| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647 |
- FROM ubuntu:22.04 AS sgx
- RUN apt update && apt install -y build-essential ocaml ocamlbuild \
- automake autoconf libtool wget python-is-python3 libssl-dev \
- git cmake perl unzip debhelper libcurl4-openssl-dev \
- protobuf-compiler reprepro
- WORKDIR /root
- RUN git clone https://github.com/intel/linux-sgx
- WORKDIR /root/linux-sgx
- RUN git checkout sgx_2.22
- RUN make preparation
- RUN make sdk_install_pkg
- RUN cd linux/installer/bin/ && echo -e "no\n/opt/intel" | ./sgx_linux_x64_sdk_2.22*
- RUN make psw_install_pkg
- RUN cd linux/installer/bin/ && ./sgx_linux_x64_psw_2.22* --no-start-aesm
- WORKDIR /root
- RUN git clone https://github.com/intel/intel-sgx-ssl
- WORKDIR /root/intel-sgx-ssl/openssl_source
- RUN wget https://www.openssl.org/source/openssl-3.0.12.tar.gz
- WORKDIR /root/intel-sgx-ssl/Linux
- RUN make
- RUN make install
- WORKDIR /root
- RUN addgroup sgx
- RUN addgroup sgx_prv
- RUN adduser aesmd sgx
- RUN adduser aesmd sgx_prv
- COPY docker/start-aesmd /usr/local/sbin
- RUN chown aesmd.aesmd /var/run/aesmd
- RUN chmod 755 /usr/local/sbin/start-aesmd
- ENTRYPOINT ["/usr/local/sbin/start-aesmd"]
- # Remove the SGX SDK sources from the image
- FROM sgx AS sgx_no_source
- WORKDIR /root
- RUN rm -rf linux-sgx intel-sgx-ssl
- FROM scratch
- # Copy the sgx_no_source filesystem; this loses the history, but the
- # history contained the multi-GB SGX SDK sources that we have since
- # removed, so that's actually what we want.
- COPY --from=sgx_no_source / /
- RUN apt update && apt install -y libboost-dev libboost-thread-dev \
- numactl python3-numpy python3-yaml cpuid
- WORKDIR /root
- COPY . teems
- WORKDIR /root/teems
- RUN make -j`nproc` App/teems Enclave/enclave.so Client/clients
|
