Commit 779c3f55 authored by Amanda Souza's avatar Amanda Souza
Browse files

importing from github to gitlab

parents
From ae287671d309bf26c9a5987162be6f2d3f768826 Mon Sep 17 00:00:00 2001
From: Sean Christopherson <sean.j.christopherson@intel.com>
Date: Wed, 2 Nov 2016 15:03:05 -0700
Subject: [PATCH 1/3] Remove modprobe/lsmod for use in docker container
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
---
linux/installer/bin/install-sgx-psw.bin.tmpl | 12 ------------
1 file changed, 12 deletions(-)
diff --git a/linux/installer/bin/install-sgx-psw.bin.tmpl b/linux/installer/bin/install-sgx-psw.bin.tmpl
index 6b05b4f..30c66cf 100755
--- a/linux/installer/bin/install-sgx-psw.bin.tmpl
+++ b/linux/installer/bin/install-sgx-psw.bin.tmpl
@@ -30,18 +30,6 @@
#
#
-modinfo isgx &> /dev/null
-if [[ $? != "0" ]]; then
- lsmod | grep isgx &> /dev/null
- if [[ $? = "0" ]]; then
- echo "Warning: You did not follow the document to install the driver package"
- echo
- else
- echo "Please install the driver package before the PSW package"
- exit 4
- fi
-fi
-
set -e
PKG_NAME="Intel SGX PSW Package"
--
2.7.4
From 7100635ae12464ab56a85bfe3f66f56cbaea04dd Mon Sep 17 00:00:00 2001
From: Sean Christopherson <sean.j.christopherson@intel.com>
Date: Wed, 2 Nov 2016 16:07:08 -0700
Subject: [PATCH 2/3] Remove unnecessary sudo from PSW install script
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
---
linux/installer/common/psw/install.sh | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/linux/installer/common/psw/install.sh b/linux/installer/common/psw/install.sh
index 8b5be3c..9a350d5 100755
--- a/linux/installer/common/psw/install.sh
+++ b/linux/installer/common/psw/install.sh
@@ -81,7 +81,7 @@ elif [ -d /etc/init/ ]; then
chmod 0644 $AESMD_DEST
rm -f $AESMD_TEMP
rm -f $AESM_PATH/aesmd.service
- sudo /sbin/initctl reload-configuration
+ /sbin/initctl reload-configuration
retval=$?
else
echo " failed."
@@ -106,7 +106,7 @@ if test \$(id -u) -ne 0; then
fi
# Killing AESM service
-sudo /usr/sbin/service aesmd stop
+/usr/sbin/service aesmd stop
$DISABLE_AESMD
# Removing AESM configuration files
rm -f $AESMD_DEST
@@ -132,7 +132,7 @@ chmod +x $PSW_DST_PATH/uninstall.sh
if [ -d /run/systemd/system ]; then
systemctl start aesmd
elif [ -d /etc/init/ ]; then
- sudo /sbin/initctl start aesmd
+ /sbin/initctl start aesmd
fi
echo -e "\nuninstall.sh script generated in $PSW_DST_PATH\n"
--
2.7.4
From 01d78f32d28112673b3dadb25ed727431b722215 Mon Sep 17 00:00:00 2001
From: Sean Christopherson <sean.j.christopherson@intel.com>
Date: Wed, 2 Nov 2016 16:41:56 -0700
Subject: [PATCH 3/3] Remove daemonization of AESM
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
---
psw/ae/aesm_service/source/aesm/application/main.cpp | 14 +++++++-------
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/psw/ae/aesm_service/source/aesm/application/main.cpp b/psw/ae/aesm_service/source/aesm/application/main.cpp
index 459bce9..13cb730 100644
--- a/psw/ae/aesm_service/source/aesm/application/main.cpp
+++ b/psw/ae/aesm_service/source/aesm/application/main.cpp
@@ -74,13 +74,13 @@ void signal_handler(int sig)
}
int main() {
- if(daemon(0, 0) < 0)
- {
- AESM_LOG_INIT();
- AESM_LOG_FATAL("Fail to set daemon.");
- AESM_LOG_FINI();
- exit(1);
- }
+ // if(daemon(0, 0) < 0)
+ // {
