rune/libenclave: Use unified pal api interface

Use unified API symbols starting with 'pal_'. Signed-off-by: N jack.wxz <wangxiaozhe@linux.alibaba.com> Signed-off-by: N Tianjia Zhang <tianjia.zhang@linux.alibaba.com>

rune/libenclave: Use unified pal api interface
Use unified API symbols starting with 'pal_'. Signed-off-by: N jack.wxz <wangxiaozhe@linux.alibaba.com> Signed-off-by: N Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
62217e09 · jack.wxz · jia zhang · 003ec8c8 · 62217e09 · 62217e09
6 changed file
--- a/rune/libcontainer/nsenter/loader.c
+++ b/rune/libcontainer/nsenter/loader.c
@@ -28,16 +28,14 @@ struct pal_stdio_fds {
 	int stdin, stdout, stderr;
 };

-int *pal_version;
+
+int (*fptr_pal_get_version)(void);
 int (*fptr_pal_init)(const struct pal_attr_t *attr);
 int (*fptr_pal_exec)(const char *path, const char * const argv[],
 			const struct pal_stdio_fds *stdio, int *exit_code);
 int (*fptr_pal_kill)(int sig, int pid);
 int (*fptr_pal_destroy)(void);

-#define PAL_SO_PREFIX "liberpal-"
-#define PAL_SO_SUFFIX ".so"
-
 int is_enclave(void)
 {
 	const char *env;
@@ -49,8 +47,7 @@ int is_enclave(void)

 int load_enclave_runtime(void)
 {
-	const char *file, *basename, *suffix, *name;
-	int namelen;
+	const char *file;
 	const char *rootfs;
 	void *dl;

@@ -61,24 +58,6 @@ int load_enclave_runtime(void)
 	}
 	write_log(DEBUG, "_LIBCONTAINER_PAL_PATH = %s", file);

-	/* fetch basename */
-	basename = strrchr(file, '/');
-	if (basename)
-		basename += 1;  /* skip '/' */
-	else
-		basename = file;
-
-	/* check prefix and suffix */
-	if (strncmp(basename, PAL_SO_PREFIX, sizeof(PAL_SO_PREFIX) - 1) != 0)
-		return -ESRCH;
-	suffix = basename + strlen(basename) - sizeof(PAL_SO_SUFFIX) + 1;
-	if (strncmp(suffix, PAL_SO_SUFFIX, sizeof(PAL_SO_SUFFIX) - 1) != 0)
-		return -ESRCH;
-
-	/* pal name */
-	name = basename + sizeof(PAL_SO_PREFIX) - 1;
-	namelen = strlen(name) - sizeof(PAL_SO_SUFFIX) + 1;
-
 	/* dlopen */
 	rootfs = getenv("_LIBCONTAINER_PAL_ROOTFS");
 	if (rootfs && *rootfs != '\0') {
@@ -86,7 +65,7 @@ int load_enclave_runtime(void)
 		char ldpath[BUFSIZ];
 		const char *env_ldpath;

-		if (basename == file) {
+		if (*file != '/') {
 			write_log(DEBUG, "_LIBCONTAINER_PAL_PATH must be a absolute path");
 			return -ENOSPC;
 		}
@@ -116,17 +95,13 @@ int load_enclave_runtime(void)
 		return -ENOEXEC;
 	}

-	pal_version = dlsym(dl, "pal_version");
-	write_log(DEBUG, "dlsym(%s) = %p", "pal_version", pal_version);
-
 #define DLSYM(fn)								\
 	do {									\
-		char fname[64];							\
-		snprintf(fname, sizeof(fname), "%.*s_pal_%s", namelen, name, #fn); \
-		fptr_pal_ ## fn = dlsym(dl, fname);				\
-		write_log(DEBUG, "dlsym(%s) = %p", fname, fptr_pal_ ## fn);	\
+		fptr_pal_ ## fn = dlsym(dl, "pal_" #fn);				\
+		write_log(DEBUG, "dlsym(%s) = %p", "pal_" #fn, fptr_pal_ ## fn);	\
 	} while (0)

+	DLSYM(get_version);
 	DLSYM(init);
 	DLSYM(exec);
 	DLSYM(kill);

--- a/rune/libcontainer/nsenter/loader.go
+++ b/rune/libcontainer/nsenter/loader.go
@@ -17,7 +17,7 @@ struct pal_stdio_fds {
 	int stdin, stdout, stderr;
 };

-extern int *pal_version;
+extern int (*fptr_pal_get_version)(void);
 extern int (*fptr_pal_init)(const struct pal_attr_t *attr);
 extern int (*fptr_pal_exec)(const char *path, const char * const argv[],
 			const struct pal_stdio_fds *stdio, int *exit_code);
@@ -31,7 +31,7 @@ import (
 )

 func SymAddrPalVersion() unsafe.Pointer {
-	return unsafe.Pointer(C.pal_version)
+	return unsafe.Pointer(C.fptr_pal_get_version)
 }

 func SymAddrPalInit() unsafe.Pointer {

--- a/rune/libenclave/internal/runtime/enclave_runtime.go
+++ b/rune/libenclave/internal/runtime/enclave_runtime.go
@@ -10,7 +10,6 @@ import (
 )

 type EnclaveRuntime interface {
-	Name() string
 	Load(path string) error
 	Init(args string, logLevel string) error
 	Attest() error
@@ -43,9 +42,8 @@ func StartInitialization(config *configs.InitEnclaveConfig, logLevel string) (*E
 	if err != nil {
 		return nil, err
 	}
-	name := runtime.Name()

