未验证 提交 90cc8932 编写于 作者: J jiazhiguang 提交者: GitHub

shim-rune: adapts to occlum 0.15.1

Signed-off-by: NZhiguang Jia <Zhiguang.Jia@linux.alibaba.com>
上级 f68b8466
......@@ -10,7 +10,7 @@ const (
EnclaveTypeKeyName = "ENCLAVE_TYPE"
EnclaveRuntimePathKeyName = "ENCLAVE_RUNTIME_PATH"
EnclaveRuntimeArgsKeyName = "ENCLAVE_RUNTIME_ARGS"
DefaultEnclaveRuntimeArgs = ".occlum"
DefaultEnclaveRuntimeArgs = "./"
)
const (
......@@ -140,8 +140,8 @@ function copyOcclumLiberaries() {
/bin/cp -f /usr/lib/libsgx_u*.so* ${lib_dir}
/bin/cp -f /usr/lib/libsgx_enclave_common.so.1 ${lib_dir}
/bin/cp -f /usr/lib/libsgx_launch.so.1 ${lib_dir}
#/bin/cp -f .occlum/build/lib/libocclum-pal.so ${lib_dir}/liberpal-occlum.so
#ln -sfn .occlum/build/lib/libocclum-pal.so liberpal-occlum.so
#/bin/cp -f ./build/lib/libocclum-pal.so ${lib_dir}/liberpal-occlum.so
#ln -sfn ./build/lib/libocclum-pal.so liberpal-occlum.so
#chroot ${rootfs} /sbin/ldconfig
popd
}
......@@ -169,17 +169,16 @@ function buildUnsignedEnclave(){
/bin/bash ${base_dir}/replace_occlum_image.sh ${rootfs} image
# occlum build
occlum build
if [ ! -f .occlum/build/lib/libocclum-libos.so ]; then
if [ -f .occlum/build/lib/libocclum-libos.so.0 ]; then
pushd .occlum/build/lib/
if [ ! -f ./build/lib/libocclum-libos.so ]; then
if [ -f ./build/lib/libocclum-libos.so.0 ]; then
pushd ./build/lib/
ln -s libocclum-libos.so.0 libocclum-libos.so
popd
fi
fi
mkdir -p ${rootfs}/${work_dir} || true
/bin/cp -fr .occlum ${rootfs}/${work_dir}
/bin/cp -f Enclave.xml ${rootfs}/${work_dir}
/bin/cp -f Occlum.json ${rootfs}/${work_dir}
rm -fr image
/bin/cp -fr . ${rootfs}/${work_dir}
popd
}
......
......@@ -217,7 +217,7 @@ func (c *occlum) BuildUnsignedEnclave(req *task.CreateTaskRequest, args *carrier
logrus.Errorf("BuildUnsignedEnclave: exec failed. error: %++v", err)
return "", err
}
enclavePath := filepath.Join("/", rootfsDirName, c.workDirectory, ".occlum/build/lib/libocclum-libos.so")
enclavePath := filepath.Join("/", rootfsDirName, c.workDirectory, "./build/lib/libocclum-libos.so")
return enclavePath, nil
}
......@@ -246,7 +246,7 @@ func (c *occlum) GenerateSigningMaterial(req *task.CreateTaskRequest, args *carr
func (c *occlum) CascadeEnclaveSignature(req *task.CreateTaskRequest, args *carrier.CascadeEnclaveSignatureArgs) (
signedEnclave string, err error) {
var bufferSize int64 = 1024 * 4
signedEnclave = filepath.Join("/", rootfsDirName, c.workDirectory, ".occlum/build/lib/libocclum-libos.signed.so")
signedEnclave = filepath.Join("/", rootfsDirName, c.workDirectory, "./build/lib/libocclum-libos.signed.so")
publicKey := filepath.Join("/", enclaveDataDir, "public_key.pem")
signature := filepath.Join("/", enclaveDataDir, "signature.dat")
if err := utils.CopyFile(args.Key, filepath.Join(req.Bundle, publicKey), bufferSize); err != nil {
......
......@@ -324,9 +324,11 @@ func (s *service) Create(ctx context.Context, r *taskAPI.CreateTaskRequest) (_ *
logrus.Infof("CreateTaskRequest: %s", string(data))
container, err := runc.NewContainer(ctx, s.platform, r)
if err != nil {
logrus.Errorf("rune Create NewContainer error: %++v", err)
/*//FIXME debug
/*if carr.Name() == "occlum" {
//if err != nil {
// logrus.Errorf("rune Create NewContainer error: %++v", err)
//FIXME debug
if _, err := os.Stat(r.Bundle); err == nil {
path := "/tmp/rune-container-test/runc-rootfs"
os.RemoveAll(path)
......@@ -341,9 +343,10 @@ func (s *service) Create(ctx context.Context, r *taskAPI.CreateTaskRequest) (_ *
time.Sleep(time.Minute)
} else {
logrus.Infof("bundle dir is not exist.", r.Bundle)
}*/
return nil, err
}
return nil, err
//}
}*/
data, _ = json.Marshal(container)
logrus.Infof("rune.NewContainer success: %s %s", r.ID, string(data))
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册