Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/privateer-project/uProbe

Application using Gramine LibOS for attestation and tracing on SGX-capable host machines. Parent enclave monitoring applications in children enclaves.
https://github.com/privateer-project/uProbe

Last synced: 5 months ago
JSON representation

Application using Gramine LibOS for attestation and tracing on SGX-capable host machines. Parent enclave monitoring applications in children enclaves.

Awesome Lists containing this project

README 

          
# uProbe



Application using Gramine LibOS for attestation and tracing on SGX-capable host machines.



## Development mode

```bash

docker build -t 'privateer/secprobe-dev:latest' .



docker run --security-opt seccomp=config/docker_v20.json -it privateer/secprobe-dev:latest



gramine-direct python secprobe/secprobe.py

```



## General

The flow of actions supported by this version:



![Security Probe](privateer_security_probe.drawio.svg)



## Running with grammine-sgx (In SGX-enabled host)



### Native execution in host



Run in a host with the following specs:



TBD



### Dockerized execution 



#### Docker image with python entrypoint



Manifest template: python.manifest.template



#### Docker image with Bundled application



Manifest template: uProbe.manifest.template



```bash

# If more than one containers need to be generated by the same Sealign Authority, the respective key (i.e., its directory) should be passed as a volume. For instance: -v /privateer/.config/gramine:/root/.config/gramine



docker run --name security_probe --device /dev/sgx_enclave --device /dev/sgx_provision --security-opt seccomp=/home/privateer/security-probe/docker.json -it -p ''

```



```bash

# First time in the container

gramine-sgx-gen-private-key

```



```bash

# gramine-sgx 

gramine-sgx uProbe 

```