def __init__(self, config): try: (self.kv_helper, _) = connector.open(config) except Exception as err: logger.error(f"failed to open db: {err}") sys.exit(-1) # Worker registry handler needs to be instantiated before Work order handler. Otherwise, LMDB operations don't operate on updated values. # TODO: Needs further investigation on what is causing the above behavior. self.worker_registry_handler = TCSWorkerRegistryHandler(self.kv_helper) self.workorder_handler = TCSWorkOrderHandler( self.kv_helper, config["Listener"]["max_work_order_count"]) self.workorder_receipt_handler = TCSWorkOrderReceiptHandler( self.kv_helper) self.worker_encryption_key_handler = WorkerEncryptionKeyHandler( self.kv_helper) self.dispatcher = Dispatcher() rpc_methods = [ self.worker_encryption_key_handler.EncryptionKeyGet, self.worker_encryption_key_handler.EncryptionKeySet, self.worker_registry_handler.WorkerLookUp, self.worker_registry_handler.WorkerLookUpNext, self.worker_registry_handler.WorkerRegister, self.worker_registry_handler.WorkerSetStatus, self.worker_registry_handler.WorkerRetrieve, self.worker_registry_handler.WorkerUpdate, self.workorder_handler.WorkOrderSubmit, self.workorder_handler.WorkOrderGetResult, ] for m in rpc_methods: self.dispatcher.add_method(m)
def __init__(self, config): """ Constructor for WPERequester. Initialize the HTTP jrpc client. Parameters : @param config - dict of config read """ self._uri_client = HttpJrpcClient( config["KMEListener"]["kme_listener_url"]) self._conn_retries = config["KMEListener"]["connection_retry"] worker_id = config.get("WorkerConfig")["worker_id"] # Calculate sha256 of worker id to get 32 bytes. The TC spec proxy # model contracts expect byte32. Then take a hexdigest for hex str. worker_id = hashlib.sha256(worker_id.encode("UTF-8")).hexdigest() if config.get("KvStorage") is None: logger.error("Kv Storage path is missing") sys.exit(-1) try: kv_helper = connector.open(config['KvStorage']['remote_url']) except Exception as err: logger.error("Failed to open KV storage interface; " + "exiting Intel SGX Enclave manager: {}".format(err)) sys.exit(-1) worker_kv_delegate = WorkerKVDelegate(kv_helper) self._worker = worker_kv_delegate.get_worker_by_id(worker_id) jrpc_methods = {} jrpc_methods["kme-uid"] = "GetUniqueVerificationKey" jrpc_methods["kme-reg"] = "RegisterWorkOrderProcessor" jrpc_methods["kme-preprocess"] = "PreProcessWorkOrder" # Map too hold workload-id to JRPC method mapping self._jrpc_methods = jrpc_methods
def start_enclave_manager(config): """ Instantiate KvStorage, Execute boot flow and run time flow """ global enclave_data if config.get("KvStorage") is None: logger.error("Kv Storage path is missing") sys.exit(-1) try: logger.debug("initialize the enclave") # Extended measurements is a list of enclave basename and enclave measurement extended_measurements = enclave_helper.initialize_enclave(config.get("EnclaveModule")) except Exception as e: logger.exception("failed to initialize enclave; %s", str(e)) sys.exit(-1) logger.info("creating a new enclave") enclave_signup_data = create_enclave_signup_data() logger.info("initialize enclave_manager") enclave_manager = EnclaveManager(config, enclave_signup_data, extended_measurements) logger.info("Enclave manager started") try: (kv_helper, _) = connector.open(config) except Exception as err: logger.error(f"Failed to open KV storage interface, Exiting SGX Enclave manager: {err}") sys.exit(-1) try: logger.info("----------------------- Starting Boot time flow -----------------------") enclave_manager.manager_on_boot(kv_helper) logger.info("----------------------- Boot time flow Complete -----------------------") except: logger.error("Failed to execute boot time flow, Exiting SGX Enclave manager...") exit(1) try: sleep_interval = int(config["EnclaveManager"]["sleep_interval"]) except: logger.error("Failed to get sleep interval from config file. setting sleep interval to 10 secs") sleep_interval = 10 try: while True: # Poll KV storage for new work-order requests and process enclave_manager.process_work_orders(kv_helper) logger.info("Enclave manager sleeping for %d secs", sleep_interval) time.sleep(sleep_interval) except Exception as inst: logger.error("Error while processing work-order. Shutting down enclave manager") logger.error("Exception: {} args {} details {}".format(type(inst), inst.args, inst)) exit(1)
