general/occlum
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,424 Commits 3 Branches 0 Tags 8.1 MiB
1a723aa6c2
Commit Graph

247 Commits

Author SHA1 Message Date
Zheng, Qi
8e9f1fb933 Fix the compile error when including dcap_quote.h in pure C program 2021-12-17 08:14:00 +08:00
yuanwu
9d490ada58 Fix the C++ Link issue and Add the static lib 
1. When including the header file in C++ project, the linker
cannot find the functions.
2. Add the staticlib building.

Signed-off-by: yuanwu <yuan.wu@intel.com>
 2021-12-15 16:55:32 +08:00
zongmin.gu
e2eb294c2e Fix the bash demo by increasing the stack size 2021-12-14 10:58:09 +08:00
Zheng, Qi
e8458bd27c Enlarge kernel heap size for ltp demo 2021-12-07 09:48:46 +08:00
Zheng, Qi
a26a7627fe Update dcap demo to support dumping SGX KSS info 
Signed-off-by: Zheng, Qi <huaiqing.zq@antgroup.com>
 2021-12-06 15:46:34 +08:00
Zheng, Qi
8cb08aac29 Update sofaboot demo with openjdk 8 option 
Signed-off-by: Zheng, Qi <huaiqing.zq@antgroup.com>
 2021-12-06 13:47:27 +08:00
Zheng, Qi
94ce37bb9f Add sysbench demo case 2021-11-25 11:40:07 +08:00
Hui, Chunyang
17e86e87d0 Fix building CI image for TF serving and Openvino 2021-11-08 19:15:00 +08:00
Zheng, Qi
4991aaa516 Update ltp demo with verified syscalls test cases 
Signed-off-by: Zheng, Qi <huaiqing.zq@antgroup.com>
 2021-11-03 14:54:27 +08:00
Zheng, Qi
774ea33d9a Update bash and fish demo with prebuilt busybox 
Signed-off-by: Zheng, Qi <huaiqing.zq@antgroup.com>
 2021-11-01 12:43:45 +08:00
Zheng, Qi
4354148ecf Add linux ltp demo 
Signed-off-by: Zheng, Qi <huaiqing.zq@antgroup.com>
 2021-10-22 17:16:52 +08:00
Zheng, Qi
e2d2cb375c Increase the pytorch demo TCS number to 64 
Also increase ready check delay time to 360s

