v1.0.0 release

Readme.md

@@ -1,6 +1,9 @@
 # Rust SGX SDK
 Rust SGX SDK helps developers write Intel SGX applications in Rust programming language. [[Paper pdf]](documents/ccsp17.pdf)
 
+## v1.0.0 Release
+We proudly announce v1.0.0 of rust-sgx-sdk! We port Parity's [Webassembly Interpreter](https://github.com/paritytech/wasmi) to Intel SGX and provide a full functional in-enclave [wasmi sample](samplecode/wasmi), and a [sample solution](samplecode/psi) of two-party private-set-intersection resisting side-channel attacks! From this version, we start to support most recent stable branch of Rust instead of nightly for better stability and future production use. Thus, the [stable branch](https://github.com/baidu/rust-sgx-sdk/tree/rust-stable) of v1.0.0 supports the most recent Rust stable toolchain (1.26.0 stable-2018-05-07), while the master only supports Rust nightly toolchain of nightly-2018-04-11. Please refer to [release_notes](release_notes.md) for further details.
+
 ## v0.9.8 Release
 This version provides security updates regards to recent Spectre attacks in Intel SGX, and supports **Rust stable (2018-03-01)** (in branch named 'rust-stable'). It contains support of [Intel SGX SDK 2.1.2](https://download.01.org/intel-sgx/linux-2.1.2/) and a series of API functions to stop speculative execution on demand. In addition, we provide a ported version of [rust-protobuf](https://crates.io/crates/protobuf) v1.4.4. Please refer to [release_notes](release_notes.md) for further details.
 

build_helper/Cargo.toml

@@ -1,11 +1,19 @@
 [package]
-name = "build_helper"
+name = "sgx_build_helper"
 version = "0.1.0"
 authors = ["baidu"]
+repository = "https://github.com/baidu/rust-sgx-sdk"
+license-file = "LICENSE"
+documentation = "https://dingelish.github.io/"
+description = "Rust SGX SDK provides the ability to write Intel SGX applications in Rust Programming Language."
+
+include = [
+    "Cargo.toml",
+    "Readme.md",
+    "LICENSE",
+    "lib.rs",
+]
 
 [lib]
-name = "build_helper"
+name = "sgx_build_helper"
 path = "lib.rs"
-
-[dependencies]
-filetime = "0.1"

build_helper/Readme.md

@@ -0,0 +1,3 @@
+# Note
+
+Please visit our [homepage](https://github.com/baidu/rust-sgx-sdk) for usage. Thanks!

build_helper/lib.rs

@@ -10,14 +10,11 @@
 
 #![deny(warnings)]
 
-extern crate filetime;
-
 use std::fs::File;
 use std::path::{Path, PathBuf};
 use std::process::{Command, Stdio};
 use std::{fs, env};
-
-use filetime::FileTime;
+use std::time::{SystemTime, UNIX_EPOCH};
 
 /// A helper macro to `unwrap` a result except also print out details like:
 ///
@@ -137,10 +134,8 @@ pub fn rerun_if_changed_anything_in_dir(dir: &Path) {
 }
 
 /// Returns the last-modified time for `path`, or zero if it doesn't exist.
-pub fn mtime(path: &Path) -> FileTime {
-    fs::metadata(path).map(|f| {
-        FileTime::from_last_modification_time(&f)
-    }).unwrap_or(FileTime::zero())
+pub fn mtime(path: &Path) -> SystemTime {
+    fs::metadata(path).and_then(|f| f.modified()).unwrap_or(UNIX_EPOCH)
 }
 
 /// Returns whether `dst` is up to date given that the file or files in `src`
@@ -157,9 +152,9 @@ pub fn up_to_date(src: &Path, dst: &Path) -> bool {
         Err(e) => panic!("source {:?} failed to get metadata: {}", src, e),
     };
     if meta.is_dir() {
-        dir_up_to_date(src, &threshold)
+        dir_up_to_date(src, threshold)
     } else {
-        FileTime::from_last_modification_time(&meta) <= threshold
+        meta.modified().unwrap_or(UNIX_EPOCH) <= threshold
     }
 }
 
