Linux 2.13 Open Source Gold Release

Added more logs in PSW components for identifying issues.
Upgraded OpenSSL and SgxSSL to latest version 1.1.1i in DCAP components.
Added data base migration support in PCCS.
Fixed bugs.

Signed-off-by: Li, Xun <[email protected]>

Author: llly

.gitignore

@@ -21,14 +21,11 @@
 # files downloaded in preparation phase
 Intel redistributable binary.txt
 Master_EULA_for_Intel_Sw_Development_Products.pdf
-external/ippcp_internal/inc/ippcp.h
-external/ippcp_internal/inc/ippcpdefs.h
-external/ippcp_internal/inc/ippversion.h
-external/ippcp_internal/inc/sgx_ippcp.h
-external/ippcp_internal/license/
+external/ippcp_internal/
 external/toolset/
 psw/ae/data/prebuilt/README.md
 redist.txt
 
 # directory created when running reproducibility scripts
 linux/reproducibility/code_dir/
+

README.md

@@ -1,3 +1,5 @@
+
+
 Intel(R) Software Guard Extensions for Linux\* OS
 ================================================
 
@@ -29,6 +31,7 @@ Intel(R) Software Guard Extensions for Linux\* OS
     * [Configure the Proxy for aesmd Service](#configure-the-proxy-for-aesmd-service)
 * [Reproducibility](#reproducibility)
 
+
 Introduction
 ------------
 Intel(R) Software Guard Extensions (Intel(R) SGX) is an Intel technology for application developers seeking to protect select code and data from disclosure or modification.
@@ -159,12 +162,23 @@ You can find the three flavors of tools and libraries generated in the `build` d
 - This repository supports to build the Intel(R) SGX SDK with below three combinations:
   * `USE_OPT_LIBS=0` --- build SDK using SGXSSL and open sourced String/Math
   * `USE_OPT_LIBS=1` --- build SDK using optimized IPP crypto and open sourced String/Math
+  * `USE_OPT_LIBS=2` --- build SDK with no mitigation using SGXSSL and optimized String/Math   
+  * `USE_OPT_LIBS=3` --- build SDK with no mitigation using IPP crypto and optimized String/Math   
   The default build uses `USE_OPT_LIBS=1`, if you directly type `$ make sdk` as above.
-  You can switch to the other build combination instead by entering the following command:
+  You can switch to the other build combinations instead by entering the following command:
 ```
   $ make sdk USE_OPT_LIBS=0
+```
+or  
+```
+  $ make sdk_no_mitigation USE_OPT_LIBS=2
+```
+or  
+```
+  $ make sdk_no_mitigation USE_OPT_LIBS=3
 ```
   **Note**: Building the Intel(R) SGX PSW with open sourced SGXSSL/string/math libraries is not supported. 
+  **Note**: Building mitigation SDK with `USE_OPT_LIBS=2` or `USE_OPT_LIBS=3` is not allowed.
 
 - To build Intel(R) SGX SDK with debug information, enter the following command:
 ```
@@ -381,7 +395,7 @@ Install the Intel(R) SGX PSW
   ```
 
 ### Install the Intel(R) SGX PSW
-- The SGX PSW provides 3 services: launch, EPID-based attestation, and algorithm agnostic attestation. Starting with the 2.8 release, the SGX PSW is split into smaller packages and the user can choose which features and services to install. There are 2 methods to install the required packages: Using individual packages or using the local repo generated by the build system. Using the local repo is recommended since the system will resolve the dependencies automatically. Currently, we support .deb and .rpm based repos. 
+The SGX PSW provides 3 services: launch, EPID-based attestation, and algorithm agnostic attestation. Starting with the 2.8 release, the SGX PSW is split into smaller packages and the user can choose which features and services to install. There are 2 methods to install the required packages: Using individual packages or using the local repo generated by the build system. Using the local repo is recommended since the system will resolve the dependencies automatically. Currently, we support .deb and .rpm based repos. 
 
 #### Using the local repo(recommended)
 
@@ -394,7 +408,7 @@ Install the Intel(R) SGX PSW
 
 Optionally, you can install *-dbgsym or *-debuginfo packages to get the debug symbols, and install *-dev or *-devel packages to get the header files for development.
 
