search

bl4ck5un / mbedtls-SGX

mbedtls-SGX: a SGX-friendly TLS stack (ported from mbedtls)
Apache License 2.0
91 stars 32 forks source link

Undefined reference to dummy #9

Closed aslibman closed 6 years ago

aslibman commented 6 years ago

I've linked libmbedtls_sgx_u.a and libmbedtls_sgx_u.t to the untrusted part and enclave in my project, but including trusted/mbedtls_sgx.edl in my .edl file leads to the following error during build:

Enclave/Enclave_t.o: In function `sgx_dummy':
/home/vagrant/shared/xchange/Enclave/Enclave_t.c:107: undefined reference to `dummy'
collect2: error: ld returned 1 exit status
Makefile:249: recipe for target 'enclave.so' failed
make: *** [enclave.so] Error 1

Commenting out the dummy declaration in mbedtls_SGX.edl avoids this issue however.

bl4ck5un commented 6 years ago

You'll also need to link libmbedtls_sgx_t.a to your enclave.

aslibman commented 6 years ago

Sorry, looks like I made a typo in the original comment. I have already linked libmbedtls_sgx_t.a to my enclave.

bl4ck5un commented 6 years ago

First of all, make sure to use the up-to-date master. Can you do the following and see if the problem persists?

mkdir build
cd build && cmake .. && make -j && make install

You'll get 

mbedtls_SGX-2.6.0
├── include
│   └── mbedtls
└── lib
    ├── libmbedtls_SGX_t.a
    ├── libmbedtls_SGX_u.a
    └── mbedtls_SGX.edl

Then link libmbedtls_SGX_t.a to your enclave.

bl4ck5un commented 6 years ago

Could you also report the output of nm libmbedtls_SGX_t.a | grep dummy? Mine is

$ nm libmbedtls_SGX_t.a | grep dummy 
00000000000006df t entropy_dummy_source
000000000000c75b t ssl_cookie_check_dummy
000000000000c73c t ssl_cookie_write_dummy
                 U dummy
0000000000000000 t sgx_dummy
dummy.c.o:
0000000000000000 T dummy
aslibman commented 6 years ago

The issue still persists.

nm libmbedtls_SGX_t.a | grep dummy
                 U dummy
0000000000000000 t sgx_dummy
00000000000006df t entropy_dummy_source
000000000000c701 t ssl_cookie_check_dummy
000000000000c6e2 t ssl_cookie_write_dummy
bl4ck5un commented 6 years ago

Seems like dummy.c somehow is not compiled? Can you do a clean build (i.e. deleting everything in the build dir) and see what's the output of make -Bn | grep dummy?

aslibman commented 6 years ago 
/usr/bin/cmake -E cmake_echo_color --switch= --green --progress-dir=/home/vagrant/shared/xchange/mbedtls-SGX/build/CMakeFiles --progress-num=75 "Building C object trusted/CMakeFiles/mbedtls_SGX_t.dir/dummy.c.o"
cd /home/vagrant/shared/xchange/mbedtls-SGX/build/trusted && /usr/bin/cc   -I/home/vagrant/shared/xchange/mbedtls-SGX/trusted/ -I/home/vagrant/shared/xchange/mbedtls-SGX/trusted/mbedtls-2.6.0/include -I/opt/intel/sgxsdk/include -I/opt/intel/sgxsdk/include/tlibc -I/opt/intel/sgxsdk/include/stlport  -DDEBUG -UNDEBUG -UEDEBUG -m64 -O0 -g -nostdinc -fvisibility=hidden -fpie -fstack-protector   -o CMakeFiles/mbedtls_SGX_t.dir/dummy.c.o   -c /home/vagrant/shared/xchange/mbedtls-SGX/trusted/dummy.c
bl4ck5un commented 6 years ago

That seems fine. Can you compile the examples?

aslibman commented 6 years ago

Yes, the examples compile.

bl4ck5un commented 6 years ago

Did you import the EDL file?

aslibman commented 6 years ago

Yes, in my own EDL file I have from "../mbedtls-SGX/trusted/mbedtls_SGX.edl" import *;

bl4ck5un commented 6 years ago

Okay. If the examples compile, then the library is fine. I’ll need more source code to debug.

aslibman commented 6 years ago

It is probably an issue with my linking then.

bl4ck5un commented 6 years ago

So I took a look at your Makefile. The crux of the problem is you have to link mbedtls in a group with SGX libs.

-Wl,--start-group  $(Mbedtls_SGX_t_Library_Name) -lsgx_tstdc -lsgx_tcxx -l$(Crypto_Library_Name) -l$(Service_Library_Name) -Wl,--end-group