[Pal] Remove unused parent pid from various structures

boryspoplawski · boryspoplawski · commit 4cb98219d8e3 · 2021-07-12T16:56:41.000+02:00
Signed-off-by: Borys Popławski &lt;borysp@invisiblethingslab.com&gt;
diff --git a/Pal/src/host/Linux-SGX/db_main.c b/Pal/src/host/Linux-SGX/db_main.c
@@ -584,15 +584,7 @@ noreturn void pal_linux_main(char* uptr_libpal_uri, size_t libpal_uri_len, char*
 
     /* For {p,u,g}ids we can at least do some minimal checking. */
 
-    /* ppid should be positive when interpreted as signed. It's 0 if we don't
-     * have a graphene parent process. */
-    if (sec_info.ppid > INT32_MAX) {
-        log_error("Invalid sec_info.ppid: %u", sec_info.ppid);
-        ocall_exit(1, /*is_exitgroup=*/true);
-    }
-    g_pal_sec.ppid = sec_info.ppid;
-
-    /* As ppid but we always have a pid, so 0 is invalid. */
+    /* pid should be positive when interpreted as signed. */
     if (sec_info.pid > INT32_MAX || sec_info.pid == 0) {
         log_error("Invalid sec_info.pid: %u", sec_info.pid);
         ocall_exit(1, /*is_exitgroup=*/true);
@@ -670,7 +662,7 @@ noreturn void pal_linux_main(char* uptr_libpal_uri, size_t libpal_uri_len, char*
     /* if there is a parent, create parent handle */
     PAL_HANDLE parent = NULL;
     uint64_t instance_id = 0;
-    if (g_pal_sec.ppid) {
+    if (g_pal_sec.stream_fd != PAL_IDX_POISON) {
         if ((ret = init_child_process(&parent, &instance_id)) < 0) {
             log_error("Failed to initialize child process: %d", ret);
             ocall_exit(1, /*is_exitgroup=*/true);
diff --git a/Pal/src/host/Linux-SGX/pal_linux.h b/Pal/src/host/Linux-SGX/pal_linux.h
@@ -29,7 +29,6 @@
 #define IS_UNIX_ERR INTERNAL_SYSCALL_ERRNO_RANGE
 
 extern struct pal_linux_state {
-    PAL_NUM parent_process_id;
     PAL_NUM process_id;
 
     const char** host_environ;
diff --git a/Pal/src/host/Linux-SGX/pal_security.h b/Pal/src/host/Linux-SGX/pal_security.h
@@ -13,7 +13,7 @@ typedef char PAL_SEC_STR[255];
 
 struct pal_sec {
     /* host credentials */
-    PAL_IDX ppid, pid, uid, gid;
+    PAL_IDX pid, uid, gid;
 
     /* enclave information */
     sgx_target_info_t qe_targetinfo;
@@ -25,7 +25,8 @@ struct pal_sec {
     /* remaining heap usable by application */
     PAL_PTR heap_min, heap_max;
 
-    /* child's stream FD created and sent over by parent */
+    /* Child's stream FD created and sent over by parent.
+     * If set to `PAL_IDX_POISON`, we have no parent (this is the first process). */
     PAL_IDX stream_fd;
 
     PAL_NUM online_logical_cores;
diff --git a/Pal/src/host/Linux-SGX/sgx_main.c b/Pal/src/host/Linux-SGX/sgx_main.c
@@ -1087,6 +1087,8 @@ int main(int argc, char* argv[], char* envp[]) {
         print_usage_and_exit(argv[0]);
     }
 
