fn status()

in tools/sgx_tool/app/src/main.rs [93:188]

• 89 lines of code
• 7 McCabe index (conditional complexity)

fn status() {
    let cpuid = raw_cpuid::CpuId::new();
    println!(
        "Vendor: {}",
        cpuid
            .get_vendor_info()
            .as_ref()
            .map_or_else(|| "unknown", |vf| vf.as_str(),)
    );

    println!(
        "CPU Model: {:?}",
        cpuid
            .get_processor_brand_string()
            .as_ref()
            .map_or("n/a", |s| s.as_str())
    );

    println!("SGX: ");

    println!(
        "  Has SGX: {}",
        cpuid
            .get_extended_feature_info()
            .as_ref()
            .map_or_else(|| "n/a".to_string(), |ext| ext.has_sgx().to_string(),)
    );

    let sgx_info = cpuid.get_sgx_info();
    match sgx_info {
        Some(sgx_info) => {
            println!("  Has SGX1: {}", sgx_info.has_sgx1());
            println!("  Has SGX2: {}", sgx_info.has_sgx2());
            println!("  Supports ENCLV instruction leaves EINCVIRTCHILD, EDECVIRTCHILD, and ESETCONTEXT: {}", sgx_info.has_enclv_leaves_einvirtchild_edecvirtchild_esetcontext());
            println!(
                "  Supports ENCLS instruction leaves ETRACKC, ERDINFO, ELDBC, and ELDUC: {}",
                sgx_info.has_encls_leaves_etrackc_erdinfo_eldbc_elduc()
            );
            println!(
                "  Bit vector of supported extended SGX features: {:#010X}",
                sgx_info.miscselect()
            );
            println!(
                "  Maximum supported enclave size in non-64-bit mode: 2^{}",
                sgx_info.max_enclave_size_non_64bit()
            );
            println!(
                "  Maximum supported enclave size in 64-bit mode: 2^{}",
                sgx_info.max_enclave_size_64bit()
            );
            println!("  Bits of SECS.ATTRIBUTES[127:0] set with ECREATE: {:#018X} (lower) {:#018X} (upper)", sgx_info.secs_attributes().0, sgx_info.secs_attributes().1);
            for i in sgx_info.iter() {
                match i {
                    raw_cpuid::SgxSectionInfo::Epc(epc) => {
                        println!("  EPC physical base: {:#018X}", epc.physical_base());
                        println!(
                            "  EPC size: {:#018X} ({}M)",
                            epc.size(),
                            epc.size() / 1024 / 1024
                        );
                    }
                }
            }
        }
        None => println!("  Intel SGX: n/a"),
    }

    println!(
        "  Supports flexible launch control: {}",
        cpuid
            .get_extended_feature_info()
            .as_ref()
            .map_or_else(|| "n/a".to_string(), |ext| ext.has_sgx_lc().to_string(),)
    );

    println!(
        "  SGX device: /dev/sgx {}, /dev/isgx {}",
        std::path::Path::new("/dev/sgx").exists(),
        std::path::Path::new("/dev/isgx").exists()
    );
    println!(
        "  AESM service: {}",
        std::path::Path::new("/var/run/aesmd/aesm.socket").exists()
    );

    for module in &["isgx", "sgx", "intel_sgx"] {
        println!("\nKernel module ({}):", module);
        if process::Command::new("modinfo")
            .arg(module)
            .status()
            .is_err()
        {
            println!("failed to execute modinfo {}", module);
        }
    }
}