Permission Denied Error with Encrypted Files

[hello31337]

In Gramine, I'm trying to pass data via file under the folder specified as Encrypted Files.

In the manifest, the entire encrypted_files folder is designated as Encrypted Files as follows:

  { type = "encrypted", path = "/encrypted_files", uri = "file:encrypted_files", allow_empty_files = true }

The executable binary (written in C++), which is the Gramine entry point, writes to encrypted_files/python-file.dat and attempts to open this file in Python called from the entry point binary via a shell within Gramine.

C++:

std::ofstream ofs("/encrypted_files/python-file.dat");
ofs << secret;.
if(ofs.fail())
{
    std::cerr << "Error writing to file" << std::endl;
}

python:

with open(path) as f:.
nums = f.read()

However, both the C++ write side and the Python read side produce errors: on the C++ side, ofs.fail(), and on the Python side, the error message is as follows:

PermissionError: [Errno 13] Permission denied: '/encrypted_files/python-file.dat'

The file generation itself succeeds, so I don't think the path is set incorrectly, but is there any known solution?

[mkow]

Could you provide more logs around the failure point? See https://gramine.readthedocs.io/en/latest/manifest-syntax.html#log-level.

[kailun-qin]

May I know the Gramine version that you were working on? (there was a similar issue: 032e35e, but fixed long ago)

[hello31337]

Thank you for your comments.

Gramine itself was Clone relatively recently, so the commit ID was 0ee48ee, which is not that old.

The logs around the failed part are shown below. Please point out if we should have logged in more detail.

• entrypoint-binary-side (log level = all)

(libos_parser.c:1658:buf_write_all) [P1:T2:server] trace: ---- return from write(...) = 0x38
(libos_parser.c:1658:buf_write_all) [P1:T2:server] trace: ---- futex(0x15897788, FUTEX_PRIVATE|FUTEX_WAKE, 2147483647, 0, 0xca, 2177) ...
(libos_parser.c:1658:buf_write_all) [P1:T2:server] trace: ---- return from futex(...) = 0x0
(libos_fs_encrypted.c:206:encrypted_file_internal_open) [P1:T2:server] warning: key 'default' is not set
(libos_parser.c:1658:buf_write_all) [P1:T2:server] trace: ---- openat(AT_FDCWD, "/encrypted_files/python-file.dat", O_WRONLY|O_CREAT|O_TRUNC, 0666) = -13
(libos_parser.c:1658:buf_write_all) [P1:T2:server] trace: ---- write(2, 0x159cd2bb, 0x15) ...
Error writing to file(libos_parser.c:1658:buf_write_all) [P1:T2:server] trace: ---- return from write(...) = 0x15
(libos_parser.c:1658:buf_write_all) [P1:T2:server] trace: ---- write(2, 0x15643743, 0x1) ...

(libos_parser.c:1658:buf_write_all) [P1:T2:server] trace: ---- return from write(...) = 0x1
(libos_init.c:561:create_pipe) [P1:T2:server] debug: Creating pipe: pipe.srv:0d29be85ead64aeb9d89730bcda5ecbfbd2e2b6a17e430a2fe26fd9a6ce37c0e
(libos_parser.c:1658:buf_write_all) [P1:T2:server] trace: ---- pipe2(0x1520bfe8, 524288) = 0x0
(libos_parser.c:1658:buf_write_all) [P1:T2:server] trace: ---- prlimit64(0, 7, 0, 0x1520bf00) = 0x0
(libos_parser.c:1658:buf_write_all) [P1:T2:server] trace: ---- prlimit64(0, 7, 0, 0x1520bf00) = 0x0
(libos_parser.c:1658:buf_write_all) [P1:T2:server] trace: ---- mmap(0, 0x9000, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0x0) ...
(libos_parser.c:1658:buf_write_all) [P1:T2:server] trace: ---- return from mmap(...) = 0x151c4000
(libos_parser.c:1658:buf_write_all) [P1:T2:server] trace: ---- rt_sigprocmask(BLOCK, [SIGHUP,SIGINT,SIGQUIT,SIGILL,SIGTRAP,SIGABRT,SIGBUS,SIGFPE,SIGKILL,SIGUSR1,SIGSEGV,SIGUSR2,SIGPIPE,SIGALRM,SIGTERM,SIGSTKFLT,SIGCHLD,SIGCONT,SIGSTOP,SIGTSTP,SIGTTIN,SIGTTOU,SIGURG,SIGXCPU,SIGXFSZ,SIGVTALRM,SIGPROF,SIGWINCH,SIGIO
(libos_parser.c:1658:buf_write_all) [P1:T2:server] trace: ,SIGPWR,SIGSYS,SIG32,SIG33,SIG34,SIG35,SIG36,SIG37,SIG38,SIG39,SIG40,SIG41,SIG42,SIG43,SIG44,SIG45,SIG46,SIG47,SIG48,SIG49,SIG50,SIG51,SIG52,SIG53,SIG54,SIG55,SIG56,SIG57,SIG58,SIG59,SIG60,SIG61,SIG62,SIG63,SIG64,], [], 0x8) = 0x0
(libos_parser.c:1647:warn_unsupported_syscall) [P1:T2:server] warning: Unsupported system call clone3
(libos_parser.c:1658:buf_write_all) [P1:T2:server] trace: ---- clone(CLONE_VM|CLONE_VFORK|[SIGCHLD], 0x151ccff0, 0, 0, 0) ...
(libos_clone.c:281:libos_syscall_clone) [P1:T2:server] warning: vfork was called by the application, implemented as an alias to fork in Gramine
(libos_init.c:561:create_pipe) [P1:T2:server] debug: Creating pipe: pipe.srv:b8d05dbf1afbb006a50ab9f41a083834c0197d4b72b17d6a314a4114249f0a2b
(libos_checkpoint.c:448:cp_alloc) [P1:T2:server] debug: allocating checkpoint store (size = 67108864, reserve = 33554432)
(libos_clone.c:122:migrate_fork) [P1:T2:server] debug: complete checkpointing data
(libos_checkpoint.c:565:create_process_and_send_checkpoint) [P1:T2:server] debug: checkpoint of 68112 bytes created

