3. A Guide to Keystone Components¶
The Keystone repository (https://github.com/keystone-enclave/keystone) consists of a number of sub-components as gitmodules or directories. This is a brief overview of them.
3.1. bootrom¶
Keystone bootrom, including trusted boot chain.
3.2. buildroot¶
Link: https://github.com/keystone-enclave/buildroot
Linux buildroot. Builds a minimal working Linux image for our test platforms.
3.3. busybear-linux¶
Link: https://github.com/keystone-enclave/busybear-linux
Unmodified busybear Linux, supporting riscv. Deprecated. Soon to be removed.
3.4. docs¶
Contains read-the-docs formatted and hosted documentation, such as this article.
3.5. riscv-gnu-toolchain¶
Unmodified toolchain for building riscv targets. Required to build all other components.
3.6. linux-keystone-driver¶
Link: https://github.com/keystone-enclave/linux-keystone-driver
A loadable module for Keystone Enclave. Works in kernels >= 4.17
3.7. riscv-linux¶
Link: https://github.com/riscv/riscv-linux
Linux kernel with riscv patches. We use 4.15 with patches for the loadable module support.
3.8. riscv-pk¶
Link: https://github.com/keystone-enclave/riscv-pk
The proxy-kernel for machine-mode riscv. Trusted core component of Keystone, and includes the security monitor (in sm directory).
3.9. riscv-qemu¶
Qemu with riscv patches and minor modifications to better support PMP and Keystone needs for emulation. Our default testing platform.
3.10. sdk¶
Link: https://github.com/keystone-enclave/keystone-sdk
Tools, libraries, and tests for building applications on Keystone.
3.10.1. Runtime¶
Link: https://github.com/keystone-enclave/keystone-runtime
A submodule that implements the default minimal Keystone runtime running in S-mode for enclaves.
3.11. keystone-demo¶
Link: https://github.com/keystone-enclave/keystone-demo
A complete demo application using Keystone. Hosts an enclave that performs computation over data provided by a remote client using secure channels.