ExternalVendorCode/corda
1
0
Fork 0
mirror of https://github.com/corda/corda.git synced 2025-01-16 01:40:17 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

sgx: prepare for building in docker image on prod

Browse Source
This commit is contained in:
Andras Slemmer 2017-07-04 11:31:43 +01:00 committed by Mike Hearn
parent 291049f66e
commit 6320990877
7 changed files with 41 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
sgx-jvm/dependencies/docker-minimal/Dockerfile
View File

@ -2,4 +2,5 @@ FROM ubuntu:xenial
RUN apt-get update -y RUN apt-get update -y
RUN apt-get install -y make gcc autoconf cmake g++ openjdk-8-jdk libtool ocaml python2.7 RUN apt-get install -y make gcc autoconf cmake g++ openjdk-8-jdk libtool ocaml python2.7
RUN apt-get install -y mercurial wget
ENV JAVA_HOME /usr/lib/jvm/java-8-openjdk-amd64 ENV JAVA_HOME /usr/lib/jvm/java-8-openjdk-amd64

5
sgx-jvm/jvm-enclave/common/CMakeLists.txt
View File

@ -1,7 +1,7 @@
cmake_minimum_required(VERSION 3.5) cmake_minimum_required(VERSION 3.5)
project(sgx_common) project(sgx_common)
set(SGX_USE_HARDWARE FALSE CACHE STRING "") set(SGX_USE_HARDWARE TRUE CACHE STRING "")
set(SGX_SDK ${CMAKE_CURRENT_SOURCE_DIR}/../../linux-sgx CACHE STRING "") set(SGX_SDK ${CMAKE_CURRENT_SOURCE_DIR}/../../linux-sgx CACHE STRING "")
set(SGX_LIBRARY_PATH ${SGX_SDK}/build/linux CACHE STRING "") set(SGX_LIBRARY_PATH ${SGX_SDK}/build/linux CACHE STRING "")
set(SGX_SDK_INCLUDE ${SGX_SDK}/common/inc CACHE STRING "") set(SGX_SDK_INCLUDE ${SGX_SDK}/common/inc CACHE STRING "")
@ -10,6 +10,9 @@ set(DEPENDENCIES_ROOT_DIR ${CMAKE_CURRENT_SOURCE_DIR}/../../dependencies/root)
set(PROGUARD_JAR_PATH ${DEPENDENCIES_ROOT_DIR}/usr/share/java/proguard.jar CACHE STRING "") set(PROGUARD_JAR_PATH ${DEPENDENCIES_ROOT_DIR}/usr/share/java/proguard.jar CACHE STRING "")
set(DEPENDENCIES_LIBRARY_PATH ${DEPENDENCIES_ROOT_DIR}/usr/lib/x86_64-linux-gnu CACHE STRING "") set(DEPENDENCIES_LIBRARY_PATH ${DEPENDENCIES_ROOT_DIR}/usr/lib/x86_64-linux-gnu CACHE STRING "")
# C++11
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -std=c++11")
add_executable(edger8r IMPORTED) add_executable(edger8r IMPORTED)
set_target_properties(edger8r PROPERTIES IMPORTED_LOCATION ${SGX_LIBRARY_PATH}/sgx_edger8r) set_target_properties(edger8r PROPERTIES IMPORTED_LOCATION ${SGX_LIBRARY_PATH}/sgx_edger8r)

3
sgx-jvm/jvm-enclave/enclave/CMakeLists.txt
View File

@ -26,6 +26,9 @@ set(AVIAN_PATH ${PROJECT_SOURCE_DIR}/../../avian)
set(ENCLAVE_JAR_PATH ${PROJECT_SOURCE_DIR}/../../../verify-enclave/build/libs/corda-enclavelet.jar) set(ENCLAVE_JAR_PATH ${PROJECT_SOURCE_DIR}/../../../verify-enclave/build/libs/corda-enclavelet.jar)
set(AVIAN_PROCESS "-debug-openjdk-src") set(AVIAN_PROCESS "-debug-openjdk-src")
# C++11
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -std=c++11")
if(NOT JAVA_HOME}) if(NOT JAVA_HOME})
set(JAVA_HOME $ENV{JAVA_HOME} CACHE STRING "") set(JAVA_HOME $ENV{JAVA_HOME} CACHE STRING "")
endif() endif()

