From 25f68df8aa898e02e9b55eebbef75134a683456c Mon Sep 17 00:00:00 2001 From: Julien Maffre Date: Thu, 25 May 2023 13:27:20 +0000 Subject: [PATCH 01/17] Compiles and runs --- CMakeLists.txt | 4 +-- cmake/ccf_app.cmake | 3 +- cmake/common.cmake | 3 +- cmake/open_enclave.cmake | 9 ++++++ docker/README.md | 2 +- src/enclave/verify.h | 6 +++- src/node/rpc/jwt_management.h | 53 ++++++++++++++++++----------------- 7 files changed, 49 insertions(+), 31 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index b6bcb8796873..fb831ff27615 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -685,9 +685,9 @@ elseif(COMPILE_TARGET STREQUAL "snp") ccfcrypto.snp ccf_kv.snp nghttp2.snp - ${OE_HOST_LIBRARY} ${CMAKE_THREAD_LIBS_INIT} ) + link_openenclave_host_verify(ccf.snp) set_property(TARGET ccf.snp PROPERTY POSITION_INDEPENDENT_CODE ON) @@ -736,9 +736,9 @@ elseif(COMPILE_TARGET STREQUAL "virtual") ccfcrypto.host ccf_kv.host nghttp2.host - ${OE_HOST_LIBRARY} ${CMAKE_THREAD_LIBS_INIT} ) + link_openenclave_host_verify(ccf.virtual) set_property(TARGET ccf.virtual PROPERTY POSITION_INDEPENDENT_CODE ON) diff --git a/cmake/ccf_app.cmake b/cmake/ccf_app.cmake index 94a091daf1d2..17b9622e1b4c 100644 --- a/cmake/ccf_app.cmake +++ b/cmake/ccf_app.cmake @@ -239,6 +239,7 @@ function(add_host_library name) set(files ${PARSED_ARGS_UNPARSED_ARGUMENTS}) add_library(${name} ${files}) target_compile_options(${name} PUBLIC ${COMPILE_LIBCXX}) - target_link_libraries(${name} PUBLIC ${LINK_LIBCXX} -lgcc ${OE_HOST_LIBRARY}) + target_link_libraries(${name} PUBLIC ${LINK_LIBCXX} -lgcc) + link_openenclave_host_verify(${name}) set_property(TARGET ${name} PROPERTY POSITION_INDEPENDENT_CODE ON) endfunction() diff --git a/cmake/common.cmake b/cmake/common.cmake index 7b004c29cea2..6b772fcf4aab 100644 --- a/cmake/common.cmake +++ b/cmake/common.cmake @@ -10,8 +10,9 @@ function(add_unit_test name) ) enable_coverage(${name}) target_link_libraries( - ${name} PRIVATE ${LINK_LIBCXX} ccfcrypto.host ${OE_HOST_LIBRARY} + ${name} PRIVATE ${LINK_LIBCXX} ccfcrypto.host ) + link_openenclave_host_verify(${name}) add_san(${name}) add_test(NAME ${name} COMMAND ${name}) diff --git a/cmake/open_enclave.cmake b/cmake/open_enclave.cmake index cbe431276262..20ff169e3ba3 100644 --- a/cmake/open_enclave.cmake +++ b/cmake/open_enclave.cmake @@ -35,5 +35,14 @@ if(COMPILE_TARGET STREQUAL "sgx") set(OE_HOST_LIBRARY openenclave::oehost) else() + option(SGX_ATTESTATION_VERIFICATION "Enable SGX attestation verification on non-SGX platforms" ON) + set(OE_HOST_LIBRARY openenclave::oehostverify) endif() + +function(link_openenclave_host_verify name) + if (COMPILE_TARGET STREQUAL "sgx" OR SGX_ATTESTATION_VERIFICATION) + target_link_libraries(${name} PRIVATE ${OE_HOST_LIBRARY}) + target_compile_definitions(${name} PUBLIC SGX_ATTESTATION_VERIFICATION) + endif() +endfunction() diff --git a/docker/README.md b/docker/README.md index ea10065e7192..895709036b90 100644 --- a/docker/README.md +++ b/docker/README.md @@ -9,5 +9,5 @@ To build a given image, run: ```bash $ cd CCF/ -$ docker build -t -f docker/ --build-arg="target=" . +$ docker build -t -f docker/ --build-arg="platform=" --build-arg="clang_version=<11|15>" . ``` diff --git a/src/enclave/verify.h b/src/enclave/verify.h index 41f48bf8b40f..dc695a1142d7 100644 --- a/src/enclave/verify.h +++ b/src/enclave/verify.h @@ -5,7 +5,7 @@ #if defined(INSIDE_ENCLAVE) && !defined(VIRTUAL_ENCLAVE) # include # include -#else +#elif defined(SGX_ATTESTATION_VERIFICATION) # include #endif #include "ccf/ds/ccf_exception.h" @@ -14,16 +14,20 @@ namespace ccf { void initialize_verifiers() { +#ifdef SGX_ATTESTATION_VERIFICATION auto rc = oe_verifier_initialize(); if (rc != OE_OK) { throw ccf::ccf_oe_verifier_init_error(fmt::format( "Failed to initialise evidence verifier: {}", oe_result_str(rc))); } +#endif } void shutdown_verifiers() { +#ifdef SGX_ATTESTATION_VERIFICATION oe_verifier_shutdown(); +#endif } } \ No newline at end of file diff --git a/src/node/rpc/jwt_management.h b/src/node/rpc/jwt_management.h index e08dda07aec7..b2142678f5ac 100644 --- a/src/node/rpc/jwt_management.h +++ b/src/node/rpc/jwt_management.h @@ -5,12 +5,15 @@ #include "ccf/crypto/verifier.h" #include "ccf/service/tables/jwt.h" -#include +#ifdef SGX_ATTESTATION_VERIFICATION +# include +#endif + #include #include #if defined(INSIDE_ENCLAVE) && !defined(VIRTUAL_ENCLAVE) # include -#else +#elif defined(SGX_ATTESTATION_VERIFICATION) # include #endif @@ -33,19 +36,19 @@ namespace ccf }); } - static oe_result_t oe_verify_attestation_certificate_with_evidence_cb( - oe_claim_t* claims, size_t claims_length, void* arg) - { - auto claims_map = (std::map>*)arg; - for (size_t i = 0; i < claims_length; i++) - { - std::string claim_name(claims[i].name); - std::vector claim_value( - claims[i].value, claims[i].value + claims[i].value_size); - claims_map->emplace(std::move(claim_name), std::move(claim_value)); - } - return OE_OK; - } + // static oe_result_t oe_verify_attestation_certificate_with_evidence_cb( + // oe_claim_t* claims, size_t claims_length, void* arg) + // { + // auto claims_map = (std::map>*)arg; + // for (size_t i = 0; i < claims_length; i++) + // { + // std::string claim_name(claims[i].name); + // std::vector claim_value( + // claims[i].value, claims[i].value + claims[i].value_size); + // claims_map->emplace(std::move(claim_name), std::move(claim_value)); + // } + // return OE_OK; + // } static bool set_jwt_public_signing_keys( kv::Tx& tx, @@ -110,16 +113,16 @@ namespace ccf bool has_key_policy_sgx_claims = issuer_metadata.key_policy.has_value() && issuer_metadata.key_policy.value().sgx_claims.has_value() && !issuer_metadata.key_policy.value().sgx_claims.value().empty(); - if ( - issuer_metadata.key_filter == JwtIssuerKeyFilter::SGX || - has_key_policy_sgx_claims) - { - oe_verify_attestation_certificate_with_evidence( - der.data(), - der.size(), - oe_verify_attestation_certificate_with_evidence_cb, - &claims); - } + // if ( + // issuer_metadata.key_filter == JwtIssuerKeyFilter::SGX || + // has_key_policy_sgx_claims) + // { + // oe_verify_attestation_certificate_with_evidence( + // der.data(), + // der.size(), + // oe_verify_attestation_certificate_with_evidence_cb, + // &claims); + // } if ( issuer_metadata.key_filter == JwtIssuerKeyFilter::SGX && claims.empty()) From 4ccfa5772c147002715fbb4c68b5725fae463dbd Mon Sep 17 00:00:00 2001 From: Julien Maffre Date: Thu, 25 May 2023 13:49:33 +0000 Subject: [PATCH 02/17] . --- src/node/rpc/jwt_management.h | 53 ++++++++++++++++++++--------------- 1 file changed, 30 insertions(+), 23 deletions(-) diff --git a/src/node/rpc/jwt_management.h b/src/node/rpc/jwt_management.h index b2142678f5ac..32482df7c9bc 100644 --- a/src/node/rpc/jwt_management.h +++ b/src/node/rpc/jwt_management.h @@ -36,19 +36,21 @@ namespace ccf }); } - // static oe_result_t oe_verify_attestation_certificate_with_evidence_cb( - // oe_claim_t* claims, size_t claims_length, void* arg) - // { - // auto claims_map = (std::map>*)arg; - // for (size_t i = 0; i < claims_length; i++) - // { - // std::string claim_name(claims[i].name); - // std::vector claim_value( - // claims[i].value, claims[i].value + claims[i].value_size); - // claims_map->emplace(std::move(claim_name), std::move(claim_value)); - // } - // return OE_OK; - // } +#ifdef SGX_ATTESTATION_VERIFICATION + static oe_result_t oe_verify_attestation_certificate_with_evidence_cb( + oe_claim_t* claims, size_t claims_length, void* arg) + { + auto claims_map = (std::map>*)arg; + for (size_t i = 0; i < claims_length; i++) + { + std::string claim_name(claims[i].name); + std::vector claim_value( + claims[i].value, claims[i].value + claims[i].value_size); + claims_map->emplace(std::move(claim_name), std::move(claim_value)); + } + return OE_OK; + } +#endif static bool set_jwt_public_signing_keys( kv::Tx& tx, @@ -113,16 +115,21 @@ namespace ccf bool has_key_policy_sgx_claims = issuer_metadata.key_policy.has_value() && issuer_metadata.key_policy.value().sgx_claims.has_value() && !issuer_metadata.key_policy.value().sgx_claims.value().empty(); - // if ( - // issuer_metadata.key_filter == JwtIssuerKeyFilter::SGX || - // has_key_policy_sgx_claims) - // { - // oe_verify_attestation_certificate_with_evidence( - // der.data(), - // der.size(), - // oe_verify_attestation_certificate_with_evidence_cb, - // &claims); - // } + if ( + issuer_metadata.key_filter == JwtIssuerKeyFilter::SGX || + has_key_policy_sgx_claims) + { +#ifdef SGX_ATTESTATION_VERIFICATION + oe_verify_attestation_certificate_with_evidence( + der.data(), + der.size(), + oe_verify_attestation_certificate_with_evidence_cb, + &claims); +#else + LOG_FAIL_FMT("{}: SGX claims not supported", log_prefix); + return false; +#endif + } if ( issuer_metadata.key_filter == JwtIssuerKeyFilter::SGX && claims.empty()) From 6fc1ceff73e64303dce4e4557748eaa95d37a493 Mon Sep 17 00:00:00 2001 From: Julien Maffre Date: Thu, 25 May 2023 14:28:12 +0000 Subject: [PATCH 03/17] Better flag --- cmake/open_enclave.cmake | 65 ++++++++++++++++++++++------------------ 1 file changed, 36 insertions(+), 29 deletions(-) diff --git a/cmake/open_enclave.cmake b/cmake/open_enclave.cmake index 20ff169e3ba3..a5fa52efdbb3 100644 --- a/cmake/open_enclave.cmake +++ b/cmake/open_enclave.cmake @@ -1,47 +1,54 @@ # Copyright (c) Microsoft Corporation. All rights reserved. # Licensed under the Apache 2.0 License. -if(NOT COMPILE_TARGET STREQUAL "sgx") - set(COMPONENT "OEHOSTVERIFY") -endif() +# We allow for Open Enclave (and Open Enclave HostVerify) to not be installed +# if this specific flag is set. +option(REQUIRE_OPENENCLAVE "Requires Open Enclave or HostVerify variant" ON) + +if(REQUIRE_OPENENCLAVE) + if(NOT COMPILE_TARGET STREQUAL "sgx") + set(COMPONENT "OEHOSTVERIFY") + endif() -# Find OpenEnclave package -find_package(OpenEnclave 0.19.0 CONFIG REQUIRED) -# As well as pulling in openenclave:: targets, this sets variables which can be -# used for our edge cases (eg - for virtual libraries). These do not follow the -# standard naming patterns, for example use OE_INCLUDEDIR rather than -# OpenEnclave_INCLUDE_DIRS + # Find OpenEnclave package + find_package(OpenEnclave 0.19.0 CONFIG REQUIRED) -if(COMPILE_TARGET STREQUAL "sgx") - set(OE_TARGET_LIBC openenclave::oelibc) - set(OE_TARGET_ENCLAVE_AND_STD + # As well as pulling in openenclave:: targets, this sets variables which can be + # used for our edge cases (eg - for virtual libraries). These do not follow the + # standard naming patterns, for example use OE_INCLUDEDIR rather than + # OpenEnclave_INCLUDE_DIRS + if(COMPILE_TARGET STREQUAL "sgx") + set(OE_TARGET_LIBC openenclave::oelibc) + set(OE_TARGET_ENCLAVE_AND_STD openenclave::oeenclave openenclave::oelibcxx openenclave::oelibc openenclave::oecryptoopenssl - ) - # These oe libraries must be linked in specific order - set(OE_TARGET_ENCLAVE_CORE_LIBS + ) + + # These oe libraries must be linked in specific order + set(OE_TARGET_ENCLAVE_CORE_LIBS openenclave::oeenclave openenclave::oesnmalloc openenclave::oecore openenclave::oesyscall - ) - - option(LVI_MITIGATIONS "Enable LVI mitigations" ON) + ) - function(add_lvi_mitigations name) - if(LVI_MITIGATIONS) - # Enable clang-11 built-in LVI mitigation - target_compile_options(${name} PRIVATE -mlvi-cfi) - endif() - endfunction() + option(LVI_MITIGATIONS "Enable LVI mitigations" ON) - set(OE_HOST_LIBRARY openenclave::oehost) -else() - option(SGX_ATTESTATION_VERIFICATION "Enable SGX attestation verification on non-SGX platforms" ON) + function(add_lvi_mitigations name) + if(LVI_MITIGATIONS) + # Enable clang-11 built-in LVI mitigation + target_compile_options(${name} PRIVATE -mlvi-cfi) + endif() + endfunction() - set(OE_HOST_LIBRARY openenclave::oehostverify) + set(OE_HOST_LIBRARY openenclave::oehost) + else() + set(OE_HOST_LIBRARY openenclave::oehostverify) + endif() +elseif(COMPILE_TARGET STREQUAL "sgx") + message(FATAL_ERROR "Open Enclave is required for SGX target") endif() function(link_openenclave_host_verify name) - if (COMPILE_TARGET STREQUAL "sgx" OR SGX_ATTESTATION_VERIFICATION) + if(REQUIRE_OPENENCLAVE) target_link_libraries(${name} PRIVATE ${OE_HOST_LIBRARY}) target_compile_definitions(${name} PUBLIC SGX_ATTESTATION_VERIFICATION) endif() From c73a4759ba6357911dde0af2b222ec642371db5e Mon Sep 17 00:00:00 2001 From: Julien Maffre Date: Thu, 25 May 2023 14:39:37 +0000 Subject: [PATCH 04/17] . --- docker/ccf_ci | 2 +- getting_started/setup_vm/ccf-dev.yml | 14 +++++++------- .../setup_vm/roles/ccf_build/vars/clang15.yml | 4 ++-- 3 files changed, 10 insertions(+), 10 deletions(-) diff --git a/docker/ccf_ci b/docker/ccf_ci index 21becc94866e..556a76b04293 100644 --- a/docker/ccf_ci +++ b/docker/ccf_ci @@ -14,7 +14,7 @@ RUN ./sgx_deps_pin.sh && rm ./sgx_deps_pin.sh FROM ubuntu:20.04 AS base-snp # Virtual -FROM ubuntu:20.04 AS base-virtual +FROM ubuntu:22.04 AS base-virtual # Final CCF CI image FROM base-${platform} AS final diff --git a/getting_started/setup_vm/ccf-dev.yml b/getting_started/setup_vm/ccf-dev.yml index 686bdb489850..d61200d004e4 100644 --- a/getting_started/setup_vm/ccf-dev.yml +++ b/getting_started/setup_vm/ccf-dev.yml @@ -15,17 +15,17 @@ name: intel tasks_from: sgx-group.yml when: platform == "sgx" - - import_role: - name: az_dcap - tasks_from: install.yml + # - import_role: + # name: az_dcap + # tasks_from: install.yml - import_role: name: openenclave tasks_from: binary_install.yml when: platform == "sgx" - - import_role: - name: openenclave - tasks_from: install_host_verify.yml - when: platform != "sgx" + # - import_role: + # name: openenclave + # tasks_from: install_host_verify.yml + # when: platform != "sgx" - import_role: name: nodejs tasks_from: install.yml diff --git a/getting_started/setup_vm/roles/ccf_build/vars/clang15.yml b/getting_started/setup_vm/roles/ccf_build/vars/clang15.yml index de43678752d4..9ad4df8ce44a 100644 --- a/getting_started/setup_vm/roles/ccf_build/vars/clang15.yml +++ b/getting_started/setup_vm/roles/ccf_build/vars/clang15.yml @@ -7,8 +7,8 @@ debs: - libuv1-dev - libc++-{{ clang_ver }}-dev - libc++abi-{{ clang_ver }}-dev - - python3.8-dev - - python3.8-venv + - python3.10-dev + - python3.10-venv - llvm-{{ clang_ver }} - clang-{{ clang_ver }} - clang-format-11 # On purpose, to avoid formatting conflicts From 5eeeb73f452b910e698b6f1da14c32eedcf02315 Mon Sep 17 00:00:00 2001 From: Julien Maffre Date: Thu, 25 May 2023 15:03:47 +0000 Subject: [PATCH 05/17] Fixes for Ubuntu 22.04 build --- src/crypto/openssl/rsa_key_pair.cpp | 2 +- src/crypto/openssl/rsa_public_key.cpp | 2 +- src/kv/kv_types.h | 2 +- src/node/historical_queries_utils.cpp | 1 + 4 files changed, 4 insertions(+), 3 deletions(-) diff --git a/src/crypto/openssl/rsa_key_pair.cpp b/src/crypto/openssl/rsa_key_pair.cpp index 947b009cf9ab..903115d53788 100644 --- a/src/crypto/openssl/rsa_key_pair.cpp +++ b/src/crypto/openssl/rsa_key_pair.cpp @@ -177,7 +177,7 @@ namespace crypto { JsonWebKeyRSAPrivate jwk = {RSAPublicKey_OpenSSL::public_key_jwk_rsa(kid)}; - RSA* rsa = EVP_PKEY_get0_RSA(key); + const RSA* rsa = EVP_PKEY_get0_RSA(key); if (!rsa) { throw std::logic_error("invalid RSA key"); diff --git a/src/crypto/openssl/rsa_public_key.cpp b/src/crypto/openssl/rsa_public_key.cpp index 9f62d0f84c40..926986bdab41 100644 --- a/src/crypto/openssl/rsa_public_key.cpp +++ b/src/crypto/openssl/rsa_public_key.cpp @@ -168,7 +168,7 @@ namespace crypto