general/detee-sgx
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

added steps to build on non-SGX host

Browse Source
This commit is contained in:
Valentyn Faychuk 2024-09-08 22:56:02 +03:00
parent ae37dbec56
commit f5cf3fff44
Signed by: valy
GPG Key ID: F1AB995E20FEADC5
1 changed files with 33 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
README.md
View File

@ -23,7 +23,7 @@ and use the following command:
83E8A0C3ED045D9747ADE06C3BFC70FCA661A4A65FF79A800223621162A88B76 83E8A0C3ED045D9747ADE06C3BFC70FCA661A4A65FF79A800223621162A88B76
``` ```
## Docker Occlum runtime ## Docker installation
To run the project in Docker, you need to install the docker first. To run the project in Docker, you need to install the docker first.
On Ubuntu, you can use the following commands: On Ubuntu, you can use the following commands:
@ -52,27 +52,46 @@ sudo usermod -aG docker $USER
newgrp docker newgrp docker
``` ```
Next run the occlum image in the docker environment: ## Occlum docker instance
### On the build host (without SGX)
Run the occlum image in the docker environment:
```bash ```bash
docker run --rm -it --device /dev/sgx/enclave --device /dev/sgx/provision -v /path/to/occlum-ratls:/root/occlum-ratls occlum/occlum:latest-ubuntu20.04 # Notice that there is no SGX device mounted
docker run --rm -it -v /path/to/occlum-ratls:/root/occlum-ratls occlum/occlum:latest-ubuntu20.04
# Inside the docker container do env preparation # Inside the docker container do env preparation to build the image
rustup install stable-x86_64-unknown-linux-gnu rustup install stable-x86_64-unknown-linux-gnu
rustup default stable rustup default stable
rustup target add x86_64-unknown-linux-musl rustup target add x86_64-unknown-linux-musl
# edit /etc/sgx_default_qcnl.conf, so that the PCCS URL is set correctly
# "pccs_url": "https://api.trustedservices.intel.com/sgx/certification/v4/"
cd /root/occlum-ratls # Build the server and the client
./build_server.sh grpcs --run cd occlum-ratls
./build_server.sh grpcs
# In another terminal exec /bin/bash into the same container ./build_client.sh grpcs
cd /root/occlum-ratls
./build_client.sh grpcs --run
``` ```
## Running Examples This will produce 2 signed bundles, `server_instance/server.tar.gz` and `client_instance/client.tar.gz`.
### On the run host (with SGX)
```bash
docker run --rm -it --device /dev/sgx/enclave --device /dev/sgx/provision -v /path/to/tars:/root/run occlum/occlum:latest-ubuntu20.04
# IMPORTANT, edit /etc/sgx_default_qcnl.conf, so that the PCCS URL is set correctly
# "pccs_url": "https://api.trustedservices.intel.com/sgx/certification/v4/"
# Unpack the server and the client
cd run
tar -xzvf server.tar.gz
tar -xzvf client.tar.gz
# Run the server and the client (in two different terminals)
cd server && occlum run /bin/mratls_grpcs_server
cd client && occlum run /bin/mratls_grpcs_client
```
## Running Examples on the SGX host (locally)
Before running make sure you have installed the Occlum and the SGX driver. Before running make sure you have installed the Occlum and the SGX driver.
You should also have the Occlum Rust toolchain installed to get `occlum-cargo`. You should also have the Occlum Rust toolchain installed to get `occlum-cargo`.