diff --git a/deps/rust-sgx-sdk b/deps/rust-sgx-sdk index df76765f..4fdac94b 160000 --- a/deps/rust-sgx-sdk +++ b/deps/rust-sgx-sdk @@ -1 +1 @@ -Subproject commit df76765f586cf103189a5e62355672c96f4920ce +Subproject commit 4fdac94b9f002f432d4a10e5de80c56d3f7a10eb diff --git a/deps/rust-sgx-sdk.patch b/deps/rust-sgx-sdk.patch index d505648a..0865bc6a 100644 --- a/deps/rust-sgx-sdk.patch +++ b/deps/rust-sgx-sdk.patch @@ -1,7 +1,7 @@ -From ebd4f84dd2561d5ef381312ef9934a6076e62915 Mon Sep 17 00:00:00 2001 -From: "Tate, Hongliang Tian" -Date: Wed, 3 Jun 2020 08:11:35 +0000 -Subject: [PATCH 1/4] Add support for integrity-only SGX files +From daf3f6e0723c28a34c80cfcc4a4c5595226f3459 Mon Sep 17 00:00:00 2001 +From: "zongmin.gu" +Date: Tue, 15 Sep 2020 13:26:05 +0800 +Subject: [PATCH] Update Rust SDK for Occlum --- samplecode/unit-test/enclave/src/lib.rs | 2 + @@ -10,7 +10,8 @@ Subject: [PATCH 1/4] Add support for integrity-only SGX files sgx_tstd/src/sgxfs.rs | 39 ++++++++- sgx_tstd/src/sys/sgxfs.rs | 38 +++++++-- sgx_types/src/function.rs | 6 +- - 6 files changed, 203 insertions(+), 7 deletions(-) + sgx_types/src/types.rs | 14 +++- + 7 files changed, 215 insertions(+), 9 deletions(-) diff --git a/samplecode/unit-test/enclave/src/lib.rs b/samplecode/unit-test/enclave/src/lib.rs index b9ea49be..d740753f 100644 @@ -75,10 +76,10 @@ index 766ba674..eeefd9eb 100644 + assert!(remove_result.is_ok()); +} diff --git a/sgx_tprotected_fs/src/fs.rs b/sgx_tprotected_fs/src/fs.rs -index 93767e4b..9ddac357 100644 +index 241a7d7f..69608907 100644 --- a/sgx_tprotected_fs/src/fs.rs +++ b/sgx_tprotected_fs/src/fs.rs -@@ -35,6 +35,15 @@ unsafe fn rsgx_fopen(filename: &CStr, mode: &CStr, key: &sgx_key_128bit_t) -> Sy +@@ -39,6 +39,15 @@ unsafe fn rsgx_fopen(filename: &CStr, mode: &CStr, key: &sgx_key_128bit_t) -> Sy } } @@ -94,7 +95,7 @@ index 93767e4b..9ddac357 100644 unsafe fn rsgx_fopen_auto_key(filename: &CStr, mode: &CStr) -> SysResult { let file = sgx_fopen_auto_key(filename.as_ptr(), mode.as_ptr()); if file.is_null() { -@@ -192,6 +201,15 @@ unsafe fn rsgx_fimport_auto_key(filename: &CStr, key: &sgx_key_128bit_t) -> SysE +@@ -196,6 +205,15 @@ unsafe fn rsgx_fimport_auto_key(filename: &CStr, key: &sgx_key_128bit_t) -> SysE } } @@ -108,10 +109,10 @@ index 93767e4b..9ddac357 100644 +} + pub struct SgxFileStream { - stream: SGX_FILE + stream: SGX_FILE, } @@ -275,6 +293,48 @@ impl SgxFileStream { - } + unsafe { rsgx_fopen_auto_key(filename, mode).map(|f| SgxFileStream { stream: f }) } } + /// @@ -347,10 +348,10 @@ index 7d6f24f3..0a6acef9 100644 pub fn remove(path: &Path) -> io::Result<()> { diff --git a/sgx_types/src/function.rs b/sgx_types/src/function.rs -index 3c2db3a4..f96cd9e8 100644 +index b74afd75..527e4bf9 100644 --- a/sgx_types/src/function.rs +++ b/sgx_types/src/function.rs -@@ -629,7 +629,10 @@ extern "C" { +@@ -644,7 +644,10 @@ extern "C" { pub fn sgx_fopen_auto_key(filename: *const c_char, mode: *const c_char) -> SGX_FILE; @@ -362,7 +363,7 @@ index 3c2db3a4..f96cd9e8 100644 size: size_t, count: size_t, stream: SGX_FILE) -> size_t; -@@ -650,6 +653,7 @@ extern "C" { +@@ -665,6 +668,7 @@ extern "C" { pub