On 2018-12-07 22:01, Dr. Greg wrote:
Baidu and Fortanix are working on Trusted RunTime Systems (TRTS) based on RUST, I believe, so this will affect them to the extent that they are implementing their own low level enclave runtime support or they may be simply building on top of the low level Intel TRTS. Perhaps Jethro would comment on these issues if he could.
As far as I know, Baidu merely provides Rust bindings to the Intel SDK. As far as our requirements, I've sent those in my previous email.
I'm assuming that in the proposed model the URTS would interrogate the VDSO to determine the availability of entry and exception handling support and then setup the appropriate infrastructure and exit handler? VDSO's are typically the domain of the system library. Given the nature of SGX I couldn't even conceive of Glibc offering support and, if it was acceptable to provide support, the potential timeframe that would be involved in seeing deployment in the field. As a result, do you anticipate the need for a 'flag day' with respect to URTS/PSW/SDK support for all of this?
It is my understanding that the use of the vDSO enclave entry will be optional. i.e., if your application/library/enclave combination installs a signal handler and calls ENCLU directly, that would still work. Of course, using the vDSO will be very strongly recommended.
-- Jethro Beekman | Fortanix
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
