sealing script
This commit is contained in:
parent
8533a53f19
commit
966819d0e6
GPG Key ID:
F1AB995E20FEADC5
35
build_sealing.sh
Executable file
35
build_sealing.sh
Executable file
@ -0,0 +1,35 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
set -e
|
||||||
|
|
||||||
|
SCRIPT=$0
|
||||||
|
EXEC=$1
|
||||||
|
|
||||||
|
occlum-cargo build --release --example sealing --features="occlum"
|
||||||
|
strip target/x86_64-unknown-linux-musl/release/examples/sealing
|
||||||
|
|
||||||
|
cat > sealing.yaml <<EOF
|
||||||
|
includes:
|
||||||
|
- base.yaml
|
||||||
|
targets:
|
||||||
|
- target: /bin
|
||||||
|
copy:
|
||||||
|
- files:
|
||||||
|
- ../target/x86_64-unknown-linux-musl/release/examples/sealing
|
||||||
|
- target: /lib
|
||||||
|
copy:
|
||||||
|
- files:
|
||||||
|
- /opt/occlum/toolchains/dcap_lib/musl/libocclum_dcap.so.0.1.0
|
||||||
|
EOF
|
||||||
|
|
||||||
|
rm -rf sealing_instance && mkdir sealing_instance && cd sealing_instance
|
||||||
|
occlum init && rm -rf image
|
||||||
|
cp ../Occlum.json ./
|
||||||
|
copy_bom -f ../sealing.yaml --root image --include-dir /opt/occlum/etc/template
|
||||||
|
# TODO: "--enable-edmm Y" must be only for platforms that support SGX2
|
||||||
|
# TODO: make sure the bundle needs SGX2 to run since SGX1 is vulnerable to https://x.com/PratyushRT/status/1828183761055330373
|
||||||
|
occlum build --sign-key ../examples/signing_key.pem
|
||||||
|
occlum package sealing.tar.gz
|
||||||
|
|
||||||
|
if [ "$EXEC" == "--run" ]; then
|
||||||
|
occlum run /bin/sealing
|
||||||
|
fi
|
||||||
Loading…
Reference in New Issue
Block a user