update readme for v0.9.6
diff --git a/LICENSE b/LICENSE
index 281da4a..72091f9 100644
--- a/LICENSE
+++ b/LICENSE
@@ -1,6 +1,6 @@
BSD License
-Copyright (c) 2017 Baidu, Inc. All Rights Reserved.
+Copyright (C) 2017-2018 Baidu, Inc. All Rights Reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
diff --git a/Readme.md b/Readme.md
index 778133f..2b7059f 100644
--- a/Readme.md
+++ b/Readme.md
@@ -1,6 +1,9 @@
# Rust SGX SDK
Rust SGX SDK helps developers write Intel SGX applications in Rust programming language. [[Paper pdf]](documents/ccsp17.pdf)
+## v0.9.6 Release
+This version provides security enhancement for untrusted IO and additional support for monotonic counter. Untrusted IO operations in `sgx_tstd::fs` `sgx_tstd::net` and `sgx_tstd::time` are **DISABLED by default** to reduce the untrusted surface, and can be enabled by features. Trusted time support is moved to `sgx_tservice::sgxtime` and monotonic counter is provided by `sgx_tservice::sgxcounter`. Please refer to [release_notes](release_notes.md) for further details.
+
## v0.9.5 Release
This is a **milestone version**, and may be the last version before 1.0.0. It provides supports of network access, TLS connection, trusted/untrusted file system access, trusted/untrusted time, and environment variable operations. Most important, it supports `xargo`! Now `x86_64-unknown-linux-sgx` is the new platform target. All of the code samples and third-party libraries could be built by `xargo` via `XARGO_SGX=1 make` (cargo also supported by `make`). What's more, we provide a pair of TLS client/server [sample](samplecode/tls) as a complete stack of secure! Please refer to [release_notes](release_notes.md) for further details.
diff --git a/dockerfile/Dockerfile b/dockerfile/Dockerfile
index 605b32b..2b11721 100644
--- a/dockerfile/Dockerfile
+++ b/dockerfile/Dockerfile
@@ -66,7 +66,7 @@
RUN wget 'https://static.rust-lang.org/rustup/dist/x86_64-unknown-linux-gnu/rustup-init' -O /root/rustup-init && \
chmod +x /root/rustup-init && \
- echo '1' | /root/rustup-init --default-toolchain nightly-2018-01-19 && \
+ echo '1' | /root/rustup-init --default-toolchain nightly-2018-02-05 && \
echo 'source /root/.cargo/env' >> /root/.bashrc && \
/root/.cargo/bin/rustup component add rust-src && \
apt-get autoclean && apt-get autoremove && rm -rf /var/cache/apt/archives/*
diff --git a/dockerfile/experimental/Dockerfile b/dockerfile/experimental/Dockerfile
index 088300c..8dfba85 100644
--- a/dockerfile/experimental/Dockerfile
+++ b/dockerfile/experimental/Dockerfile
@@ -76,7 +76,7 @@
RUN wget 'https://static.rust-lang.org/rustup/dist/x86_64-unknown-linux-gnu/rustup-init' -O /root/rustup-init && \
chmod +x /root/rustup-init && \
- echo '1' | /root/rustup-init --default-toolchain nightly-2018-01-19 && \
+ echo '1' | /root/rustup-init --default-toolchain nightly-2018-02-05 && \
echo 'source /root/.cargo/env' >> /root/.bashrc && \
/root/.cargo/bin/rustup component add rust-src && \
apt-get autoclean && apt-get autoremove && rm -rf /var/cache/apt/archives/*
diff --git a/libunwind/build.rs b/libunwind/build.rs
index d8457da..11c4c2f 100644
--- a/libunwind/build.rs
+++ b/libunwind/build.rs
@@ -15,7 +15,7 @@
let target = env::var("TARGET").expect("TARGET was not set");
if target.contains("linux") {
- if target.contains("musl") && !target.contains("mips") {
+ if target.contains("musl") {
// musl is handled in lib.rs
} else if !target.contains("android") {
println!("cargo:rustc-link-lib=gcc_s");
@@ -43,5 +43,7 @@
println!("cargo:rustc-link-lib=gcc_s");
} else if target.contains("redox") {
println!("cargo:rustc-link-lib=gcc");
+ } else if target.contains("cloudabi") {
+ println!("cargo:rustc-link-lib=unwind");
}
}
diff --git a/libunwind/lib.rs b/libunwind/lib.rs
index bf10ab5..0ef6ded 100644
--- a/libunwind/lib.rs
+++ b/libunwind/lib.rs
@@ -35,7 +35,7 @@
}
}
-#[cfg(all(target_env = "musl", not(target_arch = "mips")))]
+#[cfg(target_env = "musl")]
#[link(name = "unwind", kind = "static", cfg(target_feature = "crt-static"))]
#[link(name = "gcc_s", cfg(not(target_feature = "crt-static")))]
extern {}
diff --git a/libunwind/libunwind.rs b/libunwind/libunwind.rs
index a2abe32..89b0e41 100644
--- a/libunwind/libunwind.rs
+++ b/libunwind/libunwind.rs
@@ -93,8 +93,7 @@
}
cfg_if! {
-if #[cfg(not(any(all(target_os = "android", target_arch = "arm"),
- all(target_os = "linux", target_arch = "arm"))))] {
+if #[cfg(all(any(target_os = "ios", not(target_arch = "arm"))))] {
// Not ARM EHABI
#[repr(C)]
#[derive(Copy, Clone, PartialEq)]
diff --git a/release_notes.md b/release_notes.md
index 223db0b..66a351b 100644
--- a/release_notes.md
+++ b/release_notes.md
@@ -1,3 +1,10 @@
+# Rust SGX SDK v0.9.6 Release Notes
+**Support latest Rust nightly build (nightly-2018-02-05-x86_64-unknown-linux-gnu)**
+
+**Security enhancement** Added three features for `sgx_tstd`: `untrusted_fs` `untrusted_time` `untrusted_net` to control the insecure ocall interface. By default, io-related features in `fs/time/net` are **DISABLED**. To enable them, please add feature declarations such as `features = ["untrusted_fs"]` for sgx_tstd in `Cargo.toml`. All sample codes and third party libraries are updated accordingly. Note that data from unstrusted `fs/time` are **UNTRUSTED**and thus use them **AT YOUR OWN RISK**. Data from `net` are well-known as untrusted and need validation instinctively. We strongly recommend our TLS termination for network access, instead of using `net` directly.
+
+**Refined sgxtime and support sgxcounter** Moved the trusted time service to `sgx_tservice::sgxtime` and implemented the monotonic counter in `sgx_tservice::sgxcounter`.
+
# Rust SGX SDK v0.9.5 Release Notes
**Support latest Rust nightly build (nightly-2018-01-19-x86_64-unknown-linux-gnu)**
diff --git a/samplecode/backtrace/enclave/Cargo.toml b/samplecode/backtrace/enclave/Cargo.toml
index 62b1b11..1d43974 100644
--- a/samplecode/backtrace/enclave/Cargo.toml
+++ b/samplecode/backtrace/enclave/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "Backtracesampleenclave"
-version = "0.9.5"
+version = "0.9.6"
authors = ["Baidu"]
[lib]
@@ -12,4 +12,4 @@
[target.'cfg(not(target_env = "sgx"))'.dependencies]
sgx_types = { path = "../../../sgx_types" }
-sgx_tstd = { path = "../../../sgx_tstd" }
+sgx_tstd = { path = "../../../sgx_tstd", features = ["backtrace"] }
\ No newline at end of file
diff --git a/samplecode/backtrace/enclave/Xargo.toml b/samplecode/backtrace/enclave/Xargo.toml
index 8457060..032b5b1 100644
--- a/samplecode/backtrace/enclave/Xargo.toml
+++ b/samplecode/backtrace/enclave/Xargo.toml
@@ -10,6 +10,7 @@
[dependencies.std]
path = "../../../xargo/sgx_tstd"
+features = ["backtrace"]
stage = 2
[dependencies.sgx_rand]
diff --git a/samplecode/crypto/enclave/Cargo.toml b/samplecode/crypto/enclave/Cargo.toml
index 6154d3d..915996c 100644
--- a/samplecode/crypto/enclave/Cargo.toml
+++ b/samplecode/crypto/enclave/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "Cryptosampleenclave"
-version = "0.9.5"
+version = "0.9.6"
authors = ["Baidu"]
[lib]
diff --git a/samplecode/file/enclave/Cargo.toml b/samplecode/file/enclave/Cargo.toml
index e3e86f8..9c25bb0 100644
--- a/samplecode/file/enclave/Cargo.toml
+++ b/samplecode/file/enclave/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "Filesampleenclave"
-version = "0.9.5"
+version = "0.9.6"
authors = ["Baidu"]
[lib]
diff --git a/samplecode/hello-rust/app/Cargo.toml b/samplecode/hello-rust/app/Cargo.toml
index 0aec40f..1e54aa4 100644
--- a/samplecode/hello-rust/app/Cargo.toml
+++ b/samplecode/hello-rust/app/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "app"
-version = "0.9.5"
+version = "0.9.6"
authors = ["duanran01 <duanran01@baidu.com>"]
build = "build.rs"
diff --git a/samplecode/hello-rust/enclave/Cargo.toml b/samplecode/hello-rust/enclave/Cargo.toml
index a7cb00f..b20378a 100644
--- a/samplecode/hello-rust/enclave/Cargo.toml
+++ b/samplecode/hello-rust/enclave/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "Helloworldsampleenclave"
-version = "0.9.5"
+version = "0.9.6"
authors = ["Baidu"]
[lib]
diff --git a/samplecode/helloworld/enclave/Cargo.toml b/samplecode/helloworld/enclave/Cargo.toml
index a7cb00f..b20378a 100644
--- a/samplecode/helloworld/enclave/Cargo.toml
+++ b/samplecode/helloworld/enclave/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "Helloworldsampleenclave"
-version = "0.9.5"
+version = "0.9.6"
authors = ["Baidu"]
[lib]
diff --git a/samplecode/hugemem/enclave/Cargo.toml b/samplecode/hugemem/enclave/Cargo.toml
index db9c98b..22e7614 100644
--- a/samplecode/hugemem/enclave/Cargo.toml
+++ b/samplecode/hugemem/enclave/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "Hugememsampleenclave"
-version = "0.9.5"
+version = "0.9.6"
authors = ["Baidu"]
[lib]
diff --git a/samplecode/localattestation/attestation/Cargo.toml b/samplecode/localattestation/attestation/Cargo.toml
index 9498684..b69e7d5 100644
--- a/samplecode/localattestation/attestation/Cargo.toml
+++ b/samplecode/localattestation/attestation/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "attestation"
-version = "0.9.5"
+version = "0.9.6"
authors = ["Baidu"]
[features]
diff --git a/samplecode/localattestation/attestation/Xargo.toml b/samplecode/localattestation/attestation/Xargo.toml
new file mode 100644
index 0000000..8457060
--- /dev/null
+++ b/samplecode/localattestation/attestation/Xargo.toml
@@ -0,0 +1,25 @@
+[dependencies]
+alloc = {}
+panic_unwind = {}
+panic_abort = {}
+
+[dependencies.compiler_builtins]
+features = ["c", "compiler-builtins"]
+git = "https://github.com/rust-lang-nursery/compiler-builtins"
+stage = 1
+
+[dependencies.std]
+path = "../../../xargo/sgx_tstd"
+stage = 2
+
+[dependencies.sgx_rand]
+path = "../../../xargo/sgx_rand"
+stage = 3
+
+[dependencies.sgx_serialize]
+path = "../../../xargo/sgx_serialize"
+stage = 3
+
+[dependencies.sgx_tunittest]
+path = "../../../xargo/sgx_tunittest"
+stage = 3
\ No newline at end of file
diff --git a/samplecode/localattestation/enclave1/Cargo.toml b/samplecode/localattestation/enclave1/Cargo.toml
index ed6da06..24424fd 100644
--- a/samplecode/localattestation/enclave1/Cargo.toml
+++ b/samplecode/localattestation/enclave1/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "enclave1"
-version = "0.9.5"
+version = "0.9.6"
authors = ["Baidu"]
[lib]
diff --git a/samplecode/localattestation/enclave2/Cargo.toml b/samplecode/localattestation/enclave2/Cargo.toml
index 43dbda2..afe3503 100644
--- a/samplecode/localattestation/enclave2/Cargo.toml
+++ b/samplecode/localattestation/enclave2/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "enclave2"
-version = "0.9.5"
+version = "0.9.6"
authors = ["Baidu"]
[lib]
diff --git a/samplecode/localattestation/enclave3/Cargo.toml b/samplecode/localattestation/enclave3/Cargo.toml
index 2e30672..764f24e 100644
--- a/samplecode/localattestation/enclave3/Cargo.toml
+++ b/samplecode/localattestation/enclave3/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "enclave3"
-version = "0.9.5"
+version = "0.9.6"
authors = ["Baidu"]
[lib]
diff --git a/samplecode/machine-learning/app/Cargo.toml b/samplecode/machine-learning/app/Cargo.toml
index 0aec40f..1e54aa4 100644
--- a/samplecode/machine-learning/app/Cargo.toml
+++ b/samplecode/machine-learning/app/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "app"
-version = "0.9.5"
+version = "0.9.6"
authors = ["duanran01 <duanran01@baidu.com>"]
build = "build.rs"
diff --git a/samplecode/machine-learning/enclave/Cargo.toml b/samplecode/machine-learning/enclave/Cargo.toml
index b89db8e..65ffd16 100644
--- a/samplecode/machine-learning/enclave/Cargo.toml
+++ b/samplecode/machine-learning/enclave/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "Machinelearningsampleenclave"
-version = "0.9.5"
+version = "0.9.6"
authors = ["Baidu"]
[lib]
diff --git a/samplecode/remoteattestation/Application/enclave/Cargo.toml b/samplecode/remoteattestation/Application/enclave/Cargo.toml
index 85f3d6a..5b364aa 100644
--- a/samplecode/remoteattestation/Application/enclave/Cargo.toml
+++ b/samplecode/remoteattestation/Application/enclave/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "RAenclave"
-version = "0.9.5"
+version = "0.9.6"
authors = ["Baidu"]
[lib]
diff --git a/samplecode/sealeddata/enclave/Cargo.toml b/samplecode/sealeddata/enclave/Cargo.toml
index fe94d04..875829e 100644
--- a/samplecode/sealeddata/enclave/Cargo.toml
+++ b/samplecode/sealeddata/enclave/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "Sealdatasampleenclave"
-version = "0.9.5"
+version = "0.9.6"
authors = ["Baidu"]
[lib]
diff --git a/samplecode/serialize/enclave/Cargo.toml b/samplecode/serialize/enclave/Cargo.toml
index e3f69eb..181e59c 100644
--- a/samplecode/serialize/enclave/Cargo.toml
+++ b/samplecode/serialize/enclave/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "Serializesampleenclave"
-version = "0.9.5"
+version = "0.9.6"
authors = ["Baidu"]
[lib]
diff --git a/samplecode/sgxtime/app/Cargo.toml b/samplecode/sgxtime/app/Cargo.toml
index 0aec40f..1e54aa4 100644
--- a/samplecode/sgxtime/app/Cargo.toml
+++ b/samplecode/sgxtime/app/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "app"
-version = "0.9.5"
+version = "0.9.6"
authors = ["duanran01 <duanran01@baidu.com>"]
build = "build.rs"
diff --git a/samplecode/sgxtime/enclave/Cargo.toml b/samplecode/sgxtime/enclave/Cargo.toml
index 47756c4..4545e78 100644
--- a/samplecode/sgxtime/enclave/Cargo.toml
+++ b/samplecode/sgxtime/enclave/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "Sgxtimeenclave"
-version = "0.9.5"
+version = "0.9.6"
authors = ["Baidu"]
[lib]
diff --git a/samplecode/sgxtime/enclave/src/lib.rs b/samplecode/sgxtime/enclave/src/lib.rs
index f206b78..caae25c 100644
--- a/samplecode/sgxtime/enclave/src/lib.rs
+++ b/samplecode/sgxtime/enclave/src/lib.rs
@@ -40,10 +40,6 @@
use sgx_types::*;
use sgx_tservice::*;
-//use std::string::String;
-//use std::vec::Vec;
-//use std::io::{self, Write};
-//use std::slice;
#[no_mangle]
pub extern "C" fn sgx_time_sample() -> sgx_status_t {
@@ -52,7 +48,7 @@
Ok(_) => println!("Create PSE session done"),
_ => println!("Cannot create PSE session"),
}
- let ttime = SgxTime::now();
+ let ttime = sgxtime::SgxTime::now();
//println!("timestamp: {}", ttime.timestamp);
match ttime {
Ok(st) => println!("Ok with {:?}", st),
diff --git a/samplecode/test_all.sh b/samplecode/test_all.sh
index a8fc423..5797a6c 100755
--- a/samplecode/test_all.sh
+++ b/samplecode/test_all.sh
@@ -44,8 +44,8 @@
for i in ${test_cases[@]}
do
- cd ${i} && XARGO_SGX=1 make && cd bin && echo -e '\n' | ./app && cd ../ && make clean && cd .. &&
- cd ${i} && make && cd bin && echo -e '\n' | ./app && cd ../ && make clean && cd ..
