runtime-sdk/modules/rofl: Run post-registration script

oasisprotocol · Nov 20, 2024 · 898eff7 · 898eff7
1 parent cd6b212
commit 898eff7
Show file tree

Hide file tree

Showing 4 changed files with 45 additions and 5 deletions.
diff --git a/runtime-sdk/src/modules/rofl/app/init/mod.rs b/runtime-sdk/src/modules/rofl/app/init/mod.rs
@@ -0,0 +1,12 @@
+//! Additional init functionalities performed by ROFL apps when running in a virtual machine
+//! environment (e.g. Intel TDX).
+
+#[cfg(feature = "tdx")]
+mod tdx;
+
+/// Perform post-registration initialization. This will set up things like external networking
+/// support inside the virtual machine.
+pub(crate) fn post_registration_init() {
+    #[cfg(feature = "tdx")]
+    tdx::post_registration_init();
+}
diff --git a/runtime-sdk/src/modules/rofl/app/init/tdx.rs b/runtime-sdk/src/modules/rofl/app/init/tdx.rs
@@ -0,0 +1,26 @@
+//! Initialization specifix to Intel TDX.
+use std::{os::unix::fs::PermissionsExt, path::Path, process::Command};
+
+use anyhow::Result;
+
+/// Path to the post-registration init script.
+const POST_REGISTRATION_INIT_SCRIPT: &str = "/etc/oasis/init.post-registration";
+
+/// Perform post-registration initialization. This will set up things like external networking
+/// support inside the virtual machine.
+pub(crate) fn post_registration_init() {
+    let _ = run_post_registration_init_script(); // Ignore errors.
+}
+
+fn run_post_registration_init_script() -> Result<()> {
+    let meta = Path::new(POST_REGISTRATION_INIT_SCRIPT).metadata()?;
+
+    // Only execute when it is an executable file.
+    if !meta.is_file() || meta.permissions().mode() & 0o111 == 0 {
+        return Ok(());
+    }
+
+    let mut cmd = Command::new(POST_REGISTRATION_INIT_SCRIPT).spawn()?;
+    cmd.wait()?;
+    Ok(())
+}
diff --git a/runtime-sdk/src/modules/rofl/app/mod.rs b/runtime-sdk/src/modules/rofl/app/mod.rs
@@ -20,6 +20,7 @@ use crate::{
 
 mod client;
 mod env;
+mod init;
 mod notifier;
 pub mod prelude;
 mod processor;

diff --git a/runtime-sdk/src/modules/rofl/app/processor.rs b/runtime-sdk/src/modules/rofl/app/processor.rs
@@ -16,7 +16,7 @@ use crate::{
 };
 use rand::rngs::OsRng;
 
-use super::{notifier, registration, App, Environment};
+use super::{init, notifier, registration, App, Environment};
 
 /// Size of the processor command queue.
 const CMDQ_BACKLOG: usize = 32;
@@ -174,12 +174,13 @@ where
     }
 
     async fn cmd_initial_registration_completed(&self) -> Result<()> {
-        slog::info!(
-            self.logger,
-            "initial registration completed, starting application"
-        );
+        slog::info!(self.logger, "initial registration completed");
+
+        // Perform post-registration initialization.
+        init::post_registration_init();
 
         // Start application after first registration.
+        slog::info!(self.logger, "starting application");
         tokio::spawn(self.state.app.clone().run(self.env.clone()));
 
         // Notify notifier task.