Home Esplora Aiuto
Accedi
miti
/
linux-sgx-trts-modified
1
0
Forka 0
File Problemi 0 Pull Requests 0 Wiki
Ramo (Branch): master
Rami (Branch) Tag
linux-sgx-tr...
/
linux
/
installer
/
common
/
psw
/
install.sh

install.sh 8.3 KB
Permalink Cronologia Originale

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249 
  1. #!/usr/bin/env bash
    2. 

  2. #
    3. 

  3. # Copyright (C) 2011-2018 Intel Corporation. All rights reserved.
    4. 

  4. #
    5. 

  5. # Redistribution and use in source and binary forms, with or without
    6. 

  6. # modification, are permitted provided that the following conditions
    7. 

  7. # are met:
    8. 

  8. #
    9. 

  9. #   * Redistributions of source code must retain the above copyright
    10. 

  10. #     notice, this list of conditions and the following disclaimer.
    11. 

  11. #   * Redistributions in binary form must reproduce the above copyright
    12. 

  12. #     notice, this list of conditions and the following disclaimer in
    13. 

  13. #     the documentation and/or other materials provided with the
    14. 

  14. #     distribution.
    15. 

  15. #   * Neither the name of Intel Corporation nor the names of its
    16. 

  16. #     contributors may be used to endorse or promote products derived
    17. 

  17. #     from this software without specific prior written permission.
    18. 

  18. #
    19. 

  19. # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
    20. 

  20. # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
    21. 

  21. # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
    22. 

  22. # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
    23. 

  23. # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
    24. 

  24. # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
    25. 

  25. # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
    26. 

  26. # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
    27. 

  27. # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
    28. 

  28. # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
    29. 

  29. # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
    30. 

  30. #
    31. 

  31. #
    32. 

  32. 

  33. 

  34. set -e 
    35. 

  35. 

  36. SCRIPT_DIR=$(dirname "$0")
    37. 

  37. source ${SCRIPT_DIR}/installConfig
    38. 

  38. 

  39. PSW_DST_PATH=${SGX_PACKAGES_PATH}/${PSW_PKG_NAME}
    40. 

  40. AESM_PATH=$PSW_DST_PATH/aesm
    41. 

  41. 

  42. # Install the AESM service
    43. 

  43. 

  44. cut -d: -f1 /etc/passwd | grep -q -w aesmd || \
    45. 

  45.     /usr/sbin/useradd -r -U -c "User for aesmd" \
    46. 

  46.     -d /var/opt/aesmd -s /sbin/nologin aesmd
    47. 

  47. 

  48. mkdir -p /var/opt/aesmd
    49. 

  49. cp -rf $AESM_PATH/data /var/opt/aesmd/
    50. 

  50. rm -rf $AESM_PATH/data
    51. 

  51. cp -rf $AESM_PATH/conf/aesmd.conf /etc/aesmd.conf
    52. 

  52. rm -rf $AESM_PATH/conf
    53. 

  53. chmod  0644 /etc/aesmd.conf
    54. 

  54. chown -R aesmd:aesmd /var/opt/aesmd
    55. 

  55. chmod 0750 /var/opt/aesmd
    56. 

  56. 

  57. # By default the AESM's communication socket will be created in
    58. 

  58. # /var/run/aesmd.  Putting the socket in the aesmd sub-directory
    59. 

  59. # as opposed to directly in /var/run allows the user to create a
    60. 

  60. # mount a volume at /var/run/aesmd and thus expose the socket to
    61. 

  61. # a different filesystem or namespace, e.g. a Docker container.
    62. 

  62. mkdir -p /var/run/aesmd
    63. 

  63. chown -R aesmd:aesmd /var/run/aesmd
    64. 

  64. chmod 0755 /var/run/aesmd
    65. 

  65. 

  66. if [ -d /run/systemd/system ]; then
    67. 

  67.     AESMD_NAME=aesmd.service
    68. 

  68.     AESMD_TEMP=$AESM_PATH/$AESMD_NAME
    69. 

  69.     if [ -d /lib/systemd/system ]; then
    70. 

  70.         AESMD_DEST=/lib/systemd/system/$AESMD_NAME
    71. 

  71.     else
    72. 

