Asylo
Classes | Public Member Functions | Static Public Member Functions | Protected Member Functions | List of all members
asylo::primitives::Client Class Referenceabstract

A reference to an enclave held by untrusted code. More...

#include <asylo/platform/primitives/untrusted_primitives.h>

Inheritance diagram for asylo::primitives::Client:
Inheritance graph
[legend]
Collaboration diagram for asylo::primitives::Client:
Collaboration graph
[legend]

Classes

class  ExitCallProvider
 An interface to a provider of enclave exit calls. More...
 
class  ScopedCurrentClient
 An RAII wrapper that sets thread-local enclave "current client" reference on construction and resets it to the previous value when destroyed. More...
 

Public Member Functions

virtual ~Client ()=default
 
virtual Status RegisterExitHandlers () ASYLO_MUST_USE_RESULT
 An overridable handler registration method. More...
 
virtual bool IsClosed () const =0
 A predicate for whether the enclave may be entered or will accept messages. More...
 
virtual Status Destroy ()=0
 
virtual absl::string_view Name () const
 A getter for the enclave name. More...
 
void SetCurrentClient ()
 Stores this as the active thread's "current client". More...
 
Status EnclaveCall (uint64_t selector, MessageWriter *input, MessageReader *output) ASYLO_MUST_USE_RESULT
 Enters the enclave synchronously at an entry point to trusted code designated by selector. More...
 
ExitCallProviderexit_call_provider ()
 Accessor to the client's exit call provider. More...
 

Static Public Member Functions

static ClientGetCurrentClient ()
 A static getter for the current client. More...
 
static PrimitiveStatus ExitCallback (uint64_t untrusted_selector, MessageReader *in, MessageWriter *out)
 Enclave exit callback function shared with the enclave. More...
 

Protected Member Functions

 Client (const absl::string_view name, std::unique_ptr< ExitCallProvider > exit_call_provider)
 Constructs a client, reserved for only backend implementations. More...
 
virtual Status EnclaveCallInternal (uint64_t selector, MessageWriter *input, MessageReader *output) ASYLO_MUST_USE_RESULT=0
 Provides implementation of EnclaveCall. More...
 

Detailed Description

A reference to an enclave held by untrusted code.

This declares the primitive API exposed to untrusted application code by the Asylo runtime. Each Asylo backend is responsible for providing an implementation of this interface. To support multiple implementations, the interface defines a generic "Enclave Backend" concept which every backend must implement. An enclave backend is a structure compatible with:

struct EnclaveBackend {
// Load an enclave, returning a Client or error status.
static StatusOr<std::shared_ptr<Client>> Load(...);
};

Constructor & Destructor Documentation

◆ ~Client()

virtual asylo::primitives::Client::~Client ( )
virtualdefault

◆ Client()

asylo::primitives::Client::Client ( const absl::string_view  name,
std::unique_ptr< ExitCallProvider exit_call_provider 
)
inlineprotected

Constructs a client, reserved for only backend implementations.

Parameters
nameThe name of the enclave.
exit_call_providerA pointer an ExitCallProvider that the Client takes ownership of. The provider is the source of all ExitHandlers.

Member Function Documentation

◆ Destroy()

virtual Status asylo::primitives::Client::Destroy ( )
pure virtual

◆ EnclaveCall()

Status asylo::primitives::Client::EnclaveCall ( uint64_t  selector,
MessageWriter *  input,
MessageReader *  output 
)

Enters the enclave synchronously at an entry point to trusted code designated by selector.

Input input is copied into the enclave, which may occur locally inside the same address space as the caller or remotely via RPC. Conversely, results are copied and returned in 'output'.

Parameters
selectorThe identification number to select a registered handler in the enclave.
inputA pointer to a MessageWriter, into which all call inputs must be pushed.
outputA pointer to a MessageReader from which to read outputs from the call.
Returns
A status for the call action, since the call itself may fail.

◆ EnclaveCallInternal()

virtual Status asylo::primitives::Client::EnclaveCallInternal ( uint64_t  selector,
MessageWriter *  input,
MessageReader *  output 
)
protectedpure virtual

Provides implementation of EnclaveCall.

This method is virtual for backends to override. The public EnclaveCall method provides necessary boilerplate around each call to this implementation.

Parameters
selectorThe identification number to select a registered handler in the enclave.
inputA pointer to a MessageWriter, into which all call inputs must be pushed.
outputA pointer to a MessageReader from which to read outputs from the call.
Returns
A status for the call action, since the call itself may fail.

◆ exit_call_provider()

ExitCallProvider* asylo::primitives::Client::exit_call_provider ( )
inline

Accessor to the client's exit call provider.

Returns
A mutable pointer to the client's ExitCallProvider.

◆ ExitCallback()

static PrimitiveStatus asylo::primitives::Client::ExitCallback ( uint64_t  untrusted_selector,
MessageReader *  in,
MessageWriter *  out 
)
static

Enclave exit callback function shared with the enclave.

Parameters
untrusted_selectorThe identification number to select a registered handler in the current client.
inA pointer to a MessageReader, from which all inputs are read.
outA pointer to a MessageWriter, into which all call outputs are written.
Returns
A PrimitiveStatus for the call action, since the call itself may fail.

◆ GetCurrentClient()

static Client* asylo::primitives::Client::GetCurrentClient ( )
static

A static getter for the current client.

Returns
A pointer to the active thread's current client.

◆ IsClosed()

virtual bool asylo::primitives::Client::IsClosed ( ) const
pure virtual

A predicate for whether the enclave may be entered or will accept messages.

Returns
True if the enclave has been destroyed, or if it is marked for destruction pending the completion of an operation by another thread.

◆ Name()

virtual absl::string_view asylo::primitives::Client::Name ( ) const
inlinevirtual

A getter for the enclave name.

Enclave names are used for fetching client instances from the enclave manager.

Returns
The name of the enclave.

◆ RegisterExitHandlers()

virtual Status asylo::primitives::Client::RegisterExitHandlers ( )
virtual

An overridable handler registration method.

This allows backend implementations to register special-purpose exit handlers that might only be appropriate to that backend. The default implementation registers nothing and returns Ok.

Returns
An error on failure, or Ok.

◆ SetCurrentClient()

void asylo::primitives::Client::SetCurrentClient ( )

Stores this as the active thread's "current client".

This should only be called if an enclave entry happens without going through a regular enclave entry point (like a fork from inside the enclave).


The documentation for this class was generated from the following file: