diff --git a/common/src/protected_files/protected_files.c b/common/src/protected_files/protected_files.c index 8288406458..02a06908a8 100644 --- a/common/src/protected_files/protected_files.c +++ b/common/src/protected_files/protected_files.c @@ -1076,7 +1076,7 @@ static void ipf_delete_cache(pf_context_t* pf) { } } -static bool ipf_close(pf_context_t* pf, pf_mac_t* closing_root_gmac) { +static bool ipf_close(pf_context_t* pf, pf_mac_t* closing_root_mac) { bool retval = true; if (pf->file_status != PF_STATUS_SUCCESS) { @@ -1089,8 +1089,8 @@ static bool ipf_close(pf_context_t* pf, pf_mac_t* closing_root_gmac) { } } - if (closing_root_gmac != NULL) { - memcpy(*closing_root_gmac, pf->file_metadata.plain_part.metadata_gmac, sizeof(pf_mac_t)); + if (closing_root_mac != NULL) { + memcpy(*closing_root_mac, pf->metadata_node.plaintext_part.metadata_mac, sizeof(pf_mac_t)); } // omeg: fs close is done by Gramine handler @@ -1131,24 +1131,24 @@ void pf_set_callbacks(pf_read_f read_f, pf_write_f write_f, pf_fsync_f fsync_f, pf_status_t pf_open(pf_handle_t handle, const char* path, uint64_t underlying_size, pf_file_mode_t mode, bool create, const pf_key_t* key, - pf_mac_t* opening_root_gmac, pf_context_t** context) { + pf_mac_t* opening_root_mac, pf_context_t** context) { if (!g_initialized) return PF_STATUS_UNINITIALIZED; pf_status_t status; *context = ipf_open(path, mode, create, handle, underlying_size, key, &status); - if ((*context != NULL) && (opening_root_gmac != NULL)) { - memcpy(*opening_root_gmac, (*context)->file_metadata.plain_part.metadata_gmac, + if ((*context != NULL) && (opening_root_mac != NULL)) { + memcpy(*opening_root_mac, (*context)->metadata_node.plaintext_part.metadata_mac, sizeof(pf_mac_t)); } return status; } -pf_status_t pf_close(pf_context_t* pf, pf_mac_t* closing_root_gmac) { +pf_status_t pf_close(pf_context_t* pf, pf_mac_t* closing_root_mac) { if (!g_initialized) return PF_STATUS_UNINITIALIZED; - if (ipf_close(pf, closing_root_gmac)) { + if (ipf_close(pf, closing_root_mac)) { free(pf); return PF_STATUS_SUCCESS; } @@ -1217,7 +1217,7 @@ pf_status_t pf_set_size(pf_context_t* pf, uint64_t size) { return PF_STATUS_SUCCESS; } -pf_status_t pf_rename(pf_context_t* pf, const char* new_path, pf_mac_t* new_root_gmac) { +pf_status_t pf_rename(pf_context_t* pf, const char* new_path, pf_mac_t* new_root_mac) { if (!g_initialized) return PF_STATUS_UNINITIALIZED; @@ -1233,8 +1233,8 @@ pf_status_t pf_rename(pf_context_t* pf, const char* new_path, pf_mac_t* new_root pf->need_writing = true; if (!ipf_internal_flush(pf)) return pf->last_error; - if (new_root_gmac != NULL) { - memcpy(*new_root_gmac, pf->file_metadata.plain_part.metadata_gmac, sizeof(pf_mac_t)); + if (new_root_mac != NULL) { + memcpy(*new_root_mac, pf->metadata_node.plaintext_part.metadata_mac, sizeof(pf_mac_t)); } return PF_STATUS_SUCCESS; diff --git a/common/src/protected_files/protected_files.h b/common/src/protected_files/protected_files.h index 1cb61bbd39..27d6b0bdc5 100644 --- a/common/src/protected_files/protected_files.h +++ b/common/src/protected_files/protected_files.h @@ -224,24 +224,24 @@ const char* pf_strerror(int err); * \param mode Access mode. * \param create Overwrite file contents if true. * \param key Wrap key. - * \param opening_root_gmac If non-NULL, !create & successfull open, returns root-hash of file + * \param opening_root_mac If non-NULL, !create & successfull open, returns root-hash of file * \param[out] context PF context for later calls. * * \returns PF status. */ pf_status_t pf_open(pf_handle_t handle, const char* path, uint64_t underlying_size, pf_file_mode_t mode, bool create, const pf_key_t* key, - pf_mac_t* opening_root_gmac, pf_context_t** context); + pf_mac_t* opening_root_mac, pf_context_t** context); /*! * \brief Close a protected file and commit all changes to disk. * * \param pf PF context. - * \param closing_root_gmac If non-NULL, returns root-hash of file at closing time + * \param closing_root_mac If non-NULL, returns root-hash of file at closing time * * \returns PF status. */ -pf_status_t pf_close(pf_context_t* pf, pf_mac_t* closing_root_gmac); +pf_status_t pf_close(pf_context_t* pf, pf_mac_t* closing_root_mac); /*! * \brief Read from a protected file. @@ -296,12 +296,12 @@ pf_status_t pf_set_size(pf_context_t* pf, uint64_t size); * * \param pf PF context. * \param new_path New file path. - * \param new_root_gmac if non-NULL, returns new root-hash of file + * \param new_root_mac if non-NULL, returns new root-hash of file * * Updates the path inside protected file header, and flushes all changes. The caller is responsible * for renaming the underlying file. */ -pf_status_t pf_rename(pf_context_t* pf, const char* new_path, pf_mac_t* new_root_gmac); +pf_status_t pf_rename(pf_context_t* pf, const char* new_path, pf_mac_t* new_root_mac); /*! * \brief Flush any pending data of a protected file to disk. diff --git a/libos/include/libos_fs_encrypted.h b/libos/include/libos_fs_encrypted.h index f27f182b00..db5f59534e 100644 --- a/libos/include/libos_fs_encrypted.h +++ b/libos/include/libos_fs_encrypted.h @@ -48,7 +48,7 @@ typedef enum { struct libos_encrypted_volume_state_map { char* norm_path; // assumptions: all paths canonicalized, symlinks are resolved & no hard links libos_encrypted_file_state_t state; - pf_mac_t last_seen_root_gmac; + pf_mac_t last_seen_root_mac; UT_hash_handle hh; }; diff --git a/libos/src/fs/libos_fs_encrypted.c b/libos/src/fs/libos_fs_encrypted.c index 93b25ca1cf..d6dc5d52b4 100644 --- a/libos/src/fs/libos_fs_encrypted.c +++ b/libos/src/fs/libos_fs_encrypted.c @@ -221,9 +221,9 @@ static int encrypted_file_internal_open(struct libos_encrypted_file* enc, PAL_HA ret = -EACCES; goto out; } - pf_mac_t opening_root_gmac; + pf_mac_t opening_root_mac; pf_status_t pfs = pf_open(pal_handle, norm_path, size, PF_FILE_MODE_READ | PF_FILE_MODE_WRITE, - create, &enc->volume->key->pf_key, &opening_root_gmac, &pf); + create, &enc->volume->key->pf_key, &opening_root_mac, &pf); unlock(&g_keys_lock); if (PF_FAILURE(pfs)) { log_warning("pf_open failed: %s", pf_strerror(pfs)); @@ -233,7 +233,7 @@ static int encrypted_file_internal_open(struct libos_encrypted_file* enc, PAL_HA /* rollback protection */ struct libos_encrypted_volume_state_map* file_state = NULL; log_debug("file '%s' opened with MAC=" MAC_PRINTF_PATTERN, norm_path, - MAC_PRINTF_ARGS(opening_root_gmac)); // TODO (MST): remove me eventually? + MAC_PRINTF_ARGS(opening_root_mac)); // TODO (MST): remove me eventually? lock(&(enc->volume->files_state_map_lock)); /* - get current state */ HASH_FIND_STR(enc->volume->files_state_map, norm_path, file_state); @@ -259,14 +259,14 @@ static int encrypted_file_internal_open(struct libos_encrypted_file* enc, PAL_HA goto out_unlock_map; } } - if (memcmp(file_state->last_seen_root_gmac, opening_root_gmac, sizeof(pf_mac_t)) != 0) { + if (memcmp(file_state->last_seen_root_mac, opening_root_mac, sizeof(pf_mac_t)) != 0) { log_error( "file '%s' was seen before but in different inconsistent (rolled-back?) " "state, expected MAC=" MAC_PRINTF_PATTERN " but file had " "MAC=" MAC_PRINTF_PATTERN, - norm_path, MAC_PRINTF_ARGS(file_state->last_seen_root_gmac), - MAC_PRINTF_ARGS(opening_root_gmac)); + norm_path, MAC_PRINTF_ARGS(file_state->last_seen_root_mac), + MAC_PRINTF_ARGS(opening_root_mac)); if (enc->volume->protection_mode != PF_ENCLAVE_LIFE_RB_PROTECTION_NONE) { pf_set_corrupted(pf); ret = -EACCES; @@ -299,7 +299,7 @@ static int encrypted_file_internal_open(struct libos_encrypted_file* enc, PAL_HA } /* we do below unconditionally as we might recreate a deleted file or overwrite an existing * one */ - memcpy(file_state->last_seen_root_gmac, opening_root_gmac, sizeof(pf_mac_t)); + memcpy(file_state->last_seen_root_mac, opening_root_mac, sizeof(pf_mac_t)); file_state->state = PF_FILE_STATE_ACTIVE; enc->pf = pf; @@ -335,8 +335,8 @@ int parse_pf_key(const char* key_str, pf_key_t* pf_key) { static void encrypted_file_internal_close(struct libos_encrypted_file* enc, bool fs_reachable) { assert(enc->pf); - pf_mac_t closing_root_gmac; - pf_status_t pfs = pf_close(enc->pf, &closing_root_gmac); + pf_mac_t closing_root_mac; + pf_status_t pfs = pf_close(enc->pf, &closing_root_mac); char* norm_path = NULL; int ret = uri_to_normalized_path(enc->uri, &norm_path); if (ret < 0) { @@ -344,7 +344,7 @@ static void encrypted_file_internal_close(struct libos_encrypted_file* enc, bool } else { log_debug("%sreachable file '%s' closed with MAC=" MAC_PRINTF_PATTERN, (fs_reachable ? "" : "un"), norm_path, - MAC_PRINTF_ARGS(closing_root_gmac)); // TODO (MST): remove me eventually? + MAC_PRINTF_ARGS(closing_root_mac)); // TODO (MST): remove me eventually? lock(&(enc->volume->files_state_map_lock)); struct libos_encrypted_volume_state_map* file_state = NULL; @@ -359,7 +359,7 @@ static void encrypted_file_internal_close(struct libos_encrypted_file* enc, bool /* note: we only update if reachable in fileystem to prevent file-handles made * unreachable via unlink or rename to modify state. We also do not touch it if * earlier we determined this file is in inconsistent error state. */ - memcpy(file_state->last_seen_root_gmac, closing_root_gmac, sizeof(pf_mac_t)); + memcpy(file_state->last_seen_root_mac, closing_root_mac, sizeof(pf_mac_t)); } } unlock(&(enc->volume->files_state_map_lock)); @@ -818,8 +818,8 @@ int encrypted_file_rename(struct libos_encrypted_file* enc, const char* new_uri) if (ret < 0) goto out; - pf_mac_t new_root_gmac; - pf_status_t pfs = pf_rename(enc->pf, new_norm_path, &new_root_gmac); + pf_mac_t new_root_mac; + pf_status_t pfs = pf_rename(enc->pf, new_norm_path, &new_root_mac); if (PF_FAILURE(pfs)) { log_warning("pf_rename failed: %s", pf_strerror(pfs)); ret = -EACCES; @@ -831,7 +831,7 @@ int encrypted_file_rename(struct libos_encrypted_file* enc, const char* new_uri) log_warning("PalStreamChangeName failed: %s", pal_strerror(ret)); /* We failed to rename the file. Try to restore the name in header. */ - pfs = pf_rename(enc->pf, old_norm_path, &new_root_gmac); + pfs = pf_rename(enc->pf, old_norm_path, &new_root_mac); if (PF_FAILURE(pfs)) { log_warning("pf_rename (during cleanup) failed, the file might be unusable: %s", pf_strerror(pfs)); @@ -843,7 +843,7 @@ int encrypted_file_rename(struct libos_encrypted_file* enc, const char* new_uri) /* update file state map */ log_debug("file '%s' renamed to '%s' with MAC=" MAC_PRINTF_PATTERN, old_norm_path, new_norm_path, - MAC_PRINTF_ARGS(new_root_gmac)); // TODO (MST): remove me eventually? + MAC_PRINTF_ARGS(new_root_mac)); // TODO (MST): remove me eventually? lock(&(enc->volume->files_state_map_lock)); struct libos_encrypted_volume_state_map* old_file_state = NULL; HASH_FIND_STR(enc->volume->files_state_map, old_norm_path, old_file_state); @@ -864,10 +864,10 @@ int encrypted_file_rename(struct libos_encrypted_file* enc, const char* new_uri) new_norm_path = new_file_state->norm_path; } new_file_state->state = old_file_state->state; - memcpy(new_file_state->last_seen_root_gmac, new_root_gmac, sizeof(pf_mac_t)); + memcpy(new_file_state->last_seen_root_mac, new_root_mac, sizeof(pf_mac_t)); old_file_state->state = PF_FILE_STATE_DELETED; /* note: this might remove error state from that file but that is fine as it is deleted now. */ - memset(old_file_state->last_seen_root_gmac, 0, sizeof(pf_mac_t)); + memset(old_file_state->last_seen_root_mac, 0, sizeof(pf_mac_t)); unlock(&(enc->volume->files_state_map_lock)); free(enc->uri); @@ -905,13 +905,13 @@ int encrypted_file_unlink(struct libos_encrypted_file* enc) { struct libos_encrypted_volume_state_map* file_state = NULL; HASH_FIND_STR(enc->volume->files_state_map, norm_path, file_state); assert(file_state != NULL); - pf_mac_t root_gmac_before_unlink; - memcpy(root_gmac_before_unlink, file_state->last_seen_root_gmac, sizeof(pf_mac_t)); + pf_mac_t root_mac_before_unlink; + memcpy(root_mac_before_unlink, file_state->last_seen_root_mac, sizeof(pf_mac_t)); file_state->state = PF_FILE_STATE_DELETED; - memset(file_state->last_seen_root_gmac, 0, sizeof(pf_mac_t)); + memset(file_state->last_seen_root_mac, 0, sizeof(pf_mac_t)); unlock(&(enc->volume->files_state_map_lock)); log_debug("file '%s' unlinked, previously with MAC=" MAC_PRINTF_PATTERN, norm_path, - MAC_PRINTF_ARGS(root_gmac_before_unlink)); // TODO (MST): remove me eventually? + MAC_PRINTF_ARGS(root_mac_before_unlink)); // TODO (MST): remove me eventually? return 0; }