Victor-ZZ opened a new issue #317:
URL: https://github.com/apache/incubator-teaclave-sgx-sdk/issues/317
Hi everyone,
## Context
I'm trying to port Timely Dataflow to work in SGX using this SDK as part of
my dissertation. An experimental (and perhaps stupid) idea I have is too run
some of the dataflow operations and store their associated data in untrusted
environment. Therefore, I am trying to develop a library where the majority
runs in SGX with `sgx_tstd as std` but will use some ocalls to do some things
outside SGX (Eg. using remote attestation to set up an encrypted communication
channel with a remote worker process), where these ocalls potentially use the
untrusted `std` and perhaps things that ultimately depend on untrusted `std`.
## Question
I have tried out the examples in this repo, looked at their make files, but
I'm still not sure what's the best way to structure a reusable Rust library
that contains ocalls and want to use both `std` and `sgx_tstd`. In addition,
I'm also confused to how the compilation should go for such a library and
someone who uses such a library. Tho I'm quite sure that I can reused the
structure (and the make files) in the examples if I were to simply make an
application.
## Example
A more concrete example would be as the following:
**I have a crate called timely with the following structure:**
* timely
* src
* lib.rs
* enclave_timely.rs
* untrusted_timely.rs
* edl
* timely.edl
* Cargo.toml
lib.rs
```Rust
pub mod enclave_timely;
```
enclave_timely.rs
```Rust
#![no_std]
extern crate sgx_tstd as sgx_std;
extern crate sgx_types;
use sgx_std::vec::Vec;
use sgx_types::sgx_status_t;
extern "C" {
pub fn test_ocall(retval: *mut sgx_status_t, some_value: usize);
}
pub fn test_lib_call() {
let v = Vec::new();
let mut ret = sgx_status_t::SGX_SUCCESS;
unsafe {test_ocall(&mut ret, 8);}
}
```
untrusted_timely.rs
```Rust
extern crate sgx_types;
use sgx_types::sgx_status_t;
pub extern "C" fn test_ocall (some_val: usize) {
let v = Vec::new();
v.push(some_val);
println!("hello from enclave: {}", some_val);
}
```
timely.edl
```
enclave {
untrusted {
sgx_status_t test_ocall(uint32_t some_val);
};
};
```
**Then I would have someone who uses this like**
```Rust
extern crate timely;
use timely::enclave_timely::test_lib_call;
pub fn test() {
test_lib_call();
}
```
```
enclave {
from "timely.edl" import *;
};
```
This example obviously does not work because enclave_timely wants `[no_std]`
but untrusted_timely wants a `std` environment and the compiler complains about
duplicated definitions. From my understanding, to make this work, I have to put
the trusted part in one crate, and to put the untrusted part in another crate.
Then the untrusted crate will be compiled as a library and linked with the
`enclave_u` files generated by edger8r and the trusted crate will be compiled
as a library and linked with the `enclave_t` files. I'm not sure if this is
correct and if this is the best way to do this.
I'm new to SGX and Rust (and a compiler noob) so I might be missing some
obvious things here. I would also really appreciate if someone could point me
to additional resources for self-help.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscr...@teaclave.apache.org
For additional commands, e-mail: notifications-h...@teaclave.apache.org
