Skip to main content

sallyport


Nathaniel
So we have this crate called sallyport. And it's one of our larger sub crates. And the purpose of sallyport is to be a communication channel between the host and the untrusted host, and the guest. And so the encrypted guest can basically send messages to the host and, and can ask the host to do things on behalf of the guest. Most common of these messages are syscalls. So for example, if you wanted to read on a socket, or if you wanted to write to a socket, or you wanted to sleep for a certain amount of time, or any of these sorts of scheduling, or IO operations, all of those syscalls get forwarded over the sallyport. And so it's pretty important for performance because it's the the main communication channel with the hosts. And we currently are in a state of this where we're using what's called version one of this. But we also have a version two, did you rename this 0.3 is? Okay, gotcha. So, we actually have a rewrite of this that's happening in the version 0.3 branch. And this is basically feature complete with 0.2 and is used by an Enarx 0.2. But in the next release, we hope to switch over to using the rewrite of this, the intention of the rewrite, we also need to update the documentation for this, by the way, on the front page to talk about the rewrite. So the intention of the rewrite is to make things a lot safer, and to also be more flexible in how we lay out data in the sallyport. So that we can accommodate other types of messages. And we can also hopefully, version, that interface as well. So I won't go into a lot of code here. If you want details, you know you can look at that. There's also an issue I believe in open issue that describes roughly how it works as well as some open pull requests and, and such. So we still do most of more development on this but it's overall looking in very good shape. Thanks to Roman.