首頁 探索 說明
登入
miti
/
graphene
1
0
複刻 0
檔案 問題管理 0 合併請求 0 Wiki
分支: oldmirror
分支列表 標籤列表
graphene
/
Documentation
/
oldwiki
/
Run-Applications-in-Graphene-SGX.md

Run-Applications-in-Graphene-SGX.md 6.3 KB
永久連結 文件歷史 原始文件

Run Applications in Graphene SGX

We prepared and tested several applications to demonstrate Graphene-SGX usability. These applications can be directly built and run from the Graphene source:

Running LMBench in Graphene-SGX

The LMBench source and scripts are stored in the directory LibOS/shim/test/apps/lmbench. Many convenient commands are written in the Makefile inside the directory. The following steps compile and run LMBench in a native environment and under Graphene-SGX:

cd LibOS/shim/test/apps/lmbench
make SGX=1                    # compile lmbench and generate manifest and signature
make SGX=1 sgx-tokens         # get enclave token
make SGX=1 test-graphene      # run the whole package in Graphene-SGX

The result of native runs can be found in lmbench-2.5/results/linux. The result of Graphene-SGX runs can be found in lmbench-2.5/results/graphene. The file with the largest number as suffix will be the latest output. For debugging purposes, you may want to test each LMBench test individually. To do that, run the following commands:

cd LibOS/shim/test/apps/lmbench
cd lmbench-2.5/bin/linux/
SGX=1 ./pal_loader lat_syscall null    # run lat_syscall in Graphene-SGX

To run the tcp and udp latency tests:

SGX=1 ./pal_loader lat_udp -s &        # starts a server
SGX=1 ./pal_loader lat_udp 127.0.0.1   # starts a client
SGX=1 ./pal_loader lat_udp -127.0.0.1  # kills the server

Running Python in Graphene-SGX

To run Python, first generate the manifest and the signature, and retrieve the token:

cd LibOS/shim/test/apps/python
make SGX=1
make SGX=1 sgx-tokens

You can run python.manifest.sgx as an executable to load any script. The manifest file is actually a script with a shebang that can be automatically loaded in PAL. Use the following commands:

./python.manifest.sgx scripts/helloworld.py
./python.manifest.sgx scripts/fibonacci.py

Running R in Graphene-SGX

To run R, first prepare the manifest:

cd LibOS/shim/test/apps/r
make SGX=1
make SGX=1 sgx-tokens

You can run R.manifest.sgx as an executable to load any script. The manifest file is actually a script with a shebang that can be automatically loaded in PAL. Use the following commands:

./R.manifest.sgx -f scripts/sample.r

Running Lighttpd in Graphene-SGX

Lighttpd can be used to test the TCP latency and throughput of Graphene-SGX, in either single- threaded or multi-threaded environment. The scripts and the source code for Lighttpd can be found in LibOS/shim/test/apps/lighttpd. To build Lighttpd, run the following commands:

cd LibOS/shim/test/apps/lighttpd
make SGX=1
make SGX=1 sgx-tokens

The commands above will compile the source code, build the manifest file for Graphene-SGX, generate the configuration file for Lighttpd, and generate the HTML sample files. We prepared the following file samples:

  • html/random/*.html: random files (non-html) created with different sizes

The server should be started manually and tested by running the ApacheBench (ab) benchmark from a remote client. To start the HTTP server, run one of the following commands:

make start-native-server  or  make SGX=1 start-graphene-server

To start the server in a multi-threaded environment, run one of the following commands:

make start-multithreaded-native-server  or  make SGX=1 start-multithreaded-graphene-server

For testing, use ApacheBench (ab). There is a script run-apachebench.sh that takes two arguments: the IP and the port. It runs 100,000 requests (-n 100000) with 25 to 200 maximum outstanding requests (-c 25 to -c 200). The results are saved into the same directory, and all previous output files are overwritten.

make SGX=1 start-graphene-server
./run-apachebench.sh <ip> <port>
# which internally calls:
#   ab -k -n 100000 -c [25:200] -t 10 http://ip:port/random/100.1.html

Running Apache in Graphene-SGX

Apache is a commercial-class web server that can be used to test the TCP latency and throughput of Graphene. The scripts and the source code can be found in LibOS/shim/test/apps/apache. To build Apache, run the following commands:

cd LibOS/shim/test/apps/apache
make SGX=1
make SGX=1 sgx-tokens

The commands above will compile the source code, build the manifest file for Graphene, generate the configuration file for Apache, and generate the HTML sample files (same as described in the lighttpd section).

The server can be started manually via one of the following commands:

make start-native-server  or  make SGX=1 start-graphene-server

By default, the Apache web server is configured to run with 4 preforked worker processes and has PHP support enabled. To test Apache server with ab, run:

make SGX=1 start-graphene-server
./run-apachebench.sh <ip> <port>
# which internally calls:
#   ab -k -n 100000 -c [25:200] -t 10 http://ip:port/random/100.1.html

Running Busybox in Graphene-SGX

Busybox is a standalone shell including general-purpose system utilities. The scripts and the source code for Busybox is stored in LibOS/shim/apps/busybox. To build the source code with the proper manifest, run the following commands:

cd LibOS/shim/test/apps/busybox
make SGX=1
make SGX=1 sgx-tokens

To run Busybox, you may directly run busybox.manifest built in the directory as a script. For example:

./busybox.manifest.sgx sh (to run a shell)

or

./busybox.manifest.sgx ls -l (to list local directory)

Running Bash in Graphene-SGX

Bash is the most commonly used shell utility in Linux. The scripts and the source code for Bash are stored in LibOS/shim/apps/bash. To build the source code with the proper manifest, simply run the following commands:

cd LibOS/shim/test/apps/bash
make SGX=1
make SGX=1 sgx-tokens

To test Bash, use the benchmark suites we prepared: bash_test.sh and unixbench. Run one of the following commands to test Bash:

./bash.manifest.sgx bash_test.sh [times]
./bash.manifest.sgx unixbench.sh [times]