+    g_pal_enclave.pal_sec.stream_fd = PAL_IDX_POISON;
+
     if (first_process) {
         g_pal_enclave.is_first_process = true;
 
diff --git a/Pal/src/host/Linux-SGX/sgx_process.c b/Pal/src/host/Linux-SGX/sgx_process.c
@@ -25,7 +25,6 @@ extern char* g_pal_loader_path;
 extern char* g_libpal_path;
 
 struct proc_args {
-    unsigned int parent_process_id;
     int          stream_fd;
     size_t       application_path_size; // application path will follow this struct on the pipe.
     size_t       manifest_size; // manifest will follow application path on the pipe.
@@ -99,9 +98,7 @@ int sgx_create_process(size_t nargs, const char** args, int* stream_fd, const ch
     /* TODO: add error checking. */
     INLINE_SYSCALL(close, 1, fds[0]); /* child stream */
 
-    struct pal_sec* pal_sec = &g_pal_enclave.pal_sec;
     struct proc_args proc_args;
-    proc_args.parent_process_id = pal_sec->pid;
     proc_args.stream_fd         = fds[0];
     proc_args.application_path_size = strlen(g_pal_enclave.application_path);
     proc_args.manifest_size     = strlen(manifest);
@@ -191,7 +188,6 @@ int sgx_init_child_process(int parent_pipe_fd, struct pal_sec* pal_sec, char** a
         goto out;
     }
 
-    pal_sec->ppid        = proc_args.parent_process_id;
     pal_sec->stream_fd   = proc_args.stream_fd;
 
     *application_path_out = application_path;
diff --git a/Pal/src/host/Linux/db_main.c b/Pal/src/host/Linux/db_main.c
@@ -265,9 +265,6 @@ noreturn void pal_linux_main(void* initial_rsp, void* fini_callback) {
     g_linux_state.gid = g_gid;
     g_linux_state.process_id = g_linux_state.pid;
 
-    if (!g_linux_state.parent_process_id)
-        g_linux_state.parent_process_id = g_linux_state.process_id;
-
     PAL_HANDLE parent = NULL;
     char* manifest = NULL;
     uint64_t instance_id = 0;
diff --git a/Pal/src/host/Linux/db_process.c b/Pal/src/host/Linux/db_process.c
@@ -94,7 +94,6 @@ struct proc_param {
 };
 
 struct proc_args {
-    PAL_NUM         parent_process_id;
     uint64_t        instance_id;
     struct pal_sec  pal_sec;
 
@@ -168,7 +167,6 @@ int _DkProcessCreate(PAL_HANDLE* handle, const char** args) {
     }
 
     proc_args->instance_id = g_pal_state.instance_id;
-    proc_args->parent_process_id = g_linux_state.parent_process_id;
     memcpy(&proc_args->pal_sec, &g_pal_sec, sizeof(struct pal_sec));
     proc_args->memory_quota            = g_linux_state.memory_quota;
 
@@ -286,7 +284,6 @@ void init_child_process(int parent_pipe_fd, PAL_HANDLE* parent_handle, char** ma
     manifest[proc_args.manifest_data_size] = '\0';
     data_iter += proc_args.manifest_data_size;
 
-    g_linux_state.parent_process_id = proc_args.parent_process_id;
     g_linux_state.memory_quota = proc_args.memory_quota;
     memcpy(&g_pal_sec, &proc_args.pal_sec, sizeof(struct pal_sec));
 
diff --git a/Pal/src/host/Linux/pal_linux.h b/Pal/src/host/Linux/pal_linux.h
@@ -31,7 +31,6 @@ struct timespec;
 struct timeval;
 
 extern struct pal_linux_state {
-    PAL_NUM         parent_process_id;
     PAL_NUM         process_id;
 
 #ifdef DEBUG

Original file line number	Diff line number	Diff line change
`@@ -1087,6 +1087,8 @@ int main(int argc, char* argv[], char* envp[]) {`
`1087`	`1087`	`print_usage_and_exit(argv[0]);`
`1088`	`1088`	`}`
`1089`	`1089`
	`1090`	`+ g_pal_enclave.pal_sec.stream_fd = PAL_IDX_POISON;`
	`1091`	`+`
`1090`	`1092`	`if (first_process) {`
`1091`	`1093`	`g_pal_enclave.is_first_process = true;`
`1092`	`1094`