-
Notifications
You must be signed in to change notification settings - Fork 264
How to transmit variables between SGX and untrusted environments #2690
Comments
Please expand on this. What do you mean by "transmit"? In which direction? In which format? Can you use regular files for this transmission (that's the typical way of sharing something between the untrusted host and the SGX enclave)? |
Thanks for your quick apply! I want to perform some tensor computation inside the SGX and other computations in the untrusted environment. This requires to transmit variables in and out the SGX in both directions. The format is pytorch tensor. Regular files are viable options but I'm afraid the file operation is slow. Is it possible to use some shared memory between SGX and the untrusted environment? This repo implements a similar feature using TensorFlow. However, because I'm not very familiar with SGX, currently I don't know how it implements this feature. |
Gramine is a generic SGX runtime, and it doesn't allow for splitting the process in trusted and untrusted parts. The whole process must be shifted inside Gramine (and thus to inside the SGX enclave). So I'm afraid that without significant refactoring of your original PyTorch program, you won't be able to achieve your goal.
No, Gramine doesn't support this. Maybe in the future we'll add such support, but currently there is none.
The Slalom (https://github.com/ftramer/slalom) work is definitely interesting, but Gramine has different purposes, design, and implementation. Thus, Gramine cannot do similar things as Slalom. The only thing you can try to do with Gramine is something like this:
Now you can shift the first process in the SGX enclave using Gramine. And the second process just runs outside. |
Thanks! |
Hi,
I want to implement a pytorch program that needs to transmit tensors between SGX and the untrusted environment. I have read the pytorch tutorial but it doesn't mention such techniques. The tutorial mainly displays how to run a script inside the SGX. I was wondering are there any documents about how to implement/use such features?
Best wishes,
The text was updated successfully, but these errors were encountered: