Can I run a non-SGX application under SGX environment with graphene?

[Memtwo]

I want to rn click modular router, which is a non SGX application, under SGX environment. Can I make it with graphene?

[dimakuv]

Yes, that's the whole point of Graphene -- enabling an existing non-SGX application in the SGX environment without any modifications to the application itself (the "lift and shift" paradigm). You only need to create an accompanying "manifest" file for your application, so Graphene knows how to "handle" the application.

You can find several examples on enabling apps in Graphene here: https://github.com/oscarlab/graphene/tree/master/Examples

Of course, there is a caveat that it requires some effort to write the correct manifest file. There is also a caveat that some things may not work under Graphene (e.g., communicating with devices via ioctl is currently unsupported). So it's a matter of trial and error.

[monavij]

Alternatively you can also package your application in a Docker container and then use our tool called GSC that will automatically create the manifest and wrap your application in Graphene with SGX. But GSC is also under development so has certain limitaions in current version.