Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[RFC] Follow up the adaptation of HyperEnclave driver on Kylin OS #22

Open
1160300918 opened this issue Nov 22, 2024 · 1 comment
Open

[RFC] Follow up the adaptation of HyperEnclave driver on Kylin OS #22

1160300918 opened this issue Nov 22, 2024 · 1 comment
Assignees
@Bonjourz

Comments

@1160300918
Copy link

1160300918 commented Nov 22, 2024
edited
Loading

  • Feature Name: hyperenclave_driver_kylinOS(To be determined)
  • Start Date: 2024-11-22

Summary

This RFC proposes the adaptation of the HyperEnclave driver to support the Kylin operating system. The feature will enable confidential computing capabilities on Kylin OS, leveraging the trusted execution environment provided by HyperEnclave.

Motivation

Kylin operating system is widely used in Chinese enterprises. HyperEnclave offers a trusted execution environment that ensures confidentiality, integrity, and isolation of sensitive workloads. By enabling HyperEnclave support on Kylin OS, we aim to:

  1. Expand the adoption of HyperEnclave in trusted computing environments.
  2. Enhance the Kylin OS ecosystem with advanced confidential computing capabilities.

Expected outcomes include a fully functional HyperEnclave driver on Kylin OS, optimized for performance and reliability.

Explanation

To adapt HyperEnclave to the Kylin OS, the following tasks will be undertaken:

  1. Compatibility Analysis: Review the current HyperEnclave driver architecture and identify compatibility gaps with Kylin's kernel and libraries.
  2. Driver Porting: Modify the HyperEnclave driver to align with the Kylin OS kernel (e.g., kernel versioning, syscall differences).
  3. Testing: Validate the adapted driver in controlled environments using Hygon CSV hardware.
  4. Optimization: Ensure performance metrics meet or exceed benchmarks for similar platforms.
  5. Documentation: Provide detailed documentation for installation, configuration, and usage on Kylin OS.

Drawbacks

  1. Development effort and resources are required to port and test the driver.
  2. Potential challenges in maintaining compatibility with future updates of the Kylin OS.

Rationale and alternatives

The rationale for choosing this approach includes:

  • Strategic Importance: Kylin OS is a critical platform for secure deployments in key industries.
  • Hardware Support: HyperEnclave is already optimized for Hygon CSV, making this a logical next step.

Alternatives considered:

none

Unresolved questions

  1. Specific work plan and time schedule for adaptation.

This RFC serves as a starting point for discussion and collaboration. Feedback and suggestions are welcome!
@Bonjourz
Copy link
Collaborator

Hi, @1160300918 , we have gotten the Kylin Kernel source code and Kylin OS image. We need to prepare the development environment and then start the adaptation work.

This work is expected to take one to two months.

@Bonjourz Bonjourz self-assigned this Nov 26, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Bonjourz Bonjourz

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Bonjourz @1160300918