diff --git a/demos/golang/run_golang_on_occlum.sh b/demos/golang/run_golang_on_occlum.sh
index 0d10a858..2552c10e 100755
--- a/demos/golang/run_golang_on_occlum.sh
+++ b/demos/golang/run_golang_on_occlum.sh
@@ -16,7 +16,7 @@ fi
rm -rf occlum_context && mkdir occlum_context
cd occlum_context
occlum init
-jq '.vm.user_space_size = "380MB"' Occlum.json > temp_Occlum.json
+jq '.resource_limits.user_space_size = "380MB"' Occlum.json > temp_Occlum.json
jq '.process.default_mmap_size = "300MB"' temp_Occlum.json > Occlum.json
# 2. Copy program into Occlum Workspace and build
diff --git a/demos/openvino/run_benchmark_on_occlum.sh b/demos/openvino/run_benchmark_on_occlum.sh
index 8ad43951..4f17a702 100755
--- a/demos/openvino/run_benchmark_on_occlum.sh
+++ b/demos/openvino/run_benchmark_on_occlum.sh
@@ -9,7 +9,7 @@ rm -rf occlum_context
mkdir occlum_context
cd occlum_context
occlum init
-jq '.vm.user_space_size = "320MB"' Occlum.json > temp_Occlum.json
+jq '.resource_limits.user_space_size = "320MB"' Occlum.json > temp_Occlum.json
jq '.process.default_mmap_size = "256MB"' temp_Occlum.json > Occlum.json
# 2. Copy files into Occlum Workspace and Build
diff --git a/etc/template/Enclave.xml b/etc/template/Enclave.xml
deleted file mode 100644
index 6210e789..00000000
--- a/etc/template/Enclave.xml
+++ /dev/null
@@ -1,12 +0,0 @@
-
-
- 0
- 0
- 0x100000
- 0x2000000
- 32
- 1
- 0
- 0
- 0xFFFFFFFF
-
diff --git a/etc/template/Occlum.json b/etc/template/Occlum.json
index f551925e..f6de9e97 100644
--- a/etc/template/Occlum.json
+++ b/etc/template/Occlum.json
@@ -1,5 +1,13 @@
{
- "vm": {
+ "metadata": {
+ "product_id": 0,
+ "version_number": 0,
+ "debuggable": true
+ },
+ "resource_limits": {
+ "max_num_of_threads": 32,
+ "kernel_space_heap_size": "32MB",
+ "kernel_space_stack_size": "1MB",
"user_space_size": "256MB"
},
"process": {
@@ -41,4 +49,4 @@
"type": "ramfs"
}
]
-}
+}
\ No newline at end of file
diff --git a/src/libos/src/config.rs b/src/libos/src/config.rs
index 56ba103b..f90456fd 100644
--- a/src/libos/src/config.rs
+++ b/src/libos/src/config.rs
@@ -77,7 +77,7 @@ fn parse_mac(mac_str: &str) -> Result {
#[derive(Debug)]
pub struct Config {
- pub vm: ConfigVM,
+ pub resource_limits: ConfigResourceLimits,
pub process: ConfigProcess,
pub env: ConfigEnv,
pub entry_points: Vec,
@@ -85,7 +85,7 @@ pub struct Config {
}
#[derive(Debug)]
-pub struct ConfigVM {
+pub struct ConfigResourceLimits {
pub user_space_size: usize,
}
@@ -126,7 +126,7 @@ pub struct ConfigMountOptions {
impl Config {
fn from_input(input: &InputConfig) -> Result {
- let vm = ConfigVM::from_input(&input.vm)?;
+ let resource_limits = ConfigResourceLimits::from_input(&input.resource_limits)?;
let process = ConfigProcess::from_input(&input.process)?;
let env = ConfigEnv::from_input(&input.env)?;
let entry_points = {
@@ -148,7 +148,7 @@ impl Config {
mount
};
Ok(Config {
- vm,
+ resource_limits,
process,
env,
entry_points,
@@ -157,10 +157,10 @@ impl Config {
}
}
-impl ConfigVM {
- fn from_input(input: &InputConfigVM) -> Result {
+impl ConfigResourceLimits {
+ fn from_input(input: &InputConfigResourceLimits) -> Result {
let user_space_size = parse_memory_size(&input.user_space_size)?;
- Ok(ConfigVM { user_space_size })
