oak/asylo_rust: A compatibility layer for using asylo through rust

This was previously found at sdk/rust/oak_runtime_compat

oak/server/rust/BUILD → oak/asylo_rust/BUILD

@@ -22,10 +22,11 @@ package(
 )
 
 rust_library(
-    name = "oak_runtime",
-    srcs = glob(["src/*.rs"]),
+    name = "asylo_rust",
+    srcs = glob(["src/**/*.rs"]),
     crate_type = "staticlib",
     edition = "2018",
+    deps = ["//third_party/rust/src/libstd:rust"],
 )
 
 # Strip unnecessary binary objects from the generated static library archive. It seems to contain
@@ -49,9 +50,9 @@ rust_library(
 # - Net cause: we're building the Rust library with a compiler that supports log double but linking
 #   with libraries that don't.
 genrule(
-    name = "oak_runtime_stripped",
-    srcs = [":oak_runtime"],
-    outs = ["oak_runtime_stripped.a"],
+    name = "asylo_rust_stripped",
+    srcs = [":asylo_rust"],
+    outs = ["asylo_rust_stripped.a"],
     cmd = "cp $< $@ && chmod +rw $@ && ar d $@ divxc3.o",
 )
 
@@ -67,9 +68,9 @@ genrule(
 # a change to the Rust file does induce a rebuild when doing bazel build //oak/server/dev:oak. So is
 # Bazel maybe doing something special for a target with a single src that is itself a .a file?
 cc_library(
-    name = "wrapper",
-    srcs = [":oak_runtime_stripped"],
-    hdrs = ["oak_runtime.h"],
+    name = "asylo_rust_wrapper",
+    srcs = ["//oak/asylo_rust:asylo_rust_stripped"],
+    hdrs = ["rust_check.h"],
     linkstatic = True,
     visibility = ["//oak/server:__subpackages__"],
 )

oak/asylo_rust/Cargo.toml

@@ -0,0 +1,12 @@
+[package]
+name = "asylo_rust"
+version = "0.1.0"
+authors = ["Ben Blaxill <benblaxill@google.com>"]
+edition = "2018"
+
+[lib]
+name = "asylo_rust"
+
+[dependencies]
+libc = "*"
+rust = { path = "../../third_party/rust/src/libstd" }

oak/server/rust/oak_runtime.h → oak/asylo_rust/rust_check.h

@@ -14,8 +14,10 @@
  * limitations under the License.
  */
 
-#ifndef RUST_OAK_RUNTIME_OAK_RUNTIME_H_
-#define RUST_OAK_RUNTIME_OAK_RUNTIME_H_
+#ifndef RUST_CHECK_H_
+#define RUST_CHECK_H_
+
+// TODO: Using this to temporarily verify rust compat layer is working.
 
 #include <cstdint>
 
@@ -26,4 +28,4 @@ extern "C" {
 int32_t add_magic_number(int32_t x);
 };
 
-#endif  // RUST_OAK_RUNTIME_OAK_RUNTIME_H_
+#endif  // RUST_CHECK_H_

oak/server/rust/src/lib.rs → oak/asylo_rust/src/asylo.rs

@@ -14,23 +14,12 @@
 // limitations under the License.
 //
 
-//! Functionality to allow use of Rust code within the Oak Runtime.
-
-#![no_std]
-#![feature(lang_items)]
-#![feature(alloc_prelude)]
-#![feature(alloc_error_handler)]
-
-extern crate alloc;
-
-// TODO: Move to separate crate.
-mod asylo_alloc;
-
-use alloc::prelude::v1::*;
 use core::alloc::Layout;
 use core::panic::PanicInfo;
 
-// TODO: Move to separate crate and expose safe wrappers.
+pub use rust::asylo::thread;
+pub use rust::asylo::mutex;
+
 #[link(name = "sgx_trts")]
 extern "C" {
     // SGX-enabled abort function that causes an undefined instruction (`UD2`) to be executed, which
@@ -42,32 +31,14 @@ extern "C" {
     fn abort() -> !;
 }
 
-#[global_allocator]
-static A: asylo_alloc::System = asylo_alloc::System;
-
-// Define what happens in an Out Of Memory (OOM) condition.
-#[alloc_error_handler]
-fn alloc_error(_layout: Layout) -> ! {
-    unsafe { abort() }
-}
-
 // See https://doc.rust-lang.org/nomicon/panic-handler.html.
 #[panic_handler]
 fn panic(_info: &PanicInfo) -> ! {
     unsafe { abort() }
 }
 
-/// Provide the entrypoint needed by the compiler's failure mechanisms when
-/// `std` is unavailable.  See ["No
-/// stdlib" documentation](https://doc.rust-lang.org/1.2.0/book/no-stdlib.html).
-#[lang = "eh_personality"]
-pub extern "C" fn eh_personality() {}
-
-/// An exported placeholder function to check that linking against C++ is successful.
-/// It just adds "42" to the provided value and returns it to the caller.
-#[no_mangle]
-pub extern "C" fn add_magic_number(x: i32) -> i32 {
-    // Allocate a bunch of elements on the heap in order to exercise the allocator.
-    let v: Vec<i32> = (0..10).map(|n| n + 40).collect();
-    x + v[2]
+// Define what happens in an Out Of Memory (OOM) condition.
+#[alloc_error_handler]
+fn alloc_error(_layout: Layout) -> ! {
+    unsafe { abort() }
 }