• python-side (log level = debug)

(pal_files.c:108:file_open) warning: Disallowing access to file '/etc/apt/apt.conf.d/99needrestart'; file is not trusted or allowed.
(pal_files.c:108:file_open) warning: Disallowing access to file '/etc/apt/apt.conf.d/99update-notifier'; file is not trusted or allowed.
Traceback (most recent call last):
  File "//addition2.py", line 13, in <module>
    with open(path) as f:
PermissionError: [Errno 13] Permission denied: '/encrypted_files/python-file.dat'
Error in sys.excepthook:
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/apport_python_hook.py", line 72, in apport_excepthook
    from apport.fileutils import likely_packaged, get_recent_crashes
  File "/usr/lib/python3/dist-packages/apport/__init__.py", line 5, in <module>
    from apport.report import Report
  File "/usr/lib/python3/dist-packages/apport/report.py", line 32, in <module>
    import apport.fileutils
  File "/usr/lib/python3/dist-packages/apport/fileutils.py", line 28, in <module>
    from apport.packaging_impl import impl as packaging
  File "/usr/lib/python3/dist-packages/apport/packaging_impl.py", line 23, in <module>
    import apt
  File "/usr/lib/python3/dist-packages/apt/__init__.py", line 36, in <module>
    apt_pkg.init_system()
apt_pkg.Error: E:Error reading the CPU table

