From 7364b21093ea7049204add8a790f33d362c5f81a Mon Sep 17 00:00:00 2001 From: Antonio Nino Diaz Date: Tue, 8 Sep 2020 16:05:51 +0000 Subject: [PATCH] CI: Add scripts to run samples automatically The scripts are a mix of bash and GNU expect for flexibility, as each sample needs to be tested in slightly different ways. Each sample must have a test.sh script in its folder so that the CI detects it and runs it. They are executed by run_sample.sh script, created using run_test.sh as an example. This commit adds several samples to the CI, but not all of them: - The ml folder samples, for example, take far too long to be part of a regular CI run, and need caching of docker images, which is a task on its own. - The openmp and nodejs samples seem to be broken. --- .../scripts/install_prerequisites.sh | 1 + .azure-pipelines/scripts/run_sample.sh | 86 +++++++++++++++++++ .azure-pipelines/scripts/run_test.sh | 2 +- .azure-pipelines/scripts/test_runner.sh | 7 ++ .azure-pipelines/template.yml | 1 + samples/basic/attack/plain-docker.exp | 14 +++ samples/basic/attack/read_memory.sh | 3 +- samples/basic/attack/sgx.exp | 22 +++++ samples/basic/attack/test.sh | 27 ++++++ samples/basic/helloworld/test.sh | 19 ++++ samples/common.mk | 18 ++++ samples/common.sh | 18 ++++ samples/containers/alpine/test.sh | 18 ++++ samples/containers/encrypted/Makefile | 7 +- samples/containers/encrypted/test.sh | 21 +++++ samples/containers/redis/Makefile | 8 +- samples/containers/redis/README.md | 3 + samples/containers/redis/run-hw.exp | 16 ++++ samples/containers/redis/run-redis-client.sh | 7 +- samples/containers/redis/run-sw.exp | 16 ++++ samples/containers/redis/test.sh | 26 ++++++ samples/languages/dotnet/Makefile | 7 +- samples/languages/dotnet/README.md | 17 ++++ samples/languages/dotnet/test.sh | 19 ++++ samples/languages/java/Makefile | 6 +- samples/languages/java/README.md | 6 ++ samples/languages/java/run-hw.exp | 9 ++ samples/languages/java/run-sw.exp | 9 ++ samples/languages/java/test.sh | 24 ++++++ samples/languages/python/test.sh | 34 ++++++++ 30 files changed, 443 insertions(+), 28 deletions(-) create mode 100755 .azure-pipelines/scripts/run_sample.sh create mode 100755 samples/basic/attack/plain-docker.exp create mode 100755 samples/basic/attack/sgx.exp create mode 100755 samples/basic/attack/test.sh create mode 100755 samples/basic/helloworld/test.sh create mode 100644 samples/common.mk create mode 100755 samples/common.sh create mode 100755 samples/containers/alpine/test.sh create mode 100755 samples/containers/encrypted/test.sh create mode 100755 samples/containers/redis/run-hw.exp create mode 100755 samples/containers/redis/run-sw.exp create mode 100755 samples/containers/redis/test.sh create mode 100755 samples/languages/dotnet/test.sh create mode 100755 samples/languages/java/run-hw.exp create mode 100755 samples/languages/java/run-sw.exp create mode 100755 samples/languages/java/test.sh create mode 100755 samples/languages/python/test.sh diff --git