clearlinux/graphene
2
0
Fork 0
mirror of https://github.com/clearlinux/graphene.git synced 2026-06-29 09:25:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
6c7ff2d3a68645713292a32d65858284acfec806
graphene/Examples/python-scipy-insecure/python.manifest.template
T
Michał Kowalczyk 6c7ff2d3a6 Migrate and remove test/apps submodule 
We decided to merge the sample app integrations submodule back because
working with git submodules turned out to be really painful. The only
blocker for this was the fact, that previously it contained a lot of
binary blobs and copy-pasted sources, but this was cleaned up recently.

Credits: (authors of particular integration examples, extracted from
commits and PR history in https://github.com/oscarlab/graphene-tests)

apache:     Chia-Che Tsai <chiache@tamu.edu>, Dmitrii Kuvaiskii <dmitrii.kuvaiskii@intel.com>
bash:       Chia-Che Tsai <chiache@tamu.edu>, Dmitrii Kuvaiskii <dmitrii.kuvaiskii@intel.com>
blender:    borysp <borysp@invisiblethingslab.com>
busybox:    borysp <borysp@invisiblethingslab.com>
capnproto:  Dmitrii Kuvaiskii <dmitrii.kuvaiskii@intel.com>
curl:       Dmitrii Kuvaiskii <dmitrii.kuvaiskii@intel.com>
gcc:        Thomas Knauth <thomas.knauth@intel.com>
lighttpd:   Chia-Che Tsai <chiache@tamu.edu>, Thomas Knauth <thomas.knauth@intel.com>
lmbench:    Chia-Che Tsai <chiache@tamu.edu>
memcached:  Dmitrii Kuvaiskii <dmitrii.kuvaiskii@intel.com>
nginx:      Dmitrii Kuvaiskii <dmitrii.kuvaiskii@intel.com>
nodejs:     jack.wxz <jack.wxz@alibaba-inc.com>
nodejs-express-server: Eduardo Rodriguez <erodrig@us.ibm.com>
openvino:   Dmitrii Kuvaiskii <dmitrii.kuvaiskii@intel.com>
python-scipy-insecure: Chia-Che Tsai <chiache@tamu.edu>, Dmitrii Kuvaiskii <dmitrii.kuvaiskii@intel.com>
python-simple:         Chia-Che Tsai <chiache@tamu.edu>, Dmitrii Kuvaiskii <dmitrii.kuvaiskii@intel.com>
pytorch:    Thomas Knauth <thomas.knauth@intel.com>
r:          Chia-Che Tsai <chiache@tamu.edu>
redis:      Dmitrii Kuvaiskii <dmitrii.kuvaiskii@intel.com>
tensorflow: Thomas Knauth <thomas.knauth@intel.com>

LTP was moved to LibOS/shim/test/ltp. It was recently rewritten by
Wojtek Porczyk <woju@invisiblethingslab.com>.
2020-03-30 21:10:41 +02:00

