Giter VIP home page Giter VIP logo

Comments (6)

Zxiaoyu95 avatar Zxiaoyu95 commented on May 24, 2024 1

ok ,looking forward to seeing more information about sgx-lkl in the future. Thank you @cpriebe for your reply!

from sgx-lkl.

cpriebe avatar cpriebe commented on May 24, 2024

Hi @Zxiaoyu95 ,

Yes, the disk image you provide to sgx-lkl-run is exposed inside enclave as root file system. Once inside the enclave, you have no access to any file on the host file system (on purpose). You will have to modify the disk image if you want to expose additional files inside the enclave, or create them at runtime.

If you are using the helloworld-java Makefile as a basis, you can add additional files to the disk image by modifying the $(ROOT_FS) target and add something like:

cp /host/file/sytstem/myfile $(MOUNTPOINT)/

In this example myfile would be accessible inside the enclave at /myfile.

from sgx-lkl.

Zxiaoyu95 avatar Zxiaoyu95 commented on May 24, 2024

Thank you @cpriebe for your reply.
Now,because my application takes up too much space,so i just use sgx-lkl to start a JVM for an application process,the rest is executed outside of sgx-lkl ,and main file on the host file system is temporary,so i link the file with image file like command:
ln -s $(MOUNTPOINT)/ /host/file/sytstem/myfile
the file is linked successfully,but when i run the process on the sgx-lkl,the error shows the file does not exist ,so i wonder if it was a sgx-lkl permission issue that caused this error.

from sgx-lkl.

Zxiaoyu95 avatar Zxiaoyu95 commented on May 24, 2024

Since I do not have a deep understanding of sgx-lkl, so is there any paper or document about it? I want to use this wonderful project to develop my own application, so i want to know more about it .
Thank you!

from sgx-lkl.

cpriebe avatar cpriebe commented on May 24, 2024

As I said you will not be able to access files from your host file system from within the enclave. The only option you have is to copy the file to the disk itself. Or modify SGX-LKL. It would theoretically be possible to extend it to allow you to access the host file system but that also increases the attack surface which we don't really want to do.

Regarding your second point. We are working on a write up right now but it is not available yet. That said we definitely should also improve the README as well as the information available in the wiki. We'll work on that soon.

from sgx-lkl.

cpriebe avatar cpriebe commented on May 24, 2024

I'll close this for now as the original issue has been addressed.

from sgx-lkl.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.