[libos] Add disable_log cfg option
This commit is contained in:
Qi Zheng
volcano
parent
065c367b37
commit
a7317b0aa9
@ -1,5 +1,6 @@
|
|||||||
use super::*;
|
use super::*;
|
||||||
use crate::std::untrusted::path::PathEx;
|
use crate::std::untrusted::path::PathEx;
|
||||||
|
use crate::util::sgx::allow_debug as sgx_allow_debug;
|
||||||
use serde::{Deserialize, Serialize};
|
use serde::{Deserialize, Serialize};
|
||||||
use std::collections::HashSet;
|
use std::collections::HashSet;
|
||||||
use std::ffi::CString;
|
use std::ffi::CString;
|
||||||
@ -10,6 +11,8 @@ use std::sgxfs::SgxFile;
|
|||||||
|
|
||||||
use crate::util::mem_util::from_user;
|
use crate::util::mem_util::from_user;
|
||||||
|
|
||||||
|
use log::{set_max_level, LevelFilter};
|
||||||
|
|
||||||
lazy_static! {
|
lazy_static! {
|
||||||
pub static ref LIBOS_CONFIG: Config = {
|
pub static ref LIBOS_CONFIG: Config = {
|
||||||
let config_path =
|
let config_path =
|
||||||
@ -200,6 +203,20 @@ impl Config {
|
|||||||
};
|
};
|
||||||
let feature = ConfigFeature::from_input(&input.feature)?;
|
let feature = ConfigFeature::from_input(&input.feature)?;
|
||||||
|
|
||||||
|
if input.disable_log {
|
||||||
|
log::set_max_level(LevelFilter::Off);
|
||||||
|
} else if !sgx_allow_debug() {
|
||||||
|
if log::max_level() != LevelFilter::Off {
|
||||||
|
// Release enclave can only set error level log
|
||||||
|
log::set_max_level(LevelFilter::Error);
|
||||||
|
}
|
||||||
|
eprintln!("Warnning: Occlum Log is enabled for release enclave!");
|
||||||
|
eprintln!(
|
||||||
|
"Uses can disable Occlum Log by setting metadata.disable_log=true \
|
||||||
|
in Occlum.json and rebuild Occlum instance.\n"
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
Ok(Config {
|
Ok(Config {
|
||||||
resource_limits,
|
resource_limits,
|
||||||
process,
|
process,
|
||||||
@ -385,6 +402,8 @@ struct InputConfig {
|
|||||||
#[serde(default)]
|
#[serde(default)]
|
||||||
pub env: InputConfigEnv,
|
pub env: InputConfigEnv,
|
||||||
#[serde(default)]
|
#[serde(default)]
|
||||||
|
pub disable_log: bool,
|
||||||
|
#[serde(default)]
|
||||||
pub app: Vec<InputConfigApp>,
|
pub app: Vec<InputConfigApp>,
|
||||||
#[serde(default)]
|
#[serde(default)]
|
||||||
pub feature: InputConfigFeature,
|
pub feature: InputConfigFeature,
|
||||||
|
|||||||
@ -60,24 +60,17 @@ pub extern "C" fn occlum_ecall_init(
|
|||||||
|
|
||||||
assert!(!instance_dir.is_null());
|
assert!(!instance_dir.is_null());
|
||||||
|
|
||||||
let log_level = {
|
let log_level = match parse_log_level(log_level) {
|
||||||
let input_log_level = match parse_log_level(log_level) {
|
Err(e) => {
|
||||||
Err(e) => {
|
eprintln!("invalid log level: {}", e.backtrace());
|
||||||
eprintln!("invalid log level: {}", e.backtrace());
|
return ecall_errno!(EINVAL);
|
||||||
return ecall_errno!(EINVAL);
|
|
||||||
}
|
|
||||||
Ok(log_level) => log_level,
|
|
||||||
};
|
|
||||||
// Use the input log level if and only if the enclave allows debug
|
|
||||||
if sgx_allow_debug() {
|
|
||||||
input_log_level
|
|
||||||
} else {
|
|
||||||
LevelFilter::Off
|
|
||||||
}
|
}
|
||||||
|
Ok(log_level) => log_level,
|
||||||
};
|
};
|
||||||
|
|
||||||
INIT_ONCE.call_once(|| {
|
INIT_ONCE.call_once(|| {
|
||||||
// Init the log infrastructure first so that log messages will be printed afterwards
|
// Init the log infrastructure first so that log messages will be printed afterwards
|
||||||
|
// The log level may be set to off later if disable_log is true in user configuration
|
||||||
util::log::init(log_level);
|
util::log::init(log_level);
|
||||||
|
|
||||||
let report = rsgx_self_report();
|
let report = rsgx_self_report();
|
||||||
|
|||||||
@ -487,6 +487,20 @@ fn main() {
|
|||||||
app_config.unwrap()
|
app_config.unwrap()
|
||||||
};
|
};
|
||||||
|
|
||||||
|
// If the user doesn't provide a value, set it false unless it is release enclave.
|
||||||
|
// If the user provides a value, just use it.
|
||||||
|
let disable_log = {
|
||||||
|
if occlum_config.metadata.disable_log.is_none() {
|
||||||
|
if occlum_config.metadata.debuggable {
|
||||||
|
false
|
||||||
|
} else {
|
||||||
|
true
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
occlum_config.metadata.disable_log.unwrap()
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
let occlum_json_config = InternalOcclumJson {
|
let occlum_json_config = InternalOcclumJson {
|
||||||
resource_limits: InternalResourceLimits {
|
resource_limits: InternalResourceLimits {
|
||||||
user_space_init_size: config_user_space_init_size.to_string() + "B",
|
user_space_init_size: config_user_space_init_size.to_string() + "B",
|
||||||
@ -498,6 +512,7 @@ fn main() {
|
|||||||
default_mmap_size: occlum_config.process.default_mmap_size,
|
default_mmap_size: occlum_config.process.default_mmap_size,
|
||||||
},
|
},
|
||||||
env: occlum_config.env,
|
env: occlum_config.env,
|
||||||
|
disable_log: disable_log,
|
||||||
app: app_config,
|
app: app_config,
|
||||||
feature: occlum_config.feature.clone(),
|
feature: occlum_config.feature.clone(),
|
||||||
};
|
};
|
||||||
@ -728,6 +743,8 @@ struct OcclumMetadata {
|
|||||||
product_id: u32,
|
product_id: u32,
|
||||||
version_number: u32,
|
version_number: u32,
|
||||||
debuggable: bool,
|
debuggable: bool,
|
||||||
|
#[serde(default)]
|
||||||
|
disable_log: Option<bool>,
|
||||||
enable_kss: bool,
|
enable_kss: bool,
|
||||||
family_id: OcclumMetaID,
|
family_id: OcclumMetaID,
|
||||||
ext_prod_id: OcclumMetaID,
|
ext_prod_id: OcclumMetaID,
|
||||||
@ -823,6 +840,7 @@ struct InternalOcclumJson {
|
|||||||
resource_limits: InternalResourceLimits,
|
resource_limits: InternalResourceLimits,
|
||||||
process: OcclumProcess,
|
process: OcclumProcess,
|
||||||
env: serde_json::Value,
|
env: serde_json::Value,
|
||||||
|
disable_log: bool,
|
||||||
app: serde_json::Value,
|
app: serde_json::Value,
|
||||||
feature: OcclumFeature,
|
feature: OcclumFeature,
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user