general/occlum
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Combine the enclave configuration into the occlum configuration file

Browse Source 
Update the occlum.json to align with the gen_enclave_conf design.
Below is the two updated structures:
   "metadata": {
        "product_id": 0,
        "version_number": 0,
        "debuggable": true
    },
    "resource_limits": {
        "max_num_of_threads": 32,
        "kernel_space_heap_size": "32MB",
        "kernel_space_stack_size": "1MB",
        "user_space_size": "256MB"
    }
This commit is contained in:
zongmin.gu 2020-05-24 13:18:33 +08:00 committed by tate.thl
parent c87ce9dd34
commit 942321363d
17 changed files with 614 additions and 55 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
demos/golang/run_golang_on_occlum.sh
View File

@ -16,7 +16,7 @@ fi
rm -rf occlum_context && mkdir occlum_context
cd occlum_context
occlum init
jq '.vm.user_space_size = "380MB"' Occlum.json > temp_Occlum.json
jq '.resource_limits.user_space_size = "380MB"' Occlum.json > temp_Occlum.json
jq '.process.default_mmap_size = "300MB"' temp_Occlum.json > Occlum.json
# 2. Copy program into Occlum Workspace and build

2
demos/openvino/run_benchmark_on_occlum.sh
View File

@ -9,7 +9,7 @@ rm -rf occlum_context
mkdir occlum_context
cd occlum_context
occlum init
jq '.vm.user_space_size = "320MB"' Occlum.json > temp_Occlum.json
jq '.resource_limits.user_space_size = "320MB"' Occlum.json > temp_Occlum.json
jq '.process.default_mmap_size = "256MB"' temp_Occlum.json > Occlum.json
# 2. Copy files into Occlum Workspace and Build

12
etc/template/Enclave.xml
View File

@ -1,12 +0,0 @@
<!-- Please refer to User's Guide for the explanation of each field -->
<EnclaveConfiguration>
<ProdID>0</ProdID>
<ISVSVN>0</ISVSVN>
<StackMaxSize>0x100000</StackMaxSize>
<HeapMaxSize>0x2000000</HeapMaxSize>
<TCSNum>32</TCSNum>
<TCSPolicy>1</TCSPolicy>
<DisableDebug>0</DisableDebug>
<MiscSelect>0</MiscSelect>
<MiscMask>0xFFFFFFFF</MiscMask>
</EnclaveConfiguration>

10
etc/template/Occlum.json
View File

@ -1,5 +1,13 @@
{
"vm": {
"metadata": {
"product_id": 0,
"version_number": 0,
"debuggable": true
},
"resource_limits": {
"max_num_of_threads": 32,
"kernel_space_heap_size": "32MB",
"kernel_space_stack_size": "1MB",
"user_space_size": "256MB"
},
"process": {

