3. A Guide to Keystone Components¶
The Keystone repository (https://github.com/keystone-enclave/keystone) consists of a number of sub-components as gitmodules or directories. This is a brief overview of them.
3.1. bootrom¶
Keystone bootrom, including trusted boot chain.
3.2. busybear-linux¶
Link: https://github.com/keystone-enclave/busybear-linux
Unmodified busybear Linux, supporting riscv. Our default untrusted Linux OS for testing.
3.3. docs¶
Contains read-the-docs formatted and hosted documentation, such as this article.
3.4. riscv-gnu-toolchain¶
Unmodified toolchain for building riscv targets. Required to build all other components.
3.5. riscv-linux¶
Link: https://github.com/keystone-enclave/riscv-linux
Linux kernel with riscv patches, updated to mainline semi-regularly. Only Keystone modification is the Keystone driver, in arch/riscv/drivers/.
3.6. riscv-pk¶
Link: https://github.com/keystone-enclave/riscv-pk
The proxy-kernel for machine-mode riscv. Trusted core component of Keystone, and includes the security monitor (in sm directory).
3.7. riscv-qemu¶
Qemu with riscv patches and minor modifications to better support PMP and Keystone needs for emulation. Our default testing platform.
3.8. sdk¶
Link: https://github.com/keystone-enclave/keystone-sdk
Tools, libraries, and tests for building applications on Keystone.
3.8.1. Runtime¶
Link: https://github.com/keystone-enclave/keystone-runtime
A submodule that implements the default minimal Keystone runtime running in S-mode for enclaves.
3.9. keystone-demo¶
Link: https://github.com/keystone-enclave/keystone-demo
A complete demo application using Keystone. Hosts an enclave that performs computation over data provided by a remote client using secure channels.