+ Ok(ConfigResourceLimits { user_space_size })
}
}
@@ -262,7 +262,7 @@ fn parse_memory_size(mem_str: &str) -> Result {
#[serde(deny_unknown_fields)]
struct InputConfig {
#[serde(default)]
- pub vm: InputConfigVM,
+ pub resource_limits: InputConfigResourceLimits,
#[serde(default)]
pub process: InputConfigProcess,
#[serde(default)]
@@ -275,21 +275,21 @@ struct InputConfig {
#[derive(Deserialize, Debug)]
#[serde(deny_unknown_fields)]
-struct InputConfigVM {
- #[serde(default = "InputConfigVM::get_user_space_size")]
+struct InputConfigResourceLimits {
+ #[serde(default = "InputConfigResourceLimits::get_user_space_size")]
pub user_space_size: String,
}
-impl InputConfigVM {
+impl InputConfigResourceLimits {
fn get_user_space_size() -> String {
"128MB".to_string()
}
}
-impl Default for InputConfigVM {
- fn default() -> InputConfigVM {
- InputConfigVM {
- user_space_size: InputConfigVM::get_user_space_size(),
+impl Default for InputConfigResourceLimits {
+ fn default() -> InputConfigResourceLimits {
+ InputConfigResourceLimits {
+ user_space_size: InputConfigResourceLimits::get_user_space_size(),
}
}
}
diff --git a/test/Enclave.xml b/test/Enclave.xml
deleted file mode 100644
index 7d9f7639..00000000
--- a/test/Enclave.xml
+++ /dev/null
@@ -1,12 +0,0 @@
-
-
- 0
- 0
- 0x100000
- 0x2000000
- 8
- 1
- 0
- 0
- 0xFFFFFFFF
-
diff --git a/test/Makefile b/test/Makefile
index 866bb51e..9c3f3a89 100644
--- a/test/Makefile
+++ b/test/Makefile
@@ -55,7 +55,7 @@ prebuild:
@mkdir -p $(BUILD_DIR)/test
@cd $(BUILD_DIR)/test && \
$(BUILD_DIR)/bin/occlum init
- @cp Occlum.json Enclave.xml $(BUILD_DIR)/test/
+ @cp Occlum.json $(BUILD_DIR)/test/
$(BUILD_TARGETS): %:
@$(ECHO) "$(CYAN)BUILD TEST => $@$(NO_COLOR)"
diff --git a/test/Occlum.json b/test/Occlum.json
index 66b7ec89..cfc6da85 100644
--- a/test/Occlum.json
+++ b/test/Occlum.json
@@ -1,5 +1,13 @@
{
- "vm": {
+ "metadata": {
+ "product_id": 0,
+ "version_number": 0,
+ "debuggable": true
+ },
+ "resource_limits": {
+ "max_num_of_threads": 32,
+ "kernel_space_heap_size": "32MB",
+ "kernel_space_stack_size": "1MB",
"user_space_size": "128MB"
},
"process": {
diff --git a/tools/Makefile b/tools/Makefile
index 32a4188c..98bf9349 100644
--- a/tools/Makefile
+++ b/tools/Makefile
@@ -14,6 +14,7 @@ all:
@ln -s -f ../../tools/occlum-build-enclave ../$(BUILD_DIR)/bin/occlum-build-enclave
@ln -s -f ../../tools/occlum-gen-default-occlum-json ../$(BUILD_DIR)/bin/occlum-gen-default-occlum-json
@$(MAKE) --no-print-directory -C protect-integrity
+ @$(MAKE) --no-print-directory -C gen_enclave_conf
format:
@$(MAKE) --no-print-directory -C protect-integrity format
@@ -23,3 +24,4 @@ format-check:
clean:
@$(MAKE) --no-print-directory -C protect-integrity clean
+ @$(MAKE) --no-print-directory -C gen_enclave_conf clean
diff --git a/tools/gen_enclave_conf/.gitignore b/tools/gen_enclave_conf/.gitignore
new file mode 100644
index 00000000..ea8c4bf7
--- /dev/null
+++ b/tools/gen_enclave_conf/.gitignore
@@ -0,0 +1 @@
+/target
diff --git a/tools/gen_enclave_conf/Cargo.lock b/tools/gen_enclave_conf/Cargo.lock
new file mode 100644
index 00000000..1798e9cd
--- /dev/null
+++ b/tools/gen_enclave_conf/Cargo.lock
@@ -0,0 +1,342 @@
+# This file is automatically @generated by Cargo.
