search

inclavare-containers / rats-tls

RATS architecture based TLS using librats
31 stars 33 forks source link

Cannot run rats-TLS with Occlum #114

Closed graziadonghia closed 1 year ago

graziadonghia commented 2 years ago

Hello, I'm trying to follow this guide to run rats-TLS with Occlum but when I run the command occlum run I receive this error:

╰─➤  occlum run /bin/rats-tls-server -m -l debug
failed to boot up LibOS: ENOENT (#2, No such file or directory): cannot load ld.so [line = 128, file = src/process/do_spawn/mod.rs]
    Caused by ENOENT (#2, No such file or directory): cannot find the file [line = 81, file = src/process/do_spawn/exec_loader.rs]
[ERROR] occlum-pal: occlum_ecall_new_process returns ENOENT (line 152, file src/pal_api.c)

What should I do? Of course I have SGX DCAP installed together with all the specified requirements.

haosanzi commented 2 years ago

hi, since the error is cannot load ld.so, could you check whether you copied ibdl.so.2 to image/opt/occlum/glibc/lib?

We recommend you to run rats-TLS with occlum develop image by following this guide. You only need to launch occlum image, and compile rats-tls occlum mod, then you can run rats-tls-server.

docker run -it --privileged --network host \
  -v /dev/sgx_enclave:/dev/sgx/enclave \
  -v /dev/sgx_provision:/dev/sgx/provision \
  -v /var/run/aesmd:/var/run/aesmd \
  occlum/occlum:0.28.0-ubuntu20.04
eive001 commented 2 years ago

Hi, Tested the command you mentioned and it did not cause this problem. Here is the result of my execution

# occlum run /bin/rats-tls-server -m -l debug
    - Welcome to RATS-TLS sample server program for Occlum
Mon Nov  7 09:32:10 UTC 2022: [DEBUG] rats_tls_init()@L22: conf 0x7f16a9424820, handle 0x7f16a94247b0
Mon Nov  7 09:32:10 UTC 2022: [DEBUG] rtls_crypto_wrapper_select()@L27: selecting the crypto wrapper '(null)' ...
Mon Nov  7 09:32:10 UTC 2022: [DEBUG] openssl_init()@L16: ctx 0x7f16a7031bc0
[INFO] the crypto wrapper 'openssl' selected
Mon Nov  7 09:32:10 UTC 2022: [DEBUG] rtls_attester_select()@L33: selecting the enclave attester '(null)' cert algo '0x1'...
Mon Nov  7 09:32:10 UTC 2022: [DEBUG] init_enclave_attester()@L17: called enclave core ctx: 0xa7027570 enclave attester ctx: 0xa7027680 algo: 0x1
Mon Nov  7 09:32:10 UTC 2022: [DEBUG] sgx_ecdsa_attester_init()@L14: ctx 0x7f16a7027680, algo 1
[INFO] the enclave attester 'sgx_ecdsa' selected
Mon Nov  7 09:32:10 UTC 2022: [DEBUG] rtls_verifier_select()@L32: selecting the enclave verifier '(null)' ...
Mon Nov  7 09:32:10 UTC 2022: [DEBUG] rtls_verifier_select()@L36: trying to match sgx_ecdsa_qve ...
Mon Nov  7 09:32:10 UTC 2022: [DEBUG] init_enclave_verifier()@L17: init enclave verifier rtls_core_context: 0xa7027570
Mon Nov  7 09:32:10 UTC 2022: [DEBUG] sgx_ecdsa_qve_verifier_init()@L14: ctx 0x7f16a7027710, algo 1
jiazhang0 commented 1 year ago

Closed. If you have any question, please reopen this issue.