Signed-off-by: Zheng, Qi <huaiqing.zq@antgroup.com>
 2021-10-22 16:42:48 +08:00
Hui, Chunyang
2af05238be Fix SGX SDK version for package related tests 2021-10-09 15:49:28 +08:00
Zheng, Qi
597f8c9080 Update bash demo with bom tool and add musl version 
Signed-off-by: Zheng, Qi <huaiqing.zq@antgroup.com>
 2021-10-08 12:34:38 +08:00
Zheng, Qi
935760f893 Fix bom tool autodep issue for openvino 
Signed-off-by: Zheng, Qi <huaiqing.zq@antgroup.com>
 2021-09-29 10:58:33 +08:00
jianfengjiang
16384b8b0e Update python-musl demo with copy_bom 2021-09-26 21:06:59 +08:00
jianfengjiang
436e427fbf Update tensorflow demos with copy_bom 2021-09-26 21:06:59 +08:00
jianfengjiang
3f78b09df7 Update pytorch demo with copy_bom 2021-09-26 21:06:59 +08:00
jianfengjiang
7290cfa561 Update cluster serving demo with copy_bom 2021-09-26 21:06:59 +08:00
jianfengjiang
cdb4ac560f Update sofaboot demos with copy_bom 2021-09-26 21:06:59 +08:00
Hui, Chunyang
7dcf727782 Fix file path for grpc demo 2021-09-26 21:06:02 +08:00
Zheng, Qi
63deda28b9 Update dcap demo with copy_bom tool 
Signed-off-by: Zheng, Qi <huaiqing.zq@antgroup.com>
 2021-09-26 17:28:13 +08:00
zongmin.gu
4a91c11f9f Update enclave_tls demo with bom file 2021-09-26 16:34:52 +08:00
zongmin.gu
59988f9491 Update ping/pong demo with bom file 2021-09-26 16:34:52 +08:00
zongmin.gu
f0156cb08a Update go web_server demo with bom file 2021-09-26 16:34:52 +08:00
zongmin.gu
b86cbfac48 Update go_sqlite demo with bom file 2021-09-26 16:34:52 +08:00
zongmin.gu
0e00782c21 Update embedded_mode demo with bom file 2021-09-26 16:34:52 +08:00
zongmin.gu
8a6b44a68c Update grpc demo with bom file 2021-09-26 16:34:52 +08:00
zongmin.gu
c5c91baf84 Update bazel demo with bom file 2021-09-26 16:34:52 +08:00
zongmin.gu
c6dc8c807c Update xgboost demo with bom file 2021-09-26 16:34:52 +08:00
zongmin.gu
8b2c99cafd Update tflite demo with bom file 2021-09-26 16:34:52 +08:00
zongmin.gu
3684560683 Update Vault demo with bom file 2021-09-26 16:34:52 +08:00
Zheng, Qi
59a896b499 Update local_attestation demo with copy_bom tool 
Signed-off-by: Zheng, Qi <huaiqing.zq@antgroup.com>
 2021-09-26 15:36:09 +08:00
Zheng, Qi
a5e74f2769 Update sqlite demo with copy_bom tool 
Signed-off-by: Zheng, Qi <huaiqing.zq@antgroup.com>
 2021-09-26 15:36:09 +08:00
Zheng, Qi
09b79083b2 Update redis demo with copy_bom tool 
Signed-off-by: Zheng, Qi <huaiqing.zq@antgroup.com>
 2021-09-26 15:36:09 +08:00
Zheng, Qi
ae5dd3b313 Update openvino demo with copy_bom tool 
Signed-off-by: Zheng, Qi <huaiqing.zq@antgroup.com>
 2021-09-26 15:36:09 +08:00
Zheng, Qi
1f1fd9102b Update https_server demo with copy_bom tool 
Signed-off-by: Zheng, Qi <huaiqing.zq@antgroup.com>
 2021-09-26 15:36:09 +08:00
Zheng, Qi
cbb326e3fd Update fish demo with copy_bom tool 
Signed-off-by: Zheng, Qi <huaiqing.zq@antgroup.com>
 2021-09-26 15:36:09 +08:00
jianfengjiang
54bc08d094 modify demos after implementing autodep for copydirs 2021-09-24 19:02:26 +08:00
jianfengjiang
d598f36700 Modify flink demo with copy_bom 2021-09-23 15:42:15 +08:00
jianfengjiang
9a85361e35 Modify demos to enable autodep without creating softlinks 2021-09-23 15:42:15 +08:00
Zheng, Qi
339f25a84b Fix dangling buffer pointer bug in dcap demo 
Signed-off-by: Zheng, Qi <huaiqing.zq@antgroup.com>
 2021-09-17 19:39:39 +08:00
jiangjianfeng
da4669b8c4 Modify java demo with copy_bom 2021-09-17 15:50:15 +08:00
jiangjianfeng
d3b4b10d4a Modify python-glibc demo with copy_bom 2021-09-17 15:50:15 +08:00
jiangjianfeng
3b5a1a3fc4 Modify rust demo with copy_bom 2021-09-17 15:50:15 +08:00
jiangjianfeng
f8abcd9a1f Modify hello_cc demo with copy_bom 2021-09-17 15:50:15 +08:00
jiangjianfeng
6d60483a1e Modify hello_c demo with copy_bom 2021-09-17 15:50:15 +08:00
Hui, Chunyang
4ae8af62d6 Add SGX v2 self hosted machine for CI 2021-09-03 18:42:50 +08:00
ClawSeven
136c2cca95 Seperate ssl generation with environment preparation 2021-09-03 18:42:50 +08:00
Qiyuan Gong
81dba866f1 Fix Cluster Serving demo classpath 2021-08-16 21:04:22 +08:00
ClawSeven
ed3641a66a Optimize tensorflow_serving workflow 2021-08-16 16:58:03 +08:00
yuanwu
d19ff1a8be Enable Tensorflow_serving in Occlum 
Signed-off-by: yuanwu <yuan.wu@intel.com>
 2021-08-16 16:58:03 +08:00
Hui, Chunyang
68f0a22177 Add Bash demo 2021-08-13 19:23:16 +08:00
Hui, Chunyang
0d20f9e5ec Fix Fish demo and related CI 2021-08-13 17:05:23 +08:00
CharleneHu94
b25246e96e fix manual lib copy 2021-08-10 12:39:57 +08:00
Zheng, Qi
05d4c7d7db Add similation and debug mode occlum package check and support 
Signed-off-by: Zheng, Qi <huaiqing.zq@antgroup.com>
 2021-08-07 20:44:19 +08:00
LI Qing
42bed8d338 Remove the mount config for tmp dir 2021-08-03 19:45:56 +08:00
ClawSeven
9b425798d6 Add tensorflow demo 2021-07-29 16:35:17 +08:00
ClawSeven
d35d98d551 Add resolv-conf parser 2021-07-28 10:52:46 +08:00
Hui, Chunyang
1acfec6b12 Add support for fchdir and support cd for fish 2021-07-28 09:11:19 +08:00
Hui, Chunyang
63d2de1043 Add deployment demo 2021-07-20 13:44:34 +08:00
Zheng, Qi
1990196208 Add dcap rust based library and C test program 
Signed-off-by: Zheng, Qi <huaiqing.zq@antgroup.com>
 2021-07-20 11:17:09 +08:00
He Sun
ba630d3cae Move the EPID RA demo code to the epid folder 
Signed-off-by: Zheng, Qi <huaiqing.zq@antgroup.com>
 2021-07-20 11:17:09 +08:00
ClawSeven
3035a0353a Fix python demo warning 2021-07-14 15:04:42 +08:00
LI Qing
f2e52941e8 Fix the script of running Python demo 2021-07-13 19:31:28 +08:00
sgui
a889dc9c38 Add support for OpenVINO 2021.3 
1.Replace the original TBB with OneTBB v2020.3
2.Replace the 2019_R3 with DLDT 2021.3
3.Add some dependent lib to the occlum image
 2021-07-13 15:08:19 +08:00
Shirong Hao
06cc61a579 Update enclave-tls demo test 
Signed-off-by: Shirong Hao <shirong@linux.alibaba.com>
 2021-06-29 21:21:35 +08:00
ClawSeven
d098e65d67 Fix pytorch demo warning 2021-06-26 08:29:11 +08:00
SteNicholas
6c57834b8a Upgrade the version of Occlum docker image in README.md 2021-06-22 08:04:03 +08:00
CharleneHu94
b82072a9b6 Add analytics zoo cluster serving demo 2021-06-17 17:14:40 +08:00
SteNicholas
fa1196c0ce Update the shell for run flink jobs example 2021-06-11 20:35:37 +08:00
Hui, Chunyang
c4d2d8b802 Add Java processBuilder demo 2021-06-11 16:27:04 +08:00
zongmin.gu
6acd68d030 Update demo readme file 2021-06-09 15:03:03 +08:00
ClawSeven
f534017d79 Add pytorch demo 2021-06-08 19:07:58 +08:00
ClawSeven
53658e865b Add glibc-supported python demo 2021-06-08 07:54:10 +08:00
LI Qing
e5114a77c4 Add '-DSQLITE_MMAP_READWRITE' for SQLite demo 2021-05-31 18:48:24 +08:00
Shirong Hao
adc79d3a26 Update enclave-tls demo test 2021-05-19 09:51:31 +08:00
zongmin.gu
bd43e5b867 Add SOFABoot demo 2021-04-20 10:52:30 +08:00
Kailun Qin
0f23ddb14e Add the HashiCorp Vault demo 
Signed-off-by: Kailun Qin <kailun.qin@intel.com>
 2021-04-16 18:32:51 +08:00
zongmin.gu
b2c0f5e647 Update golang version to 1.16.3 2021-04-16 09:34:26 +08:00
zongmin.gu
baf550d600 Add enclave ra tls demo into demo CI 2021-04-15 16:29:42 +08:00
Shirong Hao
0c0c4c4abc ADD Enclave TLS Server demo 2021-04-15 16:29:42 +08:00
LI Qing
1cf270634f Polish some documents 2021-04-01 12:32:58 +08:00
yuanwu
dcd673615d Add the flink demo 
Signed-off-by: yuanwu <yuan.wu@intel.com>
 2021-03-22 13:30:55 +08:00
yuanwu
17464d3bbf Add the redis demo 
Signed-off-by: yuanwu <yuan.wu@intel.com>
 2021-03-12 14:31:52 +08:00
LI Qing
7deeccb03b Fix the error of demos with encrypted fs image 2021-03-02 13:25:36 +08:00
Hui, Chunyang
79b264a6c8 Add support for Address Space Layout Randomization 
ASLR is only enabled on release mode. Also manage the whole process
VM with VMManager.
 2021-02-24 14:46:41 +08:00
LI Qing
0b51d83811 Add ProcFS 2021-01-20 12:42:00 +08:00
Hui, Chunyang
787df74be0 Fix Python test malloc failure on SGX machine 
Using tcmalloc could consume more heap. Enlarging kernel heap allocation
can fix this.
Also print result for Python test.
 2020-11-18 22:13:34 +08:00
superajun-wsj
bef3201aef Update demos/font/font_support_for_java/README.md 
OK

