Home Explore Help
Sign In
miti
/
mitigator
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Merged da files.

Miti Mazmudar 4 years ago
parent
55daf27348 173a02c8a4
commit
2fca467ab9
4 changed files with 39 additions and 44 deletions
Split View Show Diff Stats
  1. 1 1
      build-driver
  2. 36 41
      docker/Dockerfile
  3. 1 1
      graphene-docker/Dockerfile
  4. 1 1
      sgx-docker/Dockerfile

+ 1 - 1
build-driver
View File 

@@ -3,7 +3,7 @@
 
 rm -rf linux-sgx-driver
 
 git clone https://github.com/intel/linux-sgx-driver.git
 
 cd linux-sgx-driver
 
-git checkout sgx2
 
+git checkout f7dc97c0
 
 make
 
 cp -av sgx_user.h ../graphene-docker/
 
 cd ..

+ 36 - 41
docker/Dockerfile
View File 

@@ -3,81 +3,76 @@ ENV SGX_SDK=/opt/intel/sgxsdk/
 
 
 RUN mkdir source
 
 WORKDIR source
 
-## Setting up prereqs for decryptor - Intel SGX SSL 
+## Setting up prereqs for decryptor - Intel SGX SSL
 
 # Just curling the tar.gz file and then running the build script didn't work as the extracted folder had a different name (dependent on the foldername which was compressed) --- I didnt want to make a new fork of the sgxssl script for that.
 
-RUN git clone https://github.com/openssl/openssl.git OpenSSL_1.1.1d && \ 
-	cd OpenSSL_1.1.1d && git checkout tags/OpenSSL_1_1_1d && \ 
+RUN git clone https://github.com/openssl/openssl.git OpenSSL_1.1.1d && \
 
+	cd OpenSSL_1.1.1d && git checkout tags/OpenSSL_1_1_1d && \
 
 	cd ../ && tar -cf OpenSSL_1.1.1d.tar.gz OpenSSL_1.1.1d/
 
 
 #Setting up SGXSSL with the version of OpenSSL that we downloaded in the previous step.
 
-RUN git clone https://github.com/intel/intel-sgx-ssl.git && \ 
-	cd intel-sgx-ssl && git checkout tags/lin_2.5_1.1.1d && \ 
-	cp ../OpenSSL_1.1.1d.tar.gz ./openssl_source/  && \ 
+RUN git clone https://github.com/intel/intel-sgx-ssl.git && \
 
+	cd intel-sgx-ssl && git checkout tags/lin_2.5_1.1.1d && \
 
+	cp ../OpenSSL_1.1.1d.tar.gz ./openssl_source/  && \
 
 	cd Linux &&  make && make install
 
 
-#Temp - TODO: Make the git repo public and remove these commands and retest.  
-#COPY gitcrysp-docker-deploy-key.id_rsa /root/.ssh/id_rsa
 
-#COPY gitcrysp-docker-deploy-key.id_rsa.pub /root/.ssh/id_rsa.pub
 
-#RUN ssh-keyscan git-crysp.uwaterloo.ca > /root/.ssh/known_hosts
 
-
 
 #Setting up protobuf definitions for exchanging LA and post-LA messages between enclaves.
 
-RUN git clone gogs@git-crysp.uwaterloo.ca:miti/dhmsgs_proto_defs.git && \ 
+RUN git clone https://git-crysp.uwaterloo.ca/miti/dhmsgs_proto_defs.git && \
 
 	cd dhmsgs_proto_defs/ && protoc --cpp_out=./ ./*.proto
 
 
-#Setting up the decryptor enclave itself. 
-RUN git clone gogs@git-crysp.uwaterloo.ca:miti/Decryptor.git && \ 
-	cd Decryptor/ && make 
+#Setting up the decryptor enclave itself.
 
+RUN git clone https://git-crysp.uwaterloo.ca/miti/Decryptor.git && \
 
+	cd Decryptor/ && make
 
 
-#Setting up common files used in the verifier, PHP extension for LA/post-LA message processing. 
-RUN git clone gogs@git-crysp.uwaterloo.ca:miti/commonVerifierPHPfiles.git
 
+#Setting up common files used in the verifier, PHP extension for LA/post-LA message processing.
 
+RUN git clone https://git-crysp.uwaterloo.ca/miti/commonVerifierPHPfiles.git
 
 
 #Setting up a patched version of the linux-sgx repo's SDK for running LA on graphene.
 
-RUN git clone gogs@git-crysp.uwaterloo.ca:miti/linux-sgx-trts-modified.git && \
 
-	cd linux-sgx-trts-modified && git checkout local_attestation_for_graphene && \ 
+RUN git clone https://git-crysp.uwaterloo.ca/miti/linux-sgx-trts-modified.git && \
 
+	cd linux-sgx-trts-modified && git checkout local_attestation_for_graphene && \
 
 	bash ./download_prebuilt.sh && make USE_OPT_LIBS=0
 
 
-#Setting up the verifier. 
-RUN git clone gogs@git-crysp.uwaterloo.ca:miti/verifier.git && \ 
-	cd verifier/ && git checkout recreating_state_for_teeter && \ 
-	export SGX_SDK_TRTS_MODIFIED=/root/source/linux-sgx-trts-modified/build/linux && make && \ 
+#Setting up the verifier.
 
