fixup! [LibOS,Pal/Linux-SGX] Replace old protected files subsystem

gramineproject · May 10, 2022 · ab3971e · ab3971e
1 parent 9bae2b0
commit ab3971e
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 6 deletions.
diff --git a/Documentation/manifest-syntax.rst b/Documentation/manifest-syntax.rst
@@ -663,10 +663,10 @@ expected to be encrypted in the PF format). New files created in an encrypted
 mount are also automatically treated as encrypted.
 
 .. warning::
-   The current implementation assumes that each encrypted file is reachable
-   through a single path in Gramine. If the same encrypted file on host can be
-   reached through multiple paths in Gramine (e.g. because of host-level
-   symlinks, or multiple Gramine mounts), data loss may occur.
+   The current implementation assumes that ``type = "encrypted"`` mounts do not
+   overlap on host, i.e. there are no host files reachable through more than one
+   ``type = "encrypted"`` mount. Otherwise, changes made to such files might not
+   be correctly persisted by Gramine.
 
 Note that path size of an encrypted file is limited to 512 bytes and filename
 size is limited to 260 bytes.

diff --git a/LibOS/shim/include/shim_fs_encrypted.h b/LibOS/shim/include/shim_fs_encrypted.h
@@ -172,6 +172,8 @@ int encrypted_file_get_size(struct shim_encrypted_file* enc, file_off_t* out_siz
 int encrypted_file_set_size(struct shim_encrypted_file* enc, file_off_t size);
 
 int parse_pf_key(const char* key_str, pf_key_t* pf_key);
+
+/* TODO: This function is used only by a feature deprecated in v1.2, remove two versions later. */
 int dump_pf_key(const pf_key_t* pf_key, char* buf, size_t buf_size);
 
 #endif /* SHIM_FS_ENCRYPTED_ */
diff --git a/LibOS/shim/test/regression/attestation.c b/LibOS/shim/test/regression/attestation.c
@@ -143,8 +143,9 @@ static int write_key(const char* key) {
  * Test the deprecated `/dev/attestation/protected_files_key` file (and setting the initial key
  * using deprecated `sgx.insecure__protected_files_key` manifest syntax).
  *
- * TODO: remove this part of the test when these deprecated interfaces are removed. The new way of
- * setting keys (`/dev/attestation/keys`, `fs.insecure__keys`) is already tested in `keys.c`.
+ * TODO: remove this part of the test when these deprecated interfaces are removed (two versions
+ * after v1.2). The new way of setting keys (`/dev/attestation/keys`, `fs.insecure__keys`) is
+ * already tested in `keys.c`.
  */
 static int test_protected_files_key(void) {
     int ret = expect_key(MANIFEST_KEY);