RSAPublicKey::Components RSAPublicKey_OpenSSL::components() const { - RSA* rsa = EVP_PKEY_get0_RSA(key); + const RSA* rsa = EVP_PKEY_get0_RSA(key); if (!rsa) { throw std::logic_error("invalid RSA key"); diff --git a/src/kv/kv_types.h b/src/kv/kv_types.h index e6b8f912a291..a36d203b6eb0 100644 --- a/src/kv/kv_types.h +++ b/src/kv/kv_types.h @@ -3,6 +3,7 @@ #pragma once #include "ccf/claims_digest.h" +#include "ccf/crypto/hash_bytes.h" #include "ccf/crypto/pem.h" #include "ccf/ds/nonstd.h" #include "ccf/entity_id.h" @@ -12,7 +13,6 @@ #include "ccf/tx_id.h" #include "enclave/consensus_type.h" #include "enclave/reconfiguration_type.h" -#include "node/identity.h" #include "serialiser_declare.h" #include diff --git a/src/node/historical_queries_utils.cpp b/src/node/historical_queries_utils.cpp index 454db32f3d9b..c8aff9be5858 100644 --- a/src/node/historical_queries_utils.cpp +++ b/src/node/historical_queries_utils.cpp @@ -6,6 +6,7 @@ #include "ccf/rpc_context.h" #include "ccf/service/tables/service.h" #include "kv/kv_types.h" +#include "node/identity.h" #include "node/tx_receipt_impl.h" namespace ccf From 45a534773b6f9284f39d57d7f7f19b920a80ee8e Mon Sep 17 00:00:00 2001 From: Julien Maffre Date: Thu, 25 May 2023 15:05:39 +0000 Subject: [PATCH 06/17] Cleanup --- CMakeLists.txt | 567 +++++++++--------- cmake/ccf_app.cmake | 41 +- cmake/common.cmake | 61 +- cmake/crypto.cmake | 48 +- cmake/open_enclave.cmake | 2 +- docker/ccf_ci | 2 +- getting_started/setup_vm/ccf-dev.yml | 14 +- .../setup_vm/roles/ccf_build/vars/clang15.yml | 4 +- 8 files changed, 384 insertions(+), 355 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index fb831ff27615..f50de844a246 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -5,9 +5,9 @@ cmake_minimum_required(VERSION 3.16) set(ALLOWED_TARGETS "sgx;snp;virtual") set(COMPILE_TARGET - "sgx" - CACHE STRING - "Target compilation platforms, Choose from: ${ALLOWED_TARGETS}" + "sgx" + CACHE STRING + "Target compilation platforms, Choose from: ${ALLOWED_TARGETS}" ) set(CCF_DIR ${CMAKE_CURRENT_SOURCE_DIR}) @@ -31,8 +31,8 @@ message(STATUS "CCF version suffix = ${CCF_VERSION_SUFFIX}") # if(CMAKE_INSTALL_PREFIX_INITIALIZED_TO_DEFAULT) set(CMAKE_INSTALL_PREFIX - "/opt/${CCF_PROJECT}" - CACHE PATH "Default install prefix" FORCE + "/opt/${CCF_PROJECT}" + CACHE PATH "Default install prefix" FORCE ) endif() @@ -41,7 +41,7 @@ include(${CCF_DIR}/cmake/cpack_settings.cmake) message(STATUS "CMAKE_INSTALL_PREFIX is '${CMAKE_INSTALL_PREFIX}'") install(FILES ${CMAKE_CURRENT_SOURCE_DIR}/cmake/preproject.cmake - DESTINATION cmake + DESTINATION cmake ) include(GNUInstallDirs) @@ -62,10 +62,10 @@ option(PROFILE_TESTS "Profile tests" OFF) set(PYTHON unbuffer python3) set(DISTRIBUTE_PERF_TESTS - "" - CACHE - STRING - "Hosts to which performance tests should be distributed, for example -n ssh://x.x.x.x -n ssh://x.x.x.x -n ssh://x.x.x.x" + "" + CACHE + STRING + "Hosts to which performance tests should be distributed, for example -n ssh://x.x.x.x -n ssh://x.x.x.x -n ssh://x.x.x.x" ) if(DISTRIBUTE_PERF_TESTS) @@ -76,14 +76,16 @@ endif() option(VERBOSE_LOGGING "Enable verbose, unsafe logging of enclave code" OFF) set(TEST_HOST_LOGGING_LEVEL "info") + if(VERBOSE_LOGGING) set(TEST_HOST_LOGGING_LEVEL "trace") add_compile_definitions(VERBOSE_LOGGING) endif() option(USE_NULL_ENCRYPTOR "Turn off encryption of ledger updates - debug only" - OFF + OFF ) + if(USE_NULL_ENCRYPTOR) add_compile_definitions(USE_NULL_ENCRYPTOR) endif() @@ -95,6 +97,7 @@ option(COVERAGE "Enable coverage mapping" OFF) option(SHUFFLE_SUITE "Shuffle end to end test suite" OFF) option(LONG_TESTS "Enable long end-to-end tests" OFF) option(KV_STATE_RB "Enable RBMap as underlying KV state implementation" OFF) + if(KV_STATE_RB) add_compile_definitions(KV_STATE_RB) endif() @@ -122,28 +125,28 @@ install(FILES ${CMAKE_CURRENT_SOURCE_DIR}/cmake/tools.cmake DESTINATION cmake) include(${CMAKE_CURRENT_SOURCE_DIR}/cmake/ccf_app.cmake) install(FILES ${CMAKE_CURRENT_SOURCE_DIR}/cmake/ccf_app.cmake DESTINATION cmake) install(FILES ${CMAKE_CURRENT_SOURCE_DIR}/cmake/open_enclave.cmake - DESTINATION cmake + DESTINATION cmake ) if(SAN AND LVI_MITIGATIONS) message( FATAL_ERROR - "Building with both SAN and LVI mitigations is unsafe and deadlocks - choose one" + "Building with both SAN and LVI mitigations is unsafe and deadlocks - choose one" ) endif() if(TSAN AND LVI_MITIGATIONS) message( FATAL_ERROR - "Building with both TSAN and LVI mitigations is unsafe and deadlocks - choose one" + "Building with both TSAN and LVI mitigations is unsafe and deadlocks - choose one" ) endif() add_custom_command( COMMAND - openenclave::oeedger8r ${CCF_DIR}/edl/ccf.edl --search-path ${OE_INCLUDEDIR} - --trusted --trusted-dir ${CCF_GENERATED_DIR} --untrusted --untrusted-dir - ${CCF_GENERATED_DIR} + openenclave::oeedger8r ${CCF_DIR}/edl/ccf.edl --search-path ${OE_INCLUDEDIR} + --trusted --trusted-dir ${CCF_GENERATED_DIR} --untrusted --untrusted-dir + ${CCF_GENERATED_DIR} COMMAND mv ${CCF_GENERATED_DIR}/ccf_t.c ${CCF_GENERATED_DIR}/ccf_t.cpp COMMAND mv ${CCF_GENERATED_DIR}/ccf_u.c ${CCF_GENERATED_DIR}/ccf_u.cpp DEPENDS ${CCF_DIR}/edl/ccf.edl @@ -153,8 +156,9 @@ add_custom_command( # Copy and install CCF utilities set(CCF_UTILITIES keygenerator.sh scurl.sh submit_recovery_share.sh - verify_quote.sh + verify_quote.sh ) + foreach(UTILITY ${CCF_UTILITIES}) configure_file( ${CCF_DIR}/python/utils/${UTILITY} ${CMAKE_CURRENT_BINARY_DIR} COPYONLY @@ -164,14 +168,15 @@ endforeach() # Copy utilities from tests directory set(CCF_TEST_UTILITIES - tests.sh - cimetrics_env.sh - upload_pico_metrics.py - test_install.sh - docker_wrap.sh - config.jinja - recovery_benchmark.sh + tests.sh + cimetrics_env.sh + upload_pico_metrics.py + test_install.sh + docker_wrap.sh + config.jinja + recovery_benchmark.sh ) + foreach(UTILITY ${CCF_TEST_UTILITIES}) configure_file( ${CCF_DIR}/tests/${UTILITY} ${CMAKE_CURRENT_BINARY_DIR} COPYONLY @@ -209,28 +214,28 @@ else() endif() set(HTTP_PARSER_SOURCES - ${CCF_3RD_PARTY_EXPORTED_DIR}/llhttp/api.c - ${CCF_3RD_PARTY_EXPORTED_DIR}/llhttp/http.c - ${CCF_3RD_PARTY_EXPORTED_DIR}/llhttp/llhttp.c + ${CCF_3RD_PARTY_EXPORTED_DIR}/llhttp/api.c + ${CCF_3RD_PARTY_EXPORTED_DIR}/llhttp/http.c + ${CCF_3RD_PARTY_EXPORTED_DIR}/llhttp/llhttp.c ) set(CCF_ENDPOINTS_SOURCES - ${CCF_DIR}/src/endpoints/endpoint.cpp - ${CCF_DIR}/src/endpoints/endpoint_registry.cpp - ${CCF_DIR}/src/endpoints/base_endpoint_registry.cpp - ${CCF_DIR}/src/endpoints/common_endpoint_registry.cpp - ${CCF_DIR}/src/endpoints/json_handler.cpp - ${CCF_DIR}/src/endpoints/authentication/cose_auth.cpp - ${CCF_DIR}/src/endpoints/authentication/cert_auth.cpp - ${CCF_DIR}/src/endpoints/authentication/empty_auth.cpp - ${CCF_DIR}/src/endpoints/authentication/jwt_auth.cpp - ${CCF_DIR}/src/enclave/enclave_time.cpp - ${CCF_DIR}/src/indexing/strategies/seqnos_by_key_bucketed.cpp - ${CCF_DIR}/src/indexing/strategies/seqnos_by_key_in_memory.cpp - ${CCF_DIR}/src/indexing/strategies/visit_each_entry_in_map.cpp - ${CCF_DIR}/src/node/historical_queries_adapter.cpp - ${CCF_DIR}/src/node/historical_queries_utils.cpp - ${CCF_DIR}/src/node/receipt.cpp + ${CCF_DIR}/src/endpoints/endpoint.cpp + ${CCF_DIR}/src/endpoints/endpoint_registry.cpp + ${CCF_DIR}/src/endpoints/base_endpoint_registry.cpp + ${CCF_DIR}/src/endpoints/common_endpoint_registry.cpp + ${CCF_DIR}/src/endpoints/json_handler.cpp + ${CCF_DIR}/src/endpoints/authentication/cose_auth.cpp + ${CCF_DIR}/src/endpoints/authentication/cert_auth.cpp + ${CCF_DIR}/src/endpoints/authentication/empty_auth.cpp + ${CCF_DIR}/src/endpoints/authentication/jwt_auth.cpp + ${CCF_DIR}/src/enclave/enclave_time.cpp + ${CCF_DIR}/src/indexing/strategies/seqnos_by_key_bucketed.cpp + ${CCF_DIR}/src/indexing/strategies/seqnos_by_key_in_memory.cpp + ${CCF_DIR}/src/indexing/strategies/visit_each_entry_in_map.cpp + ${CCF_DIR}/src/node/historical_queries_adapter.cpp + ${CCF_DIR}/src/node/historical_queries_utils.cpp + ${CCF_DIR}/src/node/receipt.cpp ) find_library(CRYPTO_LIBRARY crypto) @@ -248,8 +253,8 @@ unset(MESSAGE_QUIET) # Host Executable if(SAN - OR TSAN - OR NOT USE_SNMALLOC + OR TSAN + OR NOT USE_SNMALLOC ) set(SNMALLOC_COMPILE_OPTIONS "") else() @@ -288,8 +293,9 @@ endif() target_link_libraries( cchost PRIVATE uv ${TLS_LIBRARY} ${CMAKE_DL_LIBS} ${CMAKE_THREAD_LIBS_INIT} - ${LINK_LIBCXX} ccfcrypto.host + ${LINK_LIBCXX} ccfcrypto.host ) + if(COMPILE_TARGET STREQUAL "sgx") target_link_libraries(cchost PRIVATE openenclave::oehost) endif() @@ -302,11 +308,13 @@ add_executable( ) target_link_libraries( scenario_perf_client PRIVATE ${CMAKE_THREAD_LIBS_INIT} http_parser.host - ccfcrypto.host + ccfcrypto.host ) + if(NOT CMAKE_CXX_COMPILER_VERSION VERSION_GREATER 9) target_link_libraries(scenario_perf_client PRIVATE c++fs) endif() + install(TARGETS scenario_perf_client DESTINATION bin) # HTTP parser @@ -329,6 +337,7 @@ endif() add_library(http_parser.host "${HTTP_PARSER_SOURCES}") set_property(TARGET http_parser.host PROPERTY POSITION_INDEPENDENT_CODE ON) + if(INSTALL_VIRTUAL_LIBRARIES) install( TARGETS http_parser.host @@ -339,8 +348,8 @@ endif() # CCF kv libs set(CCF_KV_SOURCES - ${CCF_DIR}/src/kv/tx.cpp ${CCF_DIR}/src/kv/untyped_map_handle.cpp - ${CCF_DIR}/src/kv/untyped_map_diff.cpp + ${CCF_DIR}/src/kv/tx.cpp ${CCF_DIR}/src/kv/untyped_map_handle.cpp + ${CCF_DIR}/src/kv/untyped_map_diff.cpp ) if(COMPILE_TARGET STREQUAL "sgx") @@ -365,6 +374,7 @@ endif() add_host_library(ccf_kv.host "${CCF_KV_SOURCES}") add_san(ccf_kv.host) add_warning_checks(ccf_kv.host) + if(INSTALL_VIRTUAL_LIBRARIES) install( TARGETS ccf_kv.host @@ -379,7 +389,7 @@ if(COMPILE_TARGET STREQUAL "sgx") target_link_libraries( ccf_endpoints.enclave PUBLIC qcbor.enclave t_cose.enclave http_parser.enclave ccfcrypto.enclave - ccf_kv.enclave + ccf_kv.enclave ) add_warning_checks(ccf_endpoints.enclave) install( @@ -391,7 +401,7 @@ elseif(COMPILE_TARGET STREQUAL "snp") add_host_library(ccf_endpoints.snp "${CCF_ENDPOINTS_SOURCES}") target_link_libraries( ccf_endpoints.snp PUBLIC qcbor.snp t_cose.snp http_parser.snp ccfcrypto.snp - ccf_kv.snp + ccf_kv.snp ) add_san(ccf_endpoints.snp) add_warning_checks(ccf_endpoints.snp) @@ -405,7 +415,7 @@ endif() add_host_library(ccf_endpoints.host "${CCF_ENDPOINTS_SOURCES}") target_link_libraries( ccf_endpoints.host PUBLIC qcbor.host t_cose.host http_parser.host - ccfcrypto.host ccf_kv.host + ccfcrypto.host ccf_kv.host ) add_san(ccf_endpoints.host) add_warning_checks(ccf_endpoints.host) @@ -420,22 +430,22 @@ endif() # Common test args for Python scripts starting up CCF networks set(WORKER_THREADS - 0 - CACHE STRING "Number of worker threads to start on each CCF node" + 0 + CACHE STRING "Number of worker threads to start on each CCF node" ) set(CCF_NETWORK_TEST_DEFAULT_CONSTITUTION - --constitution - ${CCF_DIR}/samples/constitutions/default/actions.js - --constitution - ${CCF_DIR}/samples/constitutions/default/validate.js - --constitution - ${CCF_DIR}/samples/constitutions/default/resolve.js - --constitution - ${CCF_DIR}/samples/constitutions/default/apply.js + --constitution + ${CCF_DIR}/samples/constitutions/default/actions.js + --constitution + ${CCF_DIR}/samples/constitutions/default/validate.js + --constitution + ${CCF_DIR}/samples/constitutions/default/resolve.js + --constitution + ${CCF_DIR}/samples/constitutions/default/apply.js ) set(CCF_NETWORK_TEST_ARGS --host-log-level ${TEST_HOST_LOGGING_LEVEL} - --worker-threads ${WORKER_THREADS} + --worker-threads ${WORKER_THREADS} ) if(COMPILE_TARGET STREQUAL "sgx") @@ -454,7 +464,7 @@ elseif(COMPILE_TARGET STREQUAL "snp") target_compile_options(js_openenclave.snp PRIVATE ${COMPILE_LIBCXX}) target_compile_definitions( js_openenclave.snp PUBLIC INSIDE_ENCLAVE VIRTUAL_ENCLAVE - _LIBCPP_HAS_THREAD_API_PTHREAD PLATFORM_SNP + _LIBCPP_HAS_THREAD_API_PTHREAD PLATFORM_SNP ) set_property(TARGET js_openenclave.snp PROPERTY POSITION_INDEPENDENT_CODE ON) install( @@ -470,7 +480,7 @@ elseif(COMPILE_TARGET STREQUAL "virtual") target_compile_definitions( js_openenclave.virtual PUBLIC INSIDE_ENCLAVE VIRTUAL_ENCLAVE _LIBCPP_HAS_THREAD_API_PTHREAD - PLATFORM_VIRTUAL + PLATFORM_VIRTUAL ) set_property( TARGET js_openenclave.virtual PROPERTY POSITION_INDEPENDENT_CODE ON @@ -504,7 +514,7 @@ elseif(COMPILE_TARGET STREQUAL "snp") target_compile_options(js_generic_base.snp PRIVATE ${COMPILE_LIBCXX}) target_compile_definitions( js_generic_base.snp PUBLIC INSIDE_ENCLAVE VIRTUAL_ENCLAVE - _LIBCPP_HAS_THREAD_API_PTHREAD PLATFORM_SNP + _LIBCPP_HAS_THREAD_API_PTHREAD PLATFORM_SNP ) set_property(TARGET js_generic_base.snp PROPERTY POSITION_INDEPENDENT_CODE ON) install( @@ -524,7 +534,7 @@ elseif(COMPILE_TARGET STREQUAL "virtual") target_compile_definitions( js_openenclave.virtual PUBLIC INSIDE_ENCLAVE VIRTUAL_ENCLAVE _LIBCPP_HAS_THREAD_API_PTHREAD - PLATFORM_VIRTUAL + PLATFORM_VIRTUAL ) set_property( TARGET js_generic_base.virtual PROPERTY POSITION_INDEPENDENT_CODE ON @@ -535,6 +545,7 @@ elseif(COMPILE_TARGET STREQUAL "virtual") DESTINATION lib ) endif() + # SNIPPET_START: JS generic application add_ccf_app( js_generic @@ -547,12 +558,12 @@ sign_app_library( js_generic.enclave ${CCF_DIR}/src/apps/js_generic/oe_sign.conf ${CMAKE_CURRENT_BINARY_DIR}/signing_key.pem INSTALL_LIBS ON ) -# SNIPPET_END: JS generic application +# SNIPPET_END: JS generic application include(${CCF_DIR}/cmake/quictls.cmake) install(DIRECTORY ${CCF_DIR}/samples/apps/logging/js - DESTINATION samples/logging + DESTINATION samples/logging ) include(${CMAKE_CURRENT_SOURCE_DIR}/cmake/common.cmake) @@ -561,7 +572,7 @@ file(WRITE ${CMAKE_BINARY_DIR}/PLATFORM "${COMPILE_TARGET}") install(FILES ${CMAKE_BINARY_DIR}/PLATFORM DESTINATION share) set(CMAKE_GENERATED_COMMENT - "This file was auto-generated by CMake from a corresponding *.in file. DO NOT EDIT" + "This file was auto-generated by CMake from a corresponding *.in file. DO NOT EDIT" ) configure_file( ${CCF_DIR}/src/common/version.h.in ${CCF_DIR}/include/ccf/version.h @ONLY @@ -572,7 +583,7 @@ configure_file( install(FILES ${CCF_DIR}/include/ccf/version.h DESTINATION include/ccf) file(READ ${CCF_DIR}/doc/host_config_schema/cchost_config.json - HOST_CONFIG_SCHEMA + HOST_CONFIG_SCHEMA ) configure_file( ${CCF_DIR}/src/host/config_schema.h.in ${CCF_DIR}/src/host/config_schema.h @@ -594,6 +605,7 @@ option( add_compile_definitions(CCF_LOGGER_NO_DEPRECATE) option(CCF_RAFT_TRACING "Enable tracing of Raft consensus" OFF) + if(CCF_RAFT_TRACING) add_compile_definitions(CCF_RAFT_TRACING) endif() @@ -602,9 +614,9 @@ endif() add_custom_target(ccf ALL) set(CCF_IMPL_SOURCE - ${CCF_DIR}/src/enclave/main.cpp ${CCF_DIR}/src/enclave/enclave_time.cpp - ${CCF_DIR}/src/enclave/thread_local.cpp ${CCF_DIR}/src/js/wrap.cpp - ${CCF_DIR}/src/node/quote.cpp + ${CCF_DIR}/src/enclave/main.cpp ${CCF_DIR}/src/enclave/enclave_time.cpp + ${CCF_DIR}/src/enclave/thread_local.cpp ${CCF_DIR}/src/js/wrap.cpp + ${CCF_DIR}/src/node/quote.cpp ) if(COMPILE_TARGET STREQUAL "sgx") @@ -620,23 +632,24 @@ if(COMPILE_TARGET STREQUAL "sgx") target_include_directories( ccf.enclave SYSTEM PUBLIC - $ - $ #< This contains the private headers - #< which are currently under src, and - #< should be removed or renamed - $ - $ + $ + $ # < This contains the private headers + + # < which are currently under src, and + # < should be removed or renamed + $ + $ ) target_link_libraries( ccf.enclave PUBLIC quickjs.enclave - http_parser.enclave - sss.enclave - ccf_endpoints.enclave - ccfcrypto.enclave - ccf_kv.enclave - nghttp2.enclave + http_parser.enclave + sss.enclave + ccf_endpoints.enclave + ccfcrypto.enclave + ccf_kv.enclave + nghttp2.enclave ) add_lvi_mitigations(ccf.enclave) @@ -649,15 +662,14 @@ if(COMPILE_TARGET STREQUAL "sgx") add_dependencies(ccf ccf.enclave) - # Same as virtual for the time being but will diverge soon +# Same as virtual for the time being but will diverge soon elseif(COMPILE_TARGET STREQUAL "snp") - # SNP version add_library(ccf.snp STATIC ${CCF_IMPL_SOURCE}) target_compile_definitions( ccf.snp PUBLIC INSIDE_ENCLAVE VIRTUAL_ENCLAVE - _LIBCPP_HAS_THREAD_API_PTHREAD PLATFORM_SNP + _LIBCPP_HAS_THREAD_API_PTHREAD PLATFORM_SNP ) target_compile_options(ccf.snp PUBLIC ${COMPILE_LIBCXX}) @@ -666,28 +678,29 @@ elseif(COMPILE_TARGET STREQUAL "snp") target_include_directories( ccf.snp SYSTEM PUBLIC - $ - $ #< This contains the private headers - #< which are currently under src, and - #< should be removed or renamed - $ - $ + $ + $ # < This contains the private headers + + # < which are currently under src, and + # < should be removed or renamed + $ + $ ) target_link_libraries( ccf.snp PUBLIC ${LINK_LIBCXX} - -lgcc - http_parser.snp - quickjs.snp - sss.snp - ccf_endpoints.snp - ccfcrypto.snp - ccf_kv.snp - nghttp2.snp - ${CMAKE_THREAD_LIBS_INIT} + -lgcc + http_parser.snp + quickjs.snp + sss.snp + ccf_endpoints.snp + ccfcrypto.snp + ccf_kv.snp + nghttp2.snp + ${CMAKE_THREAD_LIBS_INIT} ) - link_openenclave_host_verify(ccf.snp) + link_openenclave_host(ccf.snp) set_property(TARGET ccf.snp PROPERTY POSITION_INDEPENDENT_CODE ON) @@ -702,13 +715,12 @@ elseif(COMPILE_TARGET STREQUAL "snp") add_dependencies(ccf ccf.snp) elseif(COMPILE_TARGET STREQUAL "virtual") - # virtual version add_library(ccf.virtual STATIC ${CCF_IMPL_SOURCE}) target_compile_definitions( ccf.virtual PUBLIC INSIDE_ENCLAVE VIRTUAL_ENCLAVE - _LIBCPP_HAS_THREAD_API_PTHREAD PLATFORM_VIRTUAL + _LIBCPP_HAS_THREAD_API_PTHREAD PLATFORM_VIRTUAL ) target_compile_options(ccf.virtual PUBLIC ${COMPILE_LIBCXX}) @@ -717,28 +729,29 @@ elseif(COMPILE_TARGET STREQUAL "virtual") target_include_directories( ccf.virtual SYSTEM PUBLIC - $ - $ #< This contains the private headers - #< which are currently under src, and - #< should be removed or renamed - $ - $ + $ + $ # < This contains the private headers + + # < which are currently under src, and + # < should be removed or renamed + $ + $ ) target_link_libraries( ccf.virtual PUBLIC ${LINK_LIBCXX} - -lgcc - http_parser.host - quickjs.host - sss.host - ccf_endpoints.host - ccfcrypto.host - ccf_kv.host - nghttp2.host - ${CMAKE_THREAD_LIBS_INIT} + -lgcc + http_parser.host + quickjs.host + sss.host + ccf_endpoints.host + ccfcrypto.host + ccf_kv.host + nghttp2.host + ${CMAKE_THREAD_LIBS_INIT} ) - link_openenclave_host_verify(ccf.virtual) + link_openenclave_host(ccf.virtual) set_property(TARGET ccf.virtual PROPERTY POSITION_INDEPENDENT_CODE ON) @@ -808,7 +821,7 @@ install(FILES tests/requirements.txt DESTINATION bin) add_custom_command( OUTPUT ${CMAKE_CURRENT_BINARY_DIR}/signing_key.pem COMMAND openssl genrsa -out ${CMAKE_CURRENT_BINARY_DIR}/signing_key.pem -3 - 3072 + 3072 ) add_custom_target( signing_key ALL DEPENDS ${CMAKE_CURRENT_BINARY_DIR}/signing_key.pem @@ -930,7 +943,7 @@ if(BUILD_TESTS) add_unit_test(js_test ${CMAKE_CURRENT_SOURCE_DIR}/src/js/test/js.cpp) target_link_libraries( js_test PRIVATE quickjs.host ccf_kv.host ccf_endpoints.host - ccfcrypto.host http_parser.host + ccfcrypto.host http_parser.host ) add_unit_test( @@ -1010,12 +1023,12 @@ if(BUILD_TESTS) target_link_libraries( frontend_test PRIVATE ${CMAKE_THREAD_LIBS_INIT} - http_parser.host - sss.host - ccf_endpoints.host - ccfcrypto.host - ccf_kv.host - quickjs.host + http_parser.host + sss.host + ccf_endpoints.host + ccfcrypto.host + ccf_kv.host + quickjs.host ) add_unit_test( @@ -1037,12 +1050,12 @@ if(BUILD_TESTS) target_link_libraries( node_frontend_test PRIVATE ${CMAKE_THREAD_LIBS_INIT} - http_parser.host - sss.host - ccf_endpoints.host - ccfcrypto.host - ccf_kv.host - quickjs.host + http_parser.host + sss.host + ccf_endpoints.host + ccfcrypto.host + ccf_kv.host + quickjs.host ) add_unit_test( @@ -1059,7 +1072,7 @@ if(BUILD_TESTS) # Raft driver and scenario test add_executable( raft_driver ${CMAKE_CURRENT_SOURCE_DIR}/src/consensus/aft/test/driver.cpp - src/enclave/thread_local.cpp + src/enclave/thread_local.cpp ) target_link_libraries(raft_driver PRIVATE ccfcrypto.host) target_include_directories(raft_driver PRIVATE src/aft) @@ -1067,12 +1080,12 @@ if(BUILD_TESTS) add_test( NAME raft_scenario_test COMMAND ${PYTHON} ${CMAKE_SOURCE_DIR}/tests/raft_scenarios_runner.py - ./raft_driver ${CMAKE_SOURCE_DIR}/tests/raft_scenarios/ + ./raft_driver ${CMAKE_SOURCE_DIR}/tests/raft_scenarios/ ) set_property(TEST raft_scenario_test PROPERTY LABELS raft_scenario) add_test(NAME csr_test COMMAND ${PYTHON} ${CMAKE_SOURCE_DIR}/tests/certs.py - ./kp_cert_test + ./kp_cert_test ) set_property( TEST csr_test @@ -1090,12 +1103,12 @@ if(BUILD_TESTS) if(NOT UNSAFE_VERSION) # Unsafe builds do not follow normal version conventions add_test(NAME versionifier_test - COMMAND ${PYTHON} - ${CMAKE_SOURCE_DIR}/python/ccf/_versionifier.py + COMMAND ${PYTHON} + ${CMAKE_SOURCE_DIR}/python/ccf/_versionifier.py ) add_test(NAME github_version_lts_test - COMMAND ${PYTHON} ${CMAKE_SOURCE_DIR}/tests/infra/github.py + COMMAND ${PYTHON} ${CMAKE_SOURCE_DIR}/tests/infra/github.py ) endif() endif() @@ -1129,16 +1142,16 @@ if(BUILD_TESTS) endif() set(CONSTITUTION_ARGS - --constitution - ${CCF_DIR}/samples/constitutions/default/actions.js - --constitution - ${CCF_DIR}/samples/constitutions/test/test_actions.js - --constitution - ${CCF_DIR}/samples/constitutions/default/validate.js - --constitution - ${CCF_DIR}/samples/constitutions/test/resolve.js - --constitution - ${CCF_DIR}/samples/constitutions/default/apply.js + --constitution + ${CCF_DIR}/samples/constitutions/default/actions.js + --constitution + ${CCF_DIR}/samples/constitutions/test/test_actions.js + --constitution + ${CCF_DIR}/samples/constitutions/default/validate.js + --constitution + ${CCF_DIR}/samples/constitutions/test/resolve.js + --constitution + ${CCF_DIR}/samples/constitutions/default/apply.js ) if(LONG_TESTS) @@ -1156,14 +1169,14 @@ if(BUILD_TESTS) PYTHON_SCRIPT ${CMAKE_SOURCE_DIR}/tests/e2e_suite.py LABEL suite ADDITIONAL_ARGS - --test-duration - 150 - --test-suite - rekey_recovery - --test-suite - membership_recovery - --jinja-templates-path - ${CMAKE_SOURCE_DIR}/samples/templates + --test-duration + 150 + --test-suite + rekey_recovery + --test-suite + membership_recovery + --jinja-templates-path + ${CMAKE_SOURCE_DIR}/samples/templates ) add_e2e_test( @@ -1171,8 +1184,8 @@ if(BUILD_TESTS) PYTHON_SCRIPT ${CMAKE_SOURCE_DIR}/tests/e2e_suite.py LABEL suite ADDITIONAL_ARGS - --test-duration 200 --test-suite reconfiguration --jinja-templates-path - ${CMAKE_SOURCE_DIR}/samples/templates + --test-duration 200 --test-suite reconfiguration --jinja-templates-path + ${CMAKE_SOURCE_DIR}/samples/templates ) if(LONG_TESTS) @@ -1189,16 +1202,16 @@ if(BUILD_TESTS) PYTHON_SCRIPT ${CMAKE_SOURCE_DIR}/tests/e2e_suite.py LABEL suite ADDITIONAL_ARGS - --oe-binary - ${OE_BINDIR} - --ledger-recovery-timeout - 20 - --test-duration - 200 - --test-suite - all - --jinja-templates-path - ${CMAKE_SOURCE_DIR}/samples/templates + --oe-binary + ${OE_BINDIR} + --ledger-recovery-timeout + 20 + --test-duration + 200 + --test-suite + all + --jinja-templates-path + ${CMAKE_SOURCE_DIR}/samples/templates ) add_e2e_test( @@ -1217,38 +1230,40 @@ if(BUILD_TESTS) NAME js_batched_stress_test PYTHON_SCRIPT ${CMAKE_SOURCE_DIR}/tests/e2e_batched.py ADDITIONAL_ARGS - --js-app-bundle - ${CMAKE_SOURCE_DIR}/src/apps/batched - --election-timeout-ms - 10000 # Larger election timeout as recording large JS applications may - # trigger leadership changes + --js-app-bundle + ${CMAKE_SOURCE_DIR}/src/apps/batched + --election-timeout-ms + 10000 # Larger election timeout as recording large JS applications may + + # trigger leadership changes ) add_e2e_test( NAME modules_test PYTHON_SCRIPT ${CMAKE_SOURCE_DIR}/tests/js-modules/modules.py ADDITIONAL_ARGS - --package - libjs_generic - --election-timeout-ms - 10000 # Larger election timeout as recording - # large JS applications may trigger leadership changes + --package + libjs_generic + --election-timeout-ms + 10000 # Larger election timeout as recording + + # large JS applications may trigger leadership changes ) add_e2e_test( NAME auth PYTHON_SCRIPT - ${CMAKE_SOURCE_DIR}/tests/js-custom-authorization/custom_authorization.py + ${CMAKE_SOURCE_DIR}/tests/js-custom-authorization/custom_authorization.py ADDITIONAL_ARGS --package libjs_generic --js-app-bundle - ${CMAKE_SOURCE_DIR}/tests + ${CMAKE_SOURCE_DIR}/tests ) add_e2e_test( NAME launch_host_process_test PYTHON_SCRIPT - ${CMAKE_SOURCE_DIR}/tests/js-launch-host-process/host_process.py + ${CMAKE_SOURCE_DIR}/tests/js-launch-host-process/host_process.py ADDITIONAL_ARGS --js-app-bundle - ${CMAKE_SOURCE_DIR}/tests/js-launch-host-process + ${CMAKE_SOURCE_DIR}/tests/js-launch-host-process ) add_e2e_test( @@ -1256,8 +1271,8 @@ if(BUILD_TESTS) PYTHON_SCRIPT ${CMAKE_SOURCE_DIR}/tests/governance.py CONSTITUTION ${CONSTITUTION_ARGS} ADDITIONAL_ARGS - --oe-binary ${OE_BINDIR} --initial-operator-count 1 - --jinja-templates-path ${CMAKE_SOURCE_DIR}/samples/templates + --oe-binary ${OE_BINDIR} --initial-operator-count 1 + --jinja-templates-path ${CMAKE_SOURCE_DIR}/samples/templates ) add_e2e_test( @@ -1268,7 +1283,7 @@ if(BUILD_TESTS) NAME code_update_test PYTHON_SCRIPT ${CMAKE_SOURCE_DIR}/tests/code_update.py ADDITIONAL_ARGS --oe-binary ${OE_BINDIR} --js-app-bundle - ${CMAKE_SOURCE_DIR}/samples/apps/logging/js + ${CMAKE_SOURCE_DIR}/samples/apps/logging/js ) if(BUILD_TPCC) @@ -1279,10 +1294,10 @@ if(BUILD_TESTS) add_custom_command( OUTPUT ${CMAKE_CURRENT_BINARY_DIR}/testssl/testssl.sh COMMAND - rm -rf ${CMAKE_CURRENT_BINARY_DIR}/testssl && git clone --depth 1 - --branch v3.0.7 --single-branch - https://github.com/drwetter/testssl.sh - ${CMAKE_CURRENT_BINARY_DIR}/testssl + rm -rf ${CMAKE_CURRENT_BINARY_DIR}/testssl && git clone --depth 1 + --branch v3.0.7 --single-branch + https://github.com/drwetter/testssl.sh + ${CMAKE_CURRENT_BINARY_DIR}/testssl ) add_custom_target( testssl ALL DEPENDS ${CMAKE_CURRENT_BINARY_DIR}/testssl/testssl.sh @@ -1293,25 +1308,26 @@ if(BUILD_TESTS) NAME e2e_logging_cft PYTHON_SCRIPT ${CMAKE_SOURCE_DIR}/tests/e2e_logging.py ADDITIONAL_ARGS --js-app-bundle - ${CMAKE_SOURCE_DIR}/samples/apps/logging/js + ${CMAKE_SOURCE_DIR}/samples/apps/logging/js ) add_e2e_test( NAME e2e_logging_http2 PYTHON_SCRIPT ${CMAKE_SOURCE_DIR}/tests/e2e_logging.py ADDITIONAL_ARGS --js-app-bundle - ${CMAKE_SOURCE_DIR}/samples/apps/logging/js --http2 + ${CMAKE_SOURCE_DIR}/samples/apps/logging/js --http2 ) add_e2e_test( NAME membership PYTHON_SCRIPT ${CMAKE_SOURCE_DIR}/tests/membership.py ) set(PARTITIONS_TEST_ARGS - # Higher snapshot interval as the test currently assumes that no - # transactions - # are emitted while partitions are up. To be removed when - # https://github.com/microsoft/CCF/issues/2577 is implemented - --snapshot-tx-interval 10000 + + # Higher snapshot interval as the test currently assumes that no + # transactions + # are emitted while partitions are up. To be removed when + # https://github.com/microsoft/CCF/issues/2577 is implemented + --snapshot-tx-interval 10000 ) add_e2e_test( @@ -1339,19 +1355,20 @@ if(BUILD_TESTS) NAME schema_test_cft PYTHON_SCRIPT ${CMAKE_SOURCE_DIR}/tests/schema.py ADDITIONAL_ARGS - --schema-dir - ${CMAKE_SOURCE_DIR}/doc/schemas - --ledger-tutorial - ${CMAKE_SOURCE_DIR}/python/ledger_tutorial.py - --config-samples-dir - ${CMAKE_SOURCE_DIR}/samples/config - --config-file-1x - ${CMAKE_SOURCE_DIR}/python/config_1_x.ini + --schema-dir + ${CMAKE_SOURCE_DIR}/doc/schemas + --ledger-tutorial + ${CMAKE_SOURCE_DIR}/python/ledger_tutorial.py + --config-samples-dir + ${CMAKE_SOURCE_DIR}/samples/config + --config-file-1x + ${CMAKE_SOURCE_DIR}/python/config_1_x.ini ) list(APPEND LTS_TEST_ARGS --oe-binary ${OE_BINDIR} --ccf-version - ${CCF_VERSION} + ${CCF_VERSION} ) + if(LONG_TESTS) list(APPEND LTS_TEST_ARGS --check-ledger-compatibility) endif() @@ -1415,16 +1432,16 @@ if(BUILD_TESTS) PYTHON_SCRIPT ${CMAKE_CURRENT_LIST_DIR}/tests/infra/perfclient.py CLIENT_BIN ./scenario_perf_client ADDITIONAL_ARGS - --package - "samples/apps/logging/liblogging" - --scenario-file - ${CMAKE_CURRENT_LIST_DIR}/tests/perf_logging_scenario_100txs.json - --max-writes-ahead - 1000 - --repetitions - 10000 - --msg-ser-fmt - text + --package + "samples/apps/logging/liblogging" + --scenario-file + ${CMAKE_CURRENT_LIST_DIR}/tests/perf_logging_scenario_100txs.json + --max-writes-ahead + 1000 + --repetitions + 10000 + --msg-ser-fmt + text ) add_perf_test( @@ -1432,7 +1449,7 @@ if(BUILD_TESTS) PYTHON_SCRIPT ${CMAKE_CURRENT_LIST_DIR}/tests/infra/piccolo_driver.py CLIENT_BIN ./submit ADDITIONAL_ARGS --package "samples/apps/logging/liblogging" - --max-writes-ahead 1000 --repetitions 10000 + --max-writes-ahead 1000 --repetitions 10000 ) add_perf_test( @@ -1440,17 +1457,17 @@ if(BUILD_TESTS) PYTHON_SCRIPT ${CMAKE_CURRENT_LIST_DIR}/tests/infra/perfclient.py CLIENT_BIN ./scenario_perf_client ADDITIONAL_ARGS - --package - "samples/apps/logging/liblogging" - --scenario-file - ${CMAKE_CURRENT_LIST_DIR}/tests/perf_logging_scenario_100txs.json - --max-writes-ahead - 1000 - --repetitions - 1000 - --use-jwt - --msg-ser-fmt - msgpack + --package + "samples/apps/logging/liblogging" + --scenario-file + ${CMAKE_CURRENT_LIST_DIR}/tests/perf_logging_scenario_100txs.json + --max-writes-ahead + 1000 + --repetitions + 1000 + --use-jwt + --msg-ser-fmt + msgpack ) add_perf_test( @@ -1458,13 +1475,13 @@ if(BUILD_TESTS) PYTHON_SCRIPT ${CMAKE_CURRENT_LIST_DIR}/tests/infra/piccolo_driver.py CLIENT_BIN ./submit ADDITIONAL_ARGS - --package - "samples/apps/logging/liblogging" - --max-writes-ahead - 1000 - --repetitions - 1000 - --use-jwt + --package + "samples/apps/logging/liblogging" + --max-writes-ahead + 1000 + --repetitions + 1000 + --use-jwt ) add_perf_test( @@ -1472,16 +1489,16 @@ if(BUILD_TESTS) PYTHON_SCRIPT ${CMAKE_CURRENT_LIST_DIR}/tests/infra/perfclient.py CLIENT_BIN ./scenario_perf_client ADDITIONAL_ARGS - --js-app-bundle - ${CMAKE_SOURCE_DIR}/samples/apps/logging/js_perf - --scenario-file - ${CMAKE_CURRENT_LIST_DIR}/tests/perf_logging_scenario_100txs.json - --max-writes-ahead - 1000 - --repetitions - 1000 - --msg-ser-fmt - text + --js-app-bundle + ${CMAKE_SOURCE_DIR}/samples/apps/logging/js_perf + --scenario-file + ${CMAKE_CURRENT_LIST_DIR}/tests/perf_logging_scenario_100txs.json + --max-writes-ahead + 1000 + --repetitions + 1000 + --msg-ser-fmt + text ) add_perf_test( @@ -1489,16 +1506,16 @@ if(BUILD_TESTS) PYTHON_SCRIPT ${CMAKE_CURRENT_LIST_DIR}/tests/infra/perfclient.py CLIENT_BIN ./scenario_perf_client ADDITIONAL_ARGS - --js-app-bundle - ${CMAKE_SOURCE_DIR}/samples/apps/logging/js - --scenario-file - ${CMAKE_CURRENT_LIST_DIR}/tests/perf_logging_scenario_100txs.json - --max-writes-ahead - 1000 - --repetitions - 1000 - --msg-ser-fmt - text + --js-app-bundle + ${CMAKE_SOURCE_DIR}/samples/apps/logging/js + --scenario-file + ${CMAKE_CURRENT_LIST_DIR}/tests/perf_logging_scenario_100txs.json + --max-writes-ahead + 1000 + --repetitions + 1000 + --msg-ser-fmt + text ) add_perf_test( @@ -1506,17 +1523,17 @@ if(BUILD_TESTS) PYTHON_SCRIPT ${CMAKE_CURRENT_LIST_DIR}/tests/infra/perfclient.py CLIENT_BIN ./scenario_perf_client ADDITIONAL_ARGS - --js-app-bundle - ${CMAKE_SOURCE_DIR}/samples/apps/logging/js_perf - --scenario-file - ${CMAKE_CURRENT_LIST_DIR}/tests/perf_logging_scenario_100txs.json - --max-writes-ahead - 1000 - --repetitions - 700 - --use-jwt - --msg-ser-fmt - text + --js-app-bundle + ${CMAKE_SOURCE_DIR}/samples/apps/logging/js_perf + --scenario-file + ${CMAKE_CURRENT_LIST_DIR}/tests/perf_logging_scenario_100txs.json + --max-writes-ahead + 1000 + --repetitions + 700 + --use-jwt + --msg-ser-fmt + text ) add_e2e_test( @@ -1528,13 +1545,13 @@ if(BUILD_TESTS) add_e2e_test( NAME external_executor_test PYTHON_SCRIPT - ${CMAKE_SOURCE_DIR}/tests/external_executor/external_executor.py + ${CMAKE_SOURCE_DIR}/tests/external_executor/external_executor.py ) add_e2e_test( NAME external_indexer_test PYTHON_SCRIPT - ${CMAKE_SOURCE_DIR}/tests/external_executor/external_indexer.py + ${CMAKE_SOURCE_DIR}/tests/external_executor/external_indexer.py ) endif() endif() @@ -1552,8 +1569,8 @@ write_basic_package_version_file( COMPATIBILITY SameMajorVersion ) install(FILES ${CMAKE_BINARY_DIR}/cmake/${CCF_PROJECT}-config.cmake - ${CMAKE_BINARY_DIR}/cmake/${CCF_PROJECT}-config-version.cmake - DESTINATION ${CMAKE_INSTALL_PREFIX}/cmake + ${CMAKE_BINARY_DIR}/cmake/${CCF_PROJECT}-config-version.cmake + DESTINATION ${CMAKE_INSTALL_PREFIX}/cmake ) # Perf tool executable diff --git a/cmake/ccf_app.cmake b/cmake/ccf_app.cmake index 17b9622e1b4c..c71bbdc9f81e 100644 --- a/cmake/ccf_app.cmake +++ b/cmake/ccf_app.cmake @@ -5,18 +5,19 @@ set(ALLOWED_TARGETS "sgx;snp;virtual") if(NOT DEFINED COMPILE_TARGET) set(COMPILE_TARGET - "sgx" - CACHE STRING - "Target compilation platforms, Choose from: ${ALLOWED_TARGETS}" + "sgx" + CACHE STRING + "Target compilation platforms, Choose from: ${ALLOWED_TARGETS}" ) endif() if(NOT COMPILE_TARGET IN_LIST ALLOWED_TARGETS) message( FATAL_ERROR - "${REQUESTED_TARGET} is not a valid target. Choose from: ${ALLOWED_TARGETS}" + "${REQUESTED_TARGET} is not a valid target. Choose from: ${ALLOWED_TARGETS}" ) endif() + message(STATUS "Compile target platform: ${COMPILE_TARGET}") include(${CCF_DIR}/cmake/open_enclave.cmake) @@ -35,16 +36,19 @@ function(sign_app_library name app_oe_conf_path enclave_sign_key_path) add_custom_command( OUTPUT ${CMAKE_CURRENT_BINARY_DIR}/lib${name}.so.debuggable + # Copy conf file locally COMMAND cp ${app_oe_conf_path} ${DEBUG_CONF_NAME} + # Remove any existing Debug= lines COMMAND sed -i "/^Debug=\.*/d" ${DEBUG_CONF_NAME} + # Add Debug=1 line COMMAND echo "Debug=1" >> ${DEBUG_CONF_NAME} COMMAND - openenclave::oesign sign -e ${CMAKE_CURRENT_BINARY_DIR}/lib${name}.so -c - ${DEBUG_CONF_NAME} -k ${enclave_sign_key_path} -o - ${CMAKE_CURRENT_BINARY_DIR}/lib${name}.so.debuggable + openenclave::oesign sign -e ${CMAKE_CURRENT_BINARY_DIR}/lib${name}.so -c + ${DEBUG_CONF_NAME} -k ${enclave_sign_key_path} -o + ${CMAKE_CURRENT_BINARY_DIR}/lib${name}.so.debuggable DEPENDS ${name} ${app_oe_conf_path} ${enclave_sign_key_path} ) @@ -58,15 +62,18 @@ function(sign_app_library name app_oe_conf_path enclave_sign_key_path) set(SIGNED_CONF_NAME ${CMAKE_CURRENT_BINARY_DIR}/${name}.signed.conf) add_custom_command( OUTPUT ${CMAKE_CURRENT_BINARY_DIR}/lib${name}.so.signed + # Copy conf file locally COMMAND cp ${app_oe_conf_path} ${SIGNED_CONF_NAME} + # Remove any existing Debug= lines COMMAND sed -i "/^Debug=\.*/d" ${SIGNED_CONF_NAME} + # Add Debug=0 line COMMAND echo "Debug=0" >> ${SIGNED_CONF_NAME} COMMAND - openenclave::oesign sign -e ${CMAKE_CURRENT_BINARY_DIR}/lib${name}.so -c - ${SIGNED_CONF_NAME} -k ${enclave_sign_key_path} + openenclave::oesign sign -e ${CMAKE_CURRENT_BINARY_DIR}/lib${name}.so -c + ${SIGNED_CONF_NAME} -k ${enclave_sign_key_path} DEPENDS ${name} ${app_oe_conf_path} ${enclave_sign_key_path} ) @@ -77,10 +84,10 @@ function(sign_app_library name app_oe_conf_path enclave_sign_key_path) if(${PARSED_ARGS_INSTALL_LIBS}) install(FILES ${CMAKE_CURRENT_BINARY_DIR}/lib${name}.so.debuggable - DESTINATION lib + DESTINATION lib ) install(FILES ${CMAKE_CURRENT_BINARY_DIR}/lib${name}.so.signed - DESTINATION lib + DESTINATION lib ) endif() endif() @@ -88,7 +95,6 @@ endfunction() # Enclave library wrapper function(add_ccf_app name) - cmake_parse_arguments( PARSE_ARGV 1 @@ -113,7 +119,7 @@ function(add_ccf_app name) add_warning_checks(${enc_name}) target_link_libraries( ${enc_name} PRIVATE ${PARSED_ARGS_LINK_LIBS_ENCLAVE} - ${OE_TARGET_ENCLAVE_CORE_LIBS} ccf.enclave + ${OE_TARGET_ENCLAVE_CORE_LIBS} ccf.enclave ) set_property(TARGET ${enc_name} PROPERTY POSITION_INDEPENDENT_CODE ON) @@ -121,6 +127,7 @@ function(add_ccf_app name) add_lvi_mitigations(${enc_name}) add_dependencies(${name} ${enc_name}) + if(PARSED_ARGS_DEPS) add_dependencies(${enc_name} ${PARSED_ARGS_DEPS}) endif() @@ -143,7 +150,7 @@ function(add_ccf_app name) ${snp_name} PRIVATE ${PARSED_ARGS_LINK_LIBS_SNP} ccf.snp ) - if(NOT (SAN OR TSAN)) + if(NOT(SAN OR TSAN)) target_link_options(${snp_name} PRIVATE LINKER:--no-undefined) endif() @@ -157,6 +164,7 @@ function(add_ccf_app name) add_san(${snp_name}) add_dependencies(${name} ${snp_name}) + if(PARSED_ARGS_DEPS) add_dependencies(${snp_name} ${PARSED_ARGS_DEPS}) endif() @@ -183,7 +191,7 @@ function(add_ccf_app name) ${virt_name} PRIVATE ${PARSED_ARGS_LINK_LIBS_VIRTUAL} ccf.virtual ) - if(NOT (SAN OR TSAN)) + if(NOT(SAN OR TSAN)) target_link_options(${virt_name} PRIVATE LINKER:--no-undefined) endif() @@ -197,6 +205,7 @@ function(add_ccf_app name) add_san(${virt_name}) add_dependencies(${name} ${virt_name}) + if(PARSED_ARGS_DEPS) add_dependencies(${virt_name} ${PARSED_ARGS_DEPS}) endif() @@ -240,6 +249,6 @@ function(add_host_library name) add_library(${name} ${files}) target_compile_options(${name} PUBLIC ${COMPILE_LIBCXX}) target_link_libraries(${name} PUBLIC ${LINK_LIBCXX} -lgcc) - link_openenclave_host_verify(${name}) + link_openenclave_host(${name}) set_property(TARGET ${name} PROPERTY POSITION_INDEPENDENT_CODE ON) endfunction() diff --git a/cmake/common.cmake b/cmake/common.cmake index 6b772fcf4aab..ddfac99bda87 100644 --- a/cmake/common.cmake +++ b/cmake/common.cmake @@ -12,7 +12,7 @@ function(add_unit_test name) target_link_libraries( ${name} PRIVATE ${LINK_LIBCXX} ccfcrypto.host ) - link_openenclave_host_verify(${name}) + link_openenclave_host(${name}) add_san(${name}) add_test(NAME ${name} COMMAND ${name}) @@ -26,7 +26,7 @@ function(add_unit_test name) TEST ${name} APPEND PROPERTY ENVIRONMENT - "TSAN_OPTIONS=suppressions=${CCF_DIR}/tsan_env_suppressions" + "TSAN_OPTIONS=suppressions=${CCF_DIR}/tsan_env_suppressions" ) # https://github.com/microsoft/CCF/issues/5198 @@ -35,7 +35,6 @@ function(add_unit_test name) APPEND PROPERTY ENVIRONMENT "ASAN_OPTIONS=alloc_dealloc_mismatch=0" ) - endfunction() # Test binary wrapper @@ -50,7 +49,6 @@ endfunction() # Helper for building clients inheriting from perf_client function(add_client_exe name) - cmake_parse_arguments( PARSE_ARGV 1 PARSED_ARGS "" "" "SRCS;INCLUDE_DIRS;LINK_LIBS" ) @@ -63,7 +61,6 @@ function(add_client_exe name) target_include_directories( ${name} PRIVATE ${CCF_DIR}/src/clients/perf ${PARSED_ARGS_INCLUDE_DIRS} ) - endfunction() # Helper for building end-to-end function tests using the python infrastructure @@ -80,14 +77,14 @@ function(add_e2e_test) if(BUILD_END_TO_END_TESTS) if(PROFILE_TESTS) set(PYTHON_WRAPPER - py-spy - record - --format - speedscope - -o - ${PARSED_ARGS_NAME}.trace - -- - python3 + py-spy + record + --format + speedscope + -o + ${PARSED_ARGS_NAME}.trace + -- + python3 ) else() set(PYTHON_WRAPPER ${PYTHON}) @@ -104,9 +101,9 @@ function(add_e2e_test) add_test( NAME ${PARSED_ARGS_NAME} COMMAND - ${PYTHON_WRAPPER} ${PARSED_ARGS_PYTHON_SCRIPT} -b . --label - ${PARSED_ARGS_NAME} ${CCF_NETWORK_TEST_ARGS} ${PARSED_ARGS_CONSTITUTION} - ${PARSED_ARGS_ADDITIONAL_ARGS} --tick-ms ${NODE_TICK_MS} + ${PYTHON_WRAPPER} ${PARSED_ARGS_PYTHON_SCRIPT} -b . --label + ${PARSED_ARGS_NAME} ${CCF_NETWORK_TEST_ARGS} ${PARSED_ARGS_CONSTITUTION} + ${PARSED_ARGS_ADDITIONAL_ARGS} --tick-ms ${NODE_TICK_MS} CONFIGURATIONS ${PARSED_ARGS_CONFIGURATIONS} ) @@ -137,7 +134,7 @@ function(add_e2e_test) TEST ${PARSED_ARGS_NAME} APPEND PROPERTY ENVIRONMENT - "TSAN_OPTIONS=suppressions=${CCF_DIR}/tsan_env_suppressions" + "TSAN_OPTIONS=suppressions=${CCF_DIR}/tsan_env_suppressions" ) set_property( @@ -158,7 +155,8 @@ function(add_e2e_test) PROPERTY ENVIRONMENT "CURL_CLIENT=ON" ) endif() - if((${PARSED_ARGS_CONTAINER_NODES}) AND (LONG_TESTS)) + + if((${PARSED_ARGS_CONTAINER_NODES}) AND(LONG_TESTS)) # Containerised nodes are only enabled with long tests set_property( TEST ${PARSED_ARGS_NAME} @@ -185,7 +183,6 @@ endfunction() # Helper for building end-to-end perf tests using the python infrastucture function(add_perf_test) - cmake_parse_arguments( PARSE_ARGV 0 PARSED_ARGS "" "NAME;PYTHON_SCRIPT;CONSTITUTION;CLIENT_BIN;VERIFICATION_FILE;LABEL" @@ -205,6 +202,7 @@ function(add_perf_test) set(TESTS_SUFFIX "") set(ENCLAVE_TYPE "") set(ENCLAVE_PLATFORM "${COMPILE_TARGET}") + if("sgx" STREQUAL COMPILE_TARGET) set(TESTS_SUFFIX "${TESTS_SUFFIX}_sgx") set(ENCLAVE_TYPE "release") @@ -222,11 +220,11 @@ function(add_perf_test) add_test( NAME "${PARSED_ARGS_NAME}${TESTS_SUFFIX}" COMMAND - ${PYTHON} ${PARSED_ARGS_PYTHON_SCRIPT} -b . -c ${PARSED_ARGS_CLIENT_BIN} - ${CCF_NETWORK_TEST_ARGS} ${PARSED_ARGS_CONSTITUTION} --write-tx-times - ${VERIFICATION_ARG} --label ${LABEL_ARG} --snapshot-tx-interval 10000 - ${PARSED_ARGS_ADDITIONAL_ARGS} -e ${ENCLAVE_TYPE} -t ${ENCLAVE_PLATFORM} - ${NODES} + ${PYTHON} ${PARSED_ARGS_PYTHON_SCRIPT} -b . -c ${PARSED_ARGS_CLIENT_BIN} + ${CCF_NETWORK_TEST_ARGS} ${PARSED_ARGS_CONSTITUTION} --write-tx-times + ${VERIFICATION_ARG} --label ${LABEL_ARG} --snapshot-tx-interval 10000 + ${PARSED_ARGS_ADDITIONAL_ARGS} -e ${ENCLAVE_TYPE} -t ${ENCLAVE_PLATFORM} + ${NODES} ) # Make python test client framework importable @@ -235,6 +233,7 @@ function(add_perf_test) APPEND PROPERTY ENVIRONMENT "PYTHONPATH=${CCF_DIR}/tests:$ENV{PYTHONPATH}" ) + if(DEFINED DEFAULT_ENCLAVE_TYPE) set_property( TEST ${TEST_NAME} @@ -242,14 +241,16 @@ function(add_perf_test) PROPERTY ENVIRONMENT "DEFAULT_ENCLAVE_TYPE=${DEFAULT_ENCLAVE_TYPE}" ) endif() + if(DEFINED DEFAULT_ENCLAVE_PLATFORM) set_property( TEST ${TEST_NAME} APPEND PROPERTY ENVIRONMENT - "DEFAULT_ENCLAVE_PLATFORM=${DEFAULT_ENCLAVE_PLATFORM}" + "DEFAULT_ENCLAVE_PLATFORM=${DEFAULT_ENCLAVE_PLATFORM}" ) endif() + set_property( TEST ${TEST_NAME} APPEND @@ -264,7 +265,7 @@ function(add_perf_test) TEST ${TEST_NAME} APPEND PROPERTY ENVIRONMENT - "TSAN_OPTIONS=suppressions=${CCF_DIR}/tsan_env_suppressions" + "TSAN_OPTIONS=suppressions=${CCF_DIR}/tsan_env_suppressions" ) endfunction() @@ -280,7 +281,7 @@ function(add_picobench name) target_link_libraries( ${name} PRIVATE ${CMAKE_THREAD_LIBS_INIT} ${PARSED_ARGS_LINK_LIBS} - ccfcrypto.host + ccfcrypto.host ) add_san(${name}) @@ -291,8 +292,8 @@ function(add_picobench name) add_test( NAME ${name} COMMAND - bash -c - "$ --samples=1000 --out-fmt=csv --output=${name}.csv && cat ${name}.csv" + bash -c + "$ --samples=1000 --out-fmt=csv --output=${name}.csv && cat ${name}.csv" ) set_property(TEST ${name} PROPERTY LABELS benchmark) @@ -301,6 +302,6 @@ function(add_picobench name) TEST ${name} APPEND PROPERTY ENVIRONMENT - "TSAN_OPTIONS=suppressions=${CCF_DIR}/tsan_env_suppressions" + "TSAN_OPTIONS=suppressions=${CCF_DIR}/tsan_env_suppressions" ) endfunction() diff --git a/cmake/crypto.cmake b/cmake/crypto.cmake index b3a6409f7fde..a08e72c733ac 100644 --- a/cmake/crypto.cmake +++ b/cmake/crypto.cmake @@ -2,28 +2,28 @@ # Licensed under the Apache 2.0 License. set(CCFCRYPTO_SRC - ${CCF_DIR}/src/crypto/base64.cpp - ${CCF_DIR}/src/crypto/entropy.cpp - ${CCF_DIR}/src/crypto/hash.cpp - ${CCF_DIR}/src/crypto/sha256_hash.cpp - ${CCF_DIR}/src/crypto/symmetric_key.cpp - ${CCF_DIR}/src/crypto/key_pair.cpp - ${CCF_DIR}/src/crypto/eddsa_key_pair.cpp - ${CCF_DIR}/src/crypto/rsa_key_pair.cpp - ${CCF_DIR}/src/crypto/verifier.cpp - ${CCF_DIR}/src/crypto/key_wrap.cpp - ${CCF_DIR}/src/crypto/hmac.cpp - ${CCF_DIR}/src/crypto/ecdsa.cpp - ${CCF_DIR}/src/crypto/openssl/symmetric_key.cpp - ${CCF_DIR}/src/crypto/openssl/public_key.cpp - ${CCF_DIR}/src/crypto/openssl/key_pair.cpp - ${CCF_DIR}/src/crypto/openssl/eddsa_public_key.cpp - ${CCF_DIR}/src/crypto/openssl/eddsa_key_pair.cpp - ${CCF_DIR}/src/crypto/openssl/hash.cpp - ${CCF_DIR}/src/crypto/openssl/rsa_public_key.cpp - ${CCF_DIR}/src/crypto/openssl/rsa_key_pair.cpp - ${CCF_DIR}/src/crypto/openssl/verifier.cpp - ${CCF_DIR}/src/crypto/openssl/cose_verifier.cpp + ${CCF_DIR}/src/crypto/base64.cpp + ${CCF_DIR}/src/crypto/entropy.cpp + ${CCF_DIR}/src/crypto/hash.cpp + ${CCF_DIR}/src/crypto/sha256_hash.cpp + ${CCF_DIR}/src/crypto/symmetric_key.cpp + ${CCF_DIR}/src/crypto/key_pair.cpp + ${CCF_DIR}/src/crypto/eddsa_key_pair.cpp + ${CCF_DIR}/src/crypto/rsa_key_pair.cpp + ${CCF_DIR}/src/crypto/verifier.cpp + ${CCF_DIR}/src/crypto/key_wrap.cpp + ${CCF_DIR}/src/crypto/hmac.cpp + ${CCF_DIR}/src/crypto/ecdsa.cpp + ${CCF_DIR}/src/crypto/openssl/symmetric_key.cpp + ${CCF_DIR}/src/crypto/openssl/public_key.cpp + ${CCF_DIR}/src/crypto/openssl/key_pair.cpp + ${CCF_DIR}/src/crypto/openssl/eddsa_public_key.cpp + ${CCF_DIR}/src/crypto/openssl/eddsa_key_pair.cpp + ${CCF_DIR}/src/crypto/openssl/hash.cpp + ${CCF_DIR}/src/crypto/openssl/rsa_public_key.cpp + ${CCF_DIR}/src/crypto/openssl/rsa_key_pair.cpp + ${CCF_DIR}/src/crypto/openssl/verifier.cpp + ${CCF_DIR}/src/crypto/openssl/cose_verifier.cpp ) if(COMPILE_TARGET STREQUAL "sgx") @@ -56,10 +56,12 @@ endif() add_library(ccfcrypto.host STATIC ${CCFCRYPTO_SRC}) add_san(ccfcrypto.host) -target_compile_options(ccfcrypto.host PUBLIC ${COMPILE_LIBCXX}) target_link_options(ccfcrypto.host PUBLIC ${LINK_LIBCXX}) target_link_libraries(ccfcrypto.host PUBLIC qcbor.host) target_link_libraries(ccfcrypto.host PUBLIC t_cose.host) +target_compile_options( + ccfcrypto.host PUBLIC ${COMPILE_LIBCXX} "-Wno-deprecated-declarations" +) target_link_libraries(ccfcrypto.host PUBLIC crypto) target_link_libraries(ccfcrypto.host PUBLIC ssl) set_property(TARGET ccfcrypto.host PROPERTY POSITION_INDEPENDENT_CODE ON) diff --git a/cmake/open_enclave.cmake b/cmake/open_enclave.cmake index a5fa52efdbb3..0eaf31a620aa 100644 --- a/cmake/open_enclave.cmake +++ b/cmake/open_enclave.cmake @@ -47,7 +47,7 @@ elseif(COMPILE_TARGET STREQUAL "sgx") message(FATAL_ERROR "Open Enclave is required for SGX target") endif() -function(link_openenclave_host_verify name) +function(link_openenclave_host name) if(REQUIRE_OPENENCLAVE) target_link_libraries(${name} PRIVATE ${OE_HOST_LIBRARY}) target_compile_definitions(${name} PUBLIC SGX_ATTESTATION_VERIFICATION) diff --git a/docker/ccf_ci b/docker/ccf_ci index 556a76b04293..21becc94866e 100644 --- a/docker/ccf_ci +++ b/docker/ccf_ci @@ -14,7 +14,7 @@ RUN ./sgx_deps_pin.sh && rm ./sgx_deps_pin.sh FROM ubuntu:20.04 AS base-snp # Virtual -FROM ubuntu:22.04 AS base-virtual +FROM ubuntu:20.04 AS base-virtual # Final CCF CI image FROM base-${platform} AS final diff --git a/getting_started/setup_vm/ccf-dev.yml b/getting_started/setup_vm/ccf-dev.yml index d61200d004e4..686bdb489850 100644 --- a/getting_started/setup_vm/ccf-dev.yml +++ b/getting_started/setup_vm/ccf-dev.yml @@ -15,17 +15,17 @@ name: intel tasks_from: sgx-group.yml when: platform == "sgx" - # - import_role: - # name: az_dcap - # tasks_from: install.yml + - import_role: + name: az_dcap + tasks_from: install.yml - import_role: name: openenclave tasks_from: binary_install.yml when: platform == "sgx" - # - import_role: - # name: openenclave - # tasks_from: install_host_verify.yml - # when: platform != "sgx" + - import_role: + name: openenclave + tasks_from: install_host_verify.yml + when: platform != "sgx" - import_role: name: nodejs tasks_from: install.yml diff --git a/getting_started/setup_vm/roles/ccf_build/vars/clang15.yml b/getting_started/setup_vm/roles/ccf_build/vars/clang15.yml index 7e8404788ea8..50d5b2816a7f 100644 --- a/getting_started/setup_vm/roles/ccf_build/vars/clang15.yml +++ b/getting_started/setup_vm/roles/ccf_build/vars/clang15.yml @@ -7,8 +7,8 @@ debs: - libuv1-dev - libc++-{{ clang_ver }}-dev - libc++abi-{{ clang_ver }}-dev - - python3.10-dev - - python3.10-venv + - python3.8-dev + - python3.8-venv - llvm-{{ clang_ver }} - clang-{{ clang_ver }} - clang-format-11 # On purpose, to avoid formatting conflicts From da32116a920563670a09a9e10b0d167114635d56 Mon Sep 17 00:00:00 2001 From: Julien Maffre Date: Thu, 25 May 2023 15:06:36 +0000 Subject: [PATCH 07/17] fmt --- CMakeLists.txt | 549 +++++++++++++++++++-------------------- cmake/ccf_app.cmake | 34 +-- cmake/common.cmake | 54 ++-- cmake/crypto.cmake | 44 ++-- cmake/open_enclave.cmake | 18 +- 5 files changed, 341 insertions(+), 358 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index f50de844a246..fb000a0905f7 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -5,9 +5,9 @@ cmake_minimum_required(VERSION 3.16) set(ALLOWED_TARGETS "sgx;snp;virtual") set(COMPILE_TARGET - "sgx" - CACHE STRING - "Target compilation platforms, Choose from: ${ALLOWED_TARGETS}" + "sgx" + CACHE STRING + "Target compilation platforms, Choose from: ${ALLOWED_TARGETS}" ) set(CCF_DIR ${CMAKE_CURRENT_SOURCE_DIR}) @@ -31,8 +31,8 @@ message(STATUS "CCF version suffix = ${CCF_VERSION_SUFFIX}") # if(CMAKE_INSTALL_PREFIX_INITIALIZED_TO_DEFAULT) set(CMAKE_INSTALL_PREFIX - "/opt/${CCF_PROJECT}" - CACHE PATH "Default install prefix" FORCE + "/opt/${CCF_PROJECT}" + CACHE PATH "Default install prefix" FORCE ) endif() @@ -41,7 +41,7 @@ include(${CCF_DIR}/cmake/cpack_settings.cmake) message(STATUS "CMAKE_INSTALL_PREFIX is '${CMAKE_INSTALL_PREFIX}'") install(FILES ${CMAKE_CURRENT_SOURCE_DIR}/cmake/preproject.cmake - DESTINATION cmake + DESTINATION cmake ) include(GNUInstallDirs) @@ -62,10 +62,10 @@ option(PROFILE_TESTS "Profile tests" OFF) set(PYTHON unbuffer python3) set(DISTRIBUTE_PERF_TESTS - "" - CACHE - STRING - "Hosts to which performance tests should be distributed, for example -n ssh://x.x.x.x -n ssh://x.x.x.x -n ssh://x.x.x.x" + "" + CACHE + STRING + "Hosts to which performance tests should be distributed, for example -n ssh://x.x.x.x -n ssh://x.x.x.x -n ssh://x.x.x.x" ) if(DISTRIBUTE_PERF_TESTS) @@ -83,7 +83,7 @@ if(VERBOSE_LOGGING) endif() option(USE_NULL_ENCRYPTOR "Turn off encryption of ledger updates - debug only" - OFF + OFF ) if(USE_NULL_ENCRYPTOR) @@ -125,28 +125,28 @@ install(FILES ${CMAKE_CURRENT_SOURCE_DIR}/cmake/tools.cmake DESTINATION cmake) include(${CMAKE_CURRENT_SOURCE_DIR}/cmake/ccf_app.cmake) install(FILES ${CMAKE_CURRENT_SOURCE_DIR}/cmake/ccf_app.cmake DESTINATION cmake) install(FILES ${CMAKE_CURRENT_SOURCE_DIR}/cmake/open_enclave.cmake - DESTINATION cmake + DESTINATION cmake ) if(SAN AND LVI_MITIGATIONS) message( FATAL_ERROR - "Building with both SAN and LVI mitigations is unsafe and deadlocks - choose one" + "Building with both SAN and LVI mitigations is unsafe and deadlocks - choose one" ) endif() if(TSAN AND LVI_MITIGATIONS) message( FATAL_ERROR - "Building with both TSAN and LVI mitigations is unsafe and deadlocks - choose one" + "Building with both TSAN and LVI mitigations is unsafe and deadlocks - choose one" ) endif() add_custom_command( COMMAND - openenclave::oeedger8r ${CCF_DIR}/edl/ccf.edl --search-path ${OE_INCLUDEDIR} - --trusted --trusted-dir ${CCF_GENERATED_DIR} --untrusted --untrusted-dir - ${CCF_GENERATED_DIR} + openenclave::oeedger8r ${CCF_DIR}/edl/ccf.edl --search-path ${OE_INCLUDEDIR} + --trusted --trusted-dir ${CCF_GENERATED_DIR} --untrusted --untrusted-dir + ${CCF_GENERATED_DIR} COMMAND mv ${CCF_GENERATED_DIR}/ccf_t.c ${CCF_GENERATED_DIR}/ccf_t.cpp COMMAND mv ${CCF_GENERATED_DIR}/ccf_u.c ${CCF_GENERATED_DIR}/ccf_u.cpp DEPENDS ${CCF_DIR}/edl/ccf.edl @@ -156,7 +156,7 @@ add_custom_command( # Copy and install CCF utilities set(CCF_UTILITIES keygenerator.sh scurl.sh submit_recovery_share.sh - verify_quote.sh + verify_quote.sh ) foreach(UTILITY ${CCF_UTILITIES}) @@ -168,13 +168,13 @@ endforeach() # Copy utilities from tests directory set(CCF_TEST_UTILITIES - tests.sh - cimetrics_env.sh - upload_pico_metrics.py - test_install.sh - docker_wrap.sh - config.jinja - recovery_benchmark.sh + tests.sh + cimetrics_env.sh + upload_pico_metrics.py + test_install.sh + docker_wrap.sh + config.jinja + recovery_benchmark.sh ) foreach(UTILITY ${CCF_TEST_UTILITIES}) @@ -214,28 +214,28 @@ else() endif() set(HTTP_PARSER_SOURCES - ${CCF_3RD_PARTY_EXPORTED_DIR}/llhttp/api.c - ${CCF_3RD_PARTY_EXPORTED_DIR}/llhttp/http.c - ${CCF_3RD_PARTY_EXPORTED_DIR}/llhttp/llhttp.c + ${CCF_3RD_PARTY_EXPORTED_DIR}/llhttp/api.c + ${CCF_3RD_PARTY_EXPORTED_DIR}/llhttp/http.c + ${CCF_3RD_PARTY_EXPORTED_DIR}/llhttp/llhttp.c ) set(CCF_ENDPOINTS_SOURCES - ${CCF_DIR}/src/endpoints/endpoint.cpp - ${CCF_DIR}/src/endpoints/endpoint_registry.cpp - ${CCF_DIR}/src/endpoints/base_endpoint_registry.cpp - ${CCF_DIR}/src/endpoints/common_endpoint_registry.cpp - ${CCF_DIR}/src/endpoints/json_handler.cpp - ${CCF_DIR}/src/endpoints/authentication/cose_auth.cpp - ${CCF_DIR}/src/endpoints/authentication/cert_auth.cpp - ${CCF_DIR}/src/endpoints/authentication/empty_auth.cpp - ${CCF_DIR}/src/endpoints/authentication/jwt_auth.cpp - ${CCF_DIR}/src/enclave/enclave_time.cpp - ${CCF_DIR}/src/indexing/strategies/seqnos_by_key_bucketed.cpp - ${CCF_DIR}/src/indexing/strategies/seqnos_by_key_in_memory.cpp - ${CCF_DIR}/src/indexing/strategies/visit_each_entry_in_map.cpp - ${CCF_DIR}/src/node/historical_queries_adapter.cpp - ${CCF_DIR}/src/node/historical_queries_utils.cpp - ${CCF_DIR}/src/node/receipt.cpp + ${CCF_DIR}/src/endpoints/endpoint.cpp + ${CCF_DIR}/src/endpoints/endpoint_registry.cpp + ${CCF_DIR}/src/endpoints/base_endpoint_registry.cpp + ${CCF_DIR}/src/endpoints/common_endpoint_registry.cpp + ${CCF_DIR}/src/endpoints/json_handler.cpp + ${CCF_DIR}/src/endpoints/authentication/cose_auth.cpp + ${CCF_DIR}/src/endpoints/authentication/cert_auth.cpp + ${CCF_DIR}/src/endpoints/authentication/empty_auth.cpp + ${CCF_DIR}/src/endpoints/authentication/jwt_auth.cpp + ${CCF_DIR}/src/enclave/enclave_time.cpp + ${CCF_DIR}/src/indexing/strategies/seqnos_by_key_bucketed.cpp + ${CCF_DIR}/src/indexing/strategies/seqnos_by_key_in_memory.cpp + ${CCF_DIR}/src/indexing/strategies/visit_each_entry_in_map.cpp + ${CCF_DIR}/src/node/historical_queries_adapter.cpp + ${CCF_DIR}/src/node/historical_queries_utils.cpp + ${CCF_DIR}/src/node/receipt.cpp ) find_library(CRYPTO_LIBRARY crypto) @@ -253,8 +253,8 @@ unset(MESSAGE_QUIET) # Host Executable if(SAN - OR TSAN - OR NOT USE_SNMALLOC + OR TSAN + OR NOT USE_SNMALLOC ) set(SNMALLOC_COMPILE_OPTIONS "") else() @@ -293,7 +293,7 @@ endif() target_link_libraries( cchost PRIVATE uv ${TLS_LIBRARY} ${CMAKE_DL_LIBS} ${CMAKE_THREAD_LIBS_INIT} - ${LINK_LIBCXX} ccfcrypto.host + ${LINK_LIBCXX} ccfcrypto.host ) if(COMPILE_TARGET STREQUAL "sgx") @@ -308,7 +308,7 @@ add_executable( ) target_link_libraries( scenario_perf_client PRIVATE ${CMAKE_THREAD_LIBS_INIT} http_parser.host - ccfcrypto.host + ccfcrypto.host ) if(NOT CMAKE_CXX_COMPILER_VERSION VERSION_GREATER 9) @@ -348,8 +348,8 @@ endif() # CCF kv libs set(CCF_KV_SOURCES - ${CCF_DIR}/src/kv/tx.cpp ${CCF_DIR}/src/kv/untyped_map_handle.cpp - ${CCF_DIR}/src/kv/untyped_map_diff.cpp + ${CCF_DIR}/src/kv/tx.cpp ${CCF_DIR}/src/kv/untyped_map_handle.cpp + ${CCF_DIR}/src/kv/untyped_map_diff.cpp ) if(COMPILE_TARGET STREQUAL "sgx") @@ -389,7 +389,7 @@ if(COMPILE_TARGET STREQUAL "sgx") target_link_libraries( ccf_endpoints.enclave PUBLIC qcbor.enclave t_cose.enclave http_parser.enclave ccfcrypto.enclave - ccf_kv.enclave + ccf_kv.enclave ) add_warning_checks(ccf_endpoints.enclave) install( @@ -401,7 +401,7 @@ elseif(COMPILE_TARGET STREQUAL "snp") add_host_library(ccf_endpoints.snp "${CCF_ENDPOINTS_SOURCES}") target_link_libraries( ccf_endpoints.snp PUBLIC qcbor.snp t_cose.snp http_parser.snp ccfcrypto.snp - ccf_kv.snp + ccf_kv.snp ) add_san(ccf_endpoints.snp) add_warning_checks(ccf_endpoints.snp) @@ -415,7 +415,7 @@ endif() add_host_library(ccf_endpoints.host "${CCF_ENDPOINTS_SOURCES}") target_link_libraries( ccf_endpoints.host PUBLIC qcbor.host t_cose.host http_parser.host - ccfcrypto.host ccf_kv.host + ccfcrypto.host ccf_kv.host ) add_san(ccf_endpoints.host) add_warning_checks(ccf_endpoints.host) @@ -430,22 +430,22 @@ endif() # Common test args for Python scripts starting up CCF networks set(WORKER_THREADS - 0 - CACHE STRING "Number of worker threads to start on each CCF node" + 0 + CACHE STRING "Number of worker threads to start on each CCF node" ) set(CCF_NETWORK_TEST_DEFAULT_CONSTITUTION - --constitution - ${CCF_DIR}/samples/constitutions/default/actions.js - --constitution - ${CCF_DIR}/samples/constitutions/default/validate.js - --constitution - ${CCF_DIR}/samples/constitutions/default/resolve.js - --constitution - ${CCF_DIR}/samples/constitutions/default/apply.js + --constitution + ${CCF_DIR}/samples/constitutions/default/actions.js + --constitution + ${CCF_DIR}/samples/constitutions/default/validate.js + --constitution + ${CCF_DIR}/samples/constitutions/default/resolve.js + --constitution + ${CCF_DIR}/samples/constitutions/default/apply.js ) set(CCF_NETWORK_TEST_ARGS --host-log-level ${TEST_HOST_LOGGING_LEVEL} - --worker-threads ${WORKER_THREADS} + --worker-threads ${WORKER_THREADS} ) if(COMPILE_TARGET STREQUAL "sgx") @@ -464,7 +464,7 @@ elseif(COMPILE_TARGET STREQUAL "snp") target_compile_options(js_openenclave.snp PRIVATE ${COMPILE_LIBCXX}) target_compile_definitions( js_openenclave.snp PUBLIC INSIDE_ENCLAVE VIRTUAL_ENCLAVE - _LIBCPP_HAS_THREAD_API_PTHREAD PLATFORM_SNP + _LIBCPP_HAS_THREAD_API_PTHREAD PLATFORM_SNP ) set_property(TARGET js_openenclave.snp PROPERTY POSITION_INDEPENDENT_CODE ON) install( @@ -480,7 +480,7 @@ elseif(COMPILE_TARGET STREQUAL "virtual") target_compile_definitions( js_openenclave.virtual PUBLIC INSIDE_ENCLAVE VIRTUAL_ENCLAVE _LIBCPP_HAS_THREAD_API_PTHREAD - PLATFORM_VIRTUAL + PLATFORM_VIRTUAL ) set_property( TARGET js_openenclave.virtual PROPERTY POSITION_INDEPENDENT_CODE ON @@ -514,7 +514,7 @@ elseif(COMPILE_TARGET STREQUAL "snp") target_compile_options(js_generic_base.snp PRIVATE ${COMPILE_LIBCXX}) target_compile_definitions( js_generic_base.snp PUBLIC INSIDE_ENCLAVE VIRTUAL_ENCLAVE - _LIBCPP_HAS_THREAD_API_PTHREAD PLATFORM_SNP + _LIBCPP_HAS_THREAD_API_PTHREAD PLATFORM_SNP ) set_property(TARGET js_generic_base.snp PROPERTY POSITION_INDEPENDENT_CODE ON) install( @@ -534,7 +534,7 @@ elseif(COMPILE_TARGET STREQUAL "virtual") target_compile_definitions( js_openenclave.virtual PUBLIC INSIDE_ENCLAVE VIRTUAL_ENCLAVE _LIBCPP_HAS_THREAD_API_PTHREAD - PLATFORM_VIRTUAL + PLATFORM_VIRTUAL ) set_property( TARGET js_generic_base.virtual PROPERTY POSITION_INDEPENDENT_CODE ON @@ -563,7 +563,7 @@ sign_app_library( include(${CCF_DIR}/cmake/quictls.cmake) install(DIRECTORY ${CCF_DIR}/samples/apps/logging/js - DESTINATION samples/logging + DESTINATION samples/logging ) include(${CMAKE_CURRENT_SOURCE_DIR}/cmake/common.cmake) @@ -572,7 +572,7 @@ file(WRITE ${CMAKE_BINARY_DIR}/PLATFORM "${COMPILE_TARGET}") install(FILES ${CMAKE_BINARY_DIR}/PLATFORM DESTINATION share) set(CMAKE_GENERATED_COMMENT - "This file was auto-generated by CMake from a corresponding *.in file. DO NOT EDIT" + "This file was auto-generated by CMake from a corresponding *.in file. DO NOT EDIT" ) configure_file( ${CCF_DIR}/src/common/version.h.in ${CCF_DIR}/include/ccf/version.h @ONLY @@ -583,7 +583,7 @@ configure_file( install(FILES ${CCF_DIR}/include/ccf/version.h DESTINATION include/ccf) file(READ ${CCF_DIR}/doc/host_config_schema/cchost_config.json - HOST_CONFIG_SCHEMA + HOST_CONFIG_SCHEMA ) configure_file( ${CCF_DIR}/src/host/config_schema.h.in ${CCF_DIR}/src/host/config_schema.h @@ -614,9 +614,9 @@ endif() add_custom_target(ccf ALL) set(CCF_IMPL_SOURCE - ${CCF_DIR}/src/enclave/main.cpp ${CCF_DIR}/src/enclave/enclave_time.cpp - ${CCF_DIR}/src/enclave/thread_local.cpp ${CCF_DIR}/src/js/wrap.cpp - ${CCF_DIR}/src/node/quote.cpp + ${CCF_DIR}/src/enclave/main.cpp ${CCF_DIR}/src/enclave/enclave_time.cpp + ${CCF_DIR}/src/enclave/thread_local.cpp ${CCF_DIR}/src/js/wrap.cpp + ${CCF_DIR}/src/node/quote.cpp ) if(COMPILE_TARGET STREQUAL "sgx") @@ -631,25 +631,23 @@ if(COMPILE_TARGET STREQUAL "sgx") target_include_directories( ccf.enclave SYSTEM - PUBLIC - $ - $ # < This contains the private headers - - # < which are currently under src, and - # < should be removed or renamed - $ - $ + PUBLIC $ + $ # < This contains the private + # headers + # < which are currently under src, and < should be removed or renamed + $ + $ ) target_link_libraries( ccf.enclave PUBLIC quickjs.enclave - http_parser.enclave - sss.enclave - ccf_endpoints.enclave - ccfcrypto.enclave - ccf_kv.enclave - nghttp2.enclave + http_parser.enclave + sss.enclave + ccf_endpoints.enclave + ccfcrypto.enclave + ccf_kv.enclave + nghttp2.enclave ) add_lvi_mitigations(ccf.enclave) @@ -662,14 +660,14 @@ if(COMPILE_TARGET STREQUAL "sgx") add_dependencies(ccf ccf.enclave) -# Same as virtual for the time being but will diverge soon + # Same as virtual for the time being but will diverge soon elseif(COMPILE_TARGET STREQUAL "snp") # SNP version add_library(ccf.snp STATIC ${CCF_IMPL_SOURCE}) target_compile_definitions( ccf.snp PUBLIC INSIDE_ENCLAVE VIRTUAL_ENCLAVE - _LIBCPP_HAS_THREAD_API_PTHREAD PLATFORM_SNP + _LIBCPP_HAS_THREAD_API_PTHREAD PLATFORM_SNP ) target_compile_options(ccf.snp PUBLIC ${COMPILE_LIBCXX}) @@ -677,28 +675,26 @@ elseif(COMPILE_TARGET STREQUAL "snp") target_include_directories( ccf.snp SYSTEM - PUBLIC - $ - $ # < This contains the private headers - - # < which are currently under src, and - # < should be removed or renamed - $ - $ + PUBLIC $ + $ # < This contains the private + # headers + # < which are currently under src, and < should be removed or renamed + $ + $ ) target_link_libraries( ccf.snp PUBLIC ${LINK_LIBCXX} - -lgcc - http_parser.snp - quickjs.snp - sss.snp - ccf_endpoints.snp - ccfcrypto.snp - ccf_kv.snp - nghttp2.snp - ${CMAKE_THREAD_LIBS_INIT} + -lgcc + http_parser.snp + quickjs.snp + sss.snp + ccf_endpoints.snp + ccfcrypto.snp + ccf_kv.snp + nghttp2.snp + ${CMAKE_THREAD_LIBS_INIT} ) link_openenclave_host(ccf.snp) @@ -720,7 +716,7 @@ elseif(COMPILE_TARGET STREQUAL "virtual") target_compile_definitions( ccf.virtual PUBLIC INSIDE_ENCLAVE VIRTUAL_ENCLAVE - _LIBCPP_HAS_THREAD_API_PTHREAD PLATFORM_VIRTUAL + _LIBCPP_HAS_THREAD_API_PTHREAD PLATFORM_VIRTUAL ) target_compile_options(ccf.virtual PUBLIC ${COMPILE_LIBCXX}) @@ -728,28 +724,26 @@ elseif(COMPILE_TARGET STREQUAL "virtual") target_include_directories( ccf.virtual SYSTEM - PUBLIC - $ - $ # < This contains