diff --git a/Makefile b/Makefile index 648280c0b..a2de99b1b 100644 --- a/Makefile +++ b/Makefile @@ -23,6 +23,7 @@ SIMPLE_DB := $(DB_FIXTURES_DIR)/simple CONTRACTS_CRATE := crates/contracts CONTRACTS_DIR := $(CONTRACTS_CRATE)/contracts CONTRACTS_BUILD_DIR := $(CONTRACTS_CRATE)/build +AMDSEV_DIR := misc/AMDSEV VRF_DIR := $(CONTRACTS_DIR)/vrf AVNU_DIR := $(CONTRACTS_DIR)/avnu/contracts @@ -41,7 +42,7 @@ SCARB_REQUIRED_VERSIONS := $(sort $(SCARB_VERSION) $(AVNU_SCARB_VERSION) $(VRF_S .DEFAULT_GOAL := usage .SILENT: clean -.PHONY: usage help check-llvm native-deps native-deps-macos native-deps-linux native-deps-windows build-explorer contracts clean deps install-scarb fixtures snos-artifacts db-compat-artifacts generate-db-fixtures install-pyenv +.PHONY: usage help check-llvm native-deps native-deps-macos native-deps-linux native-deps-windows build-explorer contracts tee-sev-snp clean deps install-scarb fixtures snos-artifacts db-compat-artifacts generate-db-fixtures install-pyenv usage help: @echo "Usage:" @@ -49,6 +50,7 @@ usage help: @echo " snos-deps: Install SNOS test dependencies (pyenv, Python 3.9.15)." @echo " build-explorer: Build the explorer." @echo " contracts: Build the contracts." + @echo " tee-sev-snp: Build AMD SEV-SNP TEE VM components (prompts y/N to build katana unless KATANA_BINARY is set)." @echo " fixtures: Prepare tests artifacts (including test database)." @echo " snos-artifacts: Prepare SNOS tests artifacts." @echo " db-compat-artifacts: Prepare database compatibility test artifacts." @@ -94,6 +96,19 @@ build-explorer: contracts: install-scarb $(CONTRACTS_BUILD_DIR) +tee-sev-snp: + @echo "Building AMD SEV-SNP TEE VM components..." + @if [ -n "$(KATANA_BINARY)" ]; then \ + echo "Using katana binary: $(KATANA_BINARY)"; \ + $(AMDSEV_DIR)/build.sh --katana "$(KATANA_BINARY)"; \ + elif [ ! -t 0 ]; then \ + echo "Error: non-interactive run requires KATANA_BINARY."; \ + echo "Example: make tee-sev-snp KATANA_BINARY=/path/to/katana"; \ + exit 1; \ + else \ + $(AMDSEV_DIR)/build.sh; \ + fi + # Generate the list of sources dynamically to make sure Make can track all files in all nested subdirs $(CONTRACTS_BUILD_DIR): $(shell find $(CONTRACTS_DIR) -type f) @mkdir -p $@ diff --git a/misc/AMDSEV/README.md b/misc/AMDSEV/README.md index c62e46122..ce693ca3e 100644 --- a/misc/AMDSEV/README.md +++ b/misc/AMDSEV/README.md @@ -26,7 +26,7 @@ Output is written to `misc/AMDSEV/output/qemu/`. ### Katana Binary -If `--katana` is not provided, `build.sh` automatically builds a statically linked katana binary using musl libc via `scripts/build-musl.sh`. +If `--katana` is not provided, `build.sh` prompts for confirmation (`y/N`) before building a statically linked katana binary using musl libc via `scripts/build-musl.sh`. **Important:** The initrd is minimal and contains no libc or shared libraries. Only statically linked binaries will work. If providing a custom binary with `--katana`, ensure it is statically linked (e.g., built with musl). diff --git a/misc/AMDSEV/build.sh b/misc/AMDSEV/build.sh index a1c5632b6..7f218f00b 100755 --- a/misc/AMDSEV/build.sh +++ b/misc/AMDSEV/build.sh @@ -101,7 +101,24 @@ fi # Build katana if needed for initrd and not provided if [ $BUILD_INITRD -eq 1 ] && [ -z "$KATANA_BINARY" ]; then - echo "No --katana provided, building katana with musl..." + echo "No --katana provided." + if [ ! -t 0 ]; then + echo "ERROR: Cannot prompt without an interactive terminal." + echo "Pass --katana /path/to/katana to use a pre-built binary." + exit 1 + fi + + read -r -p "Build katana from source with musl now? [y/N] " CONFIRM_BUILD_KATANA + case "$CONFIRM_BUILD_KATANA" in + [yY]|[yY][eE][sS]) + echo "Building katana with musl..." + ;; + *) + echo "Aborting. Provide --katana /path/to/katana to use a pre-built binary." + exit 1 + ;; + esac + PROJECT_ROOT="$(cd "${SCRIPT_DIR}/../.." && pwd)" "${PROJECT_ROOT}/scripts/build-musl.sh" if [ $? -ne 0 ]; then