-
Notifications
You must be signed in to change notification settings - Fork 123
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* Massive documentation update Contains rewrites, new tutorials, and re-organization of documentation.
- Loading branch information
Showing
29 changed files
with
816 additions
and
161 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
Configuring and building Eyrie | ||
============================== | ||
|
||
Upcoming |
42 changes: 42 additions & 0 deletions
42
docs/source/Building-Components/Security-Monitor-Platform-Build.rst
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,42 @@ | ||
Building the Keystone Security Monitor | ||
=========================================== | ||
|
||
The security monitor (SM) is the core component of Keystone. | ||
|
||
The SM is implemented on top of Berkeley Bootloader (bbl). | ||
You can find the latest SM at `<https://github.com/keystone-enclave/riscv-pk>`_ (upstream bbl: | ||
`<https://github.com/riscv/riscv-pk>`_). | ||
Most of the Keystone SM source code lives in ``sm`` directory. | ||
|
||
:: | ||
|
||
git clone https://github.com/keystone-enclave/riscv-pk | ||
cd riscv-pk | ||
|
||
If you have followed :doc:`Quick Start <../Getting-Started/Running-Keystone-with-QEMU>`, the build directory is | ||
already created at ``hifive-work/riscv-pk``. | ||
Otherwise, create a build directory. | ||
|
||
:: | ||
|
||
mkdir build | ||
cd build | ||
|
||
Configure and build ``bbl``. The SM can be built by additional flags ``--enable-sm`` and | ||
``--with-target-platform`` at configuration. | ||
|
||
:: | ||
|
||
../configure \ | ||
--enable-sm \ | ||
--with-target-platform=default \ | ||
--host=riscv64-unknown-linux-gnu \ | ||
--with-payload=<path to vmlinux> | ||
|
||
make | ||
|
||
This will generate the boot image ``bbl`` in the build directory. Use it to boot the machine. | ||
|
||
Now, we will customize the SM for a FU540 chip on HiFive Unleashed board. | ||
Currently, we only have one experimental platform configuration for FU540. | ||
If you wish to add your platform as a target, please submit a proposal to `GitHub <https://github.com/keystone-enclave/riscv-pk/issues>`_. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,72 @@ | ||
Vault.sh | ||
======== | ||
|
||
``vault.sh`` is a sample build script for building eapps/hosts, | ||
building an appropriate Eyrie configuration, and packaging all three | ||
into a self-extracting archive. | ||
|
||
In most cases, changing the variables in the script will be sufficient | ||
to build a custom enclave. | ||
|
||
The hello world | ||
:doc:`tutorial<../Getting-Started/Tutorials/Build-Enclave-App-Hello-World>` | ||
vault script is as follows: | ||
|
||
.. code-block:: bash | ||
################################################################ | ||
# Replace the variables # | ||
################################################################ | ||
NAME=hello | ||
VAULT_DIR=`dirname $0` | ||
BUILD_COMMAND="make -C eapp && make -C host" | ||
OUTPUT_DIR=$KEYSTONE_SDK_DIR/../buildroot_overlay/root/$NAME | ||
EYRIE_DIR=$KEYSTONE_SDK_DIR/rts/eyrie | ||
EYRIE_PLUGINS="freemem untrusted_io_syscall linux_syscall env_setup" | ||
PACKAGE_FILES="eapp/hello \ | ||
host/runner \ | ||
$EYRIE_DIR/eyrie-rt" | ||
PACKAGE_SCRIPT="./runner hello eyrie-rt" | ||
We will go through what each variable is for, and how the script builds the enclave. | ||
|
||
``NAME`` defines the name of the enclave. It will be used to generate the final enclave package. | ||
|
||
``VAULT_DIR`` is the path to the script. The script will change the directory to ``$VAULT_DIR`` | ||
before running the build commands. | ||
|
||
``BUILD_COMMAND`` defines the build commands. This example has ``Makefile`` in each of the | ||
directory, so the script just needs to execute ``make`` at each directory to build both the eapp and | ||
the host. | ||
|
||
``OUTPUT_DIR`` is the path to the output files. Since we started from :doc:`Quick Start | ||
<../Getting-Started/Running-Keystone-with-QEMU>`, we put the build outputs to the buildroot overlay directory so | ||
that we can see them in the QEMU disk image. | ||
|
||
``EYRIE_DIR`` is the path to the Eyrie runtime source code. | ||
|
||
``EYRIE_PLUGINS`` defines what plugins you want to include in the runtime. | ||
|
||
``PACKAGE_FILES`` defines which files you want to include in the final enclave package. | ||
``vault.sh`` uses `Makeself <https://makeself.io/>`_ to generate a self-extracting archive for the | ||
enclave. | ||
The package usually includes the host binary (i.e., ``host/runner``), the eapp binary (i.e., | ||
``eapp/hello``), and the runtime binary (i.e., ``$EYRIE_DIR/eyrie-rt``) | ||
|
||
``PACKAGE_SCRIPT`` defines the input command to ``makeself``. The self-extracting archive will | ||
execute this command after the decompression. | ||
|
||
Eyrie Runtime | ||
------------------------------ | ||
|
||
If you have completed :doc:`Quick Start <../Getting-Started/Running-Keystone-with-QEMU>`, the runtime source code | ||
would have been already located at ``$EYRIE_DIR``. | ||
|
||
You can find the following command in ``vault.sh``, which builds the Eyrie runtime. | ||
|
||
:: | ||
|
||
$EYRIE_DIR/build.sh $EYRIE_PLUGINS | ||
|
||
|
||
|
This file was deleted.
Oops, something went wrong.
107 changes: 107 additions & 0 deletions
107
docs/source/Getting-Started/How-Keystone-Works/Keystone-Basics.rst
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,107 @@ | ||
Keystone Basics | ||
========================================= | ||
|
||
Keystone is an open framework for architecting trusted execution environments (TEEs) based on hardware enclaves. | ||
Keystone aims to provide an easy way of architecting and building a customized TEE for an arbitrary RISC-V platform with a simple workflow. | ||
This allows the TEE to be highly optimized for better performance, smaller trusted computing base (TCB), | ||
and programmability with a given workload and a threat model. | ||
|
||
Overview | ||
------------------------------- | ||
|
||
A Keystone-capable system consists of several components in different privilege modes. | ||
|
||
.. figure:: /_static/images/keystone_overview.png | ||
|
||
**Trusted Hardware** is a CPU package built by a trustworthy vendor, and must contain Keystone-compatible *standard RISC-V cores* and *root of trust*. | ||
The hardware may also contain optional features such as cache partitioning, memory encryption, cryptographically-secure source of randomness, etc. | ||
The Security Monitor requires platform specific plug-ins for optional feature support. | ||
|
||
**Security Monitor (SM)** is M-mode software with small TCB. | ||
The SM provides an interface for managing the lifecycle of enclave as well as for utilizing platform-specific features. | ||
The SM enforces most of Keystone's security guarantees since it manages the isolation boundary between the enclaves and the untrusted OS. | ||
|
||
**Enclaves** are environments isolated from the untrusted OS and other enclaves. Each enclave is given a private physical memory region which is accessible by only the enclave and SM. | ||
Each enclave consists of a user-level enclave application *eapp* and a supervisor-level *runtime*. | ||
|
||
**Enclave Application (eapp)** is the user-level application that executes in the enclave. One can build a custom eapp from the scratch, or just run an existing RISC-V executable in Keystone. | ||
|
||
**Runtime** is S-mode software which implements functionality such as system calls, trap handling, virtual memory management and so on. | ||
|
||
Keystone Workflow | ||
------------------------------- | ||
|
||
.. figure:: /_static/images/keystone_workflow.png | ||
|
||
Keystone is a framework wherein both *platform provider* and *enclave developer* customize elements of the system to their needs. | ||
This involves two separate workflows: one for each of the platform provider and the enclave developer. | ||
|
||
Provisioning the Security Monitor | ||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | ||
|
||
A **platform provider** the party who provides a machine which can run | ||
Keystone enclaves. In the *provisioning* stage, the platform provider | ||
compiles the security monitor and deploys it to the machine. | ||
|
||
The platform provider | ||
configures(❶), builds(❷), and then deploys(❸) the security monitor with target hardware. | ||
|
||
See :doc:`/Building-Components/Security-Monitor-Platform-Build` to learn how to build and | ||
deploy the security monitor. | ||
|
||
Developing the Enclave | ||
~~~~~~~~~~~~~~~~~~~~~~ | ||
|
||
A **enclave developer** develops an enclave with the Keystone SDK. | ||
The developer builds the eapp, the host, and the runtime binaries, and | ||
(optionally) packages them together into a single file (❹). | ||
|
||
The enclave components are then sent to the remote machine running | ||
Keystone and deployed (❺, ❻, and ❼). | ||
|
||
See :doc:`/Getting-Started/Tutorials/Build-Enclave-App-Hello-World` to learn how to build an | ||
enclave. | ||
|
||
Remote Attestation | ||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | ||
|
||
Keystone supports basic remote attestation workflows. In these | ||
setups the enclave may present proof of its initial state and | ||
measurement by the SM to a remote party for validation (❽). | ||
|
||
See :doc:`/Getting-Started/Tutorials/Remote-Attestation` to learn how to implement a simple remote attestation flow. | ||
|
||
Enclave Lifecycle | ||
------------------------------- | ||
|
||
.. figure:: /_static/images/enclave_lifecycle.png | ||
|
||
|
||
Creation | ||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | ||
|
||
An enclave starts with a contiguous range of physical memory called enclave private memory (EPM). | ||
The untrusted host first allocates the EPM, and initializes it with the enclave's page table (PT), | ||
the runtime (RT), and the eapp. | ||
Once the host calls the SM to create an enclave the SM isolates and protects the EPM using a PMP entry. | ||
The PMP status is propagated through all cores in the system so that the EPM is protected from any | ||
cores. | ||
After creation, but before execution, the SM measures and verifies the initial state of the enclave. | ||
|
||
Execution | ||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | ||
|
||
The host asks the SM to enter the enclave on one of the cores. | ||
The SM releases the PMP permission to the core, and the core starts to execute the enclave. | ||
The runtime can exit or re-enter the enclave any time. | ||
When a core exits/enters the enclave, it accordingly switches the PMP permissions to keep the | ||
isolation. | ||
|
||
Destruction | ||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | ||
|
||
The host may destroy the enclave at any time. | ||
|
||
On destruction, the SM clears the EPM and releases the PMP entry. | ||
|
||
The host then finally reclaims the now-free memory. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
4 changes: 0 additions & 4 deletions
4
docs/source/Getting-Started/How-Keystone-Works/Runtime-And-SDK.rst
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.