github.com/kata-containers/tests@v0.0.0-20240307153542-772105b56064/functional/sgx/sgx.json.in (about) 1 # 2 # Copyright (c) 2022 Intel Corporation 3 # 4 # SPDX-License-Identifier: Apache-2.0 5 # 6 { 7 "ociVersion": "1.0.0-rc2-dev", 8 "platform": { 9 "os": "linux", 10 "arch": "amd64" 11 }, 12 "annotations": { 13 "sgx.intel.com/epc": "16Mi" 14 }, 15 "process": { 16 "terminal": false, 17 "consoleSize": { 18 "height": 0, 19 "width": 0 20 }, 21 "user": { 22 "uid": 0, 23 "gid": 0 24 }, 25 "args": [ "/bin/tail", "-f", "/dev/null" ], 26 "env": [ 27 "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", 28 "TERM=xterm" 29 ], 30 "cwd": "/", 31 "rlimits": [{ 32 "type": "RLIMIT_NOFILE", 33 "hard": 1024, 34 "soft": 1024 35 }], 36 "noNewPrivileges": true 37 }, 38 "root": { 39 "path": "@ROOTFS@", 40 "readonly": false 41 }, 42 "hostname": "vfio-test", 43 "mounts": [{ 44 "destination": "/proc", 45 "type": "proc", 46 "source": "proc" 47 }, 48 { 49 "destination": "/dev", 50 "type": "tmpfs", 51 "source": "tmpfs", 52 "options": [ 53 "nosuid", 54 "strictatime", 55 "mode=755", 56 "size=65536k" 57 ] 58 }, 59 { 60 "destination": "/dev/pts", 61 "type": "devpts", 62 "source": "devpts", 63 "options": [ 64 "nosuid", 65 "noexec", 66 "newinstance", 67 "ptmxmode=0666", 68 "mode=0620", 69 "gid=5" 70 ] 71 }, 72 { 73 "destination": "/dev/shm", 74 "type": "tmpfs", 75 "source": "shm", 76 "options": [ 77 "nosuid", 78 "noexec", 79 "nodev", 80 "mode=1777", 81 "size=65536k" 82 ] 83 }, 84 { 85 "destination": "/dev/mqueue", 86 "type": "mqueue", 87 "source": "mqueue", 88 "options": [ 89 "nosuid", 90 "noexec", 91 "nodev" 92 ] 93 }, 94 { 95 "destination": "/sys", 96 "type": "sysfs", 97 "source": "sysfs", 98 "options": [ 99 "nosuid", 100 "noexec", 101 "nodev", 102 "ro" 103 ] 104 }, 105 { 106 "destination": "/sys/fs/cgroup", 107 "type": "cgroup", 108 "source": "cgroup", 109 "options": [ 110 "nosuid", 111 "noexec", 112 "nodev", 113 "relatime", 114 "ro" 115 ] 116 }, 117 { 118 "destination":"/dev", 119 "type":"bind", 120 "source":"/dev/", 121 "options":["rbind","rw"] 122 } 123 ], 124 "hooks": {}, 125 "linux": { 126 "cgroupsPath": "kata", 127 "resources": { 128 "devices": [ 129 {"allow":false,"access":"rwm"}, 130 {"allow":true,"type":"c","major":1,"minor":3,"access":"rwm"}, 131 {"allow":true,"type":"c","major":1,"minor":5,"access":"rwm"}, 132 {"allow":true,"type":"c","major":1,"minor":8,"access":"rwm"}, 133 {"allow":true,"type":"c","major":1,"minor":9,"access":"rwm"}, 134 {"allow":true,"type":"c","major":5,"minor":0,"access":"rwm"}, 135 {"allow":true,"type":"c","major":5,"minor":1,"access":"rwm"} 136 ] 137 }, 138 "namespaces": [{ 139 "type": "pid" 140 }, 141 { 142 "type": "network" 143 }, 144 { 145 "type": "ipc" 146 }, 147 { 148 "type": "uts" 149 }, 150 { 151 "type": "mount" 152 } 153 ], 154 "maskedPaths": [ 155 "/proc/kcore", 156 "/proc/latency_stats", 157 "/proc/timer_list", 158 "/proc/timer_stats", 159 "/proc/sched_debug", 160 "/sys/firmware" 161 ], 162 "readonlyPaths": [ 163 "/proc/asound", 164 "/proc/bus", 165 "/proc/fs", 166 "/proc/irq", 167 "/proc/sys", 168 "/proc/sysrq-trigger" 169 ] 170 } 171 }