a/.azure-pipelines/scripts/install_prerequisites.sh b/.azure-pipelines/scripts/install_prerequisites.sh index 08da0ae1c..8fc886cb4 100755 --- a/.azure-pipelines/scripts/install_prerequisites.sh +++ b/.azure-pipelines/scripts/install_prerequisites.sh @@ -9,6 +9,7 @@ sudo apt-get install -y \ autopoint pkgconf autoconf libtool libcurl4-openssl-dev libprotobuf-dev libprotobuf-c-dev protobuf-compiler protobuf-c-compiler libssl-dev \ ninja-build ansible "linux-headers-$(uname -r)" \ python3 python3-setuptools python3-pip unzip dkms debhelper apt-utils pax-utils openjdk-8-jdk-headless \ + redis-tools \ expect \ gdb \ shellcheck clang-format diff --git a/.azure-pipelines/scripts/run_sample.sh b/.azure-pipelines/scripts/run_sample.sh new file mode 100755 index 000000000..44159bf0e --- /dev/null +++ b/.azure-pipelines/scripts/run_sample.sh @@ -0,0 +1,86 @@ +#!/bin/bash + +if [ -z "$SGXLKL_ROOT" ]; then + echo "ERROR: 'SGXLKL_ROOT' is undefined. Please export SGXLKL_ROOT= source code repository" + exit 1 +fi +if [ -z "$SGXLKL_BUILD_MODE" ]; then + echo "ERROR: 'SGXLKL_BUILD_MODE' is undefined. Please export SGXLKL_BUILD_MODE=" + exit 1 +fi + +#shellcheck source=.azure-pipelines/scripts/junit_utils.sh +. "$SGXLKL_ROOT/.azure-pipelines/scripts/junit_utils.sh" +#shellcheck source=.azure-pipelines/scripts/test_utils.sh +. "$SGXLKL_ROOT/.azure-pipelines/scripts/test_utils.sh" + +# Initialize the variables and test case [mandatory]. +sample_mode=$1 # clean, init or run +run_mode=$2 # run-hw or run-sw + +if [[ "$sample_mode" == "clean" ]]; then + ./test.sh clean + exit $? +fi + +samples_dir=$SGXLKL_ROOT/samples +sample_name="$(realpath --relative-to="$samples_dir" "$(pwd)")" +sample_name="${sample_name//\//-}" +sample_name+="-($SGXLKL_BUILD_MODE)-($run_mode)-($SGXLKL_ETHREADS-ethreads)" +sample_class=$(realpath --relative-to="$samples_dir" "$(pwd)/..") +test_suite="sgx-lkl-oe" + +if [[ -z $sample_name || -z $sample_class || -z $sample_mode ]]; then + echo -e "\n ERROR: sample_name sample_class or sample_mode not passed \n" + exit 1 +fi + +if [[ "$sample_mode" == "init" ]]; then + InitializeTestCase "$sample_name" "$sample_class" "$test_suite" "$run_mode" +fi + +# Get the timeout from the test module +DEFAULT_TIMEOUT=300 +if ! timeout=$(./test.sh gettimeout 2> /dev/null); then + timeout=$DEFAULT_TIMEOUT +fi +echo "Execution timeout: $timeout" + +case "$run_mode" in + "run-hw") + echo "Will run tests for run-hw" + ;; + "run-sw") + echo "Will run tests for run-sw" + ;; + *) + echo "Invalid run_mode parameter: $run_mode. Valid options: run-hw/run-sw" + exit 1; + ;; +esac + +if [[ $sample_mode == "init" ]]; then + timeout --kill-after=$((timeout + 60)) $timeout ./test.sh init + script_exit=$? +elif [[ $sample_mode == "run" ]]; then + timeout --kill-after=$((timeout + 60)) $timeout ./test.sh run "$run_mode" + script_exit=$? +else + echo "Invalid sample_mode parameter: $sample_mode. Valid options: clean/init/run/gettimeout" + exit 1 +fi + +if [[ "$script_exit" == "124" ]]; then + echo "$run_mode: TIMED OUT after $timeout secs" +elif [[ "$script_exit" != "0" ]]; then + echo "$run_mode: FAILED WITH EXIT CODE: $script_exit" +fi + +if [[ $sample_mode == "init" ]]; then + echo "Test initialization completed with EXIT CODE $script_exit" + return $script_exit +fi + +echo "Test run completed with EXIT CODE $script_exit" + +exit $script_exit diff --git a/.azure-pipelines/scripts/run_test.sh b/.azure-pipelines/scripts/run_test.sh index c59fe9cbb..f2a5a9bd7 100755 --- a/.azure-pipelines/scripts/run_test.sh +++ b/.azure-pipelines/scripts/run_test.sh @@ -15,7 +15,7 @@ fi . "$SGXLKL_ROOT/.azure-pipelines/scripts/test_utils.sh" # Initialize the variables and test case [mandatory]. -test_mode=$1 # init or run +test_mode=$1 # clean, init or run run_mode=$2 # run-hw or run-sw # make clean diff --git a/.azure-pipelines/scripts/test_runner.sh b/.azure-pipelines/scripts/test_runner.sh index ac43c4031..f56640bd2 100755 --- a/.azure-pipelines/scripts/test_runner.sh +++ b/.azure-pipelines/scripts/test_runner.sh @@ -181,6 +181,7 @@ disabled_tests_file="$SGXLKL_ROOT/.azure-pipelines/other/disabled_tests.txt" nightly_tests_file="$SGXLKL_ROOT/.azure-pipelines/other/nightly_run_only_tests.txt" # test which needs not to be executed as part of CI e.g (test_name1\|test_name2...) test_exception_list="ltp" +sample_exception_list="openmp\|nodejs" failure_identifiers_file="$SGXLKL_ROOT/.azure-pipelines/other/failure_identifiers.txt" IFS=$'\n' @@ -191,6 +192,12 @@ if [[ $1 == "ltp1" ]]; then elif [[ $1 == "ltp2" ]]; then file_list=("tests/ltp/ltp-batch2/Makefile") test_group_name="ltp-batch2" +elif [[ $1 == "samples" ]]; then + test_folder_name="samples" + test_folder_identifier="test.sh" + test_runner_script="$SGXLKL_ROOT/.azure-pipelines/scripts/run_sample.sh" + file_list=( $(find $test_folder_name -name $test_folder_identifier | grep -v "$sample_exception_list") ) + test_group_name="samples" elif [[ $1 == "core" ]]; then file_list=( $(find $test_folder_name -name $test_folder_identifier | grep -v "$test_exception_list") ) test_group_name="core" diff --git a/.azure-pipelines/template.yml b/.azure-pipelines/template.yml index 739694e8b..ce61ce2db 100644 --- a/.azure-pipelines/template.yml +++ b/.azure-pipelines/template.yml @@ -22,6 +22,7 @@ parameters: - core - ltp1 - ltp2 + - samples - name: 'ethreads' type: object default: diff --git a/samples/basic/attack/plain-docker.exp b/samples/basic/attack/plain-docker.exp new file mode 100755 index 000000000..a2e51d5f4 --- /dev/null +++ b/samples/basic/attack/plain-docker.exp @@ -0,0 +1,14 @@ +#!