<!-- We're glad to anwser any questions related to Teaclave. To help people quickly understand the issue, please also include some background and context of the question.
We have documented many useful information on the homepage, please check them out first: https://teaclave.apache.org/docs/. --> I found so and bin in **release** dir are huge, can we do something to decrease file size? Optimized size of enclave can be loaded quickly, and smaller memories of enclave space. determine file type, it's **with debug_info, not stripped** ```bash # find . -type f -not -path "./tests/*" -not -path "./examples/*" ! -name "*.pem" ! -name "*.toml" | xargs file ./lib/libteaclave_client_sdk.so: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=cee545842224ac31aff1a48aeb1352e6043780cd, with debug_info, not stripped ./lib/libteaclave_client_sdk.a: current ar archive ./cli/teaclave_cli: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 3.2.0, BuildID[sha1]=de8680e09a2607597ba7494172adb1c6a55fb50f, with debug_info, not stripped ./services/teaclave_frontend_service_enclave.signed.so: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=f246828479bdcedd8d79debdbaf198c1dbd2b9bb, with debug_info, not stripped ./services/teaclave_management_service_enclave.signed.so: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=74fbcf74817a66dce93fec3cd54a6048516cab65, with debug_info, not stripped ./services/teaclave_storage_service: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 3.2.0, BuildID[sha1]=8d85f04a3c859cd172a685aadb5a7d5459424393, with debug_info, not stripped ./services/teaclave_execution_service: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 3.2.0, BuildID[sha1]=be642ed0f0ace497d61cd0323ce2616e1230000e, with debug_info, not stripped ./services/teaclave_scheduler_service_enclave.signed.so: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=559cc35f762112327c367eea96202d7d26349600, with debug_info, not stripped ./services/teaclave_storage_service_enclave.signed.so: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=e5fc4133fb81debadaeb28ec92ec3f05b7aede4b, with debug_info, not stripped ./services/teaclave_authentication_service: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 3.2.0, BuildID[sha1]=d5076b4630858a25f4bd23b976f5fb5249d7015e, with debug_info, not stripped ./services/teaclave_management_service: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 3.2.0, BuildID[sha1]=e028f88b37cc611c9cd6258483289d7b21e470d0, with debug_info, not stripped ./services/teaclave_access_control_service_enclave.signed.so: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=25d0747864983e35abdb604e9b80ccf9ae73f2dc, with debug_info, not stripped ./services/teaclave_scheduler_service: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 3.2.0, BuildID[sha1]=29c87c3ec1f47e27ce4e2dd563267674704f5233, with debug_info, not stripped ./services/teaclave_execution_service_enclave.signed.so: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=02fc9f84f6e575688579f121e7eb6b21fa434e0b, with debug_info, not stripped ./services/teaclave_access_control_service: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 3.2.0, BuildID[sha1]=88031c25575ca45af3d81e2d841cd25ea9a3b484, with debug_info, not stripped ./services/teaclave_frontend_service: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 3.2.0, BuildID[sha1]=6a42e1d5cf4f30bda2e73b8f0b26eda0157c6a67, with debug_info, not stripped ./services/auditors/optimus_prime/optimus_prime.sign.sha256: data ./services/auditors/godzilla/godzilla.sign.sha256: data ./services/auditors/albus_dumbledore/albus_dumbledore.sign.sha256: data ./services/teaclave_authentication_service_enclave.signed.so: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=72613855b9dc0d7d4c0358a605cced1bd6414944, with debug_info, not stripped ./tool/teaclave_sgx_tool: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 3.2.0, BuildID[sha1]=69f7f73486d61e1d962e67fbcd7a97a742bce0ee, with debug_info, not stripped ./tool/teaclave_sgx_tool_enclave.signed.so: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=9532c22afb7599d609000844ff10592a19e27b81, with debug_info, not stripped ``` determine file size (before **strip**): ```bash # find . -name "*.so" | xargs ls -lh -rwxr-xr-x 1 root root 50M Nov 30 00:36 ./lib/libteaclave_client_sdk.so -rw-r--r-- 1 root root 63M Nov 30 00:41 ./services/teaclave_access_control_service_enclave.signed.so -rw-r--r-- 1 root root 56M Nov 30 00:39 ./services/teaclave_authentication_service_enclave.signed.so -rw-r--r-- 1 root root 84M Nov 30 00:38 ./services/teaclave_execution_service_enclave.signed.so -rw-r--r-- 1 root root 53M Nov 30 00:38 ./services/teaclave_frontend_service_enclave.signed.so -rw-r--r-- 1 root root 54M Nov 30 00:41 ./services/teaclave_management_service_enclave.signed.so -rw-r--r-- 1 root root 51M Nov 30 00:38 ./services/teaclave_scheduler_service_enclave.signed.so -rw-r--r-- 1 root root 54M Nov 30 00:41 ./services/teaclave_storage_service_enclave.signed.so -rw-r--r-- 1 root root 56M Nov 30 00:41 ./tests/teaclave_functional_tests_enclave.signed.so -rw-r--r-- 1 root root 83M Nov 30 00:40 ./tests/teaclave_integration_tests_enclave.signed.so -rw-r--r-- 1 root root 103M Nov 30 00:37 ./tests/teaclave_unit_tests_enclave.signed.so -rw-r--r-- 1 root root 40M Nov 30 00:38 ./tool/teaclave_sgx_tool_enclave.signed.so ``` dtermine file size again (after **strip**): ```bash # find . -name "*.so" | xargs strip # find . -name "*.so" | xargs ls -lh -rwxr-xr-x 1 1003 1004 9.9M Dec 1 10:07 ./lib/libteaclave_client_sdk.so -rw-r--r-- 1 1003 1004 23M Dec 1 10:07 ./services/teaclave_access_control_service_enclave.signed.so -rw-r--r-- 1 1003 1004 12M Dec 1 10:07 ./services/teaclave_authentication_service_enclave.signed.so -rw-r--r-- 1 1003 1004 29M Dec 1 10:07 ./services/teaclave_execution_service_enclave.signed.so -rw-r--r-- 1 1003 1004 12M Dec 1 10:07 ./services/teaclave_frontend_service_enclave.signed.so -rw-r--r-- 1 1003 1004 13M Dec 1 10:07 ./services/teaclave_management_service_enclave.signed.so -rw-r--r-- 1 1003 1004 12M Dec 1 10:07 ./services/teaclave_scheduler_service_enclave.signed.so -rw-r--r-- 1 1003 1004 12M Dec 1 10:07 ./services/teaclave_storage_service_enclave.signed.so -rw-r--r-- 1 1003 1004 13M Dec 1 10:07 ./tests/teaclave_functional_tests_enclave.signed.so -rw-r--r-- 1 1003 1004 27M Dec 1 10:07 ./tests/teaclave_integration_tests_enclave.signed.so -rw-r--r-- 1 1003 1004 31M Dec 1 10:07 ./tests/teaclave_unit_tests_enclave.signed.so -rw-r--r-- 1 1003 1004 7.6M Dec 1 10:07 ./tool/teaclave_sgx_tool_enclave.signed.so ``` I'm learning dev of teaclave, i don't know how verify the questions at present, so just list questions here: Q1: Can the enclave work after **strip** ? Is signature info lost? Q2: Is **wasm** file size optimized? Q3: dup link so set TEACLAVE_EXECUTOR_WAMR **ON**, every enclave will link **vmlib** cmake/scripts/sgx_link_sign.sh ```bash TEACLAVE_LINK_FLAGS="-L${TEACLAVE_OUT_DIR} -lpycomponent ffi.o -lpypy-c -lsgx_tlibc_ext -lffi" if [ "$TEACLAVE_EXECUTOR_WAMR" == "ON" ]; then TEACLAVE_LINK_FLAGS+=" -lvmlib" fi # Enable the security flags ENCLAVE_SECURITY_LINK_FLAGS="-Wl,-z,relro,-z,now,-z,noexecstack" ENCLAVE_LINK_FLAGS="${ENCLAVE_SECURITY_LINK_FLAGS} \ -Wl,--no-undefined -nostdlib -nodefaultlibs -nostartfiles -L${SGX_LIBRARY_PATH} \ -Wl,--whole-archive -l${Trts_Library_Name} -Wl,--no-whole-archive \ -Wl,--start-group \ -l${Service_Library_Name} -lsgx_tprotected_fs -lsgx_tkey_exchange \ -lsgx_tstdc -lsgx_tcxx -lsgx_tservice -lsgx_tcrypto \ ${TEACLAVE_LINK_FLAGS} \ -L${TRUSTED_TARGET_DIR}/${TARGET} -l${CUR_PKG_NAME} \ -Wl,--end-group \ -Wl,-Bstatic -Wl,-Bsymbolic -Wl,--no-undefined \ -Wl,-pie,-eenclave_entry -Wl,--export-dynamic \ -Wl,--defsym,__ImageBase=0 \ -Wl,--gc-sections \ -Wl,--version-script=${TEACLAVE_PROJECT_ROOT}/cmake/scripts/Enclave.lds" ``` Q4: In teaclave runtime, effect of dynamic link equal to static link, is it true? -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/apache/incubator-teaclave/issues/581
