diff --git a/Cargo.lock b/Cargo.lock index a13f5d3..bfd2eef 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -605,6 +605,26 @@ version = "1.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8c3c1a368f70d6cf7302d78f8f7093da241fb8e8807c05cc9e51a125895a6d5b" +[[package]] +name = "bincode" +version = "2.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "36eaf5d7b090263e8150820482d5d93cd964a81e4019913c972f4edcc6edb740" +dependencies = [ + "bincode_derive", + "serde", + "unty", +] + +[[package]] +name = "bincode_derive" +version = "2.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bf95709a440f45e986983918d0e8a1f30a9b1df04918fc828670606804ac3c09" +dependencies = [ + "virtue", +] + [[package]] name = "bindgen" version = "0.69.5" @@ -1110,15 +1130,18 @@ dependencies = [ [[package]] name = "detee-shared" version = "0.1.0" -source = "git+ssh://git@gitea.detee.cloud/testnet/proto.git?branch=main#3024c00b8e1c93e70902793385b92bc0a8d1f26a" +source = "git+ssh://git@gitea.detee.cloud/testnet/proto.git?branch=feat_dir_support_dtpm_config#64d7a1c9e16836615602636e346a356960dabd00" dependencies = [ "base64", + "bincode", "prost", "serde", "serde_yaml", + "tar", "thiserror 2.0.11", "tonic", "tonic-build", + "zstd", ] [[package]] @@ -1316,6 +1339,18 @@ version = "0.2.9" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "28dea519a9695b9977216879a3ebfddf92f1c08c05d984f8996aecd6ecdc811d" +[[package]] +name = "filetime" +version = "0.2.25" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "35c0522e981e68cbfa8c3f978441a5f34b30b96e146b33cd3359176b50fe8586" +dependencies = [ + "cfg-if", + "libc", + "libredox", + "windows-sys 0.59.0", +] + [[package]] name = "fixed-hash" version = "0.8.0" @@ -2085,12 +2120,29 @@ version = "0.2.11" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8355be11b20d696c8f18f6cc018c4e372165b1fa8126cef092399c9951984ffa" +[[package]] +name = "libredox" +version = "0.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c0ff37bd590ca25063e35af745c343cb7a0271906fb7b37e4813e8f79f00268d" +dependencies = [ + "bitflags", + "libc", + "redox_syscall", +] + [[package]] name = "linux-raw-sys" version = "0.4.14" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "78b3ae25bc7c8c38cec158d1f2757ee79e9b3740fbc7ccf0e59e4b08d793fa89" +[[package]] +name = "linux-raw-sys" +version = "0.9.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cd945864f07fe9f5371a27ad7b52a172b4b499999f1d97574c9fa68373937e12" + [[package]] name = "litemap" version = "0.7.4" @@ -2682,6 +2734,15 @@ dependencies = [ "yasna", ] +[[package]] +name = "redox_syscall" +version = "0.5.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d2f103c6d277498fbceb16e84d317e2a400f160f46904d5f5410848c829511a3" +dependencies = [ + "bitflags", +] + [[package]] name = "regex" version = "1.11.1" @@ -2883,10 +2944,23 @@ dependencies = [ "bitflags", "errno", "libc", - "linux-raw-sys", + "linux-raw-sys 0.4.14", "windows-sys 0.59.0", ] +[[package]] +name = "rustix" +version = "1.0.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d97817398dd4bb2e6da002002db259209759911da105da92bec29ccb12cf58bf" +dependencies = [ + "bitflags", + "errno", + "libc", + "linux-raw-sys 0.9.4", + "windows-sys 0.52.0", +] + [[package]] name = "rustls" version = "0.23.23" @@ -3346,6 +3420,17 @@ version = "1.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "55937e1799185b12863d447f42597ed69d9928686b8d88a1df17376a097d8369" +[[package]] +name = "tar" +version = "0.4.44" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1d863878d212c87a19c1a610eb53bb01fe12951c0501cf5a0d65f724914a667a" +dependencies = [ + "filetime", + "libc", + "xattr", +] + [[package]] name = "tempfile" version = "3.17.1" @@ -3356,7 +3441,7 @@ dependencies = [ "fastrand", "getrandom 0.3.1", "once_cell", - "rustix", + "rustix 0.38.42", "windows-sys 0.59.0", ] @@ -3592,6 +3677,7 @@ dependencies = [ "tower-layer", "tower-service", "tracing", + "zstd", ] [[package]] @@ -3767,6 +3853,12 @@ version = "0.