Home Explore Help
Sign In
miti
/
graphene
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: bf2a41a301
Branches Tags
graphene
/
Pal
/
src
/
host
/
Linux-SGX
/
pal_security.h

pal_security.h 2.5 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586 
  1. /* -*- mode:c; c-file-style:"k&r"; c-basic-offset: 4; tab-width:4; indent-tabs-mode:nil; mode:auto-fill; fill-column:78; -*- */
    2. 

  2. /* vim: set ts=4 sw=4 et tw=78 fo=cqt wm=0: */
    3. 

  3. 

  4. /* Copyright (C) 2014 OSCAR lab, Stony Brook University
    5. 

  5.    This file is part of Graphene Library OS.
    6. 

  6. 

  7.    Graphene Library OS is free software: you can redistribute it and/or
    8. 

  8.    modify it under the terms of the GNU General Public License
    9. 

  9.    as published by the Free Software Foundation, either version 3 of the
    10. 

  10.    License, or (at your option) any later version.
    11. 

  11. 

  12.    Graphene Library OS is distributed in the hope that it will be useful,
    13. 

  13.    but WITHOUT ANY WARRANTY; without even the implied warranty of
    14. 

  14.    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    15. 

  15.    GNU General Public License for more details.
    16. 

  16. 

  17.    You should have received a copy of the GNU General Public License
    18. 

  18.    along with this program.  If not, see <http://www.gnu.org/licenses/>.  */
    19. 

  19. 

  20. #ifndef PAL_SECURITY_H
    21. 

  21. #define PAL_SECURITY_H
    22. 

  22. 

  23. #include "pal.h"
    24. 

  24. #include "sgx_arch.h"
    25. 

  25. 

  26. typedef char PAL_SEC_STR[255];
    27. 

  27. 

  28. struct pal_sec {
    29. 

  29.     /* host credentials */
    30. 

  30.     PAL_NUM         instance_id;
    31. 

  31.     PAL_IDX         ppid, pid, uid, gid;
    32. 

  32. 

  33.     /* file name of enclave image */
    34. 

  34.     PAL_SEC_STR     enclave_image;
    35. 

  35. 

  36.     /* enclave information */
    37. 

  37.     sgx_arch_hash_t         mrenclave;
    38. 

  38.     sgx_arch_hash_t         mrsigner;
    39. 

  39.     sgx_arch_attributes_t   enclave_attributes;
    40. 

  40. 

  41.     /* remaining heap usable by application */
    42. 

  42.     PAL_PTR         heap_min, heap_max;
    43. 

  43. 

  44.     /* executable name, addr and size */
    45. 

  45.     PAL_SEC_STR     exec_name;
    46. 

  46.     PAL_IDX         exec_fd;
    47. 

  47.     PAL_PTR         exec_addr;
    48. 

  48.     PAL_NUM         exec_size;
    49. 

  49. 

  50.     /* manifest name, addr and size */
    51. 

  51.     PAL_SEC_STR     manifest_name;
    52. 

  52.     PAL_IDX         manifest_fd;
    53. 

  53.     PAL_PTR         manifest_addr;
    54. 

  54.     PAL_NUM         manifest_size;
    55. 

  55. 

  56.     /* need three proc fds if it has a parent */
    57. 

  57.     PAL_IDX         proc_fds[3];
    58. 

  58. 

  59.     /* additional information */
    60. 

  60.     PAL_SEC_STR     pipe_prefix;
    61. 

  61.     PAL_IDX         mcast_port, mcast_srv, mcast_cli;
    62. 

  62. 

  63.     /* an untrusted allocator shared with enclave */
    64. 

  64.     struct {
    65. 

  65.         unsigned int alignment;
    66. 

  66.         void * slabmgr;
    67. 

  67.         struct mutex_handle * lock;
    68. 

  68.     } untrusted_allocator;
    69. 

  69. 

  70. #ifdef DEBUG
    71. 

  71.     PAL_BOL         in_gdb;
    72. 

  72. #endif
    73. 

  73. };
    74. 

  74. 

  75. #ifdef IN_ENCLAVE
    76. 

  76. extern struct pal_sec pal_sec;
    77. 

  77. #endif
    78. 

  78. 

  79. #define GRAPHENE_TEMPDIR        "/tmp/graphene"
    80. 

  80. #define GRAPHENE_PIPEDIR        GRAPHENE_TEMPDIR "/pipes"
    81. 

  81. 

  82. #define PROC_INIT_FD    255
    83. 

  83. 

  84. #define MCAST_GROUP "239.0.0.1"
    85. 

  85. 

  86. #endif /* PAL_SECURITY_H */
    87.