108 lines
4.0 KiB
Plaintext
Raw Blame History

# Python3 manifest example
#
# This manifest was prepared and tested on Ubuntu 16.04.
#
# Python must be run with the pal_loader:
#
# ./pal_loader python.manifest <script>
# The executable to load in Graphene. By default, PYTHONHOME points to the
# system installation. To run Python from a local installation, specify PYTHONHOME
# when running `make` in this directory.
loader.exec = file:$(PYTHONEXEC)
# Graphene environment, including the path of the library OS and the debug
# option (inline/none).
loader.preload = file:$(GRAPHENEDIR)/Runtime/libsysdb.so
loader.debug_type = $(GRAPHENEDEBUG)
# Environment variables for Python
loader.env.LD_LIBRARY_PATH = $(PYTHONHOME)/lib:/lib:/lib/x86_64-linux-gnu:/usr/lib:/usr/lib/x86_64-linux-gnu
loader.env.PATH = $(PYTHONHOME)/bin:/usr/bin:/bin
loader.env.PYTHONHOME = $(PYTHONHOME)
loader.env.PYTHONPATH = $(PYTHONHOME):$(PYTHONHOME)/plat-x86_64-linux-gnu:$(PYTHONDISTHOME):$(PYTHONHOME)/lib-dynload
# Mounted FSes. The following "chroot" FSes mount a part of the host FS into the
# guest. Other parts of the host FS will not be available in the guest.
# Default glibc files, mounted from the Runtime directory in GRAPHENEDIR.
fs.mount.lib.type = chroot
fs.mount.lib.path = /lib
fs.mount.lib.uri = file:$(GRAPHENEDIR)/Runtime
# Host-level libraries (/lib/x86_64-linux-gnu) required by the Python executable
fs.mount.lib2.type = chroot
fs.mount.lib2.path = /lib/x86_64-linux-gnu
fs.mount.lib2.uri = file:/lib/x86_64-linux-gnu
# Host-level directory (/usr) required by the Python executable
fs.mount.usr.type = chroot
fs.mount.usr.path = /usr
fs.mount.usr.uri = file:/usr
# Mount $PYTHONHOME
fs.mount.pyhome.type = chroot
fs.mount.pyhome.path = $(PYTHONHOME)
fs.mount.pyhome.uri = file:$(PYTHONHOME)
# Mount $PYTHONDISTHOME
fs.mount.pydisthome.type = chroot
fs.mount.pydisthome.path = $(PYTHONDISTHOME)
fs.mount.pydisthome.uri = file:$(PYTHONDISTHOME)
# Mount /tmp
fs.mount.tmp.type = chroot
fs.mount.tmp.path = /tmp
fs.mount.tmp.uri = file:/tmp
# Mount /etc
fs.mount.etc.type = chroot
fs.mount.etc.path = /etc
fs.mount.etc.uri = file:/etc
# Graphene general options
# Graphene creates stacks of 256KB by default. It is not enough for SciPy/NumPy
# packages, e.g., libopenblas dependency assumes more than 512KB-sized stacks.
sys.stack.size = 2M
# SGX general options
# Set the virtual memory size of the SGX enclave. For SGX v1, the enclave
# size must be specified during signing. If Python needs more virtual memory
# than the enclave size, Graphene will not be able to allocate it.
sgx.enclave_size = 1G
# Set the maximum number of enclave threads. For SGX v1, the number of enclave
# TCSes must be specified during signing, so the application cannot use more
# threads than the number of TCSes. Note that Graphene also creates an internal
# thread for handling inter-process communication (IPC), and potentially another
# thread for asynchronous events. Therefore, the actual number of threads that
# the application can create is (sgx.thread_num - 2).
sgx.thread_num = 32
# SGX trusted libraries
# Glibc libraries
sgx.trusted_files.ld = file:$(GRAPHENEDIR)/Runtime/ld-linux-x86-64.so.2
sgx.trusted_files.libc = file:$(GRAPHENEDIR)/Runtime/libc.so.6
sgx.trusted_files.libm = file:$(GRAPHENEDIR)/Runtime/libm.so.6
sgx.trusted_files.libdl = file:$(GRAPHENEDIR)/Runtime/libdl.so.2
sgx.trusted_files.librt = file:$(GRAPHENEDIR)/Runtime/librt.so.1
sgx.trusted_files.libutil = file:$(GRAPHENEDIR)/Runtime/libutil.so.1
sgx.trusted_files.libpthread = file:$(GRAPHENEDIR)/Runtime/libpthread.so.0
# Other libraries
sgx.trusted_files.libz = file:/lib/x86_64-linux-gnu/libz.so.1
sgx.trusted_files.libbz2 = file:/lib/x86_64-linux-gnu/libbz2.so.1.0
sgx.trusted_files.liblzma = file:/lib/x86_64-linux-gnu/liblzma.so.5
sgx.trusted_files.libexpat = file:/lib/x86_64-linux-gnu/libexpat.so.1
$(PYTHON_TRUSTED_LIBS)
# SGX untrusted (allowed) files/directories
sgx.allowed_files.scripts = file:scripts
sgx.allowed_files.tmp = file:/tmp
sgx.allowed_files.etc = file:/etc
sgx.allowed_files.pyhome = file:$(PYTHONHOME)
sgx.allowed_files.pydisthome = file:$(PYTHONDISTHOME)
Reference in New Issue View Git Blame Copy Permalink