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8ecb6da28b8a351d773b68d5825ac39017e680750f980f3a1a85cd8dd28a47c1" +[[package]] +name = "unty" +version = "0.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6d49784317cd0d1ee7ec5c716dd598ec5b4483ea832a2dced265471cc0f690ae" + [[package]] name = "ureq" version = "3.0.3" @@ -3851,6 +3943,12 @@ version = "0.9.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0b928f33d975fc6ad9f86c8f283853ad26bdd5b10b7f1542aa2fa15e2289105a" +[[package]] +name = "virtue" +version = "0.0.18" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "051eb1abcf10076295e815102942cc58f9d5e3b4560e46e53c21e8ff6f3af7b1" + [[package]] name = "wait-timeout" version = "0.2.1" @@ -3983,7 +4081,7 @@ dependencies = [ "either", "home", "once_cell", - "rustix", + "rustix 0.38.42", ] [[package]] @@ -4180,6 +4278,16 @@ dependencies = [ "time", ] +[[package]] +name = "xattr" +version = "1.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0d65cbf2f12c15564212d48f4e3dfb87923d25d611f2aed18f4cb23f0413d89e" +dependencies = [ + "libc", + "rustix 1.0.5", +] + [[package]] name = "yasna" version = "0.5.2" @@ -4296,3 +4404,31 @@ dependencies = [ "quote", "syn 2.0.91", ] + +[[package]] +name = "zstd" +version = "0.13.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e91ee311a569c327171651566e07972200e76fcfe2242a4fa446149a3881c08a" +dependencies = [ + "zstd-safe", +] + +[[package]] +name = "zstd-safe" +version = "7.2.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8f49c4d5f0abb602a93fb8736af2a4f4dd9512e36f7f570d66e65ff867ed3b9d" +dependencies = [ + "zstd-sys", +] + +[[package]] +name = "zstd-sys" +version = "2.0.15+zstd.1.5.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "eb81183ddd97d0c74cedf1d50d85c8d08c1b8b68ee863bdee9e706eedba1a237" +dependencies = [ + "cc", + "pkg-config", +] diff --git a/Cargo.toml b/Cargo.toml index 5fe3ceb..bd1298f 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -19,7 +19,7 @@ serde_yaml = "0.9.34" tabled = "0.17.0" tokio-stream = "0.1.17" tokio = { version = "1.42.0", features = ["macros", "rt-multi-thread"] } -tonic = { version = "0.12" } +tonic = { version = "0.12", features = ["zstd"] } thiserror = "2.0.9" bs58 = "0.5.1" chrono = "0.4.39" @@ -34,7 +34,7 @@ openssl = { version = "0.10.71", features = ["vendored"] } tokio-retry = "0.3.0" detee-sgx = { git = "ssh://git@gitea.detee.cloud/testnet/detee-sgx.git", branch = "hratls", features=["hratls", "qvl"] } -detee-shared = { git = "ssh://git@gitea.detee.cloud/testnet/proto.git", branch = "main" } +detee-shared = { git = "ssh://git@gitea.detee.cloud/testnet/proto.git", branch = "feat_dir_support_dtpm_config" } # detee-shared = { path = "../detee-shared" } [build-dependencies] diff --git a/samples/new_app/new_app_launch_config.yaml b/samples/new_app/new_app_launch_config.yaml index dbdb2fb..4641a86 100644 --- a/samples/new_app/new_app_launch_config.yaml +++ b/samples/new_app/new_app_launch_config.yaml @@ -1,15 +1,21 @@ -filesystems: - # - path: /bin/actix-hello-world - # content: !path "./samples/new_app/binaries/actix-test-app.bin" environments: - name: APP_NAME value: actix-test - name: PORT value: 8080 +# - name: STATIC_DIR +# value: "/static/html_doc" child_processes: - - path: /bin/actix-app-info - arguments: ["pg_1_arg_1", "pg_1_arg_2"] + - path: /bin/actix-static-server + arguments: [] restart: max_retries: 2 delay_seconds: 2 policy: !OnNonZeroExit true +filesystems: + - path: /host + content: !path "./src" + - path: /host + content: !path "./samples" +# - path: /static +# content: !path "./html_doc" \ No newline at end of file diff --git a/src/bin/detee-cli.rs b/src/bin/detee-cli.rs index ae625d9..c49d1d0 100644 --- a/src/bin/detee-cli.rs +++ b/src/bin/detee-cli.rs @@ -141,8 +141,10 @@ fn clap_cmd() -> Command { Arg::new("package") .long("package") .help("Enclave package