oak/asylo_rust/src/lib.rs

@@ -0,0 +1,97 @@
+//
+// Copyright 2019 The Project Oak Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+#![no_std]
+
+#![feature(lang_items)]
+#![feature(allocator_api)]
+#![feature(alloc_prelude)]
+#![feature(alloc_error_handler)]
+#![feature(fn_traits)]
+#![feature(rustc_private)]
+#![feature(never_type)]
+#![feature(box_syntax)]
+#![feature(int_error_internals)]
+#![feature(array_error_internals)]
+#![feature(char_error_internals)]
+
+extern crate alloc;
+extern crate core;
+extern crate libc;
+
+extern crate rust;
+
+pub use alloc::prelude::v1::*;
+
+pub use rust::error as error;
+pub use rust::io as io;
+
+mod allocator;
+mod asylo;
+pub use self::asylo::*;
+
+#[global_allocator]
+static A: allocator::System = allocator::System;
+
+// TODO: Enclave backend that provides:
+// - Allocator
+// - Threads
+// - Mutexes
+// - TODO: Channel with automatic remote attestation
+
+/// A safe function to spawn an enclave thread. At the moment, parameters cannot
+/// be passed in this function call, unlike the Rust standard library. (This can
+/// be achieved by moving values into closures and spawning threads with said
+/// closures)
+pub fn spawn<F>(f: F) -> io::Result<thread::Thread>
+where
+    F: FnOnce() -> (),
+    F: Send + 'static,
+{
+    unsafe {
+      thread::Thread::new(Box::new(f))
+    }
+}
+
+/// Provide the entrypoint needed by the compiler's failure mechanisms when
+/// `std` is unavailable.  See ["No
+/// stdlib" documentation](https://doc.rust-lang.org/1.2.0/book/no-stdlib.html).
+#[lang = "eh_personality"]
+pub extern "C" fn eh_personality() {}
+
+/// For testing externally linked code, see `add_magic_number`
+fn thread_test(x: i32) -> io::Result<i32> {
+  use alloc::sync::Arc;
+  use core::sync::atomic::{AtomicI32, Ordering};
+  let val = Arc::new(AtomicI32::new(x));
+
+  let other = {
+    let val = Arc::clone(&val);
+    move || {
+      val.fetch_add(42, Ordering::SeqCst);
+    }
+  };
+
+  spawn(box other)?.join();
+
+  Ok(val.load(Ordering::SeqCst))
+}
+
+/// An exported placeholder function to check that linking against C++ is successful.
+#[no_mangle]
+pub extern "C" fn add_magic_number(x: i32) -> i32 {
+    thread_test(x).unwrap_or(0)
+}

oak/server/BUILD

@@ -135,16 +135,18 @@ cc_library(
 cc_library(
     name = "oak_runtime",
     srcs = ["oak_runtime.cc"],
-    hdrs = ["oak_runtime.h"],
+    hdrs = [
+        "oak_runtime.h",
+    ],
     deps = [
         ":base_runtime",
         ":oak_grpc_node",
         ":wasm_node",
+        "//oak/asylo_rust:asylo_rust_wrapper",
         "//oak/common:app_config",
         "//oak/proto:enclave_cc_proto",
         "//oak/proto:oak_api_cc_proto",
         "//oak/server:logging_node",
-        "//oak/server/rust:wrapper",
         "//oak/server/storage:storage_node",
         "@com_google_absl//absl/memory",
         "@com_google_absl//absl/strings",

oak/server/oak_runtime.cc

@@ -25,9 +25,10 @@
 #include "absl/strings/str_cat.h"
 #include "asylo/util/logging.h"
 #include "oak/common/app_config.h"
-#include "oak/server/rust/oak_runtime.h"
 #include "oak/server/wasm_node.h"
 
+#include "oak/asylo_rust/rust_check.h"
+
 namespace oak {
 
 namespace {
@@ -156,6 +157,12 @@ grpc::Status OakRuntime::Start() {
   {
     LOG(INFO) << "Calling Rust runtime";
     int32_t rust_check = add_magic_number(1000);
+
+    if (rust_check != 1042) {
+      LOG(ERROR) << "failed rust magic number" << rust_check;
+      return grpc::Status::CANCELLED;
+    }
+
     LOG(INFO) << "Rust runtime called, result: " << rust_check;
   }
 

third_party/rust/BUILD

@@ -0,0 +1,29 @@
+#
+# Copyright 2019 The Project Oak Authors
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+load("@io_bazel_rules_rust//rust:rust.bzl", "rust_library")
+
+package(
+    licenses = ["notice"],
+)
+
+rust_library(
+    name = "rust",
+    srcs = glob(["src/**/*.rs"]),
+    crate_type = "lib",
+    edition = "2018",
+    visibility = ["//visibility:public"],
+)

third_party/rust/src/libstd/BUILD

@@ -0,0 +1,29 @@
+#
+# Copyright 2019 The Project Oak Authors
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+load("@io_bazel_rules_rust//rust:rust.bzl", "rust_library")
+
+package(
+    licenses = ["notice"],
+)
+
+rust_library(
+    name = "rust",
+    srcs = glob(["**/*.rs"]),
+    crate_type = "lib",
+    edition = "2018",
+    visibility = ["//visibility:public"],
+)