fn sgx_fexport_auto_key(filename: *const c_char, key: *mut sgx_key_128bit_t) -> int32_t; pub fn sgx_fimport_auto_key(filename: *const c_char, key: *const sgx_key_128bit_t) -> int32_t; pub fn sgx_fclear_cache(stream: SGX_FILE) -> int32_t; @@ -370,33 +371,30 @@ index 3c2db3a4..f96cd9e8 100644 } /* intel sgx sdk 2.0 */ --- -2.17.1 - - -From b126b99cd8cf12ac4971915d408d48a557bc5399 Mon Sep 17 00:00:00 2001 -From: "Tate, Hongliang Tian" -Date: Wed, 3 Jun 2020 08:35:53 +0000 -Subject: [PATCH 2/4] Add data structures for #PF and #GP exceptions - ---- - sgx_types/src/types.rs | 11 +++++++++++ - 1 file changed, 11 insertions(+) - diff --git a/sgx_types/src/types.rs b/sgx_types/src/types.rs -index 4f191364..651d088e 100644 +index 05cb12f2..ad639fda 100644 --- a/sgx_types/src/types.rs +++ b/sgx_types/src/types.rs -@@ -865,6 +865,8 @@ impl_enum! { +@@ -897,8 +897,8 @@ impl_enum! { SGX_EXCEPTION_VECTOR_BP = 3, /* INT 3 instruction */ SGX_EXCEPTION_VECTOR_BR = 5, /* BOUND instruction */ SGX_EXCEPTION_VECTOR_UD = 6, /* UD2 instruction or reserved opcode */ +- SGX_EXCEPTION_VECTOR_GP = 13, /* General protection exception */ +- SGX_EXCEPTION_VECTOR_PF = 14, /* Page fault exception */ + SGX_EXCEPTION_VECTOR_GP = 13, /* General protection */ + SGX_EXCEPTION_VECTOR_PF = 14, /* Page fault */ SGX_EXCEPTION_VECTOR_MF = 16, /* x87 FPU floating-point or WAIT/FWAIT instruction */ SGX_EXCEPTION_VECTOR_AC = 17, /* Any data reference in memory */ SGX_EXCEPTION_VECTOR_XM = 19, /* SSE/SSE2/SSE3 floating-point instruction */ -@@ -922,11 +924,20 @@ cfg_if! { +@@ -912,6 +912,7 @@ impl_enum! { + pub enum sgx_exception_type_t { + SGX_EXCEPTION_HARDWARE = 3, + SGX_EXCEPTION_SOFTWARE = 6, ++ SGX_EXCEPTION_SIMULATED = 7, + } + } + +@@ -957,11 +958,20 @@ cfg_if! { } } @@ -420,53 +418,3 @@ index 4f191364..651d088e 100644 -- 2.17.1 - -From 3b224780e7f948753ef27e67677a5fc6a2a49961 Mon Sep 17 00:00:00 2001 -From: "Tate, Hongliang Tian" -Date: Wed, 3 Jun 2020 08:37:47 +0000 -Subject: [PATCH 3/4] Add a new exception type: simulated - ---- - sgx_types/src/types.rs | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/sgx_types/src/types.rs b/sgx_types/src/types.rs -index 651d088e..ef43d7d6 100644 ---- a/sgx_types/src/types.rs -+++ b/sgx_types/src/types.rs -@@ -879,6 +879,7 @@ impl_enum!{ - pub enum sgx_exception_type_t { - SGX_EXCEPTION_HARDWARE = 3, - SGX_EXCEPTION_SOFTWARE = 6, -+ SGX_EXCEPTION_SIMULATED = 7, - } - } - --- -2.17.1 - - -From 53707096d65d2c2439246274328484094be28c05 Mon Sep 17 00:00:00 2001 -From: volcano -Date: Mon, 31 Aug 2020 11:12:44 +0800 -Subject: [PATCH 4/4] fix no return value of u_malloc_ocall - ---- - sgx_ustdc/mem.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/sgx_ustdc/mem.c b/sgx_ustdc/mem.c -index 3dceb037..5e4aea84 100644 ---- a/sgx_ustdc/mem.c -+++ b/sgx_ustdc/mem.c -@@ -26,6 +26,7 @@ void *u_malloc_ocall(int *error, size_t size) - if (error) { - *error = ret == NULL ? errno : 0; - } -+ return ret; - } - - void u_free_ocall(void *p) --- -2.17.1 - diff --git a/src/libos/Cargo.lock b/src/libos/Cargo.lock index 1466f817..1185011d 100644 --- a/src/libos/Cargo.lock +++ b/src/libos/Cargo.lock @@ -52,12 +52,6 @@ version = "0.1.7" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1d49d90015b3c36167a20fe2810c5cd875ad504b39cff3d4eae7977e6b7c1cb2" -[[package]] -name = "autocfg" -version = "1.0.