Lib.rs

Hardware support
#intel-sgx #confidential-computing #sgx-enclave #sgx-sdk #trusted #applications #tee

nightly sgx_trts

Rust SGX SDK provides the ability to write Intel SGX applications in Rust Programming Language

by Yu Ding and 38 contributors

10 stable releases

1.1.1 Apr 2, 2020
1.1.0 Dec 19, 2019
1.0.9 Sep 16, 2019
1.0.8 Jun 11, 2019
0.9.8 Mar 27, 2018

#1143 in Hardware support

Download history 26/week @ 2024-06-16 23/week @ 2024-06-23 6/week @ 2024-06-30 10/week @ 2024-07-07 28/week @ 2024-07-14 29/week @ 2024-07-21 17/week @ 2024-07-28 30/week @ 2024-08-04 12/week @ 2024-08-11 15/week @ 2024-08-18 16/week @ 2024-08-25 14/week @ 2024-09-01 11/week @ 2024-09-08 9/week @ 2024-09-15 21/week @ 2024-09-22 229/week @ 2024-09-29

270 downloads per month
Used in 10 crates (6 directly)

Custom license

170KB
3K SLoC

Note

Please visit our homepage for usage. Thanks!

lib.rs:

Trusted Runtime System

The Intel(R) SGX trusted runtime system (tRTS) is a key component of the Intel(R) Software Guard Extensions SDK. It provides the enclave entry point logic as well as other functions to be used by enclave developers.

Intel(R) Software Guard Extensions Helper Functions

CustomExceptionHandling

Intel(R) Software Guard Extensions Helper Functions

The tRTS provides the helper functions for you to determine whether a given address is within or outside enclave memory.

The tRTS provides a wrapper to the RDRAND instruction to generate a true random number from hardware. enclave developers should use the rsgx_read_rand function to get true random numbers.

CustomExceptionHandling

The Intel(R) Software Guard Extensions SDK provides an API to allow you to register functions, or exception handlers, to handle a limited set of hardware exceptions. When one of the enclave supported hardware exceptions occurs within the enclave, the registered exception handlers will be called in a specific order until an exception handler reports that it has handled the exception. For example, issuing a CPUID instruction inside an Enclave will result in a #UD fault (Invalid Opcode Exception). ISV enclave code can call rsgx_register_exception_handler to register a function of type sgx_exception_handler_t to respond to this exception. To check a list of enclave supported exceptions, see Intel(R) Software Guard Extensions Programming Reference.

Note

Custom exception handling is only supported in HW mode. Although the exception handlers can be registered in simulation mode, the exceptions cannot be caught and handled within the enclave.

Note

OCALLs are not allowed in the exception handler.

Note

Custom exception handing only saves general purpose registers in sgx_ exception_info_t. You should be careful when touching other registers in the exception handlers.

Note

If the exception handlers can not handle the exceptions, abort() is called. abort() makes the enclave unusable and generates another exception.

Dependencies