def __init__(self, config): try: (self.kv_helper, _) = connector.open(config) except Exception as err: logger.error(f"failed to open db: {err}") sys.exit(-1) # Worker registry handler needs to be instantiated before Work order handler. Otherwise, LMDB operations don't operate on updated values. # TODO: Needs further investigation on what is causing the above behavior. self.worker_registry_handler = TCSWorkerRegistryHandler(self.kv_helper) self.workorder_handler = TCSWorkOrderHandler( self.kv_helper, config["Listener"]["max_work_order_count"]) self.workorder_receipt_handler = TCSWorkOrderReceiptHandler( self.kv_helper) self.worker_encryption_key_handler = WorkerEncryptionKeyHandler( self.kv_helper)
def _connect_to_kv_store(self): """ This function creates a connection to the KVStorage. Returns : kv_helper - An instance of LMDBHelperProxy that helps interact with the database """ if self._config.get("KvStorage") is None: logger.error("Kv Storage path is missing") sys.exit(-1) try: kv_helper = connector.open(self._config['KvStorage']['remote_url']) except Exception as err: logger.error("Failed to open KV storage interface; " + "exiting Intel SGX Enclave manager: {}".format(err)) sys.exit(-1) return kv_helper
def __init__(self, config): try: self.kv_helper = \ connector.open(config['KvStorage']['remote_storage_url']) except Exception as err: logger.error(f"failed to open db: {err}") sys.exit(-1) self.worker_registry_handler = TCSWorkerRegistryHandler(self.kv_helper) if int(config["WorkloadExecution"]["sync_workload_execution"]) == 1: self.workorder_handler = TCSWorkOrderHandlerSync( self.kv_helper, config["Listener"]["max_work_order_count"], config["Listener"]["zmq_url"], config["Listener"]["zmq_port"]) else: self.workorder_handler = TCSWorkOrderHandler( self.kv_helper, config["Listener"]["max_work_order_count"]) self.workorder_receipt_handler = TCSWorkOrderReceiptHandler( self.kv_helper) self.worker_encryption_key_handler = WorkerEncryptionKeyHandler( self.kv_helper) rpc_methods = [ self.worker_encryption_key_handler.EncryptionKeyGet, self.worker_encryption_key_handler.EncryptionKeySet, self.worker_registry_handler.WorkerLookUp, self.worker_registry_handler.WorkerLookUpNext, self.worker_registry_handler.WorkerRegister, self.worker_registry_handler.WorkerSetStatus, self.worker_registry_handler.WorkerRetrieve, self.worker_registry_handler.WorkerUpdate, self.workorder_handler.WorkOrderSubmit, self.workorder_handler.WorkOrderGetResult, self.workorder_receipt_handler.WorkOrderReceiptCreate, self.workorder_receipt_handler.WorkOrderReceiptUpdate, self.workorder_receipt_handler.WorkOrderReceiptRetrieve, self.workorder_receipt_handler.WorkOrderReceiptUpdateRetrieve, self.workorder_receipt_handler.WorkOrderReceiptLookUp, self.workorder_receipt_handler.WorkOrderReceiptLookUpNext ] super().__init__(rpc_methods)
def __init__(self, config): try: self.kv_helper = \ connector.open(config['KvStorage']['remote_storage_url']) except Exception as err: logger.error(f"failed to open db: {err}") sys.exit(-1) self.worker_registry_handler = TCSWorkerRegistryHandler(self.kv_helper) self.workorder_handler = TCSWorkOrderHandler( self.kv_helper, config["Listener"]["max_work_order_count"]) self.workorder_receipt_handler = TCSWorkOrderReceiptHandler( self.kv_helper) self.worker_encryption_key_handler = WorkerEncryptionKeyHandler( self.kv_helper) self.dispatcher = Dispatcher() rpc_methods = [ self.worker_encryption_key_handler.EncryptionKeyGet, self.worker_encryption_key_handler.EncryptionKeySet, self.worker_registry_handler.WorkerLookUp, self.worker_registry_handler.WorkerLookUpNext, self.worker_registry_handler.WorkerRegister, self.worker_registry_handler.WorkerSetStatus, self.worker_registry_handler.WorkerRetrieve, self.worker_registry_handler.WorkerUpdate, self.workorder_handler.WorkOrderSubmit, self.workorder_handler.WorkOrderGetResult, self.workorder_receipt_handler.WorkOrderReceiptCreate, self.workorder_receipt_handler.WorkOrderReceiptUpdate, self.workorder_receipt_handler.WorkOrderReceiptRetrieve, self.workorder_receipt_handler.WorkOrderReceiptUpdateRetrieve, self.workorder_receipt_handler.WorkOrderReceiptLookUp, self.workorder_receipt_handler.WorkOrderReceiptLookUpNext ] for m in rpc_methods: self.dispatcher.add_method(m)
