From 98299f8b6380a9e66d9eadd3fc20727f36b368e8 Mon Sep 17 00:00:00 2001 From: smtmfft Date: Thu, 9 May 2024 09:04:19 +0800 Subject: [PATCH 1/3] feat(raiko): ci use sgx hw Signed-off-by: smtmfft --- .github/workflows/ci.yml | 31 +++++++++++++++++++++++++++++++ script/install.sh | 12 +++++++++--- 2 files changed, 40 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index f68eb6e3..3d17b005 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -115,6 +115,37 @@ jobs: - name: Test sgx prover run: make test + build-test-sgx-hardware: + name: Build and test sgx in hardware + runs-on: [self-hosted, sgx, linux] + timeout-minutes: 120 + env: + TARGET: sgx + CI: 1 + steps: + - uses: actions/checkout@v4 + with: + submodules: recursive + - uses: actions-rs/toolchain@v1 + with: + toolchain: stable + profile: minimal + - name: Install cargo-binstall + uses: cargo-bins/cargo-binstall@v1.6.4 + - name: Install sgx + run: TARGET="sgx" CI=1 make install + - name: Build sgx prover + run: TARGET="sgx" make build + - name: prevalidate sgx hw execution env + run: | + cd target/release + gramine-manifest -Dlog_level=error -Ddirect_mode=0 -Darch_libdir=/lib/x86_64-linux-gnu/ ../../provers/sgx/config/sgx-guest.local.manifest.template sgx-guest.manifest + gramine-sgx-sign --manifest sgx-guest.manifest --output sgx-guest.manifest.sgx + gramine-sgx-sigstruct-view sgx-guest.sig + cd - + - name: Test sgx prover + run: make test + build-test-sgx-with-docker: name: Build and test sgx with Docker runs-on: ubuntu-latest diff --git a/script/install.sh b/script/install.sh index a60b55b5..b11707bf 100755 --- a/script/install.sh +++ b/script/install.sh @@ -32,9 +32,15 @@ fi # SGX if [ -z "$1" ] || [ "$1" == "sgx" ]; then - # For SGX, install gramine: https://github.com/gramineproject/gramine. - wget -O /tmp/gramine.deb https://packages.gramineproject.io/pool/main/g/gramine/gramine_1.6.2_amd64.deb - sudo apt install /tmp/gramine.deb + # also check if sgx is already installed + if command -v gramine-sgx >/dev/null 2>&1; then + echo "gramine already installed" + else + echo "gramine not installed, installing..." + # For SGX, install gramine: https://github.com/gramineproject/gramine. + wget -O /tmp/gramine.deb https://packages.gramineproject.io/pool/main/g/gramine/gramine_1.6.2_amd64.deb + sudo apt install -y /tmp/gramine.deb + fi fi # RISC0 if [ -z "$1" ] || [ "$1" == "risc0" ]; then From 4aba2ea5e873b1257a0e90ed76cc2a18e3d647e4 Mon Sep 17 00:00:00 2001 From: smtmfft Date: Thu, 9 May 2024 09:24:17 +0800 Subject: [PATCH 2/3] disable ci edmm Signed-off-by: smtmfft --- .github/workflows/ci.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 3d17b005..67586cf8 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -122,6 +122,7 @@ jobs: env: TARGET: sgx CI: 1 + EDMM: 0 steps: - uses: actions/checkout@v4 with: From aa9e26ee703c4d8e02edacbcf20aa0fdd3acdc70 Mon Sep 17 00:00:00 2001 From: smtmfft Date: Thu, 9 May 2024 13:27:03 +0800 Subject: [PATCH 3/3] fix review comments Signed-off-by: smtmfft --- .github/workflows/ci.yml | 11 ++--------- 1 file changed, 2 insertions(+), 9 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 67586cf8..eeef21ae 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -134,16 +134,9 @@ jobs: - name: Install cargo-binstall uses: cargo-bins/cargo-binstall@v1.6.4 - name: Install sgx - run: TARGET="sgx" CI=1 make install + run: make install - name: Build sgx prover - run: TARGET="sgx" make build - - name: prevalidate sgx hw execution env - run: | - cd target/release - gramine-manifest -Dlog_level=error -Ddirect_mode=0 -Darch_libdir=/lib/x86_64-linux-gnu/ ../../provers/sgx/config/sgx-guest.local.manifest.template sgx-guest.manifest - gramine-sgx-sign --manifest sgx-guest.manifest --output sgx-guest.manifest.sgx - gramine-sgx-sigstruct-view sgx-guest.sig - cd - + run: make build - name: Test sgx prover run: make test