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f8aac770f1885fd7e387acedd76065302551364496e46b3dd00860b2f8359b9d" - [[package]] name = "bitflags" version = "1.2.1" @@ -97,9 +91,9 @@ dependencies = [ [[package]] name = "darling" -version = "0.9.0" +version = "0.10.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fcfbcb0c5961907597a7d1148e3af036268f2b773886b8bb3eeb1e1281d3d3d6" +checksum = "0d706e75d87e35569db781a9b5e2416cff1236a47ed380831f959382ccd5f858" dependencies = [ "darling_core", "darling_macro", @@ -107,52 +101,52 @@ dependencies = [ [[package]] name = "darling_core" -version = "0.9.0" +version = "0.10.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6afc018370c3bff3eb51f89256a6bdb18b4fdcda72d577982a14954a7a0b402c" +checksum = "f0c960ae2da4de88a91b2d920c2a7233b400bc33cb28453a2987822d8392519b" dependencies = [ "fnv", "ident_case", - "proc-macro2 0.4.30", - "quote 0.6.13", + "proc-macro2", + "quote", "strsim", - "syn 0.15.44", + "syn", ] [[package]] name = "darling_macro" -version = "0.9.0" +version = "0.10.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c6d8dac1c6f1d29a41c4712b4400f878cb4fcc4c7628f298dd75038e024998d1" +checksum = "d9b5a2f4ac4969822c62224815d069952656cadc7084fdca9751e6d959189b72" dependencies = [ "darling_core", - "quote 0.6.13", - "syn 0.15.44", + "quote", + "syn", ] [[package]] name = "derive_builder" -version = "0.7.2" +version = "0.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3ac53fa6a3cda160df823a9346442525dcaf1e171999a1cf23e67067e4fd64d4" +checksum = "a2658621297f2cf68762a6f7dc0bb7e1ff2cfd6583daef8ee0fed6f7ec468ec0" dependencies = [ "darling", "derive_builder_core", - "proc-macro2 0.4.30", - "quote 0.6.13", - "syn 0.15.44", + "proc-macro2", + "quote", + "syn", ] [[package]] name = "derive_builder_core" -version = "0.5.0" +version = "0.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0288a23da9333c246bb18c143426074a6ae96747995c5819d2947b64cd942b37" +checksum = "2791ea3e372c8495c0bc2033991d76b512cd799d07491fbd6890124db9458bef" dependencies = [ "darling", - "proc-macro2 0.4.30", - "quote 0.6.13", - "syn 0.15.44", + "proc-macro2", + "quote", + "syn", ] [[package]] @@ -193,10 +187,7 @@ dependencies = [ [[package]] name = "hashbrown_tstd" -version = "0.7.1" -dependencies = [ - "autocfg 1.0.0", -] +version = "0.9.0" [[package]] name = "ident_case" @@ -235,31 +226,13 @@ dependencies = [ "cfg-if", ] -[[package]] -name = "proc-macro2" -version = "0.4.30" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cf3d2011ab5c909338f7887f4fc896d35932e29146c12c8d01da6b22a80ba759" -dependencies = [ - "unicode-xid 0.1.0", -] - [[package]] name = "proc-macro2" version = "1.0.19" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "04f5f085b5d71e2188cb8271e5da0161ad52c3f227a661a3c135fdf28e258b12" dependencies = [ - "unicode-xid 0.2.1", -] - -[[package]] -name = "quote" -version = "0.6.13" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6ce23b6b870e8f94f81fb0a363d65d86675884b34a09043c81e5562f11c1f8e1" -dependencies = [ - "proc-macro2 0.4.30", + "unicode-xid", ] [[package]] @@ -268,7 +241,7 @@ version = "1.0.7" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "aa563d17ecb180e500da1cfd2b028310ac758de548efdd203e18f283af693f37" dependencies = [ - "proc-macro2 1.0.19", + "proc-macro2", ] [[package]] @@ -283,7 +256,7 @@ version = "0.6.