Lines Matching +full:no +full:- +full:poll +full:- +full:on +full:- +full:init
1 // SPDX-License-Identifier: GPL-2.0
3 * Copyright 2020-2021 Amazon.com, Inc. or its affiliates. All Rights Reserved.
11 * -----
19 * https://www.kernel.org/doc/html/latest/admin-guide/kernel-parameters.html#cpu-lists
26 * echo <cpu-list> > /sys/module/nitro_enclaves/parameters/ne_cpus
46 * https://www.kernel.org/doc/html/latest/admin-guide/mm/hugetlbpage.html
48 * By default, the allocation of hugetlb pages are distributed on all possible
52 * /sys/devices/system/node/node<X>/hugepages/hugepages-2048kB/nr_hugepages
53 * /sys/devices/system/node/node<X>/hugepages/hugepages-1048576kB/nr_hugepages
55 * or, if not on a system with multiple NUMA nodes, can also set the number
58 * /sys/kernel/mm/hugepages/hugepages-2048kB/nr_hugepages
59 * /sys/kernel/mm/hugepages/hugepages-1048576kB/nr_hugepages
65 * make -C samples/nitro_enclaves clean
66 * make -C samples/nitro_enclaves
80 #include <poll.h>
96 * NE_DEV_NAME - Nitro Enclaves (NE) misc device that provides the ioctl interface.
101 * NE_POLL_WAIT_TIME - Timeout in seconds for each poll event.
105 * NE_POLL_WAIT_TIME_MS - Timeout in milliseconds for each poll event.
110 * NE_SLEEP_TIME - Amount of time in seconds for the process to keep the enclave alive.
115 * NE_DEFAULT_NR_VCPUS - Default number of vCPUs set for an enclave.
120 * NE_MIN_MEM_REGION_SIZE - Minimum size of a memory region - 2 MiB.
125 * NE_DEFAULT_NR_MEM_REGIONS - Default number of memory regions of 2 MiB set for
131 * NE_IMAGE_LOAD_HEARTBEAT_CID - Vsock CID for enclave image loading heartbeat logic.
135 * NE_IMAGE_LOAD_HEARTBEAT_PORT - Vsock port for enclave image loading heartbeat logic.
139 * NE_IMAGE_LOAD_HEARTBEAT_VALUE - Heartbeat value for enclave image loading.
144 * struct ne_user_mem_region - User space memory region set for an enclave.
154 * ne_create_vm() - Create a slot for the enclave VM.
161 * * 0 on success.
162 * * Negative return value on failure.
166 int rc = -EINVAL; in ne_create_vm()
173 printf("Error in create VM, no CPUs available in the NE CPU pool\n"); in ne_create_vm()
189 * ne_poll_enclave_fd() - Thread function for polling the enclave fd.
194 * * NULL on success / failure.
201 int rc = -EINVAL; in ne_poll_enclave_fd()
203 printf("Running from poll thread, enclave fd %d\n", enclave_fd); in ne_poll_enclave_fd()
208 /* Keep on polling until the current process is terminated. */ in ne_poll_enclave_fd()
212 rc = poll(fds, 1, NE_POLL_WAIT_TIME_MS); in ne_poll_enclave_fd()
214 printf("Error in poll [%m]\n"); in ne_poll_enclave_fd()
222 printf("Poll: %d seconds elapsed\n", in ne_poll_enclave_fd()
228 printf("Poll received value 0x%x\n", fds[0].revents); in ne_poll_enclave_fd()
247 * ne_alloc_user_mem_region() - Allocate a user space memory region for an enclave.
252 * * 0 on success.
253 * * Negative return value on failure.
261 ne_user_mem_region->userspace_addr = mmap(NULL, ne_user_mem_region->memory_size, in ne_alloc_user_mem_region()
264 MAP_HUGETLB | MAP_HUGE_2MB, -1, 0); in ne_alloc_user_mem_region()
265 if (ne_user_mem_region->userspace_addr == MAP_FAILED) { in ne_alloc_user_mem_region()
268 return -1; in ne_alloc_user_mem_region()
275 * ne_load_enclave_image() - Place the enclave image in the enclave memory.
282 * * 0 on success.
283 * * Negative return value on failure.
289 int enclave_image_fd = -1; in ne_load_enclave_image()
298 int rc = -EINVAL; in ne_load_enclave_image()
316 return -ENOMEM; in ne_load_enclave_image()
323 printf("Error in get image load info, enclave not in init state\n"); in ne_load_enclave_image()
356 return -1; in ne_load_enclave_image()
369 temp_image_offset -= memory_size; in ne_load_enclave_image()
374 memory_size -= temp_image_offset; in ne_load_enclave_image()
378 remaining_bytes = enclave_image_size - image_written_bytes; in ne_load_enclave_image()
399 * ne_set_user_mem_region() - Set a user space memory region for the given enclave.
405 * * 0 on success.
406 * * Negative return value on failure.
415 int rc = -EINVAL; in ne_set_user_mem_region()
421 printf("Error in set user memory region, enclave not in init state\n"); in ne_set_user_mem_region()
491 * ne_free_mem_regions() - Unmap all the user space memory regions that were set
507 * ne_add_vcpu() - Add a vCPU to the given enclave.
510 * auto-generated (if provided vCPU id is 0).
514 * * 0 on success.
515 * * Negative return value on failure.
519 int rc = -EINVAL; in ne_add_vcpu()
525 printf("Error in add vcpu, no CPUs available in the NE CPU pool\n"); in ne_add_vcpu()
549 printf("Error in add vcpu, enclave not in init state\n"); in ne_add_vcpu()
571 * ne_start_enclave() - Start the given enclave.
577 * * 0 on success.
578 * * Negative return value on failure.
582 int rc = -EINVAL; in ne_start_enclave()
588 printf("Error in start enclave, enclave not in init state\n"); in ne_start_enclave()
594 printf("Error in start enclave, no memory regions have been added\n"); in ne_start_enclave()
600 printf("Error in start enclave, no vCPUs have been added\n"); in ne_start_enclave()
606 printf("Error in start enclave, enclave has no full cores set\n"); in ne_start_enclave()
640 * ne_start_enclave_check_booted() - Start the enclave and wait for a heartbeat
641 * from it, on a newly created vsock channel,
647 * * 0 on success.
648 * * Negative return value on failure.
653 int client_vsock_fd = -1; in ne_start_enclave_check_booted()
657 int rc = -EINVAL; in ne_start_enclave_check_booted()
664 int server_vsock_fd = -1; in ne_start_enclave_check_booted()
699 rc = poll(fds, 1, NE_POLL_WAIT_TIME_MS); in ne_start_enclave_check_booted()
701 printf("Error in poll [%m]\n"); in ne_start_enclave_check_booted()
707 printf("Poll timeout, %d seconds elapsed\n", NE_POLL_WAIT_TIME); in ne_start_enclave_check_booted()
709 rc = -ETIMEDOUT; in ne_start_enclave_check_booted()
715 printf("Poll received value %d\n", fds[0].revents); in ne_start_enclave_check_booted()
717 rc = -EINVAL; in ne_start_enclave_check_booted()
733 * Read the heartbeat value that the init process in the enclave sends in ne_start_enclave_check_booted()
768 int enclave_fd = -1; in main()
770 int ne_dev_fd = -1; in main()
773 int rc = -EINVAL; in main()