search

gramineproject / examples

Sample applications configs for Gramine
BSD 3-Clause "New" or "Revised" License
29 stars 22 forks source link

Add swtpm example #57

Open dimakuv opened 1 year ago

dimakuv commented 1 year ago

Requires a PR in Gramine: https://github.com/gramineproject/gramine/pull/1210. UPDATE: That PR was merged already.

This change is Reviewable

stefanberger commented 1 year ago

@stefanberger Would you be interested in checking this PR?

I'm particularly interested in the security guarantees for swtpm with Gramine-SGX. Like, did I encrypt all files that swtpm creates, and whether I need to add some other tools inside Gramine-SGX.

If Gramine-SGX transparently encrypts files, then obviously you are safe. If not then the state at least can be encrypted with a key passed via command line to swtpm. If swtpm was made to log, then this log will not be encrypted and there's no possibility to pass a key, but you are not logging.

stefanberger commented 1 year ago

If swtpm was made to log, then this log will not be encrypted and there's no possibility to pass a key, but you are not logging.

Yes, I am not logging.

Thanks for this quick review, looks like this example is Ok from the security perspective? (I may play with migration keys supported in swtpm in the future, but I'm not using this now.)

I think so, yes.

    gramine-manifest \
        -Dlog_level=$(GRAMINE_LOG_LEVEL) \
        -Dencryption_key=$(GRAMINE_ENCRYPTION_KEY) \

@stefanberger And this is where we propagate the chosen encryption key into the manifest file.

Ok. I don't even have SGX ... just portS of Gramine :-)

_swtpm/README.md line 33 at r2 (raw file):_

Does Gramine with SGX transparently encrypt file contents?

Yes, see my other comments.

Even better, then you could probably log as well and have that log encrypted.

_swtpm/swtpm.manifest.template line 28 at r2 (raw file):_


  { path = "{{ entrypoint }}", uri = "file:{{ entrypoint }}" },
  { type = "encrypted", path = "/myvtpm2/", uri = "file:myvtpm2/", key_name = "{{ encryption_key }}" },

@stefanberger Please see this line -- here we ask Gramine to encrypt (using a special crypto protocol) all files under the path /myvtpm2/, and we use the encryption key {{ encryption_key }}. This encryption key variable resolves into "_sgx_mrenclave", which is an SGX-specific encryption key that ties encryption to the platform + to this particular SGX enclave.

Looks good to me.