+ cd ${i} && make && cd bin && echo -e '\n' | ./app && cd ../ && make clean && \
+ XARGO=1 make && cd bin && echo -e '\n' | ./app && cd ../ && make clean && cd ..
done
echo "Done!"
diff --git a/samplecode/thread/enclave/Cargo.toml b/samplecode/thread/enclave/Cargo.toml
index c1c1935..d1e16e5 100644
--- a/samplecode/thread/enclave/Cargo.toml
+++ b/samplecode/thread/enclave/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "Threadsampleenclave"
-version = "0.9.5"
+version = "0.9.6"
authors = ["Baidu"]
[lib]
diff --git a/samplecode/tls/tlsclient/app/Cargo.toml b/samplecode/tls/tlsclient/app/Cargo.toml
index b35af11..796bbf5 100644
--- a/samplecode/tls/tlsclient/app/Cargo.toml
+++ b/samplecode/tls/tlsclient/app/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "app"
-version = "0.9.5"
+version = "0.9.6"
authors = ["duanran01 <duanran01@baidu.com>"]
build = "build.rs"
diff --git a/samplecode/tls/tlsclient/enclave/Cargo.toml b/samplecode/tls/tlsclient/enclave/Cargo.toml
index 1dbe6ad..7025578 100644
--- a/samplecode/tls/tlsclient/enclave/Cargo.toml
+++ b/samplecode/tls/tlsclient/enclave/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "tlsclient"
-version = "0.9.5"
+version = "0.9.6"
authors = ["Baidu"]
[lib]
@@ -13,7 +13,7 @@
[target.'cfg(not(target_env = "sgx"))'.dependencies]
sgx_types = { path = "../../../../sgx_types" }
sgx_trts = { path = "../../../../sgx_trts" }
-sgx_tstd = { path = "../../../../sgx_tstd" }
+sgx_tstd = { path = "../../../../sgx_tstd", features = ["untrusted_fs", "untrusted_net", "untrusted_time"] }
[dependencies]
rustls = { path = "../../../../third_party/rustls" }
diff --git a/samplecode/tls/tlsclient/enclave/Xargo.toml b/samplecode/tls/tlsclient/enclave/Xargo.toml
index c31d71e..ddb9ad1 100644
--- a/samplecode/tls/tlsclient/enclave/Xargo.toml
+++ b/samplecode/tls/tlsclient/enclave/Xargo.toml
@@ -10,6 +10,7 @@
[dependencies.std]
path = "../../../../xargo/sgx_tstd"
+features = ["untrusted_fs", "untrusted_net", "untrusted_time"]
stage = 2
[dependencies.sgx_rand]
diff --git a/samplecode/tls/tlsserver/app/Cargo.toml b/samplecode/tls/tlsserver/app/Cargo.toml
index b35af11..796bbf5 100644
--- a/samplecode/tls/tlsserver/app/Cargo.toml
+++ b/samplecode/tls/tlsserver/app/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "app"
-version = "0.9.5"
+version = "0.9.6"
authors = ["duanran01 <duanran01@baidu.com>"]
build = "build.rs"
diff --git a/samplecode/tls/tlsserver/enclave/Cargo.toml b/samplecode/tls/tlsserver/enclave/Cargo.toml
index 80fbad0..3fe5ca3 100644
--- a/samplecode/tls/tlsserver/enclave/Cargo.toml
+++ b/samplecode/tls/tlsserver/enclave/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "tlsclient"
-version = "0.9.5"
+version = "0.9.6"
authors = ["Baidu"]
[lib]
@@ -13,7 +13,7 @@
[target.'cfg(not(target_env = "sgx"))'.dependencies]
sgx_types = { path = "../../../../sgx_types" }
sgx_trts = { path = "../../../../sgx_trts" }
-sgx_tstd = { path = "../../../../sgx_tstd" }
+sgx_tstd = { path = "../../../../sgx_tstd", features = ["untrusted_fs", "untrusted_net", "untrusted_time"] }
[dependencies]
rustls = { path = "../../../../third_party/rustls" }
diff --git a/samplecode/tls/tlsserver/enclave/Xargo.toml b/samplecode/tls/tlsserver/enclave/Xargo.toml
index c31d71e..ddb9ad1 100644
--- a/samplecode/tls/tlsserver/enclave/Xargo.toml
+++ b/samplecode/tls/tlsserver/enclave/Xargo.toml
@@ -10,6 +10,7 @@
[dependencies.std]
path = "../../../../xargo/sgx_tstd"
+features = ["untrusted_fs", "untrusted_net", "untrusted_time"]
stage = 2
[dependencies.sgx_rand]
diff --git a/samplecode/unit-test/app/Cargo.toml b/samplecode/unit-test/app/Cargo.toml
index 0aec40f..1e54aa4 100644
--- a/samplecode/unit-test/app/Cargo.toml
+++ b/samplecode/unit-test/app/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "app"
-version = "0.9.5"
+version = "0.9.6"
authors = ["duanran01 <duanran01@baidu.com>"]
build = "build.rs"
diff --git a/samplecode/unit-test/enclave/Cargo.toml b/samplecode/unit-test/enclave/Cargo.toml
index 509e972..2302d8d 100644
--- a/samplecode/unit-test/enclave/Cargo.toml
+++ b/samplecode/unit-test/enclave/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "Unittestsampleenclave"
-version = "0.9.5"
+version = "0.9.6"
authors = ["Baidu"]
[lib]
@@ -12,7 +12,7 @@
[target.'cfg(not(target_env = "sgx"))'.dependencies]
sgx_types = { path = "../../../sgx_types" }
-sgx_tstd = { path = "../../../sgx_tstd" }
+sgx_tstd = { path = "../../../sgx_tstd", features = ["untrusted_fs", "untrusted_time"] }
sgx_tcrypto = { path = "../../../sgx_tcrypto" }
sgx_tunittest = { path = "../../../sgx_tunittest" }
sgx_trts = { path = "../../../sgx_trts" }
diff --git a/samplecode/unit-test/enclave/Xargo.toml b/samplecode/unit-test/enclave/Xargo.toml
index 8457060..7584c5b 100644
--- a/samplecode/unit-test/enclave/Xargo.toml
+++ b/samplecode/unit-test/enclave/Xargo.toml
@@ -10,6 +10,7 @@
[dependencies.std]
path = "../../../xargo/sgx_tstd"
+features = ["untrusted_fs", "untrusted_time"]
stage = 2
[dependencies.sgx_rand]
diff --git a/samplecode/zlib-lazy-static-sample/app/Cargo.toml b/samplecode/zlib-lazy-static-sample/app/Cargo.toml
index 0aec40f..1e54aa4 100644
--- a/samplecode/zlib-lazy-static-sample/app/Cargo.toml
+++ b/samplecode/zlib-lazy-static-sample/app/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "app"
-version = "0.9.5"
+version = "0.9.6"
authors = ["duanran01 <duanran01@baidu.com>"]
build = "build.rs"
diff --git a/samplecode/zlib-lazy-static-sample/enclave/Cargo.toml b/samplecode/zlib-lazy-static-sample/enclave/Cargo.toml
index ca3aadf..6b77dd8 100644
--- a/samplecode/zlib-lazy-static-sample/enclave/Cargo.toml
+++ b/samplecode/zlib-lazy-static-sample/enclave/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "Zlibsampleenclave"
-version = "0.9.5"
+version = "0.9.6"
authors = ["Baidu"]
[lib]
diff --git a/sgx_alloc/Cargo.toml b/sgx_alloc/Cargo.toml
index 5723700..ba21ff8 100644
--- a/sgx_alloc/Cargo.toml
+++ b/sgx_alloc/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "sgx_alloc"
-version = "0.9.5"
+version = "0.9.6"
authors = ["Baidu"]
[lib]
diff --git a/sgx_rand/Cargo.toml b/sgx_rand/Cargo.toml
index 495d103..70a1158 100644
--- a/sgx_rand/Cargo.toml
+++ b/sgx_rand/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "sgx_rand"
-version = "0.9.5"
+version = "0.9.6"
authors = ["Baidu"]
[lib]
diff --git a/sgx_rand_derive/Cargo.toml b/sgx_rand_derive/Cargo.toml
index 9dcb0b8..0d25d2c 100644
--- a/sgx_rand_derive/Cargo.toml
+++ b/sgx_rand_derive/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "sgx_rand_derive"
-version = "0.9.5"
+version = "0.9.6"
authors = ["Baidu"]
[lib]
diff --git a/sgx_serialize/Cargo.toml b/sgx_serialize/Cargo.toml
index 2736bdd..1600eef 100644
--- a/sgx_serialize/Cargo.toml
+++ b/sgx_serialize/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "sgx_serialize"
-version = "0.9.5"
+version = "0.9.6"
authors = ["Baidu"]
[lib]
diff --git a/sgx_serialize_derive/Cargo.toml b/sgx_serialize_derive/Cargo.toml
index 6527708..95c62be 100644
--- a/sgx_serialize_derive/Cargo.toml
+++ b/sgx_serialize_derive/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "sgx_serialize_derive"
-version = "0.9.5"
+version = "0.9.6"
authors = ["Baidu"]
[lib]
diff --git a/sgx_serialize_derive_internals/Cargo.toml b/sgx_serialize_derive_internals/Cargo.toml
index 4c7ba96..1cb3f1e 100644
--- a/sgx_serialize_derive_internals/Cargo.toml
+++ b/sgx_serialize_derive_internals/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "sgx_serialize_derive_internals"
-version = "0.9.5"
+version = "0.9.6"
authors = ["Baidu"]
[lib]
diff --git a/sgx_tcrypto/Cargo.toml b/sgx_tcrypto/Cargo.toml
index 377b1ad..83e0c24 100644
--- a/sgx_tcrypto/Cargo.toml
+++ b/sgx_tcrypto/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "sgx_tcrypto"
-version = "0.9.5"
+version = "0.9.6"
authors = ["Baidu"]
[lib]
diff --git a/sgx_tdh/Cargo.toml b/sgx_tdh/Cargo.toml
index c34417a..3e3c0ae 100644
--- a/sgx_tdh/Cargo.toml
+++ b/sgx_tdh/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "sgx_tdh"
-version = "0.9.5"
+version = "0.9.6"
authors = ["Baidu"]
[lib]
diff --git a/sgx_tkey_exchange/Cargo.toml b/sgx_tkey_exchange/Cargo.toml
index f878114..eff4661 100644
--- a/sgx_tkey_exchange/Cargo.toml
+++ b/sgx_tkey_exchange/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "sgx_tkey_exchange"
-version = "0.9.5"
+version = "0.9.6"
authors = ["Baidu"]
[lib]
diff --git a/sgx_tprotected_fs/Cargo.toml b/sgx_tprotected_fs/Cargo.toml
index 5445373..a598bfc 100644
--- a/sgx_tprotected_fs/Cargo.toml
+++ b/sgx_tprotected_fs/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "sgx_tprotected_fs"
-version = "0.9.5"
+version = "0.9.6"
authors = ["Baidu"]
[lib]
diff --git a/sgx_trts/Cargo.toml b/sgx_trts/Cargo.toml
index 707bed1..af959d1 100644
--- a/sgx_trts/Cargo.toml
+++ b/sgx_trts/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "sgx_trts"
-version = "0.9.5"
+version = "0.9.6"
authors = ["Baidu"]
[lib]
diff --git a/sgx_tse/Cargo.toml b/sgx_tse/Cargo.toml
index 435e57b..714d938 100644
--- a/sgx_tse/Cargo.toml
+++ b/sgx_tse/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "sgx_tse"
-version = "0.9.5"
+version = "0.9.6"
authors = ["Baidu"]
[lib]
diff --git a/sgx_tseal/Cargo.toml b/sgx_tseal/Cargo.toml
index 97d1dc9..d393b80 100644
--- a/sgx_tseal/Cargo.toml
+++ b/sgx_tseal/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "sgx_tseal"
-version = "0.9.5"
+version = "0.9.6"
authors = ["Baidu"]
[lib]
diff --git a/sgx_tservice/Cargo.toml b/sgx_tservice/Cargo.toml
index 24e54b2..2060d97 100644
--- a/sgx_tservice/Cargo.toml
+++ b/sgx_tservice/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "sgx_tservice"
-version = "0.9.5"
+version = "0.9.6"
authors = ["Baidu"]
[lib]
diff --git a/sgx_tservice/src/lib.rs b/sgx_tservice/src/lib.rs
index f38f6bc..ca3e251 100644
--- a/sgx_tservice/src/lib.rs
+++ b/sgx_tservice/src/lib.rs
@@ -40,6 +40,9 @@
extern crate sgx_types;
+pub mod sgxtime;
+pub mod sgxcounter;
+
mod tae;
pub use self::tae::*;
diff --git a/sgx_tservice/src/sgxcounter.rs b/sgx_tservice/src/sgxcounter.rs
new file mode 100644
index 0000000..d63fa4c
--- /dev/null
+++ b/sgx_tservice/src/sgxcounter.rs
@@ -0,0 +1,541 @@
+// Copyright (C) 2017-2018 Baidu, Inc. All Rights Reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions
+// are met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above copyright
+// notice, this list of conditions and the following disclaimer in
+// the documentation and/or other materials provided with the
+// distribution.
