rune/libcontainer: Generate Enclave Device /dev/gsgx for graphene-sgx LibOS

Support to automatically mount the /dev/gsgx to enclave container.
Signed-off-by: NYilin Li <YiLin.Li@linux.alibaba.com>

rune/libcontainer/specconv/spec_linux.go

@@ -395,7 +395,7 @@ func createEnclaveDevices(devs []*configs.Device, etype string, fn func(dev *con
 func genEnclavePathTemplate(etype string) []string {
 	switch etype {
 	case configs.EnclaveHwIntelSgx:
-		return []string{"/dev/isgx", "/dev/sgx/enclave"}
+		return []string{"/dev/isgx", "/dev/sgx/enclave", "/dev/gsgx"}
 	default:
 		return nil
 	}
@@ -415,6 +415,11 @@ func genEnclaveDeviceTemplate(etype string) []*configs.Device {
 				Path:  "/dev/sgx/enclave",
 				Major: 10,
 			},
+			&configs.Device{
+				Type:  'c',
+				Path:  "/dev/gsgx",
+				Major: 10,
+			},
 		}
 	default:
 		return nil