+# It is not intended for manual editing.
+[[package]]
+name = "aho-corasick"
+version = "0.7.10"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8716408b8bc624ed7f65d223ddb9ac2d044c0547b6fa4b0d554f3a9540496ada"
+dependencies = [
+ "memchr",
+]
+
+[[package]]
+name = "ansi_term"
+version = "0.11.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ee49baf6cb617b853aa8d93bf420db2383fab46d314482ca2803b40d5fde979b"
+dependencies = [
+ "winapi",
+]
+
+[[package]]
+name = "atty"
+version = "0.2.14"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d9b39be18770d11421cdb1b9947a45dd3f37e93092cbf377614828a319d5fee8"
+dependencies = [
+ "hermit-abi",
+ "libc",
+ "winapi",
+]
+
+[[package]]
+name = "bitflags"
+version = "1.2.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "cf1de2fe8c75bc145a2f577add951f8134889b4795d47466a54a5c846d691693"
+
+[[package]]
+name = "cfg-if"
+version = "0.1.10"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4785bdd1c96b2a846b2bd7cc02e86b6b3dbf14e7e53446c4f54c92a361040822"
+
+[[package]]
+name = "clap"
+version = "2.33.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "bdfa80d47f954d53a35a64987ca1422f495b8d6483c0fe9f7117b36c2a792129"
+dependencies = [
+ "ansi_term",
+ "atty",
+ "bitflags",
+ "strsim",
+ "textwrap",
+ "unicode-width",
+ "vec_map",
+]
+
+[[package]]
+name = "env_logger"
+version = "0.7.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "44533bbbb3bb3c1fa17d9f2e4e38bbbaf8396ba82193c4cb1b6445d711445d36"
+dependencies = [
+ "atty",
+ "humantime",
+ "log",
+ "regex",
+ "termcolor",
+]
+
+[[package]]
+name = "gen_enclave_conf"
+version = "0.1.0"
+dependencies = [
+ "clap",
+ "env_logger",
+ "log",
+ "regex",
+ "serde",
+ "serde-xml-rs",
+ "serde_derive",
+ "serde_json",
+]
+
+[[package]]
+name = "hermit-abi"
+version = "0.1.13"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "91780f809e750b0a89f5544be56617ff6b1227ee485bcb06ebe10cdf89bd3b71"
+dependencies = [
+ "libc",
+]
+
+[[package]]
+name = "humantime"
+version = "1.3.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "df004cfca50ef23c36850aaaa59ad52cc70d0e90243c3c7737a4dd32dc7a3c4f"
+dependencies = [
+ "quick-error",
+]
+
+[[package]]
+name = "itoa"
+version = "0.4.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b8b7a7c0c47db5545ed3fef7468ee7bb5b74691498139e4b3f6a20685dc6dd8e"
+
+[[package]]
+name = "lazy_static"
+version = "1.4.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646"
+
+[[package]]
+name = "libc"
+version = "0.2.70"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3baa92041a6fec78c687fa0cc2b3fae8884f743d672cf551bed1d6dac6988d0f"
+
+[[package]]
+name = "log"
+version = "0.4.8"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "14b6052be84e6b71ab17edffc2eeabf5c2c3ae1fdb464aae35ac50c67a44e1f7"
+dependencies = [
+ "cfg-if",
+]
+
+[[package]]
+name = "memchr"
+version = "2.3.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3728d817d99e5ac407411fa471ff9800a778d88a24685968b36824eaf4bee400"
+
+[[package]]
+name = "proc-macro2"
+version = "1.0.17"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1502d12e458c49a4c9cbff560d0fe0060c252bc29799ed94ca2ed4bb665a0101"
+dependencies = [
+ "unicode-xid",
+]
+
+[[package]]
+name = "quick-error"
+version = "1.2.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a1d01941d82fa2ab50be1e79e6714289dd7cde78eba4c074bc5a4374f650dfe0"
+
+[[package]]
+name = "quote"
+version = "1.0.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "54a21852a652ad6f610c9510194f398ff6f8692e334fd1145fed931f7fbe44ea"
