Gramine Library OS
Overview, current state and future plans
- Track: Hardware-Aided Trusted Computing devroom
- Room: D.trusted-hardware
- Day: Saturday
- Start: 10:30
- End: 10:55
- Video with Q&A: D.trusted_hardware
- Video only: D.trusted_hardware
- Chat: Join the conversation!
Gramine (formerly called "Graphene") is a lightweight library OS, designed to run a single Linux application in an isolated environment. Currently, Gramine runs on Linux and Intel SGX enclaves on Linux platforms. With Intel SGX support, Gramine can secure a critical application in a hardware-encrypted memory region and protect the application from a malicious system stack with minimal porting effort ("lift and shift" approach).
Several major events happened to the Gramine project in 2021. Gramine changed its name, moved to a new GitHub repository, and joined Confidential Computing Consortium. The first production-ready release of Gramine -- v1.0 -- was published in October 2021. This talk will discuss all these events, as well as the current status of the project and its future plans.
Speakers
Dmitrii Kuvaiskii |