ipex-llm
ipex-llm copied to clipboard
[PPML] Gramine MREnclave Enhancement
Description
Upgrade gramine SGX enclave to MREnclave, which is signed with hash values, and can be registered and attested by AS.
1. Why the change?
Eliminate the leakage risk caused by the insecurity of k8s secret. After the upgrade, no secret is needed to be hard-coded in the secure-argvs file anymore and every enclave can be attested, which makes users' enclave key and app safer.
2. User API changes
encalve-key.pem should not be mounted into container anymore.
3. Summary of the change
Implement a more secure PPML workflow and enhance Gramine through MREnclave.
4. How to test?
Github action.