+dependencies = [
+ "proc-macro2",
+]
+
+[[package]]
+name = "regex"
+version = "1.3.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a6020f034922e3194c711b82a627453881bc4682166cabb07134a10c26ba7692"
+dependencies = [
+ "aho-corasick",
+ "memchr",
+ "regex-syntax",
+ "thread_local",
+]
+
+[[package]]
+name = "regex-syntax"
+version = "0.6.17"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7fe5bd57d1d7414c6b5ed48563a2c855d995ff777729dcd91c369ec7fea395ae"
+
+[[package]]
+name = "ryu"
+version = "1.0.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ed3d612bc64430efeb3f7ee6ef26d590dce0c43249217bddc62112540c7941e1"
+
+[[package]]
+name = "serde"
+version = "1.0.110"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "99e7b308464d16b56eba9964e4972a3eee817760ab60d88c3f86e1fecb08204c"
+
+[[package]]
+name = "serde-xml-rs"
+version = "0.4.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "efe415925cf3d0bbb2fc47d09b56ce03eef51c5d56846468a39bcc293c7a846c"
+dependencies = [
+ "log",
+ "serde",
+ "thiserror",
+ "xml-rs",
+]
+
+[[package]]
+name = "serde_derive"
+version = "1.0.110"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "818fbf6bfa9a42d3bfcaca148547aa00c7b915bec71d1757aa2d44ca68771984"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn",
+]
+
+[[package]]
+name = "serde_json"
+version = "1.0.53"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "993948e75b189211a9b31a7528f950c6adc21f9720b6438ff80a7fa2f864cea2"
+dependencies = [
+ "itoa",
+ "ryu",
+ "serde",
+]
+
+[[package]]
+name = "strsim"
+version = "0.8.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8ea5119cdb4c55b55d432abb513a0429384878c15dde60cc77b1c99de1a95a6a"
+
+[[package]]
+name = "syn"
+version = "1.0.23"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "95b5f192649e48a5302a13f2feb224df883b98933222369e4b3b0fe2a5447269"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "unicode-xid",
+]
+
+[[package]]
+name = "termcolor"
+version = "1.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "bb6bfa289a4d7c5766392812c0a1f4c1ba45afa1ad47803c11e1f407d846d75f"
+dependencies = [
+ "winapi-util",
+]
+
+[[package]]
+name = "textwrap"
+version = "0.11.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d326610f408c7a4eb6f51c37c330e496b08506c9457c9d34287ecc38809fb060"
+dependencies = [
+ "unicode-width",
+]
+
+[[package]]
+name = "thiserror"
+version = "1.0.19"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b13f926965ad00595dd129fa12823b04bbf866e9085ab0a5f2b05b850fbfc344"
+dependencies = [
+ "thiserror-impl",
+]
+
+[[package]]
+name = "thiserror-impl"
+version = "1.0.19"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "893582086c2f98cde18f906265a65b5030a074b1046c674ae898be6519a7f479"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn",
+]
+
+[[package]]
+name = "thread_local"
+version = "1.0.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d40c6d1b69745a6ec6fb1ca717914848da4b44ae29d9b3080cbee91d72a69b14"
+dependencies = [
+ "lazy_static",
+]
+
+[[package]]
+name = "unicode-width"
+version = "0.1.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "caaa9d531767d1ff2150b9332433f32a24622147e5ebb1f26409d5da67afd479"
+
+[[package]]
+name = "unicode-xid"
+version = "0.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "826e7639553986605ec5979c7dd957c7895e93eabed50ab2ffa7f6128a75097c"
+
+[[package]]
+name = "vec_map"