30
src/libos/src/config.rs
View File

@ -77,7 +77,7 @@ fn parse_mac(mac_str: &str) -> Result<sgx_aes_gcm_128bit_tag_t> {
#[derive(Debug)]
pub struct Config {
pub vm: ConfigVM,
pub resource_limits: ConfigResourceLimits,
pub process: ConfigProcess,
pub env: ConfigEnv,
pub entry_points: Vec<PathBuf>,
@ -85,7 +85,7 @@ pub struct Config {
}
#[derive(Debug)]
pub struct ConfigVM {
pub struct ConfigResourceLimits {
pub user_space_size: usize,
}
@ -126,7 +126,7 @@ pub struct ConfigMountOptions {
impl Config {
fn from_input(input: &InputConfig) -> Result<Config> {
let vm = ConfigVM::from_input(&input.vm)?;
let resource_limits = ConfigResourceLimits::from_input(&input.resource_limits)?;
let process = ConfigProcess::from_input(&input.process)?;
let env = ConfigEnv::from_input(&input.env)?;
let entry_points = {
@ -148,7 +148,7 @@ impl Config {
mount
};
Ok(Config {
vm,
resource_limits,
process,
env,
entry_points,
@ -157,10 +157,10 @@ impl Config {
}
}
impl ConfigVM {
fn from_input(input: &InputConfigVM) -> Result<ConfigVM> {
impl ConfigResourceLimits {
fn from_input(input: &InputConfigResourceLimits) -> Result<ConfigResourceLimits> {
let user_space_size = parse_memory_size(&input.user_space_size)?;
Ok(ConfigVM { user_space_size })
Ok(ConfigResourceLimits { user_space_size })
}
}
@ -262,7 +262,7 @@ fn parse_memory_size(mem_str: &str) -> Result<usize> {
#[serde(deny_unknown_fields)]
struct InputConfig {
#[serde(default)]
pub vm: InputConfigVM,
pub resource_limits: InputConfigResourceLimits,
#[serde(default)]
pub process: InputConfigProcess,
#[serde(default)]
@ -275,21 +275,21 @@ struct InputConfig {
#[derive(Deserialize, Debug)]
#[serde(deny_unknown_fields)]
struct InputConfigVM {
#[serde(default = "InputConfigVM::get_user_space_size")]
struct InputConfigResourceLimits {
#[serde(default = "InputConfigResourceLimits::get_user_space_size")]
pub user_space_size: String,
}
impl InputConfigVM {
impl InputConfigResourceLimits {
fn get_user_space_size() -> String {
"128MB".to_string()
}
}
impl Default for InputConfigVM {
fn default() -> InputConfigVM {
InputConfigVM {
user_space_size: InputConfigVM::get_user_space_size(),
impl Default for InputConfigResourceLimits {
fn default() -> InputConfigResourceLimits {
InputConfigResourceLimits {
user_space_size: InputConfigResourceLimits::get_user_space_size(),
}
}
}

12
test/Enclave.xml
View File

@ -1,12 +0,0 @@
<!-- Please refer to User's Guide for the explanation of each field -->
<EnclaveConfiguration>
<ProdID>0</ProdID>
<ISVSVN>0</ISVSVN>
<StackMaxSize>0x100000</StackMaxSize>
<HeapMaxSize>0x2000000</HeapMaxSize>
<TCSNum>8</TCSNum>
<TCSPolicy>1</TCSPolicy>
<DisableDebug>0</DisableDebug>
<MiscSelect>0</MiscSelect>
<MiscMask>0xFFFFFFFF</MiscMask>
</EnclaveConfiguration>

2
test/Makefile
View File

@ -55,7 +55,7 @@ prebuild:
@mkdir -p $(BUILD_DIR)/test
@cd $(BUILD_DIR)/test && \
$(BUILD_DIR)/bin/occlum init
@cp Occlum.json Enclave.xml $(BUILD_DIR)/test/
@cp Occlum.json $(BUILD_DIR)/test/
$(BUILD_TARGETS): %:
@$(ECHO) "$(CYAN)BUILD TEST => $@$(NO_COLOR)"

10
test/Occlum.json
View File

@ -1,5 +1,13 @@
{
"vm": {
"metadata": {
"product_id": 0,
"version_number": 0,
"debuggable": true
},
"resource_limits": {
"max_num_of_threads": 32,
"kernel_space_heap_size": "32MB",
"kernel_space_stack_size": "1MB",
"user_space_size": "128MB"
},
"process": {

2
tools/Makefile
View File

@ -14,6 +14,7 @@ all:
@ln -s -f ../../tools/occlum-build-enclave ../$(BUILD_DIR)/bin/occlum-build-enclave
@ln -s -f ../../tools/occlum-gen-default-occlum-json ../$(BUILD_DIR)/bin/occlum-gen-default-occlum-json
@$(MAKE) --no-print-directory -C protect-integrity
@$(MAKE) --no-print-directory -C gen_enclave_conf
format:
@$(MAKE) --no-print-directory -C protect-integrity format
@ -23,3 +24,4 @@ format-check:
clean:
@$(MAKE) --no-print-directory -C protect-integrity clean
@$(MAKE) --no-print-directory -C gen_enclave_conf clean

1
tools/gen_enclave_conf/.gitignore vendored Normal file
View File

@ -0,0 +1 @@
/target

342
tools/gen_enclave_conf/Cargo.lock generated Normal file
View File

@ -0,0 +1,342 @@
# This file is automatically @generated by Cargo.
# It is not intended for manual editing.
[[package]]
name = "aho-corasick"
version = "0.7.10"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8716408b8bc624ed7f65d223ddb9ac2d044c0547b6fa4b0d554f3a9540496ada"
dependencies = [
"memchr",
]
[[package]]
name = "ansi_term"
version = "0.11.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ee49baf6cb617b853aa8d93bf420db2383fab46d314482ca2803b40d5fde979b"
dependencies = [
"winapi",
]
[[package]]
name = "atty"
version = "0.2.14"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d9b39be18770d11421cdb1b9947a45dd3f37e93092cbf377614828a319d5fee8"
dependencies = [
"hermit-abi",
"libc",
"winapi",
]
[[package]]
name = "bitflags"
version = "1.2.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "cf1de2fe8c75bc145a2f577add951f8134889b4795d47466a54a5c846d691693"
[[package]]
name = "cfg-if"
version = "0.1.10"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4785bdd1c96b2a846b2bd7cc02e86b6b3dbf14e7e53446c4f54c92a361040822"
[[package]]
name = "clap"
version = "2.33.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bdfa80d47f954d53a35a64987ca1422f495b8d6483c0fe9f7117b36c2a792129"
dependencies = [
"ansi_term",
"atty",
"bitflags",
"strsim",
"textwrap",
"unicode-width",
"vec_map",
]
[[package]]
name = "env_logger"
version = "0.7.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "44533bbbb3bb3c1fa17d9f2e4e38bbbaf8396ba82193c4cb1b6445d711445d36"
dependencies = [
"atty",
"humantime",
"log",
"regex",
"termcolor",
]
[[package]]
name = "gen_enclave_conf"
version = "0.1.0"
dependencies = [
"clap",
"env_logger",
"log",
"regex",
"serde",
"serde-xml-rs",
"serde_derive",
"serde_json",
]
[[package]]
name = "hermit-abi"
version = "0.1.13"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "91780f809e750b0a89f5544be56617ff6b1227ee485bcb06ebe10cdf89bd3b71"
dependencies = [
"libc",
]
[[package]]
name = "humantime"
version = "1.3.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "df004cfca50ef23c36850aaaa59ad52cc70d0e90243c3c7737a4dd32dc7a3c4f"
dependencies = [
"quick-error",
]
[[package]]
name = "itoa"
version = "0.4.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b8b7a7c0c47db5545ed3fef7468ee7bb5b74691498139e4b3f6a20685dc6dd8e"
[[package]]
name = "lazy_static"
version = "1.4.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646"
[[package]]
name = "libc"
version = "0.2.70"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3baa92041a6fec78c687fa0cc2b3fae8884f743d672cf551bed1d6dac6988d0f"
[[package]]
name = "log"
version = "0.4.8"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "14b6052be84e6b71ab17edffc2eeabf5c2c3ae1fdb464aae35ac50c67a44e1f7"
dependencies = [
"cfg-if",
]
[[package]]
name = "memchr"
version = "2.3.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3728d817d99e5ac407411fa471ff9800a778d88a24685968b36824eaf4bee400"
[[package]]
name = "proc-macro2"
version = "1.0.17"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1502d12e458c49a4c9cbff560d0fe0060c252bc29799ed94ca2ed4bb665a0101"
dependencies = [
"unicode-xid",
]
[[package]]
name = "quick-error"
version = "1.2.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a1d01941d82fa2ab50be1e79e6714289dd7cde78eba4c074bc5a4374f650dfe0"
[[package]]
name = "quote"
version = "1.0.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "54a21852a652ad6f610c9510194f398ff6f8692e334fd1145fed931f7fbe44ea"
dependencies = [
"proc-macro2",
]
[[package]]
name = "regex"
version = "1.3.7"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a6020f034922e3194c711b82a627453881bc4682166cabb07134a10c26ba7692"
dependencies = [
"aho-corasick",
"memchr",
"regex-syntax",
"thread_local",
]
[[package]]
name = "regex-syntax"
