GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → acsl-technion → cosmix

acsl-technion / cosmix

Licence: other
A Compiler-based System for Secure Memory Instrumentation and Execution in Enclaves

Programming Languages

C++
36643 projects - #6 most used programming language
Makefile
30231 projects
c
50402 projects - #5 most used programming language

Labels

llvmsgxenclaves

Projects that are alternatives of or similar to cosmix

ts-llvm
TypeScript to LLVM compiler (abandoned)
Stars: ✭ 266 (+1109.09%)
Mutual labels:  llvm
ionlang
🌌 Ion language compiler library, powered by LLVM
Stars: ✭ 13 (-40.91%)
Mutual labels:  llvm
Vist
The Vist programming language
Stars: ✭ 16 (-27.27%)
Mutual labels:  llvm
nolimix86
LLVM-based x86 emulator with support for unlimited virtual registers, used before the register allocation pass
Stars: ✭ 19 (-13.64%)
Mutual labels:  llvm
cere
CERE: Codelet Extractor and REplayer
Stars: ✭ 27 (+22.73%)
Mutual labels:  llvm
LLVM.jl
Julia wrapper for the LLVM C API
Stars: ✭ 90 (+309.09%)
Mutual labels:  llvm
hmg
💝 My personal Gentoo/Linux configuration backup files
Stars: ✭ 16 (-27.27%)
Mutual labels:  llvm
LLVM4D
LLVM C-Api Headers and binaries for Delphi
Stars: ✭ 21 (-4.55%)
Mutual labels:  llvm
halo
😇 Wholly Adaptive LLVM Optimizer
Stars: ✭ 22 (+0%)
Mutual labels:  llvm
neeilang
Fast, type-safe, object-oriented language by yours truly
Stars: ✭ 42 (+90.91%)
Mutual labels:  llvm
lleaves
Compiler for LightGBM gradient-boosted trees, based on LLVM. Speeds up prediction by ≥10x.
Stars: ✭ 132 (+500%)
Mutual labels:  llvm
llvm-statepoint-utils
Runtime support for LLVM's GC Statepoints
Stars: ✭ 35 (+59.09%)
Mutual labels:  llvm
scalehls
A scalable High-Level Synthesis framework on MLIR
Stars: ✭ 62 (+181.82%)
Mutual labels:  llvm
llvm-hs-typed
Type Safe LLVM IR ( Experimental )
Stars: ✭ 47 (+113.64%)
Mutual labels:  llvm
SameTypeClangPlugin
自定义检查规范的 Clang 插件
Stars: ✭ 47 (+113.64%)
Mutual labels:  llvm
IR2Vec
Implementation of IR2Vec, published in ACM TACO
Stars: ✭ 28 (+27.27%)
Mutual labels:  llvm
llvmgraph
Ocamlgraph overlay for llvm
Stars: ✭ 20 (-9.09%)
Mutual labels:  llvm
hardware-attacks-state-of-the-art
Microarchitectural exploitation and other hardware attacks.
Stars: ✭ 29 (+31.82%)
Mutual labels:  sgx
Pluto-Obfuscator
Obfuscator based on LLVM 12.0.1
Stars: ✭ 240 (+990.91%)
Mutual labels:  llvm
js-ziju
Compile javascript to LLVM IR, x86 assembly and self interpreting
Stars: ✭ 112 (+409.09%)
Mutual labels:  llvm
View All Similar Projects ➔

COSMIX

COSMIX is an LLVM pass, coupled with a runtime and different Memory stores (Mstores) which intends to provide enclaves with trusted, efficient, and customizable page fault handlers. For more information, please refer the following paper: "CoSMIX: A Compiler-based System for Secure Memory Instrumentation and Execution in Enclaves".

Components

  • Compiler pass - CoSMIX LLVM Module pass.
  • Runtime/ - CoSMIX Runtime.
  • Memory stores/ - Example of three different memory stores, and common building blocks they all use internally.
  • Samples/ - Applications of different flavours using CoSMIX, with Makefile examples of the different compilation and customization options.
  • Configuration/ - Memory stores sample configuration files.