+version = "0.8.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f1bddf1187be692e79c5ffeab891132dfb0f236ed36a43c7ed39f1165ee20191"
+
+[[package]]
+name = "winapi"
+version = "0.3.8"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8093091eeb260906a183e6ae1abdba2ef5ef2257a21801128899c3fc699229c6"
+dependencies = [
+ "winapi-i686-pc-windows-gnu",
+ "winapi-x86_64-pc-windows-gnu",
+]
+
+[[package]]
+name = "winapi-i686-pc-windows-gnu"
+version = "0.4.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6"
+
+[[package]]
+name = "winapi-util"
+version = "0.1.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "70ec6ce85bb158151cae5e5c87f95a8e97d2c0c4b001223f33a334e3ce5de178"
+dependencies = [
+ "winapi",
+]
+
+[[package]]
+name = "winapi-x86_64-pc-windows-gnu"
+version = "0.4.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f"
+
+[[package]]
+name = "xml-rs"
+version = "0.8.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b07db065a5cf61a7e4ba64f29e67db906fb1787316516c4e6e5ff0fea1efcd8a"
diff --git a/tools/gen_enclave_conf/Cargo.toml b/tools/gen_enclave_conf/Cargo.toml
new file mode 100644
index 00000000..087f08b0
--- /dev/null
+++ b/tools/gen_enclave_conf/Cargo.toml
@@ -0,0 +1,17 @@
+[package]
+name = "gen_enclave_conf"
+version = "0.1.0"
+authors = ["zongmin.gu "]
+edition = "2018"
+
+# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
+
+[dependencies]
+clap = "2.33"
+serde = "1.0"
+serde_json = "1.0"
+serde_derive = "1.0"
+log = "0.4"
+env_logger = "0.7"
+serde-xml-rs = "0.4"
+regex = "1"
\ No newline at end of file
diff --git a/tools/gen_enclave_conf/Makefile b/tools/gen_enclave_conf/Makefile
new file mode 100644
index 00000000..345ce4f9
--- /dev/null
+++ b/tools/gen_enclave_conf/Makefile
@@ -0,0 +1,21 @@
+include ../../src/sgxenv.mk
+
+SRC_FILES := $(shell find . -type f -name '*.rs') Cargo.toml
+RUST_TARGET_DIR := $(BUILD_DIR)/tools/genconf/cargo-target
+RUST_OUT_DIR := $(BUILD_DIR)/bin
+TARGET_BINARY := $(RUST_OUT_DIR)/gen_enclave_conf
+
+.PHONY: all clean
+
+all: $(SRC_FILES)
+ifeq ($(OCCLUM_RELEASE_BUILD), 1)
+ @RUSTC_BOOTSTRAP=1 cargo build --release --target-dir=$(RUST_TARGET_DIR) -Z unstable-options --out-dir=$(RUST_OUT_DIR)
+ @echo "CARGO (release) => gen_enclave_conf"
+else
+ @RUSTC_BOOTSTRAP=1 cargo build --target-dir=$(RUST_TARGET_DIR) -Z unstable-options --out-dir=$(RUST_OUT_DIR)
+ @echo "CARGO (debug) => gen_enclave_conf"
+endif
+
+clean:
+ @cargo clean --target-dir=$(RUST_TARGET_DIR)
+ @-$(RM) -f $(TARGET_BINARY)
diff --git a/tools/gen_enclave_conf/src/main.rs b/tools/gen_enclave_conf/src/main.rs
new file mode 100644
index 00000000..467c8a8b
--- /dev/null
+++ b/tools/gen_enclave_conf/src/main.rs
@@ -0,0 +1,178 @@
+extern crate clap;
+extern crate env_logger;
+extern crate log;
+extern crate regex;
+extern crate serde;
+extern crate serde_derive;
+extern crate serde_xml_rs;
+
+use clap::{App, Arg};
+use log::debug;
+use serde_derive::{Deserialize, Serialize};
+use std::fs::File;
+use std::io::Write;
+use std::path::Path;
+
+fn main() {
+ env_logger::init();
+
+ let matches = App::new("gen_enclave_conf")
+ .version("0.1.0")
+ .arg(
+ Arg::with_name("input")
+ .short("i")
+ .long("input")
+ .required(true)
+ .validator(|f| match Path::new(&f).exists() {
+ true => Ok(()),
+ false => {
+ let err_message = String::from(f) + " is not exist";
+ Err(err_message)
+ }
+ })
+ .takes_value(true),
+ )
+ .arg(
+ Arg::with_name("output")
+ .short("o")
+ .long("output")
+ .required(true)
+ .validator(|f| match File::create(f) {
+ Ok(_e) => Ok(()),
