Switch to local model management mode

It adds a dedicated port to manage the models (upload/delete).
Before this could be achieved via the compilation flag DISALLOW_UPLOAD_REMOTELY. This is now the only mode.

.github/workflows/main.yaml

@@ -67,21 +67,17 @@ jobs:
 
         ./earthly --artifact +build-release-enclave/* outdir/
         ./earthly --artifact +build-release-runner/runner outdir/
-        ./earthly --artifact +build-release-enclave-local-management/* outdir-local/
         pushd outdir
         tar czf blindai_server-$VERSION_TAG.tgz blindai_server.sgxs blindai_server.sig runner
-        tar czf blindai_server-local-management-$VERSION_TAG.tgz ../outdir-local/blindai_server.sgxs ../outdir-local/blindai_server.sig runner
         popd
 
         ./earthly --artifact +build-mock-server/* outdir/
         pushd outdir
         mv blindai_mock_server-x86_64-unknown-linux-gnu.tgz "blindai_mock_server-$VERSION_TAG-x86_64-unknown-linux-gnu.tgz"
         popd
-        mv outdir-local/manifest.toml outdir-local/manifest_cloud.toml
 
         GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }} gh release create --verify-tag v$VERSION_TAG \
           outdir/manifest.toml \
-          outdir-local/manifest_cloud.toml \
           "outdir/blindai_server-$VERSION_TAG.tgz" \
           "outdir/blindai_mock_server-$VERSION_TAG-x86_64-unknown-linux-gnu.tgz"
 

Earthfile

@@ -10,15 +10,13 @@ prerelease:
     BUILD +ci
 
     BUILD +build-release-enclave
-    BUILD +build-release-enclave-local-management
     BUILD +build-release-runner
     BUILD +build-release-client
     BUILD +test-release
     BUILD +build-mock-server
 
     BUILD +check-reproducibility
     BUILD +build-docker-image
-    BUILD +build-docker-image-local-management
     BUILD +test-docker-image
 
 publish:
@@ -28,7 +26,6 @@ publish:
     END
     BUILD +publish-client-release
     BUILD +publish-docker-image
-    BUILD +publish-docker-image-local-management
 
 dev-image:
     FROM DOCKERFILE -f .devcontainer/Dockerfile .
@@ -220,7 +217,7 @@ build-release-enclave:
         && apt-get install --no-install-recommends -y \
             protobuf-compiler=3.12.4-1 \
             pkg-config=0.29.2-1 \
-            libssl-dev=1.1.1n-0+deb11u3 \
+            libssl-dev \
             gettext-base \
             git \
         && rm -rf /var/lib/apt/lists/* \
@@ -269,7 +266,7 @@ build-release-enclave2:
         && apt-get install --no-install-recommends -y \
             protobuf-compiler=3.12.4-1 \
             pkg-config=0.29.2-1 \
-            libssl-dev=1.1.1n-0+deb11u3 \
+            libssl-dev \
             gettext-base \
             git \
         && rm -rf /var/lib/apt/lists/* \
@@ -302,102 +299,6 @@ build-release-enclave2:
     SAVE ARTIFACT manifest.toml
 
 
-build-release-enclave-local-management:
-    # Minimal image to build the release version of the sgx enclave
-    FROM rust:1.66.1-slim-bullseye
-    WORKDIR blindai
-
-    # Install dependencies and pre-install the rust toolchain declared via rust-toolchain.toml 
-    # for better caching
-    RUN --mount=type=cache,target=/var/cache/apt,id=apt-cache-build-release-enclave-local-management \ 
-        apt-get update \
-        && apt-get install --no-install-recommends -y \
-            protobuf-compiler=3.12.4-1 \
-            pkg-config=0.29.2-1 \
-            libssl-dev=1.1.1n-0+deb11u3 \
-            gettext-base \
-            git \
-        && rm -rf /var/lib/apt/lists/* \
-        && rustup set profile minimal \
-        && rustup default nightly-2023-05-09 \
-        && rustup target add x86_64-fortanix-unknown-sgx
-
-    CACHE /usr/local/cargo/git
-    CACHE /usr/local/cargo/registry
-
-    RUN cargo install --locked --git https://github.com/mithril-security/rust-sgx.git --tag fortanix-sgx-tools_v0.5.1-mithril fortanix-sgx-tools sgxs-tools
-
-    COPY rust-toolchain.toml Cargo.toml Cargo.lock manifest.prod.template.toml ./
-    COPY .cargo .cargo
-    COPY src src
-    COPY build.rs build.rs
-    COPY tar-rs-sgx tar-rs-sgx
-    COPY tract tract
-    COPY ring-fortanix ring-fortanix
-    COPY tiny-http tiny-http
-    COPY rouille rouille
-
-    RUN DISALLOW_REMOTE_UPLOAD=1 cargo build --locked --release --target "x86_64-fortanix-unknown-sgx"
-
-    ENV BIN_PATH=target/x86_64-fortanix-unknown-sgx/release/blindai_server
-
-    RUN ftxsgx-elf2sgxs "$BIN_PATH" --heap-size 0x4FBA00000 --stack-size 0x400000 --threads 32 \
-        && mr_enclave=`sgxs-hash "$BIN_PATH.sgxs"` envsubst < manifest.prod.template.toml > manifest.toml
-
-    RUN openssl genrsa -3 3072 > throw_away.pem \
-        && sgxs-sign --key throw_away.pem "$BIN_PATH.sgxs" "$BIN_PATH.sig" --xfrm 7/0 --isvprodid 0 --isvsvn 0 \
-        && rm throw_away.pem
-
-    SAVE ARTIFACT $BIN_PATH.sgxs
-    SAVE ARTIFACT $BIN_PATH.sig
-    SAVE ARTIFACT manifest.toml
-
-
-build-release-enclave-local-management2:
-    # Minimal image to build the release version of the sgx enclave
-    FROM rust:1.66.1-slim-bullseye
-    WORKDIR blindai
-
-    # Install dependencies and pre-install the rust toolchain declared via rust-toolchain.toml 
-    # for better caching
-    RUN --mount=type=cache,target=/var/cache/apt,id=apt-cache-build-release-enclave-local-management2 \ 
-        apt-get update \
-        && apt-get install --no-install-recommends -y \
-            protobuf-compiler=3.12.4-1 \
-            pkg-config=0.29.2-1 \
-            libssl-dev=1.1.1n-0+deb11u3 \
-            gettext-base \
-            git \
-        && rm -rf /var/lib/apt/lists/* \
-        && rustup set profile minimal \
-        && rustup default nightly-2023-05-09 \
-        && rustup target add x86_64-fortanix-unknown-sgx
-
-    CACHE /usr/local/cargo/git
-    CACHE /usr/local/cargo/registry
-
-    RUN cargo install --locked --git https://github.com/mithril-security/rust-sgx.git --tag fortanix-sgx-tools_v0.5.1-mithril fortanix-sgx-tools sgxs-tools
-
-    COPY rust-toolchain.toml Cargo.toml Cargo.lock manifest.prod.template.toml ./
-    COPY .cargo .cargo
-    COPY src src
-    COPY build.rs build.rs
-    COPY tar-rs-sgx tar-rs-sgx
-    COPY tract tract
-    COPY ring-fortanix ring-fortanix
-    COPY tiny-http tiny-http
-    COPY rouille rouille
-
-    RUN DISALLOW_REMOTE_UPLOAD=1 cargo build --locked --release --target "x86_64-fortanix-unknown-sgx"
-
-    ENV BIN_PATH=target/x86_64-fortanix-unknown-sgx/release/blindai_server
-
-    RUN ftxsgx-elf2sgxs "$BIN_PATH" --heap-size 0x4FBA00000 --stack-size 0x400000 --threads 32 \
-        && mr_enclave=`sgxs-hash "$BIN_PATH.sgxs"` envsubst < manifest.prod.template.toml > manifest.toml
-
-    SAVE ARTIFACT $BIN_PATH.sgxs
-    SAVE ARTIFACT manifest.toml
-
 check-reproducibility:
     # We build the enclave twice and check that we get the same result
     FROM alpine:latest
@@ -406,11 +307,6 @@ check-reproducibility:
     COPY +build-release-enclave2/manifest.toml manifest2.toml
     COPY +build-release-enclave2/blindai_server.sgxs blindai_server2.sgxs
 
-    COPY +build-release-enclave-local-management/manifest.toml manifest_c1.toml
-    COPY +build-release-enclave-local-management/blindai_server.sgxs blindai_server_c1.sgxs
-    COPY +build-release-enclave-local-management2/manifest.toml manifest_c2.toml
-    COPY +build-release-enclave-local-management2/blindai_server.sgxs blindai_server_c2.sgxs
-
     RUN diff manifest1.toml manifest2.toml
     RUN diff blindai_server1.sgxs blindai_server2.sgxs
 
@@ -490,7 +386,7 @@ build-release-client:
 