name") - .default_value("base-package") - .value_parser(["base-package", "actix-app-info", "go-app-info"]) + // .default_value("base-package") + // .value_parser(["base-package", "actix-app-info", "go-app-info"]) + .default_value("actix-static-server") + .value_parser(["actix-static-server"]) ) .arg( Arg::new("name") diff --git a/src/sgx/grpc_dtpm.rs b/src/sgx/grpc_dtpm.rs index 6930279..d8d45ff 100644 --- a/src/sgx/grpc_dtpm.rs +++ b/src/sgx/grpc_dtpm.rs @@ -3,11 +3,17 @@ use detee_shared::common_proto::Empty; use hyper_rustls::HttpsConnectorBuilder; use rustls::ClientConfig; use std::sync::{Arc, RwLock}; -use tonic::transport::{Channel, Endpoint}; +use tokio::sync::mpsc; +use tokio_stream::wrappers::ReceiverStream; +use tonic::{ + codec::CompressionEncoding, + transport::{Channel, Endpoint}, +}; use detee_shared::sgx::{ pb::dtpm_proto::{ dtpm_config_manager_client::DtpmConfigManagerClient, DtpmConfigData, DtpmSetConfigReq, + FileEntry, }, types::dtpm::DtpmConfig, }; @@ -65,10 +71,12 @@ pub async fn connect_dtpm_grpc_client( let channel = Endpoint::from_shared(hratls_uri)?.connect_with_connector(connector).await?; - Ok(DtpmConfigManagerClient::new(channel)) + Ok(DtpmConfigManagerClient::new(channel).send_compressed(CompressionEncoding::Zstd)) } pub async fn attest_and_send_config(loaded_config: DtpmConfig, uuid: &str) -> Result<()> { + let files = loaded_config.filesystems.clone(); + let config_data = Some(DtpmConfigData::from(loaded_config)); let req_data = DtpmSetConfigReq { config_data, ..Default::default() }; @@ -79,6 +87,22 @@ pub async fn attest_and_send_config(loaded_config: DtpmConfig, uuid: &str) -> Re let client = connect_dtpm_grpc_client(hratls_uri, mr_enclave).await?; + let (tx, rx) = mpsc::channel(6); + tokio::spawn(async move { + for file in files { + let file_pb: FileEntry = file.into(); + let _ = tx.send(file_pb).await; + } + }); + + let fs_stream = ReceiverStream::new(rx); + + let _ = client + .clone() + .max_decoding_message_size(10240000) + .upload_files(tonic::Request::new(fs_stream)) + .await?; + let response = client .max_decoding_message_size(10240000) .set_config(tonic::Request::new(req_data)) diff --git a/src/sgx/mod.rs b/src/sgx/mod.rs index 278d8e4..fd508a7 100644 --- a/src/sgx/mod.rs +++ b/src/sgx/mod.rs @@ -71,6 +71,13 @@ pub struct PackageElement { pub static PACKAGES_INDEX: LazyLock = LazyLock::new(|| { PublicIndex { packages: vec![ + PackageElement{ + package_name: "actix-static-server".to_string(), + package_url: "https://registry.detee.ltd/sgx/packages_staging/actix-static-server_package_2025-04-10_09-26-42.tar.gz".to_string(), + launch_config_url: "https://registry.detee.ltd/sgx/launch_configs_staging/actix-static-server-launch-config_001.yaml".to_string(), + mr_enclave: [40, 113, 121, 165, 242, 180, 73, 116, 237, 163, 141, 178, 63, 246, 229, 68, 109, 78, 102, 212, 22, 92, 37, 93, 171, 123, 213, 120, 162, 77, 162, 154], + }, + /* PackageElement{ package_name: "base-package".to_string(), package_url: "https://registry.detee.ltd/sgx/packages/base-package_2025-03-25_13-54-06.tar.gz".to_string(), @@ -88,8 +95,8 @@ pub static PACKAGES_INDEX: LazyLock = LazyLock::new(|| { package_url: "https://registry.detee.ltd/sgx/packages/go-gin-app-info_01_package_2025-03-26_11-30-45.tar.gz".to_string(), launch_config_url: "https://registry.detee.ltd/sgx/launch_configs/go-gin-app-info-launch-config_001.yaml".to_string(), mr_enclave: [239, 153, 28, 180, 45, 214, 226, 253, 140, 243, 34, 120, 146, 198, 75, 43, 205, 229, 33, 160, 62, 22, 244, 123, 213, 37, 186, 93, 177, 8, 129, 170], - } + */ ], } }); diff --git a/src/sgx/packaging.rs b/src/sgx/packaging.rs index 3f98e4f..82e60e0 100644 --- a/src/sgx/packaging.rs +++ b/src/sgx/packaging.rs @@ -18,7 +18,7 @@ pub fn package_enclave( format!( r#"docker run --rm -it -v ./:/app/ \ -v {signing_key_path}:/keys/app_signing_key.pem:ro \ - noormohammedb/enclave_packager_01:pub_v3 {package_items}"# + noormohammedb/enclave_packager_01:pub_v4 {package_items}"# ) } else { format!(