You are recommended to fork the submodules to your own GitHub account, modify the code,
and send Pull Request (PR) into master branch. The admin will review the code before merging.
For the keystone main repo, you should PR for all of the changes of submodules first, and request PR into keystone:dev.
The admin will review the code and merge all of the submodules and then merge keystone.
Please try to write a full description of your modification when you PR or commit. Cite related issues if possible.
Please update the documentation if needed.
Snapshot - A certain version on any branch, having a unique commit hash. A snapshot is 1-1 mapped to a commit hash.
Healthy Snapshot - If a snapshot is not broken and works well with the up-to-date documentation, the snapshot is told to be healthy. However, it does not mean that the branch has no bug or security hole. There's no such snapshot.
Healthy Branch - If the latest snapshot of a branch is healthy, the branch is told to be healthy.
dev: contains the latest snapshot of the project. All changes first go to this branch.
master: contains the latest "healthy" snapshot pulled from dev
Optionally, we can occasionally have dev-<name of task> branches for a specific feature or a subproject.
For example, if we want to integrate CMA, we need to create a branch named something like dev-cma,
and work on the branch until everything has been done.
These branches should be deleted after merge.
The snapshot is healty if: (1) All documents are up-to-date and agree with the current code (2) All tests succeed
mastermust always be healthy- No direct commits allowed to
master.mastercan be updated only by PR-ing healthydev. devcan be unhealthy, but should be healthy before being merged intomasterIdeallydevshould not stay unhealthy more than a few days.
For sdk and runtime, <submodule>:master means the master branch of each submodule.
For riscv-pk use keystone instead of master as the master branch.
This is because those repositories are the mirrors of some upstream repos.
We want to keep master clean so that we can pull the upstream changes into master.
- The submodules in
keystone:masterandkeystone:devshould always point to the commits on<submodule>:master. masterof submodules should be always healthy (it compiles well and passes some basic tests).- The submodules can also have
dev-<name of task>branch for each open task. These kind of branches should be deleted right after merge
A version number consists of two positive integers: major and minor. For example, 1.14 means that the major is 1 and the minor is 14.
The numbers increase on each major release or minor release respectively.
"Releasing" is just giving a version number to the latest snapshot of the project.
The admins are in charge of the releases.
Major is usually used to indicate a big change in the product, and minor is usually used for minor updates.
We use roadmap-driven major and schedule-driven minor. For example, major increases only when we have some major changes (which is very rare). We do minor release at the end of every month (or every two month).
To release:
(1) Write a changelog.
(2) Create a tag with the next ersion number at the latest master
(3) Create a document version at readthedocs.org
For now, there is only one latest version. We don't support stable versions at this moment.
We have several specific TODOs that need contribution. Any other contributions are very welcomed.
- Better programming model for the enclaves in SDK (something like Google Asylo, Intel SGX SDK or even better)
- Integration with hardware memory encryption engine
- Better runtime supporting more system calls and dynamic library support
- More use-case applications
For potential collaboration or large suggestions, please feel free to create an issue or contact us (keystone-leads@googlegroups.com).