+// * Neither the name of Baidu, Inc., nor the names of its
+// contributors may be used to endorse or promote products derived
+// from this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+use sgx_types::*;
+use core::cell::Cell;
+
+/// Monotonic counter ID
+pub struct SgxMonotonicCounter {
+ counter_uuid: sgx_mc_uuid_t,
+ initflag: Cell<bool>,
+}
+
+impl SgxMonotonicCounter {
+
+ ///
+ /// creates a monotonic counter with default owner policy and default user attribute mask.
+ ///
+ /// # Description
+ ///
+ /// Call new to create a monotonic counter with the default owner policy 0x1, which means enclaves
+ /// with same signing key can access the monotonic counter and default owner_attribute_mask 0xFFFFFFFFFFFFFFCB.
+ ///
+ /// The caller should call rsgx_create_pse_session to establish a session with the platform service enclave
+ /// before calling this API.
+ ///
+ /// Creating a monotonic counter (MC) involves writing to the non-volatile memory available in the platform.
+ /// Repeated write operations could cause the memory to wear out during the normal lifecycle of the platform.
+ /// Intel(R) SGX prevents this by limiting the rate at which MC operations can be performed. If you exceed
+ /// the limit, the MC operation may return SGX_ERROR_BUSY for several minutes.
+ ///
+ /// Intel(R) SGX limits the number of MCs an enclave can create. To avoid exhausting the available quota,
+ /// an SGX application should record the MC UUID that rsgx_create_monotonic_counter returns and destroy a MC
+ /// when it is not needed any more. If an enclave reaches its quota and previously created MC UUIDs have not
+ /// been recorded, you may restore the MC service after uninstalling the SGX PSW and installing it again.
+ /// This procedure deletes all MCs created by any enclave in that system.
+ ///
+ /// # Parameters
+ ///
+ /// **counter_value**
+ ///
+ /// A pointer to the buffer that receives the monotonic counter value.
+ ///
+ /// # Requirements
+ ///
+ /// Header: sgx_tae_service.edl
+ ///
+ /// Library: libsgx_tservice.a
+ ///
+ /// # Return value
+ ///
+ /// Monotonic counter ID
+ ///
+ /// # Errors
+ ///
+ /// **SGX_ERROR_INVALID_PARAMETER**
+ ///
+ /// Any of the pointers is invalid.
+ ///
+ /// **SGX_ERROR_BUSY**
+ ///
+ /// The requested service is temporarily not available.
+ ///
+ /// **SGX_ERROR_MC_OVER_QUOTA**
+ ///
+ /// The enclave has reached the quota of Monotonic Counters it can maintain.
+ ///
+ /// **SGX_ERROR_MC_USED_UP**
+ ///
+ /// Monotonic counters are used out.
+ ///
+ /// **SGX_ERROR_AE_SESSION_INVALID**
+ ///
+ /// Session is not created or has been closed by architectural enclave service.
+ ///
+ /// **SGX_ERROR_SERVICE_UNAVAILABLE**
+ ///
+ /// The AE service did not respond or the requested service is not supported.
+ ///
+ /// **SGX_ERROR_SERVICE_TIMEOUT**
+ ///
+ /// A request to the AE service timed out.
+ ///
+ /// **SGX_ERROR_NETWORK_FAILURE**
+ ///
+ /// Network connecting or proxy setting issue was encountered.
+ ///
+ /// **SGX_ERROR_OUT_OF_MEMORY**
+ ///
+ /// Not enough memory is available to complete this operation.
+ ///
+ /// **SGX_ERROR_OUT_OF_EPC**
+ ///
+ /// There is not enough EPC memory to load one of the Architecture Enclaves needed to complete this operation.
+ ///
+ /// **SGX_ERROR_UNEXPECTED**
+ ///
+ /// Indicates an unexpected error occurs.
+ ///
+ pub fn new(counter_value: &mut u32) -> SgxResult<Self> {
+
+ let mut counter_uuid = sgx_mc_uuid_t::default();
+ let ret = rsgx_create_monotonic_counter(&mut counter_uuid, counter_value);
+
+ match ret {
+ sgx_status_t::SGX_SUCCESS => Ok(SgxMonotonicCounter{
+ counter_uuid: counter_uuid,
+ initflag: Cell::new(true),
+ }),
+ _ => Err(ret),
+ }
+ }
+
+ ///
+ /// creates a monotonic counter.
+ ///
+ /// # Description
+ ///
+ /// Call new_ex to create a monotonic counter with the given owner_policy and owner_attribute_mask.
+ ///
+ /// The caller should call rsgx_create_pse_session to establish a session with the platform service enclave
+ /// before calling this API.
+ ///
+ /// Creating a monotonic counter (MC) involves writing to the non-volatile memory available in the platform.
+ /// Repeated write operations could cause the memory to wear out during the normal lifecycle of the platform.
+ /// Intel(R) SGX prevents this by limiting the rate at which MC operations can be performed. If you exceed
+ /// the limit, the MC operation may return SGX_ERROR_BUSY for several minutes.
+ ///
+ /// Intel(R) SGX limits the number of MCs an enclave can create. To avoid exhausting the available quota,
+ /// an SGX application should record the MC UUID that rsgx_create_monotonic_counter_ex returns and destroy a MC
+ /// when it is not needed any more. If an enclave reaches its quota and previously created MC UUIDs have not
+ /// been recorded, you may restore the MC service after uninstalling the SGX PSW and installing it again.
+ /// This procedure deletes all MCs created by any enclave in that system.
+ ///
+ /// # Parameters
+ ///
+ /// **owner_policy**
+ ///
+ /// The owner policy of the monotonic counter.
+ ///
+ /// * 0x1 means enclave with same signing key can access the monotonic counter
+ /// * 0x2 means enclave with same measurement can access the monotonic counter
+ /// * 0x3 means enclave with same measurement as well as signing key can access the monotonic counter.
+ /// * Owner policy values of 0x0 or any bits set beyond bits 0 and 1 will cause SGX_ERROR_INVALID_PARAMETER
+ ///
+ /// **owner_attribute_mask**
+ ///
+ /// Mask of owner attribute, in the format of sgx_attributes_t.
+ ///
+ /// **counter_value**
+ ///
+ /// A pointer to the buffer that receives the monotonic counter value.
+ ///
+ /// # Requirements
+ ///
+ /// Header: sgx_tae_service.edl
+ ///
+ /// Library: libsgx_tservice.a
+ ///
+ /// # Return value
+ ///
+ /// Monotonic counter ID
+ ///
+ /// # Errors
+ ///
+ /// **SGX_ERROR_INVALID_PARAMETER**
+ ///
+ /// Any of the pointers is invalid.
+ ///
+ /// **SGX_ERROR_BUSY**
+ ///
+ /// The requested service is temporarily not available.
+ ///
+ /// **SGX_ERROR_MC_OVER_QUOTA**
+ ///
+ /// The enclave has reached the quota of Monotonic Counters it can maintain.
+ ///
+ /// **SGX_ERROR_MC_USED_UP**
+ ///
+ /// Monotonic counters are used out.
+ ///
+ /// **SGX_ERROR_AE_SESSION_INVALID**
+ ///
+ /// Session is not created or has been closed by architectural enclave service.
+ ///
+ /// **SGX_ERROR_SERVICE_UNAVAILABLE**
+ ///
+ /// The AE service did not respond or the requested service is not supported.
+ ///
+ /// **SGX_ERROR_SERVICE_TIMEOUT**
+ ///
+ /// A request to the AE service timed out.
+ ///
+ /// **SGX_ERROR_NETWORK_FAILURE**
+ ///
+ /// Network connecting or proxy setting issue was encountered.
+ ///
+ /// **SGX_ERROR_OUT_OF_MEMORY**
+ ///
+ /// Not enough memory is available to complete this operation.
+ ///
+ /// **SGX_ERROR_OUT_OF_EPC**
+ ///
+ /// There is not enough EPC memory to load one of the Architecture Enclaves needed to complete this operation.
+ ///
+ /// **SGX_ERROR_UNEXPECTED**
+ ///
+ /// Indicates an unexpected error occurs.
+ ///
+ pub fn new_ex(owner_policy: u16, owner_attribute_mask: &sgx_attributes_t, counter_value: &mut u32) -> SgxResult<Self> {
+
+ let mut counter_uuid = sgx_mc_uuid_t::default();
+ let ret = rsgx_create_monotonic_counter_ex(owner_policy, owner_attribute_mask, &mut counter_uuid, counter_value);
+
+ match ret {
+ sgx_status_t::SGX_SUCCESS => Ok(SgxMonotonicCounter{
+ counter_uuid: counter_uuid,
+ initflag: Cell::new(true),
+ }),
+ _ => Err(ret),
+ }
+ }
+
+ ///
+ /// destroys a monotonic counter created by new or new_ex.
+ ///
+ /// # Description
+ ///
+ /// Calling destory after a monotonic counter is not needed anymore.
+ ///
+ /// The caller should call rsgx_create_pse_session to establish a session with the platform service enclave
+ /// before calling this API.
+ ///
+ /// destory fails if the calling enclave does not match the owner policy and the attributes specified in the
+ /// call that created the monotonic counter.
+ ///
+ /// Destroying a Monotonic Counter (MC) involves writing to the non-volatile memory available in the platform.
+ /// Repeated write operations could cause the memory to wear out during the normal lifecycle of the platform.
+ /// Intel(R) SGX prevents this by limiting the rate at which MC operations can be performed. If you exceed the
+ /// limit, the MC operation may return SGX_ERROR_BUSY for several minutes.
+ ///
+ /// # Requirements
+ ///
+ /// Header: sgx_tae_service.edl
+ ///
+ /// Library: libsgx_tservice.a
+ ///
+ /// # Errors
+ ///
+ /// **SGX_ERROR_INVALID_PARAMETER**
+ ///
+ /// Any of the pointers is invalid.
+ ///
+ /// **SGX_ERROR_BUSY**
+ ///
+ /// The requested service is temporarily not available.
+ ///
+ /// **SGX_ERROR_MC_NOT_FOUND**
+ ///
+ /// The Monotonic Counter does not exist or has been invalidated.
+ ///
+ /// **SGX_ERROR_MC_NO_ACCESS_RIGHT**
+ ///
+ /// The enclave doesn't have the access right to specified Monotonic Counter.
+ ///
+ /// **SGX_ERROR_AE_SESSION_INVALID**
+ ///
+ /// Session is not created or has been closed by architectural enclave service.
+ ///
+ /// **SGX_ERROR_SERVICE_UNAVAILABLE**
+ ///
+ /// The AE service did not respond or the requested service is not supported.
+ ///
+ /// **SGX_ERROR_SERVICE_TIMEOUT**
+ ///
+ /// A request to the AE service timed out.
+ ///
+ /// **SGX_ERROR_NETWORK_FAILURE**
+ ///
+ /// Network connecting or proxy setting issue was encountered.
+ ///
+ /// **SGX_ERROR_OUT_OF_MEMORY**
+ ///
+ /// Not enough memory is available to complete this operation.
+ ///
+ /// **SGX_ERROR_OUT_OF_EPC**
+ ///
+ /// There is not enough EPC memory to load one of the Architecture Enclaves needed to complete this operation.
+ ///
+ /// **SGX_ERROR_UNEXPECTED**
+ ///
+ /// Indicates an unexpected error occurs.
+ ///
+ pub fn destory(&self) -> SgxError {
+
+ if self.initflag.get() == false {
+ return Err(sgx_status_t::SGX_ERROR_MC_NOT_FOUND);
+ }
+
+ let ret = rsgx_destroy_monotonic_counter(&self.counter_uuid);
+ if ret == sgx_status_t::SGX_SUCCESS {
+ self.initflag.set(false);
+ Ok(())
+ } else {
+ Err(ret)
+ }
+ }
+
+ ///
+ /// increments a monotonic counter value by 1.
+ ///
+ /// # Description
+ ///
+ /// Call increment to increase a monotonic counter value by 1.
+ ///
+ /// The caller should call rsgx_create_pse_session to establish a session with the platform service enclave
+ /// before calling this API.
+ ///
+ /// increment fails if the calling enclave does not match the owner policy and the attributes specified in the
+ /// call that created the monotonic counter.
+ ///
+ /// Incrementing a monotonic counter (MC) involves writing to the non-volatile memory available in the platform.
+ /// Repeated write operations could cause the memory to wear out during the normal lifecycle of the platform.
+ /// Intel(R) SGX prevents this by limiting the rate at which MC operations can be performed. If you exceed the limit,
+ /// the MC operation may return SGX_ERROR_BUSY for several minutes.
+ ///
+ /// # Requirements
+ ///
+ /// Header: sgx_tae_service.edl
+ ///
+ /// Library: libsgx_tservice.a
+ ///
+ /// # Errors
+ ///
+ /// **SGX_ERROR_INVALID_PARAMETER**
+ ///
+ /// Any of the pointers is invalid.
+ ///
+ /// **SGX_ERROR_BUSY**
+ ///
+ /// The requested service is temporarily not available.
+ ///
+ /// **SGX_ERROR_MC_NOT_FOUND**
+ ///
+ /// The Monotonic Counter does not exist or has been invalidated.
+ ///
+ /// **SGX_ERROR_MC_NO_ACCESS_RIGHT**
+ ///
+ /// The enclave doesn't have the access right to specified Monotonic Counter.
+ ///
+ /// **SGX_ERROR_AE_SESSION_INVALID**
+ ///
+ /// Session is not created or has been closed by architectural enclave service.
+ ///
+ /// **SGX_ERROR_SERVICE_UNAVAILABLE**
+ ///
+ /// The AE service did not respond or the requested service is not supported.
+ ///
+ /// **SGX_ERROR_SERVICE_TIMEOUT**
+ ///
+ /// A request to the AE service timed out.
+ ///
+ /// **SGX_ERROR_NETWORK_FAILURE**
+ ///
+ /// Network connecting or proxy setting issue was encountered.
+ ///
+ /// **SGX_ERROR_OUT_OF_MEMORY**
+ ///
+ /// Not enough memory is available to complete this operation.
+ ///
+ /// **SGX_ERROR_OUT_OF_EPC**
+ ///
+ /// There is not enough EPC memory to load one of the Architecture Enclaves needed to complete this operation.
+ ///
+ /// **SGX_ERROR_UNEXPECTED**
+ ///
+ /// Indicates an unexpected error occurs.
+ ///
+ pub fn increment(&self) -> SgxResult<u32> {
+
+ if self.initflag.get() == false {
+ return Err(sgx_status_t::SGX_ERROR_MC_NOT_FOUND);
+ }
+
+ let mut counter_value: u32 = 0;
+ let ret = rsgx_increment_monotonic_counter(&self.counter_uuid, &mut counter_value);
+ match ret {
+ sgx_status_t::SGX_SUCCESS => Ok(counter_value),
+ _ => Err(ret),
+ }
+ }
+
+ ///
+ /// returns the value of a monotonic counter.
+ ///
+ /// # Description
+ ///
+ /// Call read to read the value of a monotonic counter.
+ ///
+ /// The caller should call rsgx_create_pse_session to establish a session with the platform service enclave
+ /// before calling this API.
+ ///
+ /// read fails if the calling enclave does not match the owner policy and the attributes specified in the
+ /// call that created the monotonic counter.
+ ///
+ /// # Requirements
+ ///
+ /// Header: sgx_tae_service.edl
+ ///
+ /// Library: libsgx_tservice.a
+ ///
+ /// # Return value
+ ///
+ /// Monotonic counter value
+ ///
+ /// # Errors
+ ///
+ /// **SGX_ERROR_INVALID_PARAMETER**
+ ///
+ /// Any of the pointers is invalid.
+ ///
+ /// **SGX_ERROR_MC_NOT_FOUND**
+ ///
+ /// The Monotonic Counter does not exist or has been invalidated.
+ ///
+ /// **SGX_ERROR_AE_SESSION_INVALID**
+ ///
+ /// Session is not created or has been closed by architectural enclave service.
+ ///
+ /// **SGX_ERROR_SERVICE_UNAVAILABLE**
+ ///
+ /// The AE service did not respond or the requested service is not supported.
+ ///
+ /// **SGX_ERROR_SERVICE_TIMEOUT**
+ ///
+ /// A request to the AE service timed out.
+ ///
+ /// **SGX_ERROR_NETWORK_FAILURE**
+ ///
+ /// Network connecting or proxy setting issue was encountered.
+ ///
+ /// **SGX_ERROR_OUT_OF_MEMORY**
+ ///
+ /// Not enough memory is available to complete this operation.
+ ///
+ /// **SGX_ERROR_OUT_OF_EPC**
+ ///
+ /// There is not enough EPC memory to load one of the Architecture Enclaves needed to complete this operation.
+ ///
+ /// **SGX_ERROR_UNEXPECTED**
+ ///
+ /// Indicates an unexpected error occurs.
+ ///
+ pub fn read(&self) -> SgxResult<u32> {
+
+ if self.initflag.get() == false {
+ return Err(sgx_status_t::SGX_ERROR_MC_NOT_FOUND);
+ }
+
+ let mut counter_value: u32 = 0;
+ let ret = rsgx_read_monotonic_counter(&self.counter_uuid, &mut counter_value);
+ match ret {
+ sgx_status_t::SGX_SUCCESS => Ok(counter_value),
+ _ => Err(ret),
+ }
+ }
+}
+
+impl Drop for SgxMonotonicCounter {
+ ///
+ /// destroys a monotonic counter created by new or new_ex.
+ ///
+ fn drop(&mut self) {
+ let _ = self.destory();
+ }
+}
+
+fn rsgx_create_monotonic_counter_ex(owner_policy: u16,
+ owner_attribute_mask: &sgx_attributes_t,
+ counter_uuid: &mut sgx_mc_uuid_t,
+ counter_value: &mut u32) -> sgx_status_t {
+
+ unsafe {
+ sgx_create_monotonic_counter_ex(owner_policy,
+ owner_attribute_mask as * const sgx_attributes_t,
+ counter_uuid as * mut sgx_mc_uuid_t,
+ counter_value as * mut u32)
+ }
+}
+
+fn rsgx_create_monotonic_counter(counter_uuid: &mut sgx_mc_uuid_t, counter_value: &mut u32) -> sgx_status_t {
+
+ unsafe {
+ sgx_create_monotonic_counter(counter_uuid as * mut sgx_mc_uuid_t, counter_value as * mut u32)
+ }
+}
+
+fn rsgx_destroy_monotonic_counter(counter_uuid: &sgx_mc_uuid_t) -> sgx_status_t {
+
+ unsafe {
+ sgx_destroy_monotonic_counter(counter_uuid as * const sgx_mc_uuid_t)
+ }
+}
+
+fn rsgx_increment_monotonic_counter(counter_uuid: &sgx_mc_uuid_t, counter_value: &mut u32) -> sgx_status_t {
+
+ unsafe {
+ sgx_increment_monotonic_counter(counter_uuid as * const sgx_mc_uuid_t, counter_value as * mut u32)
+ }
+}
+
+fn rsgx_read_monotonic_counter(counter_uuid: &sgx_mc_uuid_t, counter_value: &mut u32) -> sgx_status_t {
+
+ unsafe {
+ sgx_read_monotonic_counter(counter_uuid as * const sgx_mc_uuid_t, counter_value as * mut u32)
+ }
+}
\ No newline at end of file
diff --git a/sgx_tservice/src/sgxtime.rs b/sgx_tservice/src/sgxtime.rs
new file mode 100644
index 0000000..a931e34
--- /dev/null
+++ b/sgx_tservice/src/sgxtime.rs
@@ -0,0 +1,214 @@
+// Copyright (C) 2017-2018 Baidu, Inc. All Rights Reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions
+// are met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above copyright
+// notice, this list of conditions and the following disclaimer in
+// the documentation and/or other materials provided with the
+// distribution.
+// * Neither the name of Baidu, Inc., nor the names of its
+// contributors may be used to endorse or promote products derived
+// from this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+use sgx_types::*;
+use core::cmp::Ordering;
+use core::fmt;
+
+/// timestamp contains time in seconds and source_nonce contains nonce associate with the time.
+#[derive(Copy, Clone, Debug, Default)]
+pub struct SgxTime {
+ timestamp: sgx_time_t,
+ source_nonce: sgx_time_source_nonce_t,
+}
+
+pub type Duration = sgx_time_t;
+
+pub enum SgxTimeError {
+ TimeStamp(Duration),
+ TimeSourceChanged,
+ SgxStatus(sgx_status_t),
+}
+
+impl SgxTimeError {
+ pub fn __description(&self) -> &str {
+ match *self {
+ SgxTimeError::TimeStamp(_) => "other time was not earlier than self",
+ SgxTimeError::TimeSourceChanged => "time source is changed",
+ SgxTimeError::SgxStatus(ref status) => status.__description(),
+ }
+ }
+}
+
+impl fmt::Display for SgxTimeError {
+ fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
+ match *self {
+ SgxTimeError::TimeStamp(_) => write!(f, "second time provided was later than self"),
+ SgxTimeError::TimeSourceChanged => write!(f, "time source does not match"),
+ SgxTimeError::SgxStatus(status) => status.fmt(f),
+ }
+ }
+}
+
+impl PartialEq for SgxTime {
+ fn eq(&self, other: &SgxTime) -> bool {
+ self.timestamp == other.timestamp && self.source_nonce == other.source_nonce
+ }
+}
+
+impl Eq for SgxTime {}
+
+impl PartialOrd for SgxTime {
+
+ fn partial_cmp(&self, other: &SgxTime) -> Option<Ordering> {
+
+ if self.source_nonce == other.source_nonce {
+ Some(self.timestamp.cmp(&other.timestamp))
+ } else {
+ None
+ }
+ }
+}
+
+impl SgxTime {
+
+ pub fn now() -> Result<SgxTime, SgxTimeError> {
+
+ let mut timestamp: sgx_time_t = 0;
+ let mut source_nonce: sgx_time_source_nonce_t = Default::default();
+
+ let ret = rsgx_get_trusted_time(&mut timestamp, &mut source_nonce);
+ match ret {
+ sgx_status_t::SGX_SUCCESS => Ok(SgxTime{
+ timestamp: timestamp,
+ source_nonce: source_nonce
+ }),
+ _ => Err(SgxTimeError::SgxStatus(ret)),
+ }
+ }
+
+ pub fn duration_since(&self, earlier: &SgxTime) -> Result<Duration, SgxTimeError> {
+
+ if self.source_nonce == earlier.source_nonce {
+
+ if self.timestamp >= earlier.timestamp {
+ Ok(self.timestamp - earlier.timestamp)
+ } else {
+ Err(SgxTimeError::TimeStamp(earlier.timestamp - self.timestamp))
+ }
+ } else {
+ Err(SgxTimeError::TimeSourceChanged)
+ }
+ }
+
+ pub fn elapsed(&self) -> Result<Duration, SgxTimeError> {
+
+ SgxTime::now().and_then(|t| t.duration_since(self))
+ }
+
+ pub fn add_duration(&self, other: Duration) -> Option<SgxTime> {
+
+ self.timestamp.checked_add(other).map(|secs|
+ SgxTime{ timestamp: secs, source_nonce: self.source_nonce }
+ )
+ }
+
+ pub fn sub_duration(&self, other: Duration) -> Option<SgxTime> {
+
+ self.timestamp.checked_sub(other).map(|secs|
+ SgxTime{ timestamp: secs, source_nonce: self.source_nonce }
+ )
+ }
+
+ pub fn get_secs(&self) -> sgx_time_t { self.timestamp }
+
+ pub fn get_source_nonce(&self) -> sgx_time_source_nonce_t { self.source_nonce }
+}
+
+///
+/// rsgx_get_trusted_time gets trusted time from the AE service.
+///
+/// # Description
+///
+/// current_time contains time in seconds and time_source_nonce contains nonce associate with the time.
+/// The caller should compare time_source_nonce against the value returned from the previous call of
+/// this API if it needs to calculate the time passed between two readings of the Trusted Timer. If the
+/// time_source_nonce of the two readings do not match, the difference between the two readings does not
+/// necessarily reflect time passed.
+///
+/// The caller should call rsgx_create_pse_session to establish a session with the platform service enclave
+/// before calling this API.
+///
+/// # Parameters
+///
+/// **current_time**
+///
+/// Trusted Time Stamp in seconds relative to a reference point. The reference point does not change as long as
+/// the time_source_nonce has not changed.
+///
+/// **time_source_nonce**
+///
+/// A pointer to the buffer that receives the nonce which indicates time source.
+///
+/// # Requirements
+///
+/// Header: sgx_tae_service.edl
+///
+/// Library: libsgx_tservice.a
+///
+/// # Errors
+///
+/// **SGX_ERROR_INVALID_PARAMETER**
+///
+/// Any of the pointers is invalid.
+///
+/// **SGX_ERROR_AE_SESSION_INVALID**
+///
+/// Session is not created or has been closed by architectural enclave service.
+///
+/// **SGX_ERROR_SERVICE_UNAVAILABLE**
+///
+/// The AE service did not respond or the requested service is not supported.
+///
+/// **SGX_ERROR_SERVICE_TIMEOUT**
+///
+/// A request to the AE service timed out.
+///
+/// **SGX_ERROR_NETWORK_FAILURE**
+///
+/// Network connecting or proxy setting issue was encountered.
+///
+/// **SGX_ERROR_OUT_OF_MEMORY**
+///
+/// Not enough memory is available to complete this operation.
+///
+/// **SGX_ERROR_OUT_OF_EPC**
+///
+/// There is not enough EPC memory to load one of the Architecture Enclaves needed to complete this operation.
+///
+/// **SGX_ERROR_UNEXPECTED**
+///
+/// Indicates an unexpected error occurs.
+///
+fn rsgx_get_trusted_time(current_time: &mut sgx_time_t,
+ time_source_nonce: &mut sgx_time_source_nonce_t) -> sgx_status_t {
+
+ unsafe {
+ sgx_get_trusted_time(current_time as * mut sgx_time_t, time_source_nonce as * mut sgx_time_source_nonce_t)
+ }
+}
\ No newline at end of file
diff --git a/sgx_tservice/src/tae.rs b/sgx_tservice/src/tae.rs
index 44d02e6..49e6e77 100644
--- a/sgx_tservice/src/tae.rs
+++ b/sgx_tservice/src/tae.rs
@@ -32,9 +32,6 @@
//! to use platform services and get platform services security property.
//!
use sgx_types::*;
-use core::cell::Cell;
-use core::cmp::Ordering;
-use core::fmt;
///
/// rsgx_create_pse_session creates a session with the PSE.
@@ -212,696 +209,4 @@
}
}
-///
-/// rsgx_get_trusted_time gets trusted time from the AE service.
-///
-/// # Description
-///
-/// current_time contains time in seconds and time_source_nonce contains nonce associate with the time.
-/// The caller should compare time_source_nonce against the value returned from the previous call of
-/// this API if it needs to calculate the time passed between two readings of the Trusted Timer. If the
-/// time_source_nonce of the two readings do not match, the difference between the two readings does not
-/// necessarily reflect time passed.
-///
-/// The caller should call rsgx_create_pse_session to establish a session with the platform service enclave
-/// before calling this API.
-///
-/// # Parameters
-///
-/// **current_time**
-///
-/// Trusted Time Stamp in seconds relative to a reference point. The reference point does not change as long as
-/// the time_source_nonce has not changed.
-///
-/// **time_source_nonce**
-///
-/// A pointer to the buffer that receives the nonce which indicates time source.
-///
-/// # Requirements
-///
-/// Header: sgx_tae_service.edl
-///
-/// Library: libsgx_tservice.a
-///
-/// # Errors
-///
-/// **SGX_ERROR_INVALID_PARAMETER**
-///
-/// Any of the pointers is invalid.
-///
-/// **SGX_ERROR_AE_SESSION_INVALID**
-///
-/// Session is not created or has been closed by architectural enclave service.
-///
-/// **SGX_ERROR_SERVICE_UNAVAILABLE**
-///
-/// The AE service did not respond or the requested service is not supported.
-///
-/// **SGX_ERROR_SERVICE_TIMEOUT**
-///
-/// A request to the AE service timed out.
-///
-/// **SGX_ERROR_NETWORK_FAILURE**
-///
-/// Network connecting or proxy setting issue was encountered.
-///
-/// **SGX_ERROR_OUT_OF_MEMORY**
-///
-/// Not enough memory is available to complete this operation.
-///
-/// **SGX_ERROR_OUT_OF_EPC**
-///
-/// There is not enough EPC memory to load one of the Architecture Enclaves needed to complete this operation.
-///
-/// **SGX_ERROR_UNEXPECTED**
-///
-/// Indicates an unexpected error occurs.
-///
-fn rsgx_get_trusted_time(current_time: &mut sgx_time_t,
- time_source_nonce: &mut sgx_time_source_nonce_t) -> sgx_status_t {
- unsafe {
- sgx_get_trusted_time(current_time as * mut sgx_time_t, time_source_nonce as * mut sgx_time_source_nonce_t)
- }
-}
-
-/// timestamp contains time in seconds and source_nonce contains nonce associate with the time.
