Use case
I have an app, written in go, that sets up some system configurations (including nftables and TUN interfaces) and then starts serving and processing sensitive user data. I was wondering, if it is possible to run the second part inside of an enclave (because apparently the system configuration part is only possible outside of an enclave).
Describe your solution
As far as I understand it, that's more or less how a binary produced by ego work: it starts an app normally and then launches the enclave if possible. Is there a public API to control that and, in my case, hook into the launching process right before the enclave starts to set up the system? Same thing will be required before the enclave exits to revert the system configurations changes.
Use case
I have an app, written in go, that sets up some system configurations (including nftables and TUN interfaces) and then starts serving and processing sensitive user data. I was wondering, if it is possible to run the second part inside of an enclave (because apparently the system configuration part is only possible outside of an enclave).
Describe your solution
As far as I understand it, that's more or less how a binary produced by ego work: it starts an app normally and then launches the enclave if possible. Is there a public API to control that and, in my case, hook into the launching process right before the enclave starts to set up the system? Same thing will be required before the enclave exits to revert the system configurations changes.