  72.         AESMD_DEST=/usr/lib/systemd/system/$AESMD_NAME
    73. 

  73.     fi
    74. 

  74.     echo -n "Installing $AESMD_NAME service ..."
    75. 

  75.     sed -e "s:@aesm_folder@:$AESM_PATH:" \
    76. 

  76.         $AESMD_TEMP > $AESMD_DEST
    77. 

  77.     chmod 0644 $AESMD_DEST
    78. 

  78.     rm -f $AESMD_TEMP
    79. 

  79.     rm -f $AESM_PATH/aesmd.conf
    80. 

  80.     DISABLE_AESMD="systemctl disable aesmd"
    81. 

  81.     systemctl enable aesmd
    82. 

  82.     retval=$?
    83. 

  83. elif [ -d /etc/init/ ]; then
    84. 

  84.     AESMD_NAME=aesmd.conf
    85. 

  85.     AESMD_TEMP=$AESM_PATH/$AESMD_NAME
    86. 

  86.     AESMD_DEST=/etc/init/$AESMD_NAME
    87. 

  87.     echo -n "Installing $AESMD_NAME service ..."
    88. 

  88.     sed -e "s:@aesm_folder@:$AESM_PATH:" \
    89. 

  89.         $AESMD_TEMP > $AESMD_DEST
    90. 

  90.     chmod 0644 $AESMD_DEST
    91. 

  91.     rm -f $AESMD_TEMP
    92. 

  92.     rm -f $AESM_PATH/aesmd.service
    93. 

  93.     /sbin/initctl reload-configuration
    94. 

  94.     retval=$?
    95. 

  95. else
    96. 

  96.     echo " failed."
    97. 

  97.     echo "Unsupported platform - neither systemctl nor initctl is found."
    98. 

  98.     exit 5
    99. 

  99. fi
    100. 

  100. 

  101. if test $retval -ne 0; then
    102. 

  102.     echo "$rcmngr failed to install $AESMD_NAME."
    103. 

  103.     exit 6
    104. 

  104. fi
    105. 

  105. 

  106. echo " done."
    107. 

  107. 

  108. 

  109. cat > $PSW_DST_PATH/uninstall.sh <<EOF
    110. 

  110. #!/usr/bin/env bash
    111. 

  111. #
    112. 

  112. # Copyright (C) 2011-2018 Intel Corporation. All rights reserved.
    113. 

  113. #
    114. 

  114. # Redistribution and use in source and binary forms, with or without
    115. 

  115. # modification, are permitted provided that the following conditions
    116. 

  116. # are met:
    117. 

  117. #
    118. 

  118. #   * Redistributions of source code must retain the above copyright
    119. 

  119. #     notice, this list of conditions and the following disclaimer.
    120. 

  120. #   * Redistributions in binary form must reproduce the above copyright
    121. 

  121. #     notice, this list of conditions and the following disclaimer in
    122. 

  122. #     the documentation and/or other materials provided with the
    123. 

  123. #     distribution.
    124. 

  124. #   * Neither the name of Intel Corporation nor the names of its
    125. 

  125. #     contributors may be used to endorse or promote products derived
    126. 

  126. #     from this software without specific prior written permission.
    127. 

  127. #
    128. 

  128. # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
    129. 

  129. # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
    130. 

  130. # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
    131. 

  131. # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
    132. 

  132. # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
    133. 

  133. # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
    134. 

  134. # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
    135. 

  135. # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
    136. 

  136. # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
    137. 

  137. # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
    138. 

  138. # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
    139. 

  139. #
    140. 

  140. #
    141. 

  141. 

  142. 

  143. if test \$(id -u) -ne 0; then
    144. 

  144.     echo "Root privilege is required."
    145. 

  145.     exit 1
    146. 

  146. fi
    147. 

  147. 

  148. get_lib()
    149. 

  149. {
    150. 

  150.     echo "\$(basename \$(gcc -print-multi-os-directory))"
    151. 

  151. }
    152. 

  152. 

  153. # Killing AESM service
    154. 

  154. /usr/sbin/service aesmd stop
    155. 

  155. $DISABLE_AESMD
    156. 

  156. # Removing AESM configuration files
    157. 

  157. rm -f $AESMD_DEST
    158. 

  158. rm -f /etc/aesmd.conf
    159. 

