consultants available to build on graphenesgx?
Ivan Svirid
We want to do a video transcoder, so we need encrypted filesystem as well.
prism is a self unpacking+executable archive compassed with zstd. Inside there are a few apps like ffmpeg, ffprobe, and the prism-app itself.
sgx/docker ./prism (1 NVIDIA GPU passed through if docker)
prism unpacks itself to (encrypted) ram/disk (the executable archive has ffmpeg, other apps)
prism connects to our backend, gets work
prism downloads video file to (encrypted) disk
prism calls ffmpeg
ffmpeg transcodes file to (encrypted) disk
prism uploads the file from (encrypted) disk
We do not mind revealing the compiled source of prism app, but while it is running as well as it unpacks itself, should happen in encrypted zone (so a elf like ffmpeg cannot be tampered with).
Wondering what options we have, I have no idea how graphene works but thinking along the lines of writing a shim that sets up a encrypted folder, chroot into folder?, that shim calls then /prism, unpacks it into the encrypted folder, and runs further like normal?
Kuvaiskii, Dmitrii
Dear Ivan,
I guess no one replied to you yet, but here is a quick feedback.
TLDR: If you want to communicate with the GPU from within the SGX enclave, this is not supported in Graphene. If you don’t need to communicate with the GPU, then seems like all your issues are solvable with current Graphene implementation (but you’ll need to figure out how to correctly port your apps into Graphene).
> Hello, we want to build on graphene sgx and were wondering if there is a consultant available to work with us to help get it done. We have the funds to pay for said person.
I don’t think anyone from the Graphene core team is available for this consulting work. We are currently tied up with preparation for the upcoming release, so there’s really no time left for enabling other people’s workloads.
> prism is a self unpacking+executable archive compassed with zstd. Inside there are a few apps like ffmpeg, ffprobe, and the prism-app itself.
This is hard for me to decipher. I guess you mean that you have several executables (ffmpeg, ffprobe, etc.) and some “loader” executable called prism? In other words, there is an entrypoint process `prism` that spawns child processes `ffmpeg`, `ffprobe`, etc to get the job done. This is possible in Graphene. Just specify your `prism` as the `libos.entrypoint` in the Graphene manifest file: https://graphene.readthedocs.io/en/latest/manifest-syntax.html#entrypoint. And add the rest of the executables as trusted files: https://graphene.readthedocs.io/en/latest/manifest-syntax.html#trusted-files.
> (1 NVIDIA GPU passed through if docker)
Graphene doesn’t support GPUs. If you’re trying to communicate with the GPU from within the SGX enclave (using Graphene), this is not supported and not possible.
> sgx/docker ./prism
I don’t know how you build your Docker image, and if you already put Graphene in there. But you can take a look at the GSC tool shipped together with Graphene: https://graphene.readthedocs.io/en/latest/manpages/gsc.html. The sources for it are here: https://github.com/oscarlab/graphene/tree/master/Tools/gsc.
> Wondering what options we have, I have no idea how graphene works but thinking along the lines of writing a shim that sets up a encrypted folder, chroot into folder?, that shim calls then /prism, unpacks it into the encrypted folder, and runs further like normal?
Graphene supports two FS modes that may be helpful in your case:
- Tmpfs – this one is an in-memory FS, in other words, the files are always stored in SGX enclave memory and never on hard disk. However, tmpfs has several limitations: it doesn’t currently
support mmap and it doesn’t allow for sharing of tmpfs files between processes. So look like a bad fit for you. But check here:
https://graphene.readthedocs.io/en/latest/manifest-syntax.html#fs-mount-points
- Protected Files – these files are automatically encrypted by the user-provided secret key. They should be useful in your case since you already establish a connection to your backend, so the backend can send you the secret key. Protected files are encrypted/decrypted transparently by Graphene. Please check: https://graphene.readthedocs.io/en/latest/manifest-syntax.html#protected-files. And also: https://graphene.readthedocs.io/en/latest/attestation.html. And finally an example: https://github.com/oscarlab/graphene/tree/master/Examples/ra-tls-secret-prov
--
Dmitrii
--
You received this message because you are subscribed to the Google Groups "Graphene Support Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
graphene-suppo...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/graphene-support/CAG-EYCiyXTrufi3Hkm0p%3DnjPg_CaAvGRAE5vgi8mC85raomGkA%40mail.gmail.com.
Intel Deutschland GmbH
Registered Address: Am Campeon 10, 85579 Neubiberg, Germany
Tel: +49 89 99 8853-0, www.intel.de
Managing Directors: Christin Eisenschmid, Sharon Heck, Tiffany Doon Silva
Chairperson of the Supervisory Board: Nicole Lau
Registered Office: Munich
Commercial Register: Amtsgericht Muenchen HRB 186928
Van Catha
> Graphene supports two FS modes that may be helpful in your case:
Thanks I will check this out.
Any idea on Linux Kernel support, would something like 5.13 carry all kmods needed to support running graphene?