inject nsm.ko from enclaveos

2025-07-11 17:55:28 -04:00 · 2025-07-11 17:55:28 -04:00 · fa87bd8088
parent 61a8ff9537
commit fa87bd8088
1 changed files with 21 additions and 2 deletions
--- a/src/platform/aws.rs
+++ b/src/platform/aws.rs
@ -64,7 +64,7 @@ impl super::Platform for Aws {

    fn init(&self) -> Result<()> {
        // Self::init_heartbeat()?;
-        enclaveos_shim::nitro_heartbeat();
+        enclaveos_shim::init_platform();
        Ok(())
    }
 }
@ -72,6 +72,16 @@ impl super::Platform for Aws {
 mod enclaveos_shim {

    mod system {
+        use std::os::fd::AsRawFd;
+
+        pub fn insmod(path: &str) {
+            use libc::{syscall, SYS_finit_module};
+            let file = std::fs::File::open(path).unwrap();
+            let fd = file.as_raw_fd();
+            if unsafe { syscall(SYS_finit_module, fd, &[0u8; 1], 0) } < 0 {
+                eprintln!("bad insert kernel module: {path}");
+            }
+        }
        pub fn socket_connect(
            family: libc::c_int,
            port: u32,
@ -97,7 +107,16 @@ mod enclaveos_shim {
        }
    }

-    pub fn nitro_heartbeat() {
+    pub fn init_platform(){
+        use system::insmod;
+        // TODO: error handling
+        nitro_heartbeat();
+
+        eprintln!("Loading nsm.ko");
+        insmod("/nsm.ko");
+    }
+
+    fn nitro_heartbeat() {
        use system::socket_connect;
        use libc::{write, read, close, AF_VSOCK};
        let mut buf: [u8; 1] = [0; 1];