未验证 提交 90cc8932 编写于 作者: J jiazhiguang 提交者: GitHub

shim-rune: adapts to occlum 0.15.1

Signed-off-by: NZhiguang Jia <Zhiguang.Jia@linux.alibaba.com>
上级 f68b8466
...@@ -10,7 +10,7 @@ const ( ...@@ -10,7 +10,7 @@ const (
EnclaveTypeKeyName = "ENCLAVE_TYPE" EnclaveTypeKeyName = "ENCLAVE_TYPE"
EnclaveRuntimePathKeyName = "ENCLAVE_RUNTIME_PATH" EnclaveRuntimePathKeyName = "ENCLAVE_RUNTIME_PATH"
EnclaveRuntimeArgsKeyName = "ENCLAVE_RUNTIME_ARGS" EnclaveRuntimeArgsKeyName = "ENCLAVE_RUNTIME_ARGS"
DefaultEnclaveRuntimeArgs = ".occlum" DefaultEnclaveRuntimeArgs = "./"
) )
const ( const (
...@@ -140,8 +140,8 @@ function copyOcclumLiberaries() { ...@@ -140,8 +140,8 @@ function copyOcclumLiberaries() {
/bin/cp -f /usr/lib/libsgx_u*.so* ${lib_dir} /bin/cp -f /usr/lib/libsgx_u*.so* ${lib_dir}
/bin/cp -f /usr/lib/libsgx_enclave_common.so.1 ${lib_dir} /bin/cp -f /usr/lib/libsgx_enclave_common.so.1 ${lib_dir}
/bin/cp -f /usr/lib/libsgx_launch.so.1 ${lib_dir} /bin/cp -f /usr/lib/libsgx_launch.so.1 ${lib_dir}
#/bin/cp -f .occlum/build/lib/libocclum-pal.so ${lib_dir}/liberpal-occlum.so #/bin/cp -f ./build/lib/libocclum-pal.so ${lib_dir}/liberpal-occlum.so
#ln -sfn .occlum/build/lib/libocclum-pal.so liberpal-occlum.so #ln -sfn ./build/lib/libocclum-pal.so liberpal-occlum.so
#chroot ${rootfs} /sbin/ldconfig #chroot ${rootfs} /sbin/ldconfig
popd popd
} }
...@@ -169,17 +169,16 @@ function buildUnsignedEnclave(){ ...@@ -169,17 +169,16 @@ function buildUnsignedEnclave(){
/bin/bash ${base_dir}/replace_occlum_image.sh ${rootfs} image /bin/bash ${base_dir}/replace_occlum_image.sh ${rootfs} image
# occlum build # occlum build
occlum build occlum build
if [ ! -f .occlum/build/lib/libocclum-libos.so ]; then if [ ! -f ./build/lib/libocclum-libos.so ]; then
if [ -f .occlum/build/lib/libocclum-libos.so.0 ]; then if [ -f ./build/lib/libocclum-libos.so.0 ]; then
pushd .occlum/build/lib/ pushd ./build/lib/
ln -s libocclum-libos.so.0 libocclum-libos.so ln -s libocclum-libos.so.0 libocclum-libos.so
popd popd
fi fi
fi fi
mkdir -p ${rootfs}/${work_dir} || true mkdir -p ${rootfs}/${work_dir} || true
/bin/cp -fr .occlum ${rootfs}/${work_dir} rm -fr image
/bin/cp -f Enclave.xml ${rootfs}/${work_dir} /bin/cp -fr . ${rootfs}/${work_dir}
/bin/cp -f Occlum.json ${rootfs}/${work_dir}
popd popd
} }
......