+ // AESM_LOG_INIT();
+ // AESM_LOG_FATAL("Fail to set daemon.");
+ // AESM_LOG_FINI();
+ // exit(1);
+ // }
CURLcode curl_code = curl_global_init(CURL_GLOBAL_DEFAULT);
if(curl_code!=CURLE_OK){
curl_initialized = false;
--
2.7.4
#An environment to run sgx applications
FROM ubuntu:14.04
MAINTAINER aminueza version: 1.0
RUN apt-get update && apt-get install -y software-properties-common
RUN add-apt-repository -y ppa:ubuntu-toolchain-r/test
RUN apt-get update && apt-get install -y git build-essential ocaml automake python sudo autoconf libtool libcurl4-openssl-dev libprotobuf-dev libprotobuf-c0-dev protobuf-compiler curl make g++ unzip wget libssl$ software-properties-common g++-4.9 cmake nano vim
WORKDIR /home/sgx/drivers
RUN git clone https://github.com/01org/linux-sgx.git
WORKDIR /home/sgx/drivers/linux-sgx/
RUN git checkout f4005be591a82b1bedfbf8021cec8929a3911bb1
WORKDIR /home/sgx/drivers
RUN git clone https://github.com/aminueza/docker-sgx.git
WORKDIR /home/sgx/drivers/docker-sgx
RUN cp -r 000*.patch /home/sgx/drivers/linux-sgx/
WORKDIR /home/sgx/drivers/linux-sgx/
RUN git apply *.patch && \
./download_prebuilt.sh && \
make && \
make psw_install_pkg && \
make sdk_install_pkg
RUN mkdir -p /opt/intel && \
cd /opt/intel && \
/home/sgx/drivers/linux-sgx/linux/installer/bin/sgx_linux_x64_psw_1.*.bin && \
sh -c 'echo yes | /home/sgx/drivers/linux-sgx/linux/installer/bin/sgx_linux_x64_sdk_1.*.bin'
#Building restbed
WORKDIR /home/sgx/drivers
RUN git clone --recursive https://git.lsd.ufcg.edu.br/restbed/restbed.git
WORKDIR /home/sgx/drivers/restbed/build
RUN cmake -DBUILD_TESTS=YES -DBUILD_EXAMPLES=YES -DBUILD_SSL=YES -DBUILD_SHARED=YES -DCMAKE_CXX_COMPILER=`which g++-4.9` ..
RUN make install
RUN echo "export RESTBED_MODULES_PATH=/home/sgx/drivers/restbed" >> ~/.bashrc
RUN echo "export LD_LIBRARY_PATH=${RESTBED_MODULES_PATH}/distribution/library" >> ~/.bashrc
RUN /bin/bash -c "source ~/.bashrc"
CMD ["/bin/bash"]
# Software Guard Extensions (SGX) DOCKER
**Running Intel(R) Software Guard Extensions (Intel(R) SGX) in Docker Containers.**
This is a Git repository for Intel SGX applications using Docker Containers.
The Intel(R) Software Guard Extensions (Intel(R) SGX) is an Intel technology for application developers seeking to protect select code and data from disclosure or modification.
The Linux SGX software stack is comprised of the SGX driver, the SGX SDK, and the SGX Platform Software. The SGX SDK and SGX PSW are hosted in the [linux-sgx](https://github.com/01org/linux-sgx) project.
The [linux-sgx-driver](https://github.com/01org/linux-sgx-driver) project hosts the out-of-tree driver for the Linux SGX software stack, which will be used until the driver upstreaming process is complete.
**Running SGX application requires installing SGX driver and SGX PSW/SDK to host.
## Download Docker Image
1 - Download a docker image:
```bash
$ docker pull aminueza/docker-sgx
```
## Run a docker image
2 - Run a new image:
```bash
$ docker run --device=/dev/isgx -it docker-sgx
```
*or start an interactive bash session:
```bash
$ docker run --device=/dev/isgx -it docker-sgx /bin/bash
```
## Thanks
Special thanks to [Sean Christopherson](https://github.com/sean-jc), for providing the patches used into docker image.
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment