fixed ioctl bugs, added docs

2024-09-08 22:21:29 +03:00 · 2024-09-08 22:21:29 +03:00 · 075ccc2607
commit 075ccc2607
parent 924a443998
8 changed files with 66 additions and 21 deletions
--- a/.gitignore
+++ b/.gitignore
@ -3,4 +3,6 @@ target
 Cargo.lock
 client_instance
 server_instance
 client.yaml
 server.yaml
 lib
--- a/Cargo.toml
+++ b/Cargo.toml
@ -14,7 +14,7 @@ keywords = ["occlum", "rustls", "ratls"]
 [dependencies]
 rustls = "0.23"
 x509-parser = "0.16"
-occlum-sgx = "0.1" # get/verify quote
+#occlum-sgx = "0.1" # get/verify quote
 ring = "0.17" # hash256
 rcgen = "0.13"
 log = "0.4"
@ -26,13 +26,11 @@ hyper = "1.4.1"
 hyper-util = "0.1.7"
 hyper-rustls = { version = "0.27", features = ["http2"] }
 prost = "0.13"
 #cfg-if = "1.0"
 base64 = "0.22"
 lazy_static = "1.5"
 [dependencies.tonic]
 version = "0.12"
 #features = ["rustls-0_23"]
 optional = true
 [dependencies.actix-web]
--- a/README.md
+++ b/README.md
@ -23,6 +23,55 @@ and use the following command:
 83E8A0C3ED045D9747ADE06C3BFC70FCA661A4A65FF79A800223621162A88B76
 ```
 ## Docker Occlum runtime
 To run the project in Docker, you need to install the docker first.
 On Ubuntu, you can use the following commands:
 ```bash
 # Add docker official GPG key
 sudo apt update
 sudo apt install ca-certificates curl
 sudo install -m 0755 -d /etc/apt/keyrings
 sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
 sudo chmod a+r /etc/apt/keyrings/docker.asc
 # Add docker repository to apt sources
 echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
  $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
 sudo apt update
 # Install docker packages
 sudo apt install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
 # Add your user to the docker group
 sudo groupadd docker
 sudo usermod -aG docker $USER
 newgrp docker
 ```
 Next run the occlum image in the docker environment:
 ```bash
 docker run --rm -it --device /dev/sgx/enclave --device /dev/sgx/provision -v /path/to/occlum-ratls:/root/occlum-ratls occlum/occlum:latest-ubuntu20.04
 # Inside the docker container do env preparation
 rustup install stable-x86_64-unknown-linux-gnu
 rustup default stable
 rustup target add x86_64-unknown-linux-musl
 # edit /etc/sgx_default_qcnl.conf, so that the PCCS URL is set correctly
 # "pccs_url": "https://api.trustedservices.intel.com/sgx/certification/v4/"
 cd /root/occlum-ratls
 ./build_server.sh grpcs --run
 # In another terminal exec /bin/bash into the same container
 cd /root/occlum-ratls
 ./build_client.sh grpcs --run
 ```
 ## Running Examples
 Before running make sure you have installed the Occlum and the SGX driver.
@ -30,8 +79,10 @@ You should also have the Occlum Rust toolchain installed to get `occlum-cargo`.
 To test the project just run client and server scripts in different terminals:
 ```
-./build_server.sh
+
-./build_client.sh
+./build_server.sh grpcs --run
 ./build_client.sh grpcs --run
 ```
 ## Mutual RATLS examples
--- a/build_client.sh
+++ b/build_client.sh
@ -23,6 +23,10 @@ targets:
    copy:
      - files:
        - ../target/x86_64-unknown-linux-musl/release/examples/mratls_${EXAMPLE}_client
  - target: /lib
    copy:
      - files:
        - /opt/occlum/toolchains/dcap_lib/musl/libocclum_dcap.so.0.1.0
 EOF
 rm -rf client_instance && mkdir client_instance && cd client_instance
--- a/build_server.sh
+++ b/build_server.sh
@ -23,6 +23,10 @@ targets:
    copy:
      - files:
        - ../target/x86_64-unknown-linux-musl/release/examples/mratls_${EXAMPLE}_server
  - target: /lib
    copy:
      - files:
        - /opt/occlum/toolchains/dcap_lib/musl/libocclum_dcap.so.0.1.0
 EOF
 rm -rf server_instance && mkdir server_instance && cd server_instance
--- a/client.yaml
+++ b/client.yaml
@ -1,7 +0,0 @@
 includes:
  - base.yaml
 targets:
  - target: /bin
    copy:
      - files:
        - ../target/x86_64-unknown-linux-musl/debug/examples/mratls_https_client
--- a/server.yaml
+++ b/server.yaml
@ -1,7 +0,0 @@
 includes:
  - base.yaml
 targets:
  - target: /bin
    copy:
      - files:
        - ../target/x86_64-unknown-linux-musl/debug/examples/server
--- a/src/quote.rs
+++ b/src/quote.rs
@ -164,7 +164,7 @@ impl IoctlClient {
    fn handle(&mut self) -> Result<HandleType, RaTlsError> {
        if self.fd.is_null() {
            let handle = unsafe { dcap_quote_open() };
-            if self.fd.is_null() {
+            if handle.is_null() {
                return Err(RaTlsError::DcapError(
                    "Failed to open DCAP quote device".to_string(),
                ));
@ -176,7 +176,7 @@ impl IoctlClient {
    fn get_quote_size(&mut self) -> Result<u32, RaTlsError> {
        if self.quote_size.is_none() {
-            let size = unsafe { dcap_get_quote_size(self.fd) };
+            let size = unsafe { dcap_get_quote_size(self.handle()?) };
            trace!("DCAP quote size is {}", size);
            self.quote_size = Some(size);
        }