the private headers - - # < which are currently under src, and - # < should be removed or renamed - $ - $ + PUBLIC $ + $ # < This contains the private + # headers + # < which are currently under src, and < should be removed or renamed + $ + $ ) target_link_libraries( ccf.virtual PUBLIC ${LINK_LIBCXX} - -lgcc - http_parser.host - quickjs.host - sss.host - ccf_endpoints.host - ccfcrypto.host - ccf_kv.host - nghttp2.host - ${CMAKE_THREAD_LIBS_INIT} + -lgcc + http_parser.host + quickjs.host + sss.host + ccf_endpoints.host + ccfcrypto.host + ccf_kv.host + nghttp2.host + ${CMAKE_THREAD_LIBS_INIT} ) link_openenclave_host(ccf.virtual) @@ -821,7 +815,7 @@ install(FILES tests/requirements.txt DESTINATION bin) add_custom_command( OUTPUT ${CMAKE_CURRENT_BINARY_DIR}/signing_key.pem COMMAND openssl genrsa -out ${CMAKE_CURRENT_BINARY_DIR}/signing_key.pem -3 - 3072 + 3072 ) add_custom_target( signing_key ALL DEPENDS ${CMAKE_CURRENT_BINARY_DIR}/signing_key.pem @@ -943,7 +937,7 @@ if(BUILD_TESTS) add_unit_test(js_test ${CMAKE_CURRENT_SOURCE_DIR}/src/js/test/js.cpp) target_link_libraries( js_test PRIVATE quickjs.host ccf_kv.host ccf_endpoints.host - ccfcrypto.host http_parser.host + ccfcrypto.host http_parser.host ) add_unit_test( @@ -1023,12 +1017,12 @@ if(BUILD_TESTS) target_link_libraries( frontend_test PRIVATE ${CMAKE_THREAD_LIBS_INIT} - http_parser.host - sss.host - ccf_endpoints.host - ccfcrypto.host - ccf_kv.host - quickjs.host + http_parser.host + sss.host + ccf_endpoints.host + ccfcrypto.host + ccf_kv.host + quickjs.host ) add_unit_test( @@ -1050,12 +1044,12 @@ if(BUILD_TESTS) target_link_libraries( node_frontend_test PRIVATE ${CMAKE_THREAD_LIBS_INIT} - http_parser.host - sss.host - ccf_endpoints.host - ccfcrypto.host - ccf_kv.host - quickjs.host + http_parser.host + sss.host + ccf_endpoints.host + ccfcrypto.host + ccf_kv.host + quickjs.host ) add_unit_test( @@ -1072,7 +1066,7 @@ if(BUILD_TESTS) # Raft driver and scenario test add_executable( raft_driver ${CMAKE_CURRENT_SOURCE_DIR}/src/consensus/aft/test/driver.cpp - src/enclave/thread_local.cpp + src/enclave/thread_local.cpp ) target_link_libraries(raft_driver PRIVATE ccfcrypto.host) target_include_directories(raft_driver PRIVATE src/aft) @@ -1080,12 +1074,12 @@ if(BUILD_TESTS) add_test( NAME raft_scenario_test COMMAND ${PYTHON} ${CMAKE_SOURCE_DIR}/tests/raft_scenarios_runner.py - ./raft_driver ${CMAKE_SOURCE_DIR}/tests/raft_scenarios/ + ./raft_driver ${CMAKE_SOURCE_DIR}/tests/raft_scenarios/ ) set_property(TEST raft_scenario_test PROPERTY LABELS raft_scenario) add_test(NAME csr_test COMMAND ${PYTHON} ${CMAKE_SOURCE_DIR}/tests/certs.py - ./kp_cert_test + ./kp_cert_test ) set_property( TEST csr_test @@ -1103,12 +1097,12 @@ if(BUILD_TESTS) if(NOT UNSAFE_VERSION) # Unsafe builds do not follow normal version conventions add_test(NAME versionifier_test - COMMAND ${PYTHON} - ${CMAKE_SOURCE_DIR}/python/ccf/_versionifier.py + COMMAND ${PYTHON} + ${CMAKE_SOURCE_DIR}/python/ccf/_versionifier.py ) add_test(NAME github_version_lts_test - COMMAND ${PYTHON} ${CMAKE_SOURCE_DIR}/tests/infra/github.py + COMMAND ${PYTHON} ${CMAKE_SOURCE_DIR}/tests/infra/github.py ) endif() endif() @@ -1142,16 +1136,16 @@ if(BUILD_TESTS) endif() set(CONSTITUTION_ARGS - --constitution - ${CCF_DIR}/samples/constitutions/default/actions.js - --constitution - ${CCF_DIR}/samples/constitutions/test/test_actions.js - --constitution - ${CCF_DIR}/samples/constitutions/default/validate.js - --constitution - ${CCF_DIR}/samples/constitutions/test/resolve.js - --constitution - ${CCF_DIR}/samples/constitutions/default/apply.js + --constitution + ${CCF_DIR}/samples/constitutions/default/actions.js + --constitution + ${CCF_DIR}/samples/constitutions/test/test_actions.js + --constitution + ${CCF_DIR}/samples/constitutions/default/validate.js + --constitution + ${CCF_DIR}/samples/constitutions/test/resolve.js + --constitution + ${CCF_DIR}/samples/constitutions/default/apply.js ) if(LONG_TESTS) @@ -1169,14 +1163,14 @@ if(BUILD_TESTS) PYTHON_SCRIPT ${CMAKE_SOURCE_DIR}/tests/e2e_suite.py LABEL suite ADDITIONAL_ARGS - --test-duration - 150 - --test-suite - rekey_recovery - --test-suite - membership_recovery - --jinja-templates-path - ${CMAKE_SOURCE_DIR}/samples/templates + --test-duration + 150 + --test-suite + rekey_recovery + --test-suite + membership_recovery + --jinja-templates-path + ${CMAKE_SOURCE_DIR}/samples/templates ) add_e2e_test( @@ -1184,8 +1178,8 @@ if(BUILD_TESTS) PYTHON_SCRIPT ${CMAKE_SOURCE_DIR}/tests/e2e_suite.py LABEL suite ADDITIONAL_ARGS - --test-duration 200 --test-suite reconfiguration --jinja-templates-path - ${CMAKE_SOURCE_DIR}/samples/templates + --test-duration 200 --test-suite reconfiguration --jinja-templates-path + ${CMAKE_SOURCE_DIR}/samples/templates ) if(LONG_TESTS) @@ -1202,16 +1196,16 @@ if(BUILD_TESTS) PYTHON_SCRIPT ${CMAKE_SOURCE_DIR}/tests/e2e_suite.py LABEL suite ADDITIONAL_ARGS - --oe-binary - ${OE_BINDIR} - --ledger-recovery-timeout - 20 - --test-duration - 200 - --test-suite - all - --jinja-templates-path - ${CMAKE_SOURCE_DIR}/samples/templates + --oe-binary + ${OE_BINDIR} + --ledger-recovery-timeout + 20 + --test-duration + 200 + --test-suite + all + --jinja-templates-path + ${CMAKE_SOURCE_DIR}/samples/templates ) add_e2e_test( @@ -1230,40 +1224,38 @@ if(BUILD_TESTS) NAME js_batched_stress_test PYTHON_SCRIPT ${CMAKE_SOURCE_DIR}/tests/e2e_batched.py ADDITIONAL_ARGS - --js-app-bundle - ${CMAKE_SOURCE_DIR}/src/apps/batched - --election-timeout-ms - 10000 # Larger election timeout as recording large JS applications may - - # trigger leadership changes + --js-app-bundle + ${CMAKE_SOURCE_DIR}/src/apps/batched + --election-timeout-ms + 10000 # Larger election timeout as recording large JS applications may + # trigger leadership changes ) add_e2e_test( NAME modules_test PYTHON_SCRIPT ${CMAKE_SOURCE_DIR}/tests/js-modules/modules.py ADDITIONAL_ARGS - --package - libjs_generic - --election-timeout-ms - 10000 # Larger election timeout as recording - - # large JS applications may trigger leadership changes + --package + libjs_generic + --election-timeout-ms + 10000 # Larger election timeout as recording + # large JS applications may trigger leadership changes ) add_e2e_test( NAME auth PYTHON_SCRIPT - ${CMAKE_SOURCE_DIR}/tests/js-custom-authorization/custom_authorization.py + ${CMAKE_SOURCE_DIR}/tests/js-custom-authorization/custom_authorization.py ADDITIONAL_ARGS --package libjs_generic --js-app-bundle - ${CMAKE_SOURCE_DIR}/tests + ${CMAKE_SOURCE_DIR}/tests ) add_e2e_test( NAME launch_host_process_test PYTHON_SCRIPT - ${CMAKE_SOURCE_DIR}/tests/js-launch-host-process/host_process.py + ${CMAKE_SOURCE_DIR}/tests/js-launch-host-process/host_process.py ADDITIONAL_ARGS --js-app-bundle - ${CMAKE_SOURCE_DIR}/tests/js-launch-host-process + ${CMAKE_SOURCE_DIR}/tests/js-launch-host-process ) add_e2e_test( @@ -1271,8 +1263,8 @@ if(BUILD_TESTS) PYTHON_SCRIPT ${CMAKE_SOURCE_DIR}/tests/governance.py CONSTITUTION ${CONSTITUTION_ARGS} ADDITIONAL_ARGS - --oe-binary ${OE_BINDIR} --initial-operator-count 1 - --jinja-templates-path ${CMAKE_SOURCE_DIR}/samples/templates + --oe-binary ${OE_BINDIR} --initial-operator-count 1 + --jinja-templates-path ${CMAKE_SOURCE_DIR}/samples/templates ) add_e2e_test( @@ -1283,7 +1275,7 @@ if(BUILD_TESTS) NAME code_update_test PYTHON_SCRIPT ${CMAKE_SOURCE_DIR}/tests/code_update.py ADDITIONAL_ARGS --oe-binary ${OE_BINDIR} --js-app-bundle - ${CMAKE_SOURCE_DIR}/samples/apps/logging/js + ${CMAKE_SOURCE_DIR}/samples/apps/logging/js ) if(BUILD_TPCC) @@ -1294,10 +1286,10 @@ if(BUILD_TESTS) add_custom_command( OUTPUT ${CMAKE_CURRENT_BINARY_DIR}/testssl/testssl.sh COMMAND - rm -rf ${CMAKE_CURRENT_BINARY_DIR}/testssl && git clone --depth 1 - --branch v3.0.7 --single-branch - https://github.com/drwetter/testssl.sh - ${CMAKE_CURRENT_BINARY_DIR}/testssl + rm -rf ${CMAKE_CURRENT_BINARY_DIR}/testssl && git clone --depth 1 + --branch v3.0.7 --single-branch + https://github.com/drwetter/testssl.sh + ${CMAKE_CURRENT_BINARY_DIR}/testssl ) add_custom_target( testssl ALL DEPENDS ${CMAKE_CURRENT_BINARY_DIR}/testssl/testssl.sh @@ -1308,26 +1300,25 @@ if(BUILD_TESTS) NAME e2e_logging_cft PYTHON_SCRIPT ${CMAKE_SOURCE_DIR}/tests/e2e_logging.py ADDITIONAL_ARGS --js-app-bundle - ${CMAKE_SOURCE_DIR}/samples/apps/logging/js + ${CMAKE_SOURCE_DIR}/samples/apps/logging/js ) add_e2e_test( NAME e2e_logging_http2 PYTHON_SCRIPT ${CMAKE_SOURCE_DIR}/tests/e2e_logging.py ADDITIONAL_ARGS --js-app-bundle - ${CMAKE_SOURCE_DIR}/samples/apps/logging/js --http2 + ${CMAKE_SOURCE_DIR}/samples/apps/logging/js --http2 ) add_e2e_test( NAME membership PYTHON_SCRIPT ${CMAKE_SOURCE_DIR}/tests/membership.py ) set(PARTITIONS_TEST_ARGS - - # Higher snapshot interval as the test currently assumes that no - # transactions - # are emitted while partitions are up. To be removed when - # https://github.com/microsoft/CCF/issues/2577 is implemented - --snapshot-tx-interval 10000 + # Higher snapshot interval as the test currently assumes that no + # transactions + # are emitted while partitions are up. To be removed when + # https://github.com/microsoft/CCF/issues/2577 is implemented + --snapshot-tx-interval 10000 ) add_e2e_test( @@ -1355,18 +1346,18 @@ if(BUILD_TESTS) NAME schema_test_cft PYTHON_SCRIPT ${CMAKE_SOURCE_DIR}/tests/schema.py ADDITIONAL_ARGS - --schema-dir - ${CMAKE_SOURCE_DIR}/doc/schemas - --ledger-tutorial - ${CMAKE_SOURCE_DIR}/python/ledger_tutorial.py - --config-samples-dir - ${CMAKE_SOURCE_DIR}/samples/config - --config-file-1x - ${CMAKE_SOURCE_DIR}/python/config_1_x.ini + --schema-dir + ${CMAKE_SOURCE_DIR}/doc/schemas + --ledger-tutorial + ${CMAKE_SOURCE_DIR}/python/ledger_tutorial.py + --config-samples-dir + ${CMAKE_SOURCE_DIR}/samples/config + --config-file-1x + ${CMAKE_SOURCE_DIR}/python/config_1_x.ini ) list(APPEND LTS_TEST_ARGS --oe-binary ${OE_BINDIR} --ccf-version - ${CCF_VERSION} + ${CCF_VERSION} ) if(LONG_TESTS) @@ -1432,16 +1423,16 @@ if(BUILD_TESTS) PYTHON_SCRIPT ${CMAKE_CURRENT_LIST_DIR}/tests/infra/perfclient.py CLIENT_BIN ./scenario_perf_client ADDITIONAL_ARGS - --package - "samples/apps/logging/liblogging" - --scenario-file - ${CMAKE_CURRENT_LIST_DIR}/tests/perf_logging_scenario_100txs.json - --max-writes-ahead - 1000 - --repetitions - 10000 - --msg-ser-fmt - text + --package + "samples/apps/logging/liblogging" + --scenario-file + ${CMAKE_CURRENT_LIST_DIR}/tests/perf_logging_scenario_100txs.json + --max-writes-ahead + 1000 + --repetitions + 10000 + --msg-ser-fmt + text ) add_perf_test( @@ -1449,7 +1440,7 @@ if(BUILD_TESTS) PYTHON_SCRIPT ${CMAKE_CURRENT_LIST_DIR}/tests/infra/piccolo_driver.py CLIENT_BIN ./submit ADDITIONAL_ARGS --package "samples/apps/logging/liblogging" - --max-writes-ahead 1000 --repetitions 10000 + --max-writes-ahead 1000 --repetitions 10000 ) add_perf_test( @@ -1457,17 +1448,17 @@ if(BUILD_TESTS) PYTHON_SCRIPT ${CMAKE_CURRENT_LIST_DIR}/tests/infra/perfclient.py CLIENT_BIN ./scenario_perf_client ADDITIONAL_ARGS - --package - "samples/apps/logging/liblogging" - --scenario-file - ${CMAKE_CURRENT_LIST_DIR}/tests/perf_logging_scenario_100txs.json - --max-writes-ahead - 1000 - --repetitions - 1000 - --use-jwt - --msg-ser-fmt - msgpack + --package + "samples/apps/logging/liblogging" + --scenario-file + ${CMAKE_CURRENT_LIST_DIR}/tests/perf_logging_scenario_100txs.json + --max-writes-ahead + 1000 + --repetitions + 1000 + --use-jwt + --msg-ser-fmt + msgpack ) add_perf_test( @@ -1475,13 +1466,13 @@ if(BUILD_TESTS) PYTHON_SCRIPT ${CMAKE_CURRENT_LIST_DIR}/tests/infra/piccolo_driver.py CLIENT_BIN ./submit ADDITIONAL_ARGS - --package - "samples/apps/logging/liblogging" - --max-writes-ahead - 1000 - --repetitions - 1000 - --use-jwt + --package + "samples/apps/logging/liblogging" + --max-writes-ahead + 1000 + --repetitions + 1000 + --use-jwt ) add_perf_test( @@ -1489,16 +1480,16 @@ if(BUILD_TESTS) PYTHON_SCRIPT ${CMAKE_CURRENT_LIST_DIR}/tests/infra/perfclient.py CLIENT_BIN ./scenario_perf_client ADDITIONAL_ARGS - --js-app-bundle - ${CMAKE_SOURCE_DIR}/samples/apps/logging/js_perf - --scenario-file - ${CMAKE_CURRENT_LIST_DIR}/tests/perf_logging_scenario_100txs.json - --max-writes-ahead - 1000 - --repetitions - 1000 - --msg-ser-fmt - text + --js-app-bundle + ${CMAKE_SOURCE_DIR}/samples/apps/logging/js_perf + --scenario-file + ${CMAKE_CURRENT_LIST_DIR}/tests/perf_logging_scenario_100txs.json + --max-writes-ahead + 1000 + --repetitions + 1000 + --msg-ser-fmt + text ) add_perf_test( @@ -1506,16 +1497,16 @@ if(BUILD_TESTS) PYTHON_SCRIPT ${CMAKE_CURRENT_LIST_DIR}/tests/infra/perfclient.py CLIENT_BIN ./scenario_perf_client ADDITIONAL_ARGS - --js-app-bundle - ${CMAKE_SOURCE_DIR}/samples/apps/logging/js - --scenario-file - ${CMAKE_CURRENT_LIST_DIR}/tests/perf_logging_scenario_100txs.json - --max-writes-ahead - 1000 - --repetitions - 1000 - --msg-ser-fmt - text + --js-app-bundle + ${CMAKE_SOURCE_DIR}/samples/apps/logging/js + --scenario-file + ${CMAKE_CURRENT_LIST_DIR}/tests/perf_logging_scenario_100txs.json + --max-writes-ahead + 1000 + --repetitions + 1000 + --msg-ser-fmt + text ) add_perf_test( @@ -1523,17 +1514,17 @@ if(BUILD_TESTS) PYTHON_SCRIPT ${CMAKE_CURRENT_LIST_DIR}/tests/infra/perfclient.py CLIENT_BIN ./scenario_perf_client ADDITIONAL_ARGS - --js-app-bundle - ${CMAKE_SOURCE_DIR}/samples/apps/logging/js_perf - --scenario-file - ${CMAKE_CURRENT_LIST_DIR}/tests/perf_logging_scenario_100txs.json - --max-writes-ahead - 1000 - --repetitions - 700 - --use-jwt - --msg-ser-fmt - text + --js-app-bundle + ${CMAKE_SOURCE_DIR}/samples/apps/logging/js_perf + --scenario-file + ${CMAKE_CURRENT_LIST_DIR}/tests/perf_logging_scenario_100txs.json + --max-writes-ahead + 1000 + --repetitions + 700 + --use-jwt + --msg-ser-fmt + text ) add_e2e_test( @@ -1545,13 +1536,13 @@ if(BUILD_TESTS) add_e2e_test( NAME external_executor_test PYTHON_SCRIPT - ${CMAKE_SOURCE_DIR}/tests/external_executor/external_executor.py + ${CMAKE_SOURCE_DIR}/tests/external_executor/external_executor.py ) add_e2e_test( NAME external_indexer_test PYTHON_SCRIPT - ${CMAKE_SOURCE_DIR}/tests/external_executor/external_indexer.py + ${CMAKE_SOURCE_DIR}/tests/external_executor/external_indexer.py ) endif() endif() @@ -1569,8 +1560,8 @@ write_basic_package_version_file( COMPATIBILITY SameMajorVersion ) install(FILES ${CMAKE_BINARY_DIR}/cmake/${CCF_PROJECT}-config.cmake - ${CMAKE_BINARY_DIR}/cmake/${CCF_PROJECT}-config-version.cmake - DESTINATION ${CMAKE_INSTALL_PREFIX}/cmake + ${CMAKE_BINARY_DIR}/cmake/${CCF_PROJECT}-config-version.cmake + DESTINATION ${CMAKE_INSTALL_PREFIX}/cmake ) # Perf tool executable diff --git a/cmake/ccf_app.cmake b/cmake/ccf_app.cmake index c71bbdc9f81e..17fca6301425 100644 --- a/cmake/ccf_app.cmake +++ b/cmake/ccf_app.cmake @@ -5,16 +5,16 @@ set(ALLOWED_TARGETS "sgx;snp;virtual") if(NOT DEFINED COMPILE_TARGET) set(COMPILE_TARGET - "sgx" - CACHE STRING - "Target compilation platforms, Choose from: ${ALLOWED_TARGETS}" + "sgx" + CACHE STRING + "Target compilation platforms, Choose from: ${ALLOWED_TARGETS}" ) endif() if(NOT COMPILE_TARGET IN_LIST ALLOWED_TARGETS) message( FATAL_ERROR - "${REQUESTED_TARGET} is not a valid target. Choose from: ${ALLOWED_TARGETS}" + "${REQUESTED_TARGET} is not a valid target. Choose from: ${ALLOWED_TARGETS}" ) endif() @@ -36,19 +36,16 @@ function(sign_app_library name app_oe_conf_path enclave_sign_key_path) add_custom_command( OUTPUT ${CMAKE_CURRENT_BINARY_DIR}/lib${name}.so.debuggable - # Copy conf file locally COMMAND cp ${app_oe_conf_path} ${DEBUG_CONF_NAME} - # Remove any existing Debug= lines COMMAND sed -i "/^Debug=\.