2
sgx-jvm/jvm-enclave/jni/CMakeLists.txt
View File

@ -16,4 +16,4 @@ set_target_properties(urtslib PROPERTIES IMPORTED_LOCATION ${SGX_LIBRARY_PATH}/l
add_library(untrusted_corda_sgx SHARED jni_sgx_api.cpp ${VERIFY_ENCLAVE_JNI_INCLUDE_DIR}/jni_sgx_api.h $<TARGET_OBJECTS:common>) add_library(untrusted_corda_sgx SHARED jni_sgx_api.cpp ${VERIFY_ENCLAVE_JNI_INCLUDE_DIR}/jni_sgx_api.h $<TARGET_OBJECTS:common>)
target_link_libraries(untrusted_corda_sgx urtslib) target_link_libraries(untrusted_corda_sgx urtslib)
add_dependencies(untrusted_corda_sgx enclave) add_dependencies(untrusted_corda_sgx enclave common)

9
sgx-jvm/noop-enclave/CMakeLists.txt
View File

@ -126,10 +126,17 @@ add_custom_target(signed-openssl DEPENDS ${CMAKE_CURRENT_BINARY_DIR}/${ENCLAVE_S
# HSM ENCLAVE # HSM ENCLAVE
add_custom_command(
OUTPUT ${HSM_SGX_TOOL}
COMMAND ./gradlew sgx-jvm/hsm-tool:jar
WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/../..
DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/../hsm-tool/src
)
add_custom_command( add_custom_command(
OUTPUT ${CMAKE_CURRENT_BINARY_DIR}/${PUBLIC_KEY_NAME_HSM} ${CMAKE_CURRENT_BINARY_DIR}/${ENCLAVE_SIGNATURE_HSM} OUTPUT ${CMAKE_CURRENT_BINARY_DIR}/${PUBLIC_KEY_NAME_HSM} ${CMAKE_CURRENT_BINARY_DIR}/${ENCLAVE_SIGNATURE_HSM}
COMMAND java -jar ${HSM_SGX_TOOL} --mode=Sign --source=${CMAKE_CURRENT_BINARY_DIR}/${ENCLAVE_BLOB_TO_SIGN} --pubkey=${CMAKE_CURRENT_BINARY_DIR}/${PUBLIC_KEY_NAME_HSM} --signature=${CMAKE_CURRENT_BINARY_DIR}/${ENCLAVE_SIGNATURE_HSM} --profile=\${PROFILE} COMMAND java -jar ${HSM_SGX_TOOL} --mode=Sign --source=${CMAKE_CURRENT_BINARY_DIR}/${ENCLAVE_BLOB_TO_SIGN} --pubkey=${CMAKE_CURRENT_BINARY_DIR}/${PUBLIC_KEY_NAME_HSM} --signature=${CMAKE_CURRENT_BINARY_DIR}/${ENCLAVE_SIGNATURE_HSM} --profile=\${PROFILE}
DEPENDS ${CMAKE_CURRENT_BINARY_DIR}/${ENCLAVE_BLOB_TO_SIGN} DEPENDS ${CMAKE_CURRENT_BINARY_DIR}/${ENCLAVE_BLOB_TO_SIGN} ${HSM_SGX_TOOL}
) )
add_custom_command( add_custom_command(

17
sgx-jvm/noop-enclave/build_in_image.sh Normal file
View File

@ -0,0 +1,17 @@
#!/bin/bash
set -euo pipefail
if [ $# -le 1 ]; then
echo "Usage: build_in_image.sh <DOCKER_IMAGE> <MAKEFILE OPTIONS>"
exit 1
fi
IMAGE=$1
shift
ARGUMENTS=$@
DOCKER_BUILD_DIR=/tmp/corda-sgx-build
GID=$(id -g $USER)
exec docker run -v $PWD/../..:$DOCKER_BUILD_DIR -v $PWD/../docker-.gradle:/root/.gradle --user=$UID:$GID -it $IMAGE make -C $DOCKER_BUILD_DIR/sgx-jvm/noop-enclave $ARGUMENTS

6
sgx-jvm/with_ld_library_path.sh Normal file
View File

@ -0,0 +1,6 @@
#!/bin/bash
set -euo pipefail
SCRIPT_DIR=$(dirname "$(readlink -f "$0")")
exec env LD_LIBRARY_PATH=${LD_LIBRARY_PATH:-}:$SCRIPT_DIR/linux-sgx/build/linux:$SCRIPT_DIR/dependencies/root/usr/lib/x86_64-linux-gnu $@