@@ -226,13 +221,13 @@ pub fn sanitizer_lib_boilerplate(sanitizer_name: &str) -> Result<NativeLibBoiler
                            search_path)
 }
 
-fn dir_up_to_date(src: &Path, threshold: &FileTime) -> bool {
+fn dir_up_to_date(src: &Path, threshold: SystemTime) -> bool {
     t!(fs::read_dir(src)).map(|e| t!(e)).all(|e| {
         let meta = t!(e.metadata());
         if meta.is_dir() {
             dir_up_to_date(&e.path(), threshold)
         } else {
-            FileTime::from_last_modification_time(&meta) < *threshold
+            meta.modified().unwrap_or(UNIX_EPOCH) < threshold
         }
     })
 }

dockerfile/Dockerfile

@@ -32,7 +32,7 @@
 FROM ubuntu:16.04
 MAINTAINER Yu Ding
 
-RUN apt-get update && apt-get install -y build-essential ocaml automake autoconf libtool wget python libssl-dev libcurl4-openssl-dev protobuf-compiler libprotobuf-dev sudo kmod vim curl git-core libprotobuf-c0-dev libboost-thread-dev libboost-system-dev liblog4cpp5-dev libjsoncpp-dev alien uuid-dev libxml2-dev cmake pkg-config
+RUN apt-get update && apt-get install -y build-essential ocaml automake autoconf libtool wget python libssl-dev libcurl4-openssl-dev protobuf-compiler libprotobuf-dev sudo kmod vim curl git-core libprotobuf-c0-dev libboost-thread-dev libboost-system-dev liblog4cpp5-dev libjsoncpp-dev alien uuid-dev libxml2-dev cmake pkg-config expect
 
 
 # Uncomment the following lines for setup iCls
@@ -46,27 +46,27 @@ RUN apt-get update && apt-get install -y build-essential ocaml automake autoconf
 #    systemctl enable jhi
 
 RUN mkdir /root/sgx && \
-    wget -O /root/sgx/sgx_linux_x64_psw_2.1.102.43402.bin https://download.01.org/intel-sgx/linux-2.1.2/ubuntu64-desktop/sgx_linux_x64_psw_2.1.102.43402.bin && \
-    wget -O /root/sgx/sgx_linux_x64_sdk_2.1.102.43402.bin https://download.01.org/intel-sgx/linux-2.1.2/ubuntu64-desktop/sgx_linux_x64_sdk_2.1.102.43402.bin && \
+    wget -O /root/sgx/psw.bin https://download.01.org/intel-sgx/linux-2.1.3/ubuntu64-desktop/sgx_linux_x64_psw_2.1.103.44322.bin && \
+    wget -O /root/sgx/sdk.bin https://download.01.org/intel-sgx/linux-2.1.3/ubuntu64-desktop/sgx_linux_x64_sdk_2.1.103.44322.bin && \
     cd /root/sgx && \
-    chmod +x /root/sgx/sgx_linux_x64_psw_2.1.102.43402.bin && \
-    /root/sgx/sgx_linux_x64_psw_2.1.102.43402.bin && \
-    chmod +x /root/sgx/sgx_linux_x64_sdk_2.1.102.43402.bin && \
-    echo -e 'no\n/opt' | /root/sgx/sgx_linux_x64_sdk_2.1.102.43402.bin && \
+    chmod +x /root/sgx/psw.bin && \
+    /root/sgx/psw.bin && \
+    chmod +x /root/sgx/sdk.bin && \
+    echo -e 'no\n/opt' | /root/sgx/sdk.bin && \
     echo 'source /opt/sgxsdk/environment' >> /root/.bashrc
 