Co-authored-by: Zongmin.Gu <59240482+guzongmin@users.noreply.github.com>
 2020-10-21 17:41:49 +08:00
jeffery.wsj
7eb132c2b2 Support occlum font for java 2020-10-21 17:41:49 +08:00
He Sun
9a47791ae3 Put the shebang in the front of run_occlum_bench.sh 2020-10-21 10:38:11 +08:00
yuanwu
66b64f8276 Update the xgboost to latest version 
Intel has optimized the xgboost in latest version. Performance has
obvious acceleration in benchmark. In svm training with Yahoo LTR data,
latest version gets 7.8X acceleration in host, and 2X acceleration in occlum.

Signed-off-by: yuanwu <yuan.wu@intel.com>
 2020-10-18 09:59:06 +08:00
yuanwu
cd588d2ca4 Add the gRPC-golang benchmark 
Copied and Modified the google.golang.org/grpc/benchmark/run_bench.sh to
support the benchmark with occlum.

Signed-off-by: yuanwu <yuan.wu@intel.com>
 2020-10-12 11:24:33 +08:00
yuanwu
69820c0d8c Add the SQLite benchmark app 
Add the SQLite speedtest for performance benchmark

Signed-off-by: yuanwu <yuan.wu@intel.com>
 2020-10-10 14:24:29 +08:00
James Dong
7fb4d9039a Fix an issue caused by recent reverted interface-based service registration 
in cmd/protoc-gen-go-grpc.
 2020-10-10 14:14:14 +08:00
James Dong
fec361f664 Add Golang SQLite demo 2020-09-27 14:21:58 +08:00
Hui, Chunyang
f4b3389bbe Fix golang grpc and local attestation demo to align with occlum 0.16.0 2020-09-20 10:39:54 +08:00
Hui, Chunyang
7b882bd368 Add support for pal library to run libos outside occlum instance 2020-09-18 12:39:12 +08:00
LI Qing
2c8c999d52 Speed up the boot procedure of JVM 2020-09-18 12:39:12 +08:00
James Dong
124acba6db Add a sample of Golang gRPC client/server programs 2020-09-02 17:06:09 +08:00
Hui, Chunyang
027e1569e0 Fix tensorflow lite demo eigen download failure 2020-08-28 21:26:48 +08:00
LI Qing
1463fb525a Fix python demo by enlarging the kernel space heap size 2020-08-26 14:07:31 +08:00
LI Qing
cd5cc0cb5c Update Java toolchains 
1. Replace the OpenJDK with an unmodified OpenJDK from Alpine Linux
2. Add Alibaba Dragonwell as the default JDK for the Java demos
 2020-08-15 19:12:39 +08:00
Hui, Chunyang
122a66289c Fix LA demo to align with occlum command 2020-08-15 19:12:39 +08:00
Hui, Chunyang
faf9c9d14e Add fish script execute permission since SEFS has more strict checking 2020-08-15 19:12:39 +08:00
Hui, Chunyang
7ac917aa1a Fix PAL library command arguments not follow convention 2020-08-15 19:12:39 +08:00
Hui, Chunyang
153a6fcd61 Fix embedded mode demo can't find libraries 2020-08-15 19:12:39 +08:00
Hui, Chunyang
0252f0949d Rename "occlum_context" to "occlum_instance" for demos 2020-08-15 19:12:39 +08:00
Hui, Chunyang
85501d8993 Improve implementation for occlum build 
This commit mainly accomplish two things:
1. Use makefile to manage dependencies for `occlum build`, which can save lots of time
2. Take dirs `build`, `run` outside from `.occlum`. Remove env var "OCCLUM_INSTANCE_DIR"
 2020-08-15 19:12:39 +08:00
Tate, Hongliang Tian
5e8f997d4d Make PIE the default mode for Go toolchain 
Occlum-compatible executable binaries must be Position-Independent
Executable (PIE). Previously, to build such binaries, the users need to
explicitly give `-buildmode=pie` flag to `occlum-go`. Apparently, this
is error-prone. This commit sets `-buildmode=pie` by default for `occlum-go`.