/usr/bin/expect -f + +# 20 min timeout +set timeout 1200 + +spawn docker run --rm attackme /read_secret +set dockerID $spawn_id +expect -i $dockerID "Ready to be attacked..." + +spawn ./read_memory.sh read_secret Secret42! +set readID $spawn_id +expect -i $readID "Match found." + +send -i $dockerID -- "\r" diff --git a/samples/basic/attack/read_memory.sh b/samples/basic/attack/read_memory.sh index ee919ff2a..9b567a739 100755 --- a/samples/basic/attack/read_memory.sh +++ b/samples/basic/attack/read_memory.sh @@ -21,7 +21,8 @@ sudo chown "$(id -u -n):$(id -g -n)" "$mem_file" echo "Searching memory for string \"${search_string}\" in \"${mem_file}\"..." -if (strings "${mem_file}" | grep -i "${search_string}"); then +if grep -Fxq "${search_string}" "${mem_file}" +then echo Match found. else echo No match found. diff --git a/samples/basic/attack/sgx.exp b/samples/basic/attack/sgx.exp new file mode 100755 index 000000000..2bfe3636c --- /dev/null +++ b/samples/basic/attack/sgx.exp @@ -0,0 +1,22 @@ +#!/usr/bin/expect -f + +set SGXLKL_STARTER "$env(SGXLKL_STARTER)" +set SGXLKL_DISK_TOOL "$env(SGXLKL_DISK_TOOL)" + +# 20 min timeout +set timeout 1200 + +spawn "$SGXLKL_DISK_TOOL" create --force --docker=attackme --size 5M --encrypt --key-file rootfs.img +expect "Succesfully created rootfs.img" +expect eof + +set env(SGXLKL_HD_KEY) rootfs.img.key +spawn "$SGXLKL_STARTER" --hw-debug rootfs.img /read_secret +set oeID $spawn_id +expect -i $oeID "Ready to be attacked..." + +spawn ./read_memory.sh sgx-lkl-run-oe Secret42! +set readID $spawn_id +expect -i $readID "No match found." + +send -i $oeID -- "\r" diff --git a/samples/basic/attack/test.sh b/samples/basic/attack/test.sh new file mode 100755 index 000000000..11104dc77 --- /dev/null +++ b/samples/basic/attack/test.sh @@ -0,0 +1,27 @@ +#!/bin/bash + +# shellcheck source=/dev/null +source "../../common.sh" + +test_mode=$1 +run_mode=$2 + +set -e + +if [[ "$test_mode" == "clean" ]]; then + rm -f rootfs.img rootfs.img.docker rootfs.img.key +elif [[ "$test_mode" == "init" ]]; then + rm -f mem.dump.* + docker build -t attackme . +elif [[ "$test_mode" == "run" ]]; then + if [[ "$run_mode" == "run-sw" ]]; then + ./plain-docker.exp + elif [[ "$run_mode" == "run-hw" ]]; then + ./sgx.exp + fi +elif [[ "$test_mode" == "gettimeout" ]]; then + # 20 minutes + echo 1200 +fi + +exit 0 diff --git a/samples/basic/helloworld/test.sh b/samples/basic/helloworld/test.sh new file mode 100755 index 000000000..39c0667e8 --- /dev/null +++ b/samples/basic/helloworld/test.sh @@ -0,0 +1,19 @@ +#!/bin/bash + +test_mode=$1 +run_mode=$2 + +set -e + +if [[ "$test_mode" == "clean" ]]; then + make clean +elif [[ "$test_mode" == "init" ]]; then + make +elif [[ "$test_mode" == "run" ]]; then + make "$run_mode" +elif [[ "$test_mode" == "gettimeout" ]]; then + # Default + exit 1 +fi + +exit 0 diff --git a/samples/common.mk b/samples/common.mk new file mode 100644 index 000000000..e2ad840cb --- /dev/null +++ b/samples/common.mk @@ -0,0 +1,18 @@ +mkfile_dir=$(dir $(abspath $(lastword $(MAKEFILE_LIST)))) +SGXLKL_ROOT=$(realpath $(mkfile_dir)..) + +ifeq (${SGXLKL_PREFIX},) + export SGXLKL_STARTER=${SGXLKL_ROOT}/build/sgx-lkl-run-oe + export SGXLKL_DISK_TOOL=${SGXLKL_ROOT}/tools/sgx-lkl-disk + export SGXLKL_DOCKER_TOOL=${SGXLKL_ROOT}/tools/sgx-lkl-docker + export SGXLKL_CFG_TOOL=${SGXLKL_ROOT}/tools/sgx-lkl-cfg + export SGXLKL_GDB=${SGXLKL_ROOT}/tools/gdb/sgx-lkl-gdb + export