 ADD patch /root/
 
-RUN wget -O /root/sgx_2.1.2.tar.gz https://github.com/intel/linux-sgx/archive/sgx_2.1.2.tar.gz && \
-    cd /root && tar xzf sgx_2.1.2.tar.gz && \
-    cd /root/linux-sgx-sgx_2.1.2 && git apply ../patch && \
-    /root/linux-sgx-sgx_2.1.2/download_prebuilt.sh && \
-    cd /root/linux-sgx-sgx_2.1.2 && make -j && \
-    cp /root/linux-sgx-sgx_2.1.2/build/linux/libsgx_tstdc.a /opt/sgxsdk/lib64/libsgx_tstdc.a
+RUN wget -O /root/src.tar.gz https://github.com/intel/linux-sgx/archive/sgx_2.1.3.tar.gz && \
+    cd /root && tar xzf src.tar.gz && \
+    cd /root/linux-sgx-sgx_2.1.3 && git apply ../patch && \
+    /root/linux-sgx-sgx_2.1.3/download_prebuilt.sh && \
+    cd /root/linux-sgx-sgx_2.1.3 && make -j && \
+    cp /root/linux-sgx-sgx_2.1.3/build/linux/libsgx_tstdc.a /opt/sgxsdk/lib64/libsgx_tstdc.a
 
 RUN wget 'https://static.rust-lang.org/rustup/dist/x86_64-unknown-linux-gnu/rustup-init' -O /root/rustup-init && \
     chmod +x /root/rustup-init && \
-    echo '1' | /root/rustup-init --default-toolchain nightly-2018-03-16 && \
+    echo '1' | /root/rustup-init --default-toolchain nightly-2018-04-12 && \
     echo 'source /root/.cargo/env' >> /root/.bashrc && \
     /root/.cargo/bin/rustup component add rust-src && \
     /root/.cargo/bin/cargo install xargo && \

dockerfile/experimental/Dockerfile

@@ -35,7 +35,7 @@ RUN apt-get update && \
     apt-get install --allow-unauthenticated -y build-essential ocaml automake \
             autoconf libtool wget python libssl-dev libcurl4-openssl-dev sudo kmod vim curl \
             git-core liblog4cpp5-dev libjsoncpp-dev autoconf make g++ unzip python-dev \
-            alien uuid-dev libxml2-dev cmake pkg-config g++ unzip
+            alien uuid-dev libxml2-dev cmake pkg-config g++ unzip expect
 
 RUN mkdir /root/sgx && \
     cd /root/sgx && \
@@ -54,32 +54,31 @@ RUN mkdir /root/sgx && \
 #    cd jhi && mkdir build && cd build && cmake .. && make && make install && \
 #    systemctl enable jhi
 
-RUN wget -O /root/sgx/sgx_linux_x64_psw_2.1.102.43402.bin https://download.01.org/intel-sgx/linux-2.1.2/ubuntu64-desktop/sgx_linux_x64_psw_2.1.102.43402.bin && \
-    wget -O /root/sgx/sgx_linux_x64_sdk_2.1.102.43402.bin https://download.01.org/intel-sgx/linux-2.1.2/ubuntu64-desktop/sgx_linux_x64_sdk_2.1.102.43402.bin && \
+RUN wget -O /root/sgx/psw.bin https://download.01.org/intel-sgx/linux-2.1.3/ubuntu64-desktop/sgx_linux_x64_psw_2.1.103.44322.bin && \
+    wget -O /root/sgx/sdk.bin https://download.01.org/intel-sgx/linux-2.1.3/ubuntu64-desktop/sgx_linux_x64_sdk_2.1.103.44322.bin && \
     cd /root/sgx && \
-    chmod +x /root/sgx/sgx_linux_x64_psw_2.1.102.43402.bin && \
-    /root/sgx/sgx_linux_x64_psw_2.1.102.43402.bin && \
-    chmod +x /root/sgx/sgx_linux_x64_sdk_2.1.102.43402.bin && \
-    echo -e 'no\n/opt' | /root/sgx/sgx_linux_x64_sdk_2.1.102.43402.bin && \
+    chmod +x /root/sgx/psw.bin && \
+    /root/sgx/psw.bin && \
+    chmod +x /root/sgx/sdk.bin && \
+    echo -e 'no\n/opt' | /root/sgx/sdk.bin && \
     echo 'source /opt/sgxsdk/environment' >> /root/.bashrc
 