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6d71dacdc3c88c1fde3885a3be3fbab9f35724e6ce99467f7d9c5026132184ca" dependencies = [ - "autocfg 0.1.7", + "autocfg", "libc", "rand_chacha", "rand_core 0.4.2", @@ -302,7 +275,7 @@ version = "0.1.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "556d3a1ca6600bfcbab7c7c91ccb085ac7fbbcd70e008a98742e7847f4f7bcef" dependencies = [ - "autocfg 0.1.7", + "autocfg", "rand_core 0.3.1", ] @@ -370,7 +343,7 @@ version = "0.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "abf9b09b01790cfe0364f52bf32995ea3c39f4d2dd011eac241d2914146d0b44" dependencies = [ - "autocfg 0.1.7", + "autocfg", "rand_core 0.4.2", ] @@ -463,9 +436,9 @@ dependencies = [ name = "serde_derive" version = "1.0.104" dependencies = [ - "proc-macro2 1.0.19", - "quote 1.0.7", - "syn 1.0.34", + "proc-macro2", + "quote", + "syn", ] [[package]] @@ -582,20 +555,9 @@ checksum = "7f3eb36b47e512f8f1c9e3d10c2c1965bc992bd9cdb024fa581e2194501c83d3" [[package]] name = "strsim" -version = "0.7.0" +version = "0.9.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bb4f380125926a99e52bc279241539c018323fab05ad6368b56f93d9369ff550" - -[[package]] -name = "syn" -version = "0.15.44" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9ca4b3b69a77cbe1ffc9e198781b7acb0c7365a883670e8f1c1bc66fba79a5c5" -dependencies = [ - "proc-macro2 0.4.30", - "quote 0.6.13", - "unicode-xid 0.1.0", -] +checksum = "6446ced80d6c486436db5c078dde11a9f73d42b57fb273121e160b84f63d894c" [[package]] name = "syn" @@ -603,9 +565,9 @@ version = "1.0.34" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "936cae2873c940d92e697597c5eee105fb570cd5689c695806f672883653349b" dependencies = [ - "proc-macro2 1.0.19", - "quote 1.0.7", - "unicode-xid 0.2.1", + "proc-macro2", + "quote", + "unicode-xid", ] [[package]] @@ -614,12 +576,6 @@ version = "1.12.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "373c8a200f9e67a0c95e62a4f52fbf80c23b4381c05a17845531982fa99e6b33" -[[package]] -name = "unicode-xid" -version = "0.1.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fc72304796d0818e357ead4e000d19c9c174ab23dc11093ac919054d20a6a7fc" - [[package]] name = "unicode-xid" version = "0.2.1" diff --git a/src/libos/Cargo.toml b/src/libos/Cargo.toml index d6a131ec..17679993 100644 --- a/src/libos/Cargo.toml +++ b/src/libos/Cargo.toml @@ -13,7 +13,7 @@ bitvec = { version = "0.17", default-features = false, features = ["alloc"] } log = "0.4" aligned = "0.3.4" lazy_static = { version = "1.1.0", features = ["spin_no_std"] } # Implies nightly -derive_builder = "0.7.2" +derive_builder = "0.9" ringbuf = { path = "../../deps/ringbuf" } rcore-fs = { path = "../../deps/sefs/rcore-fs" } rcore-fs-sefs = { path = "../../deps/sefs/rcore-fs-sefs" } diff --git a/src/libos/rust-toolchain b/src/libos/rust-toolchain index 4e74872f..8c975dc6 100644 --- a/src/libos/rust-toolchain +++ b/src/libos/rust-toolchain @@ -1 +1 @@ -nightly-2020-04-07 +nightly-2020-09-08 diff --git a/src/libos/src/lib.rs b/src/libos/src/lib.rs index c058524a..1d915bac 100644 --- a/src/libos/src/lib.rs +++ b/src/libos/src/lib.rs @@ -16,6 +16,8 @@ // for may_dangle in rw_lock #![feature(dropck_eyepatch)] #![feature(option_expect_none)] +// for UntrustedSliceAlloc in slice_alloc +#![feature(slice_ptr_get)] #[macro_use] extern crate alloc; diff --git a/src/libos/src/untrusted/alloc.rs b/src/libos/src/untrusted/alloc.rs index 0f0f6d46..80ef9f92 100644 --- a/src/libos/src/untrusted/alloc.rs +++ b/src/libos/src/untrusted/alloc.rs @@ -1,5 +1,5 @@ use super::*; -use std::alloc::{AllocErr, AllocInit, AllocRef, Layout, MemoryBlock}; +use std::alloc::{AllocErr, AllocRef, Layout}; use std::ptr::{self, write_bytes, NonNull}; /// The global memory allocator for untrusted memory @@ -8,11 +8,7 @@ pub static mut UNTRUSTED_ALLOC: UntrustedAlloc = UntrustedAlloc; pub struct UntrustedAlloc; unsafe impl AllocRef for UntrustedAlloc { - fn alloc( - &mut self, - layout: Layout, - init: AllocInit, - ) -> std::result::Result { + fn alloc(&mut self, layout: Layout) -> std::result::Result, AllocErr> { if layout.size() == 0 { return Err(AllocErr); } @@ -33,12 +29,6 @@ unsafe impl AllocRef for UntrustedAlloc { return Err(AllocErr); } - if init == AllocInit::Zeroed { - unsafe { - write_bytes(mem_ptr, 0, layout.size()); - } - } - // Sanity checks // Post-condition 1: alignment debug_assert!(mem_ptr as usize % layout.align() == 0); @@ -47,10 +37,10 @@ unsafe impl AllocRef for UntrustedAlloc { mem_ptr as *const u8, layout.size() )); - Ok(MemoryBlock { - ptr: NonNull::new(mem_ptr).unwrap(), - size: layout.size(), + Ok(NonNull::new(unsafe { + core::slice::from_raw_parts_mut(mem_ptr, layout.size() as usize) }) + .unwrap()) } unsafe fn dealloc(&mut self, ptr: NonNull, layout: Layout) { diff --git a/src/libos/src/untrusted/slice_alloc.rs b/src/libos/src/untrusted/slice_alloc.rs index 3e70bf62..189b04d5 100644 --- a/src/libos/src/untrusted/slice_alloc.rs +++ b/src/libos/src/untrusted/slice_alloc.rs @@ -1,5 +1,5 @@ use super::*; -use std::alloc::{AllocErr, AllocInit, AllocRef, Layout, MemoryBlock}; +use std::alloc::{AllocErr, AllocRef, Layout}; use std::ptr::NonNull; use std::sync::atomic::{AtomicUsize, Ordering}; @@ -26,12 +26,7 @@ impl UntrustedSliceAlloc { } let layout = Layout::from_size_align(buf_size, 1)?; - let buf_ptr = unsafe { - UNTRUSTED_ALLOC - .alloc(layout, AllocInit::Uninitialized)? - .ptr - .as_ptr() - }; + let buf_ptr = unsafe { UNTRUSTED_ALLOC.alloc(layout)?.as_mut_ptr() }; let buf_pos = AtomicUsize::new(0); Ok(Self { @@ -52,18 +47,14 @@ impl UntrustedSliceAlloc { // Move self.buf_pos forward if enough space _atomically_. let old_pos = self .buf_pos - .fetch_update( - |old_pos| { - let new_pos = old_pos + new_slice_len; - if new_pos <= self.buf_size { - Some(new_pos) - } else { - None - } - }, - Ordering::SeqCst, - Ordering::SeqCst, - ) + .fetch_update(Ordering::SeqCst, Ordering::SeqCst, |old_pos| { + let new_pos = old_pos + new_slice_len; + if new_pos <= self.buf_size { + Some(new_pos) + } else { + None + } + }) .map_err(|e| errno!