version = "0.6.17"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7fe5bd57d1d7414c6b5ed48563a2c855d995ff777729dcd91c369ec7fea395ae"
[[package]]
name = "ryu"
version = "1.0.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ed3d612bc64430efeb3f7ee6ef26d590dce0c43249217bddc62112540c7941e1"
[[package]]
name = "serde"
version = "1.0.110"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "99e7b308464d16b56eba9964e4972a3eee817760ab60d88c3f86e1fecb08204c"
[[package]]
name = "serde-xml-rs"
version = "0.4.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "efe415925cf3d0bbb2fc47d09b56ce03eef51c5d56846468a39bcc293c7a846c"
dependencies = [
"log",
"serde",
"thiserror",
"xml-rs",
]
[[package]]
name = "serde_derive"
version = "1.0.110"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "818fbf6bfa9a42d3bfcaca148547aa00c7b915bec71d1757aa2d44ca68771984"
dependencies = [
"proc-macro2",
"quote",
"syn",
]
[[package]]
name = "serde_json"
version = "1.0.53"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "993948e75b189211a9b31a7528f950c6adc21f9720b6438ff80a7fa2f864cea2"
dependencies = [
"itoa",
"ryu",
"serde",
]
[[package]]
name = "strsim"
version = "0.8.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8ea5119cdb4c55b55d432abb513a0429384878c15dde60cc77b1c99de1a95a6a"
[[package]]
name = "syn"
version = "1.0.23"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "95b5f192649e48a5302a13f2feb224df883b98933222369e4b3b0fe2a5447269"
dependencies = [
"proc-macro2",
"quote",
"unicode-xid",
]
[[package]]
name = "termcolor"
version = "1.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bb6bfa289a4d7c5766392812c0a1f4c1ba45afa1ad47803c11e1f407d846d75f"
dependencies = [
"winapi-util",
]
[[package]]
name = "textwrap"
version = "0.11.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d326610f408c7a4eb6f51c37c330e496b08506c9457c9d34287ecc38809fb060"
dependencies = [
"unicode-width",
]
[[package]]
name = "thiserror"
version = "1.0.19"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b13f926965ad00595dd129fa12823b04bbf866e9085ab0a5f2b05b850fbfc344"
dependencies = [
"thiserror-impl",
]
[[package]]
name = "thiserror-impl"
version = "1.0.19"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "893582086c2f98cde18f906265a65b5030a074b1046c674ae898be6519a7f479"
dependencies = [
"proc-macro2",
"quote",
"syn",
]
[[package]]
name = "thread_local"
version = "1.0.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d40c6d1b69745a6ec6fb1ca717914848da4b44ae29d9b3080cbee91d72a69b14"
dependencies = [
"lazy_static",
]
[[package]]
name = "unicode-width"
version = "0.1.7"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "caaa9d531767d1ff2150b9332433f32a24622147e5ebb1f26409d5da67afd479"
[[package]]
name = "unicode-xid"
version = "0.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "826e7639553986605ec5979c7dd957c7895e93eabed50ab2ffa7f6128a75097c"
[[package]]
name = "vec_map"
version = "0.8.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f1bddf1187be692e79c5ffeab891132dfb0f236ed36a43c7ed39f1165ee20191"
[[package]]
name = "winapi"
version = "0.3.8"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8093091eeb260906a183e6ae1abdba2ef5ef2257a21801128899c3fc699229c6"
dependencies = [
"winapi-i686-pc-windows-gnu",
"winapi-x86_64-pc-windows-gnu",
]
[[package]]
name = "winapi-i686-pc-windows-gnu"
version = "0.4.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6"
[[package]]
name = "winapi-util"
version = "0.1.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "70ec6ce85bb158151cae5e5c87f95a8e97d2c0c4b001223f33a334e3ce5de178"
dependencies = [
"winapi",
]
[[package]]
name = "winapi-x86_64-pc-windows-gnu"
version = "0.4.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f"
[[package]]
name = "xml-rs"
version = "0.8.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b07db065a5cf61a7e4ba64f29e67db906fb1787316516c4e6e5ff0fea1efcd8a"

17
tools/gen_enclave_conf/Cargo.toml Normal file
View File

@ -0,0 +1,17 @@
[package]
name = "gen_enclave_conf"
version = "0.1.0"
authors = ["zongmin.gu <zongmin.gzm@alibaba-inc.com>"]
edition = "2018"
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
[dependencies]
clap = "2.33"
serde = "1.0"
serde_json = "1.0"
serde_derive = "1.0"
log = "0.4"
env_logger = "0.7"
serde-xml-rs = "0.4"
regex = "1"

21
tools/gen_enclave_conf/Makefile Normal file
View File

@ -0,0 +1,21 @@
include ../../src/sgxenv.mk
SRC_FILES := $(shell find . -type f -name '*.rs') Cargo.toml
RUST_TARGET_DIR := $(BUILD_DIR)/tools/genconf/cargo-target
RUST_OUT_DIR := $(BUILD_DIR)/bin
TARGET_BINARY := $(RUST_OUT_DIR)/gen_enclave_conf
.PHONY: all clean
all: $(SRC_FILES)
ifeq ($(OCCLUM_RELEASE_BUILD), 1)
@RUSTC_BOOTSTRAP=1 cargo build --release --target-dir=$(RUST_TARGET_DIR) -Z unstable-options --out-dir=$(RUST_OUT_DIR)
@echo "CARGO (release) => gen_enclave_conf"
else
@RUSTC_BOOTSTRAP=1 cargo build --target-dir=$(RUST_TARGET_DIR) -Z unstable-options --out-dir=$(RUST_OUT_DIR)
@echo "CARGO (debug) => gen_enclave_conf"
endif
clean:
@cargo clean --target-dir=$(RUST_TARGET_DIR)
@-$(RM) -f $(TARGET_BINARY)