...@@ -217,7 +217,7 @@ func (c *occlum) BuildUnsignedEnclave(req *task.CreateTaskRequest, args *carrier ...@@ -217,7 +217,7 @@ func (c *occlum) BuildUnsignedEnclave(req *task.CreateTaskRequest, args *carrier
logrus.Errorf("BuildUnsignedEnclave: exec failed. error: %++v", err) logrus.Errorf("BuildUnsignedEnclave: exec failed. error: %++v", err)
return "", err return "", err
} }
enclavePath := filepath.Join("/", rootfsDirName, c.workDirectory, ".occlum/build/lib/libocclum-libos.so") enclavePath := filepath.Join("/", rootfsDirName, c.workDirectory, "./build/lib/libocclum-libos.so")
return enclavePath, nil return enclavePath, nil
} }
...@@ -246,7 +246,7 @@ func (c *occlum) GenerateSigningMaterial(req *task.CreateTaskRequest, args *carr ...@@ -246,7 +246,7 @@ func (c *occlum) GenerateSigningMaterial(req *task.CreateTaskRequest, args *carr
func (c *occlum) CascadeEnclaveSignature(req *task.CreateTaskRequest, args *carrier.CascadeEnclaveSignatureArgs) ( func (c *occlum) CascadeEnclaveSignature(req *task.CreateTaskRequest, args *carrier.CascadeEnclaveSignatureArgs) (
signedEnclave string, err error) { signedEnclave string, err error) {
var bufferSize int64 = 1024 * 4 var bufferSize int64 = 1024 * 4
signedEnclave = filepath.Join("/", rootfsDirName, c.workDirectory, ".occlum/build/lib/libocclum-libos.signed.so") signedEnclave = filepath.Join("/", rootfsDirName, c.workDirectory, "./build/lib/libocclum-libos.signed.so")
publicKey := filepath.Join("/", enclaveDataDir, "public_key.pem") publicKey := filepath.Join("/", enclaveDataDir, "public_key.pem")
signature := filepath.Join("/", enclaveDataDir, "signature.dat") signature := filepath.Join("/", enclaveDataDir, "signature.dat")
if err := utils.CopyFile(args.Key, filepath.Join(req.Bundle, publicKey), bufferSize); err != nil { if err := utils.CopyFile(args.Key, filepath.Join(req.Bundle, publicKey), bufferSize); err != nil {
......
...@@ -324,9 +324,11 @@ func (s *service) Create(ctx context.Context, r *taskAPI.CreateTaskRequest) (_ * ...@@ -324,9 +324,11 @@ func (s *service) Create(ctx context.Context, r *taskAPI.CreateTaskRequest) (_ *
logrus.Infof("CreateTaskRequest: %s", string(data)) logrus.Infof("CreateTaskRequest: %s", string(data))
container, err := runc.NewContainer(ctx, s.platform, r) container, err := runc.NewContainer(ctx, s.platform, r)
if err != nil {
logrus.Errorf("rune Create NewContainer error: %++v", err) /*if carr.Name() == "occlum" {
/*//FIXME debug //if err != nil {
// logrus.Errorf("rune Create NewContainer error: %++v", err)
//FIXME debug
if _, err := os.Stat(r.Bundle); err == nil { if _, err := os.Stat(r.Bundle); err == nil {
path := "/tmp/rune-container-test/runc-rootfs" path := "/tmp/rune-container-test/runc-rootfs"
os.RemoveAll(path) os.RemoveAll(path)
...@@ -341,9 +343,10 @@ func (s *service) Create(ctx context.Context, r *taskAPI.CreateTaskRequest) (_ * ...@@ -341,9 +343,10 @@ func (s *service) Create(ctx context.Context, r *taskAPI.CreateTaskRequest) (_ *
time.Sleep(time.Minute) time.Sleep(time.Minute)
} else { } else {
logrus.Infof("bundle dir is not exist.", r.Bundle) logrus.Infof("bundle dir is not exist.", r.Bundle)
}*/
return nil, err
} }
return nil, err
//}
}*/
data, _ = json.Marshal(container) data, _ = json.Marshal(container)
logrus.Infof("rune.NewContainer success: %s %s", r.ID, string(data)) logrus.Infof("rune.NewContainer success: %s %s", r.ID, string(data))
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册