Google Git
Sign in
apache / incubator-teaclave-website / 2acccbb66368dd35c8deb4956885e98e97b59160 / . / assets / js / 10.07519842.js
blob: 25b50bf19b258bb4e0fef0283fc9b10e737d6bd3 [file] [log] [blame]
(window.webpackJsonp=window.webpackJsonp||[]).push([[10],{339:function(e,t,a){e.exports=a.p+"assets/img/optee-with-rust-doc.85a6fc68.png"},340:function(e,t,a){e.exports=a.p+"assets/img/project-powered-by-teaclave-logo.0f661da0.png"},341:function(e,t,a){e.exports=a.p+"assets/img/teaclave-trustzone-sdk-links-in-homepage.e6350f8e.png"},342:function(e,t,a){e.exports=a.p+"assets/img/cve-2021-0186-patch.828dec8f.png"},343:function(e,t,a){e.exports=a.p+"assets/img/teaclave-meetup-8-zoom.9d6f6732.png"},388:function(e,t,a){"use strict";a.r(t);var n=a(11),i=Object(n.a)({},(function(){var e=this,t=e.$createElement,n=e._self._c||t;return n("ContentSlotsDistributor",{attrs:{"slot-key":e.$parent.slotKey}},[n("h2",{attrs:{id:"agenda"}},[n("a",{staticClass:"header-anchor",attrs:{href:"#agenda"}},[e._v("#")]),e._v(" Agenda")]),e._v(" "),n("ul",[n("li",[e._v("Recent update in Teaclave — Mingshen Sun")]),e._v(" "),n("li",[e._v("Using and Customizing Teaclave SGX SDK — Shunfan Zhou")])]),e._v(" "),n("h2",{attrs:{id:"notes"}},[n("a",{staticClass:"header-anchor",attrs:{href:"#notes"}},[e._v("#")]),e._v(" Notes")]),e._v(" "),n("h3",{attrs:{id:"recent-update-in-teaclave-mingshen"}},[n("a",{staticClass:"header-anchor",attrs:{href:"#recent-update-in-teaclave-mingshen"}},[e._v("#")]),e._v(" Recent Update in Teaclave — Mingshen")]),e._v(" "),n("p",[n("strong",[e._v("Platform")])]),e._v(" "),n("ul",[n("li",[e._v("[docker] start Teaclave docker services with auto-detection mechanism (#559).")]),e._v(" "),n("li",[e._v("Use "),n("code",[e._v("run-teaclave-service.sh")]),e._v(" instead of using "),n("code",[e._v("docker-compose")]),e._v(" directly.")])]),e._v(" "),n("p",[n("strong",[e._v("SGX SDK")])]),e._v(" "),n("ul",[n("li",[e._v("v1.1.4-testing: "),n("a",{attrs:{href:"https://github.com/apache/incubator-teaclave-sgx-sdk/commits/v1.1.4-testing",rel:"noopener noreferrer"}},[e._v("https://github.com/apache/incubator-teaclave-sgx-sdk/commits/v1.1.4-testing")]),e._v(" "),n("ul",[n("li",[e._v("Rust "),n("code",[e._v("nightly-2021-09-13")])]),e._v(" "),n("li",[e._v("Support Intel SGX SDK 2.15 and DCAP 1.12")])])]),e._v(" "),n("li",[e._v("Project template refactoring")]),e._v(" "),n("li",[e._v("README polishing")])]),e._v(" "),n("p",[n("strong",[e._v("TrustZone SDK")])]),e._v(" "),n("ul",[n("li",[e._v("Teaclave/OP-TEE: Integrating examples in Rust TrustZone SDK in OP-TEE\n"),n("ul",[n("li",[e._v("Multiple PRs to OP-TEE's "),n("code",[e._v("manifest")]),e._v(", "),n("code",[e._v("build")]),e._v(" repos.")]),e._v(" "),n("li",[e._v("Now in the "),n("code",[e._v("master")]),e._v(" branch, should be available in the next release 3.15 in Oct 15.")]),e._v(" "),n("li",[e._v("OP-TEE with Rust: "),n("a",{attrs:{href:"https://optee.readthedocs.io/en/latest/building/optee_with_rust.html",rel:"noopener noreferrer"}},[e._v("https://optee.readthedocs.io/en/latest/building/optee_with_rust.html")])])])])]),e._v(" "),n("p",[n("img",{attrs:{src:a(339),alt:"OP-TEE with Rust"}})]),e._v(" "),n("p",[n("strong",[e._v("Website")])]),e._v(" "),n("ul",[n("li",[e._v('Add project/organization logos in the "Powered By" page: '),n("a",{attrs:{href:"https://teaclave.apache.org/powered-by/",rel:"noopener noreferrer"}},[e._v("https://teaclave.apache.org/powered-by/")])])]),e._v(" "),n("p",[n("img",{attrs:{src:a(340),alt:"Project Powered By Teaclave"}})]),e._v(" "),n("ul",[n("li",[e._v('Redesign the "Contributors" page\n'),n("ul",[n("li",[e._v("add Apache ID, GitHub ID to mentors, PPMC, and committers")]),e._v(" "),n("li",[e._v("Tags for committers to show areas that they are familiar with")])])]),e._v(" "),n("li",[e._v("Add API Docs (references) of TrustZone SDK both for host and TA sides\n"),n("ul",[n("li",[e._v("Host: "),n("a",{attrs:{href:"https://teaclave.apache.org/api-docs/trustzone-sdk/optee-teec",rel:"noopener noreferrer"}},[e._v("https://teaclave.apache.org/api-docs/trustzone-sdk/optee-teec")])]),e._v(" "),n("li",[e._v("TA: "),n("a",{attrs:{href:"https://teaclave.apache.org/api-docs/trustzone-sdk/optee-utee",rel:"noopener noreferrer"}},[e._v("https://teaclave.apache.org/api-docs/trustzone-sdk/optee-utee")])])])])]),e._v(" "),n("p",[n("img",{attrs:{src:a(341),alt:"Teaclave TrustZone SDK Links in Homepage"}})]),e._v(" "),n("ul",[n("li",[e._v("Blog\n"),n("ul",[n("li",[n("a",{attrs:{href:"https://teaclave.apache.org/blog/2021-10-06-podling-teaclave-report-october-2021/",rel:"noopener noreferrer"}},[e._v("Podling Teaclave Report - October 2021")]),e._v(" · Oct 05 2021")]),e._v(" "),n("li",[n("a",{attrs:{href:"https://teaclave.apache.org/blog/2021-10-01-announcing-teaclave-0-3-0/",rel:"noopener noreferrer"}},[e._v("Announcing Apache Teaclave (incubating) 0.3.0")]),e._v(" · Sep 30 2021")])])])]),e._v(" "),n("p",[n("strong",[e._v("Community")])]),e._v(" "),n("ul",[n("li",[e._v("New committers: Yuan Zhuang and Rong Fan from Baidu")]),e._v(" "),n("li",[e._v("Discord: Connect directly with Teaclave community members (join link: "),n("a",{attrs:{href:"https://discord.gg/ynECXsxm5P",rel:"noopener noreferrer"}},[e._v("https://discord.gg/ynECXsxm5P")]),e._v(")")])]),e._v(" "),n("p",[n("strong",[e._v("Security")])]),e._v(" "),n("ul",[n("li",[n("em",[e._v("SmashEx: Smashing SGX Enclaves Using Exceptions")]),e._v(" (to appear at CCS 2021):\nJinhua Cui (National University of Defense Technology, National University of\nSingapore); Zhijingcheng Yu (National University of Singapore); Shweta Shinde\n(ETH Zurich); Prateek Saxena (National University of Singapore); Zhiping Cai\n(National University of Defense Technology)")]),e._v(" "),n("li",[n("a",{attrs:{href:"https://arxiv.org/ftp/arxiv/papers/2110/2110.06657.pdf",rel:"noopener noreferrer"}},[e._v("https://arxiv.org/ftp/arxiv/papers/2110/2110.06657.pdf")])]),e._v(" "),n("li",[e._v("CVE-2021-0186\n"),n("ul",[n("li",[n("a",{attrs:{href:"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00548.html",rel:"noopener noreferrer"}},[e._v("https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00548.html")])]),e._v(" "),n("li",[n("strong",[e._v("Description")]),e._v(": Improper input validation in the Intel(R) SGX SDK\napplications compiled for SGX2 enabled processors may allow a privileged\nuser to potentially escalation of privilege via local access.")]),e._v(" "),n("li",[n("strong",[e._v("Affected Products")]),e._v(": Intel SGX SDK for Windows v2.12 and earlier, Intel\nSGX SDK for Linux v2.13 and earlier, Intel® Processors supporting SGX2.")]),e._v(" "),n("li",[e._v("Intel recommends updating the Intel® SGX SDK to the versions listed below.