  159. 

  160. # Removing AESM internal folders
    161. 

  161. #rm -fr /var/opt/aesmd
    162. 

  162. rm -fr /var/run/aesmd
    163. 

  163. 

  164. # Removing runtime libraries
    165. 

  165. rm -f /usr/\$(get_lib)/libsgx_uae_service.so
    166. 

  166. rm -f /usr/\$(get_lib)/libsgx_urts.so
    167. 

  167. rm -f /usr/lib/i386-linux-gnu/libsgx_uae_service.so
    168. 

  168. rm -f /usr/lib/i386-linux-gnu/libsgx_urts.so
    169. 

  169. 

  170. # Removing AESM user and group
    171. 

  171. /usr/sbin/userdel aesmd 2> /dev/null
    172. 

  172. /usr/sbin/groupdel aesmd 2> /dev/null
    173. 

  173. 

  174. # Removing AESM folder
    175. 

  175. rm -fr $PSW_DST_PATH
    176. 

  176. 

  177. echo "Intel(R) SGX PSW uninstalled."
    178. 

  178. EOF
    179. 

  179. 

  180. chmod +x $PSW_DST_PATH/uninstall.sh
    181. 

  181. 

  182. $AESM_PATH/cse_provision_tool || true
    183. 

  183. rm $AESM_PATH/cse_provision_tool
    184. 

  184. 

  185. cat > $AESM_PATH/linksgx.sh <<EOF
    186. 

  186. #!/usr/bin/env bash
    187. 

  187. #
    188. 

  188. # Copyright (C) 2011-2018 Intel Corporation. All rights reserved.
    189. 

  189. #
    190. 

  190. # Redistribution and use in source and binary forms, with or without
    191. 

  191. # modification, are permitted provided that the following conditions
    192. 

  192. # are met:
    193. 

  193. #
    194. 

  194. #   * Redistributions of source code must retain the above copyright
    195. 

  195. #     notice, this list of conditions and the following disclaimer.
    196. 

  196. #   * Redistributions in binary form must reproduce the above copyright
    197. 

  197. #     notice, this list of conditions and the following disclaimer in
    198. 

  198. #     the documentation and/or other materials provided with the
    199. 

  199. #     distribution.
    200. 

  200. #   * Neither the name of Intel Corporation nor the names of its
    201. 

  201. #     contributors may be used to endorse or promote products derived
    202. 

  202. #     from this software without specific prior written permission.
    203. 

  203. #
    204. 

  204. # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
    205. 

  205. # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
    206. 

  206. # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
    207. 

  207. # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
    208. 

  208. # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
    209. 

  209. # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
    210. 

  210. # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
    211. 

  211. # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
    212. 

  212. # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
    213. 

  213. # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
    214. 

  214. # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
    215. 

  215. #
    216. 

  216. #
    217. 

  217. 

  218. 

  219. if test \$(id -u) -ne 0; then
    220. 

  220.     echo "Root privilege is required."
    221. 

  221.     exit 1
    222. 

  222. fi
    223. 

  223. 

  224. if [ -e /dev/sgx ]; then
    225. 

  225.     chmod 666 /dev/sgx &> /dev/null
    226. 

  226.     /sbin/modprobe -r isgx &> /dev/null
    227. 

  227. else
    228. 

  228.     /sbin/modprobe isgx &> /dev/null || /sbin/modprobe --allow-unsupported isgx &> /dev/null
    229. 

  229. fi
    230. 

  230. echo ""
    231. 

  231. EOF
    232. 

  232. 

  233. chmod +x $AESM_PATH/linksgx.sh
    234. 

  234. 

  235. # Start the aesmd service
    236. 

  236. if [ -d /run/systemd/system ]; then
    237. 

  237.     systemctl start aesmd
    238. 

  238. elif [ -d /etc/init/ ]; then
    239. 

  239.     /sbin/initctl start aesmd
    240. 

  240. fi
    241. 

  241. 

  242. echo -e "\nuninstall.sh script generated in $PSW_DST_PATH\n"
    243. 

  243. 

  244. echo -e "Installation is successful!"
    245. 

  245. 

  246. rm -fr $PSW_DST_PATH/scripts
    247. 

  247. 

  248. exit 0
    249. 

  249.