Documentation
¶
Overview ¶
Package sgx implements the runtime provisioner for runtimes in Intel SGX enclaves.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func NewProvisioner ¶ added in v0.2500.0
func NewProvisioner(cfg Config) (host.Provisioner, error)
NewProvisioner creates a new Intel SGX runtime provisioner.
Types ¶
type Config ¶
type Config struct {
// HostInfo provides information about the host environment.
HostInfo *protocol.HostInfo
// CommonStore is a handle to the node's common persistent store.
CommonStore *persistent.CommonStore
// LoaderPath is the path to the runtime loader binary.
LoaderPath string
// IAS are the Intel Attestation Service endpoint.
IAS []ias.Endpoint
// PCS is the Intel Provisioning Certification Service quote service.
PCS pcs.QuoteService
// Consensus is the consensus layer backend.
Consensus consensus.Backend
// Identity is the node identity.
Identity *identity.Identity
// RuntimeAttestInterval is the interval for periodic runtime re-attestation. If not specified
// a default will be used.
RuntimeAttestInterval time.Duration
// SandboxBinaryPath is the path to the sandbox support binary.
SandboxBinaryPath string
// InsecureNoSandbox disables the sandbox and runs the loader directly.
InsecureNoSandbox bool
// InsecureMock runs non-SGX binaries but treats it as if it would be running in an enclave,
// using mock quotes and reports.
//
// This is useful in tests so most SGX code can be tested even on machines that lack SGX. Note
// that this also requires quote verification to be skipped.
InsecureMock bool
}
Config contains SGX-specific provisioner configuration options.
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.