-
Notifications
You must be signed in to change notification settings - Fork 40
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
gramine-sgx-get-token fails on a read-only rootfs #61
Comments
@mythi Thanks for raising this issue! It's yet another angle of view for the "remove the SGX token" discussion. Actually, we have a long-standing PR to remove the token on DCAP-based systems: gramineproject/gramine#363. We put that PR on hold because we had higher-priority tasks on our plate. But now it seems like a good time to finally remove the SGX token generation:
Asking others for their opinion: @mkow @boryspoplawski @oshogbo @woju @aneessahib @veenasai2 Is it time to remove the SGX token from DCAP-based Gramine? For EPID-based, it will stay of course. You can see the proposed implementation in gramineproject/gramine#363. |
not just annoying but this adds to TCB as well and it's highlighted as one of the "major features" in #13: "Current implementation increases TCB (trusted files) by required software packages to generate manifest files or sgx-token (including Python), minimize these dependencies " |
I revived the core Gramine PR to remove the dependency on the SGX Launch Token: gramineproject/gramine#363 I will create another PR in this (GSC) repo to not invoke GSC cannot unconditionally skip Does that sound good? |
Wasn't GSC supposed to follow current |
No, why. GSC can use any compatible version. I think the policy is that GSC must work with the latest stable release (v1.2 currently) and up to the latest master. Supporting e.g. v1.1 is desired but not required. |
Create a GSC PR too: #62 |
@dimakuv this works for me, thanks a lot! I'm not clear do I also need gramineproject/gramine#363 or is #62 alone sufficient? |
@mythi If you want to test it, then you need to do like this, all in the GSC repo:
# I'm using Python image as an example here
./gsc build --skip-token-generation --insecure-args python test/generic.manifest
./gsc sign-image python enclave-key.pem |
Description of the problem
Steps to reproduce
It's a common security measure to run containers with their rootfs mounted as read-only. In kubernetes this is enforced in the apps
securityContext
and some clusters may even enforce security policies to forbid running apps without read-only=true.With
docker
this is run as:Expected results
The image runs OK.
Actual results
Notes
This is related to #37 which also talks about making it "pythonless". Could the token be generated by the loader(?) so that it's does not need to be stored on a rootfs?
The text was updated successfully, but these errors were encountered: