Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

https://github.com/gramineproject/gramine

A library OS for Linux multi-process applications, with Intel SGX support
https://github.com/gramineproject/gramine

Last synced: 5 days ago
JSON representation

A library OS for Linux multi-process applications, with Intel SGX support

Lists

README 

        
*****************************************

Gramine Library OS with Intel SGX Support

*****************************************



.. image:: https://readthedocs.org/projects/gramine/badge/?version=latest

   :target: http://gramine.readthedocs.io/en/latest/?badge=latest

   :alt: Documentation Status



.. image:: https://www.bestpractices.dev/projects/8380/badge

   :target: https://www.bestpractices.dev/projects/8380

   :alt: OpenSSF Best Practices



*A Linux-compatible Library OS for Multi-Process Applications*



.. This is not |~|, because that is in rst_prolog in conf.py, which GitHub cannot parse.

   GitHub doesn't appear to use it correctly anyway...

.. |nbsp| unicode:: 0xa0

   :trim:



.. highlight:: sh



What is Gramine?

================



Gramine (formerly called *Graphene*) is a |nbsp| lightweight library OS,

designed to run a single application with minimal host requirements. Gramine can

run applications in an isolated environment with benefits comparable to running

a |nbsp| complete OS in a |nbsp| virtual machine -- including guest

customization, ease of porting to different OSes, and process migration.



Gramine supports native, unmodified Linux binaries on any platform. Currently,

Gramine runs on Linux and Intel SGX enclaves on Linux platforms.



In untrusted cloud and edge deployments, there is a |nbsp| strong desire to

shield the whole application from rest of the infrastructure. Gramine supports

this “lift and shift” paradigm for bringing unmodified applications into

Confidential Computing with Intel SGX. Gramine can protect applications from a

|nbsp| malicious system stack with minimal porting effort.



Gramine is a growing project and we have a growing contributor and maintainer

community. The code and overall direction of the project are determined by a

diverse group of contributors, from universities, small and large companies, as

well as individuals. Our goal is to continue this growth in both contributions

and community adoption.



Note that the Gramine project was formerly known as Graphene. However, the name

"Graphene" was deemed too common, could be impossible to trademark, and collided

with several other software projects. Thus, a new name "Gramine" was chosen.



Gramine documentation

=====================



The official Gramine documentation can be found at

https://gramine.readthedocs.io. Below are quick links to some of the most

important pages:



- `Gramine installation options

  `__

- `Run a sample application

  `__

- `Complete building instructions

  `__

- `Gramine manifest file syntax

  `__

- `Performance tuning & analysis of SGX applications in Gramine

  `__

- `Remote attestation in Gramine

  `__



Users of Gramine

================



We maintain `a list of companies

`__ experimenting

with Gramine for their confidential computing solutions.



Getting help

============



For any questions, please use `GitHub Discussions

`__ or join us on our

`Gitter chat `__.



For bug reports and feature requests, `post an issue on our GitHub repository

`__.



If you prefer emails, please send them to [email protected]

(`public archive `__).



Reporting security issues

=========================



Please report security issues to [email protected]. See also our

`security policy `__.