Merge pull request #96 from datachainlab/enclave-debug-flag

Add `enclave_debug` flag to cli Signed-off-by: Jun Kimura <[email protected]>
datachainlab · Jan 15, 2024 · 71dd7fb · 71dd7fb
2 parents 3bd77b9 + 4bcc8ec
commit 71dd7fb
Show file tree

Hide file tree

Showing 9 changed files with 106 additions and 78 deletions.
diff --git a/app/src/commands/attestation.rs b/app/src/commands/attestation.rs
@@ -1,10 +1,12 @@
-use crate::opts::Opts;
+use crate::{
+    enclave::EnclaveLoader,
+    opts::{EnclaveOpts, Opts},
+};
 use anyhow::{bail, Result};
 use clap::Parser;
 use crypto::Address;
 use ecall_commands::IASRemoteAttestationInput;
 use enclave_api::{Enclave, EnclaveCommandAPI, EnclaveProtoAPI};
-use std::path::PathBuf;
 use store::transaction::CommitStore;
 
 /// `attestation` subcommand
@@ -19,40 +21,42 @@ pub enum AttestationCmd {
 }
 
 impl AttestationCmd {
-    pub fn run<S>(
-        &self,
-        opts: &Opts,
-        enclave_loader: impl FnOnce(&Opts, Option<&PathBuf>) -> Result<Enclave<S>>,
-    ) -> Result<()>
+    pub fn run<S, L>(&self, opts: &Opts, enclave_loader: L) -> Result<()>
     where
         S: CommitStore,
         Enclave<S>: EnclaveProtoAPI<S>,
+        L: EnclaveLoader<S>,
     {
         let home = opts.get_home();
         match self {
             AttestationCmd::IAS(cmd) => {
                 if !home.exists() {
                     bail!("home directory doesn't exist at {:?}", home);
                 }
-                run_ias_remote_attestation(enclave_loader(opts, cmd.enclave.as_ref())?, cmd)
+                run_ias_remote_attestation(
+                    enclave_loader.load(opts, cmd.enclave.path.as_ref(), cmd.enclave.debug)?,
+                    cmd,
+                )
             }
             #[cfg(feature = "sgx-sw")]
             AttestationCmd::Simulate(cmd) => {
                 if !home.exists() {
                     bail!("home directory doesn't exist at {:?}", home);
                 }
-                run_simulate_remote_attestation(enclave_loader(opts, cmd.enclave.as_ref())?, cmd)
+                run_simulate_remote_attestation(
+                    enclave_loader.load(opts, cmd.enclave.path.as_ref(), cmd.enclave.debug)?,
+                    cmd,
+                )
             }
         }
     }
 }
 
 #[derive(Clone, Debug, Parser, PartialEq)]
 pub struct IASRemoteAttestation {
-    /// Path to the enclave binary
-    #[clap(long = "enclave", help = "Path to the enclave binary")]
-    pub enclave: Option<PathBuf>,
-
+    /// Options for enclave
+    #[clap(flatten)]
+    pub enclave: EnclaveOpts,
     /// An enclave key attested by Remote Attestation
     #[clap(
         long = "enclave_key",
@@ -81,9 +85,9 @@ fn run_ias_remote_attestation<E: EnclaveCommandAPI<S>, S: CommitStore>(
 #[cfg(feature = "sgx-sw")]
 #[derive(Clone, Debug, Parser, PartialEq)]
 pub struct SimulateRemoteAttestation {
-    /// Path to the enclave binary
-    #[clap(long = "enclave", help = "Path to the enclave binary")]
-    pub enclave: Option<PathBuf>,
+    /// Options for enclave
+    #[clap(flatten)]
+    pub enclave: EnclaveOpts,
 
     /// An enclave key attested by Remote Attestation
     #[clap(
@@ -97,14 +101,14 @@ pub struct SimulateRemoteAttestation {
         long = "signing_cert_path",
         help = "Path to a der-encoded file that contains X.509 certificate"
     )]
-    pub signing_cert_path: PathBuf,
+    pub signing_cert_path: std::path::PathBuf,
 
     /// Path to a PEM-encoded file that contains PKCS#8 private key
     #[clap(
         long = "signing_key",
         help = "Path to a PEM-encoded file that contains PKCS#8 private key"
     )]
-    pub signing_key_path: PathBuf,
+    pub signing_key_path: std::path::PathBuf,
 
     /// Validate a signing certificate using openssl command
     #[clap(

diff --git a/app/src/commands/elc.rs b/app/src/commands/elc.rs
@@ -1,4 +1,7 @@
-use crate::opts::Opts;
+use crate::{
+    enclave::EnclaveLoader,
+    opts::{EnclaveOpts, Opts},
+};
 use anyhow::Result;
 use clap::Parser;
 use enclave_api::{Enclave, EnclaveProtoAPI};
@@ -24,11 +27,11 @@ impl ELCCmd {
     }
 }
 
-#[derive(Clone, Debug, Parser, PartialEq)]
+#[derive(Clone, Debug, Parser)]
 pub struct ELCOpts {
-    /// Path to the enclave binary
-    #[clap(long = "enclave", help = "Path to enclave binary")]
-    pub enclave: Option<PathBuf>,
+    /// Options for enclave
+    #[clap(flatten)]
+    pub enclave: EnclaveOpts,
     /// Path to the proto msg
     #[clap(long = "msg", help = "Path to proto msg")]
     pub msg: PathBuf,
@@ -42,17 +45,15 @@ impl ELCOpts {
 }
 
 impl ELCCmd {
-    pub fn run<S>(
-        &self,
-        opts: &Opts,
-        enclave_loader: impl FnOnce(&Opts, Option<&PathBuf>) -> Result<Enclave<S>>,
-    ) -> Result<()>
+    pub fn run<S, L>(&self, opts: &Opts, enclave_loader: L) -> Result<()>
     where
         S: CommitStore,
         Enclave<S>: EnclaveProtoAPI<S>,
+        L: EnclaveLoader<S>,
     {
         let elc_opts = self.opts();
-        let enclave = enclave_loader(opts, elc_opts.enclave.as_ref())?;
+        let enclave =
+            enclave_loader.load(opts, elc_opts.enclave.path.as_ref(), elc_opts.enclave.debug)?;
         match self {
             Self::CreateClient(_) => {
                 let _ = enclave.proto_create_client(elc_opts.load()?)?;

diff --git a/app/src/commands/enclave.rs b/app/src/commands/enclave.rs
@@ -1,12 +1,14 @@
-use crate::opts::Opts;
+use crate::{
+    enclave::EnclaveLoader,
+    opts::{EnclaveOpts, Opts},
+};
 use anyhow::{anyhow, Result};
 use clap::Parser;
 use ecall_commands::GenerateEnclaveKeyInput;
 use enclave_api::{Enclave, EnclaveCommandAPI, EnclaveProtoAPI};
 use lcp_types::Mrenclave;
 use log::*;
 use serde_json::json;
-use std::path::PathBuf;
 use store::transaction::CommitStore;
 
 // `enclave` subcommand
@@ -23,38 +25,40 @@ pub enum EnclaveCmd {
 }
 
 impl EnclaveCmd {
-    pub fn run<S>(
-        &self,
-        opts: &Opts,
-        enclave_loader: impl FnOnce(&Opts, Option<&PathBuf>) -> Result<Enclave<S>>,
-    ) -> Result<()>
+    pub fn run<S, L>(&self, opts: &Opts, enclave_loader: L) -> Result<()>
     where
         S: CommitStore,
         Enclave<S>: EnclaveProtoAPI<S>,
+        L: EnclaveLoader<S>,
     {
         let home = opts.get_home();
         if !home.exists() {
             std::fs::create_dir_all(&home)?;
             info!("created home directory: {:?}", home);
         }
         match self {
-            Self::GenerateKey(cmd) => {
-                run_generate_key(enclave_loader(opts, cmd.enclave.as_ref())?, cmd)
-            }
-            Self::ListKeys(cmd) => run_list_keys(enclave_loader(opts, cmd.enclave.as_ref())?, cmd),
-            Self::PruneKeys(cmd) => {
-                run_prune_keys(enclave_loader(opts, cmd.enclave.as_ref())?, cmd)
-            }
+            Self::GenerateKey(cmd) => run_generate_key(
+                enclave_loader.load(opts, cmd.enclave.path.as_ref(), cmd.enclave.debug)?,
+                cmd,
+            ),
+            Self::ListKeys(cmd) => run_list_keys(
+                enclave_loader.load(opts, cmd.enclave.path.as_ref(), cmd.enclave.debug)?,
+                cmd,
+            ),
+            Self::PruneKeys(cmd) => run_prune_keys(
+                enclave_loader.load(opts, cmd.enclave.path.as_ref(), cmd.enclave.debug)?,
+                cmd,
+            ),
             Self::Metadata(cmd) => run_print_metadata(opts, cmd),
         }
     }
 }
 
 #[derive(Clone, Debug, Parser, PartialEq)]
 pub struct GenerateKey {
-    /// Path to the enclave binary
-    #[clap(long = "enclave", help = "Path to the enclave binary")]
-    pub enclave: Option<PathBuf>,
+    /// Options for enclave
+    #[clap(flatten)]
+    pub enclave: EnclaveOpts,
 }
 
 fn run_generate_key<E: EnclaveCommandAPI<S>, S: CommitStore>(
@@ -70,9 +74,9 @@ fn run_generate_key<E: EnclaveCommandAPI<S>, S: CommitStore>(
 
 #[derive(Clone, Debug, Parser, PartialEq)]
 pub struct ListKeys {
-    /// Path to the enclave binary
-    #[clap(long = "enclave", help = "Path to the enclave binary")]
-    pub enclave: Option<PathBuf>,
+    /// Options for enclave
+    #[clap(flatten)]
+    pub enclave: EnclaveOpts,
     #[clap(
         long = "available_only",
         short = 'a',
@@ -122,9 +126,9 @@ fn run_list_keys<E: EnclaveCommandAPI<S>, S: CommitStore>(
 
 #[derive(Clone, Debug, Parser, PartialEq)]
 pub struct PruneKeys {
-    /// Path to the enclave binary
-    #[clap(long = "enclave", help = "Path to the enclave binary")]
-    pub enclave: Option<PathBuf>,
+    /// Options for enclave
+    #[clap(flatten)]
+    pub enclave: EnclaveOpts,
     /// expiration in seconds from attested_at
     #[clap(long = "expiration", help = "expiration in seconds from attested_at")]
     pub expiration: u64,
@@ -142,14 +146,15 @@ fn run_prune_keys<E: EnclaveCommandAPI<S>, S: CommitStore>(
 
 #[derive(Clone, Debug, Parser, PartialEq)]
 pub struct Metadata {
-    /// Path to the enclave binary
-    #[clap(long = "enclave", help = "Path to the enclave binary")]
-    pub enclave: Option<PathBuf>,
+    /// Options for enclave
+    #[clap(flatten)]
+    pub enclave: EnclaveOpts,
 }
 
 fn run_print_metadata(opts: &Opts, cmd: &Metadata) -> Result<()> {
     let metadata = host::sgx_get_metadata(
         cmd.enclave
+            .path
             .clone()
             .unwrap_or_else(|| opts.default_enclave()),
     )?;

diff --git a/app/src/commands/service.rs b/app/src/commands/service.rs
@@ -1,10 +1,10 @@
-use crate::opts::Opts;
+use crate::enclave::EnclaveLoader;
+use crate::opts::{EnclaveOpts, Opts};
 use anyhow::Result;
 use clap::Parser;
 use enclave_api::{Enclave, EnclaveProtoAPI};
 use log::*;
 use service::{run_service, AppService};
-use std::path::PathBuf;
 use std::sync::Arc;
 use store::transaction::CommitStore;
 use tokio::runtime::Builder;
@@ -18,9 +18,9 @@ pub enum ServiceCmd {
 
 #[derive(Clone, Debug, Parser, PartialEq)]
 pub struct Start {
-    /// Path to the enclave binary
-    #[clap(long = "enclave", help = "Path to enclave binary")]
-    pub enclave: Option<PathBuf>,
+    /// Options for enclave
+    #[clap(flatten)]
+    pub enclave: EnclaveOpts,
     /// Address of the App service
     #[clap(
         long = "address",
@@ -38,19 +38,17 @@ pub struct Start {
 }
 
 impl ServiceCmd {
-    pub fn run<S>(
-        &self,
-        opts: &Opts,
-        enclave_loader: impl FnOnce(&Opts, Option<&PathBuf>) -> Result<Enclave<S>>,
-    ) -> Result<()>
+    pub fn run<S, L>(&self, opts: &Opts, enclave_loader: L) -> Result<()>
     where
         S: CommitStore + 'static,
         Enclave<S>: EnclaveProtoAPI<S>,
+        L: EnclaveLoader<S>,
     {
         match self {
             Self::Start(cmd) => {
                 let addr = cmd.address.parse()?;
-                let enclave = enclave_loader(opts, cmd.enclave.as_ref())?;
+                let enclave =
+                    enclave_loader.load(opts, cmd.enclave.path.as_ref(), cmd.enclave.debug)?;
 
                 let mut rb = Builder::new_multi_thread();
                 let rb = if let Some(threads) = cmd.threads {

diff --git a/app/src/enclave.rs b/app/src/enclave.rs
@@ -5,20 +5,26 @@ use keymanager::EnclaveKeyManager;
 use std::path::PathBuf;
 use store::transaction::CommitStore;
 
-pub(crate) fn build_enclave_loader<S: CommitStore>(
-) -> impl FnOnce(&Opts, Option<&PathBuf>) -> Result<Enclave<S>>
+pub trait EnclaveLoader<S: CommitStore> {
+    fn load(&self, opts: &Opts, path: Option<&PathBuf>, debug: bool) -> Result<Enclave<S>>;
+}
+
+#[derive(Debug)]
+pub struct DefaultEnclaveLoader<S: CommitStore>(std::marker::PhantomData<S>);
+
+impl<S: CommitStore> EnclaveLoader<S> for DefaultEnclaveLoader<S>
 where
     Enclave<S>: EnclaveProtoAPI<S>,
 {
-    |opts, path| {
+    fn load(&self, opts: &Opts, path: Option<&PathBuf>, debug: bool) -> Result<Enclave<S>> {
         let path = if let Some(path) = path {
             path.clone()
         } else {
             opts.default_enclave()
         };
         let env = host::get_environment().unwrap();
         let km = EnclaveKeyManager::new(&env.home)?;
-        match Enclave::create(&path, km, env.store.clone()) {
+        match Enclave::create(&path, debug, km, env.store.clone()) {
             Ok(enclave) => Ok(enclave),
             Err(x) => {
                 bail!(
@@ -30,3 +36,10 @@ where
         }
     }
 }
+
+pub const fn build_enclave_loader<S: CommitStore>() -> DefaultEnclaveLoader<S>
+where
+    Enclave<S>: EnclaveProtoAPI<S>,
+{
+    DefaultEnclaveLoader(std::marker::PhantomData)
+}
diff --git a/app/src/opts.rs b/app/src/opts.rs
@@ -3,7 +3,7 @@ use clap::Parser;
 use log::LevelFilter;
 use std::{path::PathBuf, str::FromStr};
 
-#[derive(Debug, Parser)]
+#[derive(Debug, Clone, Parser)]
 pub struct Opts {
     /// Path to the home directory
     #[clap(long = "home", help = "Path to LCP home directory")]
@@ -16,6 +16,15 @@ pub struct Opts {
     pub log_level: Option<String>,
 }
 
+#[derive(Debug, Clone, Parser, PartialEq)]
+pub struct EnclaveOpts {
+    /// Path to the enclave binary
+    #[clap(long = "enclave", help = "Path to enclave binary")]
+    pub path: Option<PathBuf>,
+    #[clap(long = "enclave_debug", help = "Enable enclave debug mode")]
+    pub debug: bool,
+}
+
 impl Opts {
     pub fn get_home(&self) -> PathBuf {
         if let Some(home) = self.home.as_ref() {

diff --git a/modules/enclave-api/src/enclave.rs b/modules/enclave-api/src/enclave.rs
@@ -35,11 +35,12 @@ impl<S: CommitStore> Enclave<S> {
 
     pub fn create(
         path: impl Into<PathBuf>,
+        debug: bool,
         key_manager: EnclaveKeyManager,
         store: Arc<RwLock<HostStore>>,
     ) -> SgxResult<Self> {
         let path = path.into();
-        let enclave = host::create_enclave(path.clone())?;
+        let enclave = host::create_enclave(path.clone(), debug)?;
         Ok(Self::new(path, key_manager, store, enclave))
     }