Filetype Power Point PPTX | Posted on 05 Sep 2022 | 4 years ago
Authentication
digital resources
238x Filetype PPTX File size 0.58 MB Source: gramineproject.io
Disclosures and Disclaimers
• Porter has a significant financial interest in and
serves as a Technical Advisor to Fortanix
• Work supported in part by the US National Science
Foundation, VMware, and Intel
– Any opinions, findings, and conclusions or
recommendations expressed in this material are ours
alone, and do not necessarily reflect the views of the
National Science Foundation or other sponsors.
• Not ready for Production Use
– But working to get there soon…
2
Graphene Overview
• Goal: Easily run unmodified Linux applications on
other platforms
– Current focus on SGX
• Pragmatic approach:
– Modifying/rewriting apps may be best in long-run
– Getting legacy code in SGX quickly still an improvement
• Open-Source (LGPL)
• An experiment in progress…
3
How Graphene Works
• Reimplements Linux system calls on smaller ABI
– Vision: Implement ABI on any system,
Graphene “just works”
Enclave
Apache(P1)
Linux functionality
open read write …
open read write …
LibOS
Platform Adaption Layer
+ Shield Portability & shielding
36 OCalls (Semantic + crypto checks)
+ 2 for Debugging
Untrusted Host OS
4
Multi-Process Applications
Apache(P1) Apache(P2)
kill
Attestation Attestation
LibOS RpcSend() LibOS
by CPU Exchange by CPU
RpcConnect() Encryption RpcListen()
OCalls Key OCalls
• One LibOS / address space per process
• Implement shared OS abstractions over RPC
• Supports fork, exec, most System V IPC, signals, etc.
More LibOS Features
l fork exec Virtual File System
a SYS V
n
g
i IPC
d S
a ELF Proc Chroot e
e loader FS
r (Passthru) p
h Migration i Socket
T P
Namespace FS
RPC VMA Graphene LibOS
49 KLOC 891 KB
LibOS Source code LibOS Compiled
+ 18 KLOC + 279 KB
SGX PAL Source SGX PAL Compiled
no reviews yet
Please Login to review.
