From 8ca762b0f4a716a230ec7c7c4082ec7ea3f4e227 Mon Sep 17 00:00:00 2001 From: Jia Zhang Date: Mon, 27 Jul 2020 03:38:16 +0000 Subject: [PATCH] Add terminology doc Signed-off-by: Jia Zhang --- README.md | 5 +++++ docs/terminology.md | 20 ++++++++++++++++++++ 2 files changed, 25 insertions(+) create mode 100644 docs/terminology.md diff --git a/README.md b/README.md index f775373..3935ce0 100644 --- a/README.md +++ b/README.md @@ -45,6 +45,11 @@ In addition, you can write your own enclave runtime with any programming languag --- +## Terminology +Please refer to [this doc] for the details. + +--- + ## Using rune ### Run Occlum Please refer to [this guide](https://github.com/alibaba/inclavare-containers/blob/master/docs/running_rune_with_occlum.md) to run `Occlum` with `rune`. diff --git a/docs/terminology.md b/docs/terminology.md new file mode 100644 index 0000000..004c134 --- /dev/null +++ b/docs/terminology.md @@ -0,0 +1,20 @@ +# init-runelet +Essentially, it is init process inside container. In runc, init process eventually executes the entrypoint of container defined in config.json. In rune, init process never call execve() syscall. Instead, it serves for the communications between Enclave Runtime PAL and the host side through Enclave Runtime PAL API. + +# runelet +init-runelet is created by `rune create`, and runelet process on behalf of enclave application is created by `rune exec`. + +# Enclave Runtime PAL API +This API defines the function calls beutween Enclave Runtime PAL and init-runelet. + +# Enclave Runtime PAL +The implementer of Enclave Runtime PAL API, on behalf of Enclave Runtime. + +# Enclave Runtime +The implementer of enclave. Occlum and Graphene-SGX are all the so-called Enclave Runtime. + +# Enclave Application +The actual running entity inside Enclave Runtime. + +# Enclave Container +A new class of container managed by OCI Runtime `rune`. -- GitLab