-**NOTE**: To debug with sgx-gdb on Ubuntu 16.04, you need to ensure the Intel(R) SGX PSW is built under the condition that the environment variable ``DEB_BUILD_OPTIONS="nostrip"`` is set.
+**NOTE**: To debug with sgx-gdb on Ubuntu 16.04, you need to ensure the Intel(R) SGX PSW is built under the condition that the environment variable ``DEB_BUILD_OPTIONS="nostrip"`` is set. 
 
 #### Using the individual packages
 Please refer [Intel_SGX_Installation_Guide_Linux](https://download.01.org/intel-sgx/latest/linux-latest/docs/) for detail.
@@ -406,7 +420,6 @@ Sometimes we will split old package into smaller ones or move file between diffe
 ```
 apt-get dist-upgrade -o Dpkg::Options::="--force-overwrite"
 ```
-
 #### Configure the installation
 Some packages are configured with recommended dependency on other packages that are not required for certain usage. For instance, the background daemon is not required for container usage. It will be installed by default, but you can drop it by using the additional option during the installation.
 * On Ubuntu 16.04, Ubuntu 18.04 and Ubuntu 20.04:

SampleCode/LocalAttestation/AppResponder/App.cpp

@@ -60,8 +60,8 @@
 #define scanf_s scanf
 #define _tmain  main
 
-CPTask * g_cptask;
-CPServer * g_cpserver;
+CPTask * g_cptask = NULL;
+CPServer * g_cpserver = NULL;
 
 void signal_handler(int sig)
 {
@@ -81,6 +81,14 @@ void signal_handler(int sig)
     exit(1);
 }
 
+void cleanup()
+{
+    if(g_cptask != NULL)
+        delete g_cptask;
+    if(g_cpserver != NULL)
+        delete g_cpserver;
+}
+
 int  main(int argc, char* argv[])
 {
     (void)argc;
@@ -93,6 +101,8 @@ int  main(int argc, char* argv[])
     if (!g_cptask || !g_cpserver)
          return -1;
 
+    atexit(cleanup);
+
     // register signal handler so to respond to user interception
     signal(SIGINT, signal_handler);
     signal(SIGTERM, signal_handler);
@@ -108,6 +118,6 @@ int  main(int argc, char* argv[])
          printf("Press Ctrl+C to exit...\n");
          g_cpserver->doWork();
     }
-
+    
     return 0;
 }

SampleCode/LocalAttestation/AppResponder/Queue.h

@@ -145,7 +145,7 @@ T* Queue<T>::blockingPop()
             {
                 value = m_queue.front();
                 m_queue.pop();
-                delete value;
+                free(value);
             }
             value = NULL;			
             break;

SampleCode/LocalAttestation/AppResponder/Thread.cpp

@@ -63,11 +63,6 @@ bool Thread::isStopped()
     return m_shutDown;
 }
 
-/*virtual*/
-void  Thread::run()
-{
-}
-
 void* Thread::doWork(void* param)
 {
     try

buildenv.mk

@@ -249,14 +249,56 @@ ENCLAVE_LDFLAGS  = -B$(BINUTILS_DIR) $(COMMON_LDFLAGS) -Wl,-Bstatic -Wl,-Bsymbol
 ENCLAVE_CFLAGS += $(MITIGATION_CFLAGS)
 ENCLAVE_ASFLAGS = $(MITIGATION_ASFLAGS)
 