+RUN git clone https://git-crysp.uwaterloo.ca/miti/verifier.git && \
 
+	cd verifier/ && git checkout recreating_state_for_teeter && \
 
+	export SGX_SDK_TRTS_MODIFIED=/root/source/linux-sgx-trts-modified/build/linux && make && \
 
 	cp verifier /root/graphene/LibOS/shim/test/native && \
 
-	git checkout master && \ 
+	git checkout master && \
 
 	cp verifier.manifest.template /root/graphene/LibOS/shim/test/native && \
 
-	cp grapheneMakefile /root/graphene/LibOS/shim/test/native/Makefile 
+	cp grapheneMakefile /root/graphene/LibOS/shim/test/native/Makefile
 
 
-#Verifier manifest file, makefile changes - comment out JDK/python related content
 
+#Build the verifier
 
 WORKDIR /root/graphene/LibOS/shim/test/native
 
-RUN make SGX=1 #&& make SGX_RUN=1 
+RUN make SGX=1
 
 
 RUN apt update && apt install -y php7.0-dev tmux libxml2-dev 
 
 WORKDIR /root/source
 
 RUN git clone --recursive https://github.com/CopernicaMarketingSoftware/PHP-CPP.git && \
 
 	cd PHP-CPP/ && git checkout tags/v2.1.4 &&  make all && \
 
-	cp libphpcpp.so.* /usr/lib/ && make install 
+	cp libphpcpp.so.* /usr/lib/ && make install
 
 
-RUN git clone gogs@git-crysp.uwaterloo.ca:miti/Apache_PHP_extension.git && \
 
+RUN git clone https://git-crysp.uwaterloo.ca/miti/Apache_PHP_extension.git && \
 
 	cd Apache_PHP_extension && git checkout recreating_state_for_teeter && \
 
-	make 
+	make
 
 
-WORKDIR /root/graphene/LibOS/shim/test/apps/apache
 
-RUN cp /root/source/Apache_PHP_extension/apacheMakefile ./Makefile 
-RUN cp /root/source/Apache_PHP_extension/*.tar.gz ./
 
+#WORKDIR /root/graphene/LibOS/shim/test/apps/apache
 
+#RUN cp /root/source/Apache_PHP_extension/apacheMakefile ./Makefile 
+#RUN cp /root/source/Apache_PHP_extension/*.tar.gz ./
 
 #Don't make the manifest yet - make the apache/php build first and then the manifest.
 
-RUN make SGX=1 build-apache 
+#RUN make SGX=1 build-apache 
 
 #Add the updated httpd.manifest.template
 
-RUN cp /root/source/Apache_PHP_extension/httpd.manifest.template ./
 
+#RUN cp /root/source/Apache_PHP_extension/httpd.manifest.template ./
 
 #Add the PHP .ini file from the PHP folder to /obj/lib 
-RUN cp ./php-7.0.7/php.ini-development ./obj/lib/php.ini 
+#RUN cp ./php-7.0.7/php.ini-development ./obj/lib/php.ini 
 #Add the extension to the obj/modules folder. 
-RUN cp /root/source/Apache_PHP_extension/localattestation_decryption.so ./obj/modules/
 
+#RUN cp /root/source/Apache_PHP_extension/localattestation_decryption.so ./obj/modules/
 
 #Add the extension directory and the extension name to the php.ini 
-RUN echo "extension_dir=/root/graphene/LibOS/shim/test/apps/apache/LibOS/shim/test/apps/apache/obj/modules" >> obj/lib/php.ini && \ 
-	echo "extension=localattestation_decryption.so" >> obj/lib/php.ini
 
+#RUN echo "extension_dir=/root/graphene/LibOS/shim/test/apps/apache/LibOS/shim/test/apps/apache/obj/modules" >> obj/lib/php.ini && \ 
+#	echo "extension=localattestation_decryption.so" >> obj/lib/php.ini
 
 #Add all php source code files to the right place. 
-RUN cp /root/source/Apache_PHP_extension/*.php ./obj/htdocs
 
-RUN make SGX=1 
+#RUN cp /root/source/Apache_PHP_extension/*.php ./obj/htdocs
 
+#RUN make SGX=1 
 
 WORKDIR /root 
 COPY deploy_enclaves.sh ./

+ 1 - 1
graphene-docker/Dockerfile
View File 

@@ -11,7 +11,7 @@ RUN git checkout 58e6087
 
 RUN git submodule init
 
 RUN git submodule update
 
 RUN cd Pal/src/host/Linux-SGX/sgx-driver && git checkout 30d4b940
 
-WORKDIR /root/graphene 
+WORKDIR /root/graphene
 
 COPY isgx_version.h Pal/src/host/Linux-SGX/sgx-driver/
 
 RUN mkdir Pal/src/host/Linux-SGX/sgx-driver/linux-sgx-driver
 
 COPY sgx_user.h Pal/src/host/Linux-SGX/sgx-driver/linux-sgx-driver/

+ 1 - 1
sgx-docker/Dockerfile
View File 

@@ -6,7 +6,7 @@ WORKDIR linux-sgx
 
 RUN git checkout sgx_2.1
 
 RUN ./download_prebuilt.sh #Apparently need to run this even if we use opensource libraries - issue #363
 
 RUN make USE_OPT_LIBS=0 #For using opensource libraries for sgx library code.
 
-RUN make sdk_install_pkg 
+RUN make sdk_install_pkg
 
 RUN make psw_install_pkg
 
 WORKDIR linux/installer/bin
 
 RUN echo -e "no\n/opt/intel" | ./sgx_linux_x64_sdk_*.bin