Auto merge of #101442 - joboet:null_check_tcs, r=thomcc

Check if TCS is a null pointer on SGX The `EENTER` instruction only checks if the TCS is aligned, not if it zero. Saying the address returned is a `NonNull<u8>` (for which `Tcs` is a type alias) is unsound. As well-behaved runners will not put the TCS at address zero, so the definition of `Tcs` is correct. However, `std` should check the address before casting it to a `NonNull`. ping `@jethrogb` `@raoulstrackx` `@rustbot` label I-unsound
2022-09-11 22:19:24 +00:00 · 2022-09-11 22:19:24 +00:00 · 98e1f041b6
commit 98e1f041b6
parent 59e7a308e4 2fa58080cb
1 changed files with 6 additions and 2 deletions
--- a/library/std/src/sys/sgx/abi/thread.rs
+++ b/library/std/src/sys/sgx/abi/thread.rs
@ -7,7 +7,11 @@ use fortanix_sgx_abi::Tcs;
 #[unstable(feature = "sgx_platform", issue = "56975")]
 pub fn current() -> Tcs {
    extern "C" {
-        fn get_tcs_addr() -> Tcs;
+        fn get_tcs_addr() -> *mut u8;
+    }
+    let addr = unsafe { get_tcs_addr() };
+    match Tcs::new(addr) {
+        Some(tcs) => tcs,
+        None => rtabort!("TCS must not be placed at address zero (this is a linker error)"),
    }
-    unsafe { get_tcs_addr() }
 }