be68105ec5
Move utils/quartz-proto to core/quartz-proto Fix Cargo.toml paths Add default working-directory for cosmwasm CI jobs Fix default working-directory Rename .cargo/config -> config.toml Update working-directory Update cosmwasm workflows Update rust.yml paths Add aliases to cargo config.toml Test working-directory Update cosmwasm CI jobs Use --manifest-path Use dtolnay/rust-toolchain action Fix workflow Remove --locked SSH agent SSH agent for schema Remove unused SSH key Exclude cw-tee-mtcs from rust CI jobs Clippy fix cargo fmt Add CONTRIBUTING.md Update README.md
58 lines
2 KiB
Text
58 lines
2 KiB
Text
# Quartz manifest file
|
|
|
|
loader.entrypoint = "file:{{ gramine.libos }}"
|
|
libos.entrypoint = "{{ quartz_dir }}/target/release/quartz-enclave"
|
|
|
|
loader.log_level = "{{ log_level }}"
|
|
|
|
loader.env.LD_LIBRARY_PATH = "/lib:{{ arch_libdir }}:/usr/{{ arch_libdir }}"
|
|
loader.env.HOME = "{{ home }}"
|
|
loader.env.INSIDE_SGX = "1"
|
|
loader.env.TLS = { passthrough = true }
|
|
loader.env.RA_TYPE = { passthrough = true }
|
|
loader.env.RA_TLS_ALLOW_DEBUG_ENCLAVE_INSECURE = { passthrough = true }
|
|
loader.env.RA_TLS_ALLOW_OUTDATED_TCB_INSECURE = { passthrough = true }
|
|
loader.env.RA_TLS_MRENCLAVE = { passthrough = true }
|
|
loader.env.RA_TLS_MRSIGNER = { passthrough = true }
|
|
loader.env.RA_TLS_ISV_SVN = { passthrough = true }
|
|
loader.env.RA_TLS_ISV_PROD_ID = { passthrough = true }
|
|
loader.env.RA_TLS_EPID_API_KEY = { passthrough = true }
|
|
loader.env.MYAPP_DATA = { passthrough = true }
|
|
|
|
loader.argv = ["quartz-enclave",
|
|
"--chain-id", "testing",
|
|
"--trusted-height", "{{ trusted_height }}",
|
|
"--trusted-hash", "{{ trusted_hash }}"]
|
|
|
|
fs.mounts = [
|
|
{ uri = "file:{{ gramine.runtimedir() }}", path = "/lib" },
|
|
{ uri = "file:{{ arch_libdir }}", path = "{{ arch_libdir }}" },
|
|
{ uri = "file:/usr/{{ arch_libdir }}", path = "/usr{{ arch_libdir }}" },
|
|
{ uri = "file:{{ quartz_dir }}", path = "{{ quartz_dir }}" },
|
|
]
|
|
|
|
# sgx.debug = true
|
|
sgx.enclave_size = "512M"
|
|
sgx.max_threads = 4
|
|
sgx.edmm_enable = {{ 'true' if env.get('EDMM', '0') == '1' else 'false' }}
|
|
|
|
sgx.remote_attestation = "{{ ra_type }}"
|
|
sgx.ra_client_spid = "{{ ra_client_spid }}"
|
|
sgx.ra_client_linkable = {{ 'true' if ra_client_linkable == '1' else 'false' }}
|
|
|
|
sgx.trusted_files = [
|
|
"file:{{ gramine.libos }}",
|
|
"file:{{ quartz_dir }}/target/release/quartz-enclave",
|
|
"file:{{ gramine.runtimedir() }}/",
|
|
"file:{{ arch_libdir }}/",
|
|
"file:/usr/{{ arch_libdir }}/",
|
|
]
|
|
|
|
sgx.allowed_files = [
|
|
"file:{{ quartz_dir }}/exchange.sk",
|
|
"file:{{ quartz_dir }}/request.json",
|
|
]
|
|
|
|
sys.insecure__allow_eventfd = true
|
|
sys.enable_sigterm_injection = true
|