tvm-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nick Hynes <>
Subject [dmlc/tvm] [RFC][SGX] Use Fortanix EDP instead of rust-sgx-sdk (#2887)
Date Sun, 24 Mar 2019 19:50:50 GMT
(WIP PR: #2885)

**tl;dr**: The Rust compiler now has support for an SGX target, so users can make their own
enclaves using the unmodified TVM Rust runtime. In other words, TVM no longer needs to explicitly
support SGX.

The current TVM SGX infrastructure is built on [baidu/rust-sgx-sdk](
The proposal is to replace r-s-s with [fortanix/rust-sgx](
Indeed, removing the rust-sgx-sdk completely obviates the need for TVM to explicitly support

### Rationale

The Fortanix EDP is [now a tier 3 target for Rust](
which vastly simplifies the build process compared to r-s-s which requires compiling a custom
sysroot. Among other things, this
* eliminates the need for adding SGX-specific codes to TVM (in fact, we can remove any mention
of SGX from the TVM C++ and Rust codebases)
* eliminates the need for adding `xargo` and a patched version of rust-sgx-sdk to the TVM
* allows the use of more packages from the Rust ecosystem (e.g., the [`rand` crate now has
SGX support](
* allows the use of the real Rust standard library (instead of the custom one designed by
rust-sgx-sdk) and newer `rustc` nightlies

Additionally, the EDP is a pure-Rust implementation of SGX enclaves. Compared to the Intel
C++ implementation (which includes an entire C++ standard library), there is a smaller surface
area of attack. That the EDP is part of the Rust compiler and is used by the Fortanix company
means that the code is more actively maintained.

As shown in the [updated SGX example](,
the EDP allows users to compile TVM modules into enclaves using nothing more than the unmodified
TVM Rust runtime. Indeed, as the EDP allows running TCP servers in enclaves, all that must
be done to provide a high-quality user experience for enclaves is to add TVM RPC support to
the Rust runtime.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
  • Unnamed multipart/alternative (inline, 7-Bit, 0 bytes)
View raw message