In addition, this commit upgrades the Go version to 1.13.7.
 2020-08-11 05:35:43 +00:00
LI Qing
1f30d75713 Add Java demo 2020-07-17 17:35:24 +00:00
LI Qing
81eb364c5b Install zlib in occlum-gcc toolchians 2020-07-17 17:31:41 +00:00
Hui, Chunyang
9b1d694830 Add support for per-process memory size configuration with rlimit 
Rlimit are now on the same page of memory space limits defined in Occlum.json. Specific
memory size configuration can be set to child process with `prlimit` syscall or using `ulimit`
command in shell script.
 2020-07-17 22:07:56 +08:00
Hui, Chunyang
306c0333ad Fix occlum PAL library compatibility issues in demos 2020-07-14 11:22:11 +00:00
Hui, Chunyang
6ccd30ee3b Remove fish and busybox binaries from entrypoints to make it more secure 2020-06-27 07:56:31 +00:00
Junxian Xiao
86d11e9d44 Refactor the remote attestation demo 
This commits consists of three major changes:

1. Support a new interface to get the base64 quote only.
This is useful in the case that application sends the quote
to service provider server and get the final IAS report there.
The application itself doesn't depend on IAS in this case.

2. Improve the C++ programming style. Now, we only provide
C++ classes and limited C APIs(for configuration and sgx device).

3. Use the more general keywords as names prefix.

Signed-off-by: Junxian Xiao <junxian.xjx@antfin.com>
 2020-06-23 16:59:33 +08:00
Hui, Chunyang
9ce23a8c08 Add symbolic file support for FISH demo 2020-06-13 03:33:32 +00:00
LI Qing
a0d7b96a8f Polish the XGBoost demo 
1. Remove some useless installed packages
2. Adjust max number of threads according to CPU cores
 2020-06-05 15:09:26 +08:00
Junxian Xiao
e8e14350a5 Support access key in remote attestaion demo 
1. add access key configuration and code
2. Upgrade libcurl to support https
3. Support debug compile mode