+ Err(e) => Err(e.to_string()),
+ })
+ .takes_value(true),
+ )
+ .get_matches();
+
+ let occlum_config_file_path = matches.value_of("input").unwrap();
+ debug!(
+ "Occlum config (json) file name {:?}",
+ occlum_config_file_path
+ );
+
+ let enclave_config_file_path = matches.value_of("output").unwrap();
+ debug!(
+ "Enclave config (xml) file name {:?}",
+ enclave_config_file_path
+ );
+
+ // Read the occlum configuration file
+ let occlum_config_file =
+ File::open(occlum_config_file_path).expect("The Occlum configuration file does not exist");
+ let occlum_config: OcclumConfiguration = serde_json::from_reader(occlum_config_file)
+ .expect("It is not a valid Occlum configuration file.");
+ debug!("The occlum config is:{:?}", occlum_config);
+
+ // get the kernel stack size
+ let stack_max_size = parse_memory_size(&occlum_config.resource_limits.kernel_space_stack_size);
+ if stack_max_size.is_err() {
+ println!(
+ "The kernel_space_stack_size \"{}\" is not correct.",
+ occlum_config.resource_limits.kernel_space_stack_size
+ );
+ return;
+ }
+
+ // get the kernel heap size
+ let heap_max_size = parse_memory_size(&occlum_config.resource_limits.kernel_space_heap_size);
+ if heap_max_size.is_err() {
+ println!(
+ "The kernel_space_heap_size \"{}\" is not correct.",
+ occlum_config.resource_limits.kernel_space_heap_size
+ );
+ return;
+ }
+
+ let sgx_enclave_configuration = EnclaveConfiguration {
+ ProdID: occlum_config.metadata.product_id,
+ ISVSVN: occlum_config.metadata.version_number,
+ StackMaxSize: stack_max_size.unwrap() as u64,
+ HeapMaxSize: heap_max_size.unwrap() as u64,
+ TCSNum: occlum_config.resource_limits.max_num_of_threads,
+ TCSPolicy: 1,
+ DisableDebug: match occlum_config.metadata.debuggable {
+ true => 0,
+ false => 1,
+ },
+ MiscSelect: "0".to_string(),
+ MiscMask: "0xFFFFFFFF".to_string(),
+ };
+
+ // Generate the enclave configuration
+ let enclave_config = serde_xml_rs::to_string(&sgx_enclave_configuration).unwrap();
+ debug!("The enclave config:{:?}", enclave_config);
+
+ // Update the output file
+ let mut enclave_config_file = File::create(enclave_config_file_path)
+ .expect("Could not open the target Enclave configuration file.");
+ enclave_config_file
+ .write_all(enclave_config.as_bytes())
+ .expect("Failed to update the Enclave configuration file.");
+}
+
+fn parse_memory_size(mem_str: &str) -> Result {
+ const UNIT2FACTOR: [(&str, usize); 5] = [
+ ("KB", 1024),
+ ("MB", 1024 * 1024),
+ ("GB", 1024 * 1024 * 1024),
+ ("TB", 1024 * 1024 * 1024 * 1024),
+ ("B", 1),
+ ];
+
+ // Extract the unit part of the memory size
+ let mem_str = mem_str.trim();
+ let (mem_unit, unit_factor) = UNIT2FACTOR
+ .iter()
+ .position(|(mem_unit, _)| mem_str.ends_with(mem_unit))
+ .ok_or_else(|| "No unit")
+ .map(|unit_i| &UNIT2FACTOR[unit_i])?;
+
+ // Extract the value part of the memory size
+ let mem_val = match mem_str[0..mem_str.len() - mem_unit.len()]
+ .trim()
+ .parse::()
+ {
+ Err(_) => {
+ return Err("No number");
+ }
+ Ok(mem_val) => mem_val,
+ };
+
+ Ok(mem_val * unit_factor)
+}
+
+#[derive(Debug, PartialEq, Deserialize)]
+struct OcclumConfiguration {
+ metadata: OcclumMetadata,
+ resource_limits: OcclumResourceLimits,
+}
+
+#[derive(Debug, PartialEq, Deserialize)]
+struct OcclumMetadata {
+ product_id: u32,
+ version_number: u32,
+ debuggable: bool,
+}
+
+#[derive(Debug, PartialEq, Deserialize)]
+struct OcclumResourceLimits {
+ max_num_of_threads: u32,
+ kernel_space_heap_size: String,
+ kernel_space_stack_size: String,