-#[derive(Copy, Clone, Debug, Default)]
-pub struct SgxTime {
- timestamp: sgx_time_t,
- source_nonce: sgx_time_source_nonce_t,
-}
-
-pub type Duration = sgx_time_t;
-
-pub enum SgxTimeError {
- TimeStamp(Duration),
- TimeSourceChanged,
- SgxStatus(sgx_status_t),
-}
-
-impl SgxTimeError {
- pub fn __description(&self) -> &str {
- match *self {
- SgxTimeError::TimeStamp(_) => "other time was not earlier than self",
- SgxTimeError::TimeSourceChanged => "time source is changed",
- SgxTimeError::SgxStatus(ref status) => status.__description(),
- }
- }
-}
-
-impl fmt::Display for SgxTimeError {
- fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
- match *self {
- SgxTimeError::TimeStamp(_) => write!(f, "second time provided was later than self"),
- SgxTimeError::TimeSourceChanged => write!(f, "time source does not match"),
- SgxTimeError::SgxStatus(status) => status.fmt(f),
- }
- }
-}
-
-impl PartialEq for SgxTime {
- fn eq(&self, other: &SgxTime) -> bool {
- self.timestamp == other.timestamp && self.source_nonce == other.source_nonce
- }
-}
-
-impl Eq for SgxTime {}
-
-impl PartialOrd for SgxTime {
-
- fn partial_cmp(&self, other: &SgxTime) -> Option<Ordering> {
-
- if self.source_nonce == other.source_nonce {
- Some(self.timestamp.cmp(&other.timestamp))
- } else {
- None
- }
- }
-}
-
-impl SgxTime {
-
- pub fn now() -> Result<SgxTime, SgxTimeError> {
-
- let mut timestamp: sgx_time_t = 0;
- let mut source_nonce: sgx_time_source_nonce_t = Default::default();
-
- let ret = rsgx_get_trusted_time(&mut timestamp, &mut source_nonce);
- match ret {
- sgx_status_t::SGX_SUCCESS => Ok(SgxTime{
- timestamp: timestamp,
- source_nonce: source_nonce
- }),
- _ => Err(SgxTimeError::SgxStatus(ret)),
- }
- }
-
- pub fn duration_since(&self, earlier: &SgxTime) -> Result<Duration, SgxTimeError> {
-
- if self.source_nonce == earlier.source_nonce {
-
- if self.timestamp >= earlier.timestamp {
- Ok(self.timestamp - earlier.timestamp)
- } else {
- Err(SgxTimeError::TimeStamp(earlier.timestamp - self.timestamp))
- }
- } else {
- Err(SgxTimeError::TimeSourceChanged)
- }
- }
-
- pub fn elapsed(&self) -> Result<Duration, SgxTimeError> {
-
- SgxTime::now().and_then(|t| t.duration_since(self))
- }
-
- pub fn add_duration(&self, other: Duration) -> Option<SgxTime> {
-
- self.timestamp.checked_add(other).map(|secs|
- SgxTime{ timestamp: secs, source_nonce: self.source_nonce }
- )
- }
-
- pub fn sub_duration(&self, other: Duration) -> Option<SgxTime> {
-
- self.timestamp.checked_sub(other).map(|secs|
- SgxTime{ timestamp: secs, source_nonce: self.source_nonce }
- )
- }
-
- pub fn get_secs(&self) -> sgx_time_t { self.timestamp }
-
- pub fn get_source_nonce(&self) -> sgx_time_source_nonce_t { self.source_nonce }
-}
-
-fn rsgx_create_monotonic_counter_ex(owner_policy: u16,
- owner_attribute_mask: &sgx_attributes_t,
- counter_uuid: &mut sgx_mc_uuid_t,
- counter_value: &mut u32) -> sgx_status_t {
-
- unsafe {
- sgx_create_monotonic_counter_ex(owner_policy,
- owner_attribute_mask as * const sgx_attributes_t,
- counter_uuid as * mut sgx_mc_uuid_t,
- counter_value as * mut u32)
- }
-}
-
-fn rsgx_create_monotonic_counter(counter_uuid: &mut sgx_mc_uuid_t, counter_value: &mut u32) -> sgx_status_t {
-
- unsafe {
- sgx_create_monotonic_counter(counter_uuid as * mut sgx_mc_uuid_t, counter_value as * mut u32)
- }
-}
-
-fn rsgx_destroy_monotonic_counter(counter_uuid: &sgx_mc_uuid_t) -> sgx_status_t {
-
- unsafe {
- sgx_destroy_monotonic_counter(counter_uuid as * const sgx_mc_uuid_t)
- }
-}
-
-fn rsgx_increment_monotonic_counter(counter_uuid: &sgx_mc_uuid_t, counter_value: &mut u32) -> sgx_status_t {
-
- unsafe {
- sgx_increment_monotonic_counter(counter_uuid as * const sgx_mc_uuid_t, counter_value as * mut u32)
- }
-}
-
-fn rsgx_read_monotonic_counter(counter_uuid: &sgx_mc_uuid_t, counter_value: &mut u32) -> sgx_status_t {
-
- unsafe {
- sgx_read_monotonic_counter(counter_uuid as * const sgx_mc_uuid_t, counter_value as * mut u32)
- }
-}
-
-/// Monotonic counter ID
-pub struct SgxMonotonicCounter {
- counter_uuid: sgx_mc_uuid_t,
- initflag: Cell<bool>,
-}
-
-impl SgxMonotonicCounter {
-
- ///
- /// creates a monotonic counter with default owner policy and default user attribute mask.
- ///
- /// # Description
- ///
- /// Call new to create a monotonic counter with the default owner policy 0x1, which means enclaves
- /// with same signing key can access the monotonic counter and default owner_attribute_mask 0xFFFFFFFFFFFFFFCB.
- ///
- /// The caller should call rsgx_create_pse_session to establish a session with the platform service enclave
- /// before calling this API.
- ///
- /// Creating a monotonic counter (MC) involves writing to the non-volatile memory available in the platform.
- /// Repeated write operations could cause the memory to wear out during the normal lifecycle of the platform.
- /// Intel(R) SGX prevents this by limiting the rate at which MC operations can be performed. If you exceed
- /// the limit, the MC operation may return SGX_ERROR_BUSY for several minutes.
- ///
- /// Intel(R) SGX limits the number of MCs an enclave can create. To avoid exhausting the available quota,
- /// an SGX application should record the MC UUID that rsgx_create_monotonic_counter returns and destroy a MC
- /// when it is not needed any more. If an enclave reaches its quota and previously created MC UUIDs have not
- /// been recorded, you may restore the MC service after uninstalling the SGX PSW and installing it again.
- /// This procedure deletes all MCs created by any enclave in that system.
- ///
- /// # Parameters
- ///
- /// **counter_value**
- ///
- /// A pointer to the buffer that receives the monotonic counter value.
- ///
- /// # Requirements
- ///
- /// Header: sgx_tae_service.edl
- ///
- /// Library: libsgx_tservice.a
- ///
- /// # Return value
- ///
- /// Monotonic counter ID
- ///
- /// # Errors
- ///
- /// **SGX_ERROR_INVALID_PARAMETER**
- ///
- /// Any of the pointers is invalid.
- ///
- /// **SGX_ERROR_BUSY**
- ///
- /// The requested service is temporarily not available.
- ///
- /// **SGX_ERROR_MC_OVER_QUOTA**
- ///
- /// The enclave has reached the quota of Monotonic Counters it can maintain.
- ///
- /// **SGX_ERROR_MC_USED_UP**
- ///
- /// Monotonic counters are used out.
- ///
- /// **SGX_ERROR_AE_SESSION_INVALID**
- ///
- /// Session is not created or has been closed by architectural enclave service.
- ///
- /// **SGX_ERROR_SERVICE_UNAVAILABLE**
- ///
- /// The AE service did not respond or the requested service is not supported.
- ///
- /// **SGX_ERROR_SERVICE_TIMEOUT**
- ///
- /// A request to the AE service timed out.
- ///
- /// **SGX_ERROR_NETWORK_FAILURE**
- ///
- /// Network connecting or proxy setting issue was encountered.
- ///
- /// **SGX_ERROR_OUT_OF_MEMORY**
- ///
- /// Not enough memory is available to complete this operation.
- ///
- /// **SGX_ERROR_OUT_OF_EPC**
- ///
- /// There is not enough EPC memory to load one of the Architecture Enclaves needed to complete this operation.
- ///
- /// **SGX_ERROR_UNEXPECTED**
- ///
- /// Indicates an unexpected error occurs.
- ///
- pub fn new(counter_value: &mut u32) -> SgxResult<Self> {
-
- let mut counter_uuid = sgx_mc_uuid_t::default();
- let ret = rsgx_create_monotonic_counter(&mut counter_uuid, counter_value);
-
- match ret {
- sgx_status_t::SGX_SUCCESS => Ok(SgxMonotonicCounter{
- counter_uuid: counter_uuid,
- initflag: Cell::new(true),
- }),
- _ => Err(ret),
- }
- }
-
- ///
- /// creates a monotonic counter.
- ///
- /// # Description
- ///
- /// Call new_ex to create a monotonic counter with the given owner_policy and owner_attribute_mask.
- ///
- /// The caller should call rsgx_create_pse_session to establish a session with the platform service enclave
- /// before calling this API.
- ///
- /// Creating a monotonic counter (MC) involves writing to the non-volatile memory available in the platform.
- /// Repeated write operations could cause the memory to wear out during the normal lifecycle of the platform.
- /// Intel(R) SGX prevents this by limiting the rate at which MC operations can be performed. If you exceed
- /// the limit, the MC operation may return SGX_ERROR_BUSY for several minutes.
- ///
- /// Intel(R) SGX limits the number of MCs an enclave can create. To avoid exhausting the available quota,
- /// an SGX application should record the MC UUID that rsgx_create_monotonic_counter_ex returns and destroy a MC
- /// when it is not needed any more. If an enclave reaches its quota and previously created MC UUIDs have not
- /// been recorded, you may restore the MC service after uninstalling the SGX PSW and installing it again.
- /// This procedure deletes all MCs created by any enclave in that system.
- ///
- /// # Parameters
- ///
- /// **owner_policy**
- ///
- /// The owner policy of the monotonic counter.
- ///
- /// * 0x1 means enclave with same signing key can access the monotonic counter
- /// * 0x2 means enclave with same measurement can access the monotonic counter
- /// * 0x3 means enclave with same measurement as well as signing key can access the monotonic counter.
- /// * Owner policy values of 0x0 or any bits set beyond bits 0 and 1 will cause SGX_ERROR_INVALID_PARAMETER
- ///
- /// **owner_attribute_mask**
- ///
- /// Mask of owner attribute, in the format of sgx_attributes_t.
- ///
- /// **counter_value**
- ///
- /// A pointer to the buffer that receives the monotonic counter value.
- ///
- /// # Requirements
- ///
- /// Header: sgx_tae_service.edl
- ///
- /// Library: libsgx_tservice.a
- ///
- /// # Return value
- ///
- /// Monotonic counter ID
- ///
- /// # Errors
- ///
- /// **SGX_ERROR_INVALID_PARAMETER**
- ///
- /// Any of the pointers is invalid.
- ///
- /// **SGX_ERROR_BUSY**
- ///
- /// The requested service is temporarily not available.
- ///
- /// **SGX_ERROR_MC_OVER_QUOTA**
- ///
- /// The enclave has reached the quota of Monotonic Counters it can maintain.
- ///
- /// **SGX_ERROR_MC_USED_UP**
- ///
- /// Monotonic counters are used out.
- ///
- /// **SGX_ERROR_AE_SESSION_INVALID**
- ///
- /// Session is not created or has been closed by architectural enclave service.
- ///
- /// **SGX_ERROR_SERVICE_UNAVAILABLE**
- ///
- /// The AE service did not respond or the requested service is not supported.
- ///
- /// **SGX_ERROR_SERVICE_TIMEOUT**
- ///
- /// A request to the AE service timed out.
- ///
- /// **SGX_ERROR_NETWORK_FAILURE**
- ///
- /// Network connecting or proxy setting issue was encountered.
- ///
- /// **SGX_ERROR_OUT_OF_MEMORY**
- ///
- /// Not enough memory is available to complete this operation.
- ///
- /// **SGX_ERROR_OUT_OF_EPC**
- ///
- /// There is not enough EPC memory to load one of the Architecture Enclaves needed to complete this operation.
- ///
- /// **SGX_ERROR_UNEXPECTED**
- ///
- /// Indicates an unexpected error occurs.
- ///
- pub fn new_ex(owner_policy: u16, owner_attribute_mask: &sgx_attributes_t, counter_value: &mut u32) -> SgxResult<Self> {
-
- let mut counter_uuid = sgx_mc_uuid_t::default();
- let ret = rsgx_create_monotonic_counter_ex(owner_policy, owner_attribute_mask, &mut counter_uuid, counter_value);
-
- match ret {
- sgx_status_t::SGX_SUCCESS => Ok(SgxMonotonicCounter{
- counter_uuid: counter_uuid,
- initflag: Cell::new(true),
- }),
- _ => Err(ret),
- }
- }
-
- ///
- /// destroys a monotonic counter created by new or new_ex.
- ///
- /// # Description
- ///
- /// Calling destory after a monotonic counter is not needed anymore.
- ///
- /// The caller should call rsgx_create_pse_session to establish a session with the platform service enclave
- /// before calling this API.
- ///
- /// destory fails if the calling enclave does not match the owner policy and the attributes specified in the
- /// call that created the monotonic counter.
- ///
- /// Destroying a Monotonic Counter (MC) involves writing to the non-volatile memory available in the platform.
- /// Repeated write operations could cause the memory to wear out during the normal lifecycle of the platform.
- /// Intel(R) SGX prevents this by limiting the rate at which MC operations can be performed. If you exceed the
- /// limit, the MC operation may return SGX_ERROR_BUSY for several minutes.
- ///
- /// # Requirements
- ///
- /// Header: sgx_tae_service.edl
- ///
- /// Library: libsgx_tservice.a
- ///
- /// # Errors
- ///
- /// **SGX_ERROR_INVALID_PARAMETER**
- ///
- /// Any of the pointers is invalid.
- ///
- /// **SGX_ERROR_BUSY**
- ///
- /// The requested service is temporarily not available.
- ///
- /// **SGX_ERROR_MC_NOT_FOUND**
- ///
- /// The Monotonic Counter does not exist or has been invalidated.
- ///
- /// **SGX_ERROR_MC_NO_ACCESS_RIGHT**
- ///
- /// The enclave doesn't have the access right to specified Monotonic Counter.
- ///
- /// **SGX_ERROR_AE_SESSION_INVALID**
- ///
- /// Session is not created or has been closed by architectural enclave service.
- ///
- /// **SGX_ERROR_SERVICE_UNAVAILABLE**
- ///
- /// The AE service did not respond or the requested service is not supported.
- ///
- /// **SGX_ERROR_SERVICE_TIMEOUT**
- ///
- /// A request to the AE service timed out.
- ///
- /// **SGX_ERROR_NETWORK_FAILURE**
- ///
- /// Network connecting or proxy setting issue was encountered.
- ///
- /// **SGX_ERROR_OUT_OF_MEMORY**
- ///
- /// Not enough memory is available to complete this operation.
- ///
- /// **SGX_ERROR_OUT_OF_EPC**
- ///
- /// There is not enough EPC memory to load one of the Architecture Enclaves needed to complete this operation.
- ///
- /// **SGX_ERROR_UNEXPECTED**
- ///
- /// Indicates an unexpected error occurs.
- ///
- pub fn destory(&self) -> SgxError {
-
- if self.initflag.get() == false {
- return Err(sgx_status_t::SGX_ERROR_MC_NOT_FOUND);
- }
-
- let ret = rsgx_destroy_monotonic_counter(&self.counter_uuid);
- if ret == sgx_status_t::SGX_SUCCESS {
- self.initflag.set(false);
- Ok(())
- } else {
- Err(ret)
- }
- }
-
- ///
- /// increments a monotonic counter value by 1.
- ///
- /// # Description
- ///
- /// Call increment to increase a monotonic counter value by 1.
- ///
- /// The caller should call rsgx_create_pse_session to establish a session with the platform service enclave
- /// before calling this API.
