Compare commits
No commits in common. "main" and "refactor-enclaveos-to-nit" have entirely different histories.
main
...
refactor-e
|
|
@ -1,3 +1,2 @@
|
|||
.git
|
||||
out
|
||||
Containerfile
|
||||
|
|
|
|||
|
|
@ -2,6 +2,10 @@
|
|||
# It is not intended for manual editing.
|
||||
version = 4
|
||||
|
||||
[[package]]
|
||||
name = "hello"
|
||||
version = "0.1.0"
|
||||
|
||||
[[package]]
|
||||
name = "libc"
|
||||
version = "0.2.174"
|
||||
|
|
|
|||
|
|
@ -2,4 +2,5 @@
|
|||
resolver = "2"
|
||||
members = [
|
||||
"crates/nit",
|
||||
"crates/hello",
|
||||
]
|
||||
|
|
|
|||
|
|
@ -1,17 +1,78 @@
|
|||
FROM stagex/pallet-rust@sha256:740b9ed5f2a897d45cafdc806976d84231aa50a64998610750b42a48f8daacab as build
|
||||
# A hello-world example.
|
||||
|
||||
ARG DOMAIN_NAME
|
||||
|
||||
FROM stagex/pallet-rust:sx2025.06.1 AS pallet-rust
|
||||
FROM stagex/user-eif_build:sx2025.06.1 AS eif_build
|
||||
FROM stagex/user-gen_initramfs:sx2025.06.1 AS gen_initramfs
|
||||
FROM stagex/user-linux-nitro:sx2025.06.1 AS linux-nitro
|
||||
|
||||
FROM scratch as base
|
||||
ENV TARGET=x86_64-unknown-linux-musl
|
||||
ENV RUSTFLAGS="-C target-feature=+crt-static"
|
||||
ENV CARGOFLAGS="--locked --all-features --release --target ${TARGET}"
|
||||
ENV CARGO_TARGET_DIR=/cargo-target
|
||||
ENV OPENSSL_STATIC=true
|
||||
|
||||
COPY --from=pallet-rust . /
|
||||
COPY --from=gen_initramfs . /
|
||||
COPY --from=eif_build . /
|
||||
COPY --from=linux-nitro /bzImage .
|
||||
COPY --from=linux-nitro /linux.config .
|
||||
ADD . /src
|
||||
|
||||
FROM base as build
|
||||
WORKDIR /src
|
||||
RUN cargo build ${CARGOFLAGS}
|
||||
WORKDIR /build_cpio
|
||||
RUN cp /src/target/${TARGET}/release/nit init
|
||||
RUN cp /src/target/${TARGET}/release/hello hello
|
||||
ENV KBUILD_BUILD_TIMESTAMP=1
|
||||
|
||||
ARG DOMAIN_NAME
|
||||
COPY <<EOF Caddyfile
|
||||
${DOMAIN_NAME} {
|
||||
respond "HTTPS, World!"
|
||||
}
|
||||
EOF
|
||||
|
||||
COPY <<-EOF initramfs.list
|
||||
file /init init 0755 0 0
|
||||
dir /run 0755 0 0
|
||||
dir /tmp 0755 0 0
|
||||
dir /etc 0755 0 0
|
||||
dir /etc/caddy 0755 0 0
|
||||
file /etc/caddy/Caddyfile Caddyfile 0755 0 0
|
||||
dir /bin 0755 0 0
|
||||
dir /sbin 0755 0 0
|
||||
dir /proc 0755 0 0
|
||||
dir /sys 0755 0 0
|
||||
dir /usr 0755 0 0
|
||||
dir /usr/bin 0755 0 0
|
||||
file /usr/bin/hello hello 0755 0 0
|
||||
dir /usr/sbin 0755 0 0
|
||||
dir /dev 0755 0 0
|
||||
dir /dev/shm 0755 0 0
|
||||
dir /dev/pts 0755 0 0
|
||||
nod /dev/console 0600 0 0 c 5 1
|
||||
EOF
|
||||
RUN <<-EOF
|
||||
find . -exec touch -hcd "@0" "{}" +
|
||||
gen_init_cpio -t 1 initramfs.list > rootfs.cpio
|
||||
touch -hcd "@0" rootfs.cpio
|
||||
EOF
|
||||
WORKDIR /build_eif
|
||||
RUN eif_build \
|
||||
--kernel /bzImage \
|
||||
--kernel_config /linux.config \
|
||||
--ramdisk /build_cpio/rootfs.cpio \
|
||||
--pcrs_output /nitro.pcrs \
|
||||
--output /nitro.eif \
|
||||
--cmdline 'reboot=k initrd=0x2000000,3228672 root=/dev/ram0 panic=1 pci=off nomodules console=ttyS0 i8042.noaux i8042.nomux i8042.nopnp i8042.dumbkbd'
|
||||
|
||||
FROM base as install
|
||||
WORKDIR /rootfs
|
||||
RUN install -Dm755 /cargo-target/${TARGET}/release/nit /rootfs/usr/bin/init
|
||||
COPY --from=build /nitro.eif .
|
||||
COPY --from=build /nitro.pcrs .
|
||||
|
||||
FROM scratch as package
|
||||
COPY --from=build /rootfs .
|
||||
COPY --from=install /rootfs .
|
||||
|
|
|
|||
|
|
@ -1,5 +0,0 @@
|
|||
Copyright 2024 Distrust, Inc.
|
||||
|
||||
Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies.
|
||||
|
||||
THE SOFTWARE IS PROVIDED “AS IS” AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
||||
22
Makefile
22
Makefile
|
|
@ -1,13 +1,21 @@
|
|||
.PHONY: default
|
||||
default: out/init
|
||||
default: out/nitro.eif
|
||||
|
||||
out:
|
||||
mkdir out
|
||||
|
||||
out/init: out
|
||||
out/nitro.eif: Cargo.lock Cargo.toml Containerfile $(shell git ls-files crates)
|
||||
test ! -z $(DOMAIN_NAME)
|
||||
docker build \
|
||||
--tag local/nit \
|
||||
--progress=plain \
|
||||
--output type=local,rewrite-timestamp=true,dest=out\
|
||||
--output type=local,rewrite-timestamp=true,dest=out \
|
||||
--build-arg DOMAIN_NAME=$(DOMAIN_NAME) \
|
||||
-f Containerfile \
|
||||
.
|
||||
|
||||
.PHONY: run
|
||||
run: out/nitro.eif
|
||||
nitro-cli \
|
||||
run-enclave \
|
||||
--cpu-count 2 \
|
||||
--memory 512M \
|
||||
--eif-path out/nitro.eif \
|
||||
--debug-mode \
|
||||
--attach-console
|
||||
|
|
|
|||
|
|
@ -0,0 +1,6 @@
|
|||
[package]
|
||||
name = "hello"
|
||||
version = "0.1.0"
|
||||
edition = "2024"
|
||||
|
||||
[dependencies]
|
||||
|
|
@ -0,0 +1,6 @@
|
|||
fn main() {
|
||||
println!("Hello, world!");
|
||||
loop {
|
||||
std::thread::sleep(std::time::Duration::from_secs(5));
|
||||
}
|
||||
}
|
||||
|
|
@ -77,10 +77,6 @@ impl Mount {
|
|||
"could not check if path exists: {path}",
|
||||
path = self.target.display()
|
||||
))? {
|
||||
dmesg(format!(
|
||||
"Making directory: {target}",
|
||||
target = self.target.display()
|
||||
));
|
||||
syscall::mkdir(&self.target)?;
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue