-
The makefile assumes the projects is under the postgres' contrib folder on the source code.
-
Define the environment variable to link the generated library with the SGX libs on the untrusted side.
-
The following example compiles the library to run the enclave in simulation mode. Use different flags to run in the hardware.
export SGX_LIB="-L/opt/intel/sgxsdk/lib64 -lsgx_urts_sim -lpthread -lsgx_uae_service_sim"
- Define the environment variables containing the location of signed enclave lib.
export ENCLAVE_LIB="-L/usr/local/lib/soe"
- Run Make with the include directory for SGX and SOE dependencies.
make CFLAGS="-Wall -Wmissing-prototypes -Wpointer-arith -Wdeclaration-after-statement -Wendif-labels -Wmissing-format-attribute -Wformat-security -fno-strict-aliasing -fwrapv -fexcess-precision=standard -g -O0 -fPIC -I. -I./ -I/usr/local/pgsql/include/server -I/usr/local/pgsql/include/internal -I/usr/local/include/soe -I/opt/intel/sgxsdk/include" ORAM_LIB=(PATHORAM or FORESTORAM)
The library compilation process has the following configuration flags:
-
UNSAFE (1,0) - When set to 1 the library will issue enclave calls, otherwise it will use the SOE API without the enclave.
-
ORAM_LIB:
- PATHORAM - Link the library with the Path ORAM library.
- FORESTORAM - Link the library with the Forest ORAM library.
-
An additinional preprocessing directiong can also be passed duriing the compilation phase of the source code. The flag -DDUMMYS sets triggers the query stream between the client and server by reading a query search parameters from shared Memory. These parameters can be set by the client with the set_nterm function.
-
Compile the library with the -DDUMMYS option.
make CFLAGS="-DDUMMYS -Wall -Wmissing-prototypes -Wpointer-arith -Wdeclaration-after-statement -Wendif-labels -Wmissing-format-attribute -Wformat-security -fno-strict-aliasing -fwrapv -fexcess-precision=standard -g -O0 -fPIC -I. -I./ -I/usr/local/pgsql/include/server -I/usr/local/pgsql/include/internal -I/usr/local/include/soe -I/opt/intel/sgxsdk/include" ORAM_LIB=(PATHORAM or FORESTORAM)-
Install the library.
-
Example make with unsafe and Forest ORAM on Linux.
make CFLAGS='-Wall -Wmissing-prototypes -Wpointer-arith -Wdeclaration-after-statement -Wendif-labels -Wmissing-format-attribute -Wformat-security -fno-strict-aliasing -fwrapv -fexcess-precision=standard -g -pg -DLINUX_PROFILE -O2 -fPIC -I/usr/local/include -I/usr/local/include/soe -I. -I./ -I/usr/local/pgsql/include/server -I/usr/local/pgsql/include/internal -D_GNU_SOURCE -D UNSAFE' UNSAFE=1 ORAM_LIB=FORESTORAM
sudo "PATH=$PATH" make install
- Create the database data folder
initdb -D data
-
Update the configurations to write logs to a file
-
Set the linker lookup library path to the location of the libsoe and SGX SDK
export LD_LIBRARY_PATH="/usr/local/lib/soe:/opt/intel/sgxsdk/lib64/"
- Start the database on the data folder
postgres -D data
- Create the database
createdb teste
- Login to the the database
psql teste
- Follow the following example script
CREATE EXTENSION oblivpg_fdw;
# the extension creates an example table ftw_users.
select pg_backend_pid();
# the extension creates an example table ftw_users.
#get oid of foreign table
select Oid from pg_class where relname = 'ftw_users';
# the extension creates an example table users.
select Oid from pg_class where relname = 'users';
# the example table users has an index
select Oid from pg_class where relname = 'user_email';
#select relam from pg_class where oid = ?;
#Replace with correct oids.
insert into obl_ftw (ftw_table_oid, mirror_table_oid, mirror_index_oid, ftw_table_nblocks, ftw_index_nblocks, init) values(16399, 16392, 16395, 100, 100, false);
#start enclave
select open_enclave();
#initiate soe
select init_soe(16399);
select log_special_pointer();
#insert into oblivious table
INSERT INTO ftw_users (id, name, age, gender, email) values (1, 'teste', 20, 1, 'teste');
#block offset, page item offset
select set_row(0,1);
select * from ftw_users;