- ///
- /// increment fails if the calling enclave does not match the owner policy and the attributes specified in the
- /// call that created the monotonic counter.
- ///
- /// Incrementing a monotonic counter (MC) involves writing to the non-volatile memory available in the platform.
- /// Repeated write operations could cause the memory to wear out during the normal lifecycle of the platform.
- /// Intel(R) SGX prevents this by limiting the rate at which MC operations can be performed. If you exceed the limit,
- /// the MC operation may return SGX_ERROR_BUSY for several minutes.
- ///
- /// # Requirements
- ///
- /// Header: sgx_tae_service.edl
- ///
- /// Library: libsgx_tservice.a
- ///
- /// # Errors
- ///
- /// **SGX_ERROR_INVALID_PARAMETER**
- ///
- /// Any of the pointers is invalid.
- ///
- /// **SGX_ERROR_BUSY**
- ///
- /// The requested service is temporarily not available.
- ///
- /// **SGX_ERROR_MC_NOT_FOUND**
- ///
- /// The Monotonic Counter does not exist or has been invalidated.
- ///
- /// **SGX_ERROR_MC_NO_ACCESS_RIGHT**
- ///
- /// The enclave doesn't have the access right to specified Monotonic Counter.
- ///
- /// **SGX_ERROR_AE_SESSION_INVALID**
- ///
- /// Session is not created or has been closed by architectural enclave service.
- ///
- /// **SGX_ERROR_SERVICE_UNAVAILABLE**
- ///
- /// The AE service did not respond or the requested service is not supported.
- ///
- /// **SGX_ERROR_SERVICE_TIMEOUT**
- ///
- /// A request to the AE service timed out.
- ///
- /// **SGX_ERROR_NETWORK_FAILURE**
- ///
- /// Network connecting or proxy setting issue was encountered.
- ///
- /// **SGX_ERROR_OUT_OF_MEMORY**
- ///
- /// Not enough memory is available to complete this operation.
- ///
- /// **SGX_ERROR_OUT_OF_EPC**
- ///
- /// There is not enough EPC memory to load one of the Architecture Enclaves needed to complete this operation.
- ///
- /// **SGX_ERROR_UNEXPECTED**
- ///
- /// Indicates an unexpected error occurs.
- ///
- pub fn increment(&self) -> SgxResult<u32> {
-
- if self.initflag.get() == false {
- return Err(sgx_status_t::SGX_ERROR_MC_NOT_FOUND);
- }
-
- let mut counter_value: u32 = 0;
- let ret = rsgx_increment_monotonic_counter(&self.counter_uuid, &mut counter_value);
- match ret {
- sgx_status_t::SGX_SUCCESS => Ok(counter_value),
- _ => Err(ret),
- }
- }
-
- ///
- /// returns the value of a monotonic counter.
- ///
- /// # Description
- ///
- /// Call read to read the value of a monotonic counter.
- ///
- /// The caller should call rsgx_create_pse_session to establish a session with the platform service enclave
- /// before calling this API.
- ///
- /// read fails if the calling enclave does not match the owner policy and the attributes specified in the
- /// call that created the monotonic counter.
- ///
- /// # Requirements
- ///
- /// Header: sgx_tae_service.edl
- ///
- /// Library: libsgx_tservice.a
- ///
- /// # Return value
- ///
- /// Monotonic counter value
- ///
- /// # Errors
- ///
- /// **SGX_ERROR_INVALID_PARAMETER**
- ///
- /// Any of the pointers is invalid.
- ///
- /// **SGX_ERROR_MC_NOT_FOUND**
- ///
- /// The Monotonic Counter does not exist or has been invalidated.
- ///
- /// **SGX_ERROR_AE_SESSION_INVALID**
- ///
- /// Session is not created or has been closed by architectural enclave service.
- ///
- /// **SGX_ERROR_SERVICE_UNAVAILABLE**
- ///
- /// The AE service did not respond or the requested service is not supported.
- ///
- /// **SGX_ERROR_SERVICE_TIMEOUT**
- ///
- /// A request to the AE service timed out.
- ///
- /// **SGX_ERROR_NETWORK_FAILURE**
- ///
- /// Network connecting or proxy setting issue was encountered.
- ///
- /// **SGX_ERROR_OUT_OF_MEMORY**
- ///
- /// Not enough memory is available to complete this operation.
- ///
- /// **SGX_ERROR_OUT_OF_EPC**
- ///
- /// There is not enough EPC memory to load one of the Architecture Enclaves needed to complete this operation.
- ///
- /// **SGX_ERROR_UNEXPECTED**
- ///
- /// Indicates an unexpected error occurs.
- ///
- pub fn read(&self) -> SgxResult<u32> {
-
- if self.initflag.get() == false {
- return Err(sgx_status_t::SGX_ERROR_MC_NOT_FOUND);
- }
-
- let mut counter_value: u32 = 0;
- let ret = rsgx_read_monotonic_counter(&self.counter_uuid, &mut counter_value);
- match ret {
- sgx_status_t::SGX_SUCCESS => Ok(counter_value),
- _ => Err(ret),
- }
- }
-}
-
-impl Drop for SgxMonotonicCounter {
- ///
- /// destroys a monotonic counter created by new or new_ex.
- ///
- fn drop(&mut self) {
- let _ = self.destory();
- }
-}
diff --git a/sgx_tstd/Cargo.toml b/sgx_tstd/Cargo.toml
index 7ccc62a..1372c66 100644
--- a/sgx_tstd/Cargo.toml
+++ b/sgx_tstd/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "sgx_tstd"
-version = "0.9.5"
+version = "0.9.6"
authors = ["Baidu"]
build = "build.rs"
@@ -9,9 +9,12 @@
crate-type = ["rlib"]
[features]
-default = ["backtrace"]
+default = ["stdio"]
backtrace = ["stdio"]
stdio = []
+untrusted_fs = []
+untrusted_net = []
+untrusted_time = []
[build-dependencies]
build_helper = { path = "../build_helper" }
diff --git a/sgx_tstd/src/collections/hash/map.rs b/sgx_tstd/src/collections/hash/map.rs
index 6ed122f..b1c681e 100644
--- a/sgx_tstd/src/collections/hash/map.rs
+++ b/sgx_tstd/src/collections/hash/map.rs
@@ -1462,7 +1462,7 @@
}
}
-impl<'a, K, V> Place<V> for EntryPlace<'a, K, V> {
+unsafe impl<'a, K, V> Place<V> for EntryPlace<'a, K, V> {
fn pointer(&mut self) -> *mut V {
self.bucket.read_mut().1
}
diff --git a/sgx_tstd/src/collections/hash/table.rs b/sgx_tstd/src/collections/hash/table.rs
index fd95b6f..df43dcd 100644
--- a/sgx_tstd/src/collections/hash/table.rs
+++ b/sgx_tstd/src/collections/hash/table.rs
@@ -34,7 +34,7 @@
use core::mem::{align_of, size_of, needs_drop};
use core::mem;
use core::ops::{Deref, DerefMut};
-use core::ptr::{self, Unique, Shared};
+use core::ptr::{self, Unique, NonNull};
use self::BucketState::*;
@@ -857,7 +857,7 @@
elems_left: elems_left,
marker: marker::PhantomData,
},
- table: Shared::from(self),
+ table: NonNull::from(self),
marker: marker::PhantomData,
}
}
@@ -1004,7 +1004,7 @@
/// Iterator over the entries in a table, clearing the table.
pub struct Drain<'a, K: 'a, V: 'a> {
- table: Shared<RawTable<K, V>>,
+ table: NonNull<RawTable<K, V>>,
iter: RawBuckets<'static, K, V>,
marker: marker::PhantomData<&'a RawTable<K, V>>,
}
diff --git a/sgx_tstd/src/collections/mod.rs b/sgx_tstd/src/collections/mod.rs
index 2d1cf5f..b51511b 100644
--- a/sgx_tstd/src/collections/mod.rs
+++ b/sgx_tstd/src/collections/mod.rs
@@ -26,6 +26,14 @@
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+//! Collection types.
+//!
+//! Rust's standard collection library provides efficient implementations of the
+//! most common general purpose programming data structures. By using the
+//! standard implementations, it should be possible for two libraries to
+//! communicate without significant data conversion.
+//!
+
pub use alloc::Bound;
pub use alloc::{BinaryHeap, BTreeMap, BTreeSet};
pub use alloc::{LinkedList, VecDeque};
diff --git a/sgx_tstd/src/f32.rs b/sgx_tstd/src/f32.rs
index 06fe80e..aca1ff4 100644
--- a/sgx_tstd/src/f32.rs
+++ b/sgx_tstd/src/f32.rs
@@ -959,7 +959,7 @@
///
#[inline]
pub fn to_bits(self) -> u32 {
- unsafe { ::mem::transmute(self) }
+ num::Float::to_bits(self)
}
/// Raw transmutation from `u32`.
@@ -994,7 +994,6 @@
///
#[inline]
pub fn from_bits(v: u32) -> Self {
- // It turns out the safety issues with sNaN were overblown! Hooray!
- unsafe { ::mem::transmute(v) }
+ num::Float::from_bits(v)
}
}
\ No newline at end of file
diff --git a/sgx_tstd/src/f64.rs b/sgx_tstd/src/f64.rs
index 435f117..3171697 100644
--- a/sgx_tstd/src/f64.rs
+++ b/sgx_tstd/src/f64.rs
@@ -906,7 +906,7 @@
///
#[inline]
pub fn to_bits(self) -> u64 {
- unsafe { ::mem::transmute(self) }
+ num::Float::to_bits(self)
}
/// Raw transmutation from `u64`.
@@ -941,7 +941,6 @@
///
#[inline]
pub fn from_bits(v: u64) -> Self {
- // It turns out the safety issues with sNaN were overblown! Hooray!
- unsafe { ::mem::transmute(v) }
+ num::Float::from_bits(v)
}
}
diff --git a/sgx_tstd/src/fs.rs b/sgx_tstd/src/fs.rs
index 80161bb..3352f6f 100644
--- a/sgx_tstd/src/fs.rs
+++ b/sgx_tstd/src/fs.rs
@@ -100,12 +100,12 @@
#[derive(Copy, Clone, PartialEq, Eq, Hash, Debug)]
pub struct FileType(fs_imp::FileType);
-/// How large a buffer to pre-allocate before reading the entire file at `path`.
-fn initial_buffer_size<P: AsRef<Path>>(path: P) -> usize {
+/// How large a buffer to pre-allocate before reading the entire file.
+fn initial_buffer_size(file: &File) -> usize {
// Allocate one extra byte so the buffer doesn't need to grow before the
// final `read` call at the end of the file. Don't worry about `usize`
// overflow because reading will fail regardless in that case.
- metadata(path).map(|m| m.len() as usize + 1).unwrap_or(0)
+ file.metadata().map(|m| m.len() as usize + 1).unwrap_or(0)
}
/// Read the entire contents of a file into a bytes vector.
@@ -129,8 +129,9 @@
/// [`ErrorKind::Interrupted`]: ../../std/io/enum.ErrorKind.html#variant.Interrupted
///
pub fn read<P: AsRef<Path>>(path: P) -> io::Result<Vec<u8>> {
- let mut bytes = Vec::with_capacity(initial_buffer_size(&path));
- File::open(path)?.read_to_end(&mut bytes)?;
+ let mut file = File::open(path)?;
+ let mut bytes = Vec::with_capacity(initial_buffer_size(&file));
+ file.read_to_end(&mut bytes)?;
Ok(bytes)
}
@@ -156,8 +157,9 @@
/// [`ErrorKind::Interrupted`]: ../../std/io/enum.ErrorKind.html#variant.Interrupted
///
pub fn read_string<P: AsRef<Path>>(path: P) -> io::Result<String> {
- let mut string = String::with_capacity(initial_buffer_size(&path));
- File::open(path)?.read_to_string(&mut string)?;
+ let mut file = File::open(path)?;
+ let mut string = String::with_capacity(initial_buffer_size(&file));
+ file.read_to_string(&mut string)?;
Ok(string)
}
diff --git a/sgx_tstd/src/lib.rs b/sgx_tstd/src/lib.rs
index 883e503..5ef66f0 100644
--- a/sgx_tstd/src/lib.rs
+++ b/sgx_tstd/src/lib.rs
@@ -47,6 +47,8 @@
#![allow(non_camel_case_types)]
#![allow(unused_must_use)]
#![allow(unused_features)]
+#![allow(unused_imports)]
+#![allow(dead_code)]
#![feature(alloc)]
#![feature(global_allocator)]
@@ -80,10 +82,10 @@
#![feature(optin_builtin_traits)]
#![feature(placement_new_protocol)]
#![feature(prelude_import)]
+#![feature(ptr_internals)]
#![feature(rand)]
#![feature(raw)]
#![feature(rustc_attrs)]
-#![feature(shared)]
#![feature(sip_hash_13)]
#![feature(slice_concat_ext)]
#![feature(str_internals)]
@@ -92,7 +94,6 @@
#![feature(try_from)]
#![feature(unboxed_closures)]
#![feature(unicode)]
-#![feature(unique)]
#![feature(untagged_unions)]
#![feature(unwind_attributes)]
#![feature(slice_patterns)]
@@ -198,6 +199,7 @@
pub mod error;
pub mod ffi;
pub mod sgxfs;
+#[cfg(feature = "untrusted_fs")]
pub mod fs;
pub mod io;
pub mod net;
diff --git a/sgx_tstd/src/net/mod.rs b/sgx_tstd/src/net/mod.rs
index e3f9ac2..d14847c 100644
--- a/sgx_tstd/src/net/mod.rs
+++ b/sgx_tstd/src/net/mod.rs
@@ -38,15 +38,19 @@
pub use self::ip::{IpAddr, Ipv4Addr, Ipv6Addr, Ipv6MulticastScope};
pub use self::addr::{SocketAddr, SocketAddrV4, SocketAddrV6, ToSocketAddrs};
+#[cfg(feature = "untrusted_net")]
pub use self::tcp::TcpStream;
+#[cfg(feature = "untrusted_net")]
pub use self::udp::UdpSocket;
pub use self::parser::AddrParseError;
mod ip;
mod addr;
-mod tcp;
-mod udp;
mod parser;
+#[cfg(feature = "untrusted_net")]
+mod tcp;
+#[cfg(feature = "untrusted_net")]
+mod udp;
/// Possible values which can be passed to the [`shutdown`] method of
#[derive(Copy, Clone, PartialEq, Eq, Debug)]
diff --git a/sgx_tstd/src/os/mod.rs b/sgx_tstd/src/os/mod.rs
index dd8bc0e..8501496 100644
--- a/sgx_tstd/src/os/mod.rs
+++ b/sgx_tstd/src/os/mod.rs
@@ -28,4 +28,5 @@
pub use sys::ext as unix;
pub mod raw;
+#[cfg(feature = "untrusted_fs")]
pub mod fs;
\ No newline at end of file
diff --git a/sgx_tstd/src/panic.rs b/sgx_tstd/src/panic.rs
index c85fd43..a4a68f6 100644
--- a/sgx_tstd/src/panic.rs
+++ b/sgx_tstd/src/panic.rs
@@ -33,7 +33,7 @@
use core::cell::UnsafeCell;
use core::fmt;
use core::ops::{Deref, DerefMut, Fn};
-use core::ptr::{Unique, Shared};
+use core::ptr::{Unique, NonNull};
use core::sync::atomic;
use alloc::boxed::Box;
use alloc::rc::Rc;
@@ -153,7 +153,7 @@
impl<T: RefUnwindSafe + ?Sized> UnwindSafe for *const T {}
impl<T: RefUnwindSafe + ?Sized> UnwindSafe for *mut T {}
impl<T: UnwindSafe + ?Sized> UnwindSafe for Unique<T> {}
-impl<T: RefUnwindSafe + ?Sized> UnwindSafe for Shared<T> {}
+impl<T: RefUnwindSafe + ?Sized> UnwindSafe for NonNull<T> {}
impl<T> UnwindSafe for AssertUnwindSafe<T> {}
// not covered via the Shared impl above b/c the inner contents use
diff --git a/sgx_tstd/src/path.rs b/sgx_tstd/src/path.rs
index f69b25c..7646357 100644
--- a/sgx_tstd/src/path.rs
+++ b/sgx_tstd/src/path.rs
@@ -28,7 +28,7 @@
//! Cross-platform path manipulation.
