linux-sgx: Implement SGX IPFS as POSIX backend for file interaction (#1489)

This PR integrates an Intel SGX feature called Intel Protection File System Library (IPFS)
into the runtime to create, operate and delete files inside the enclave, while guaranteeing
the confidentiality and integrity of the data persisted. IPFS can be referred to here:
https://www.intel.com/content/www/us/en/developer/articles/technical/overview-of-intel-protected-file-system-library-using-software-guard-extensions.html

Introduce a cmake variable `WAMR_BUILD_SGX_IPFS`, when enabled, the files interaction
API of WASI will leverage IPFS, instead of the regular POSIX OCALLs. The implementation
has been written with light changes to sgx platform layer, so all the security aspects
WAMR relies on are conserved.

In addition to this integration, the following changes have been made:
 - The CI workflow has been adapted to test the compilation of the runtime and sample
    with the flag `WAMR_BUILD_SGX_IPFS` set to true
 - Introduction of a new sample that demonstrates the interaction of the files (called `file`),
 - Documentation of this new feature

doc/linux_sgx.md

@@ -195,6 +195,57 @@ typedef enum EcallCmd {
 };
 ```
 
+SGX Intel Protected File System
+-------------------------------
+Intel SGX introduced a feature called [Intel Protection File System Library (IPFS)](https://www.intel.com/content/www/us/en/developer/articles/technical/overview-of-intel-protected-file-system-library-using-software-guard-extensions.html) to create, operate and delete files inside the enclave.
+WAMR supports the mapping of IPFS on WASI functions related to file interactions, providing seamless persistence with confidentiality and integrity to the hosted WebAssembly applications in the enclave.
+
+The usage of SGX IPFS is an optional feature.
+To opt-in, the support of IPFS requires the following changes:
+ - set the flag `WAMR_BUILD_SGX_IPFS=1` when running `cmake`,
+ - the enclave must be linked with the trusted IPFS library (`-lsgx_tprotected_fs`),
+ - the application outside of the enclave must be linked with the untrusted IPFS library (`-lsgx_uprotected_fs`),
+ - the EDL file must include the following import statement:
+
+```edl
+from "sgx_tprotected_fs.edl" import *;
+```
+
+When using the [enclave-sample](../product-mini/platforms/linux-sgx/enclave-sample/) project, setting the flag `WAMR_BUILD_SGX_IPFS=1` when running `cmake` enables these changes automatically.
+
+
+### Verification of SGX IPFS
+One can observe the usage of IPFS by running the [file sample](../samples/file/) WebAssembly application.
+Enabling the SGX IPFS on this sample project leads to the generation of an encrypted text file.
+
+
+### Mapping of WASI/POSIX to IPFS
+This table summarizes how WASI is mapped to POSIX and IPFS.
+Since IPFS is a subset of the WASI/POSIX, emulation is performed to fill the missing implementation.
+
+| WASI                   | POSIX             | IPFS                                                                                                                    |
+|------------------------|-------------------|-------------------------------------------------------------------------------------------------------------------------|
+| `fd_read`              | `readv`           | `sgx_fread`                                                                                                             |
+| `fd_write`             | `writev`          | `sgx_fwrite`                                                                                                            |
+| `fd_close`             | `close`           | `sgx_fclose`                                                                                                            |
+| `path_open`            | `openat`          | `sgx_fopen`                                                                                                             |
+| `fd_datasync`          | `fsync`           | `sgx_fflush`                                                                                                            |
+| `fd_tell`              | `lseek`           | `sgx_ftell`                                                                                                             |
+| `fd_filestat_set_size` | `ftruncate`       | Shrinking files is not supported, nor emulated. Extending files is emulated using `sgx_fseek`/`sgx_ftell`/`sgx_fwrite`. |
+| `fd_seek`              | `lseek`           | The POSIX and IPFS behaviors differ. Emulated using `sgx_fseek`/`sgx_ftell`/`sgx_fwrite`.                               |
+| `fd_pwrite`            | `pwrite`          | Not supported. Emulated using `sgx_fseek`/`sgx_ftell`/`sgx_fwrite`.                                                     |
+| `fd_pread`             | `pread`           | Not supported. Emulated using `sgx_fseek`/`sgx_ftell`/`sgx_fread`.                                                      |
+| `fd_allocate`          | `posix_fallocate` | Not supported. Emulated using `sgx_fseek`/`sgx_ftell`/`sgx_fwrite`/`sgx_fflush`.                                        |
+
+
+### Performance overheads
+Many benchmarks have assessed the overheads caused by IPFS through WASI functions using Twine, an early and academic adaptation of WAMR in Intel SGX with WASI support.
+The results can be found in [this paper](https://arxiv.org/abs/2103.15860).
+
+### Limitations
+The threat model and the limitations of SGX IPFS can be found in [the official documentation](https://www.intel.com/content/dam/develop/external/us/en/documents/overviewofintelprotectedfilesystemlibrary.pdf).
+
+
 Others
 ------