SGXLKL_JAVA_RUN=${SGXLKL_ROOT}/tools/sgx-lkl-java +else + export SGXLKL_STARTER=${SGXLKL_PREFIX}/bin/sgx-lkl-run-oe + export SGXLKL_DISK_TOOL=${SGXLKL_PREFIX}/bin/sgx-lkl-disk + export SGXLKL_DOCKER_TOOL=${SGXLKL_PREFIX}/bin/sgx-lkl-docker + export SGXLKL_CFG_TOOL=${SGXLKL_PREFIX}/bin/sgx-lkl-cfg + export SGXLKL_GDB=${SGXLKL_PREFIX}/bin/sgx-lkl-gdb + export SGXLKL_JAVA_RUN=${SGXLKL_PREFIX}/bin/sgx-lkl-java +endif diff --git a/samples/common.sh b/samples/common.sh new file mode 100755 index 000000000..1e6a26506 --- /dev/null +++ b/samples/common.sh @@ -0,0 +1,18 @@ +samples_dir=$(dirname $(realpath "$BASH_SOURCE")) +SGXLKL_ROOT=$(realpath "${samples_dir}/..") + +if [[ -z "${SGXLKL_PREFIX}" ]]; then + export SGXLKL_STARTER=${SGXLKL_ROOT}/build/sgx-lkl-run-oe + export SGXLKL_DISK_TOOL=${SGXLKL_ROOT}/tools/sgx-lkl-disk + export SGXLKL_DOCKER_TOOL=${SGXLKL_ROOT}/tools/sgx-lkl-docker + export SGXLKL_CFG_TOOL=${SGXLKL_ROOT}/tools/sgx-lkl-cfg + export SGXLKL_GDB=${SGXLKL_ROOT}/tools/gdb/sgx-lkl-gdb + export SGXLKL_JAVA_RUN=${SGXLKL_ROOT}/tools/sgx-lkl-java +else + export SGXLKL_STARTER=${SGXLKL_PREFIX}/bin/sgx-lkl-run-oe + export SGXLKL_DISK_TOOL=${SGXLKL_PREFIX}/bin/sgx-lkl-disk + export SGXLKL_DOCKER_TOOL=${SGXLKL_PREFIX}/bin/sgx-lkl-docker + export SGXLKL_CFG_TOOL=${SGXLKL_PREFIX}/bin/sgx-lkl-cfg + export SGXLKL_GDB=${SGXLKL_PREFIX}/bin/sgx-lkl-gdb + export SGXLKL_JAVA_RUN=${SGXLKL_PREFIX}/bin/sgx-lkl-java +fi diff --git a/samples/containers/alpine/test.sh b/samples/containers/alpine/test.sh new file mode 100755 index 000000000..911d19b7b --- /dev/null +++ b/samples/containers/alpine/test.sh @@ -0,0 +1,18 @@ +#!/bin/bash + +test_mode=$1 + +set -e + +if [[ "$test_mode" == "clean" ]]; then + make clean +elif [[ "$test_mode" == "init" ]]; then + echo "Nothing to do" +elif [[ "$test_mode" == "run" ]]; then + make +elif [[ "$test_mode" == "gettimeout" ]]; then + # Default + exit 1 +fi + +exit 0 diff --git a/samples/containers/encrypted/Makefile b/samples/containers/encrypted/Makefile index 9cf8eb870..3e00e9106 100644 --- a/samples/containers/encrypted/Makefile +++ b/samples/containers/encrypted/Makefile @@ -1,5 +1,4 @@ - -SGXLKL_ROOT=../../.. +include ../../common.mk CC_APP=/usr/bin/python3 CC_APP_CMDLINE=${CC_APP} -c 'print("Hello SGX World from Encrypted Confidential Container!")' @@ -39,10 +38,6 @@ ifeq ($(SGXLKL_VERBOSE),) SGXLKL_ENV_APP_CONFIG+=${VERBOSE_OPTS} endif -SGXLKL_STARTER=$(SGXLKL_ROOT)/build/sgx-lkl-run-oe -SGXLKL_DISK_TOOL=${SGXLKL_ROOT}/tools/sgx-lkl-disk -SGXLKL_GDB=${SGXLKL_ROOT}/tools/gdb/sgx-lkl-gdb - .DELETE_ON_ERROR: .PHONY: all clean run run-hw-verity run-sw-verity run-hw-integrity run-sw-integrity diff --git a/samples/containers/encrypted/test.sh b/samples/containers/encrypted/test.sh new file mode 100755 index 000000000..073374f94 --- /dev/null +++ b/samples/containers/encrypted/test.sh @@ -0,0 +1,21 @@ +#!