 ADD all.patch /root/
 
-RUN wget -O /root/sgx_2.1.2.tar.gz https://github.com/01org/linux-sgx/archive/sgx_2.1.2.tar.gz && \
-    cd /root && tar xzf sgx_2.1.2.tar.gz && \
-    cd /root/linux-sgx-sgx_2.1.2 && patch -t -p1 < ../all.patch && \
-    /root/linux-sgx-sgx_2.1.2/download_prebuilt.sh && \
-    cd /root/linux-sgx-sgx_2.1.2 && make -j && \
-    cp /root/linux-sgx-sgx_2.1.2/build/linux/libsgx_tstdc.a /opt/sgxsdk/lib64/libsgx_tstdc.a && \
-    cp /root/linux-sgx-sgx_2.1.2/build/linux/aesm_service /opt/intel/sgxpsw/aesm/aesm_service && \
-    cp /root/linux-sgx-sgx_2.1.2/build/linux/libsgx_uae_service.so /usr/lib/libsgx_uae_service.so
+RUN wget -O /root/src.tar.gz https://github.com/intel/linux-sgx/archive/sgx_2.1.3.tar.gz && \
+    cd /root && tar xzf src.tar.gz && \
+    cd /root/linux-sgx-sgx_2.1.3 && patch -t -p1 < ../all.patch && \
+    /root/linux-sgx-sgx_2.1.3/download_prebuilt.sh && \
+    cd /root/linux-sgx-sgx_2.1.3 && make -j && \
+    cp /root/linux-sgx-sgx_2.1.3/build/linux/libsgx_tstdc.a /opt/sgxsdk/lib64/libsgx_tstdc.a && \
+    cp /root/linux-sgx-sgx_2.1.3/build/linux/aesm_service /opt/intel/sgxpsw/aesm/aesm_service && \
+    cp /root/linux-sgx-sgx_2.1.3/build/linux/libsgx_uae_service.so /usr/lib/libsgx_uae_service.so
 
 RUN wget 'https://static.rust-lang.org/rustup/dist/x86_64-unknown-linux-gnu/rustup-init' -O /root/rustup-init && \
     chmod +x /root/rustup-init && \
-    echo '1' | /root/rustup-init --default-toolchain nightly-2018-03-16 && \
+    echo '1' | /root/rustup-init --default-toolchain nightly-2018-04-12 && \
     echo 'source /root/.cargo/env' >> /root/.bashrc && \
     /root/.cargo/bin/rustup component add rust-src && \
-    apt-get autoclean && apt-get autoremove && rm -rf /var/cache/apt/archives/* && \
-    /root/.cargo/bin/cargo install xargo
-
+    /root/.cargo/bin/cargo install xargo && \
+    apt-get autoclean && apt-get autoremove && rm -rf /var/cache/apt/archives/*
 WORKDIR /root

dockerfile/rust-stable/Dockerfile

@@ -32,7 +32,7 @@
 FROM ubuntu:16.04
 MAINTAINER Yu Ding
 
-RUN apt-get update && apt-get install -y build-essential ocaml automake autoconf libtool wget python libssl-dev libcurl4-openssl-dev protobuf-compiler libprotobuf-dev sudo kmod vim curl git-core libprotobuf-c0-dev libboost-thread-dev libboost-system-dev liblog4cpp5-dev libjsoncpp-dev alien uuid-dev libxml2-dev cmake pkg-config
+RUN apt-get update && apt-get install -y build-essential ocaml automake autoconf libtool wget python libssl-dev libcurl4-openssl-dev protobuf-compiler libprotobuf-dev sudo kmod vim curl git-core libprotobuf-c0-dev libboost-thread-dev libboost-system-dev liblog4cpp5-dev libjsoncpp-dev alien uuid-dev libxml2-dev cmake pkg-config expect
 
 
 # Uncomment the following lines for setup iCls
@@ -46,27 +46,27 @@ RUN apt-get update && apt-get install -y build-essential ocaml automake autoconf
 #    systemctl enable jhi
 
 RUN mkdir /root/sgx && \
-    wget -O /root/sgx/sgx_linux_x64_psw_2.1.102.43402.bin https://download.01.org/intel-sgx/linux-2.1.2/ubuntu64-desktop/sgx_linux_x64_psw_2.1.102.43402.bin && \
-    wget -O /root/sgx/sgx_linux_x64_sdk_2.1.102.43402.bin https://download.01.org/intel-sgx/linux-2.1.2/ubuntu64-desktop/sgx_linux_x64_sdk_2.1.102.43402.bin && \
+    wget -O /root/sgx/psw.bin https://download.01.org/intel-sgx/linux-2.1.3/ubuntu64-desktop/sgx_linux_x64_psw_2.1.103.44322.bin && \
+    wget -O /root/sgx/sdk.bin https://download.01.org/intel-sgx/linux-2.1.3/ubuntu64-desktop/sgx_linux_x64_sdk_2.1.103.44322.bin && \
     cd /root/sgx && \
-    chmod +x /root/sgx/sgx_linux_x64_psw_2.1.102.43402.bin && \
-    /root/sgx/sgx_linux_x64_psw_2.1.102.43402.bin && \
-    chmod +x /root/sgx/sgx_linux_x64_sdk_2.1.102.43402.bin && \
-    echo -e 'no\n/opt' | /root/sgx/sgx_linux_x64_sdk_2.1.102.43402.bin && \
+    chmod +x /root/sgx/psw.bin && \
+    /root/sgx/psw.bin && \
+    chmod +x /root/sgx/sdk.bin && \
+    echo -e 'no\n/opt' | /root/sgx/sdk.bin && \
     echo 'source /opt/sgxsdk/environment' >> /root/.bashrc
 
 ADD patch /root/
 
-RUN wget -O /root/sgx_2.1.2.tar.gz https://github.com/intel/linux-sgx/archive/sgx_2.1.2.tar.gz && \
-    cd /root && tar xzf sgx_2.1.2.tar.gz && \
-    cd /root/linux-sgx-sgx_2.1.2 && git apply ../patch && \
-    /root/linux-sgx-sgx_2.1.2/download_prebuilt.sh && \
-    cd /root/linux-sgx-sgx_2.1.2 && make -j && \
-    cp /root/linux-sgx-sgx_2.1.2/build/linux/libsgx_tstdc.a /opt/sgxsdk/lib64/libsgx_tstdc.a
+RUN wget -O /root/src.tar.gz https://github.com/intel/linux-sgx/archive/sgx_2.1.3.tar.gz && \
+    cd /root && tar xzf src.tar.gz && \
+    cd /root/linux-sgx-sgx_2.1.3 && git apply ../patch && \
+    /root/linux-sgx-sgx_2.1.3/download_prebuilt.sh && \
+    cd /root/linux-sgx-sgx_2.1.3 && make -j && \
+    cp /root/linux-sgx-sgx_2.1.3/build/linux/libsgx_tstdc.a /opt/sgxsdk/lib64/libsgx_tstdc.a
 
 RUN wget 'https://static.rust-lang.org/rustup/dist/x86_64-unknown-linux-gnu/rustup-init' -O /root/rustup-init && \
     chmod +x /root/rustup-init && \
-    echo '1' | /root/rustup-init --default-toolchain stable-2018-03-01 && \
+    echo '1' | /root/rustup-init --default-toolchain stable-2018-05-10 && \
     echo 'source /root/.cargo/env' >> /root/.bashrc && \
     /root/.cargo/bin/rustup component add rust-src && \
     /root/.cargo/bin/cargo install xargo && \