Code Monkey home page Code Monkey logo

jethrogb / edgelessrt Goto Github PK

View Code? Open in Web Editor NEW

This project forked from edgelesssys/edgelessrt

0.0 2.0 0.0 96.24 MB

Edgeless RT is an SDK and a runtime for Intel SGX. It combines top-notch Go support with simplicity, robustness and a small TCB. Developing confidential microservices has never been easier! C++17 and Rust (experimental) are also supported.

Home Page: https://edgeless.systems

License: MIT License

Shell 6.08% CMake 22.62% C 25.22% C++ 39.74% Python 3.53% Go 1.64% HTML 0.33% Dockerfile 0.85%

edgelessrt's Introduction

Edgeless RT

ERT logo

Unit Tests GitHub license Gitter Chat

Edgeless RT is an SDK for Trusted Execution Environments (TEE) built on top of Open Enclave. It adds support for modern programming languages (in particular Go) and facilitates the porting of existing applications. Currently, hardware-wise, Edgeless RT focuses on Intel SGX. Support for other TEEs will follow as it becomes available in Open Enclave.

Key features of Edgeless RT are:

  • Comprehensive support for Go, most existing code runs without changes
  • Extended C/C++ support
    • More libc and POSIX functions
    • More C++17 STL
    • pthread and std::thread
    • libstdc++ for better compatibility with existing code
  • Seamless integration with Marblerun to create distributed confidential applications
  • Experimental support for Rust
  • Soon: support for Python

Quick Start

If you are on Ubuntu 18.04 and do not want to build the SDK yourself, you can install the binary release:

wget -qO- https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key | sudo apt-key add
sudo add-apt-repository 'deb [arch=amd64] https://download.01.org/intel-sgx/sgx_repo/ubuntu bionic main'
wget https://github.com/edgelesssys/edgelessrt/releases/download/v0.2.1/edgelessrt_0.2.1_amd64.deb
sudo apt install ./edgelessrt_0.2.1_amd64.deb build-essential libssl-dev
sudo snap install cmake --classic

Then proceed with Use.

Build

Edgeless RT primarily targets Ubuntu 18.04. Other Linuxes may work as well. Windows is not yet supported.

  1. Determine the SGX support of your system

    cc -ooesgx src/tools/oesgx/oesgx.c && ./oesgx

    You will get one of the following three types of output:

    oesgx output SGX support level
    CPU supports SGX_FLC:Flexible Launch Control
    CPU supports Software Guard Extensions:SGX1    		 SGX1+FLC
    CPU supports Software Guard Extensions:SGX1 SGX1
    CPU does not support SGX Simulation

  2. Set up the environment

    Ansible is required to install the project requirements. Install it by running:

    sudo scripts/ansible/install-ansible.sh

    Run one of the following commands depending on the SGX support level:

    • SGX1+FLC in an Azure Confidential Compute (ACC) VM:

      ansible-playbook scripts/ansible/oe-contributors-acc-setup.yml

    • SGX1+FLC:

      ansible-playbook scripts/ansible/oe-contributors-setup.yml

    • SGX1:

      ansible-playbook scripts/ansible/oe-contributors-setup-sgx1.yml

    • Simulation:

      ansible-playbook scripts/ansible/oe-contributors-setup-sim.yml

    NOTE: The Ansible playbook commands require sudo rights. You may need to specify --ask-become-pass and enter your sudo password.

  3. Build the SDK

    mkdir build
cd build
cmake -GNinja ..
ninja

    To set a custom installation path (default: /opt/edgelessrt), add, e.g., -DCMAKE_INSTALL_PREFIX=~/edgelessrt-install.

Test

After building, run the following command in the build directory to confirm everything works as expected:

ctest

In simulation mode run this command instead:

OE_SIMULATION=1 ctest

Install

From the build directory run:

ninja install

Or if you do not have write permissions for the installation path:

sudo ninja install

Use

To use the SDK you need to source the openenclaverc file to setup environment variables:

. /opt/edgelessrt/share/openenclave/openenclaverc

Now you are ready to build applications with Edgeless RT! To start, check out the samples.

Also see the C API documentation and/or the Go API documentation.

Debug

debugging with vscode

You can use Open Enclave's oegdb to debug enclave code built with Edgeless RT. oegdb is automatically installed with Edgeless RT. It also supports Go enclaves.

oegdb works great with Visual Studio Code (vscode). For example, use the following configuration to debug the in-enclave Go code from our HashiCorp Vault sample in vscode:

{
  "version": "0.2.0",
  "configurations": [
    {
      "name": "(oegdb) Launch",
      "miDebuggerPath": "/opt/edgelessrt/bin/oegdb",
      "type": "cppdbg",
      "request": "launch",
      "program": "/opt/edgelessrt/bin/erthost",
      "args": ["enclave.signed","server","-dev"],
      "stopAtEntry": false,
      "cwd": "${workspaceFolder}/samples/vault/build/",
      "environment": [],
      "externalConsole": false,
      "MIMode": "gdb",
      "setupCommands": [
          {
              "description": "Enable pretty-printing for gdb",
              "text": "-enable-pretty-printing",
              "ignoreFailures": true
          },
          {
              "text": "handle SIGILL nostop"
          }
      ]
    }
  ]
}

edgelessrt's People

Contributors

0dragosh avatar anakrish avatar andyleejordan avatar anitagov avatar arjunvnambiar avatar aserdean avatar berinpaul avatar bmhsieh avatar brmclaren avatar dthaler avatar gupta-ak avatar hernangatta avatar ionutbalutoiu avatar jazzybluesea avatar jhand2 avatar jorkl avatar jxyang avatar letmaik avatar lk2100 avatar mikbras avatar mingweishih avatar oeciteam avatar olgavrou avatar oprinmarius avatar radhikaj avatar soccergb avatar sushantstripathi avatar thomasten avatar vishnumohan1991 avatar zehranaz avatar

Watchers

avatar avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.