/bin/bash + +test_mode=$1 +run_mode=$2 + +set -e + +if [[ "$test_mode" == "clean" ]]; then + make clean +elif [[ "$test_mode" == "init" ]]; then + make +elif [[ "$test_mode" == "run" ]]; then + make "$run_mode"-verity + # TODO: This doesn't work + #make "$run_mode"-integrity +elif [[ "$test_mode" == "gettimeout" ]]; then + # 20 minutes + echo 1200 +fi + +exit 0 diff --git a/samples/containers/redis/Makefile b/samples/containers/redis/Makefile index 6803809c1..f5a612d1f 100644 --- a/samples/containers/redis/Makefile +++ b/samples/containers/redis/Makefile @@ -1,15 +1,12 @@ +include ../../common.mk PROG=/usr/bin/redis-server DISK_IMAGE=sgxlkl-redis.img IMAGE_SIZE=128M -SGXLKL_ROOT=../../.. - ENCLAVE_CMD=${PROG} --bind 10.0.1.1 -SGXLKL_STARTER=$(SGXLKL_ROOT)/build/sgx-lkl-run-oe - SGXLKL_ENV=\ SGXLKL_TAP=sgxlkl_tap0 @@ -19,9 +16,6 @@ SGXLKL_ENV+=\ SGXLKL_TRACE_HOST_SYSCALL=0 SGXLKL_TRACE_LKL_SYSCALL=0 SGXLKL_TRACE_MMAP=0 endif -SGXLKL_DISK_TOOL=${SGXLKL_ROOT}/tools/sgx-lkl-disk -SGXLKL_GDB=${SGXLKL_ROOT}/tools/gdb/sgx-lkl-gdb - .DELETE_ON_ERROR: .PHONY: all clean diff --git a/samples/containers/redis/README.md b/samples/containers/redis/README.md index 9f054b2e0..8905b2f70 100644 --- a/samples/containers/redis/README.md +++ b/samples/containers/redis/README.md @@ -1,6 +1,9 @@ Running Redis with SGX-LKL-OE ============================= +0. Make sure that you have installed ``redis-cli``. In Ubuntu, the package that + contains it is called ``redis-tools``. + 1. Ensure that you have set up netoworking and TLS support by running `tools/sgx-lkl-setup`. 2. Build the Redis file sytem image: diff --git a/samples/containers/redis/run-hw.exp b/samples/containers/redis/run-hw.exp new file mode 100755 index 000000000..ff8140d1e --- /dev/null +++ b/samples/containers/redis/run-hw.exp @@ -0,0 +1,16 @@ +#!/usr/bin/expect -f + +# 20 min timeout +set timeout 1200 + +spawn make run-hw +set serverID $spawn_id +expect -i $serverID "Ready to accept connections" + +spawn ./run-redis-client.sh +set clientID $spawn_id +expect -i $clientID "Test succeeded" + +send -i $serverID -- "" + +exit 0 diff --git a/samples/containers/redis/run-redis-client.sh b/samples/containers/redis/run-redis-client.sh index 688edc719..721bdc53a 100755 --- a/samples/containers/redis/run-redis-client.sh +++ b/samples/containers/redis/run-redis-client.sh @@ -2,14 +2,17 @@ # printf '\033]2;%s\033\\' 'Redis Client' +set -e + COUNTER=0 -while : +while [ $COUNTER -lt 10 ] do echo $ redis-cli -h 10.0.1.1 -p 6379 set samplekey value${COUNTER} redis-cli -h 10.0.1.1 -p 6379 set samplekey value${COUNTER} echo $ redis-cli -h 10.0.1.1 -p 6379 get samplekey redis-cli -h 10.0.1.1 -p 6379 get samplekey - sleep 1 let COUNTER+=1 done + +echo "Test succeeded" diff --git a/samples/containers/redis/run-sw.exp b/samples/containers/redis/run-sw.exp new file mode 100755 index 000000000..7a1acb80c --- /dev/null +++ b/samples/containers/redis/run-sw.exp @@ -0,0 +1,16 @@ +#!