Original exception was:
Traceback (most recent call last):
  File "//addition2.py", line 13, in <module>
    with open(path) as f:
PermissionError: [Errno 13] Permission denied: '/encrypted_files/python-file.dat'
(libos_exit.c:212:libos_syscall_exit_group) [P3:T33:python3] debug: ---- exit_group (returning 1)
(libos_ipc.c:222:ipc_send_message_to_conn) [P3:T33:python3] debug: Sending ipc message to 1
(libos_ipc.c:257:wait_for_response) [P3:T33:python3] debug: Waiting for a response to 2
(libos_ipc_worker.c:193:receive_ipc_messages) [P1:libos] debug: IPC worker: received IPC message from 3: code=17 size=21 seq=2
(libos_fs_lock.c:785:file_lock_clear_pid) [P1:libos] debug: clearing file (POSIX) locks for pid 33
(libos_ipc.c:222:ipc_send_message_to_conn) [P1:libos] debug: Sending ipc message to 3
(libos_ipc_worker.c:193:receive_ipc_messages) [P3:libos] debug: IPC worker: received IPC message from 1: code=0 size=21 seq=2
(libos_ipc.c:341:ipc_response_callback) [P3:libos] debug: Got an IPC response from 1, seq: 2
(libos_ipc.c:264:wait_for_response) [P3:T33:python3] debug: Waiting finished: Success (PAL_ERROR_SUCCESS)
(libos_ipc.c:222:ipc_send_message_to_conn) [P3:T33:python3] debug: Sending ipc message to 2
(libos_sync_client.c:331:shutdown_sync_client) [P3:T33:python3] debug: sync client shutdown: closing handles
(libos_sync_client.c:346:shutdown_sync_client) [P3:T33:python3] debug: sync client shutdown: waiting for confirmation
(libos_sync_client.c:359:shutdown_sync_client) [P3:T33:python3] debug: sync client shutdown: finished
(libos_ipc_pid.c:333:ipc_release_id_range) [P3:T33:python3] debug: sending a request: [33..33]
(libos_ipc.c:222:ipc_send_message_to_conn) [P3:T33:python3] debug: Sending ipc message to 1
(libos_ipc_pid.c:336:ipc_release_id_range) [P3:T33:python3] debug: ipc_send_message: Success
(libos_ipc_worker.c:193:receive_ipc_messages) [P2:libos] debug: IPC worker: received IPC message from 3: code=2 size=37 seq=0
(libos_ipc_child.c:59:ipc_cld_exit_callback) [P2:libos] debug: IPC callback from 3: IPC_MSG_CHILDEXIT(3, 33, 1, 0)
(libos_ipc_worker.c:285:ipc_worker_main) [P3:libos] debug: IPC worker: exiting worker thread
(libos_ipc_worker.c:193:receive_ipc_messages) [P1:libos] debug: IPC worker: received IPC message from 3: code=4 size=25 seq=0
(libos_ipc_child.c:63:ipc_cld_exit_callback) [P2:libos] debug: Child process (pid: 33) died
(libos_ipc_pid.c:346:ipc_release_id_range_callback) [P1:libos] debug: release_id_range(33..33)
(libos_context.c:279:prepare_sigframe) [P2:T3:sh] debug: Created sigframe for sig: 17 at 0x13ffecd0 (handler: 0x152c3aa0, restorer: 0x150dc1f0)
(libos_exit.c:58:libos_clean_and_exit) [P3:T33:python3] debug: process 3 exited with status 1
(pal_process.c:248:_PalProcessExit) debug: PalProcessExit: Returning exit code 1
(libos_exit.c:212:libos_syscall_exit_group) [P2:T3:sh] debug: ---- exit_group (returning 1)
(libos_ipc.c:222:ipc_send_message_to_conn) [P2:T3:sh] debug: Sending ipc message to 1
(libos_ipc.c:257:wait_for_response) [P2:T3:sh] debug: Waiting for a response to 5
(libos_ipc_worker.c:193:receive_ipc_messages) [P1:libos] debug: IPC worker: received IPC message from 2: code=17 size=21 seq=5
(libos_fs_lock.c:785:file_lock_clear_pid) [P1:libos] debug: clearing file (POSIX) locks for pid 3
(libos_ipc.c:222:ipc_send_message_to_conn) [P1:libos] debug: Sending ipc message to 2
(libos_ipc_worker.c:193:receive_ipc_messages) [P2:libos] debug: IPC worker: received IPC message from 1: code=0 size=21 seq=5
(libos_ipc.c:341:ipc_response_callback) [P2:libos] debug: Got an IPC response from 1, seq: 5
(libos_ipc.c:264:wait_for_response) [P2:T3:sh] debug: Waiting finished: Success (PAL_ERROR_SUCCESS)
(libos_ipc.c:222:ipc_send_message_to_conn) [P2:T3:sh] debug: Sending ipc message to 1
(libos_sync_client.c:331:shutdown_sync_client) [P2:T3:sh] debug: sync client shutdown: closing handles
(libos_sync_client.c:346:shutdown_sync_client) [P2:T3:sh] debug: sync client shutdown: waiting for confirmation
(libos_sync_client.c:359:shutdown_sync_client) [P2:T3:sh] debug: sync client shutdown: finished
(libos_ipc_worker.c:193:receive_ipc_messages) [P1:libos] debug: IPC worker: received IPC message from 2: code=2 size=37 seq=0
(libos_ipc_pid.c:333:ipc_release_id_range) [P2:T3:sh] debug: sending a request: [3..3]
(libos_ipc_child.c:59:ipc_cld_exit_callback) [P1:libos] debug: IPC callback from 2: IPC_MSG_CHILDEXIT(1, 3, 1, 0)
(libos_ipc.c:222:ipc_send_message_to_conn) [P2:T3:sh] debug: Sending ipc message to 1
(libos_ipc_pid.c:336:ipc_release_id_range) [P2:T3:sh] debug: ipc_send_message: Success
(libos_ipc_child.c:63:ipc_cld_exit_callback) [P1:libos] debug: Child process (pid: 3) died

[kailun-qin]

Thanks for the information and logs!

warning: key 'default' is not set

Looks like no encryption key is specified in your manifest? For a secure version, you'll need to either use a SGX sealing key or to provision one via SGX attestation. Pls see https://gramine.readthedocs.io/en/latest/manifest-syntax.html#encrypted-files and https://gramine.readthedocs.io/en/latest/attestation.html for details.

[hello31337]

I mistakenly thought that setting key_name to "default" would automatically generate a key for each encrypted file. My apologies.

I tried specifying the sealing key for the MRSIGNER policy, and was able to pass the key via encrypted file without any problems.

Thank you for your kind advice.