Compiler-Aided Development of Trusted Enclaves with Rust

Abstract

To optimally utilize Intel SGX, programs must be partitioned into trusted and untrusted parts. Writing the trusted part of a program with Intel’s SDK, however, requires manual effort that often becomes an obstacle for programmers. In this work, we investigate how compiler-level tooling can assist with the semi-automatic separation of code into a trusted and an untrusted partition. We present Cadote, a solution that generates SGX enclaves from programs written in Rust. Application developers are expected to mark functions as trusted, for which enclaves are then generated automatically. All other functions remain untrusted and are executed outside Intel SGX in the normal world. We implemented this concept using compiler optimization passes of the LLVM framework. Targeting Rust as input language allows us to benefit from high-level concepts, such as memory safety, which enable us to safely copy function parameters between the normal and trusted world in practice.