Building

CoSMIX build was tested on Ubuntu 16.04 and Ubuntu 18.04 with LLVM 6.0.0. CoSMIX can be used in enclaves and also in regular applications.

Dependencies

To use CoSMIX with SGX enclaves, the following are also required:

CoSMIX requires setting the installed dependencies paths in the Defines.mk file. Building is then as simple as:

git submodule update --init
cd SVF
git checkout SVF-1.5
sed -i '2i\set(CMAKE_POSITION_INDEPENDENT_CODE ON)' CMakeLists.txt
export LLVM_DIR=<llvm installed path>
export PATH=$LLVM_DIR/bin:$PATH
mkdir Release-build
cd Release-build
cmake ../
make -j4
cd ../
make

Samples

It is possible to validate CoSMIX was installed and works as expected by running a small validation suite that uses the SUVM mstore.

cd samples/regression
./run_validation_suite.sh

We provide different sample applications under the samples/ directory with example Makefiles with the different CoSMIX compilation flags, which may be customized. CoSMIX expects a whole program bitcode file to operate on as it is implemented as an LLVM Module pass. To that end, LLVM Gold Plugin, a link-time optimizer can generate whole program bit code files.

Run CoSMIX inside a contianer

docker build -t "cosmix" .
docker run -it cosmix /bin/bash

Running applications compiled by CoSMIX in enclaves

CoSMIX can be used with a Library Operating System (LibOS) that allows running unmodified applications inside SGX enclaves. Examples of such tools are: Graphene-SGX, Anjuna Runtime and SCONE.

  • The Anjuna Runtime is a solution developed by Anjuna for seamless execution of unmodified applications inside enclaves. To obtain access to the Anjuna Runtime please reach out to [email protected].
  • Graphene-SGX is an open source LibOS. To run applications with mstore support inside SGX enclaves with the help of Graphene-SGX follow the instruction provided in Graphene-SGX documents. Note, the SUVM mstore manages evicted pages in untrusted memory. Therefore, to run applications with SUVM mstore support inside Graphene-SGX, we modified Graphene-SGX and added a new untrusted memory allocation system call, which is exposed directly to applications executing inside Graphene-SGX enclaves. Modified Graphene-SGX code Note, using the modified Graphene-SGX code is at your own risk.
  • Intel SGX SDK is an open source SGX enclave framework by Intel. It allows partitioning applications into trusted and untrusted components, where the trusted code and data are executed and accessed inside an enclave. To run such enclaves with mstore support please refer to the SGX SDK samples directory for example use cases.

License

CoSMIX is licensed under the BSD 2-Clause License. Please refer to the LICENSE.txt file for more details.

Contributions and Support

CoSMIX welcomes contributions and suggestions. CoSMIX is a research prototype; therefore, while we try our best to resolve issues as fast as possible, support is currently limited.

Adding a new Memory store

Sources for example memory stores are availabe under the mstores/ directory. As a reference you may look at mstores/suvm for cached memory store implementation and mstores/oram for direct access memory store implementation. Please note of the function naming conventions used, as this is the contract the compiler pass looks for to auto-generate the callbacks in the CoSMIX runtime.

Adding new wrapper to libc function

Please refer to the sources under runtime/ directory.

We release CoSMIX source code in the hope of benefiting others. You are kindly asked to acknowledge usage by citing the CoSMIX paper.

BibTeX 
@inproceedings {cosmix::atc19,
author = {Meni Orenbach and Yan Michalevsky and Christof Fetzer and Mark Silberstein},
title = {CoSMIX: A Compiler-based System for Secure Memory Instrumentation and Execution in Enclaves},
booktitle = {2019 {USENIX} Annual Technical Conference ({USENIX} {ATC} 19)},
year = {2019},
address = {Renton, WA},
url = {https://www.usenix.org/conference/atc19/presentation/orenbach},
publisher = {{USENIX} Association},
}
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].