Skip to content

Latest commit

 

History

History
138 lines (102 loc) · 3.93 KB

INSTALL.md

File metadata and controls

138 lines (102 loc) · 3.93 KB
Raw

Asylo - Manual Installation

The following steps can be used to manually install Asylo and its dependencies. The manual installation process and Docker image creation process have both primarily been tested on Debian Buster, but may also be used to install Asylo on other Linux distros and versions.

See the README.md for instructions on Docker usage, which is our recommended way of using the Asylo framework.

Asylo sources

Clone the Asylo project from GitHub into a directory of your choice.

ASYLO="${HOME}"/asylo
git clone https://github.com/google/asylo.git "${ASYLO}"/sdk

Toolchain

The Asylo framework uses a custom toolchain to compile enclave applications for various backend environments. For example, to build your application for a simulated enclave backend, use the enc-sim config. We plan to support additional backends in the near future.

bazel build --config=enc-sim :my_app

You can manually install the toolchain by following these steps:

  1. Download and install the following prerequisites, which are needed for building the toolchain:

    • bison
    • build-essential
    • flex
    • libisl-dev
    • libmpc-dev
    • libmpfr-dev
    • rsync
    • texinfo
    • wget
    • zlib1g-dev

    For example, on Debian:

    sudo apt install bison build-essential flex libisl-dev libmpc-dev \
    libmpfr-dev rsync texinfo wget zlib1g-dev

  2. Build and install the toolchain.

    "${ASYLO}"/sdk/asylo/distrib/sgx_x86_64/install-toolchain \
    --user \
    --prefix "${ASYLO}"/toolchains/sgx_x86_64

    This will install the toolchain under "${ASYLO}"/toolchains/sgx_x84_64

See distrib/README.md for additional details on installing the toolchain.

Intel SGX SDK

The Asylo framework uses Intel SGX SDK v2.4 with a patch that backports some pull requests and applies minor changes needed to build the SDK with the Asylo toolchain.

Intel SGX hardware backend support

Intel SGX hardware support requires additional dependencies. The process of installing these dependencies is detailed in the Intel SGX SDK README. Namely, you must

Bazel

The Asylo framework is built with Bazel, Google's open source build tool.

You can manually install Bazel by following these steps:

sudo apt install curl gnupg
curl https://bazel.build/bazel-release.pub.gpg | sudo apt-key add -
echo "deb http://storage.googleapis.com/bazel-apt stable jdk1.8" | \
    sudo tee /etc/apt/sources.list.d/bazel.list
sudo apt update
sudo apt install bazel

The Asylo toolchain requires Bazel's version to be at least 0.22. You can check your installed Bazel by running bazel version and checking the output "Build label".

Example output:

$ bazel version
Build label: 0.22.0
Build target: bazel-out/k8-opt/bin/src/main/java/com/google/devtools/build/lib/bazel/BazelServer_deploy.jar
Build time: Mon Jan 28 12:58:08 2019 (1548680288)
Build timestamp: 1548680288
Build timestamp as int: 1548680288

Additional dependencies

The following packages are used by Asylo and its dependencies, and must also be installed.

  • git
  • ocaml-nox
  • ocamlbuild

On Debian, these can be installed with the following command:

sudo apt install git ocaml-nox ocamlbuild

Next steps

Refer to the project README for using this Asylo installation.