+ user_space_size: String,
+}
+
+#[allow(non_snake_case)]
+#[derive(Debug, PartialEq, Serialize)]
+struct EnclaveConfiguration {
+ ProdID: u32,
+ ISVSVN: u32,
+ StackMaxSize: u64,
+ HeapMaxSize: u64,
+ TCSNum: u32,
+ TCSPolicy: u32,
+ DisableDebug: u32,
+ MiscSelect: String,
+ MiscMask: String,
+}
diff --git a/tools/occlum b/tools/occlum
index 9d522295..351cd926 100755
--- a/tools/occlum
+++ b/tools/occlum
@@ -62,7 +62,7 @@ get_conf_default_mmap_size() {
get_conf_user_space_size() {
cat "$working_dir/Occlum.json" | \
- python -c "import sys, json; print json.load(sys.stdin)['vm']['user_space_size']"
+ python -c "import sys, json; print json.load(sys.stdin)['resource_limits']['user_space_size']"
}
get_conf_env() {
@@ -128,9 +128,7 @@ cmd_init() {
"$occlum_gcc_lib/libgcc_s.so.1" \
"$occlum_gcc_lib/libgomp.so.1"
- cp "$occlum_dir"/etc/template/Enclave.xml "$working_dir"/
cp "$occlum_dir"/etc/template/Occlum.json "$working_dir"/
- chmod 644 "$working_dir"/Enclave.xml
chmod 644 "$working_dir"/Occlum.json
echo "Initialized an Occlum context in $working_dir"
@@ -211,11 +209,14 @@ cmd_build() {
cd src/libos && \
make clean-builtin && \
make "$context_dir/build/lib/libocclum-libos.so" ONLY_REBUILD_BUILTIN=1 CONTEXT=1
+
+ $occlum_dir/$build_dir/bin/gen_enclave_conf -i "$working_dir/Occlum.json" -o "$context_dir/build/Enclave.xml"
$ENCLAVE_SIGN_TOOL sign \
-key $ENCLAVE_SIGN_KEY \
- -config "$working_dir/Enclave.xml" \
+ -config "$context_dir/build/Enclave.xml" \
-enclave "$context_dir/build/lib/libocclum-libos.so" \
-out "$context_dir/build/lib/libocclum-libos.signed.so"
+ rm -f "$context_dir/build/Enclave.xml"
cd "$context_dir"
echo "built" > status
diff --git a/tools/occlum-build-enclave b/tools/occlum-build-enclave
index 72e78a93..2ef86cda 100755
--- a/tools/occlum-build-enclave
+++ b/tools/occlum-build-enclave
@@ -7,8 +7,7 @@ project_dir="$( cd "$( dirname "$this_dir/../../../" )" >/dev/null 2>&1 && pwd
SGX_SDK="${SGX_SDK:-/opt/intel/sgxsdk}"
occlum_conf_json_path=$1
-enclave_conf_xml_path=$2
-enclave_key_pem_path=$3
+enclave_key_pem_path=$2
protected_occlum_conf_json_path=`basename $occlum_conf_json_path`".protected"
occlum_conf_file_mac=
@@ -18,7 +17,7 @@ occlum_user_space_size=
report_arg_error() {
echo $1
echo ""
- echo "Usage: occlum-build-enclave Occlum.json Enclave.xml Enclave.pem"
+ echo "Usage: occlum-build-enclave Occlum.json Enclave.pem"
}
protect_occlum_json() {
@@ -44,6 +43,11 @@ build_enclave_so() {
make
}
+generate_enclave_config() {
+ cd $working_dir
+ "$project_dir/tools/bin/gen_enclave_conf" -i $occlum_conf_json_path -o "enclave.config.xml"
+}
+
sign_enclave_so() {
cd $working_dir
rm -f libocclum-libos.signed.so
@@ -52,7 +56,8 @@ sign_enclave_so() {
-key $enclave_key_pem_path \
-enclave $enclave_so_path \
-out "libocclum-libos.signed.so" \
- -config $enclave_conf_xml_path
+ -config enclave.config.xml
+ rm -f enclave.config.xml
}
# ===========================================================================
@@ -88,6 +93,6 @@ export OCCLUM_BUILTIN_VM_USER_SPACE_SIZE=`print_occlum_user_space_size`
echo "EXPORT => OCCLUM_BUILTIN_VM_USER_SPACE_SIZE = $OCCLUM_BUILTIN_VM_USER_SPACE_SIZE"
build_enclave_so
-
+generate_enclave_config
sign_enclave_so
echo "SIGN => libocclum-libos.signed.so"
diff --git a/tools/occlum-gen-default-occlum-json b/tools/occlum-gen-default-occlum-json
index 8f0c55e1..0aa0497a 100755
--- a/tools/occlum-gen-default-occlum-json
+++ b/tools/occlum-gen-default-occlum-json
@@ -6,7 +6,7 @@ fi
cat <