[python] Add automatic check in gramine-manifest

Signed-off-by: Wojtek Porczyk <woju@invisiblethingslab.com>
gramineproject · Apr 23, 2024 · f1258cc · f1258cc
1 parent 2427c73
commit f1258cc
Show file tree

Hide file tree

Showing 6 changed files with 54 additions and 1 deletion.
diff --git a/Documentation/manpages/gramine-manifest-check.rst b/Documentation/manpages/gramine-manifest-check.rst
@@ -26,3 +26,7 @@ Note that options that are allowed and/or mandatory for default LibOS
 implementation (``libsysdb.so``) are considered allowed/mandatory in schema.
 Therefore, if you have another LibOS implementation (like it happens in PAL
 test suite), the check may be wrong.
+
+By default the check is already performed in :program:`gramine-manifest` (see
+:option:`gramine-manifest --check`). This standalone tool may be useful for
+example to validate existing manifests when updating Gramine version.
diff --git a/Documentation/manpages/gramine-manifest.rst b/Documentation/manpages/gramine-manifest.rst
@@ -23,6 +23,23 @@ Command line arguments
 
    Have a |~| variable available in the template.
 
+.. option:: --check
+
+   After rendering manifest from template, perform validation against manifest
+   schema to check for unknown manifest entries and/or missing mandatory
+   options. See :doc:`gramine-manifest-check` for more details.
+
+   The check is enabled by default. This option serves to re-enable the check
+   after :option:`--no-check`.
+
+   For the 1.7 release, only a |~| warning is issued and
+   :program:`gramine-manifest` proceeds to write the faulty manifest. In version
+   1.8 this will be a |~| hard error.
+
+.. option:: --no-check
+
+   Disable schema validation, as described above in :option:`--check`.
+
 Functions and constants available in templates
 ==============================================
 

diff --git a/pal/regression/tests.toml b/pal/regression/tests.toml
@@ -1,5 +1,11 @@
 binary_dir = "@GRAMINE_PKGLIBDIR@/tests/pal"
 
+# Disable checking manifest for conformance with official schema (`gramine-manifest --no-check`).
+# Official schema includes mandatory manifest entries for official libos (libsysdb.so), but what we
+# do here is, we run libos replacements and manifests for those don't include entries that are
+# normally required by libsysdb. Therefore we need to disable schema checking.
+gramine-manifest-no-check = true
+
 manifests = [
   "..Bootstrap",
   "avl_tree_test",

diff --git a/python/gramine-manifest b/python/gramine-manifest
@@ -4,6 +4,7 @@
 #                    Borys Popławski <borysp@invisiblethingslab.com>
 
 import click
+import voluptuous
 
 from graminelibos import Manifest
 
@@ -20,13 +21,25 @@ def validate_define(_ctx, _param, values):
 @click.command()
 @click.option('--string', '-c')
 @click.option('--define', '-D', multiple=True, callback=validate_define)
+@click.option('--check/--no-check', default=True,
+    help='check the manifest for correctness against builtin schema')
 @click.argument('infile', type=click.File('r'), required=False)
 @click.argument('outfile', type=click.File('wb'), default='-')
-def main(string, define, infile, outfile):
+@click.pass_context
+def main(ctx, string, define, infile, outfile, check):
     if not bool(string) ^ bool(infile):
         click.get_current_context().fail('specify exactly one of (infile, -c)')
     template = infile.read() if infile else string
     manifest = Manifest.from_template(template, define)
+
+    if check:
+        try:
+            manifest.check()
+        except voluptuous.MultipleInvalid as err:
+            click.echo(f'WARNING: error in manifest (after rendering): {err!s}', err=True)
+            # TODO after 1.7: make this a hard error
+            #ctx.exit(1)
+
     manifest.dump(outfile)
 
 if __name__ == '__main__':

diff --git a/python/graminelibos/manifest.py b/python/graminelibos/manifest.py
@@ -20,6 +20,7 @@
 import tomli_w
 
 from . import _env
+from .manifest_check import GramineManifestSchema
 
 DEFAULT_ENCLAVE_SIZE_NO_EDMM = '256M'
 DEFAULT_ENCLAVE_SIZE_WITH_EDMM = '1024G'  # 1TB; note that DebugInfo is at 1TB and ASan at 1.5TB
@@ -383,6 +384,15 @@ def dumps(self):
     def dump(self, f):
         tomli_w.dump(self._manifest, f)
 
+    def check(self):
+        """Check the manifest against builtin schema
+
+        Raises:
+            voluptuous.error.MultipleInvalid: when check fails
+        """
+
+        return GramineManifestSchema(self._manifest)
+
     def expand_all_trusted_files(self, chroot=None):
         """Expand all trusted files entries.
 

diff --git a/python/graminelibos/util_tests.py b/python/graminelibos/util_tests.py
@@ -67,6 +67,8 @@ def __init__(self, path):
 
         self.libc = data.get('libc', 'glibc')
 
+        self.no_check = data.get('gramine-manifest-no-check', False)
+
         self.arch_libdir = _CONFIG_SYSLIBDIR
 
         # Used by LTP, for `libstdbuf.so`
@@ -126,6 +128,7 @@ def _gen_rules(self, ninja):
                      '-Dentrypoint=$ENTRYPOINT '
                      '-Dbinary_dir=$BINARY_DIR '
                      '-Dlibc=$GRAMINE_LIBC '
+                    f'{"--no-check " if self.no_check else ""}'
                      '$in $out'),
             description='manifest: $out'
         )