     COPY client client
     COPY +build-release-enclave/manifest.toml client/blindai
-    COPY +build-release-enclave-local-management/manifest.toml client/blindai/manifest_cloud.toml
+
     RUN cd client \
         && poetry build
     SAVE ARTIFACT client/dist
@@ -580,66 +476,8 @@ build-docker-image:
 
     EXPOSE 9923
     EXPOSE 9924
+    EXPOSE 9925
 
-    CMD ./start.sh
-
-build-docker-image-local-management:
-    # A docker image to run the blindai server (local model management mode)
-    FROM ubuntu:20.04
-
-    WORKDIR /root
-
-    COPY .devcontainer/setup-pccs.sh /root/
-
-    RUN \
-        # Install temp dependencies
-        TEMP_DEPENDENCIES="curl lsb-release gnupg2" \
-        && apt-get update -y && apt-get install -y $TEMP_DEPENDENCIES \
-
-        # Configure Intel APT repository
-        && echo "deb https://download.01.org/intel-sgx/sgx_repo/ubuntu $(lsb_release -cs) main" | tee -a /etc/apt/sources.list.d/intel-sgx.list >/dev/null \
-        && curl -sSL "https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key" | apt-key add - \
-        && apt-get update -y \
-
-        # Install nodejs and cracklib-runtime (dependencies of sgx-dcap-pccs)
-        && curl -sL https://deb.nodesource.com/setup_14.x | bash - \
-        && apt-get install --no-install-recommends -y nodejs cracklib-runtime \
-
-        # A regular install with `apt-get install -y sgx-dcap-pccs` would fail with :
-        # ```
-        # Installing PCCS service ... failed.
-        # Unsupported platform - neither systemctl nor initctl was found.
-        # ```
-        # We get around this by downloading the deb package and removing the post installation script
-        # and we then do the configuration ourselves with the "setup-pccs.sh" script.
-        # It's a bit hacky but it works.
-        && apt-get download -y sgx-dcap-pccs \
-        && dpkg --unpack sgx-dcap-pccs_*.deb \
-        && rm sgx-dcap-pccs_*.deb \
-        && rm -f /var/lib/dpkg/info/sgx-dcap-pccs.postinst \
-        && dpkg --configure sgx-dcap-pccs || true \
-        && apt-get install --no-install-recommends -yf \
-        && ./setup-pccs.sh \
-
-        # Install and configure DCAP Quote Provider Library (QPL)
-        && apt-get install --no-install-recommends -y libsgx-dcap-default-qpl \
-        # Update sgx_default_qcnl.conf to reflect the fact that 
-        # we configured the PCCS to use self-signed certificates.
-        && sed -i 's/"use_secure_cert": true/"use_secure_cert": false/g' /etc/sgx_default_qcnl.conf \
-
-        # Remove temp dependencies
-        && apt-get remove -y $TEMP_DEPENDENCIES && apt-get autoremove -y \
-        && rm -rf /var/lib/apt/lists/* && rm -rf /var/cache/apt/archives/*
-
-    COPY .devcontainer/hw-start.sh /root/start.sh
-
-    COPY +build-release-enclave-local-management/blindai_server.sgxs \
-         +build-release-enclave-local-management/blindai_server.sig \
-         +build-release-runner/runner \
-         ./
-
-    EXPOSE 9923
-    EXPOSE 9924
 
     CMD ./start.sh
 
@@ -648,11 +486,6 @@ publish-docker-image:
     ARG --required TAG
     SAVE IMAGE --push mithrilsecuritysas/blindai-server:$TAG
 
-publish-docker-image-local-management:
-    FROM +build-docker-image-local-management
-    ARG --required TAG
-    SAVE IMAGE --push mithrilsecuritysas/blindai-server-local-model-management:$TAG
-
 test-docker-image:
     FROM +prepare-test
 
@@ -670,6 +503,7 @@ test-docker-image:
             --privileged \
             -p 127.0.0.1:9923:9923 \
             -p 127.0.0.1:9924:9924 \
+            -p 127.0.0.1:9925:9925 \
             --mount type=bind,source=/dev/sgx,target=/dev/sgx \
             -v /var/run/aesmd/aesm.socket:/var/run/aesmd/aesm.socket \
             blindai-docker:latest /root/start.sh $PCCS_KEY & \

client/blindai/client.py

@@ -797,7 +797,7 @@ def connect(
     addr: str,
     unattested_server_port: int = 9923,
     attested_server_port: int = 9924,
-    model_management_port: int = 9924,
+    model_management_port: int = 9925,
     hazmat_manifest_path: Optional[pathlib.Path] = None,
     hazmat_http_on_unattested_port=False,
     simulation_mode: bool = False,