-	logrus.Infof("Initializing enclave runtime %s", name)
+	logrus.Infof("Initializing enclave runtime")
 	err = runtime.Init(config.Args, logLevel)
 	if err != nil {
 		return nil, err
@@ -58,13 +56,13 @@ func StartInitialization(config *configs.InitEnclaveConfig, logLevel string) (*E
 }

 func (rt *EnclaveRuntimeWrapper) LaunchAttestation() error {
-	logrus.Debugf("attesting enclave runtime %s", rt.runtime.Name())
+	logrus.Debugf("attesting enclave runtime")

 	return rt.runtime.Attest()
 }

 func (rt *EnclaveRuntimeWrapper) ExecutePayload(cmd []string, envp []string, stdio [3]*os.File) (int32, error) {
-	logrus.Debugf("enclave runtime %s executing payload with commandline %s", rt.runtime.Name(), cmd)
+	logrus.Debugf("enclave runtime %s executing payload with commandline", cmd)

 	// The executable may not exist in container at all according
 	// to the design of enclave runtime, such as Occlum, which uses
@@ -78,16 +76,16 @@ func (rt *EnclaveRuntimeWrapper) ExecutePayload(cmd []string, envp []string, std

 func (rt *EnclaveRuntimeWrapper) KillPayload(sig int, pid int) error {
 	if pid != -1 {
-		logrus.Debugf("enclave runtime %s killing payload %d with signal %d", rt.runtime.Name(), pid, sig)
+		logrus.Debugf("enclave runtime killing payload %d with signal %d", pid, sig)
 	} else {
-		logrus.Debugf("enclave runtime %s killing all payloads with signal %d", rt.runtime.Name(), sig)
+		logrus.Debugf("enclave runtime killing all payloads with signal %d", sig)
 	}

 	return rt.runtime.Kill(sig, pid)
 }

 func (rt *EnclaveRuntimeWrapper) DestroyInstance() error {
-	logrus.Debugf("Destroying enclave runtime %s", rt.runtime.Name())
+	logrus.Debugf("Destroying enclave runtime")

 	return rt.runtime.Destroy()
 }
--- a/rune/libenclave/internal/runtime/pal/api_linux.go
+++ b/rune/libenclave/internal/runtime/pal/api_linux.go
@@ -3,6 +3,11 @@ package enclave_runtime_pal // import "github.com/opencontainers/runc/libenclave
 /*
 #include <stdlib.h>

+static int palGetVersion(void *sym)
+{
+	return ((int (*)(void))sym)();
+}
+
 static int palInitV1(void *sym, const char *args, const char *log_level)
 {
 	typedef struct {
@@ -65,7 +70,7 @@ func (pal *enclaveRuntimePalApiV1) get_version() uint32 {
 	logrus.Debugf("pal get_version() called")
 	sym := nsenter.SymAddrPalVersion()
 	if sym != nil {
-		return *(*uint32)(sym)
+		return uint32(C.palGetVersion(sym))
 	} else {
 		return palApiVersion
 	}

--- a/rune/libenclave/internal/runtime/pal/pal.go
+++ b/rune/libenclave/internal/runtime/pal/pal.go
@@ -5,7 +5,6 @@ import (
 )

 type enclaveRuntimePal struct {
-	name    string
 	version uint32
 }


--- a/rune/libenclave/internal/runtime/pal/pal_linux.go
+++ b/rune/libenclave/internal/runtime/pal/pal_linux.go
@@ -3,27 +3,9 @@ package enclave_runtime_pal // import "github.com/opencontainers/runc/libenclave
 import (
 	"fmt"
 	"os"
-	"path"
-	"strings"
-)
-
-const (
-	palPrefix = "liberpal-"
-	palSuffix = ".so"
 )

 func (pal *enclaveRuntimePal) Load(palPath string) (err error) {
-	bp := path.Base(palPath)
-	if !strings.HasPrefix(bp, palPrefix) {
-		return fmt.Errorf("not found pal prefix pattern in pal %s\n", palPath)
-	}
-	if !strings.HasSuffix(bp, palSuffix) {
-		return fmt.Errorf("not found pal suffix pattern in pal %s\n", palPath)
-	}
-	palName := strings.TrimSuffix(strings.TrimPrefix(bp, palPrefix), palSuffix)
-
-	pal.name = palName
-
 	if err = pal.getPalApiVersion(); err != nil {
 		return err
 	}
@@ -40,10 +22,6 @@ func (pal *enclaveRuntimePal) getPalApiVersion() error {
 	return nil
 }

-func (pal *enclaveRuntimePal) Name() string {
-	return fmt.Sprintf("%s (API version %d)", pal.name, pal.version)
-}
-
 func (pal *enclaveRuntimePal) Init(args string, logLevel string) error {
 	api := &enclaveRuntimePalApiV1{}
 	return api.init(args, logLevel)