(ENOMEM, "No enough space"))?; unsafe { self.buf_ptr.add(old_pos) } }; diff --git a/src/libos/src/vm/process_vm.rs b/src/libos/src/vm/process_vm.rs index e281ea5e..cc45f421 100644 --- a/src/libos/src/vm/process_vm.rs +++ b/src/libos/src/vm/process_vm.rs @@ -273,7 +273,7 @@ impl ProcessVM { } self.brk - .fetch_update(|old_brk| Some(new_brk), Ordering::SeqCst, Ordering::SeqCst); + .fetch_update(Ordering::SeqCst, Ordering::SeqCst, |old_brk| Some(new_brk)); Ok(new_brk) } diff --git a/tools/docker/Dockerfile.centos8.1 b/tools/docker/Dockerfile.centos8.1 index e5c2980f..1789d141 100644 --- a/tools/docker/Dockerfile.centos8.1 +++ b/tools/docker/Dockerfile.centos8.1 @@ -51,16 +51,15 @@ RUN wget http://www.etallen.com/cpuid/cpuid-20200211.x86_64.tar.gz && \ # Install SGX SDK WORKDIR /tmp -RUN git clone -b sgx_2.9.1_for_occlum https://github.com/occlum/linux-sgx && \ - cd linux-sgx && \ - ./download_prebuilt.sh && \ +RUN git clone -b sgx_2.11_for_occlum https://github.com/occlum/linux-sgx && \ + cd linux-sgx && make preparation && \ ./compile_and_install.sh no_mitigation && \ echo 'source /opt/intel/sgxsdk/environment' >> /root/.bashrc && \ rm -rf /tmp/linux-sgx # Install Rust ENV PATH="/root/.cargo/bin:$PATH" -ENV OCCLUM_RUST_VERSION=nightly-2020-04-07 +ENV OCCLUM_RUST_VERSION=nightly-2020-09-08 RUN curl https://sh.rustup.rs -sSf | \ sh -s -- --default-toolchain ${OCCLUM_RUST_VERSION} -y && \ rm -rf /root/.cargo/registry && rm -rf /root/.cargo/git && \ @@ -97,7 +96,7 @@ ENV PATH="/opt/occlum/toolchains/jvm/bin:$PATH" # Install the latest version of Occlum WORKDIR /root -RUN git clone https://github.com/occlum/occlum && \ +RUN git clone https://github.com/occlum/occlum.git && \ cd occlum && \ source /root/.bashrc && \ make submodule && \ diff --git a/tools/docker/Dockerfile.ubuntu18.04 b/tools/docker/Dockerfile.ubuntu18.04 index 028946bd..0d30a53e 100644 --- a/tools/docker/Dockerfile.ubuntu18.04 +++ b/tools/docker/Dockerfile.ubuntu18.04 @@ -62,21 +62,16 @@ RUN wget http://www.etallen.com/cpuid/cpuid-20200211.x86_64.tar.gz && \ # Install SGX SDK WORKDIR /tmp -RUN git clone -b sgx_2.9.1_for_occlum https://github.com/occlum/linux-sgx && \ +RUN git clone -b sgx_2.11_for_occlum https://github.com/occlum/linux-sgx && \ mkdir /etc/init && \ - cd linux-sgx && \ - ./download_prebuilt.sh && \ - cp ./external/toolset/as /usr/local/bin/ && \ - cp ./external/toolset/ld /usr/local/bin/ && \ - cp ./external/toolset/ld.gold /usr/local/bin/ && \ - cp ./external/toolset/objdump /usr/local/bin/ && \ - ./compile_and_install.sh && \ + cd linux-sgx && make preparation && \ + ./compile_and_install.sh no_mitigation && \ echo 'source /opt/intel/sgxsdk/environment' >> /root/.bashrc && \ rm -rf /tmp/linux-sgx # Install Rust ENV PATH="/root/.cargo/bin:$PATH" -ENV OCCLUM_RUST_VERSION=nightly-2020-04-07 +ENV OCCLUM_RUST_VERSION=nightly-2020-09-08 RUN curl https://sh.rustup.rs -sSf | \ sh -s -- --default-toolchain ${OCCLUM_RUST_VERSION} -y && \ rm -rf /root/.cargo/registry && rm -rf /root/.cargo/git && \