT): $(OBJECTS)
-	echo "$(INDENT)[AR] " $(OUTPUT)
-	$(AR) $(ARFLAGS) $(OUTPUT) $(OBJECTS)
+%.a: $(OBJECTS)
+	@echo "$(INDENT)[AR] " $@
+	$(AR) $(ARFLAGS) $@ $(OBJECTS)
+
+%.so: $(OBJECTS)
+	@echo "$(INDENT)[LD] " $@
+	$(CC) -shared $(LDFLAGS) $(OBJECTS) -o $@
 
 %.o : %.c
-	echo "$(INDENT)[CC] " $<
+	@echo "$(INDENT)[CC] " $<
 	$(CC) $(CPPFLAGS) $(CFLAGS) $(INCLUDE) -c $< -o $@
 
 %.o : %.S
-	echo "$(INDENT)[AS] " $<
+	@echo "$(INDENT)[AS] " $<
 	$(AS) $(ASFLAGS) $(INCLUDE) -c $< -o $@
 
 clean:
-	echo "$(INDENT)[RM]" $(OBJECTS) $(OUTPUT)
+	@echo "$(INDENT)[RM]" $(OBJECTS) $(OUTPUT)
 	rm -f $(OBJECTS) $(OUTPUT)
diff --git a/libsgxstep/aep.c b/libsgxstep/aep.c
@@ -84,5 +84,6 @@ void __attribute__((constructor)) xs_register_fault_handler(void)
 
     /* Block all signals while the signal is being handled */
     sigfillset(&act.sa_mask);
+    info("installing sigtrap handler to intercept ENCLU..");
     ASSERT(!sigaction(SIGTRAP, &act, &old_act));
 }
diff --git a/libsgxstep/aep_trampoline.S b/libsgxstep/aep_trampoline.S
@@ -56,31 +56,26 @@ sgx_step_aep_trampoline:
     and $~0xf, %rsp
 
     /* optional C function callback */
-    lea sgx_step_aep_cb(%rip), %xax
+    mov sgx_step_aep_cb@GOTPCREL(%rip), %xax
     mov (%xax), %xax
     test %xax, %xax
     je .Leresume
     call *%xax
 
 .Leresume:
-    incl sgx_step_eresume_cnt(%rip)
+    mov sgx_step_eresume_cnt@GOTPCREL(%rip), %rax
+    incl (%rax)
 
     /* restore stack and TCS address */
     mov %rbp, %rsp
     pop %xbx
 
-    lea sgx_step_aep_trampoline(%rip), %xcx   /* AEP address */
-
-    prefetch nemesis_tsc_eresume(%rip)
-    mfence
-
-    rdtsc
-    mov %eax, nemesis_tsc_eresume(%rip)
+    mov sgx_step_aep_trampoline@GOTPCREL(%rip), %xcx   /* AEP address */
 
     mov $3, %xax                        /* ERESUME leaf */
 
     /* optionally set RFLAGS.TF to enable simulated single-stepping for DEBUG enclaves */
-    lea sgx_step_do_trap(%rip), %rdx
+    mov sgx_step_do_trap@GOTPCREL(%rip), %rdx
     mov (%rdx), %rdx
     test %rdx, %rdx
     je sgx_step_aep_eresume
@@ -95,7 +90,9 @@ sgx_step_aep_eresume:
 
     .global xs_enclu_stub
 xs_enclu_stub:
-    mov xs_aep_pt(%rip), %rcx
+    mov xs_aep_pt@GOTPCREL(%rip), %rcx
+    mov (%rcx), %rcx
     enclu
-    jmp *xs_enclu_cont_inst(%rip)
+    mov xs_enclu_cont_inst@GOTPCREL(%rip), %rbx
+    jmp *(%rbx)
 
diff --git a/libsgxstep/irq_entry.S b/libsgxstep/irq_entry.S
@@ -16,14 +16,15 @@
 
     .section isr_section,"awx",@progbits
     .align 0x1000
-    .global __ss_irq_fired, __ss_irq_count, __ss_irq_cpl, apic_base, nemesis_tsc_aex, __ss_irq_rip, __ss_irq_rax
+    .global __ss_irq_fired, __ss_irq_count, __ss_irq_cpl, nemesis_tsc_aex, __ss_irq_rip
 __ss_irq_fired:
     .int 0x0
 __ss_irq_count:
     .int 0x0
 __ss_irq_cpl:
     .int 0xff
 #if !X2APIC
+    .global apic_base
 apic_base:
     .quad 0x0
 #endif
@@ -45,24 +46,29 @@ __ss_irq_rip:
     .global __ss_irq_handler
 __ss_irq_handler:
     /* Nemesis IRQ latency timestamp */
-    mov %rax, __ss_irq_rax(%rip)
-    mov %rdx, __ss_irq_rdx(%rip)
+    push %rax
+    push %rcx
+    push %rdx
     rdtsc
-    mov %eax, nemesis_tsc_aex(%rip)
-    mov %edx, nemesis_tsc_aex+4(%rip)
-    mov %rcx, __ss_irq_rcx(%rip)
+    mov nemesis_tsc_aex@GOTPCREL(%rip), %rcx
+    mov %eax, (%rcx)
+    mov %edx, 4(%rcx)
 
     /* IRQ bookkeeping */
-    mov 0(%rsp), %rax
-    mov %rax, __ss_irq_rip(%rip)
-    movw %cs,  __ss_irq_cpl(%rip)
-    andw $0x3, __ss_irq_cpl(%rip)
-    incl __ss_irq_count(%rip)
-    incl __ss_irq_fired(%rip)
+    mov 12(%rsp), %rax
+    mov __ss_irq_rip@GOTPCREL(%rip), %rcx
+    mov %rax, (%rcx)
+    mov __ss_irq_cpl@GOTPCREL(%rip), %rcx
+    movw %cs,  (%rcx)
+    andw $0x3, (%rcx)
+    mov __ss_irq_count@GOTPCREL(%rip), %rcx
+    incl (%rcx)
+    mov __ss_irq_fired@GOTPCREL(%rip), %rcx
+    incl (%rcx)
 
     /* apic_write(APIC_EOI, 0x0); */
 #if !X2APIC
-    lea apic_base(%rip), %rax
+    mov apic_base@GOTPCREL(%rip), %rax
     mov (%rax),%rax
     test %rax, %rax
     jz 1f
@@ -75,9 +81,9 @@ __ss_irq_handler:
     mov $0x80b, %ecx
     wrmsr
 #endif
-    mov __ss_irq_rax(%rip), %rax
-    mov __ss_irq_rdx(%rip), %rdx
-    mov __ss_irq_rcx(%rip), %rcx
+    pop %rdx
+    pop %rcx
+    pop %rax
     iretq
 
 /* ********************************************************************** */
@@ -97,7 +103,8 @@ __ss_irq_gate_cb:
     .align 0x1000
     .global __ss_irq_gate
 __ss_irq_gate:
-    call *__ss_irq_gate_cb(%rip)
+    mov __ss_irq_gate_cb@GOTPCREL(%rip), %rax
+    call *(%rax)
     iretq
 
     /*