dff0dbf77d
* Add patch to Rust SGX SDK to enable integrity-only SgxFile * Upgrade to the new SEFS extended with the integrity-only mode * Use integrity-only SEFS for /bin and /lib in test * Add the MAC of integrity-only SEFS to Occlum.json in test * Mount multiple FS according to Occlum.json * Check the MACs of integrity-only SEFS images
51 lines
1.0 KiB
Bash
Executable File
51 lines
1.0 KiB
Bash
Executable File
#!/bin/bash
|
|
bin_sefs_mac=$1
|
|
lib_sefs_mac=$2
|
|
|
|
cat <<EOF
|
|
{
|
|
"vm": {
|
|
"user_space_size": "128MB"
|
|
},
|
|
"process": {
|
|
"default_stack_size": "4MB",
|
|
"default_heap_size": "16MB",
|
|
"default_mmap_size": "32MB"
|
|
},
|
|
"mount": [
|
|
{
|
|
"target": "/",
|
|
"type": "sefs",
|
|
"source": "./sefs/root"
|
|
},
|
|
{
|
|
"target": "/bin",
|
|
"type": "sefs",
|
|
"source": "./sefs/bin",
|
|
"options": {
|
|
"integrity_only": true,
|
|
"MAC": "$bin_sefs_mac"
|
|
}
|
|
},
|
|
{
|
|
"target": "/lib",
|
|
"type": "sefs",
|
|
"source": "./sefs/lib",
|
|
"options": {
|
|
"integrity_only": true,
|
|
"MAC": "$lib_sefs_mac"
|
|
}
|
|
},
|
|
{
|
|
"target": "/host",
|
|
"type": "hostfs",
|
|
"source": "."
|
|
},
|
|
{
|
|
"target": "/tmp",
|
|
"type": "ramfs"
|
|
}
|
|
]
|
|
}
|
|
EOF
|