travis-ci: Setup CI environment for building SGX-Step.

jovanbulck · Oct 9, 2020 · f4eb750 · f4eb750
1 parent 78dd80e
commit f4eb750
Show file tree

Hide file tree

Showing 5 changed files with 55 additions and 40 deletions.
diff --git a/.gitmodules b/.gitmodules
@@ -1,6 +1,6 @@
-[submodule "linux-sgx"]
-	path = sdk/intel-sdk/linux-sgx
-	url = https://github.com/01org/linux-sgx.git
-[submodule "linux-sgx-driver"]
+[submodule "kernel/linux-sgx-driver"]
 	path = kernel/linux-sgx-driver
 	url = https://github.com/01org/linux-sgx-driver.git
+[submodule "sdk/intel-sdk/linux-sgx"]
+	path = sdk/intel-sdk/linux-sgx
+	url = https://github.com/01org/linux-sgx.git
diff --git a/.travis.yml b/.travis.yml
@@ -0,0 +1,33 @@
+os: linux
+language: c
+arch: amd64
+
+notifications:
+  email: false
+
+# 1. Build and load `/dev/sgx-step`
+before_install:
+    - sudo apt-get update
+    - cd $TRAVIS_BUILD_DIR/kernel/
+    - bash -x ./install_SGX_driver.sh
+    - make clean load
+
+# 2. Patch and install SGX SDK
+install:
+    - cd $TRAVIS_BUILD_DIR/sdk/intel-sdk/
+    - bash -x ./install_SGX_SDK.sh
+    - source /opt/intel/sgxsdk/environment
+    - sudo service aesmd status
+    - cd linux-sgx/SampleCode/LocalAttestation
+    - make SGX_MODE=SIM
+    - cd bin
+    - ./app
+
+# 3. Build test applications
+script:
+    - for d in $TRAVIS_BUILD_DIR/app/*/ ; do echo -e "\n**** $d ****\n" ; cd "$d" ; make ; done
+
+jobs:
+    include:
+       - dist: bionic   # 18.04
+       - dist: focal    # 20.04
diff --git a/README.md b/README.md
@@ -1,4 +1,4 @@
-# A Practical Attack Framework for Precise Enclave Execution Control
+# A Practical Attack Framework for Precise Enclave Execution Control [![Build Status](https://travis-ci.org/jovanbulck/sgx-step.svg?branch=master)](https://travis-ci.org/jovanbulck/sgx-step)
 
 <img src="doc/logo.svg" width=160 alt="logo" align="left" />
 
@@ -34,13 +34,6 @@ up-to-date list of known projects using SGX-Step is included at the
 [bottom](#bottom) of this README. A copy of the original paper is available
 [here](https://jovanbulck.github.io/files/systex17-sgxstep.pdf).
 
-This paper presents SGX-Step, an open-source Linux kernel framework that allows
-an untrusted host process to configure APIC timer interrupts and track page
-table entries directly from user space. We contribute and evaluate an improved
-approach to single-step enclaved execution at instruction-level granularity,
-and we show how SGX-Step enables several new or improved attacks. Finally, we
-discuss its implications for the design of effective defense mechanisms.
-
 ```
 @inproceedings{vanbulck2017sgxstep,
     title     = {{SGX-Step}: A Practical Attack Framework for Precise Enclave Execution Control},
@@ -103,7 +96,7 @@ This repository is organized as follows:
 └── sdk        -- Bindings to use SGX-Step with different SGX SDKs and libOSs.
 ```
 
-## Building and running
+## Building and running [![Build Status](https://travis-ci.org/jovanbulck/sgx-step.svg?branch=master)](https://travis-ci.org/jovanbulck/sgx-step)
 
 ### 0. System requirements
 

diff --git a/kernel/install_SGX_driver.sh b/kernel/install_SGX_driver.sh
@@ -7,7 +7,7 @@ git submodule update
 cd linux-sgx-driver
 
 # ----------------------------------------------------------------------
-sudo apt-get install linux-headers-$(uname -r)
+sudo apt-get -yqq install linux-headers-$(uname -r)
 make
 sudo mkdir -p "/lib/modules/"`uname -r`"/kernel/drivers/intel/sgx"    
 sudo cp isgx.ko "/lib/modules/"`uname -r`"/kernel/drivers/intel/sgx"    

diff --git a/sdk/intel-sdk/install_SGX_SDK.sh b/sdk/intel-sdk/install_SGX_SDK.sh
@@ -1,26 +1,14 @@
 #!/bin/bash
 set -e
 
-OS_VERS=$(lsb_release -r 2>/dev/null | awk '{ print $2 }')
-UBUNTU=$(uname -v | grep -c Ubuntu)
-
-echo $OS_VERS
-
-if [ "$UBUNTU" = 1 ]; then
-    if [ "$OS_VERS" = "18.04" ]; then
-        OS_STR="ubuntu18.04"
+## helper function to supress output to fit in Travis-CI max log length
+function travis_silent() {
+    if [ -n "$TRAVIS" ]; then
+        "$@" > /dev/null
     else
-        if [ "$OS_VERS" = "20.04" ]; then
-            OS_STR="ubuntu20.04"
-        else
-            echo "Unsupported OS version"
-            exit 1
-        fi
+        "$@"
     fi
-else
-    echo "Please set your operating system manually"
-    exit 1
-fi
+}
 
 git submodule init
 git submodule update
@@ -33,21 +21,22 @@ then
 fi
 echo "SGX-SDK successfully patched!"
 
-exit
-
 # ----------------------------------------------------------------------
 echo "[ installing prerequisites ]"
-sudo apt-get install build-essential ocaml ocamlbuild automake autoconf libtool wget python libssl-dev
-sudo apt-get install libssl-dev libcurl4-openssl-dev protobuf-compiler libprotobuf-dev debhelper cmake
+sudo apt-get -yqq install build-essential ocaml ocamlbuild automake autoconf libtool wget python libssl-dev git cmake perl
+sudo apt-get -yqq install libssl-dev libcurl4-openssl-dev protobuf-compiler libprotobuf-dev debhelper cmake reprepro unzip lsb-release
+
+OS_ID=$(lsb_release -si | tr '[:upper:]' '[:lower:]')
+OS_REL=$(lsb_release -sr)
+OS_STR=$OS_ID$OS_REL
 
 # ----------------------------------------------------------------------
 echo "[ building SDK ]"
 cd linux-sgx
 make preparation
-pwd
 sudo cp "external/toolset/$OS_STR/"* /usr/local/bin
-make -j`nproc`
-make sdk_install_pkg
+
+travis_silent make -j`nproc` sdk_install_pkg
 
 echo "[ installing SDK system-wide ]"
 cd linux/installer/bin/
@@ -59,7 +48,7 @@ cd ../../../
 
 # ----------------------------------------------------------------------
 echo "[ building PSW ]"
-make psw_install_pkg
+travis_silent make -j`nproc` psw_install_pkg
 
 echo "[ installing PSW/SDK system-wide ]"
 cd linux/installer/bin/