Compilation of TaLoS successful but libraries not linking with my application code

Question

Compilation of TaLoS successful but libraries not linking with my application code

ZirakZaheer opened this issue 7 years ago · comments

Hi, as I mentioned earlier my application needs to make use of Openssl api and constructs inside the enclave methods, thats why i am making use of TaLoS because I cannot find other sgx compatible openssl libraries

But even after linking the TaLoS libraries (libenclave.so, enclave.signed.so) to my application code I am still getting a list of errors like below:

/tmp/TaLoS/src/libressl-2.4.1/include/openssl/bn.h:442:17: error: unknown type name ‘FILE’
int BN_print_fp(FILE *fp, const BIGNUM *a);
^
In file included from /tmp/TaLoS/src/libressl-2.4.1/include/openssl/objects.h:962:0,
from /tmp/TaLoS/src/libressl-2.4.1/include/openssl/evp.h:86,
from trusted/kssl_private_key.h:8,
from trusted/private_type.h:3,
from trusted/key_operations_t.h:9,
from trusted/key_operations_t.c:1:
/tmp/TaLoS/src/libressl-2.4.1/include/openssl/asn1.h:944:58: error: unknown type name ‘FILE’
void *ASN1_d2i_fp(void *(*xnew)(void), d2i_of_void *d2i, FILE *in, void **x);
^
/tmp/TaLoS/src/libressl-2.4.1/include/openssl/asn1.h:952:45: error: unknown type name ‘FILE’
void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x);
^
/tmp/TaLoS/src/libressl-2.4.1/include/openssl/asn1.h:953:35: error: unknown type name ‘FILE’
int ASN1_i2d_fp(i2d_of_void *i2d, FILE *out, void *x);

Can you tell me whats the issue? I tried to include stdio and uinstd.h files inside the error creating files but no benefit. Thanks

plaublin · Answer 1 · Mon May 08 2017 17:35:58 GMT+0800 (China Standard Time)

Hi

What is the gcc command generating this error?
You don't have to link enclave.signed.so when you compile your application: this library is automatically loaded by libenclave.so when creating the enclave (see the initialize_library() function in crypto/enclaveshim_ecalls.c).

ZirakZaheer · Answer 2 · Mon May 08 2017 23:27:56 GMT+0800 (China Standard Time)

Below is the makefile portion responsible for compiling and linking:

trusted/key_operations_t.c: $(SGX_EDGER8R) ./trusted/key_operations.edl
@cd ./trusted && $(SGX_EDGER8R) --trusted ../trusted/key_operations.edl --search-path ../trusted --search-path $(SGX_SDK)/include
@echo "GEN => $@"

trusted/key_operations_t.o: ./trusted/key_operations_t.c
@$(CC) $(Key_operations_C_Flags) -c $< -o $@
@echo "CC <= $<"

trusted/%.o: trusted/%.c
@$(CC) $(Key_operations_C_Flags) -c $< -o $@
@echo "CC <= $<"

key_operations.so: trusted/key_operations_t.o $(Key_operations_C_Objects)
@$(CXX) $^ -o $@ $(Key_operations_Link_Flags) enclave.signed.so
@echo "LINK => $@"

key_operations.signed.so: key_operations.so
@$(SGX_ENCLAVE_SIGNER) sign -key trusted/key_operations_private.pem -enclave key_operations.so -out $@ -config trusted/key_operations.config.xml
@echo "SIGN => $@"
clean:
@rm -f key_operations.* trusted/key_operations_t.* $(Key_operations_C_Objects)

plaublin · Answer 3 · Thu May 11 2017 16:37:52 GMT+0800 (China Standard Time)

Hi

The link rule seems wrong:

key_operations.so: trusted/key_operations_t.o $(Key_operations_C_Objects)
@$(CXX) $^ -o $@ $(Key_operations_Link_Flags) enclave.signed.so

At this stage you want to create the enclave library (its default name is enclave.signed.so). However, in your rule the output file is key_operations.so, but you still mention enclave.signed.so.

What is the value of $(Key_operations_Link_Flags)? In particular, does it contain -nostdlib -nodefaultlibs -L$(SGX_LIBRARY_PATH) (with SGX_LIBRARY_PATH set correctly) while the CPP flags for compiling the enclave files need to contain -nostdinc -nostdinc++?

Can you use the original names from Makefile.sgx (Enclave_Link_Flags, enclave.signed.so, etc.)?