mirror of
https://github.com/tlsnotary/tlsn.git
synced 2026-01-08 21:08:04 -05:00
0e2eabb833
* Update docs, docker, tee, ci. * Restore deleted dockerfile. * Add concurrency in readme. * Apply suggestions. * Correct file path. --------- Co-authored-by: yuroitaki <>
39 lines
1.0 KiB
Plaintext
39 lines
1.0 KiB
Plaintext
libos.entrypoint = "{{ self_exe }}"
|
|
loader.log_level = "{{ log_level }}"
|
|
|
|
loader.env.LD_LIBRARY_PATH = "/lib:{{ arch_libdir }}"
|
|
|
|
# See https://gramine.readthedocs.io/en/stable/performance.html#glibc-malloc-tuning
|
|
loader.env.MALLOC_ARENA_MAX = "1"
|
|
|
|
# encrypted type not used
|
|
fs.mounts = [
|
|
{ path = "/lib", uri = "file:{{ gramine.runtimedir() }}" },
|
|
{ path = "{{ arch_libdir }}", uri = "file:{{ arch_libdir }}" },
|
|
{ type = "tmpfs", path = "/ephemeral" },
|
|
{ type = "encrypted", path = "/vault", uri = "file:vault", key_name = "_sgx_mrenclave" },
|
|
|
|
]
|
|
|
|
# hashed @ buildtime. at runtime => these files are +ro
|
|
# and can be accessed if hash matches manifest
|
|
# !!!! hashed !!!!
|
|
# https://gramine.readthedocs.io/en/stable/manifest-syntax.html#trusted-files
|
|
sgx.trusted_files = [
|
|
"file:{{ self_exe }}",
|
|
"file:{{ gramine.runtimedir() }}/",
|
|
"file:{{ arch_libdir }}/",
|
|
]
|
|
|
|
sgx.edmm_enable = false
|
|
sgx.remote_attestation = "dcap"
|
|
sgx.max_threads = 64
|
|
sgx.enclave_size = "2G"
|
|
sys.disallow_subprocesses = true
|
|
|
|
|
|
#### tlsn rev
|
|
sgx.isvprodid = 7
|
|
#### F
|
|
sgx.isvsvn = 1
|