Signed-off-by: Junxian Xiao <junxian.xjx@antfin.com>
 2020-06-05 14:52:31 +08:00
LI Qing
c1b4814703 Rewrite Python demo with NumPy, scikit-learn, and pandas 2020-06-05 11:56:31 +08:00
zongmin.gu
942321363d Combine the enclave configuration into the occlum configuration file 
Update the occlum.json to align with the gen_enclave_conf design.
Below is the two updated structures:
   "metadata": {
        "product_id": 0,
        "version_number": 0,
        "debuggable": true
    },
    "resource_limits": {
        "max_num_of_threads": 32,
        "kernel_space_heap_size": "32MB",
        "kernel_space_stack_size": "1MB",
        "user_space_size": "256MB"
    }
 2020-06-05 11:03:47 +08:00
Hui, Chunyang
3939899e76 Fix local attestation demo to use new PAL API and sdk 2.9.1 
Also format the code.
 2020-06-04 20:05:55 +08:00
Hui, Chunyang
73b4f8b08c Add support for PAL API v2 2020-05-29 05:26:38 +00:00
LI Qing
c27a94194f Polish the Golang demo with Gin web framework 2020-05-29 02:03:41 +00:00
Hui, Chunyang
c1911e6585 Add demo for shell (FISH) script 2020-05-28 19:55:09 +08:00
He Sun
b29aa1d6d0 Add the Occlum-compatible Rust toolchains and a demo 2020-05-22 14:36:11 +08:00
LI Qing
6d72e10fc1 Add Golang toolchain and the demo 
This commit provides a modified Go runtime in Docker image.
Now we can build a Go program using `occlum-go`, then run it
in SGX enclaves by Occlum.
The Golang demo demonstrates how to build and run a web server
program written in Go.
 2020-05-15 03:02:42 +00:00
Tate, Hongliang Tian
5b4b72a81a Bump the version number to 0.11.0 2020-04-17 17:52:17 +08:00
Tate, Hongliang Tian
ad077d644a Fix the demo for the embedded mode 2020-04-16 08:46:56 +00:00
LI Qing
f9df83f559 Fix the demo's compiling failure in some cases 
Some demos based on CMake may search installed packages out of
Occlum toolchain's directory, this could cause some building
errors sometimes. By setting the $PKG_CONFIG_LIBDIR, we can make
CMake searching for packages in Occlum toolchain's directory only.
 2020-04-15 14:14:00 +08:00
LI Qing
e1648fc870 Add the redirection of standard I/O for process 2020-04-02 11:07:24 +00:00
He Sun
8842af88f3 Fix incompatibility between OpenVino with musl libc 2020-03-21 08:52:37 +00:00
Hui, Chunyang
95ef2819db Add local attestation demo 2020-03-09 04:17:41 +00:00
Hui, Chunyang
15ce6efdc0 Add simulation support for Occlum embedded mode demo 2020-03-07 09:45:50 +00:00
LI Qing
3e81b42912 Add SQLite demo 2020-02-25 11:14:48 +00:00
LI Qing
bd56504b20 Add GDB support for apps running upon Occlum 
Please see the "gdb_support" in demos to find out how to
use GDB to debug your apps running upon Occlum.
 2020-02-14 07:52:45 +00:00
Tate, Hongliang Tian
c6bcbaf442 Fix some typos 2020-01-23 04:40:54 +00:00
LI Qing
343c19391a Add Python demo 2020-01-23 04:40:54 +00:00
Tate, Hongliang Tian
f2b4e96ed0 Add a demo for the embedded mode 2020-01-23 04:40:54 +00:00
He Sun
6d7597c25e Polish gRPC and remote attestation demos 
1. Disable zlib _explictly_ when building libcurl in remote attestaion demo.
The reason for this is that zlib may be implictly linked by the build system of
libcurl but not the zlib library is not copied into the Occlum FS image.
2. Use `make -j$(nproc)`
3. Fix typos
 2020-01-23 04:40:54 +00:00
He Sun
4ab667461e Add gRPC demo 
This demo shows how to run gRPC C++ sample client/server on Occlum.
 2019-12-13 12:17:55 +00:00
Junxian Xiao
2052447950 Add SGX remote attestaion demo 
This demo consists of
1. An user-friendly library for getting Intel Attestation Service (IAS) report.
2. A application that uses this library to get IAS report.

This demo requires obtaining service provider certificate/ID from Intel.
 2019-12-13 11:56:21 +00:00
LI Qing
b9fa937504 Add Intel OpenVINO demo 
This demo shows how to run Intel OpenVINO Inference Engine on Occlum inside SGX enclaves
 2019-12-10 06:07:27 +00:00
LI Qing
ba3813bea8 Add XGBoost demo 2019-11-30 13:39:26 +00:00
LI Qing
1304f5388d Improve Occlum GCC toolchain with new wrappers for binaries 
This commit makes the toolchain easier to use in two folds:
1. When compiling C/C++ source files, no need to add "-fPIC -pie" flags manually;
2. When running executables generated by the Occlum toolchain on Linux, no
need to set the `LD_LIBRARY_PATH` manually.
 2019-11-29 11:20:00 +00:00
Tate, Hongliang Tian
f9376ec4ba Polish the demos 
1. Rename demo/ to demos/
2. Add demos/README.md
 2019-10-19 02:04:13 +00:00