\nEnclaves built with the new Intel® SGX SDK version should increment the\nvalue of their ISVSVN field.")])])]),e._v(" "),n("li",[e._v("Patch: "),n("a",{attrs:{href:"https://github.com/intel/linux-sgx/commit/edfe42a517b3e4b1d81204c3cdef6da6cb35fefc",rel:"noopener noreferrer"}},[e._v("https://github.com/intel/linux-sgx/commit/edfe42a517b3e4b1d81204c3cdef6da6cb35fefc")])])]),e._v(" "),n("p",[n("img",{attrs:{src:a(342),alt:"Patch in Intel SGX SDK"}})]),e._v(" "),n("h3",{attrs:{id:"using-and-customizing-teaclave-sgx-sdk-shunfan-zhou"}},[n("a",{staticClass:"header-anchor",attrs:{href:"#using-and-customizing-teaclave-sgx-sdk-shunfan-zhou"}},[e._v("#")]),e._v(" Using and Customizing Teaclave SGX SDK — Shunfan Zhou")]),e._v(" "),n("ul",[n("li",[e._v("Teaclave SGX SDK\n"),n("ul",[n("li",[e._v("pro: security")]),e._v(" "),n("li",[e._v("con: testing is hard")])])]),e._v(" "),n("li",[e._v("Case study: rust-bitcoin\n"),n("ul",[n("li",[e._v("std")]),e._v(" "),n("li",[e._v("Feature")]),e._v(" "),n("li",[e._v("Port dependencies recursively")])])]),e._v(" "),n("li",[e._v("Some issues\n"),n("ul",[n("li",[e._v("efforts of porting")]),e._v(" "),n("li",[e._v("security: 1) updates of upstream, 2) unit tests")]),e._v(" "),n("li",[e._v("More TEE backend: AMD SEV, ARM CCA")])])]),e._v(" "),n("li",[e._v("libs is not completed in SGX for vanilla Rust standard library")]),e._v(" "),n("li",[e._v("Phala libc-hacks\n"),n("ul",[n("li",[e._v("directly use Intel's libc")]),e._v(" "),n("li",[e._v("use ocall warpper functions")])])]),e._v(" "),n("li",[e._v("Conflicts: multiple language items in Rust")]),e._v(" "),n("li",[e._v("Runtime behavior checks")]),e._v(" "),n("li",[e._v("HW mode issue: "),n("code",[e._v("rand::thread_rnd()")]),e._v(" is using CPUID, which is not allowed in SGX")]),e._v(" "),n("li",[e._v("Check instructions after compiling")])]),e._v(" "),n("h3",{attrs:{id:"free-discussion"}},[n("a",{staticClass:"header-anchor",attrs:{href:"#free-discussion"}},[e._v("#")]),e._v(" Free Discussion")]),e._v(" "),n("ul",[n("li",[e._v("About AMD SEV in Azure: "),n("a",{attrs:{href:"https://azure.microsoft.com/en-us/blog/azure-and-amd-enable-lift-and-shift-confidential-computing/",rel:"noopener noreferrer"}},[e._v("https://azure.microsoft.com/en-us/blog/azure-and-amd-enable-lift-and-shift-confidential-computing/")])])]),e._v(" "),n("h2",{attrs:{id:"attendees"}},[n("a",{staticClass:"header-anchor",attrs:{href:"#attendees"}},[e._v("#")]),e._v(" Attendees")]),e._v(" "),n("ul",[n("li",[e._v("Mingshen Sun")]),e._v(" "),n("li",[e._v("Qinkun Bao")]),e._v(" "),n("li",[e._v("He Sun")]),e._v(" "),n("li",[e._v("George")]),e._v(" "),n("li",[e._v("Hongbo Chen")]),e._v(" "),n("li",[e._v("hang")]),e._v(" "),n("li",[e._v("Kevin")]),e._v(" "),n("li",[e._v("Ben")]),e._v(" "),n("li",[e._v("Ruide")]),e._v(" "),n("li",[e._v("Rudong Zhou")]),e._v(" "),n("li",[e._v("shelven")]),e._v(" "),n("li",[e._v("Tongxin Li")]),e._v(" "),n("li",[e._v("Weijie Liu")]),e._v(" "),n("li",[e._v("Zha0Chan")]),e._v(" "),n("li",[e._v("Tianyi Li")]),e._v(" "),n("li",[e._v("DuanRan")]),e._v(" "),n("li",[e._v("Gordon")]),e._v(" "),n("li",[e._v("david")])]),e._v(" "),n("h2",{attrs:{id:"group-photo"}},[n("a",{staticClass:"header-anchor",attrs:{href:"#group-photo"}},[e._v("#")]),e._v(" Group Photo")]),e._v(" "),n("p",[n("img",{attrs:{src:a(343),alt:"Group Photo"}})])])}),[],!1,null,null,null);t.default=i.exports}}]);