//!
-//! This module provides two types, [`PathBuf`] and [`Path`] `Path` (akin to [`String`]
+//! This module provides two types, [`PathBuf`] and [`Path`]`Path` (akin to [`String`]
//! and [`str`]), for working with paths abstractly. These types are thin wrappers
//! around [`OsString`] and [`OsStr`] respectively, meaning that they work directly
//! on strings according to the local platform's path syntax.
@@ -42,6 +42,7 @@
//!
use error::Error;
+#[cfg(feature = "untrusted_fs")]
use fs;
use io;
use ffi::{OsStr, OsString};
@@ -1514,6 +1515,7 @@
///
/// [`fs::metadata`]: ../fs/fn.metadata.html
///
+ #[cfg(feature = "untrusted_fs")]
pub fn metadata(&self) -> io::Result<fs::Metadata> {
fs::metadata(self)
}
@@ -1524,6 +1526,7 @@
///
/// [`fs::symlink_metadata`]: ../fs/fn.symlink_metadata.html
///
+ #[cfg(feature = "untrusted_fs")]
pub fn symlink_metadata(&self) -> io::Result<fs::Metadata> {
fs::symlink_metadata(self)
}
@@ -1535,6 +1538,7 @@
///
/// [`fs::canonicalize`]: ../fs/fn.canonicalize.html
///
+ #[cfg(feature = "untrusted_fs")]
pub fn canonicalize(&self) -> io::Result<PathBuf> {
fs::canonicalize(self)
}
@@ -1545,6 +1549,7 @@
///
/// [`fs::read_link`]: ../fs/fn.read_link.html
///
+ #[cfg(feature = "untrusted_fs")]
pub fn read_link(&self) -> io::Result<PathBuf> {
fs::read_link(self)
}
@@ -1557,6 +1562,7 @@
/// If you cannot access the directory containing the file, e.g. because of a
/// permission error, this will return `false`.
///
+ #[cfg(feature = "untrusted_fs")]
pub fn exists(&self) -> bool {
fs::metadata(self).is_ok()
}
@@ -1569,6 +1575,7 @@
/// If you cannot access the directory containing the file, e.g. because of a
/// permission error, this will return `false`.
///
+ #[cfg(feature = "untrusted_fs")]
pub fn is_file(&self) -> bool {
fs::metadata(self).map(|m| m.is_file()).unwrap_or(false)
}
@@ -1581,6 +1588,7 @@
/// If you cannot access the directory containing the file, e.g. because of a
/// permission error, this will return `false`.
///
+ #[cfg(feature = "untrusted_fs")]
pub fn is_dir(&self) -> bool {
fs::metadata(self).map(|m| m.is_dir()).unwrap_or(false)
}
diff --git a/sgx_tstd/src/sgxfs.rs b/sgx_tstd/src/sgxfs.rs
index c8fd3b6..ab14e6e 100644
--- a/sgx_tstd/src/sgxfs.rs
+++ b/sgx_tstd/src/sgxfs.rs
@@ -320,6 +320,7 @@
///
/// On success, the total number of bytes copied is returned.
///
+#[cfg(feature = "untrusted_fs")]
pub fn copy<P: AsRef<Path>, Q: AsRef<Path>>(from: P, to: Q) -> io::Result<u64> {
fs_imp::copy(from.as_ref(), to.as_ref())
}
diff --git a/sgx_tstd/src/sys/backtrace/tracing/gcc_s.rs b/sgx_tstd/src/sys/backtrace/tracing/gcc_s.rs
index fb635ad..78eca90 100644
--- a/sgx_tstd/src/sys/backtrace/tracing/gcc_s.rs
+++ b/sgx_tstd/src/sys/backtrace/tracing/gcc_s.rs
@@ -119,6 +119,7 @@
cx.frames[cx.idx] = Frame {
symbol_addr: symaddr as *mut u8,
exact_position: ip as *mut u8,
+ inline_context: 0,
};
cx.idx += 1;
}
diff --git a/sgx_tstd/src/sys/ext/io.rs b/sgx_tstd/src/sys/ext/io.rs
index 6f1e198..f94e51a 100644
--- a/sgx_tstd/src/sys/ext/io.rs
+++ b/sgx_tstd/src/sys/ext/io.rs
@@ -29,6 +29,7 @@
//! Unix-specific extensions to general I/O primitives
use sgx_trts::libc;
+#[cfg(feature = "untrusted_fs")]
use fs;
use os::raw;
use sys;
@@ -82,18 +83,21 @@
fn into_raw_fd(self) -> RawFd;
}
+#[cfg(feature = "untrusted_fs")]
impl AsRawFd for fs::File {
fn as_raw_fd(&self) -> RawFd {
self.as_inner().fd().raw()
}
}
+#[cfg(feature = "untrusted_fs")]
impl FromRawFd for fs::File {
unsafe fn from_raw_fd(fd: RawFd) -> fs::File {
fs::File::from_inner(sys::fs::File::from_inner(fd))
}
}
+#[cfg(feature = "untrusted_fs")]
impl IntoRawFd for fs::File {
fn into_raw_fd(self) -> RawFd {
self.into_inner().into_fd().into_raw()
diff --git a/sgx_tstd/src/sys/ext/mod.rs b/sgx_tstd/src/sys/ext/mod.rs
index 9f3585b..a820717 100644
--- a/sgx_tstd/src/sys/ext/mod.rs
+++ b/sgx_tstd/src/sys/ext/mod.rs
@@ -28,7 +28,9 @@
pub mod io;
pub mod ffi;
+#[cfg(feature = "untrusted_fs")]
pub mod fs;
+#[cfg(feature = "untrusted_net")]
pub mod net;
/// A prelude for conveniently writing platform-specific code.
@@ -37,6 +39,8 @@
pub mod prelude {
pub use super::io::{RawFd, AsRawFd, FromRawFd, IntoRawFd};
pub use super::ffi::{OsStrExt, OsStringExt};
+ #[cfg(feature = "untrusted_fs")]
pub use super::fs::{PermissionsExt, OpenOptionsExt, MetadataExt, FileTypeExt};
+ #[cfg(feature = "untrusted_fs")]
pub use super::fs::FileExt;
}
diff --git a/sgx_tstd/src/sys/mod.rs b/sgx_tstd/src/sys/mod.rs
index 8904c19..798a149 100644
--- a/sgx_tstd/src/sys/mod.rs
+++ b/sgx_tstd/src/sys/mod.rs
@@ -32,8 +32,10 @@
pub use self::rand::hashmap_random_keys;
pub mod fd;
+#[cfg(feature = "untrusted_fs")]
pub mod fs;
pub mod sgxfs;
+#[cfg(feature = "untrusted_net")]
pub mod net;
pub mod os_str;
pub mod path;
diff --git a/sgx_tstd/src/sys/sgxfs.rs b/sgx_tstd/src/sys/sgxfs.rs
index 5b90911..1b8cc70 100644
--- a/sgx_tstd/src/sys/sgxfs.rs
+++ b/sgx_tstd/src/sys/sgxfs.rs
@@ -299,6 +299,7 @@
}
}
+#[cfg(feature = "untrusted_fs")]
pub fn copy(from: &Path, to: &Path) -> io::Result<u64> {
use sgxfs::SgxFile;
use fs;
diff --git a/sgx_tstd/src/sys_common/backtrace.rs b/sgx_tstd/src/sys_common/backtrace.rs
index 594d0a5..d26d734 100644
--- a/sgx_tstd/src/sys_common/backtrace.rs
+++ b/sgx_tstd/src/sys_common/backtrace.rs
@@ -59,6 +59,8 @@
pub exact_position: *const u8,
/// Address of the enclosing function.
pub symbol_addr: *const u8,
+ /// Which inlined function is this frame referring to
+ pub inline_context: u32,
}
/// Max number of frames to print.
@@ -95,6 +97,7 @@
let mut frames = [Frame {
exact_position: ptr::null(),
symbol_addr: ptr::null(),
+ inline_context: 0,
}; MAX_NB_FRAMES];
let (nb_frames, context) = unwind_backtrace(&mut frames)?;
let (skipped_before, skipped_after) =
diff --git a/sgx_tstd/src/sys_common/mod.rs b/sgx_tstd/src/sys_common/mod.rs
index 8d91149..92c7a68 100644
--- a/sgx_tstd/src/sys_common/mod.rs
+++ b/sgx_tstd/src/sys_common/mod.rs
@@ -36,6 +36,7 @@
pub mod poison;
pub mod thread_info;
pub mod wtf8;
+#[cfg(feature = "untrusted_net")]
pub mod net;
pub mod bytestring;
diff --git a/sgx_tstd/src/time/duration.rs b/sgx_tstd/src/time/duration.rs
index 7a212e6..e57a1ad 100644
--- a/sgx_tstd/src/time/duration.rs
+++ b/sgx_tstd/src/time/duration.rs
@@ -75,35 +75,38 @@
/// Creates a new `Duration` from the specified number of whole seconds.
///
#[inline]
- pub fn from_secs(secs: u64) -> Duration {
+ pub const fn from_secs(secs: u64) -> Duration {
Duration { secs: secs, nanos: 0 }
}
/// Creates a new `Duration` from the specified number of milliseconds.
///
#[inline]
- pub fn from_millis(millis: u64) -> Duration {
- let secs = millis / MILLIS_PER_SEC;
- let nanos = ((millis % MILLIS_PER_SEC) as u32) * NANOS_PER_MILLI;
- Duration { secs: secs, nanos: nanos }
+ pub const fn from_millis(millis: u64) -> Duration {
+ Duration {
+ secs: millis / MILLIS_PER_SEC,
+ nanos: ((millis % MILLIS_PER_SEC) as u32) * NANOS_PER_MILLI,
+ }
}
/// Creates a new `Duration` from the specified number of microseconds.
///
#[inline]
- pub fn from_micros(micros: u64) -> Duration {
- let secs = micros / MICROS_PER_SEC;
- let nanos = ((micros % MICROS_PER_SEC) as u32) * NANOS_PER_MICRO;
- Duration { secs: secs, nanos: nanos }
+ pub const fn from_micros(micros: u64) -> Duration {
+ Duration {
+ secs: micros / MICROS_PER_SEC,
+ nanos: ((micros % MICROS_PER_SEC) as u32) * NANOS_PER_MICRO,
+ }
}
/// Creates a new `Duration` from the specified number of nanoseconds.
///
#[inline]
- pub fn from_nanos(nanos: u64) -> Duration {
- let secs = nanos / (NANOS_PER_SEC as u64);
- let nanos = (nanos % (NANOS_PER_SEC as u64)) as u32;
- Duration { secs: secs, nanos: nanos }
+ pub const fn from_nanos(nanos: u64) -> Duration {
+ Duration {
+ secs: nanos / (NANOS_PER_SEC as u64),
+ nanos: (nanos % (NANOS_PER_SEC as u64)) as u32,
+ }
}
/// Returns the number of _whole_ seconds contained by this `Duration`.
diff --git a/sgx_tstd/src/time/mod.rs b/sgx_tstd/src/time/mod.rs
index 9ac100f..af3693a 100644
--- a/sgx_tstd/src/time/mod.rs
+++ b/sgx_tstd/src/time/mod.rs
@@ -92,6 +92,7 @@
impl Instant {
/// Returns an instant corresponding to "now".
///
+ #[cfg(feature = "untrusted_time")]
pub fn now() -> Instant {
Instant(time::Instant::now())
}
@@ -114,6 +115,7 @@
/// instant, which is something that can happen if an `Instant` is
/// produced synthetically.
///
+ #[cfg(feature = "untrusted_time")]
pub fn elapsed(&self) -> Duration {
Instant::now() - *self
}
@@ -164,6 +166,7 @@
impl SystemTime {
/// Returns the system time corresponding to "now".
///
+ #[cfg(feature = "untrusted_time")]
pub fn now() -> SystemTime {
SystemTime(time::SystemTime::now())
}
@@ -196,6 +199,7 @@
/// Returns an [`Err`] if `self` is later than the current system time, and
/// the error contains how far from the current system time `self` is.
