GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → gramineproject → gramine

gramineproject / gramine

Licence: LGPL-3.0 License
A library OS for Linux multi-process applications, with Intel SGX support

Programming Languages

c
50402 projects - #5 most used programming language
python
139335 projects - #7 most used programming language
Meson
512 projects
assembly
5116 projects
Makefile
30231 projects
shell
77523 projects

Gramine Library OS with Intel SGX Support

Documentation Status

A Linux-compatible Library OS for Multi-Process Applications

What is Gramine?

Gramine (formerly called Graphene) is a lightweight library OS, designed to run a single application with minimal host requirements. Gramine can run applications in an isolated environment with benefits comparable to running a complete OS in a virtual machine -- including guest customization, ease of porting to different OSes, and process migration.

Gramine supports native, unmodified Linux binaries on any platform. Currently, Gramine runs on Linux and Intel SGX enclaves on Linux platforms.

In untrusted cloud and edge deployments, there is a strong desire to shield the whole application from rest of the infrastructure. Gramine supports this “lift and shift” paradigm for bringing unmodified applications into Confidential Computing with Intel SGX. Gramine can protect applications from a malicious system stack with minimal porting effort.

Gramine is a growing project and we have a growing contributor and maintainer community. The code and overall direction of the project are determined by a diverse group of contributors, from universities, small and large companies, as well as individuals. Our goal is to continue this growth in both contributions and community adoption.

Note that the Gramine project was formerly known as Graphene. However, the name "Graphene" was deemed too common, could be impossible to trademark, and collided with several other software projects. Thus, a new name "Gramine" was chosen.

Gramine 1.0 release

Gramine has evolved a lot since our last major release. Over the last few months, we have made significant updates to provide a stable version that supports deploying key workloads with Intel SGX. We’ve rewritten major subsystems, done a significant update to the build and packaging scripts, extended test coverage, and improved the CI/CD process. We’ve reviewed and hardened specific security aspects of Gramine, and increased stability for long-running and heavy workloads.

We recently published our first production-ready release - Gramine 1.0. This version was tested on various configurations and heavy workloads, we also ensured that all risky configurations are clearly warned about to prevent insecure deployments. More details (including a list of all breaking changes) are available on the v1.0 release page.

Gramine documentation

The official Gramine documentation can be found at https://gramine.readthedocs.io. Below are quick links to some of the most important pages:

Users of Gramine

We maintain a list of companies experimenting with Gramine for their confidential computing solutions.

Getting help

For any questions, please send an email to [email protected] (public archive).

For bug reports, post an issue on our GitHub repository: https://github.com/gramineproject/gramine/issues.

Reporting security issues

Please report security issues to [email protected].

Acknowledgments

Gramine Project benefits from generous help of fosshost.org: they lend us a VPS, which we use as toolserver and package hosting.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].