sgx

package
v0.2402.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 20, 2024 License: Apache-2.0 Imports: 36 Imported by: 0

Documentation

Overview

Package sgx implements the runtime provisioner for runtimes in Intel SGX enclaves.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func New

func New(cfg Config) (host.Provisioner, error)

New creates a new Intel SGX runtime provisioner.

Types

type Config

type Config struct {
	// HostInfo provides information about the host environment.
	HostInfo *protocol.HostInfo

	// CommonStore is a handle to the node's common persistent store.
	CommonStore *persistent.CommonStore

	// LoaderPath is the path to the runtime loader binary.
	LoaderPath string

	// IAS are the Intel Attestation Service endpoint.
	IAS []ias.Endpoint
	// PCS is the Intel Provisioning Certification Service client.
	PCS pcs.Client
	// Consensus is the consensus layer backend.
	Consensus consensus.Backend
	// Identity is the node identity.
	Identity *identity.Identity

	// RuntimeAttestInterval is the interval for periodic runtime re-attestation. If not specified
	// a default will be used.
	RuntimeAttestInterval time.Duration

	// SandboxBinaryPath is the path to the sandbox support binary.
	SandboxBinaryPath string

	// InsecureNoSandbox disables the sandbox and runs the loader directly.
	InsecureNoSandbox bool
	// InsecureMock runs non-SGX binaries but treats it as if it would be running in an enclave,
	// using mock quotes and reports.
	//
	// This is useful in tests so most SGX code can be tested even on machines that lack SGX. Note
	// that this also requires quote verification to be skipped.
	InsecureMock bool
}

Config contains SGX-specific provisioner configuration options.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL