-
Notifications
You must be signed in to change notification settings - Fork 3
/
sgx-notary-server.manifest
67 lines (61 loc) · 1.65 KB
/
sgx-notary-server.manifest
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
[loader]
entrypoint = "file:/usr/lib/x86_64-linux-gnu/gramine/libsysdb.so"
argv = [
"gramine-ratls",
"/tmp/crt.pem",
"/tmp/key.pem",
"--",
"target/release/sgx-notary-server",
"--config-file",
"config/config.yaml",
]
log_level = "error"
uid = 65534
gid = 65534
[loader.env]
LD_LIBRARY_PATH = "/lib:/lib/x86_64-linux-gnu"
RUST_BACKTRACE = "full"
[libos]
entrypoint = "/gramine-ratls"
[fs]
mounts = [
{ path = "/gramine-ratls", uri = "file:/usr/bin/gramine-ratls" },
{ path = "/fixture", uri = "file:fixture" },
{ path = "/lib", uri = "file:/usr/lib/x86_64-linux-gnu/gramine/runtime/glibc" },
{ path = "/lib/x86_64-linux-gnu", uri = "file:/lib/x86_64-linux-gnu" },
{ path = "/tmp", type = "tmpfs" },
]
[sgx]
edmm_enable = true
remote_attestation = "dcap"
allowed_files = [
"file:fixture/tls",
]
trusted_files = [
{ uri = "file:/usr/lib/x86_64-linux-gnu/gramine/libsysdb.so" },
{ uri = "file:/usr/bin/gramine-ratls" },
{ uri = "file:target/release/sgx-notary-server" },
{ uri = "file:/usr/lib/x86_64-linux-gnu/gramine/runtime/glibc/" },
{ uri = "file:/lib/x86_64-linux-gnu/" },
{ uri = "file:config/config.yaml" },
{ uri = "file:fixture/notary/notary.key" },
{ uri = "file:fixture/notary/notary.pub" },
{ uri = "file:fixture/auth/whitelist.csv" },
{ uri = "file:fixture/tls/notary.crt" },
]
max_threads = 32
isvprodid = 0
isvsvn = 0
debug = false
enable_stats = false
enclave_size = "1024G"
use_exinfo = false
[sgx.cpu_features]
avx = "unspecified"
avx512 = "unspecified"
amx = "unspecified"
mpx = "disabled"
pkru = "disabled"
[sys]
enable_sigterm_injection = true
insecure__allow_eventfd = true