mirror of
https://github.com/clearlinux/graphene.git
synced 2026-04-28 19:23:39 +00:00
17ab04db59
Instead of 'loader.debug_type', introduce 'loader.log_level' and 'loader.log_file', along with a set of definitions for logging at a chosen level. For now, the call sites keep using the legacy macros (SGX_DBG and debug()), because converting them all will conflict with other big changes in the code base. The existing LibOS calls are assumed to be at 'info' level.
61 lines
2.5 KiB
Plaintext
61 lines
2.5 KiB
Plaintext
# Nodejs manifest file example
|
|
#
|
|
# This manifest was prepared and tested on Ubuntu 18.04.
|
|
|
|
libos.entrypoint = "file:$(NODEJS_DIR)/nodejs"
|
|
|
|
# LibOS layer library of Graphene. There is currently only one implementation,
|
|
# so it is always set to libsysdb.so.
|
|
loader.preload = "file:$(GRAPHENEDIR)/Runtime/libsysdb.so"
|
|
|
|
# Graphene log level
|
|
loader.log_level = "$(GRAPHENE_LOG_LEVEL)"
|
|
|
|
# Read application arguments directly from the command line. Don't use this on production!
|
|
loader.insecure__use_cmdline_argv = 1
|
|
|
|
# Specify paths to search for libraries. The usual LD_LIBRARY_PATH syntax
|
|
# applies. Paths must be in-Graphene visible paths, not host-OS paths (i.e.,
|
|
# paths must be taken from fs.mount.xxx.path, not fs.mount.xxx.uri).
|
|
loader.env.LD_LIBRARY_PATH = "/lib:$(ARCH_LIBDIR):/usr/$(ARCH_LIBDIR)"
|
|
|
|
# Mount host-OS directory to required libraries (in 'uri') into in-Graphene
|
|
# visible directory /lib (in 'path').
|
|
fs.mount.lib.type = "chroot"
|
|
fs.mount.lib.path = "/lib"
|
|
fs.mount.lib.uri = "file:$(GRAPHENEDIR)/Runtime"
|
|
|
|
fs.mount.lib2.type = "chroot"
|
|
fs.mount.lib2.path = "$(ARCH_LIBDIR)"
|
|
fs.mount.lib2.uri = "file:$(ARCH_LIBDIR)"
|
|
|
|
fs.mount.lib3.type = "chroot"
|
|
fs.mount.lib3.path = "/usr/$(ARCH_LIBDIR)"
|
|
fs.mount.lib3.uri = "file:/usr/$(ARCH_LIBDIR)"
|
|
|
|
# Set enclave size to 2GB; NodeJS expects around 1.7GB of heap on startup,
|
|
# see e.g. https://github.com/nodejs/node/issues/13018.
|
|
# Recall that SGX v1 requires to specify enclave size at enclave creation time.
|
|
sgx.enclave_size = "2G"
|
|
|
|
# Set maximum number of in-enclave threads (somewhat arbitrarily) to 8. Recall
|
|
# that SGX v1 requires to specify the maximum number of simultaneous threads at
|
|
# enclave creation time.
|
|
sgx.thread_num = 8
|
|
|
|
# Specify all files used by Node.js and its dependencies (including all libs
|
|
# which can be loaded at runtime via dlopen).
|
|
sgx.trusted_files.nodejs = "file:$(NODEJS_DIR)/nodejs"
|
|
sgx.trusted_files.ld = "file:$(GRAPHENEDIR)/Runtime/ld-linux-x86-64.so.2"
|
|
sgx.trusted_files.libc = "file:$(GRAPHENEDIR)/Runtime/libc.so.6"
|
|
sgx.trusted_files.libm = "file:$(GRAPHENEDIR)/Runtime/libm.so.6"
|
|
sgx.trusted_files.libdl = "file:$(GRAPHENEDIR)/Runtime/libdl.so.2"
|
|
sgx.trusted_files.librt = "file:$(GRAPHENEDIR)/Runtime/librt.so.1"
|
|
sgx.trusted_files.libutil = "file:$(GRAPHENEDIR)/Runtime/libutil.so.1"
|
|
sgx.trusted_files.libpthread = "file:$(GRAPHENEDIR)/Runtime/libpthread.so.0"
|
|
sgx.trusted_files.libstdcpp = "file:$(GRAPHENEDIR)/Runtime/libstdc++.so.6"
|
|
sgx.trusted_files.libgcc_s = "file:$(GRAPHENEDIR)/Runtime/libgcc_s.so.1"
|
|
|
|
# input file
|
|
sgx.trusted_files.javascript = "file:helloworld.js"
|