-# Two build combinations are supported to build SGX SDK:
-#   'USE_OPT_LIBS=0' --- build SDK using SGXSSL + open sourced String/Math
-#   'USE_OPT_LIBS=1' --- build SDK using optimized IPP crypto + open sourced String/Math
+# We have below choices as to crypto, math and string libs:
+# 1. crypto - SGXSSL (0), IPP crypto (1)
+# 2. math   - optimized (0), open sourced (1)
+# 3. string - optimized (0), open sourced (1)
 #
-# By default, choose to build SDK using optimized IPP crypto and open sourced String/Math.
-# Users could build the SDK using SGXSSL + open sourced String/Math by explicitly 
-# specifying 'USE_OPT_LIBS=0'
+# A macro 'USE_OPT_LIBS' is provided to allow users to build 
+# SGX SDK with different library combination by setting different 
+# value to 'USE_OPT_LIBS'.
+# By default, choose to build SDK using optimized IPP crypto +
+# open sourced string + open sourced math.
+#
+# IPP + open sourced string + open sourced math
 USE_OPT_LIBS ?= 1
+USE_CRYPTO_LIB ?= 1
+USE_STRING_LIB ?= 1
+USE_MATH_LIB ?= 1
+
+ifeq ($(USE_OPT_LIBS), 0)
+# SGXSSL + open sourced string + open sourced math
+    USE_CRYPTO_LIB := 0 
+    USE_MATH_LIB := 1
+    USE_STRING_LIB := 1
+else ifeq ($(USE_OPT_LIBS), 2)
+# SGXSSL + optimized string + optimized math
+    USE_CRYPTO_LIB := 0
+    USE_MATH_LIB := 0
+    USE_STRING_LIB := 0
+else ifeq ($(USE_OPT_LIBS), 3)
+# IPP + optimized string + optimized math
+    USE_CRYPTO_LIB := 1
+    USE_MATH_LIB := 0
+    USE_STRING_LIB := 0
+endif
+
+# macro check
+ifeq ($(USE_MATH_LIB), 0)
+ifneq ($(USE_STRING_LIB), 0)
+$(error ERROR: Optimized math library depends on Optimized string library)
+endif
+endif
+
+ifneq ($(MITIGATION-CVE-2020-0551),)
+ifeq ($(USE_STRING_LIB), 0)
+$(error ERROR: Cannot build a mitigation SDK with Optimized string/math)
+endif
+ifeq ($(USE_MATH_LIB), 0)
+$(error ERROR: Cannot build a mitigation SDK with Optimized string/math)
+endif
+endif
+
 
 IPP_SUBDIR = no_mitigation
 ifeq ($(MITIGATION-CVE-2020-0551), LOAD)

common/inc/internal/se_trace.h

@@ -41,10 +41,10 @@
 
 typedef enum
 {
-	SE_TRACE_ERROR,
-	SE_TRACE_WARNING,
-	SE_TRACE_NOTICE,
-	SE_TRACE_DEBUG
+    SE_TRACE_ERROR,
+    SE_TRACE_WARNING,
+    SE_TRACE_NOTICE,
+    SE_TRACE_DEBUG
 } se_trace_t;
 
 #ifndef SE_DEBUG_LEVEL
@@ -55,35 +55,56 @@ typedef enum
 #ifdef __cplusplus
 extern "C" {
 #endif
-int se_trace_internal(int debug_level, const char *fmt, ...);
-
+void se_trace_internal(int debug_level, const char *fmt, ...);
+void sgx_proc_log_report_default(int channel, int debug_level, const char* fmt, ...);
+void  __attribute__((weak)) sgx_proc_log_report(int level, const char* format, ...);
 #ifdef __cplusplus
 }
 #endif
 
+
 /* For libraries, we usually define DISABLE_TRACE to disable any trace. */
 /* For apps, we usually enable trace. */
 #ifdef DISABLE_TRACE
 #define SE_TRACE(...)
 #define se_trace(...)
+#define se_trace_verbose(...)
 #else /* DISABLE_TRACE */
-#define se_trace(debug_level, fmt, ...)     \
-    do {                                    \
-        if(debug_level <= SE_DEBUG_LEVEL)   \
-            se_trace_internal(debug_level, fmt, ##__VA_ARGS__);       \
+#define se_trace_verbose(debug_level, fmt, ...)     \
+    do {                                            \
+        se_trace_t trace_level = debug_level;       \
+        if(trace_level <= SE_DEBUG_LEVEL)           \
+            se_trace_internal(trace_level, "[%s %s:%d] " fmt, __FUNCTION__, __FILE__, __LINE__, ##__VA_ARGS__);       \
+    }while(0)
+
+#define se_trace(debug_level, fmt, ...)         \
+    do {                                        \
+        se_trace_t trace_level = debug_level;   \
+        if(trace_level <= SE_DEBUG_LEVEL)       \
+            se_trace_internal(trace_level, fmt, ##__VA_ARGS__);       \
     }while(0)
 
 /* For compatibility, SE_TRACE/se_trace is used in old code. */
 /* New code should use SE_TRACE_DEBUG, SE_TRACE_NOTICE, SE_TRACE_WARNING, SE_TRACE_ERROR */
 #define SE_TRACE(debug_level, fmt, ...) \
-	    se_trace(debug_level, "[%s %s:%d] " fmt, __FUNCTION__, __FILE__, __LINE__, ##__VA_ARGS__)
+        se_trace_verbose(debug_level, fmt, ##__VA_ARGS__)
 #endif/* DISABLE_TRACE */
 
 /* SE_TRACE_DEBUG and SE_TRACE_NOTICE print the debug information plus message. */
-#define SE_TRACE_DEBUG(fmt, ...) se_trace(SE_TRACE_DEBUG, "[%s %s:%d] " fmt, __FUNCTION__, __FILE__, __LINE__, ##__VA_ARGS__)
-#define SE_TRACE_NOTICE(fmt, ...) se_trace(SE_TRACE_NOTICE, "[%s %s:%d] " fmt, __FUNCTION__, __FILE__, __LINE__, ##__VA_ARGS__)
-/* SE_TRACE_WARNING and SE_TRACE_ERROR only print message. */
+#define SE_TRACE_DEBUG(fmt, ...) se_trace_verbose(SE_TRACE_DEBUG, fmt, ##__VA_ARGS__)
+#define SE_TRACE_NOTICE(fmt, ...) se_trace_verbose(SE_TRACE_NOTICE, fmt, ##__VA_ARGS__)
+//SE_TRACE_WARNING and SE_TRACE_ERROR only print message.
 #define SE_TRACE_WARNING(fmt, ...) se_trace(SE_TRACE_WARNING, fmt, ##__VA_ARGS__)
 #define SE_TRACE_ERROR(fmt, ...) se_trace(SE_TRACE_ERROR, fmt, ##__VA_ARGS__)
 
+/* SE_PROD_LOG will output message to stdout by default in production mode.
+   When the executable is running as daemon, it will output to syslog. */
+#define SE_PROD_LOG(fmt, ...)                                                                                       \
+    do {                                                                                                            \
+        if(sgx_proc_log_report) {                                                                                   \
+            sgx_proc_log_report(1, "[%s %s:%d] " fmt, __FUNCTION__, __FILE__, __LINE__, ##__VA_ARGS__);             \
+        } else {                                                                                                    \
+            se_trace_internal(SE_TRACE_ERROR, "[%s %s:%d] " fmt, __FUNCTION__, __FILE__, __LINE__, ##__VA_ARGS__);  \
+        }                                                                                                           \
+    }while(0)
 #endif

common/inc/internal/se_version.h

@@ -31,20 +31,20 @@
 #ifndef _SE_VERSION_H_
 #define _SE_VERSION_H_
 
-#define STRFILEVER    "2.12.100.3"
+#define STRFILEVER    "2.13.100.4"
 #define SGX_MAJOR_VERSION       2
-#define SGX_MINOR_VERSION       12
+#define SGX_MINOR_VERSION       13
 #define SGX_REVISION_VERSION    100
 #define MAKE_VERSION_UINT(major,minor,rev)  (((uint64_t)major)<<32 | ((uint64_t)minor) << 16 | rev)
 #define VERSION_UINT        MAKE_VERSION_UINT(SGX_MAJOR_VERSION, SGX_MINOR_VERSION, SGX_REVISION_VERSION)
 
-#define COPYRIGHT      "Copyright (C) 2020 Intel Corporation"
+#define COPYRIGHT      "Copyright (C) 2021 Intel Corporation"
 
-#define UAE_SERVICE_VERSION       "2.3.206.3"
-#define URTS_VERSION              "1.1.110.3"
-#define ENCLAVE_COMMON_VERSION    "1.0.113.3"
-#define LAUNCH_VERSION            "1.0.108.3"
-#define EPID_VERSION              "1.0.108.3"
-#define QUOTE_EX_VERSION          "1.1.108.3"
+#define UAE_SERVICE_VERSION       "2.3.207.4"
+#define URTS_VERSION              "1.1.111.4"
+#define ENCLAVE_COMMON_VERSION    "1.0.114.4"
+#define LAUNCH_VERSION            "1.0.109.4"
+#define EPID_VERSION              "1.0.109.4"
+#define QUOTE_EX_VERSION          "1.1.109.4"
 