def start_enclave_manager(config): """ Instantiate KvStorage, Execute boot flow and run time flow """ global enclave_data if config.get("KvStorage") is None: logger.error("Kv Storage path is missing") sys.exit(-1) try: logger.debug("initialize the enclave") # Extended measurements is a list of enclave basename and # enclave measurement extended_measurements = \ enclave_helper.initialize_enclave(config.get("EnclaveModule")) except Exception as e: logger.exception("failed to initialize enclave; %s", str(e)) sys.exit(-1) logger.info("creating a new enclave") enclave_signup_data = create_enclave_signup_data() logger.info("initialize enclave_manager") enclave_manager = EnclaveManager(config, enclave_signup_data, extended_measurements) logger.info("Enclave manager started") try: kv_helper = connector.open(config['KvStorage']['remote_url']) except Exception as err: logger.error("Failed to open KV storage interface; " + "exiting SGX Enclave manager: {err}") sys.exit(-1) try: logger.info("--------------- Starting Boot time flow ----------------") enclave_manager.manager_on_boot(kv_helper) logger.info("--------------- Boot time flow Complete ----------------") except Exception as err: logger.error("Failed to execute boot time flow; " + "exiting SGX Enclave manager: {err}") exit(1) # Binding with ZMQ Port try: context = zmq.Context() socket = context.socket(zmq.REP) ZMQ_PORT = config.get("Listener")["zmq_port"] logger.info("This is the ZMQ_PORT") logger.info(ZMQ_PORT) socket.bind("tcp://*:" + ZMQ_PORT) except Exception: logger.exception("Failed to bind socket") try: while True: # Wait for the next request message = socket.recv() logger.info("Received request at enclave manager: %s" % message) response = enclave_manager.process_work_orders(kv_helper, message) logger.info("enclave completed processing.sending back response") socket.send_string(response) except Exception as inst: logger.error("Error while processing work-order; " + "shutting down enclave manager") logger.error("Exception: {} args {} details {}".format( type(inst), inst.args, inst)) exit(1)
def start_enclave_manager(config): """ Instantiate KvStorage, Execute boot flow and run time flow """ global enclave_data if config.get("KvStorage") is None: logger.error("Kv Storage path is missing") sys.exit(-1) try: logger.info("Initialize enclave and create signup data") enclave_signup_data = enclave_info.\ EnclaveInfo(config.get("EnclaveModule")) # Extended measurements is a list of enclave basename and # enclave measurement extended_measurements = enclave_signup_data.get_extended_measurements() except Exception as e: logger.exception("failed to initialize/signup enclave; %s", str(e)) sys.exit(-1) logger.info("initialize enclave_manager") enclave_manager = EnclaveManager(config, enclave_signup_data, extended_measurements) logger.info("Enclave manager started") try: kv_helper = connector.open(config['KvStorage']['remote_url']) except Exception as err: logger.error("Failed to open KV storage interface; " + "exiting Intel SGX Enclave manager: {}".format(err)) sys.exit(-1) try: logger.info("--------------- Starting Boot time flow ----------------") enclave_manager.manager_on_boot(kv_helper) logger.info("--------------- Boot time flow Complete ----------------") except Exception as err: logger.error("Failed to execute boot time flow; " + "exiting Intel SGX Enclave manager: {}".format(err)) exit(1) if int(config["WorkloadExecution"]["sync_workload_execution"]) == 1: # Binding with ZMQ Port try: socket = bind_zmq_socket(config.get("EnclaveManager")["zmq_port"]) logger.info("ZMQ Port hosted by Enclave") except Exception as ex: logger.exception("Failed to bind socket" + "shutting down enclave manager") logger.error("Exception: {} args{} details{}".format( type(ex), ex.args, ex)) exit(1) try: while True: # Wait for the next request logger.info("Enclave Manager waiting for next request") wo_id = socket.recv() wo_id = wo_id.decode() logger.info("Received request at enclave manager: %s" % wo_id) result = enclave_manager.process_work_order_sync( kv_helper, wo_id) if result is None: socket.send_string("Error while processing work order: " + str(wo_id)) else: socket.send_string("Work order processed: " + str(wo_id)) except Exception as inst: logger.error("Error while processing work-order; " + "shutting down enclave manager") logger.error("Exception: {} args {} details {}".format( type(inst), inst.args, inst)) exit(1) else: try: sleep_interval = int(config["EnclaveManager"]["sleep_interval"]) except Exception as err: logger.error( "Failed to get sleep interval from config file. " + "Setting sleep interval to 10 seconds: %s", str(err)) sleep_interval = 10 try: while True: # Poll KV storage for new work-order requests and process enclave_manager.process_work_orders(kv_helper) logger.info("Enclave manager sleeping for %d secs", sleep_interval) time.sleep(sleep_interval) except Exception as inst: logger.error("Error while processing work-order; " + "shutting down enclave manager") logger.error("Exception: {} args {} details {}".format( type(inst), inst.args, inst)) exit(1)