/usr/bin/expect -f + +# 20 min timeout +set timeout 1200 + +spawn make run-sw +set serverID $spawn_id +expect -i $serverID "Ready to accept connections" + +spawn ./run-redis-client.sh +set clientID $spawn_id +expect -i $clientID "Test succeeded" + +send -i $serverID -- "" + +exit 0 diff --git a/samples/containers/redis/test.sh b/samples/containers/redis/test.sh new file mode 100755 index 000000000..fea65ff51 --- /dev/null +++ b/samples/containers/redis/test.sh @@ -0,0 +1,26 @@ +#!/bin/bash + +REPOROOT="../../.." + +test_mode=$1 +run_mode=$2 + +set -e + +if [[ "$test_mode" == "clean" ]]; then + make clean +elif [[ "$test_mode" == "init" ]]; then + "$REPOROOT/tools/sgx-lkl-setup" + make +elif [[ "$test_mode" == "run" ]]; then + if [[ "$run_mode" == "run-hw" ]]; then + ./run-hw.exp + elif [[ "$run_mode" == "run-sw" ]]; then + ./run-sw.exp + fi +elif [[ "$test_mode" == "gettimeout" ]]; then + # 20 minutes + echo 1200 +fi + +exit 0 diff --git a/samples/languages/dotnet/Makefile b/samples/languages/dotnet/Makefile index 58d8c22e2..ddd1d0352 100644 --- a/samples/languages/dotnet/Makefile +++ b/samples/languages/dotnet/Makefile @@ -1,15 +1,12 @@ +include ../../common.mk PROG=/app/HelloWorld.dll DISK_IMAGE=sgxlkl-dotnet.img IMAGE_SIZE=250M -SGXLKL_ROOT=../../.. - ENCLAVE_CMD=/usr/bin/dotnet ${PROG} -SGXLKL_STARTER=$(SGXLKL_ROOT)/build/sgx-lkl-run-oe - ifeq ($(SGXLKL_VERBOSE),) SGXLKL_ENV=\ DOTNET_SYSTEM_GLOBALIZATION_INVARIANT=1 SGXLKL_MMAP_FILES=Shared SGXLKL_VERBOSE=1 SGXLKL_KERNEL_VERBOSE=0 \ @@ -18,8 +15,6 @@ else SGXLKL_ENV= endif -SGXLKL_DISK_TOOL=${SGXLKL_ROOT}/tools/sgx-lkl-disk - .DELETE_ON_ERROR: .PHONY: all clean diff --git a/samples/languages/dotnet/README.md b/samples/languages/dotnet/README.md index 2c93d8b99..47b1ae630 100644 --- a/samples/languages/dotnet/README.md +++ b/samples/languages/dotnet/README.md @@ -1,6 +1,23 @@ Running a DotNet application using SGX-LKL-OE ============================================= +It is possible to run this sample by typing: + +``` +make run-hw +``` + +or + +``` +make run-sw +``` + +Manual steps +------------ + +Alternatively, it is possible to run the sample by doing the following steps: + 1. Build the Docker container that contains the DotNet application: ``` diff --git a/samples/languages/dotnet/test.sh b/samples/languages/dotnet/test.sh new file mode 100755 index 000000000..cce7e5fb9 --- /dev/null +++ b/samples/languages/dotnet/test.sh @@ -0,0 +1,19 @@ +#!/bin/bash + +test_mode=$1 +run_mode=$2 + +set -e + +if [[ "$test_mode" == "clean" ]]; then + make clean +elif [[ "$test_mode" == "init" ]]; then + echo "Nothing to do" +elif [[ "$test_mode" == "run" ]]; then + make "$run_mode" +elif [[ "$test_mode" == "gettimeout" ]]; then + # 20 minutes + echo 1200 +fi + +exit 0 diff --git a/samples/languages/java/Makefile b/samples/languages/java/Makefile index b2c30736b..82198a635 100644 --- a/samples/languages/java/Makefile +++ b/samples/languages/java/Makefile @@ -1,3 +1,4 @@ +include ../../common.mk APP_ROOT=app PROG_SRC=${APP_ROOT}/HelloWorld.java @@ -6,11 +7,6 @@ PROG=${APP_ROOT}/HelloWorld.class DISK_IMAGE=sgxlkl-java-fs.img IMAGE_SIZE=400M -SGXLKL_ROOT=../../.. - -SGXLKL_JAVA_RUN=${SGXLKL_ROOT}/tools/sgx-lkl-java -SGXLKL_DISK_TOOL=${SGXLKL_ROOT}/tools/sgx-lkl-disk - ifeq ($(SGXLKL_VERBOSE),) SGXLKL_ENV=\ SGXLKL_VERBOSE=1 SGXLKL_KERNEL_VERBOSE=1 SGXLKL_TRACE_LKL_SYSCALL=0 SGXLKL_TRACE_SIGNAL=0 diff --git a/samples/languages/java/README.md b/samples/languages/java/README.md index c70d78f4a..f64dc8987 100644 --- a/samples/languages/java/README.md +++ b/samples/languages/java/README.md @@ -1,6 +1,12 @@ SGX-LKL-OE Java Sample Application ================================== +0. Install OpenJRE and OpenJDK. In Ubuntu you can do: + +``` +sudo apt install default-jre default-jdk +``` + 1. First build the OpenJDK file system image: ``` diff --git a/samples/languages/java/run-hw.exp b/samples/languages/java/run-hw.exp new file mode 100755 index 000000000..a73670ce9 --- /dev/null +++ b/samples/languages/java/run-hw.exp @@ -0,0 +1,9 @@ +#!/usr/bin/expect -f + +#20 min timeout +set timeout 1200 + +spawn make run-hw +expect "Hello SGX world from Java!" +send -- "" +expect eof diff --git a/samples/languages/java/run-sw.exp b/samples/languages/java/run-sw.exp new file mode 100755 index 000000000..0a81d9218 --- /dev/null +++ b/samples/languages/java/run-sw.exp @@ -0,0 +1,9 @@ +#!/usr/bin/expect -f + +#20 min timeout +set timeout 1200 + +spawn make run-sw +expect "Hello SGX world from Java!" +send -- "" +expect eof diff --git a/samples/languages/java/test.sh b/samples/languages/java/test.sh new file mode 100755 index 000000000..e8b1f56f2 --- /dev/null +++ b/samples/languages/java/test.sh @@ -0,0 +1,24 @@ +#!/bin/bash + +test_mode=$1 +run_mode=$2 + +set -e + +if [[ "$test_mode" == "clean" ]]; then + make clean +elif [[ "$test_mode" == "init" ]]; then + make +elif [[ "$test_mode" == "run" ]]; then + + if [[ "$run_mode" == "run-hw" ]]; then + ./run-hw.exp + elif [[ "$run_mode" == "run-sw" ]]; then + ./run-sw.exp + fi +elif [[ "$test_mode" == "gettimeout" ]]; then + # 20 minutes + echo 1200 +fi + +exit 0 diff --git a/samples/languages/python/test.sh b/samples/languages/python/test.sh new file mode 100755 index 000000000..33bebcc17 --- /dev/null +++ b/samples/languages/python/test.sh @@ -0,0 +1,34 @@ +#!/bin/bash + +# shellcheck source=/dev/null +source "../../common.sh" + +DISK_IMAGE=pythonapp.img + +test_mode=$1 +run_mode=$2 + +set -e + +if [[ "$test_mode" == "clean" ]]; then + rm "$DISK_IMAGE" +elif [[ "$test_mode" == "init" ]]; then + docker build -t pythonapp . + docker run --rm pythonapp +elif [[ "$test_mode" == "run" ]]; then + "${SGXLKL_DISK_TOOL}" create --force --docker=pythonapp \ + --size=300M "${DISK_IMAGE}" + "${SGXLKL_CFG_TOOL}" create --disk "${DISK_IMAGE}" + if [[ "$run_mode" == "run-hw" ]]; then + "${SGXLKL_STARTER}" --host-config=host-config.json \ + --enclave-config=enclave-config.json --hw-debug + elif [[ "$run_mode" == "run-sw" ]]; then + "${SGXLKL_STARTER}" --host-config=host-config.json \ + --enclave-config=enclave-config.json --sw-debug + fi +elif [[ "$test_mode" == "gettimeout" ]]; then + # Default + exit 1 +fi + +exit 0