sslab-gatech / opensgx

OpenSGX
Other
295 stars 80 forks source link

OpenSGX: An open platform for Intel SGX

Environments & Prerequisites

Fedora $ yum-builddep qemu


- Compilation
~~~~~{.sh}
Compile QEMU
$ cd qemu
$ ./configure-arch
$ make -j $(nproc)

Back to opensgx/
$ cd ..

Compile sgx library
$ make -C libsgx

Compile user-level code
$ make -C user

Run your first OpenSGX program

#include <sgx-lib.h>
#include <stdio.h>

void enclave_main()
{
    char *hello = "hello sgx"\n";
    puts(hello);
    sgx_exit(NULL);
}
$ ./opensgx -k
generate sign.key
$ ./opensgx -c user/demo/hello.c
generate hello.sgx
$ ./opensgx -s user/demo/hello.sgx --key sign.key
generate hello.conf
$ ./opensgx user/demo/hello.sgx user/demo/hello.conf
run the program
$ ./opensgx -i user/demo/hello.sgx user/demo/hello.conf
run the program with counting the number of executed guest instructions

Debugging using GDB

Breakpoint 1, 0x0000000000401a80 in main ()

- Find text section offset
~~~~~{.sh}
$ readelf -S user/demo/hello.sgx | grep text
  [ 2] .text             PROGBITS         0000000050000110  00000110

Breakpoint 2, 0x0000000050000110 in enclave_main () (gdb)


Testing
-------

~~~~~{.sh}
$ cd user
$ ./test.sh test/simple
...
$ ./test.sh --help
[usage] ./test.sh [option]... [binary]
-a|--all  : test all cases
-h|--help : print help
--perf|--performance-measure : measure SGX emulator performance metrics
[test]
 test/exception-div-zero.c     :  An enclave test case for divide by zero exception.
 test/fault-enclave-access.c   :  An enclave test case for faulty enclave access.
 test/simple-aes.c             :  An enclave test case for simple encryption/decryption using openssl library.
 test/simple-attest.c          :  test network send
test/simple.c                 :  The simplest enclave enter/exit.
 test/simple-func.c            :  The simplest function call inside the enclave.
 test/simple-getkey.c          :  hello world
 test/simple-global.c          :  The simplest enclave which accesses a global variable
 test/simple-hello.c           :  Hello world enclave program.
 test/simple-network.c         :  test network recv
 test/simple-openssl.c         :  test openssl api
 test/simple-quote.c           :  test network recv
 test/simple-recv.c            :  An enclave test case for sgx_recv.
 test/simple-send.c            :  An enclave test case for sgx_send.
 test/simple-sgxlib.c          :  An enclave test case for sgx library.
 test/simple-stack.c           :  The simplest enclave enter/exit with stack.
 test/stub.c                   :  An enclave test case for stub & trampoline interface.
 test/stub-malloc.c            :  An enclave test case for using heap
 test/stub-realloc.c           :  An enclave test case for sgx_realloc

Pointers

Contribution

We are more than happy to see any comments or feedback, as to improve this project. To make contributions and take part in the project, there are several ways you can do:

We specially appreciate those who actively make contributions to the project:

Contact

Email: OpenSGX team.

Authors

NOTE. All authors at Gatech and KAIST equally contributed to the project

Publications

@inproceedings{opensgx, title = {{OpenSGX: An Open Platform for SGX Research}}, author = {Prerit Jain and Soham Desai and Seongmin Kim and Ming-Wei Shih and JaeHyuk Lee and Changho Choi and Youjung Shin and Taesoo Kim and Brent Byunghoon Kang and Dongsu Han}, booktitle = {Proceedings of the Network and Distributed System Security Symposium}, month = feb, year = 2016, address = {San Diego, CA}, }


- Papers that use OpenSGX: 

A First Step Towards Leveraging Commodity Trusted Execution Environments for Network Applications Seongmin Kim, Youjung Shin, Jaehyung Ha, Taesoo Kim, Dongsu Han ACM HotNets 2015

@inproceedings{kim:hotnets2015, title = {{A First Step Towards Leveraging Commodity Trusted Execution Environments for Network Applications}}, author = {Seongmin Kim and Youjung Shin and Jaehyung Ha and Taesoo Kim and Dongsu Han}, booktitle = {Proceedings of the 14th ACM Workshop on Hot Topics in Networks (HotNets)}, month = nov, year = 2015, address = {Philadelphia, PA}, }