 #endif

common/inc/sgx_error.h

@@ -72,15 +72,15 @@ typedef enum _status_t
     SGX_ERROR_INVALID_LAUNCH_TOKEN = SGX_MK_ERROR(0x2011),    /* The launch token is not correct.*/
 
     SGX_ERROR_MAC_MISMATCH       = SGX_MK_ERROR(0x3001),      /* Indicates verification error for reports, sealed datas, etc */
-    SGX_ERROR_INVALID_ATTRIBUTE  = SGX_MK_ERROR(0x3002),      /* The enclave is not authorized */
+    SGX_ERROR_INVALID_ATTRIBUTE  = SGX_MK_ERROR(0x3002),      /* The enclave is not authorized, e.g., requesting invalid attribute or launch key access on legacy SGX platform without FLC  */
     SGX_ERROR_INVALID_CPUSVN     = SGX_MK_ERROR(0x3003),      /* The cpu svn is beyond platform's cpu svn value */
     SGX_ERROR_INVALID_ISVSVN     = SGX_MK_ERROR(0x3004),      /* The isv svn is greater than the enclave's isv svn */
     SGX_ERROR_INVALID_KEYNAME    = SGX_MK_ERROR(0x3005),      /* The key name is an unsupported value */
 
     SGX_ERROR_SERVICE_UNAVAILABLE       = SGX_MK_ERROR(0x4001),   /* Indicates aesm didn't respond or the requested service is not supported */
     SGX_ERROR_SERVICE_TIMEOUT           = SGX_MK_ERROR(0x4002),   /* The request to aesm timed out */
     SGX_ERROR_AE_INVALID_EPIDBLOB       = SGX_MK_ERROR(0x4003),   /* Indicates epid blob verification error */
-    SGX_ERROR_SERVICE_INVALID_PRIVILEGE = SGX_MK_ERROR(0x4004),   /* Enclave has no privilege to get launch token */
+    SGX_ERROR_SERVICE_INVALID_PRIVILEGE = SGX_MK_ERROR(0x4004),   /*  Enclave not authorized to run, .e.g. provisioning enclave hosted in an app without access rights to /dev/sgx_provision */
     SGX_ERROR_EPID_MEMBER_REVOKED       = SGX_MK_ERROR(0x4005),   /* The EPID group membership is revoked. */
     SGX_ERROR_UPDATE_NEEDED             = SGX_MK_ERROR(0x4006),   /* SGX needs to be updated */
     SGX_ERROR_NETWORK_FAILURE           = SGX_MK_ERROR(0x4007),   /* Network connecting or proxy setting issue is encountered */

common/src/se_trace.c

@@ -29,20 +29,34 @@
  *
  */
 
-
 #include "se_trace.h"
 #include <stdarg.h>
-int se_trace_internal(int debug_level, const char *fmt, ...)
+
+void sgx_proc_log_report_default(int channel, int debug_level, const char *fmt, ...)
+{
+    (void)channel;
+    va_list args;
+
+    va_start(args, fmt);
+    if (SE_TRACE_NOTICE == debug_level)
+        vfprintf(stdout, fmt, args);
+    else
+        vfprintf(stderr, fmt, args);
+    va_end(args);
+
+    return;
+}
+
+void se_trace_internal(int debug_level, const char *fmt, ...)
 {
     va_list args;
-    int ret = 0;
 
     va_start(args, fmt);
-    if(SE_TRACE_NOTICE == debug_level)
-        ret = vfprintf(stdout, fmt, args);
+    if (SE_TRACE_NOTICE == debug_level)
+        vfprintf(stdout, fmt, args);
     else
-        ret = vfprintf(stderr, fmt, args);
+        vfprintf(stderr, fmt, args);
     va_end(args);
 
-    return ret;
+    return;
 }