178
tools/gen_enclave_conf/src/main.rs Normal file
View File

@ -0,0 +1,178 @@
extern crate clap;
extern crate env_logger;
extern crate log;
extern crate regex;
extern crate serde;
extern crate serde_derive;
extern crate serde_xml_rs;
use clap::{App, Arg};
use log::debug;
use serde_derive::{Deserialize, Serialize};
use std::fs::File;
use std::io::Write;
use std::path::Path;
fn main() {
env_logger::init();
let matches = App::new("gen_enclave_conf")
.version("0.1.0")
.arg(
Arg::with_name("input")
.short("i")
.long("input")
.required(true)
.validator(|f| match Path::new(&f).exists() {
true => Ok(()),
false => {
let err_message = String::from(f) + " is not exist";
Err(err_message)
}
})
.takes_value(true),
)
.arg(
Arg::with_name("output")
.short("o")
.long("output")
.required(true)
.validator(|f| match File::create(f) {
Ok(_e) => Ok(()),
Err(e) => Err(e.to_string()),
})
.takes_value(true),
)
.get_matches();
let occlum_config_file_path = matches.value_of("input").unwrap();
debug!(
"Occlum config (json) file name {:?}",
occlum_config_file_path
);
let enclave_config_file_path = matches.value_of("output").unwrap();
debug!(
"Enclave config (xml) file name {:?}",
enclave_config_file_path
);
// Read the occlum configuration file
let occlum_config_file =
File::open(occlum_config_file_path).expect("The Occlum configuration file does not exist");
let occlum_config: OcclumConfiguration = serde_json::from_reader(occlum_config_file)
.expect("It is not a valid Occlum configuration file.");
debug!("The occlum config is:{:?}", occlum_config);
// get the kernel stack size
let stack_max_size = parse_memory_size(&occlum_config.resource_limits.kernel_space_stack_size);
if stack_max_size.is_err() {
println!(
"The kernel_space_stack_size \"{}\" is not correct.",
occlum_config.resource_limits.kernel_space_stack_size
);
return;
}
// get the kernel heap size
let heap_max_size = parse_memory_size(&occlum_config.resource_limits.kernel_space_heap_size);
if heap_max_size.is_err() {
println!(
"The kernel_space_heap_size \"{}\" is not correct.",
occlum_config.resource_limits.kernel_space_heap_size
);
return;
}
let sgx_enclave_configuration = EnclaveConfiguration {
ProdID: occlum_config.metadata.product_id,
ISVSVN: occlum_config.metadata.version_number,
StackMaxSize: stack_max_size.unwrap() as u64,
HeapMaxSize: heap_max_size.unwrap() as u64,
TCSNum: occlum_config.resource_limits.max_num_of_threads,
TCSPolicy: 1,
DisableDebug: match occlum_config.metadata.debuggable {
true => 0,
false => 1,
},
MiscSelect: "0".to_string(),
MiscMask: "0xFFFFFFFF".to_string(),
};
// Generate the enclave configuration
let enclave_config = serde_xml_rs::to_string(&sgx_enclave_configuration).unwrap();
debug!("The enclave config:{:?}", enclave_config);
// Update the output file
let mut enclave_config_file = File::create(enclave_config_file_path)
.expect("Could not open the target Enclave configuration file.");
enclave_config_file
.write_all(enclave_config.as_bytes())
.expect("Failed to update the Enclave configuration file.");
}
fn parse_memory_size(mem_str: &str) -> Result<usize, &str> {
const UNIT2FACTOR: [(&str, usize); 5] = [
("KB", 1024),
("MB", 1024 * 1024),
("GB", 1024 * 1024 * 1024),
("TB", 1024 * 1024 * 1024 * 1024),
("B", 1),
];
// Extract the unit part of the memory size
let mem_str = mem_str.trim();
let (mem_unit, unit_factor) = UNIT2FACTOR
.iter()
.position(|(mem_unit, _)| mem_str.ends_with(mem_unit))
.ok_or_else(|| "No unit")
.map(|unit_i| &UNIT2FACTOR[unit_i])?;
// Extract the value part of the memory size
let mem_val = match mem_str[0..mem_str.len() - mem_unit.len()]
.trim()
.parse::<usize>()
{
Err(_) => {
return Err("No number");
}
Ok(mem_val) => mem_val,
};
Ok(mem_val * unit_factor)
}
#[derive(Debug, PartialEq, Deserialize)]
struct OcclumConfiguration {
metadata: OcclumMetadata,
resource_limits: OcclumResourceLimits,
}
#[derive(Debug, PartialEq, Deserialize)]
struct OcclumMetadata {
product_id: u32,
version_number: u32,
debuggable: bool,
}
#[derive(Debug, PartialEq, Deserialize)]
struct OcclumResourceLimits {
max_num_of_threads: u32,
kernel_space_heap_size: String,
kernel_space_stack_size: String,
user_space_size: String,
}
#[allow(non_snake_case)]
#[derive(Debug, PartialEq, Serialize)]
struct EnclaveConfiguration {
ProdID: u32,
ISVSVN: u32,
StackMaxSize: u64,
HeapMaxSize: u64,
TCSNum: u32,
TCSPolicy: u32,
DisableDebug: u32,
MiscSelect: String,
MiscMask: String,
}

