Move quartz enclave and init gramine files for it

enclaves/quartz/Dockerfile

@@ -0,0 +1,48 @@
+FROM gramineproject/gramine:v1.5
+
+RUN apt-get update && apt-get install -y jq build-essential
+
+WORKDIR /workdir
+
+RUN curl https://sh.rustup.rs -sSf | bash -s -- -y
+ENV PATH="/root/.cargo/bin:${PATH}"
+RUN rustup toolchain install 1.72.0
+
+RUN gramine-sgx-gen-private-key
+
+# This should be associated with an acive IAS SPID in order for
+# gramine tools like gramine-sgx-ias-request and gramine-sgx-ias-verify
+ARG RA_TYPE=epid
+ENV RA_TYPE=$RA_TYPE
+ARG RA_CLIENT_SPID=51CAF5A48B450D624AEFE3286D314894
+ENV RA_CLIENT_SPID=$RA_CLIENT_SPID
+ARG RA_CLIENT_LINKABLE=1
+ENV RA_CLIENT_LINKABLE=$RA_CLIENT_LINKABLE
+
+ARG DEBUG=0
+ENV DEBUG=$DEBUG
+ARG SGX=1
+ENV SGX=$SGX
+
+# Copy the quartz directory and build
+COPY . ./quartz
+WORKDIR /workdir/quartz
+RUN cargo build --release
+
+WORKDIR /workdir
+COPY quartz.manifest.template ./
+
+# Make and sign the gramine manifest
+RUN gramine-manifest  \
+    -Dlog_level="error"  \
+    -Dhome=${HOME}  \
+    -Darch_libdir="/lib/$(gcc -dumpmachine)"  \
+    -Dra_type="$RA_TYPE" \
+    -Dra_client_spid="$RA_CLIENT_SPID" \
+    -Dra_client_linkable="$RA_CLIENT_LINKABLE" \
+    -Dquartz_dir="$(pwd)/quartz"  \
+    quartz.manifest.template quartz.manifest
+
+RUN gramine-sgx-sign --manifest quartz.manifest --output quartz.manifest.sgx
+
+CMD [ "gramine-sgx-sigstruct-view quartz.sig" ]

enclaves/quartz/quartz.manifest.template

@@ -0,0 +1,50 @@
+# Quartz manifest file
+
+loader.entrypoint = "file:{{ gramine.libos }}"
+libos.entrypoint = "{{ quartz_dir }}/target/release/quartz-enclave"
+
+loader.log_level = "{{ log_level }}"
+
+loader.env.LD_LIBRARY_PATH = "/lib:{{ arch_libdir }}:/usr/{{ arch_libdir }}"
+loader.env.HOME = "{{ home }}"
+loader.env.INSIDE_SGX = "1"
+loader.env.TLS = { passthrough = true }
+loader.env.RA_TYPE = { passthrough = true }
+loader.env.RA_TLS_ALLOW_DEBUG_ENCLAVE_INSECURE = { passthrough = true }
+loader.env.RA_TLS_ALLOW_OUTDATED_TCB_INSECURE = { passthrough = true }
+loader.env.RA_TLS_MRENCLAVE = { passthrough = true }
+loader.env.RA_TLS_MRSIGNER = { passthrough = true }
+loader.env.RA_TLS_ISV_SVN = { passthrough = true }
+loader.env.RA_TLS_ISV_PROD_ID = { passthrough = true }
+loader.env.RA_TLS_EPID_API_KEY = { passthrough = true }
+loader.env.MYAPP_DATA = { passthrough = true }
+
+loader.argv = ["quartz-enclave"]
+
+fs.mounts = [
+  { uri = "file:{{ gramine.runtimedir() }}", path = "/lib" },
+  { uri = "file:{{ arch_libdir }}", path = "{{ arch_libdir }}" },
+  { uri = "file:/usr/{{ arch_libdir }}", path = "/usr{{ arch_libdir }}" },
+  { uri = "file:{{ quartz_dir }}", path = "{{ quartz_dir }}" },
+]
+
+sgx.enclave_size = "512M"
+sgx.max_threads = 4
+sgx.edmm_enable = {{ 'true' if env.get('EDMM', '0') == '1' else 'false' }}
+
+sgx.remote_attestation = "{{ ra_type }}"
+sgx.ra_client_spid = "{{ ra_client_spid }}"
+sgx.ra_client_linkable = {{ 'true' if ra_client_linkable == '1' else 'false' }}
+
+sgx.trusted_files = [
+  "file:{{ gramine.libos }}",
+  "file:{{ quartz_dir }}/target/release/quartz-enclave",
+  "file:{{ gramine.runtimedir() }}/",
+  "file:{{ arch_libdir }}/",
+  "file:/usr/{{ arch_libdir }}/",
+]
+
+sgx.allowed_files = [
+  "file:{{ quartz_dir }}/exchange.sk",
+  "file:{{ quartz_dir }}/request.json",
+]

enclaves/quartz/src/main.rs

@@ -0,0 +1 @@
+fn main() {}

utils/quartz-enclave/src/lib.rs

@@ -1,21 +0,0 @@
-#![warn(
-    clippy::checked_conversions,
-    clippy::panic,
-    clippy::panic_in_result_fn,
-    clippy::unwrap_used,
-    rust_2018_idioms,
-    unused_lifetimes
-)]
-#![deny(
-    trivial_casts,
-    trivial_numeric_casts,
-    unused_import_braces,
-    unused_qualifications,
-    warnings
-)]
-#![forbid(unsafe_code)]
-
-#[cfg(test)]
-mod tests {
-
-}