*/d" ${DEBUG_CONF_NAME} - # Add Debug=1 line COMMAND echo "Debug=1" >> ${DEBUG_CONF_NAME} COMMAND - openenclave::oesign sign -e ${CMAKE_CURRENT_BINARY_DIR}/lib${name}.so -c - ${DEBUG_CONF_NAME} -k ${enclave_sign_key_path} -o - ${CMAKE_CURRENT_BINARY_DIR}/lib${name}.so.debuggable + openenclave::oesign sign -e ${CMAKE_CURRENT_BINARY_DIR}/lib${name}.so -c + ${DEBUG_CONF_NAME} -k ${enclave_sign_key_path} -o + ${CMAKE_CURRENT_BINARY_DIR}/lib${name}.so.debuggable DEPENDS ${name} ${app_oe_conf_path} ${enclave_sign_key_path} ) @@ -62,18 +59,15 @@ function(sign_app_library name app_oe_conf_path enclave_sign_key_path) set(SIGNED_CONF_NAME ${CMAKE_CURRENT_BINARY_DIR}/${name}.signed.conf) add_custom_command( OUTPUT ${CMAKE_CURRENT_BINARY_DIR}/lib${name}.so.signed - # Copy conf file locally COMMAND cp ${app_oe_conf_path} ${SIGNED_CONF_NAME} - # Remove any existing Debug= lines COMMAND sed -i "/^Debug=\.*/d" ${SIGNED_CONF_NAME} - # Add Debug=0 line COMMAND echo "Debug=0" >> ${SIGNED_CONF_NAME} COMMAND - openenclave::oesign sign -e ${CMAKE_CURRENT_BINARY_DIR}/lib${name}.so -c - ${SIGNED_CONF_NAME} -k ${enclave_sign_key_path} + openenclave::oesign sign -e ${CMAKE_CURRENT_BINARY_DIR}/lib${name}.so -c + ${SIGNED_CONF_NAME} -k ${enclave_sign_key_path} DEPENDS ${name} ${app_oe_conf_path} ${enclave_sign_key_path} ) @@ -84,10 +78,10 @@ function(sign_app_library name app_oe_conf_path enclave_sign_key_path) if(${PARSED_ARGS_INSTALL_LIBS}) install(FILES ${CMAKE_CURRENT_BINARY_DIR}/lib${name}.so.debuggable - DESTINATION lib + DESTINATION lib ) install(FILES ${CMAKE_CURRENT_BINARY_DIR}/lib${name}.so.signed - DESTINATION lib + DESTINATION lib ) endif() endif() @@ -119,7 +113,7 @@ function(add_ccf_app name) add_warning_checks(${enc_name}) target_link_libraries( ${enc_name} PRIVATE ${PARSED_ARGS_LINK_LIBS_ENCLAVE} - ${OE_TARGET_ENCLAVE_CORE_LIBS} ccf.enclave + ${OE_TARGET_ENCLAVE_CORE_LIBS} ccf.enclave ) set_property(TARGET ${enc_name} PROPERTY POSITION_INDEPENDENT_CODE ON) @@ -150,7 +144,7 @@ function(add_ccf_app name) ${snp_name} PRIVATE ${PARSED_ARGS_LINK_LIBS_SNP} ccf.snp ) - if(NOT(SAN OR TSAN)) + if(NOT (SAN OR TSAN)) target_link_options(${snp_name} PRIVATE LINKER:--no-undefined) endif() @@ -191,7 +185,7 @@ function(add_ccf_app name) ${virt_name} PRIVATE ${PARSED_ARGS_LINK_LIBS_VIRTUAL} ccf.virtual ) - if(NOT(SAN OR TSAN)) + if(NOT (SAN OR TSAN)) target_link_options(${virt_name} PRIVATE LINKER:--no-undefined) endif() diff --git a/cmake/common.cmake b/cmake/common.cmake index ddfac99bda87..562ffa82973e 100644 --- a/cmake/common.cmake +++ b/cmake/common.cmake @@ -9,9 +9,7 @@ function(add_unit_test name) ${name} PRIVATE src ${CCFCRYPTO_INC} ${CCF_DIR}/3rdparty/test ) enable_coverage(${name}) - target_link_libraries( - ${name} PRIVATE ${LINK_LIBCXX} ccfcrypto.host - ) + target_link_libraries(${name} PRIVATE ${LINK_LIBCXX} ccfcrypto.host) link_openenclave_host(${name}) add_san(${name}) @@ -26,7 +24,7 @@ function(add_unit_test name) TEST ${name} APPEND PROPERTY ENVIRONMENT - "TSAN_OPTIONS=suppressions=${CCF_DIR}/tsan_env_suppressions" + "TSAN_OPTIONS=suppressions=${CCF_DIR}/tsan_env_suppressions" ) # https://github.com/microsoft/CCF/issues/5198 @@ -77,14 +75,14 @@ function(add_e2e_test) if(BUILD_END_TO_END_TESTS) if(PROFILE_TESTS) set(PYTHON_WRAPPER - py-spy - record - --format - speedscope - -o - ${PARSED_ARGS_NAME}.trace - -- - python3 + py-spy + record + --format + speedscope + -o + ${PARSED_ARGS_NAME}.trace + -- + python3 ) else() set(PYTHON_WRAPPER ${PYTHON}) @@ -101,9 +99,9 @@ function(add_e2e_test) add_test( NAME ${PARSED_ARGS_NAME} COMMAND - ${PYTHON_WRAPPER} ${PARSED_ARGS_PYTHON_SCRIPT} -b . --label - ${PARSED_ARGS_NAME} ${CCF_NETWORK_TEST_ARGS} ${PARSED_ARGS_CONSTITUTION} - ${PARSED_ARGS_ADDITIONAL_ARGS} --tick-ms ${NODE_TICK_MS} + ${PYTHON_WRAPPER} ${PARSED_ARGS_PYTHON_SCRIPT} -b . --label + ${PARSED_ARGS_NAME} ${CCF_NETWORK_TEST_ARGS} ${PARSED_ARGS_CONSTITUTION} + ${PARSED_ARGS_ADDITIONAL_ARGS} --tick-ms ${NODE_TICK_MS} CONFIGURATIONS ${PARSED_ARGS_CONFIGURATIONS} ) @@ -134,7 +132,7 @@ function(add_e2e_test) TEST ${PARSED_ARGS_NAME} APPEND PROPERTY ENVIRONMENT - "TSAN_OPTIONS=suppressions=${CCF_DIR}/tsan_env_suppressions" + "TSAN_OPTIONS=suppressions=${CCF_DIR}/tsan_env_suppressions" ) set_property( @@ -156,7 +154,7 @@ function(add_e2e_test) ) endif() - if((${PARSED_ARGS_CONTAINER_NODES}) AND(LONG_TESTS)) + if((${PARSED_ARGS_CONTAINER_NODES}) AND (LONG_TESTS)) # Containerised nodes are only enabled with long tests set_property( TEST ${PARSED_ARGS_NAME} @@ -220,11 +218,11 @@ function(add_perf_test) add_test( NAME "${PARSED_ARGS_NAME}${TESTS_SUFFIX}" COMMAND - ${PYTHON} ${PARSED_ARGS_PYTHON_SCRIPT} -b . -c ${PARSED_ARGS_CLIENT_BIN} - ${CCF_NETWORK_TEST_ARGS} ${PARSED_ARGS_CONSTITUTION} --write-tx-times - ${VERIFICATION_ARG} --label ${LABEL_ARG} --snapshot-tx-interval 10000 - ${PARSED_ARGS_ADDITIONAL_ARGS} -e ${ENCLAVE_TYPE} -t ${ENCLAVE_PLATFORM} - ${NODES} + ${PYTHON} ${PARSED_ARGS_PYTHON_SCRIPT} -b . -c ${PARSED_ARGS_CLIENT_BIN} + ${CCF_NETWORK_TEST_ARGS} ${PARSED_ARGS_CONSTITUTION} --write-tx-times + ${VERIFICATION_ARG} --label ${LABEL_ARG} --snapshot-tx-interval 10000 + ${PARSED_ARGS_ADDITIONAL_ARGS} -e ${ENCLAVE_TYPE} -t ${ENCLAVE_PLATFORM} + ${NODES} ) # Make python test client framework importable @@ -247,7 +245,7 @@ function(add_perf_test) TEST ${TEST_NAME} APPEND PROPERTY ENVIRONMENT - "DEFAULT_ENCLAVE_PLATFORM=${DEFAULT_ENCLAVE_PLATFORM}" + "DEFAULT_ENCLAVE_PLATFORM=${DEFAULT_ENCLAVE_PLATFORM}" ) endif() @@ -265,7 +263,7 @@ function(add_perf_test) TEST ${TEST_NAME} APPEND PROPERTY ENVIRONMENT - "TSAN_OPTIONS=suppressions=${CCF_DIR}/tsan_env_suppressions" + "TSAN_OPTIONS=suppressions=${CCF_DIR}/tsan_env_suppressions" ) endfunction() @@ -281,7 +279,7 @@ function(add_picobench name) target_link_libraries( ${name} PRIVATE ${CMAKE_THREAD_LIBS_INIT} ${PARSED_ARGS_LINK_LIBS} - ccfcrypto.host + ccfcrypto.host ) add_san(${name}) @@ -292,8 +290,8 @@ function(add_picobench name) add_test( NAME ${name} COMMAND - bash -c - "$ --samples=1000 --out-fmt=csv --output=${name}.csv && cat ${name}.csv" + bash -c + "$ --samples=1000 --out-fmt=csv --output=${name}.csv && cat ${name}.csv" ) set_property(TEST ${name} PROPERTY LABELS benchmark) @@ -302,6 +300,6 @@ function(add_picobench name) TEST ${name} APPEND PROPERTY ENVIRONMENT - "TSAN_OPTIONS=suppressions=${CCF_DIR}/tsan_env_suppressions" + "TSAN_OPTIONS=suppressions=${CCF_DIR}/tsan_env_suppressions" ) endfunction() diff --git a/cmake/crypto.cmake b/cmake/crypto.cmake index a08e72c733ac..c467c4cab3ec 100644 --- a/cmake/crypto.cmake +++ b/cmake/crypto.cmake @@ -2,28 +2,28 @@ # Licensed under the Apache 2.0 License. set(CCFCRYPTO_SRC - ${CCF_DIR}/src/crypto/base64.cpp - ${CCF_DIR}/src/crypto/entropy.cpp - ${CCF_DIR}/src/crypto/hash.cpp - ${CCF_DIR}/src/crypto/sha256_hash.cpp - ${CCF_DIR}/src/crypto/symmetric_key.cpp - ${CCF_DIR}/src/crypto/key_pair.cpp - ${CCF_DIR}/src/crypto/eddsa_key_pair.cpp - ${CCF_DIR}/src/crypto/rsa_key_pair.cpp - ${CCF_DIR}/src/crypto/verifier.cpp - ${CCF_DIR}/src/crypto/key_wrap.cpp - ${CCF_DIR}/src/crypto/hmac.cpp - ${CCF_DIR}/src/crypto/ecdsa.cpp - ${CCF_DIR}/src/crypto/openssl/symmetric_key.cpp - ${CCF_DIR}/src/crypto/openssl/public_key.cpp - ${CCF_DIR}/src/crypto/openssl/key_pair.cpp - ${CCF_DIR}/src/crypto/openssl/eddsa_public_key.cpp - ${CCF_DIR}/src/crypto/openssl/eddsa_key_pair.cpp - ${CCF_DIR}/src/crypto/openssl/hash.cpp - ${CCF_DIR}/src/crypto/openssl/rsa_public_key.cpp - ${CCF_DIR}/src/crypto/openssl/rsa_key_pair.cpp - ${CCF_DIR}/src/crypto/openssl/verifier.cpp - ${CCF_DIR}/src/crypto/openssl/cose_verifier.cpp + ${CCF_DIR}/src/crypto/base64.cpp + ${CCF_DIR}/src/crypto/entropy.cpp + ${CCF_DIR}/src/crypto/hash.cpp + ${CCF_DIR}/src/crypto/sha256_hash.cpp + ${CCF_DIR}/src/crypto/symmetric_key.cpp + ${CCF_DIR}/src/crypto/key_pair.cpp + ${CCF_DIR}/src/crypto/eddsa_key_pair.cpp + ${CCF_DIR}/src/crypto/rsa_key_pair.cpp + ${CCF_DIR}/src/crypto/verifier.cpp + ${CCF_DIR}/src/crypto/key_wrap.cpp + ${CCF_DIR}/src/crypto/hmac.cpp + ${CCF_DIR}/src/crypto/ecdsa.cpp + ${CCF_DIR}/src/crypto/openssl/symmetric_key.cpp + ${CCF_DIR}/src/crypto/openssl/public_key.cpp + ${CCF_DIR}/src/crypto/openssl/key_pair.cpp + ${CCF_DIR}/src/crypto/openssl/eddsa_public_key.cpp + ${CCF_DIR}/src/crypto/openssl/eddsa_key_pair.cpp + ${CCF_DIR}/src/crypto/openssl/hash.cpp + ${CCF_DIR}/src/crypto/openssl/rsa_public_key.cpp + ${CCF_DIR}/src/crypto/openssl/rsa_key_pair.cpp + ${CCF_DIR}/src/crypto/openssl/verifier.cpp + ${CCF_DIR}/src/crypto/openssl/cose_verifier.cpp ) if(COMPILE_TARGET STREQUAL "sgx") diff --git a/cmake/open_enclave.cmake b/cmake/open_enclave.cmake index 0eaf31a620aa..1a66bb212793 100644 --- a/cmake/open_enclave.cmake +++ b/cmake/open_enclave.cmake @@ -1,8 +1,8 @@ # Copyright (c) Microsoft Corporation. All rights reserved. # Licensed under the Apache 2.0 License. -# We allow for Open Enclave (and Open Enclave HostVerify) to not be installed -# if this specific flag is set. +# We allow for Open Enclave (and Open Enclave HostVerify) to not be installed if +# this specific flag is set. option(REQUIRE_OPENENCLAVE "Requires Open Enclave or HostVerify variant" ON) if(REQUIRE_OPENENCLAVE) @@ -13,21 +13,21 @@ if(REQUIRE_OPENENCLAVE) # Find OpenEnclave package find_package(OpenEnclave 0.19.0 CONFIG REQUIRED) - # As well as pulling in openenclave:: targets, this sets variables which can be - # used for our edge cases (eg - for virtual libraries). These do not follow the - # standard naming patterns, for example use OE_INCLUDEDIR rather than + # As well as pulling in openenclave:: targets, this sets variables which can + # be used for our edge cases (eg - for virtual libraries). These do not follow + # the standard naming patterns, for example use OE_INCLUDEDIR rather than # OpenEnclave_INCLUDE_DIRS if(COMPILE_TARGET STREQUAL "sgx") set(OE_TARGET_LIBC openenclave::oelibc) set(OE_TARGET_ENCLAVE_AND_STD - openenclave::oeenclave openenclave::oelibcxx openenclave::oelibc - openenclave::oecryptoopenssl + openenclave::oeenclave openenclave::oelibcxx openenclave::oelibc + openenclave::oecryptoopenssl ) # These oe libraries must be linked in specific order set(OE_TARGET_ENCLAVE_CORE_LIBS - openenclave::oeenclave openenclave::oesnmalloc openenclave::oecore - openenclave::oesyscall + openenclave::oeenclave openenclave::oesnmalloc openenclave::oecore + openenclave::oesyscall ) option(LVI_MITIGATIONS "Enable LVI mitigations" ON) From 615956a329ce96e434099c5c9dc9c65455ffe351 Mon Sep 17 00:00:00 2001 From: Julien Maffre Date: Thu, 25 May 2023 16:07:14 +0000 Subject: [PATCH 08/17] fmt --- CMakeLists.txt | 60 ++++++++++++++++++++------------------------- cmake/ccf_app.cmake | 7 ++---- 2 files changed, 28 insertions(+), 39 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index fb000a0905f7..b97f4ffdf1df 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -76,7 +76,6 @@ endif() option(VERBOSE_LOGGING "Enable verbose, unsafe logging of enclave code" OFF) set(TEST_HOST_LOGGING_LEVEL "info") - if(VERBOSE_LOGGING) set(TEST_HOST_LOGGING_LEVEL "trace") add_compile_definitions(VERBOSE_LOGGING) @@ -85,7 +84,6 @@ endif() option(USE_NULL_ENCRYPTOR "Turn off encryption of ledger updates - debug only" OFF ) - if(USE_NULL_ENCRYPTOR) add_compile_definitions(USE_NULL_ENCRYPTOR) endif() @@ -97,7 +95,6 @@ option(COVERAGE "Enable coverage mapping" OFF) option(SHUFFLE_SUITE "Shuffle end to end test suite" OFF) option(LONG_TESTS "Enable long end-to-end tests" OFF) option(KV_STATE_RB "Enable RBMap as underlying KV state implementation" OFF) - if(KV_STATE_RB) add_compile_definitions(KV_STATE_RB) endif() @@ -158,7 +155,6 @@ add_custom_command( set(CCF_UTILITIES keygenerator.sh scurl.sh submit_recovery_share.sh verify_quote.sh ) - foreach(UTILITY ${CCF_UTILITIES}) configure_file( ${CCF_DIR}/python/utils/${UTILITY} ${CMAKE_CURRENT_BINARY_DIR} COPYONLY @@ -176,7 +172,6 @@ set(CCF_TEST_UTILITIES config.jinja recovery_benchmark.sh ) - foreach(UTILITY ${CCF_TEST_UTILITIES}) configure_file( ${CCF_DIR}/tests/${UTILITY} ${CMAKE_CURRENT_BINARY_DIR} COPYONLY @@ -295,7 +290,6 @@ target_link_libraries( cchost PRIVATE uv ${TLS_LIBRARY} ${CMAKE_DL_LIBS} ${CMAKE_THREAD_LIBS_INIT} ${LINK_LIBCXX} ccfcrypto.host ) - if(COMPILE_TARGET STREQUAL "sgx") target_link_libraries(cchost PRIVATE openenclave::oehost) endif() @@ -310,11 +304,9 @@ target_link_libraries( scenario_perf_client PRIVATE ${CMAKE_THREAD_LIBS_INIT} http_parser.host ccfcrypto.host ) - if(NOT CMAKE_CXX_COMPILER_VERSION VERSION_GREATER 9) target_link_libraries(scenario_perf_client PRIVATE c++fs) endif() - install(TARGETS scenario_perf_client DESTINATION bin) # HTTP parser @@ -337,7 +329,6 @@ endif() add_library(http_parser.host "${HTTP_PARSER_SOURCES}") set_property(TARGET http_parser.host PROPERTY POSITION_INDEPENDENT_CODE ON) - if(INSTALL_VIRTUAL_LIBRARIES) install( TARGETS http_parser.host @@ -374,7 +365,6 @@ endif() add_host_library(ccf_kv.host "${CCF_KV_SOURCES}") add_san(ccf_kv.host) add_warning_checks(ccf_kv.host) - if(INSTALL_VIRTUAL_LIBRARIES) install( TARGETS ccf_kv.host @@ -545,7 +535,6 @@ elseif(COMPILE_TARGET STREQUAL "virtual") DESTINATION lib ) endif() - # SNIPPET_START: JS generic application add_ccf_app( js_generic @@ -558,8 +547,8 @@ sign_app_library( js_generic.enclave ${CCF_DIR}/src/apps/js_generic/oe_sign.conf ${CMAKE_CURRENT_BINARY_DIR}/signing_key.pem INSTALL_LIBS ON ) - # SNIPPET_END: JS generic application + include(${CCF_DIR}/cmake/quictls.cmake) install(DIRECTORY ${CCF_DIR}/samples/apps/logging/js @@ -605,7 +594,6 @@ option( add_compile_definitions(CCF_LOGGER_NO_DEPRECATE) option(CCF_RAFT_TRACING "Enable tracing of Raft consensus" OFF) - if(CCF_RAFT_TRACING) add_compile_definitions(CCF_RAFT_TRACING) endif() @@ -631,12 +619,13 @@ if(COMPILE_TARGET STREQUAL "sgx") target_include_directories( ccf.enclave SYSTEM - PUBLIC $ - $ # < This contains the private - # headers - # < which are currently under src, and < should be removed or renamed - $ - $ + PUBLIC + $ + $ #< This contains the private headers + #< which are currently under src, and + #< should be removed or renamed + $ + $ ) target_link_libraries( @@ -662,6 +651,7 @@ if(COMPILE_TARGET STREQUAL "sgx") # Same as virtual for the time being but will diverge soon elseif(COMPILE_TARGET STREQUAL "snp") + # SNP version add_library(ccf.snp STATIC ${CCF_IMPL_SOURCE}) @@ -675,12 +665,13 @@ elseif(COMPILE_TARGET STREQUAL "snp") target_include_directories( ccf.snp SYSTEM - PUBLIC $ - $ # < This contains the private - # headers - # < which are currently under src, and < should be removed or renamed - $ - $ + PUBLIC + $ + $ #< This contains the private headers + #< which are currently under src, and + #< should be removed or renamed + $ + $ ) target_link_libraries( @@ -711,6 +702,7 @@ elseif(COMPILE_TARGET STREQUAL "snp") add_dependencies(ccf ccf.snp) elseif(COMPILE_TARGET STREQUAL "virtual") + # virtual version add_library(ccf.virtual STATIC ${CCF_IMPL_SOURCE}) @@ -724,12 +716,13 @@ elseif(COMPILE_TARGET STREQUAL "virtual") target_include_directories( ccf.virtual SYSTEM - PUBLIC $ - $ # < This contains the private - # headers - # < which are currently under src, and < should be removed or renamed - $ - $ + PUBLIC + $ + $ #< This contains the private headers + #< which are currently under src, and + #< should be removed or renamed + $ + $ ) target_link_libraries( @@ -1228,7 +1221,7 @@ if(BUILD_TESTS) ${CMAKE_SOURCE_DIR}/src/apps/batched --election-timeout-ms 10000 # Larger election timeout as recording large JS applications may - # trigger leadership changes + # trigger leadership changes ) add_e2e_test( @@ -1359,7 +1352,6 @@ if(BUILD_TESTS) list(APPEND LTS_TEST_ARGS --oe-binary ${OE_BINDIR} --ccf-version ${CCF_VERSION} ) - if(LONG_TESTS) list(APPEND LTS_TEST_ARGS --check-ledger-compatibility) endif() @@ -1565,4 +1557,4 @@ install(FILES ${CMAKE_BINARY_DIR}/cmake/${CCF_PROJECT}-config.cmake ) # Perf tool executable -include(${CCF_DIR}/tests/perf-system/submitter/CMakeLists.txt) +include(${CCF_DIR}/tests/perf-system/submitter/CMakeLists.txt) \ No newline at end of file diff --git a/cmake/ccf_app.cmake b/cmake/ccf_app.cmake index 17fca6301425..3263b0bb0ce0 100644 --- a/cmake/ccf_app.cmake +++ b/cmake/ccf_app.cmake @@ -17,7 +17,6 @@ if(NOT COMPILE_TARGET IN_LIST ALLOWED_TARGETS) "${REQUESTED_TARGET} is not a valid target. Choose from: ${ALLOWED_TARGETS}" ) endif() - message(STATUS "Compile target platform: ${COMPILE_TARGET}") include(${CCF_DIR}/cmake/open_enclave.cmake) @@ -89,6 +88,7 @@ endfunction() # Enclave library wrapper function(add_ccf_app name) + cmake_parse_arguments( PARSE_ARGV 1 @@ -121,7 +121,6 @@ function(add_ccf_app name) add_lvi_mitigations(${enc_name}) add_dependencies(${name} ${enc_name}) - if(PARSED_ARGS_DEPS) add_dependencies(${enc_name} ${PARSED_ARGS_DEPS}) endif() @@ -158,7 +157,6 @@ function(add_ccf_app name) add_san(${snp_name}) add_dependencies(${name} ${snp_name}) - if(PARSED_ARGS_DEPS) add_dependencies(${snp_name} ${PARSED_ARGS_DEPS}) endif() @@ -199,7 +197,6 @@ function(add_ccf_app name) add_san(${virt_name}) add_dependencies(${name} ${virt_name}) - if(PARSED_ARGS_DEPS) add_dependencies(${virt_name} ${PARSED_ARGS_DEPS}) endif() @@ -245,4 +242,4 @@ function(add_host_library name) target_link_libraries(${name} PUBLIC ${LINK_LIBCXX} -lgcc) link_openenclave_host(${name}) set_property(TARGET ${name} PROPERTY POSITION_INDEPENDENT_CODE ON) -endfunction() +endfunction() \ No newline at end of file From 7ff56faebb6c5f3c5cd640c04bf8b1f0e000d5d3 Mon Sep 17 00:00:00 2001 From: Julien Maffre Date: Thu, 25 May 2023 16:09:19 +0000 Subject: [PATCH 09/17] fmt again --- CMakeLists.txt | 2 +- cmake/ccf_app.cmake | 2 +- cmake/common.cmake | 9 ++++----- 3 files changed, 6 insertions(+), 7 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index b97f4ffdf1df..a86db2564a7d 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -1557,4 +1557,4 @@ install(FILES ${CMAKE_BINARY_DIR}/cmake/${CCF_PROJECT}-config.cmake ) # Perf tool executable -include(${CCF_DIR}/tests/perf-system/submitter/CMakeLists.txt) \ No newline at end of file +include(${CCF_DIR}/tests/perf-system/submitter/CMakeLists.txt) diff --git a/cmake/ccf_app.cmake b/cmake/ccf_app.cmake index 3263b0bb0ce0..71fcba0e40e6 100644 --- a/cmake/ccf_app.cmake +++ b/cmake/ccf_app.cmake @@ -242,4 +242,4 @@ function(add_host_library name) target_link_libraries(${name} PUBLIC ${LINK_LIBCXX} -lgcc) link_openenclave_host(${name}) set_property(TARGET ${name} PROPERTY POSITION_INDEPENDENT_CODE ON) -endfunction() \ No newline at end of file +endfunction() diff --git a/cmake/common.cmake b/cmake/common.cmake index 562ffa82973e..688630af565c 100644 --- a/cmake/common.cmake +++ b/cmake/common.cmake @@ -33,6 +33,7 @@ function(add_unit_test name) APPEND PROPERTY ENVIRONMENT "ASAN_OPTIONS=alloc_dealloc_mismatch=0" ) + endfunction() # Test binary wrapper @@ -47,6 +48,7 @@ endfunction() # Helper for building clients inheriting from perf_client function(add_client_exe name) + cmake_parse_arguments( PARSE_ARGV 1 PARSED_ARGS "" "" "SRCS;INCLUDE_DIRS;LINK_LIBS" ) @@ -59,6 +61,7 @@ function(add_client_exe name) target_include_directories( ${name} PRIVATE ${CCF_DIR}/src/clients/perf ${PARSED_ARGS_INCLUDE_DIRS} ) + endfunction() # Helper for building end-to-end function tests using the python infrastructure @@ -153,7 +156,6 @@ function(add_e2e_test) PROPERTY ENVIRONMENT "CURL_CLIENT=ON" ) endif() - if((${PARSED_ARGS_CONTAINER_NODES}) AND (LONG_TESTS)) # Containerised nodes are only enabled with long tests set_property( @@ -181,6 +183,7 @@ endfunction() # Helper for building end-to-end perf tests using the python infrastucture function(add_perf_test) + cmake_parse_arguments( PARSE_ARGV 0 PARSED_ARGS "" "NAME;PYTHON_SCRIPT;CONSTITUTION;CLIENT_BIN;VERIFICATION_FILE;LABEL" @@ -200,7 +203,6 @@ function(add_perf_test) set(TESTS_SUFFIX "") set(ENCLAVE_TYPE "") set(ENCLAVE_PLATFORM "${COMPILE_TARGET}") - if("sgx" STREQUAL COMPILE_TARGET) set(TESTS_SUFFIX "${TESTS_SUFFIX}_sgx") set(ENCLAVE_TYPE "release") @@ -231,7 +233,6 @@ function(add_perf_test) APPEND PROPERTY ENVIRONMENT "PYTHONPATH=${CCF_DIR}/tests:$ENV{PYTHONPATH}" ) - if(DEFINED DEFAULT_ENCLAVE_TYPE) set_property( TEST ${TEST_NAME} @@ -239,7 +240,6 @@ function(add_perf_test) PROPERTY ENVIRONMENT "DEFAULT_ENCLAVE_TYPE=${DEFAULT_ENCLAVE_TYPE}" ) endif() - if(DEFINED DEFAULT_ENCLAVE_PLATFORM) set_property( TEST ${TEST_NAME} @@ -248,7 +248,6 @@ function(add_perf_test) "DEFAULT_ENCLAVE_PLATFORM=${DEFAULT_ENCLAVE_PLATFORM}" ) endif() - set_property( TEST ${TEST_NAME} APPEND From 3ec320e982d403dd72bc78b2f2fe9bb608f3f876 Mon Sep 17 00:00:00 2001 From: Julien Maffre Date: Thu, 25 May 2023 16:13:01 +0000 Subject: [PATCH 10/17] Better comment --- cmake/open_enclave.cmake | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/cmake/open_enclave.cmake b/cmake/open_enclave.cmake index 1a66bb212793..d624a592ae95 100644 --- a/cmake/open_enclave.cmake +++ b/cmake/open_enclave.cmake @@ -1,8 +1,10 @@ # Copyright (c) Microsoft Corporation. All rights reserved. # Licensed under the Apache 2.0 License. -# We allow for Open Enclave (and Open Enclave HostVerify) to not be installed if -# this specific flag is set. +# We allow for Open Enclave (and Open Enclave HostVerify) to _not_ be installed, +# with some limitations (e.g. virtual/snp builds cannot verify sgx attestation +# reports). This can hopefully be removed by 5.x (see +# https://github.com/microsoft/CCF/issues/5291). option(REQUIRE_OPENENCLAVE "Requires Open Enclave or HostVerify variant" ON) if(REQUIRE_OPENENCLAVE) From 348a826856c4e6aefebb113b11d1d9da94f18ec8 Mon Sep 17 00:00:00 2001 From: Julien Maffre Date: Thu, 25 May 2023 16:38:30 +0000 Subject: [PATCH 11/17] . --- cmake/crypto.cmake | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/cmake/crypto.cmake b/cmake/crypto.cmake index c467c4cab3ec..b3a6409f7fde 100644 --- a/cmake/crypto.cmake +++ b/cmake/crypto.cmake @@ -56,12 +56,10 @@ endif() add_library(ccfcrypto.host STATIC ${CCFCRYPTO_SRC}) add_san(ccfcrypto.host) +target_compile_options(ccfcrypto.host PUBLIC ${COMPILE_LIBCXX}) target_link_options(ccfcrypto.host PUBLIC ${LINK_LIBCXX}) target_link_libraries(ccfcrypto.host PUBLIC qcbor.host) target_link_libraries(ccfcrypto.host PUBLIC t_cose.host) -target_compile_options( - ccfcrypto.host PUBLIC ${COMPILE_LIBCXX} "-Wno-deprecated-declarations" -) target_link_libraries(ccfcrypto.host PUBLIC crypto) target_link_libraries(ccfcrypto.host PUBLIC ssl) set_property(TARGET ccfcrypto.host PROPERTY POSITION_INDEPENDENT_CODE ON) From 8f33320df2503b837772bffa86a05951608437d9 Mon Sep 17 00:00:00 2001 From: Julien Maffre Date: Thu, 25 May 2023 16:38:44 +0000 Subject: [PATCH 12/17] .. --- .daily_canary | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.daily_canary b/.daily_canary index 5abebd0850f5..c139719635e3 100644 --- a/.daily_canary +++ b/.daily_canary @@ -1,4 +1,4 @@ --- ___ ___ - (- -) (o =) | Y & +-- + (- -) (= =) | Y & +-- ( V ) z x z O +---=---' /--x-m- /--n-m---xXx--/--yY-------- From b25b0287780c3e0d8ab371cbbc1232a8cf41c643 Mon Sep 17 00:00:00 2001 From: Julien Maffre Date: Fri, 26 May 2023 09:46:10 +0000 Subject: [PATCH 13/17] Fix build issue --- CMakeLists.txt | 22 +++++++++++++--------- cmake/common.cmake | 2 +- src/apps/js_generic/js_generic.cpp | 4 ++++ src/node/test/history.cpp | 2 ++ 4 files changed, 20 insertions(+), 10 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index a86db2564a7d..00a98cb96cf8 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -447,7 +447,7 @@ if(COMPILE_TARGET STREQUAL "sgx") EXPORT ccf DESTINATION lib ) -elseif(COMPILE_TARGET STREQUAL "snp") +elseif(COMPILE_TARGET STREQUAL "snp" AND REQUIRE_OPENENCLAVE) add_library(js_openenclave.snp STATIC ${CCF_DIR}/src/js/openenclave.cpp) add_san(js_openenclave.snp) target_link_libraries(js_openenclave.snp PUBLIC ccf.snp) @@ -462,7 +462,8 @@ elseif(COMPILE_TARGET STREQUAL "snp") EXPORT ccf DESTINATION lib ) -elseif(COMPILE_TARGET STREQUAL "virtual") + set(JS_OPENENCLAVE_SNP js_openenclave.snp) +elseif(COMPILE_TARGET STREQUAL "virtual" AND REQUIRE_OPENENCLAVE) add_library(js_openenclave.virtual STATIC ${CCF_DIR}/src/js/openenclave.cpp) add_san(js_openenclave.virtual) target_link_libraries(js_openenclave.virtual PUBLIC ccf.virtual) @@ -480,6 +481,7 @@ elseif(COMPILE_TARGET STREQUAL "virtual") EXPORT ccf DESTINATION lib ) + set(JS_OPENENCLAVE_VIRTUAL js_openenclave.virtual) endif() if(COMPILE_TARGET STREQUAL "sgx") @@ -521,11 +523,13 @@ elseif(COMPILE_TARGET STREQUAL "virtual") add_warning_checks(js_generic_base.virtual) target_link_libraries(js_generic_base.virtual PUBLIC ccf.virtual) target_compile_options(js_generic_base.virtual PRIVATE ${COMPILE_LIBCXX}) - target_compile_definitions( - js_openenclave.virtual - PUBLIC INSIDE_ENCLAVE VIRTUAL_ENCLAVE _LIBCPP_HAS_THREAD_API_PTHREAD - PLATFORM_VIRTUAL - ) + if(REQUIRE_OPENENCLAVE) + target_compile_definitions( + js_openenclave.virtual + PUBLIC INSIDE_ENCLAVE VIRTUAL_ENCLAVE _LIBCPP_HAS_THREAD_API_PTHREAD + PLATFORM_VIRTUAL + ) + endif() set_property( TARGET js_generic_base.virtual PROPERTY POSITION_INDEPENDENT_CODE ON ) @@ -540,8 +544,8 @@ add_ccf_app( js_generic SRCS ${CCF_DIR}/src/apps/js_generic/js_generic.cpp LINK_LIBS_ENCLAVE js_generic_base.enclave js_openenclave.enclave - LINK_LIBS_VIRTUAL js_generic_base.virtual js_openenclave.virtual - LINK_LIBS_SNP js_generic_base.snp js_openenclave.snp INSTALL_LIBS ON + LINK_LIBS_VIRTUAL js_generic_base.virtual ${JS_OPENENCLAVE_VIRTUAL} + LINK_LIBS_SNP js_generic_base.snp ${JS_OPENENCLAVE_SNP} INSTALL_LIBS ON ) sign_app_library( js_generic.enclave ${CCF_DIR}/src/apps/js_generic/oe_sign.conf diff --git a/cmake/common.cmake b/cmake/common.cmake index 688630af565c..148c9560fb00 100644 --- a/cmake/common.cmake +++ b/cmake/common.cmake @@ -9,7 +9,7 @@ function(add_unit_test name) ${name} PRIVATE src ${CCFCRYPTO_INC} ${CCF_DIR}/3rdparty/test ) enable_coverage(${name}) - target_link_libraries(${name} PRIVATE ${LINK_LIBCXX} ccfcrypto.host) + target_link_libraries(${name} PRIVATE ${LINK_LIBCXX} ccfcrypto.host -pthread) link_openenclave_host(${name}) add_san(${name}) diff --git a/src/apps/js_generic/js_generic.cpp b/src/apps/js_generic/js_generic.cpp index a00c0b67f367..5657b509b026 100644 --- a/src/apps/js_generic/js_generic.cpp +++ b/src/apps/js_generic/js_generic.cpp @@ -14,7 +14,11 @@ namespace ccfapp std::vector get_js_plugins() { +#ifdef SGX_ATTESTATION_VERIFICATION return {ccf::js::openenclave_plugin}; +#else + return {}; +#endif } } // namespace ccfapp diff --git a/src/node/test/history.cpp b/src/node/test/history.cpp index 117a624592ba..4a8298df8372 100644 --- a/src/node/test/history.cpp +++ b/src/node/test/history.cpp @@ -4,6 +4,8 @@ #include "ccf/app_interface.h" #include "ccf/service/tables/nodes.h" +#include "crypto/certs.h" +#include "ds/x509_time_fmt.h" #include "kv/kv_types.h" #include "kv/store.h" #include "kv/test/null_encryptor.h" From 88fff606bbe3d06c4773483f8bbe4cc213ada5d8 Mon Sep 17 00:00:00 2001 From: Julien Maffre Date: Fri, 26 May 2023 10:04:20 +0000 Subject: [PATCH 14/17] Fix build --- cmake/open_enclave.cmake | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cmake/open_enclave.cmake b/cmake/open_enclave.cmake index d624a592ae95..0970ef68cdb9 100644 --- a/cmake/open_enclave.cmake +++ b/cmake/open_enclave.cmake @@ -51,7 +51,7 @@ endif() function(link_openenclave_host name) if(REQUIRE_OPENENCLAVE) - target_link_libraries(${name} PRIVATE ${OE_HOST_LIBRARY}) + target_link_libraries(${name} PUBLIC ${OE_HOST_LIBRARY}) target_compile_definitions(${name} PUBLIC SGX_ATTESTATION_VERIFICATION) endif() endfunction() From 42ba9e00077732f4a2859421de31bbcdfd003041 Mon Sep 17 00:00:00 2001 From: Julien Maffre Date: Fri, 26 May 2023 16:15:03 +0000 Subject: [PATCH 15/17] Fix SGX build --- src/enclave/verify.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/enclave/verify.h b/src/enclave/verify.h index dc695a1142d7..26137d08a281 100644 --- a/src/enclave/verify.h +++ b/src/enclave/verify.h @@ -14,7 +14,7 @@ namespace ccf { void initialize_verifiers() { -#ifdef SGX_ATTESTATION_VERIFICATION +#if defined(INSIDE_ENCLAVE) || defined(SGX_ATTESTATION_VERIFICATION) auto rc = oe_verifier_initialize(); if (rc != OE_OK) { @@ -26,7 +26,7 @@ namespace ccf void shutdown_verifiers() { -#ifdef SGX_ATTESTATION_VERIFICATION +#if defined(INSIDE_ENCLAVE) || defined(SGX_ATTESTATION_VERIFICATION) oe_verifier_shutdown(); #endif } From 7bfcff0df4186a1cf3f3e9e83a415a2b506ab0d3 Mon Sep 17 00:00:00 2001 From: Julien Maffre Date: Fri, 26 May 2023 16:17:37 +0000 Subject: [PATCH 16/17] fmt --- CMakeLists.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 00a98cb96cf8..8f720ab03bda 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -527,7 +527,7 @@ elseif(COMPILE_TARGET STREQUAL "virtual") target_compile_definitions( js_openenclave.virtual PUBLIC INSIDE_ENCLAVE VIRTUAL_ENCLAVE _LIBCPP_HAS_THREAD_API_PTHREAD - PLATFORM_VIRTUAL + PLATFORM_VIRTUAL ) endif() set_property( From 304bcd6ac41e93c32934023c20890356e36f4893 Mon Sep 17 00:00:00 2001 From: Julien Maffre Date: Tue, 30 May 2023 09:20:32 +0000 Subject: [PATCH 17/17] Fix --- src/apps/js_generic/js_generic.cpp | 2 +- src/node/rpc/jwt_management.h | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/src/apps/js_generic/js_generic.cpp b/src/apps/js_generic/js_generic.cpp index 5657b509b026..e309516d400f 100644 --- a/src/apps/js_generic/js_generic.cpp +++ b/src/apps/js_generic/js_generic.cpp @@ -14,7 +14,7 @@ namespace ccfapp std::vector get_js_plugins() { -#ifdef SGX_ATTESTATION_VERIFICATION +#if defined(INSIDE_ENCLAVE) || defined(SGX_ATTESTATION_VERIFICATION) return {ccf::js::openenclave_plugin}; #else return {}; diff --git a/src/node/rpc/jwt_management.h b/src/node/rpc/jwt_management.h index 32482df7c9bc..d0045b68ae45 100644 --- a/src/node/rpc/jwt_management.h +++ b/src/node/rpc/jwt_management.h @@ -5,7 +5,7 @@ #include "ccf/crypto/verifier.h" #include "ccf/service/tables/jwt.h" -#ifdef SGX_ATTESTATION_VERIFICATION +#if defined(INSIDE_ENCLAVE) || defined(SGX_ATTESTATION_VERIFICATION) # include #endif @@ -36,7 +36,7 @@ namespace ccf }); } -#ifdef SGX_ATTESTATION_VERIFICATION +#if defined(INSIDE_ENCLAVE) || defined(SGX_ATTESTATION_VERIFICATION) static oe_result_t oe_verify_attestation_certificate_with_evidence_cb( oe_claim_t* claims, size_t claims_length, void* arg) { @@ -119,7 +119,7 @@ namespace ccf issuer_metadata.key_filter == JwtIssuerKeyFilter::SGX || has_key_policy_sgx_claims) { -#ifdef SGX_ATTESTATION_VERIFICATION +#if defined(INSIDE_ENCLAVE) || defined(SGX_ATTESTATION_VERIFICATION) oe_verify_attestation_certificate_with_evidence( der.data(), der.size(),