Asylo
Public Member Functions | Static Public Member Functions | List of all members
asylo::EnclaveManager Class Reference

A manager object responsible for creating and managing enclave instances. More...

#include <enclave_manager.h>

Public Member Functions

Status LoadEnclave (const EnclaveLoadConfig &load_config)
 Loads an enclave. More...
 
Status LoadEnclave (absl::string_view name, const EnclaveLoader &loader, void *base_address=nullptr, const size_t enclave_size=0)
 Loads an enclave. More...
 
Status LoadEnclave (absl::string_view name, const EnclaveLoader &loader, EnclaveConfig config, void *base_address=nullptr, const size_t enclave_size=0)
 Loads an enclave. More...
 
EnclaveClientGetClient (absl::string_view name) const ABSL_LOCKS_EXCLUDED(client_table_lock_)
 Fetches a client to a loaded enclave. More...
 
const absl::string_view GetName (const EnclaveClient *client) const ABSL_LOCKS_EXCLUDED(client_table_lock_)
 Returns the name of an enclave client. More...
 
Status DestroyEnclave (EnclaveClient *client, const EnclaveFinal &final_input, bool skip_finalize=false) ABSL_LOCKS_EXCLUDED(client_table_lock_)
 Destroys an enclave. More...
 
SharedResourceManagershared_resources ()
 Fetches the shared resource manager object. More...
 
const SharedResourceManagershared_resources () const
 Fetches the shared resource manager object. More...
 
EnclaveLoadConfig GetLoadConfigFromClient (EnclaveClient *client) ABSL_LOCKS_EXCLUDED(client_table_lock_)
 Get the load config of an enclave. More...
 

Static Public Member Functions

static StatusOr< EnclaveManager * > Instance ()
 Fetches the EnclaveManager singleton instance. More...
 
static Status Configure (const EnclaveManagerOptions &options)
 

Detailed Description

A manager object responsible for creating and managing enclave instances.

EnclaveManager is a singleton class that tracks the status of enclaves within a process. Users can get a pointer to the singleton instance by calling the static Instance() method.

NOTE: Configuring the EnclaveManager with Configure() is no longer required before obtaining a pointer to the singleton instance.

Deprecated:
Users of this class first supply a configuration using the static Configure() method, and then get a pointer to the singleton instance as specified by this configuration by calling the static Instance() method.

Member Function Documentation

◆ Configure()

static Status asylo::EnclaveManager::Configure ( const EnclaveManagerOptions options)
static
Deprecated:
EnclaveManager no longer needs to be configured.

Configures the enclave manager.

Parameters
optionsConfiguration options as described in EnclaveManagerOptions.

◆ DestroyEnclave()

Status asylo::EnclaveManager::DestroyEnclave ( EnclaveClient client,
const EnclaveFinal &  final_input,
bool  skip_finalize = false 
)

Destroys an enclave.

Destroys an enclave. This method calls client's EnterAndFinalize entry point with final_input unless skip_finalize is true, then calls client's DestroyEnclave method, and then removes client's name from the EnclaveManager client registry. The manager owns the client, so removing it calls client's destructor and frees its memory. The client is destroyed regardless of whether client's EnterAndFinalize method succeeds or fails. This method must not be invoked more than once.

Parameters
clientA client attached to the enclave to destroy.
final_inputInput to pass the enclave's finalizer.
skip_finalizeIf true, the enclave is destroyed without invoking its Finalize method.
Returns
The Status returned by the enclave's Finalize method, or an OK Status if that was skipped.

◆ GetClient()

EnclaveClient* asylo::EnclaveManager::GetClient ( absl::string_view  name) const

Fetches a client to a loaded enclave.

Parameters
nameThe name of an EnclaveClient that may be registered in the EnclaveManager.
Returns
A mutable pointer to the EnclaveClient if the name is registered. Otherwise returns nullptr.

◆ GetLoadConfigFromClient()

EnclaveLoadConfig asylo::EnclaveManager::GetLoadConfigFromClient ( EnclaveClient client)

Get the load config of an enclave.

