A reference to an enclave held by untrusted code. More...
#include <asylo/platform/primitives/untrusted_primitives.h>
Classes | |
| class | ExitCallProvider |
| An interface to a provider of enclave exit calls. More... | |
| class | ScopedCurrentClient |
| An RAII wrapper that sets thread-local enclave "current client" reference on construction and resets it to the previous value when destroyed. More... | |
Public Member Functions | |
| virtual | ~Client () |
| virtual Status | RegisterExitHandlers () ASYLO_MUST_USE_RESULT |
| An overridable handler registration method. More... | |
| virtual bool | IsClosed () const =0 |
| A predicate for whether the enclave may be entered or will accept messages. More... | |
| virtual Status | Destroy ()=0 |
| virtual absl::string_view | Name () const |
| A getter for the enclave name. More... | |
| void | SetCurrentClient () |
Stores this as the active thread's "current client". More... | |
| Status | EnclaveCall (uint64_t selector, MessageWriter *input, MessageReader *output) ASYLO_MUST_USE_RESULT |
Enters the enclave synchronously at an entry point to trusted code designated by selector. More... | |
| ExitCallProvider * | exit_call_provider () |
| Accessor to the client's exit call provider. More... | |
| virtual void | RegisterMemory (void *mem) |
| Register memory to be freed upon enclave destruction. More... | |
| virtual void | ReleaseMemory () |
| Frees enclave resources registered to the client. More... | |
Static Public Member Functions | |
| static Client * | GetCurrentClient () |
| A static getter for the current client. More... | |
| static PrimitiveStatus | ExitCallback (uint64_t untrusted_selector, MessageReader *in, MessageWriter *out) |
| Enclave exit callback function shared with the enclave. More... | |
Protected Member Functions | |
| Client (const absl::string_view name, std::unique_ptr< ExitCallProvider > exit_call_provider) | |
| Constructs a client, reserved for only backend implementations. More... | |
| virtual Status | EnclaveCallInternal (uint64_t selector, MessageWriter *input, MessageReader *output) ASYLO_MUST_USE_RESULT=0 |
| Provides implementation of EnclaveCall. More... | |
Detailed Description
A reference to an enclave held by untrusted code.
This declares the primitive API exposed to untrusted application code by the Asylo runtime. Each Asylo backend is responsible for providing an implementation of this interface. To support multiple implementations, the interface defines a generic "Enclave Backend" concept which every backend must implement. An enclave backend is a structure compatible with:
Constructor & Destructor Documentation
◆ ~Client()
|
inlinevirtual |
◆ Client()
|
inlineprotected |
Constructs a client, reserved for only backend implementations.
- Parameters
-
name The name of the enclave. exit_call_provider A pointer an ExitCallProvider that the Client takes ownership of. The provider is the source of all ExitHandlers.
Member Function Documentation
◆ Destroy()
|
pure virtual |
◆ EnclaveCall()
| Status asylo::primitives::Client::EnclaveCall | ( | uint64_t | selector, |
| MessageWriter * | input, | ||
| MessageReader * | output | ||
| ) |
Enters the enclave synchronously at an entry point to trusted code designated by selector.
Input input is copied into the enclave, which may occur locally inside the same address space as the caller or remotely via RPC. Conversely, results are copied and returned in 'output'.
- Parameters
-
selector The identification number to select a registered handler in the enclave. input A pointer to a MessageWriter, into which all call inputs must be pushed. output A pointer to a MessageReader from which to read outputs from the call.
- Returns
- A status for the call action, since the call itself may fail.
◆ EnclaveCallInternal()
|
protectedpure virtual |
Provides implementation of EnclaveCall.
This method is virtual for backends to override. The public EnclaveCall method provides necessary boilerplate around each call to this implementation.
- Parameters
-
selector The identification number to select a registered handler in the enclave. input A pointer to a MessageWriter, into which all call inputs must be pushed. output A pointer to a MessageReader from which to read outputs from the call.
- Returns
- A status for the call action, since the call itself may fail.
◆ exit_call_provider()
|
inline |
Accessor to the client's exit call provider.
- Returns
- A mutable pointer to the client's ExitCallProvider.
◆ ExitCallback()
|
static |
Enclave exit callback function shared with the enclave.
- Parameters
-
untrusted_selector The identification number to select a registered handler in the current client. in A pointer to a MessageReader, from which all inputs are read. out A pointer to a MessageWriter, into which all call outputs are written.
- Returns
- A PrimitiveStatus for the call action, since the call itself may fail.
◆ GetCurrentClient()
|
static |
A static getter for the current client.
- Returns
- A pointer to the active thread's current client.
◆ IsClosed()
|
pure virtual |
A predicate for whether the enclave may be entered or will accept messages.
- Returns
- True if the enclave has been destroyed, or if it is marked for destruction pending the completion of an operation by another thread.
◆ Name()
|
inlinevirtual |
A getter for the enclave name.
Enclave names are used for fetching client instances from the enclave manager.
- Returns
- The name of the enclave.
◆ RegisterExitHandlers()
|
virtual |
An overridable handler registration method.
This allows backend implementations to register special-purpose exit handlers that might only be appropriate to that backend. The default implementation registers nothing and returns Ok.
- Returns
- An error on failure, or Ok.
◆ RegisterMemory()
|
inlinevirtual |
Register memory to be freed upon enclave destruction.
- Parameters
-
mem A pointer to be passed to free on enclave exit.
◆ ReleaseMemory()
|
inlinevirtual |
Frees enclave resources registered to the client.
◆ SetCurrentClient()
| void asylo::primitives::Client::SetCurrentClient | ( | ) |
Stores this as the active thread's "current client".
This should only be called if an enclave entry happens without going through a regular enclave entry point (like a fork from inside the enclave).
The documentation for this class was generated from the following file:
- asylo/platform/primitives/untrusted_primitives.h