search

apache / incubator-teaclave-sgx-sdk

Apache Teaclave (incubating) SGX SDK helps developers to write Intel SGX applications in the Rust programming language, and also known as Rust SGX SDK.
https://teaclave.apache.org
Apache License 2.0
1.17k stars 264 forks source link

Multi-threading mode causes `EnclaveLost` #432

Closed hiroki-chen closed 1 year ago

hiroki-chen commented 1 year ago

Hi all, recently I am using SDK to develop a simple multi-threading program, but sometimes ECall would fail. The branch I am on is v2.0.0-preview.

Steps to reproduce:

I used a modified code from incubator-teaclave-sgx-sdk/samplecode/helloworld/app/src/main.rs:


fn main() {
    let enclave = match SgxEnclave::create(ENCLAVE_FILE, true) {
        Ok(enclave) => {
            println!("[+] Init Enclave Successful {}!", enclave.eid());
            enclave
        }
        Err(err) => {
            println!("[-] Init Enclave Failed {}!", err.as_str());
            return;
        }
    };

    // let enclave = Arc::new(enclave);

    loop {
        let mut v = vec![];
        for _ in 0..16 {
            let eid = enclave.eid();

            let handle = thread::spawn(move || {
                let input_string =
                    String::from("This is a normal world string passed into Enclave!\n");
                let mut retval = SgxStatus::Success;

                let result = unsafe {
                    say_something(
                        eid,
                        &mut retval,
                        input_string.as_ptr() as *const u8,
                        input_string.len(),
                    )
                };
                match result {
                    SgxStatus::Success => println!("[+] ECall Success..."),
                    _ => println!("[-] ECall Enclave Failed {}!", result.as_str()),
                }
            });
            v.push(handle);
        }

        for handle in v {
            handle.join().unwrap();
        }
    }
}

The enclave's configuration is

<EnclaveConfiguration>
  <ProdID>0</ProdID>
  <ISVSVN>0</ISVSVN>
  <StackMaxSize>0x40000</StackMaxSize>
  <HeapMaxSize>0x1000000</HeapMaxSize>
  <TCSNum>32</TCSNum>
  <TCSPolicy>1</TCSPolicy>
  <DisableDebug>0</DisableDebug>
  <MiscSelect>0</MiscSelect>
  <MiscMask>0xFFFFFFFF</MiscMask>
</EnclaveConfiguration>

The output is

$ SGX_MOED=HW make && cd bin && ./app
# Previous outputs omitted.
This is a normal world string passed into Enclave!
This is a normal world string passed into Enclave!
This is a in-Enclave Rust string!
[+] ECall Success...
This is a in-Enclave Rust string!
[+] ECall Success...
[-] ECall Enclave Failed EnclaveLost!

Intel says this error can be triggered if there is a power transition or a Linux fork(), but I doubt this simple program would behave in such a complex way. I wonder where the root cause of this issue is. Is this caused by Rust SGX SDK or Intel's SDK? Thanks in advance!

hiroki-chen commented 1 year ago

@mssun, could you help with this? Thank you!

hiroki-chen commented 1 year ago

This error was fixed by increasing the EPC size, although it seemed irrelevant to the memory size. The error was also reported to Intel.