diff --git a/fortanix-vme/fortanix-vme-eif/src/lib.rs b/fortanix-vme/fortanix-vme-eif/src/lib.rs index 2c3f903db..935a57816 100644 --- a/fortanix-vme/fortanix-vme-eif/src/lib.rs +++ b/fortanix-vme/fortanix-vme-eif/src/lib.rs @@ -12,6 +12,9 @@ use tempfile::{self, NamedTempFile}; mod error; mod initramfs; +pub mod eif_types { + pub use aws_nitro_enclaves_image_format::defs::{EifIdentityInfo, EifHeader, EifSectionHeader}; +} pub use aws_nitro_enclaves_image_format::defs::EifSectionType; pub use error::Error; diff --git a/fortanix-vme/fortanix-vme-runner/src/main.rs b/fortanix-vme/fortanix-vme-runner/src/main.rs index 1bfa1ce0b..cb2e47b56 100644 --- a/fortanix-vme/fortanix-vme-runner/src/main.rs +++ b/fortanix-vme/fortanix-vme-runner/src/main.rs @@ -1,11 +1,11 @@ use clap::Parser; -use fortanix_vme_eif::FtxEif; +use fortanix_vme_eif::{eif_types::EifIdentityInfo, FtxEif}; use fortanix_vme_abi::SERVER_PORT; use fortanix_vme_runner::{EnclaveRunner, NitroEnclaves, Platform, Simulator, SimulatorArgs}; use nitro_cli::common::commands_parser::{RunEnclavesArgs as NitroArgs}; use std::convert::TryFrom; use std::fs::File; -use std::io::{BufReader, Error as IoError, ErrorKind as IoErrorKind, Write}; +use std::io::{BufReader, Error as IoError, ErrorKind as IoErrorKind, Read, Seek, Write}; use std::os::unix::fs::OpenOptionsExt; use std::path::PathBuf; @@ -30,6 +30,10 @@ struct Cli { #[arg(short, long)] simulate: bool, + /// `ENCLAVE_FILE` points to an ELF, not an EIF (only available in simulation mode) + #[arg(long, requires("simulate"))] + elf: bool, + #[arg(short, long)] verbose: bool, @@ -111,31 +115,50 @@ fn create_runner() -> EnclaveRunner

{ } fn main() { + struct ReadEifResult { + eif: FtxEif, + metadata: EifIdentityInfo, + } + fn read_eif(enclave_file: &str) -> ReadEifResult { + let f = File::open(enclave_file).expect("Failed to open enclave file"); + let mut eif = FtxEif::new(BufReader::new(f)); + let metadata = eif.metadata().expect("Failed to parse metadata"); + ReadEifResult { eif, metadata } + } + let cli = Cli::parse(); - let eif = File::open(&cli.enclave_file).expect("Failed to open enclave file"); - let mut eif = FtxEif::new(BufReader::new(eif)); - let metadata = eif.metadata() - .expect("Failed to parse metadata"); if cli.simulate { env_logger::init(); - //TODO also extract env/cmd file and make sure the application is executed with this - //context - let elf = eif.application() - .expect("Failed to parse enclave file"); - let elf_path = create_elf(elf) - .expect("Failed to create executable file"); + let elf_path: PathBuf; + let img_name; + + if cli.elf { + elf_path = cli.enclave_file.into(); + img_name = elf_path.file_name().unwrap_or_default().display().to_string(); + } else { + let ReadEifResult { mut eif, metadata } = read_eif(&cli.enclave_file); + //TODO also extract env/cmd file and make sure the application is executed with this + //context + let elf = eif.application() + .expect("Failed to parse enclave file"); + elf_path = create_elf(elf) + .expect("Failed to create executable file"); + + img_name = metadata.img_name; + + log(&cli, &format!("Simulating enclave as {}", elf_path.display())); + } - log(&cli, &format!("Simulating enclave as {}", elf_path.display())); let mut runner: EnclaveRunner = create_runner(); let args = SimulatorArgs::new(elf_path); - runner.run_enclave(args, metadata.img_name, cli.args).expect("Failed to run enclave"); + runner.run_enclave(args, img_name, cli.args).expect("Failed to run enclave"); runner.wait(); } else { let mut runner: EnclaveRunner = create_runner(); let args: NitroArgs = TryFrom::try_from(&cli).expect("Failed to parse arguments"); - runner.run_enclave(args, metadata.img_name, cli.args).expect("Failed to run enclave"); + runner.run_enclave(args, read_eif(&cli.enclave_file).metadata.img_name, cli.args).expect("Failed to run enclave"); runner.wait(); }; }