///
+ #[cfg(feature = "untrusted_time")]
pub fn elapsed(&self) -> Result<Duration, SystemTimeError> {
SystemTime::now().duration_since(*self)
}
diff --git a/sgx_tunittest/Cargo.toml b/sgx_tunittest/Cargo.toml
index 9b6f366..9a92e88 100644
--- a/sgx_tunittest/Cargo.toml
+++ b/sgx_tunittest/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "sgx_tunittest"
-version = "0.9.5"
+version = "0.9.6"
authors = ["Baidu"]
[lib]
diff --git a/sgx_types/Cargo.toml b/sgx_types/Cargo.toml
index ab44872..cc550e1 100644
--- a/sgx_types/Cargo.toml
+++ b/sgx_types/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "sgx_types"
-version = "0.9.5"
+version = "0.9.6"
authors = ["Baidu"]
[lib]
diff --git a/sgx_urts/Cargo.toml b/sgx_urts/Cargo.toml
index 5ebfd6b..75840d7 100644
--- a/sgx_urts/Cargo.toml
+++ b/sgx_urts/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "sgx_urts"
-version = "0.9.5"
+version = "0.9.6"
authors = ["Baidu"]
[lib]
diff --git a/third_party/cfg-if/Xargo.toml b/third_party/cfg-if/Xargo.toml
new file mode 100644
index 0000000..ff44231
--- /dev/null
+++ b/third_party/cfg-if/Xargo.toml
@@ -0,0 +1,25 @@
+[dependencies]
+alloc = {}
+panic_unwind = {}
+panic_abort = {}
+
+[dependencies.compiler_builtins]
+features = ["c", "compiler-builtins"]
+git = "https://github.com/rust-lang-nursery/compiler-builtins"
+stage = 1
+
+[dependencies.std]
+path = "../../xargo/sgx_tstd"
+stage = 2
+
+[dependencies.sgx_rand]
+path = "../../xargo/sgx_rand"
+stage = 3
+
+[dependencies.sgx_serialize]
+path = "../../xargo/sgx_serialize"
+stage = 3
+
+[dependencies.sgx_tunittest]
+path = "../../xargo/sgx_tunittest"
+stage = 3
\ No newline at end of file
diff --git a/third_party/num/integer/Xargo.toml b/third_party/num/integer/Xargo.toml
new file mode 100644
index 0000000..8457060
--- /dev/null
+++ b/third_party/num/integer/Xargo.toml
@@ -0,0 +1,25 @@
+[dependencies]
+alloc = {}
+panic_unwind = {}
+panic_abort = {}
+
+[dependencies.compiler_builtins]
+features = ["c", "compiler-builtins"]
+git = "https://github.com/rust-lang-nursery/compiler-builtins"
+stage = 1
+
+[dependencies.std]
+path = "../../../xargo/sgx_tstd"
+stage = 2
+
+[dependencies.sgx_rand]
+path = "../../../xargo/sgx_rand"
+stage = 3
+
+[dependencies.sgx_serialize]
+path = "../../../xargo/sgx_serialize"
+stage = 3
+
+[dependencies.sgx_tunittest]
+path = "../../../xargo/sgx_tunittest"
+stage = 3
\ No newline at end of file
diff --git a/third_party/num/iter/Xargo.toml b/third_party/num/iter/Xargo.toml
new file mode 100644
index 0000000..8457060
--- /dev/null
+++ b/third_party/num/iter/Xargo.toml
@@ -0,0 +1,25 @@
+[dependencies]
+alloc = {}
+panic_unwind = {}
+panic_abort = {}
+
+[dependencies.compiler_builtins]
+features = ["c", "compiler-builtins"]
+git = "https://github.com/rust-lang-nursery/compiler-builtins"
+stage = 1
+
+[dependencies.std]
+path = "../../../xargo/sgx_tstd"
+stage = 2
+
+[dependencies.sgx_rand]
+path = "../../../xargo/sgx_rand"
+stage = 3
+
+[dependencies.sgx_serialize]
+path = "../../../xargo/sgx_serialize"
+stage = 3
+
+[dependencies.sgx_tunittest]
+path = "../../../xargo/sgx_tunittest"
+stage = 3
\ No newline at end of file
diff --git a/third_party/num/traits/Xargo.toml b/third_party/num/traits/Xargo.toml
new file mode 100644
index 0000000..8457060
--- /dev/null
+++ b/third_party/num/traits/Xargo.toml
@@ -0,0 +1,25 @@
+[dependencies]
+alloc = {}
+panic_unwind = {}
+panic_abort = {}
+
+[dependencies.compiler_builtins]
+features = ["c", "compiler-builtins"]
+git = "https://github.com/rust-lang-nursery/compiler-builtins"
+stage = 1
+
+[dependencies.std]
+path = "../../../xargo/sgx_tstd"
+stage = 2
+
+[dependencies.sgx_rand]
+path = "../../../xargo/sgx_rand"
+stage = 3
+
+[dependencies.sgx_serialize]
+path = "../../../xargo/sgx_serialize"
+stage = 3
+
+[dependencies.sgx_tunittest]
+path = "../../../xargo/sgx_tunittest"
+stage = 3
\ No newline at end of file
diff --git a/third_party/rawpointer/Xargo.toml b/third_party/rawpointer/Xargo.toml
new file mode 100644
index 0000000..ff44231
--- /dev/null
+++ b/third_party/rawpointer/Xargo.toml
@@ -0,0 +1,25 @@
+[dependencies]
+alloc = {}
+panic_unwind = {}
+panic_abort = {}
+
+[dependencies.compiler_builtins]
+features = ["c", "compiler-builtins"]
+git = "https://github.com/rust-lang-nursery/compiler-builtins"
+stage = 1
+
+[dependencies.std]
+path = "../../xargo/sgx_tstd"
+stage = 2
+
+[dependencies.sgx_rand]
+path = "../../xargo/sgx_rand"
+stage = 3
+
+[dependencies.sgx_serialize]
+path = "../../xargo/sgx_serialize"
+stage = 3
+
+[dependencies.sgx_tunittest]
+path = "../../xargo/sgx_tunittest"
+stage = 3
\ No newline at end of file
diff --git a/third_party/rulinalg/Cargo.toml b/third_party/rulinalg/Cargo.toml
index f0194db..76d8480 100644
--- a/third_party/rulinalg/Cargo.toml
+++ b/third_party/rulinalg/Cargo.toml
@@ -15,7 +15,7 @@
io = ["csv", "rustc-serialize"]
[target.'cfg(not(target_env = "sgx"))'.dependencies]
-sgx_tstd = { path = "../../sgx_tstd" }
+sgx_tstd = { path = "../../sgx_tstd", features = ["untrusted_fs"] }
[dependencies]
num = {path = "../num", default-features = false }
diff --git a/third_party/rulinalg/Xargo.toml b/third_party/rulinalg/Xargo.toml
index ff44231..01d5cb0 100644
--- a/third_party/rulinalg/Xargo.toml
+++ b/third_party/rulinalg/Xargo.toml
@@ -10,6 +10,7 @@
[dependencies.std]
path = "../../xargo/sgx_tstd"
+features = ["untrusted_fs"]
stage = 2
[dependencies.sgx_rand]
diff --git a/third_party/rust-csv/.gitignore b/third_party/rust-csv/.gitignore
new file mode 100644
index 0000000..d24edbd
--- /dev/null
+++ b/third_party/rust-csv/.gitignore
@@ -0,0 +1,9 @@
+.*.swp
+doc
+tags
+examples/ss10pusa.csv
+build
+target
+Cargo.lock
+scratch*
+bench_large/huge
diff --git a/third_party/rust-csv/.travis.yml b/third_party/rust-csv/.travis.yml
new file mode 100644
index 0000000..13f9444
--- /dev/null
+++ b/third_party/rust-csv/.travis.yml
@@ -0,0 +1,18 @@
+dist: trusty
+language: rust
+rust:
+ - 1.15.0
+ - stable
+ - beta
+ - nightly
+script:
+ - ./ci/check-copy cookbook
+ - ./ci/check-copy tutorial
+ - cargo build --verbose
+ - cargo test --verbose
+ - cargo test --verbose --manifest-path csv-core/Cargo.toml
+ - cargo test --verbose --manifest-path csv-index/Cargo.toml
+ - cargo doc
+ - if [ "$TRAVIS_RUST_VERSION" = "nightly" ]; then
+ cargo bench --verbose --no-run;
+ fi
diff --git a/third_party/rust-csv/Cargo.toml b/third_party/rust-csv/Cargo.toml
index b7b97fb..17a7b23 100644
--- a/third_party/rust-csv/Cargo.toml
+++ b/third_party/rust-csv/Cargo.toml
@@ -19,7 +19,7 @@
bench = false
[target.'cfg(not(target_env = "sgx"))'.dependencies]
-sgx_tstd = { path = "../../sgx_tstd" }
+sgx_tstd = { path = "../../sgx_tstd", features = ["untrusted_fs"] }
[dependencies]
csv-core = { path = "csv-core", version = "0.1.3" }
diff --git a/third_party/rust-csv/Xargo.toml b/third_party/rust-csv/Xargo.toml
index ff44231..01d5cb0 100644
--- a/third_party/rust-csv/Xargo.toml
+++ b/third_party/rust-csv/Xargo.toml
@@ -10,6 +10,7 @@
[dependencies.std]
path = "../../xargo/sgx_tstd"
+features = ["untrusted_fs"]
stage = 2
[dependencies.sgx_rand]
diff --git a/third_party/rust-csv/csv-core/Xargo.toml b/third_party/rust-csv/csv-core/Xargo.toml
new file mode 100644
index 0000000..8457060
--- /dev/null
+++ b/third_party/rust-csv/csv-core/Xargo.toml
@@ -0,0 +1,25 @@
+[dependencies]
+alloc = {}
+panic_unwind = {}
+panic_abort = {}
+
+[dependencies.compiler_builtins]
+features = ["c", "compiler-builtins"]
+git = "https://github.com/rust-lang-nursery/compiler-builtins"
+stage = 1
+
+[dependencies.std]
+path = "../../../xargo/sgx_tstd"
+stage = 2
+
+[dependencies.sgx_rand]
+path = "../../../xargo/sgx_rand"
+stage = 3
+
+[dependencies.sgx_serialize]
+path = "../../../xargo/sgx_serialize"
+stage = 3
+
+[dependencies.sgx_tunittest]
+path = "../../../xargo/sgx_tunittest"
+stage = 3
\ No newline at end of file
diff --git a/third_party/rust-csv/csv-index/Xargo.toml b/third_party/rust-csv/csv-index/Xargo.toml
new file mode 100644
index 0000000..8457060
--- /dev/null
+++ b/third_party/rust-csv/csv-index/Xargo.toml
@@ -0,0 +1,25 @@
+[dependencies]
+alloc = {}
+panic_unwind = {}
+panic_abort = {}
+
+[dependencies.compiler_builtins]
+features = ["c", "compiler-builtins"]
+git = "https://github.com/rust-lang-nursery/compiler-builtins"
+stage = 1
+
+[dependencies.std]
+path = "../../../xargo/sgx_tstd"
+stage = 2
+
+[dependencies.sgx_rand]
+path = "../../../xargo/sgx_rand"
+stage = 3
+
+[dependencies.sgx_serialize]
+path = "../../../xargo/sgx_serialize"
+stage = 3
+
+[dependencies.sgx_tunittest]
+path = "../../../xargo/sgx_tunittest"
+stage = 3
\ No newline at end of file
diff --git a/third_party/rustls/Cargo.toml b/third_party/rustls/Cargo.toml
index 4ff7e9c..9af0b31 100644
--- a/third_party/rustls/Cargo.toml
+++ b/third_party/rustls/Cargo.toml
@@ -10,7 +10,7 @@
categories = ["network-programming", "cryptography"]
[target.'cfg(not(target_env = "sgx"))'.dependencies]
-sgx_tstd = { path = "../../sgx_tstd" }
+sgx_tstd = { path = "../../sgx_tstd", features = ["untrusted_time"] }
[dependencies]
untrusted = { version = "0.6", path = "../untrusted" }
diff --git a/third_party/rustls/Xargo.toml b/third_party/rustls/Xargo.toml
index ff44231..ad7f49c 100644
--- a/third_party/rustls/Xargo.toml
+++ b/third_party/rustls/Xargo.toml
@@ -10,6 +10,7 @@
[dependencies.std]
path = "../../xargo/sgx_tstd"
+features = ["untrusted_time"]
stage = 2
[dependencies.sgx_rand]
diff --git a/third_party/rusty-machine/Cargo.toml b/third_party/rusty-machine/Cargo.toml
index f741d0f..5c7382d 100644
--- a/third_party/rusty-machine/Cargo.toml
+++ b/third_party/rusty-machine/Cargo.toml
@@ -16,7 +16,7 @@
datasets = []
[target.'cfg(not(target_env = "sgx"))'.dependencies]
-sgx_tstd = { path = "../../sgx_tstd" }
+sgx_tstd = { path = "../../sgx_tstd", features = ["untrusted_fs"] }
sgx_rand = { path = "../../sgx_rand"}
[dependencies]
diff --git a/third_party/rusty-machine/Xargo.toml b/third_party/rusty-machine/Xargo.toml
index ff44231..01d5cb0 100644
--- a/third_party/rusty-machine/Xargo.toml
+++ b/third_party/rusty-machine/Xargo.toml
@@ -10,6 +10,7 @@
[dependencies.std]
path = "../../xargo/sgx_tstd"
+features = ["untrusted_fs"]
stage = 2
[dependencies.sgx_rand]
diff --git a/third_party/untrusted/Xargo.toml b/third_party/untrusted/Xargo.toml
new file mode 100644
index 0000000..ff44231
--- /dev/null
+++ b/third_party/untrusted/Xargo.toml
@@ -0,0 +1,25 @@
+[dependencies]
+alloc = {}
+panic_unwind = {}
+panic_abort = {}
+
+[dependencies.compiler_builtins]
+features = ["c", "compiler-builtins"]
+git = "https://github.com/rust-lang-nursery/compiler-builtins"
+stage = 1
+
+[dependencies.std]
+path = "../../xargo/sgx_tstd"
+stage = 2
+
+[dependencies.sgx_rand]
+path = "../../xargo/sgx_rand"
+stage = 3
+
+[dependencies.sgx_serialize]
+path = "../../xargo/sgx_serialize"
+stage = 3
+
+[dependencies.sgx_tunittest]
+path = "../../xargo/sgx_tunittest"
+stage = 3
\ No newline at end of file
diff --git a/third_party/webpki/Cargo.toml b/third_party/webpki/Cargo.toml
index c1c1dc3..a782235 100644
--- a/third_party/webpki/Cargo.toml
+++ b/third_party/webpki/Cargo.toml
@@ -63,7 +63,7 @@
std = []
[target.'cfg(not(target_env = "sgx"))'.dependencies]
-sgx_tstd = { path = "../../sgx_tstd" }
+sgx_tstd = { path = "../../sgx_tstd", features = ["untrusted_time"] }
[dependencies]
ring = { path = "../ring" }
diff --git a/third_party/webpki/Xargo.toml b/third_party/webpki/Xargo.toml
index ff44231..ad7f49c 100644
--- a/third_party/webpki/Xargo.toml
+++ b/third_party/webpki/Xargo.toml
@@ -10,6 +10,7 @@
[dependencies.std]
path = "../../xargo/sgx_tstd"
+features = ["untrusted_time"]
stage = 2
[dependencies.sgx_rand]
diff --git a/xargo/sgx_rand/Cargo.toml b/xargo/sgx_rand/Cargo.toml
index 502fe7a..b14cdbf 100644
--- a/xargo/sgx_rand/Cargo.toml
+++ b/xargo/sgx_rand/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "sgx_rand"
-version = "0.9.5"
+version = "0.9.6"
authors = ["Baidu"]
[lib]
diff --git a/xargo/sgx_serialize/Cargo.toml b/xargo/sgx_serialize/Cargo.toml
index 165d6f9..e0ea5a2 100644
--- a/xargo/sgx_serialize/Cargo.toml
+++ b/xargo/sgx_serialize/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "sgx_serialize"
-version = "0.9.5"
+version = "0.9.6"
authors = ["Baidu"]
[lib]
diff --git a/xargo/sgx_tstd/Cargo.toml b/xargo/sgx_tstd/Cargo.toml
index c211e45..84a8a4d 100644
--- a/xargo/sgx_tstd/Cargo.toml
+++ b/xargo/sgx_tstd/Cargo.toml
@@ -10,9 +10,12 @@
crate-type = ["rlib"]
[features]
-default = ["backtrace"]
+default = ["stdio"]
backtrace = ["stdio"]
stdio = []
+untrusted_fs = []
+untrusted_net = []
+untrusted_time = []
[build-dependencies]
build_helper = { path = "../../build_helper" }
diff --git a/xargo/sgx_tunittest/Cargo.toml b/xargo/sgx_tunittest/Cargo.toml
index aa19cab..8de1cd7 100644
--- a/xargo/sgx_tunittest/Cargo.toml
+++ b/xargo/sgx_tunittest/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "sgx_tunittest"
-version = "0.9.5"
+version = "0.9.6"
authors = ["Baidu"]
[lib]