Q1. You are right that the size of enclave files can be further optimized with the `strip` command. The signature `mrenclave` of an enclave should not change. However, a stripped enclave binary does not have a better runtime performance, including the loading time. `strip` removes some sections from the binary, but these removed sections are not loaded into the enclave memory. Stripping binaries cannot decrease the memory usage.
> Thank you for reply. I recompile the project with > **-DCMAKE_BUILD_TYPE=Release**, and got the same result as you . But, the > file.so marked ** with debug_info, not stripped**, and file.so size can be > optimized by **strip** even further. > > ### result with **with debug_info, not stripped** > ```shell > #find . -name "*.so" | xargs file > ./lib/libteaclave_client_sdk.so: ELF 64-bit LSB > shared object, x86-64, version 1 (SYSV), dynamically linked, > BuildID[sha1]=6176b475f3ca9cbc6d36ae616b548c7fca0f324d, with debug_info, not > stripped > ./tests/teaclave_functional_tests_enclave.signed.so: ELF 64-bit LSB > shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter > /lib64/ld-linux-x86-64.so.2, > BuildID[sha1]=d753545de45a6d946b2f60976b675e47e729089d, with debug_info, not > stripped > ./tests/teaclave_integration_tests_enclave.signed.so: ELF 64-bit LSB > shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter > /lib64/ld-linux-x86-64.so.2, > BuildID[sha1]=d2a622eda368fa37d1951399510a358eb0f40671, with debug_info, not > stripped > ./tests/teaclave_unit_tests_enclave.signed.so: ELF 64-bit LSB > shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter > /lib64/ld-linux-x86-64.so.2, > BuildID[sha1]=73a7b900de006c80b7cadd9730c093450f58dcb2, with debug_info, not > stripped > ./services/teaclave_frontend_service_enclave.signed.so: ELF 64-bit LSB > shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter > /lib64/ld-linux-x86-64.so.2, > BuildID[sha1]=1a0f2fd65d81ac245a354bc131de9c0b95df56f0, with debug_info, not > stripped > ./services/teaclave_management_service_enclave.signed.so: ELF 64-bit LSB > shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter > /lib64/ld-linux-x86-64.so.2, > BuildID[sha1]=75dcb514f8951f8955cee7b09b8f6f8202ed3f63, with debug_info, not > stripped > ./services/teaclave_scheduler_service_enclave.signed.so: ELF 64-bit LSB > shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter > /lib64/ld-linux-x86-64.so.2, > BuildID[sha1]=6c386ccf6fd690f63b857c84b1c7da77381d340f, with debug_info, not > stripped > ./services/teaclave_storage_service_enclave.signed.so: ELF 64-bit LSB > shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter > /lib64/ld-linux-x86-64.so.2, > BuildID[sha1]=969024af5546ea06ca8280698cafd9f448a91221, with debug_info, not > stripped > ./services/teaclave_access_control_service_enclave.signed.so: ELF 64-bit LSB > shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter > /lib64/ld-linux-x86-64.so.2, > BuildID[sha1]=072c8959e17dcd71d950fea703e1e02836d21564, with debug_info, not > stripped > ./services/teaclave_execution_service_enclave.signed.so: ELF 64-bit LSB > shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter > /lib64/ld-linux-x86-64.so.2, > BuildID[sha1]=e87eac399eb95a4d13fb2cfb0ef348adc5ed62bc, with debug_info, not > stripped > ./services/teaclave_authentication_service_enclave.signed.so: ELF 64-bit LSB > shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter > /lib64/ld-linux-x86-64.so.2, > BuildID[sha1]=1e577d5c6a55fb4891bdc8695de09b343ad57dc4, with debug_info, not > stripped > ./tool/teaclave_sgx_tool_enclave.signed.so: ELF 64-bit LSB > shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter > /lib64/ld-linux-x86-64.so.2, > BuildID[sha1]=0c1bb9015993c9ce1deebf15152cf8fbc19d8805, with debug_info, not > stripped > ``` > > ### no strip results: > ```shell > #find . -name "*.so" | xargs ls -lh > -rwxr-xr-x 1 root root 8.6M 12月 2 16:18 ./lib/libteaclave_client_sdk.so > -rw-r--r-- 1 root root 23M 12月 2 16:23 > ./services/teaclave_access_control_service_enclave.signed.so > -rw-r--r-- 1 root root 7.8M 12月 2 16:21 > ./services/teaclave_authentication_service_enclave.signed.so > -rw-r--r-- 1 root root 26M 12月 2 16:20 > ./services/teaclave_execution_service_enclave.signed.so > -rw-r--r-- 1 root root 7.8M 12月 2 16:20 > ./services/teaclave_frontend_service_enclave.signed.so > -rw-r--r-- 1 root root 7.9M 12月 2 16:21 > ./services/teaclave_management_service_enclave.signed.so > -rw-r--r-- 1 root root 7.6M 12月 2 16:20 > ./services/teaclave_scheduler_service_enclave.signed.so > -rw-r--r-- 1 root root 7.6M 12月 2 16:24 > ./services/teaclave_storage_service_enclave.signed.so > -rw-r--r-- 1 root root 7.8M 12月 2 16:22 > ./tests/teaclave_functional_tests_enclave.signed.so > -rw-r--r-- 1 root root 25M 12月 2 16:23 > ./tests/teaclave_integration_tests_enclave.signed.so > -rw-r--r-- 1 root root 28M 12月 2 16:19 > ./tests/teaclave_unit_tests_enclave.signed.so > -rw-r--r-- 1 root root 6.0M 12月 2 16:21 > ./tool/teaclave_sgx_tool_enclave.signed.so > ``` > > ### strip by hand > ```shell > #find . -name "*.so" | xargs strip > #find . -name "*.so" | xargs file > ./lib/libteaclave_client_sdk.so: ELF 64-bit LSB > shared object, x86-64, version 1 (SYSV), dynamically linked, > BuildID[sha1]=6176b475f3ca9cbc6d36ae616b548c7fca0f324d, stripped > ./tests/teaclave_functional_tests_enclave.signed.so: ELF 64-bit LSB > shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter > /lib64/ld-linux-x86-64.so.2, > BuildID[sha1]=d753545de45a6d946b2f60976b675e47e729089d, stripped > ./tests/teaclave_integration_tests_enclave.signed.so: ELF 64-bit LSB > shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter > /lib64/ld-linux-x86-64.so.2, > BuildID[sha1]=d2a622eda368fa37d1951399510a358eb0f40671, stripped > ./tests/teaclave_unit_tests_enclave.signed.so: ELF 64-bit LSB > shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter > /lib64/ld-linux-x86-64.so.2, > BuildID[sha1]=73a7b900de006c80b7cadd9730c093450f58dcb2, stripped > ./services/teaclave_frontend_service_enclave.signed.so: ELF 64-bit LSB > shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter > /lib64/ld-linux-x86-64.so.2, > BuildID[sha1]=1a0f2fd65d81ac245a354bc131de9c0b95df56f0, stripped > ./services/teaclave_management_service_enclave.signed.so: ELF 64-bit LSB > shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter > /lib64/ld-linux-x86-64.so.2, > BuildID[sha1]=75dcb514f8951f8955cee7b09b8f6f8202ed3f63, stripped > ./services/teaclave_scheduler_service_enclave.signed.so: ELF 64-bit LSB > shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter > /lib64/ld-linux-x86-64.so.2, > BuildID[sha1]=6c386ccf6fd690f63b857c84b1c7da77381d340f, stripped > ./services/teaclave_storage_service_enclave.signed.so: ELF 64-bit LSB > shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter > /lib64/ld-linux-x86-64.so.2, > BuildID[sha1]=969024af5546ea06ca8280698cafd9f448a91221, stripped > ./services/teaclave_access_control_service_enclave.signed.so: ELF 64-bit LSB > shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter > /lib64/ld-linux-x86-64.so.2, > BuildID[sha1]=072c8959e17dcd71d950fea703e1e02836d21564, stripped > ./services/teaclave_execution_service_enclave.signed.so: ELF 64-bit LSB > shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter > /lib64/ld-linux-x86-64.so.2, > BuildID[sha1]=e87eac399eb95a4d13fb2cfb0ef348adc5ed62bc, stripped > ./services/teaclave_authentication_service_enclave.signed.so: ELF 64-bit LSB > shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter > /lib64/ld-linux-x86-64.so.2, > BuildID[sha1]=1e577d5c6a55fb4891bdc8695de09b343ad57dc4, stripped > ./tool/teaclave_sgx_tool_enclave.signed.so: ELF 64-bit LSB > shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter > /lib64/ld-linux-x86-64.so.2, > BuildID[sha1]=0c1bb9015993c9ce1deebf15152cf8fbc19d8805, stripped > > #find . -name "*.so" | xargs ls -lh > -rwxr-xr-x 1 root root 4.0M Dec 2 08:45 ./lib/libteaclave_client_sdk.so > -rw-r--r-- 1 root root 17M Dec 2 08:45 > ./services/teaclave_access_control_service_enclave.signed.so > -rw-r--r-- 1 root root 5.0M Dec 2 08:45 > ./services/teaclave_authentication_service_enclave.signed.so > -rw-r--r-- 1 root root 20M Dec 2 08:45 > ./services/teaclave_execution_service_enclave.signed.so > -rw-r--r-- 1 root root 4.9M Dec 2 08:45 > ./services/teaclave_frontend_service_enclave.signed.so > -rw-r--r-- 1 root root 5.0M Dec 2 08:45 > ./services/teaclave_management_service_enclave.signed.so > -rw-r--r-- 1 root root 4.8M Dec 2 08:45 > ./services/teaclave_scheduler_service_enclave.signed.so > -rw-r--r-- 1 root root 4.8M Dec 2 08:45 > ./services/teaclave_storage_service_enclave.signed.so > -rw-r--r-- 1 root root 4.9M Dec 2 08:45 > ./tests/teaclave_functional_tests_enclave.signed.so > -rw-r--r-- 1 root root 19M Dec 2 08:45 > ./tests/teaclave_integration_tests_enclave.signed.so > -rw-r--r-- 1 root root 22M Dec 2 08:45 > ./tests/teaclave_unit_tests_enclave.signed.so > -rw-r--r-- 1 root root 3.5M Dec 2 08:45 > ./tool/teaclave_sgx_tool_enclave.signed.so > ``` > > marked with **stripped**, and the file size is smaller. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/apache/incubator-teaclave/issues/581#issuecomment-984449479
