blender.manifest.template

# Copyright (C) 2023 Gramine contributors
# SPDX-License-Identifier: BSD-3-Clause

# Blender manifest example

loader.entrypoint = "file:{{ gramine.libos }}"
libos.entrypoint = "/blender/blender"

loader.log_level = "{{ log_level }}"

loader.env.LD_LIBRARY_PATH = "/gramine_lib:/blender_lib:/usr/{{ arch_libdir }}:{{ arch_libdir }}"
loader.env.HOME = "/home/user"
loader.env.PWD = ""

loader.insecure__use_cmdline_argv = true

fs.mounts = [
  { path = "/gramine_lib", uri = "file:{{ gramine.runtimedir() }}" },
  { path = "/blender_lib", uri = "file:{{ blender_dir }}/lib" },
  { path = "{{ arch_libdir }}", uri = "file:{{ arch_libdir }}" },
  { path = "/usr/{{ arch_libdir }}", uri = "file:/usr/{{ arch_libdir }}" },
  { path = "/data", uri = "file:{{ data_dir }}" },
  { path = "/blender", uri = "file:{{ blender_dir }}" },
]

sgx.debug = true
sgx.edmm_enable = {{ 'true' if env.get('EDMM', '0') == '1' else 'false' }}
sys.stack.size = "8M"
sgx.enclave_size = "2048M"
sgx.max_threads = {{ '1' if env.get('EDMM', '0') == '1' else '64' }}

sgx.trusted_files = [
  "file:{{ gramine.libos }}",
  "file:{{ blender_dir }}/blender",
  "file:{{ blender_dir }}/lib/",
  "file:{{ gramine.runtimedir() }}/",
  "file:{{ arch_libdir }}/",
  "file:/usr/{{ arch_libdir }}/",
]

# INSECURE! These 3 lines are insecure by design and should never be used in production environments.
# There is a lot of files that Blender uses (e.g. bundled Python) and listing them here would
# be counter productive, as they may change between Blender releases and this is just a testing
# manifest.
# Additionally, Blender scenes could allow for code execution (e.g. via bundled scripts), so
# running untrusted scenes should not be allowed. This can be achieved for example by adding scenes
# to trusted files or uploading them to a running and attested enclave via secured connection.
sgx.allowed_files = [
  "file:{{ blender_dir }}/{{ blender_ver }}/",
  "file:{{ data_dir }}/scenes/",
  "file:{{ data_dir }}/images/",
]