general/detee-sgx
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

added steps to build on non-SGX host

Browse Source
This commit is contained in:
Valentyn Faychuk 2024-09-08 22:56:02 +03:00
parent ae37dbec56
commit f5cf3fff44
Signed by: valy
GPG Key ID: F1AB995E20FEADC5
1 changed files with 33 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
README.md
View File

@ -23,7 +23,7 @@ and use the following command:
83E8A0C3ED045D9747ADE06C3BFC70FCA661A4A65FF79A800223621162A88B76
```
## Docker Occlum runtime
## Docker installation
To run the project in Docker, you need to install the docker first.
On Ubuntu, you can use the following commands:
@ -52,27 +52,46 @@ sudo usermod -aG docker $USER
newgrp docker
```
Next run the occlum image in the docker environment:
## Occlum docker instance
### On the build host (without SGX)
Run the occlum image in the docker environment:
```bash
docker run --rm -it --device /dev/sgx/enclave --device /dev/sgx/provision -v /path/to/occlum-ratls:/root/occlum-ratls occlum/occlum:latest-ubuntu20.04
# Inside the docker container do env preparation
# Notice that there is no SGX device mounted
docker run --rm -it -v /path/to/occlum-ratls:/root/occlum-ratls occlum/occlum:latest-ubuntu20.04
# Inside the docker container do env preparation to build the image
rustup install stable-x86_64-unknown-linux-gnu
rustup default stable
rustup target add x86_64-unknown-linux-musl
# edit /etc/sgx_default_qcnl.conf, so that the PCCS URL is set correctly
# "pccs_url": "https://api.trustedservices.intel.com/sgx/certification/v4/"
cd /root/occlum-ratls
./build_server.sh grpcs --run
# In another terminal exec /bin/bash into the same container
cd /root/occlum-ratls
./build_client.sh grpcs --run
# Build the server and the client
cd occlum-ratls
./build_server.sh grpcs
./build_client.sh grpcs
```
## Running Examples
This will produce 2 signed bundles, `server_instance/server.tar.gz` and `client_instance/client.tar.gz`.
### On the run host (with SGX)
```bash
docker run --rm -it --device /dev/sgx/enclave --device /dev/sgx/provision -v /path/to/tars:/root/run occlum/occlum:latest-ubuntu20.04
# IMPORTANT, edit /etc/sgx_default_qcnl.conf, so that the PCCS URL is set correctly
# "pccs_url": "https://api.trustedservices.intel.com/sgx/certification/v4/"
# Unpack the server and the client
cd run
tar -xzvf server.tar.gz
tar -xzvf client.tar.gz
# Run the server and the client (in two different terminals)
cd server && occlum run /bin/mratls_grpcs_server
cd client && occlum run /bin/mratls_grpcs_client
```
## Running Examples on the SGX host (locally)
Before running make sure you have installed the Occlum and the SGX driver.
You should also have the Occlum Rust toolchain installed to get `occlum-cargo`.