9
tools/occlum
View File

@ -62,7 +62,7 @@ get_conf_default_mmap_size() {
get_conf_user_space_size() {
cat "$working_dir/Occlum.json" | \
python -c "import sys, json; print json.load(sys.stdin)['vm']['user_space_size']"
python -c "import sys, json; print json.load(sys.stdin)['resource_limits']['user_space_size']"
}
get_conf_env() {
@ -128,9 +128,7 @@ cmd_init() {
"$occlum_gcc_lib/libgcc_s.so.1" \
"$occlum_gcc_lib/libgomp.so.1"
cp "$occlum_dir"/etc/template/Enclave.xml "$working_dir"/
cp "$occlum_dir"/etc/template/Occlum.json "$working_dir"/
chmod 644 "$working_dir"/Enclave.xml
chmod 644 "$working_dir"/Occlum.json
echo "Initialized an Occlum context in $working_dir"
@ -211,11 +209,14 @@ cmd_build() {
cd src/libos && \
make clean-builtin && \
make "$context_dir/build/lib/libocclum-libos.so" ONLY_REBUILD_BUILTIN=1 CONTEXT=1
$occlum_dir/$build_dir/bin/gen_enclave_conf -i "$working_dir/Occlum.json" -o "$context_dir/build/Enclave.xml"
$ENCLAVE_SIGN_TOOL sign \
-key $ENCLAVE_SIGN_KEY \
-config "$working_dir/Enclave.xml" \
-config "$context_dir/build/Enclave.xml" \
-enclave "$context_dir/build/lib/libocclum-libos.so" \
-out "$context_dir/build/lib/libocclum-libos.signed.so"
rm -f "$context_dir/build/Enclave.xml"
cd "$context_dir"
echo "built" > status

15
tools/occlum-build-enclave
View File

@ -7,8 +7,7 @@ project_dir="$( cd "$( dirname "$this_dir/../../../" )" >/dev/null 2>&1 && pwd
SGX_SDK="${SGX_SDK:-/opt/intel/sgxsdk}"
occlum_conf_json_path=$1
enclave_conf_xml_path=$2
enclave_key_pem_path=$3
enclave_key_pem_path=$2
protected_occlum_conf_json_path=`basename $occlum_conf_json_path`".protected"
occlum_conf_file_mac=
@ -18,7 +17,7 @@ occlum_user_space_size=
report_arg_error() {
echo $1
echo ""
echo "Usage: occlum-build-enclave Occlum.json Enclave.xml Enclave.pem"
echo "Usage: occlum-build-enclave Occlum.json Enclave.pem"
}
protect_occlum_json() {
@ -44,6 +43,11 @@ build_enclave_so() {
make
}
generate_enclave_config() {
cd $working_dir
"$project_dir/tools/bin/gen_enclave_conf" -i $occlum_conf_json_path -o "enclave.config.xml"
}
sign_enclave_so() {
cd $working_dir
rm -f libocclum-libos.signed.so
@ -52,7 +56,8 @@ sign_enclave_so() {
-key $enclave_key_pem_path \
-enclave $enclave_so_path \
-out "libocclum-libos.signed.so" \
-config $enclave_conf_xml_path
-config enclave.config.xml
rm -f enclave.config.xml
}
# ===========================================================================
@ -88,6 +93,6 @@ export OCCLUM_BUILTIN_VM_USER_SPACE_SIZE=`print_occlum_user_space_size`
echo "EXPORT => OCCLUM_BUILTIN_VM_USER_SPACE_SIZE = $OCCLUM_BUILTIN_VM_USER_SPACE_SIZE"
build_enclave_so
generate_enclave_config
sign_enclave_so
echo "SIGN => libocclum-libos.signed.so"

2
tools/occlum-gen-default-occlum-json
View File

@ -6,7 +6,7 @@ fi
cat <<EOF
{
"vm": {
"resource_limits": {
"user_space_size": "$OCCLUM_CONF_USER_SPACE_SIZE"
},
"process": {