This should only be used during fork in order to load an enclave with the same load config as the parent.

◆ GetName()

const absl::string_view asylo::EnclaveManager::GetName ( const EnclaveClient client) const

Returns the name of an enclave client.

Parameters
clientA pointer to a client that may be registered in the EnclaveManager.
Returns
The name of an enclave client. If no enclave matches client the empty string will be returned.

◆ Instance()

static StatusOr<EnclaveManager *> asylo::EnclaveManager::Instance ( )
static

Fetches the EnclaveManager singleton instance.

Returns
A StatusOr containing either the global EnclaveManager instance or an error describing why it could not be returned.

◆ LoadEnclave() [1/3]

Status asylo::EnclaveManager::LoadEnclave ( const EnclaveLoadConfig &  load_config)

Loads an enclave.

Loads a new enclave utilizing the passed enclave backend loader configuration settings. The loaded enclave is bound to the value of field name set in |load_config|. The enclave is initialized with custom enclave config settings if the config field is set in |load_config|. Else, the enclave is initialized with default Asylo enclave config settings.

It is an error to specify a name which is already bound to an enclave.

Example: 1) Load an enclave with custom enclave config settings

EnclaveConfig config;
... // populate config proto.
EnclaveLoadConfig load_config;
load_config.set_name("example");
load_config.set_config(config);
load_config.SetExtension(example_backend_extension);
... // populate Asylo backend extension proto.
LoadEnclave(load_config);

2) Load an enclave with default enclave config settings

EnclaveLoadConfig load_config;
load_config.set_name("example");
load_config.SetExtension(example_backend_extension);
... // populate Asylo backend extension proto.
LoadEnclave(load_config);
Parameters
load_configBackend configuration options to load an enclave

◆ LoadEnclave() [2/3]

Status asylo::EnclaveManager::LoadEnclave ( absl::string_view  name,
const EnclaveLoader loader,
void *  base_address = nullptr,
const size_t  enclave_size = 0 
)

Loads an enclave.

Loads a new enclave with default enclave config settings and binds it to a name. The actual work of opening the enclave is delegated to the passed loader object.

It is an error to specify a name which is already bound to an enclave.

Example:

LoadEnclave("/EchoEnclave", SgxLoader("echoService.so"));
Parameters
nameName to bind the loaded enclave under.
loaderConfigured enclave loader to load from.
base_addressStart address to load enclave(optional).
enclave_sizeThe size of the enclave in memory(only needed if |base_address| is specified).
Deprecated:
Use LoadEnclave(const EnclaveLoadConfig &load_config)

◆ LoadEnclave() [3/3]

Status asylo::EnclaveManager::LoadEnclave ( absl::string_view  name,
const EnclaveLoader loader,
EnclaveConfig  config,
void *  base_address = nullptr,
const size_t  enclave_size = 0 
)

Loads an enclave.

Loads a new enclave with custom enclave config settings and binds it to a name. The actual work of opening the enclave is delegated to the passed loader object.

It is an error to specify a name which is already bound to an enclave.

Example:

EnclaveConfig config;
... // populate config proto.
LoadEnclave("/EchoEnclave", SgxLoader("echoService.so"), config);
Parameters
nameName to bind the loaded enclave under.
loaderConfigured enclave loader to load from.
configEnclave configuration to launch the enclave with.
base_addressStart address to load enclave(optional).
enclave_sizeThe size of the enclave in memory(only needed if |base_address| is specified).
Deprecated:
Use LoadEnclave(const EnclaveLoadConfig &load_config)

◆ shared_resources() [1/2]

SharedResourceManager* asylo::EnclaveManager::shared_resources ( )
inline

Fetches the shared resource manager object.

Returns
The SharedResourceManager instance.

◆ shared_resources() [2/2]

const SharedResourceManager* asylo::EnclaveManager::shared_resources ( ) const
inline

Fetches the shared resource manager object.

Returns
The SharedResourceManager instance.
The documentation for this class was generated from the following file: