Sync branch dev/machine binding root key backup to main #206
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add backup schema for machine-binding-Rootkey
Signed-off-by: Liang Fang <liang.a.fang@intel.com>
Signed-off-by: Liang Fang <liang.a.fang@intel.com>
…ot_key_backup rename solution
RodgerZhu
added a commit
that referenced
this pull request
May 19, 2023
* Update README.md * update arch diagram Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * Update README.md * update arch diagram Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * Update README.md fix typo * add readthedoc Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * Update index.rst * Add Occlum backend support for gRPC-RA-TLS * Add CMake option SGX_RA_TLS_SDK to select RA-TLS SDK * Update gRPC-RA-TLS doc * Fix gRPC-RA-TLS build scripts * gprc-ra-tls: added remote attestation and verification support for grpc based on librats sdk Signed-off-by: Liang Yang <liang3.yang@intel.com> * Add scripts and readme for librats of grpc-ra-tls Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Fix attestation example of grpc-ra-tls Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Update index.md * Update index.md * Update README.md * Add ByteDance Cloud deployment validation configuration. * Update cloud deployment * [Fix link] Fix link to Occulum github and small issue with wording * Fix JNI String bug Signed-off-by: Liang Fang <liang.a.fang@intel.com> * change Gramine path to lowercase * Fix JNI String bug Signed-off-by: Liang Fang <liang.a.fang@intel.com> * change Gramine path to lowercase * Add support for hfl deployments on Azure * Update cloudDeployment.md * Update hfl.md * Add files via upload * Fix version of dependent package in tf-serving * Add support for tf-serving deployments on Azure Start tf-serving container in the background Fix tf-serving dockerfile to specify tensorflow-model-server version compatible with Ubuntu 18.04 glibc Change tf-serving k8s deployment to only request two cpus, to specify local docker registry, to fix file paths * Update tensorflow-serving-cluster/index.rst * Update cloudDeployment.md * Add setup_azure_vm.sh * Modify secret_prov.dockerfile to include && operator between Azure DCAP Client build steps * Modify secret_prov.dockerfile to include && operator between Azure DCAP Client build steps * Update tensorflow-serving-cluster/index.rst * Load secret from clf_server.conf This secret can be used as pf key Signed-off-by: Liang Fang <liang.a.fang@intel.com> * BigDL PPML * Refine reference * Add bigdl ppml readthedoc * Refine link * Update tensorflow-serving-cluster/index.rst * Add Recommendation System example * delete log files * Add Recommendation System example * Modify README.md * Modify container config and README * Modify README * Update dockerfile * make port and cert configurable Signed-off-by: Liang Fang <liang.a.fang@intel.com> * fix buffer overflow Signed-off-by: Liang Fang <liang.a.fang@intel.com> * use log_error to replace print Signed-off-by: Liang Fang <liang.a.fang@intel.com> * Load secret from clf_server.conf This secret can be used as pf key Signed-off-by: Liang Fang <liang.a.fang@intel.com> * make port and cert configurable Signed-off-by: Liang Fang <liang.a.fang@intel.com> * fix buffer overflow Signed-off-by: Liang Fang <liang.a.fang@intel.com> * use log_error to replace print Signed-off-by: Liang Fang <liang.a.fang@intel.com> * Update and rename install cr_lan framework .bash to auto_install_clf.bash * Update auto_install_clf.bash * TEE dev image: upgrade base image to ubuntu:20.04 && upgrade gramine version to v1.2 Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Upgrade base image of tf-serving to ubuntu:20.04 * initial commit of phe_homo_lr Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * Upgrade TF-Serving base image && Update readme * Update phe_homo_lr.md * upgrade gramine to v1.2 and ipcl to v1.1.3 Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * Update support for hfl deployments on Azure Reduce recommendation system cores per container from 12 to 9 to accommodate 48 core DCsv3 Azure VM Add VM setup script for Azure * Add dependencies to setup_azure_vm.sh * Update hfl.md * Update README.md * Update hfl.md * Add psi with Intel SGX solution * solve a known issue * solve sgx lib installation issue * Modify doc * initial commit of phe_homo_lr Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * Update phe_homo_lr.md * upgrade gramine to v1.2 and ipcl to v1.1.3 Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * Fix kubernetes version to 1.23.9 in tensorflow-serving-cluster Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Update occlum and gramine dev docker files Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Update grpc-ra-tls dev docker image * Update grpc-ra-tls readme Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Update tensorflow-serving-cluster/index.rst * TEE dev image: upgrade base image to ubuntu:20.04 && upgrade gramine version to v1.2 Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Upgrade base image of tf-serving to ubuntu:20.04 * Upgrade TF-Serving base image && Update readme * Fix kubernetes version to 1.23.9 in tensorflow-serving-cluster Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Update occlum and gramine dev docker files Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Update grpc-ra-tls dev docker image * Update grpc-ra-tls readme Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * add the diagram to readme Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * Fix some known issues * Update PSI.md * Update phe_homo_lr.md * Update README.md * Fix grpc-ra-tls merge error Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Add Ubuntu 20.04 support, upgrade gramine to v1.2 and update doc * Update doc * Modify the image path * Add Ubuntu 20.04 support, upgrade gramine to v1.2 and update doc * Update doc * Modify the image path * Set CLF copyright to Apache2.0 copyright set as below: /* * * Copyright (c) 2022 Intel Corporation * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. * */ Signed-off-by: Liang Fang <liang.a.fang@intel.com> * modify code to fit Gramine code change Gramine changed secret_prov file path and API, we do code change to fit that. Signed-off-by: Liang Fang <liang.a.fang@intel.com> * Fix tensorflow-protobuf TypeError (by explicitly installing protobuf 3.19.2). Fix secret_prov.dockerfile so tzdata setup is non-interactive. * Update index.rst * Update index.rst Kubernetes instructions * modify code to fit Gramine code change Gramine changed secret_prov file path and API, we do code change to fit that. Signed-off-by: Liang Fang <liang.a.fang@intel.com> * Update hfl.md * enable gramine in anolisos and update docs and readme * fixup! enable gramine in anolisos and update docs and readme * Add support for Ubuntu 20.04 and gramine v1.2 * Update dockerfiles in common folder * Update image * Support docker Signed-off-by: Liang Fang <liang.a.fang@intel.com> * Add vertical federated learning solution support for Azure deployments (#140) Update vertical_fl submodule to the latest commit from fedlearner fix_dev_sgx branch. Fix port numbers in test-ps-sgx.sh. Update VFL documentation. * add the script to support tencent ccp Signed-off-by: Liang Fang <liang.a.fang@intel.com> * add parameters and revise Readme * Add TF Serving integration in Anolis (#147) * Upgrade gramine to v1.2 in tensorflow-serving-cluster * Enable tf-serving-cluster in Anolisos (#139) * Upgrade gramine to v1.2 in tensorflow-serving-cluster * Enable tf-serving-cluster in Anolis OS Co-authored-by: Liang, Ma <liang3.ma@intel.com> * Add HFL integration in Anolis docker * Add Ubuntu 20.04 support, upgrade gramine to v1.2 and update doc * Update doc * Modify the image path * enable gramine in anolisos and update docs and readme * fixup! enable gramine in anolisos and update docs and readme * Fix bug for anolisos in hfl Co-authored-by: Zhu Yunge <yunge.zhu@intel.com> Co-authored-by: Hsy-Intel <siyuan.hui@intel.com> Co-authored-by: Liang,Ma <liang3.ma@intel.com> * Fix bugs in parameter parsing Signed-off-by: Liang Fang <liang.a.fang@intel.com> * Update ehsm rats-tls sourcecode download method in the docs. Signed-off-by: pengyuabc <pengyux.ji@intel.com> * revise dockerfile and convert_docker file * add clf_server ccp template Signed-off-by: Liang Fang <liang.a.fang@intel.com> * Enable TF Serving in CCP (#153) * Ccp 3 (#137) * Set CLF copyright to Apache2.0 copyright set as below: /* * * Copyright (c) 2022 Intel Corporation * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. * */ * Add ccp support for tf serving * Add ccp support for tf serving * Add replace process for ssl.cfg in tf-serving * Fix CCP script errors * Update sgx_default_qcnl.conf Signed-off-by: pengyuabc <pengyux.ji@intel.com> * Update CLF to main (#154) * Support docker Signed-off-by: Liang Fang <liang.a.fang@intel.com> * add the script to support tencent ccp Signed-off-by: Liang Fang <liang.a.fang@intel.com> * add parameters and revise Readme * Fix bugs in parameter parsing Signed-off-by: Liang Fang <liang.a.fang@intel.com> * revise dockerfile and convert_docker file Signed-off-by: Liang Fang <liang.a.fang@intel.com> Co-authored-by: Liang Fang <liang.a.fang@intel.com> Co-authored-by: hhr293 <17888821684@163.com> Co-authored-by: ubuntu <ubuntu@localhost.localdomain> * Fix bug: mrenclave checking is broken by last commit Signed-off-by: Liang Fang <liang.a.fang@intel.com> * revise convert_docker file and add readme for ccp * Update README_for_clf_server.md * Update README_for_clf_client.md * secure logistic regression inference based on HE and SGX (#151) (#159) * inital commit Signed-off-by: Xiaojun Huang <xiaojun.huang@intel.com> * first commit of lr_sgx_he solution Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * infer client and infer server communicate via grpc Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * add dockerfile and build scripts Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * update dockerfile and build scripts Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * Create README.md * Update README.md * update license wording in each file Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * update the license date of gflags.cmake Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * add the doc of lr_infer_he_sgx Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> Signed-off-by: Xiaojun Huang <xiaojun.huang@intel.com> Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> Co-authored-by: Zhu Yunge <yunge.zhu@intel.com> Signed-off-by: Xiaojun Huang <xiaojun.huang@intel.com> Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> Co-authored-by: Xiaojun Huang <xiaojun.huang@intel.com> * Add librats (#160) * Refine rats-tls index in the doc Signed-off-by: RodgerZhu <yunge.zhu@intel.com> * cczoo: Add librats project into cczoo (#152) Signed-off-by: Liang Yang <liang3.yang@intel.com> Signed-off-by: Liang Yang <liang3.yang@intel.com> Signed-off-by: RodgerZhu <yunge.zhu@intel.com> Signed-off-by: Liang Yang <liang3.yang@intel.com> Co-authored-by: YangLiang <liang3.yang@intel.com> * Enable psi in anolisos (#135) * enable psi in anolisos * fixup! enable psi in anolisos * fixup! enable psi in anolisos * Enable PSI with Anolis (#161) * Add support for Ubuntu 20.04 and gramine v1.2 * Update dockerfiles in common folder * Update image * Enable psi in anolisos (#135) * enable psi in anolisos * fixup! enable psi in anolisos * fixup! enable psi in anolisos Co-authored-by: Hsy-Intel <siyuan.hui@intel.com> Co-authored-by: Liang Ma <liang3.ma@intel.com> * Update README.md * Update README.md * Add script to generate certification Signed-off-by: Liang Fang <liang.a.fang@intel.com> * add commandline option to gen_cert.sh Signed-off-by: Liang Fang <liang.a.fang@intel.com> * Update lr_he readme and doc (#166) * Update README.md * Update index.md Signed-off-by: Xiaojun Huang <xiaojun.huang@intel.com> * Update cloudDeployment.md * Update build_python.sh * Update build_cpp.sh * revert to last commit - graminev1.2 (#167) Signed-off-by: Liang Fang <liang.a.fang@intel.com> Signed-off-by: Liang Fang <liang.a.fang@intel.com> * Upgrade gramine from v1.2 to v1.3.1 (#164) * Upgrade gramine from v1.2 to v1.3.1 * fixup! Upgrade gramine from v1.2 to v1.3.1 * Update Gramine v1.2 to v1.3.1 (#173) * Upgrade gramine to v1.2 in tensorflow-serving-cluster * Enable tf-serving-cluster in Anolisos (#139) * Upgrade gramine to v1.2 in tensorflow-serving-cluster * Enable tf-serving-cluster in Anolis OS * Ccp 3 (#137) * Set CLF copyright to Apache2.0 copyright set as below: /* * * Copyright (c) 2022 Intel Corporation * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. * */ Signed-off-by: Liang Fang <liang.a.fang@intel.com> * modify code to fit Gramine code change Gramine changed secret_prov file path and API, we do code change to fit that. Signed-off-by: Liang Fang <liang.a.fang@intel.com> * modify code to fit Gramine code change Gramine changed secret_prov file path and API, we do code change to fit that. Signed-off-by: Liang Fang <liang.a.fang@intel.com> * Update hfl.md * Add ccp support for tf serving * Add ccp support for tf serving * Add replace process for ssl.cfg in tf-serving * fixup! update docs and readme * Add TF Serving integration in Anolis (#147) * Upgrade gramine to v1.2 in tensorflow-serving-cluster * Enable tf-serving-cluster in Anolisos (#139) * Upgrade gramine to v1.2 in tensorflow-serving-cluster * Enable tf-serving-cluster in Anolis OS Co-authored-by: Liang, Ma <liang3.ma@intel.com> * Add HFL integration in Anolis docker * Add Ubuntu 20.04 support, upgrade gramine to v1.2 and update doc * Update doc * Modify the image path * enable gramine in anolisos and update docs and readme * fixup! enable gramine in anolisos and update docs and readme * Fix bug for anolisos in hfl Co-authored-by: Zhu Yunge <yunge.zhu@intel.com> Co-authored-by: Hsy-Intel <siyuan.hui@intel.com> Co-authored-by: Liang,Ma <liang3.ma@intel.com> * Update ehsm rats-tls sourcecode download method in the docs. Signed-off-by: pengyuabc <pengyux.ji@intel.com> * Fix CCP script errors * Update sgx_default_qcnl.conf Signed-off-by: Liang Fang <liang.a.fang@intel.com> Signed-off-by: pengyuabc <pengyux.ji@intel.com> Co-authored-by: Liang Fang <liang.a.fang@intel.com> Co-authored-by: Zhu Yunge <yunge.zhu@intel.com> Co-authored-by: Bu Jianlin <jianlinx.bu@intel.com> Co-authored-by: Liang, Ma <liang3.ma@intel.com> Co-authored-by: Hsy-Intel <siyuan.hui@intel.com> * Upgrade gramine from v1.2 to v1.3.1 in tf-serving-cluster (#171) Signed-off-by: Liang Fang <liang.a.fang@intel.com> Signed-off-by: pengyuabc <pengyux.ji@intel.com> Co-authored-by: Liang, Ma <liang3.ma@intel.com> Co-authored-by: pengyuabc <109656991+pengyuabc@users.noreply.github.com> Co-authored-by: Liang Fang <liang.a.fang@intel.com> Co-authored-by: Bu Jianlin <jianlinx.bu@intel.com> Co-authored-by: Hsy-Intel <siyuan.hui@intel.com> * revert to last commit - graminev1.2 (#167) Signed-off-by: Liang Fang <liang.a.fang@intel.com> Signed-off-by: Liang Fang <liang.a.fang@intel.com> * Support lr he grpc under Azure (#174) * secure logistic regression inference based on HE and SGX (#151) * inital commit Signed-off-by: Xiaojun Huang <xiaojun.huang@intel.com> * first commit of lr_sgx_he solution Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * infer client and infer server communicate via grpc Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * add dockerfile and build scripts Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * update dockerfile and build scripts Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * Create README.md * Update README.md * update license wording in each file Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * update the license date of gflags.cmake Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * add the doc of lr_infer_he_sgx Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> Signed-off-by: Xiaojun Huang <xiaojun.huang@intel.com> Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> Co-authored-by: Zhu Yunge <yunge.zhu@intel.com> * update readme and document (#165) * Update README.md * Update index.md Signed-off-by: Xiaojun Huang <xiaojun.huang@intel.com> * Add Secure Logistic Regression Inference with HE and Intel SGX solution support for Azure deployments (#170) Signed-off-by: Xiaojun Huang <xiaojun.huang@intel.com> Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> Co-authored-by: Xiaojun Huang <xiaojun.huang@intel.com> Co-authored-by: shui1 <sammy.hui@intel.com> * Support for Gramine v1.2 and update docs (#172) * Support for gramine v1.2 and update docs * update docs Co-authored-by: 0400h <git@0400h.cn> * remove cryptography from dockerfile remove cryptography to pass OSPDT Signed-off-by: Liang Fang <liang.a.fang@intel.com> * remove cryptography from dockerfile (#178) remove cryptography Signed-off-by: Liang Fang <liang.a.fang@intel.com> * Modify HFL to start containers in detached mode for automation purposes (#177) * Sync PSI branch to main (#182) * Add support for Ubuntu 20.04 and gramine v1.2 * Update dockerfiles in common folder * enable psi in anolisos * fixup! enable psi in anolisos * Support for Gramine v1.2 and update docs (#172) * update docs Co-authored-by: 0400h <git@0400h.cn> Co-authored-by: Hsy-Intel <siyuan.hui@intel.com> Co-authored-by: Liang Ma <liang3.ma@intel.com> Co-authored-by: 0400h <git@0400h.cn> * Modify documentation to move solution ingredients from the prerequisite section into their own list (a clarification based on user feedback) (#183) * Add penetration testing * Update README.md * Sync dev/pentests to main (#187) * Add two-stage demos for Pentests (#186) * Add two-stage key_generator demo for Pentests Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Fix memory_attack doc path Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Fix hyperlinks for Pentests doc Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Update README.md * Update Overview.md Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> Co-authored-by: 0400H <jianlinx.bu@intel.com> * Added some miss components (#188) * Fix app version (#191) * Revert "Fix app version (#191)" (#192) This reverts commit 9889b34. * Work around python extract tarfile error in encrypted file system (#195) * Change gramine build type to release to workaround python extract tarfile error in encrypted file system * Fix anolisos image build error && Add usage help for gramine-sgx-dev * Submit HTTPA solution (#198) * First commit for httpa * update index.rst for httpa * Update for adding PoC texts * add tootip for clf_server and clf_client (#158) * Sync branch-dev/cross_lang_framework to main Signed-off-by: <RodgerZhu> * Update README.md * fix typo in readme - fix typo - move ca_cert from trust file to allowed file, so that ca_cert can be mapped in in container environment. Signed-off-by: Liang Fang <liang.a.fang@intel.com> * Update VFL and tf-serving documentation (#200) * Fixed app version (#194) * Add Private Set Intersection support for Azure deployments (#185) * Add Private Set Intersection support for Azure deployments * Revert PSI changes to start_container.sh that started containers detached * Sync branch0.1/tf serving cluster to main (#202) * Upgrade gramine to v1.2 in tensorflow-serving-cluster * Enable tf-serving-cluster in Anolisos (#139) * Upgrade gramine to v1.2 in tensorflow-serving-cluster * Enable tf-serving-cluster in Anolis OS * Ccp 3 (#137) * Set CLF copyright to Apache2.0 copyright set as below: /* * * Copyright (c) 2022 Intel Corporation * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. * */ Signed-off-by: Liang Fang <liang.a.fang@intel.com> * modify code to fit Gramine code change Gramine changed secret_prov file path and API, we do code change to fit that. Signed-off-by: Liang Fang <liang.a.fang@intel.com> * modify code to fit Gramine code change Gramine changed secret_prov file path and API, we do code change to fit that. Signed-off-by: Liang Fang <liang.a.fang@intel.com> * Update hfl.md * Add ccp support for tf serving * Add ccp support for tf serving * Add replace process for ssl.cfg in tf-serving * fixup! update docs and readme * Add TF Serving integration in Anolis (#147) * Upgrade gramine to v1.2 in tensorflow-serving-cluster * Enable tf-serving-cluster in Anolisos (#139) * Upgrade gramine to v1.2 in tensorflow-serving-cluster * Enable tf-serving-cluster in Anolis OS Co-authored-by: Liang, Ma <liang3.ma@intel.com> * Add HFL integration in Anolis docker * Add Ubuntu 20.04 support, upgrade gramine to v1.2 and update doc * Update doc * Modify the image path * enable gramine in anolisos and update docs and readme * fixup! enable gramine in anolisos and update docs and readme * Fix bug for anolisos in hfl Co-authored-by: Zhu Yunge <yunge.zhu@intel.com> Co-authored-by: Hsy-Intel <siyuan.hui@intel.com> Co-authored-by: Liang,Ma <liang3.ma@intel.com> * Update ehsm rats-tls sourcecode download method in the docs. Signed-off-by: pengyuabc <pengyux.ji@intel.com> * Fix CCP script errors * Update sgx_default_qcnl.conf Signed-off-by: Liang Fang <liang.a.fang@intel.com> Signed-off-by: pengyuabc <pengyux.ji@intel.com> Co-authored-by: Liang Fang <liang.a.fang@intel.com> Co-authored-by: Zhu Yunge <yunge.zhu@intel.com> Co-authored-by: Bu Jianlin <jianlinx.bu@intel.com> Co-authored-by: Liang, Ma <liang3.ma@intel.com> Co-authored-by: Hsy-Intel <siyuan.hui@intel.com> * Upgrade gramine from v1.2 to v1.3.1 in tf-serving-cluster (#171) * Modify tensorflow_model_server install method (#176) --------- Signed-off-by: Liang Fang <liang.a.fang@intel.com> Signed-off-by: pengyuabc <pengyux.ji@intel.com> Co-authored-by: Liang, Ma <liang3.ma@intel.com> Co-authored-by: pengyuabc <109656991+pengyuabc@users.noreply.github.com> Co-authored-by: Liang Fang <liang.a.fang@intel.com> Co-authored-by: Bu Jianlin <jianlinx.bu@intel.com> Co-authored-by: Hsy-Intel <siyuan.hui@intel.com> * Update ccp-tf-serving documentation (#201) * update document * Update README.md * Update README.md * Update README.md * Update README.md --------- Co-authored-by: root <RodgerZhu> * Sync branch dev/machine binding root key backup to main (#206) * add backup schema of machine binding Rootkey * rename folder name to machine_binding_key_backup Signed-off-by: Liang Fang <liang.a.fang@intel.com> * revise README to correct solution name Signed-off-by: Liang Fang <liang.a.fang@intel.com> --------- Signed-off-by: Liang Fang <liang.a.fang@intel.com> Co-authored-by: JinkaiYang <jinkai.yang@intel.com> Co-authored-by: Liang Fang <liang.a.fang@intel.com> * Update encryption tool & key * Update tensorflow_model_server.toml * Update cert * Update tf_serving.dockerfile * Update tf_serving.dockerfile * Add files via upload * Update tensorflow_model_server.toml * Update tf_serving.dockerfile Remove libsecret_prov_attest.so since it will be found in system path. * Update tensorflow_model_server.toml * Update README.md * Update cloudDeployment.md * Archiving Notice * Update README.md * Add solution tdx-encrypted-vfs and tdx-tf-serving-ppml (#210) * Add solution tdx-encrypted-vfs * Add solution tdx-tf-serving-ppml * Add tdx-hfl solution (#209) (#211) * Add tdx-hfl solution * update copyright Co-authored-by: Hsy-Intel <siyuan.hui@intel.com> * Update tdx-hfl.md * Update README.md * Update requirements.txt * Upgrade tensorflow version (#214) * Bump tensorflow (#213) Bumps [tensorflow](https://github.com/tensorflow/tensorflow) from 2.6.2 to 2.11.1. - [Release notes](https://github.com/tensorflow/tensorflow/releases) - [Changelog](https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md) - [Commits](tensorflow/tensorflow@v2.6.2...v2.11.1) --- updated-dependencies: - dependency-name: tensorflow dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update requirements.txt * Update requirements.txt * Update requirements.txt * Bump pillow from 9.2.0 to 9.3.0 in /documents/readthedoc (#215) Bumps [pillow](https://github.com/python-pillow/Pillow) from 9.2.0 to 9.3.0. - [Release notes](https://github.com/python-pillow/Pillow/releases) - [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst) - [Commits](python-pillow/Pillow@9.2.0...9.3.0) --- updated-dependencies: - dependency-name: pillow dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Fix horizontal_fl/start_container.sh script (#212) Signed-off-by: Kun Lai <me@imlk.top> * Add TF Serving Cluster PPML support for Azure AKS and MAA (#217) * Add TF Serving Cluster PPML support for Azure AKS and MAA * Modify secret provider to check mr_enclave/mr_signer measurements of tf_serving service * Add miscellaneous enhancements - Encrypt ssl.cfg, the private TLS key used by tf-serving container - Update documentation - Add convenience scripts - Change tf-serving imagePullPolicy to Always * Update index.rst * Update index.rst * Update dependencies in requirements.txt * Update manifest.template for anolisos --------- Co-authored-by: Zhu Yunge <yunge.zhu@intel.com> * Add TDX Linux Stack Signed-off-by: yunge.zhu@intel.com <yunge.zhu@intel.com> * Update index.rst * Add TDX dev docker image Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Add TDX-TEE and Bazel support for grpc-ratls Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Update gRPC-RATLS README Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> --------- Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> Signed-off-by: Liang Yang <liang3.yang@intel.com> Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> Signed-off-by: Liang Fang <liang.a.fang@intel.com> Signed-off-by: RodgerZhu <yunge.zhu@intel.com> Signed-off-by: Zhu Yunge <yunge.zhu@intel.com> Signed-off-by: pengyuabc <pengyux.ji@intel.com> Signed-off-by: Xiaojun Huang <xiaojun.huang@intel.com> Signed-off-by: <RodgerZhu> Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Kun Lai <me@imlk.top> Signed-off-by: yunge.zhu@intel.com <yunge.zhu@intel.com> Co-authored-by: Liang Fang <liang.a.fang@intel.com> Co-authored-by: Xiaojun Huang <xiaojun.huang@intel.com> Co-authored-by: RodgerZhu <yunge.zhu@intel.com> Co-authored-by: Liang Yang <liang3.yang@intel.com> Co-authored-by: Sankaranarayanan Venkatasubramanian <sankaranarayanan.venkatasubramanian@intel.com> Co-authored-by: Hui, Sammy <sammy.hui@intel.com> Co-authored-by: hhr293 <17888821684@163.com> Co-authored-by: Ji Pengyu <pengyux.ji@intel.com> Co-authored-by: Qiyuan Gong <qiyuan.gong@intel.com> Co-authored-by: Hsy-Intel <siyuan.hui@intel.com> Co-authored-by: root <root@icx004-S2600WC.sh.intel.com> Co-authored-by: root <root@ocsbesrhlrepo01.amr.corp.intel.com> Co-authored-by: Liang,Ma <liang3.ma@intel.com> Co-authored-by: pengyuabc <109656991+pengyuabc@users.noreply.github.com> Co-authored-by: ubuntu <ubuntu@localhost.localdomain> Co-authored-by: 0400h <git@0400h.cn> Co-authored-by: Hans Wang <hanboa@users.noreply.github.com> Co-authored-by: root <RodgerZhu> Co-authored-by: JinkaiYang <jinkai.yang@intel.com> Co-authored-by: Stewart Blacklock <stewart.f.blacklock@intel.com> Co-authored-by: Robert Dower <robert.dower@intel.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: imlk <me@imlk.top>
RodgerZhu
added a commit
that referenced
this pull request
Jan 4, 2024
* Add support for tf-serving deployments on Azure Start tf-serving container in the background Fix tf-serving dockerfile to specify tensorflow-model-server version compatible with Ubuntu 18.04 glibc Change tf-serving k8s deployment to only request two cpus, to specify local docker registry, to fix file paths * Update tensorflow-serving-cluster/index.rst * Update cloudDeployment.md * Add setup_azure_vm.sh * Modify secret_prov.dockerfile to include && operator between Azure DCAP Client build steps * Modify secret_prov.dockerfile to include && operator between Azure DCAP Client build steps * Update tensorflow-serving-cluster/index.rst * Load secret from clf_server.conf This secret can be used as pf key Signed-off-by: Liang Fang <liang.a.fang@intel.com> * BigDL PPML * Refine reference * Add bigdl ppml readthedoc * Refine link * Update tensorflow-serving-cluster/index.rst * Add Recommendation System example * delete log files * Add Recommendation System example * Modify README.md * Modify container config and README * Modify README * Update dockerfile * make port and cert configurable Signed-off-by: Liang Fang <liang.a.fang@intel.com> * fix buffer overflow Signed-off-by: Liang Fang <liang.a.fang@intel.com> * use log_error to replace print Signed-off-by: Liang Fang <liang.a.fang@intel.com> * Load secret from clf_server.conf This secret can be used as pf key Signed-off-by: Liang Fang <liang.a.fang@intel.com> * make port and cert configurable Signed-off-by: Liang Fang <liang.a.fang@intel.com> * fix buffer overflow Signed-off-by: Liang Fang <liang.a.fang@intel.com> * use log_error to replace print Signed-off-by: Liang Fang <liang.a.fang@intel.com> * Update and rename install cr_lan framework .bash to auto_install_clf.bash * Update auto_install_clf.bash * TEE dev image: upgrade base image to ubuntu:20.04 && upgrade gramine version to v1.2 Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Upgrade base image of tf-serving to ubuntu:20.04 * initial commit of phe_homo_lr Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * Upgrade TF-Serving base image && Update readme * Update phe_homo_lr.md * upgrade gramine to v1.2 and ipcl to v1.1.3 Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * Update support for hfl deployments on Azure Reduce recommendation system cores per container from 12 to 9 to accommodate 48 core DCsv3 Azure VM Add VM setup script for Azure * Add dependencies to setup_azure_vm.sh * Update hfl.md * Update README.md * Update hfl.md * Add psi with Intel SGX solution * solve a known issue * solve sgx lib installation issue * Modify doc * initial commit of phe_homo_lr Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * Update phe_homo_lr.md * upgrade gramine to v1.2 and ipcl to v1.1.3 Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * Fix kubernetes version to 1.23.9 in tensorflow-serving-cluster Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Update occlum and gramine dev docker files Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Update grpc-ra-tls dev docker image * Update grpc-ra-tls readme Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Update tensorflow-serving-cluster/index.rst * TEE dev image: upgrade base image to ubuntu:20.04 && upgrade gramine version to v1.2 Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Upgrade base image of tf-serving to ubuntu:20.04 * Upgrade TF-Serving base image && Update readme * Fix kubernetes version to 1.23.9 in tensorflow-serving-cluster Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Update occlum and gramine dev docker files Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Update grpc-ra-tls dev docker image * Update grpc-ra-tls readme Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * add the diagram to readme Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * Fix some known issues * Update PSI.md * Update phe_homo_lr.md * Update README.md * Fix grpc-ra-tls merge error Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Add Ubuntu 20.04 support, upgrade gramine to v1.2 and update doc * Update doc * Modify the image path * Add Ubuntu 20.04 support, upgrade gramine to v1.2 and update doc * Update doc * Modify the image path * Set CLF copyright to Apache2.0 copyright set as below: /* * * Copyright (c) 2022 Intel Corporation * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. * */ Signed-off-by: Liang Fang <liang.a.fang@intel.com> * modify code to fit Gramine code change Gramine changed secret_prov file path and API, we do code change to fit that. Signed-off-by: Liang Fang <liang.a.fang@intel.com> * Fix tensorflow-protobuf TypeError (by explicitly installing protobuf 3.19.2). Fix secret_prov.dockerfile so tzdata setup is non-interactive. * Update index.rst * Update index.rst Kubernetes instructions * modify code to fit Gramine code change Gramine changed secret_prov file path and API, we do code change to fit that. Signed-off-by: Liang Fang <liang.a.fang@intel.com> * Update hfl.md * enable gramine in anolisos and update docs and readme * fixup! enable gramine in anolisos and update docs and readme * Add support for Ubuntu 20.04 and gramine v1.2 * Update dockerfiles in common folder * Update image * Support docker Signed-off-by: Liang Fang <liang.a.fang@intel.com> * add the script to support tencent ccp Signed-off-by: Liang Fang <liang.a.fang@intel.com> * add parameters and revise Readme * Add TF Serving integration in Anolis (#147) * Upgrade gramine to v1.2 in tensorflow-serving-cluster * Enable tf-serving-cluster in Anolisos (#139) * Upgrade gramine to v1.2 in tensorflow-serving-cluster * Enable tf-serving-cluster in Anolis OS Co-authored-by: Liang, Ma <liang3.ma@intel.com> * Add HFL integration in Anolis docker * Add Ubuntu 20.04 support, upgrade gramine to v1.2 and update doc * Update doc * Modify the image path * enable gramine in anolisos and update docs and readme * fixup! enable gramine in anolisos and update docs and readme * Fix bug for anolisos in hfl Co-authored-by: Zhu Yunge <yunge.zhu@intel.com> Co-authored-by: Hsy-Intel <siyuan.hui@intel.com> Co-authored-by: Liang,Ma <liang3.ma@intel.com> * Fix bugs in parameter parsing Signed-off-by: Liang Fang <liang.a.fang@intel.com> * Update ehsm rats-tls sourcecode download method in the docs. Signed-off-by: pengyuabc <pengyux.ji@intel.com> * revise dockerfile and convert_docker file * add clf_server ccp template Signed-off-by: Liang Fang <liang.a.fang@intel.com> * Enable TF Serving in CCP (#153) * Ccp 3 (#137) * Set CLF copyright to Apache2.0 copyright set as below: /* * * Copyright (c) 2022 Intel Corporation * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. * */ * Add ccp support for tf serving * Add ccp support for tf serving * Add replace process for ssl.cfg in tf-serving * Fix CCP script errors * Update sgx_default_qcnl.conf Signed-off-by: pengyuabc <pengyux.ji@intel.com> * Update CLF to main (#154) * Support docker Signed-off-by: Liang Fang <liang.a.fang@intel.com> * add the script to support tencent ccp Signed-off-by: Liang Fang <liang.a.fang@intel.com> * add parameters and revise Readme * Fix bugs in parameter parsing Signed-off-by: Liang Fang <liang.a.fang@intel.com> * revise dockerfile and convert_docker file Signed-off-by: Liang Fang <liang.a.fang@intel.com> Co-authored-by: Liang Fang <liang.a.fang@intel.com> Co-authored-by: hhr293 <17888821684@163.com> Co-authored-by: ubuntu <ubuntu@localhost.localdomain> * Fix bug: mrenclave checking is broken by last commit Signed-off-by: Liang Fang <liang.a.fang@intel.com> * revise convert_docker file and add readme for ccp * Update README_for_clf_server.md * Update README_for_clf_client.md * secure logistic regression inference based on HE and SGX (#151) (#159) * inital commit Signed-off-by: Xiaojun Huang <xiaojun.huang@intel.com> * first commit of lr_sgx_he solution Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * infer client and infer server communicate via grpc Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * add dockerfile and build scripts Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * update dockerfile and build scripts Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * Create README.md * Update README.md * update license wording in each file Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * update the license date of gflags.cmake Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * add the doc of lr_infer_he_sgx Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> Signed-off-by: Xiaojun Huang <xiaojun.huang@intel.com> Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> Co-authored-by: Zhu Yunge <yunge.zhu@intel.com> Signed-off-by: Xiaojun Huang <xiaojun.huang@intel.com> Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> Co-authored-by: Xiaojun Huang <xiaojun.huang@intel.com> * Add librats (#160) * Refine rats-tls index in the doc Signed-off-by: RodgerZhu <yunge.zhu@intel.com> * cczoo: Add librats project into cczoo (#152) Signed-off-by: Liang Yang <liang3.yang@intel.com> Signed-off-by: Liang Yang <liang3.yang@intel.com> Signed-off-by: RodgerZhu <yunge.zhu@intel.com> Signed-off-by: Liang Yang <liang3.yang@intel.com> Co-authored-by: YangLiang <liang3.yang@intel.com> * Enable psi in anolisos (#135) * enable psi in anolisos * fixup! enable psi in anolisos * fixup! enable psi in anolisos * Enable PSI with Anolis (#161) * Add support for Ubuntu 20.04 and gramine v1.2 * Update dockerfiles in common folder * Update image * Enable psi in anolisos (#135) * enable psi in anolisos * fixup! enable psi in anolisos * fixup! enable psi in anolisos Co-authored-by: Hsy-Intel <siyuan.hui@intel.com> Co-authored-by: Liang Ma <liang3.ma@intel.com> * Update README.md * Update README.md * Add script to generate certification Signed-off-by: Liang Fang <liang.a.fang@intel.com> * add commandline option to gen_cert.sh Signed-off-by: Liang Fang <liang.a.fang@intel.com> * Update lr_he readme and doc (#166) * Update README.md * Update index.md Signed-off-by: Xiaojun Huang <xiaojun.huang@intel.com> * Update cloudDeployment.md * Update build_python.sh * Update build_cpp.sh * revert to last commit - graminev1.2 (#167) Signed-off-by: Liang Fang <liang.a.fang@intel.com> Signed-off-by: Liang Fang <liang.a.fang@intel.com> * Upgrade gramine from v1.2 to v1.3.1 (#164) * Upgrade gramine from v1.2 to v1.3.1 * fixup! Upgrade gramine from v1.2 to v1.3.1 * Update Gramine v1.2 to v1.3.1 (#173) * Upgrade gramine to v1.2 in tensorflow-serving-cluster * Enable tf-serving-cluster in Anolisos (#139) * Upgrade gramine to v1.2 in tensorflow-serving-cluster * Enable tf-serving-cluster in Anolis OS * Ccp 3 (#137) * Set CLF copyright to Apache2.0 copyright set as below: /* * * Copyright (c) 2022 Intel Corporation * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. * */ Signed-off-by: Liang Fang <liang.a.fang@intel.com> * modify code to fit Gramine code change Gramine changed secret_prov file path and API, we do code change to fit that. Signed-off-by: Liang Fang <liang.a.fang@intel.com> * modify code to fit Gramine code change Gramine changed secret_prov file path and API, we do code change to fit that. Signed-off-by: Liang Fang <liang.a.fang@intel.com> * Update hfl.md * Add ccp support for tf serving * Add ccp support for tf serving * Add replace process for ssl.cfg in tf-serving * fixup! update docs and readme * Add TF Serving integration in Anolis (#147) * Upgrade gramine to v1.2 in tensorflow-serving-cluster * Enable tf-serving-cluster in Anolisos (#139) * Upgrade gramine to v1.2 in tensorflow-serving-cluster * Enable tf-serving-cluster in Anolis OS Co-authored-by: Liang, Ma <liang3.ma@intel.com> * Add HFL integration in Anolis docker * Add Ubuntu 20.04 support, upgrade gramine to v1.2 and update doc * Update doc * Modify the image path * enable gramine in anolisos and update docs and readme * fixup! enable gramine in anolisos and update docs and readme * Fix bug for anolisos in hfl Co-authored-by: Zhu Yunge <yunge.zhu@intel.com> Co-authored-by: Hsy-Intel <siyuan.hui@intel.com> Co-authored-by: Liang,Ma <liang3.ma@intel.com> * Update ehsm rats-tls sourcecode download method in the docs. Signed-off-by: pengyuabc <pengyux.ji@intel.com> * Fix CCP script errors * Update sgx_default_qcnl.conf Signed-off-by: Liang Fang <liang.a.fang@intel.com> Signed-off-by: pengyuabc <pengyux.ji@intel.com> Co-authored-by: Liang Fang <liang.a.fang@intel.com> Co-authored-by: Zhu Yunge <yunge.zhu@intel.com> Co-authored-by: Bu Jianlin <jianlinx.bu@intel.com> Co-authored-by: Liang, Ma <liang3.ma@intel.com> Co-authored-by: Hsy-Intel <siyuan.hui@intel.com> * Upgrade gramine from v1.2 to v1.3.1 in tf-serving-cluster (#171) Signed-off-by: Liang Fang <liang.a.fang@intel.com> Signed-off-by: pengyuabc <pengyux.ji@intel.com> Co-authored-by: Liang, Ma <liang3.ma@intel.com> Co-authored-by: pengyuabc <109656991+pengyuabc@users.noreply.github.com> Co-authored-by: Liang Fang <liang.a.fang@intel.com> Co-authored-by: Bu Jianlin <jianlinx.bu@intel.com> Co-authored-by: Hsy-Intel <siyuan.hui@intel.com> * revert to last commit - graminev1.2 (#167) Signed-off-by: Liang Fang <liang.a.fang@intel.com> Signed-off-by: Liang Fang <liang.a.fang@intel.com> * Support lr he grpc under Azure (#174) * secure logistic regression inference based on HE and SGX (#151) * inital commit Signed-off-by: Xiaojun Huang <xiaojun.huang@intel.com> * first commit of lr_sgx_he solution Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * infer client and infer server communicate via grpc Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * add dockerfile and build scripts Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * update dockerfile and build scripts Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * Create README.md * Update README.md * update license wording in each file Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * update the license date of gflags.cmake Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> * add the doc of lr_infer_he_sgx Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> Signed-off-by: Xiaojun Huang <xiaojun.huang@intel.com> Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> Co-authored-by: Zhu Yunge <yunge.zhu@intel.com> * update readme and document (#165) * Update README.md * Update index.md Signed-off-by: Xiaojun Huang <xiaojun.huang@intel.com> * Add Secure Logistic Regression Inference with HE and Intel SGX solution support for Azure deployments (#170) Signed-off-by: Xiaojun Huang <xiaojun.huang@intel.com> Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> Co-authored-by: Xiaojun Huang <xiaojun.huang@intel.com> Co-authored-by: shui1 <sammy.hui@intel.com> * Support for Gramine v1.2 and update docs (#172) * Support for gramine v1.2 and update docs * update docs Co-authored-by: 0400h <git@0400h.cn> * remove cryptography from dockerfile remove cryptography to pass OSPDT Signed-off-by: Liang Fang <liang.a.fang@intel.com> * remove cryptography from dockerfile (#178) remove cryptography Signed-off-by: Liang Fang <liang.a.fang@intel.com> * Modify HFL to start containers in detached mode for automation purposes (#177) * Sync PSI branch to main (#182) * Add support for Ubuntu 20.04 and gramine v1.2 * Update dockerfiles in common folder * enable psi in anolisos * fixup! enable psi in anolisos * Support for Gramine v1.2 and update docs (#172) * update docs Co-authored-by: 0400h <git@0400h.cn> Co-authored-by: Hsy-Intel <siyuan.hui@intel.com> Co-authored-by: Liang Ma <liang3.ma@intel.com> Co-authored-by: 0400h <git@0400h.cn> * Modify documentation to move solution ingredients from the prerequisite section into their own list (a clarification based on user feedback) (#183) * Add penetration testing * Update README.md * Sync dev/pentests to main (#187) * Add two-stage demos for Pentests (#186) * Add two-stage key_generator demo for Pentests Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Fix memory_attack doc path Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Fix hyperlinks for Pentests doc Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Update README.md * Update Overview.md Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> Co-authored-by: 0400H <jianlinx.bu@intel.com> * Added some miss components (#188) * Fix app version (#191) * Revert "Fix app version (#191)" (#192) This reverts commit 9889b34. * Work around python extract tarfile error in encrypted file system (#195) * Change gramine build type to release to workaround python extract tarfile error in encrypted file system * Fix anolisos image build error && Add usage help for gramine-sgx-dev * Submit HTTPA solution (#198) * First commit for httpa * update index.rst for httpa * Update for adding PoC texts * add tootip for clf_server and clf_client (#158) * Sync branch-dev/cross_lang_framework to main Signed-off-by: <RodgerZhu> * Update README.md * fix typo in readme - fix typo - move ca_cert from trust file to allowed file, so that ca_cert can be mapped in in container environment. Signed-off-by: Liang Fang <liang.a.fang@intel.com> * Update VFL and tf-serving documentation (#200) * Fixed app version (#194) * Add Private Set Intersection support for Azure deployments (#185) * Add Private Set Intersection support for Azure deployments * Revert PSI changes to start_container.sh that started containers detached * Sync branch0.1/tf serving cluster to main (#202) * Upgrade gramine to v1.2 in tensorflow-serving-cluster * Enable tf-serving-cluster in Anolisos (#139) * Upgrade gramine to v1.2 in tensorflow-serving-cluster * Enable tf-serving-cluster in Anolis OS * Ccp 3 (#137) * Set CLF copyright to Apache2.0 copyright set as below: /* * * Copyright (c) 2022 Intel Corporation * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. * */ Signed-off-by: Liang Fang <liang.a.fang@intel.com> * modify code to fit Gramine code change Gramine changed secret_prov file path and API, we do code change to fit that. Signed-off-by: Liang Fang <liang.a.fang@intel.com> * modify code to fit Gramine code change Gramine changed secret_prov file path and API, we do code change to fit that. Signed-off-by: Liang Fang <liang.a.fang@intel.com> * Update hfl.md * Add ccp support for tf serving * Add ccp support for tf serving * Add replace process for ssl.cfg in tf-serving * fixup! update docs and readme * Add TF Serving integration in Anolis (#147) * Upgrade gramine to v1.2 in tensorflow-serving-cluster * Enable tf-serving-cluster in Anolisos (#139) * Upgrade gramine to v1.2 in tensorflow-serving-cluster * Enable tf-serving-cluster in Anolis OS Co-authored-by: Liang, Ma <liang3.ma@intel.com> * Add HFL integration in Anolis docker * Add Ubuntu 20.04 support, upgrade gramine to v1.2 and update doc * Update doc * Modify the image path * enable gramine in anolisos and update docs and readme * fixup! enable gramine in anolisos and update docs and readme * Fix bug for anolisos in hfl Co-authored-by: Zhu Yunge <yunge.zhu@intel.com> Co-authored-by: Hsy-Intel <siyuan.hui@intel.com> Co-authored-by: Liang,Ma <liang3.ma@intel.com> * Update ehsm rats-tls sourcecode download method in the docs. Signed-off-by: pengyuabc <pengyux.ji@intel.com> * Fix CCP script errors * Update sgx_default_qcnl.conf Signed-off-by: Liang Fang <liang.a.fang@intel.com> Signed-off-by: pengyuabc <pengyux.ji@intel.com> Co-authored-by: Liang Fang <liang.a.fang@intel.com> Co-authored-by: Zhu Yunge <yunge.zhu@intel.com> Co-authored-by: Bu Jianlin <jianlinx.bu@intel.com> Co-authored-by: Liang, Ma <liang3.ma@intel.com> Co-authored-by: Hsy-Intel <siyuan.hui@intel.com> * Upgrade gramine from v1.2 to v1.3.1 in tf-serving-cluster (#171) * Modify tensorflow_model_server install method (#176) --------- Signed-off-by: Liang Fang <liang.a.fang@intel.com> Signed-off-by: pengyuabc <pengyux.ji@intel.com> Co-authored-by: Liang, Ma <liang3.ma@intel.com> Co-authored-by: pengyuabc <109656991+pengyuabc@users.noreply.github.com> Co-authored-by: Liang Fang <liang.a.fang@intel.com> Co-authored-by: Bu Jianlin <jianlinx.bu@intel.com> Co-authored-by: Hsy-Intel <siyuan.hui@intel.com> * Update ccp-tf-serving documentation (#201) * update document * Update README.md * Update README.md * Update README.md * Update README.md --------- Co-authored-by: root <RodgerZhu> * Sync branch dev/machine binding root key backup to main (#206) * add backup schema of machine binding Rootkey * rename folder name to machine_binding_key_backup Signed-off-by: Liang Fang <liang.a.fang@intel.com> * revise README to correct solution name Signed-off-by: Liang Fang <liang.a.fang@intel.com> --------- Signed-off-by: Liang Fang <liang.a.fang@intel.com> Co-authored-by: JinkaiYang <jinkai.yang@intel.com> Co-authored-by: Liang Fang <liang.a.fang@intel.com> * Update encryption tool & key * Update tensorflow_model_server.toml * Update cert * Update tf_serving.dockerfile * Update tf_serving.dockerfile * Add files via upload * Update tensorflow_model_server.toml * Update tf_serving.dockerfile Remove libsecret_prov_attest.so since it will be found in system path. * Update tensorflow_model_server.toml * Update README.md * Update cloudDeployment.md * Archiving Notice * Update README.md * Add solution tdx-encrypted-vfs and tdx-tf-serving-ppml (#210) * Add solution tdx-encrypted-vfs * Add solution tdx-tf-serving-ppml * Add tdx-hfl solution (#209) (#211) * Add tdx-hfl solution * update copyright Co-authored-by: Hsy-Intel <siyuan.hui@intel.com> * Update tdx-hfl.md * Update README.md * Update requirements.txt * Upgrade tensorflow version (#214) * Bump tensorflow (#213) Bumps [tensorflow](https://github.com/tensorflow/tensorflow) from 2.6.2 to 2.11.1. - [Release notes](https://github.com/tensorflow/tensorflow/releases) - [Changelog](https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md) - [Commits](tensorflow/tensorflow@v2.6.2...v2.11.1) --- updated-dependencies: - dependency-name: tensorflow dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update requirements.txt * Update requirements.txt * Update requirements.txt * Bump pillow from 9.2.0 to 9.3.0 in /documents/readthedoc (#215) Bumps [pillow](https://github.com/python-pillow/Pillow) from 9.2.0 to 9.3.0. - [Release notes](https://github.com/python-pillow/Pillow/releases) - [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst) - [Commits](python-pillow/Pillow@9.2.0...9.3.0) --- updated-dependencies: - dependency-name: pillow dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Fix horizontal_fl/start_container.sh script (#212) Signed-off-by: Kun Lai <me@imlk.top> * Add TF Serving Cluster PPML support for Azure AKS and MAA (#217) * Add TF Serving Cluster PPML support for Azure AKS and MAA * Modify secret provider to check mr_enclave/mr_signer measurements of tf_serving service * Add miscellaneous enhancements - Encrypt ssl.cfg, the private TLS key used by tf-serving container - Update documentation - Add convenience scripts - Change tf-serving imagePullPolicy to Always * Update index.rst * Update index.rst * Update dependencies in requirements.txt * Update manifest.template for anolisos --------- Co-authored-by: Zhu Yunge <yunge.zhu@intel.com> * Add TDX Linux Stack Signed-off-by: yunge.zhu@intel.com <yunge.zhu@intel.com> * Update index.rst * Improve TF Serving PPML (SGX) workflow using Docker Hub container downloads (#220) * Update index.rst * Modify tf-serving client to mount certs at runtime instead of building certs into the container image * Add tf-serving client container build script * Modify secret_prov_server to mount ra_config.json (with SGX measurements) at runtime * Modify tf-serving build scripts to build containers with repo:tag that match repo:tag from intelcczoo Docker Hub * Fix typo in entrypoint_secret_prov_server.sh * Modify k8s install script to install the latest available version of k8s * Update to latest version of flannel k8s deployment yaml * Update deploy.yaml to match updated documentation * Fix TF serving client build issue for anolisos * Update TF Serving (SGX) documentation (#223) * Update index.rst * Updated the script to start the container (#224) * update clf * update clf * Update index.md * Update cczoo_ppml_inference_azure.md (#227) * Add Solution - Attested boot with encrypted tdvm OS image (#229) Signed-off-by: RodgerZhu <yunge.zhu@intel.com> * Update the code of clf (#234) * Add HFL with CoCo (#235) * Update for TDX (#231) * Add Bazel compiling system and TDX support for gRPC-RA-TLS * Add TDX docker support for tdx-encrypted-vfs * Add hfl-tdx-coco solution Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Remove some useless files && update tdx-dev docker * Update evfs commit --------- Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Remove some useless files and fix evfs commit (#233) --------- Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> Co-authored-by: 0400H <jianlinx.bu@intel.com> * Update index.rst * Create tdxcoco.md * Update TDX coco images * Update index.rst * Update tdxcoco.md * Add TD Encrypted Image (#236) * Add Solution - Attested boot with encrypted tdvm OS image Signed-off-by: RodgerZhu <yunge.zhu@intel.com> * Update TD encrypted image --------- Signed-off-by: RodgerZhu <yunge.zhu@intel.com> * Update index.rst * Updates to tf-serving/hfl (SGX) dockerfiles (#238) * Update tf-serving (SGX) dockerfiles * Update hfl (SGX) dockerfiles * Update hfl.md * Updates to patches/secret_prov_pf files * Add Security.md * Update tf-serving (SGX) dockerfiles (#239) * Update tf-serving/hfl (SGX) documentation (#240) * Update TF Serving (SGX) documentation (#241) * Add tdx_report_parser tool (#243) * Add tdx_report_parser tool Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Update README.md --------- Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Add Third party programs * Remove vault token strings (#245) * Add tdx_report_parser tool Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Update README.md * Remove vault token strings --------- Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> * Fix missing package required to use TF Serving with Azure AKS confcom add-on (#246) * docs: Remove --kubernetes-version in kubeadm init Removes the `--kubernetes-version` argument in the kubeadm init command during control plane / master node creation in step 3.1 to resolve fatal preflight error caused by kubelet version skew. Evidently, the use of this argument may have been left over from a time where specifying the version was necessary to correspond to a specific version used in the install_kubernetes.sh script which now installs the latest version. * Update README.md * Update hook-add-executables * Add grpc RA-TLS backend support for Azure TDX and Azure SGX (#252) * Add grpc RA-TLS backend support for Azure TDX and Azure SGX * Update index.md * Remove cczoo/grpc-ra-tls/grpc/grpc_ratls.patch and add to .gitignore * Enable support for Microsoft Azure Attestation * Update index.md * Update requirements.txt * Add HFL support for Azure TDX (#253) * Add HFL support for Azure TDX * Update tdx-hfl.md * Enable support for Microsoft Azure Attestation * Update tdx-hfl.md * Update .readthedocs.yaml * Update .readthedocs.yaml * docs: Fix typos and styling (#254) Fixes typos and grammar. Standardizes paragraph padding, punctuation usage, code formatting, and multi-line code language for syntax highlighting. Formats references to other files as links. * docs: Fix grammar and styling (#256) Fixes grammar, typos and rewords some sections for readability. Standardizes paragraph padding, punctuation usage, code formatting, and multi-line code language for syntax highlighting. * docs: Fix file seperators and add clarifying details (#257) Fixes backslashes to forward slashes per unix convention for file path seperation and adds clarification that "parameter server" corresponds to `ps0`. * Add grpc RA-TLS backend support for Google Cloud TDX (#258) * Core changes for enabling grpc-ra-tls WL on GC Signed-off-by: Gopa Das <gopa.das@intel.com> * Updated sgx_ra_tls_tdx.cc for GCP TDX * Updated index.md for Google Cloud * Fix items from code review --------- Signed-off-by: Gopa Das <gopa.das@intel.com> Co-authored-by: Hui, Sammy <sammy.hui@intel.com> * Add HFL support for Google Cloud TDX (#259) * Add HFL support for Google Cloud TDX * Update tdx-hfl.md * Update RA-TLS gRPC TDX and HFL TDX (for Azure and Google Cloud) (#260) * Modify RA-TLS gRPC TDX (for Azure and Google Cloud): Quote generation to bind TLS public key hash to TDX quote. Quote verification to verify attester's TLS public key hash from attestation token. * Update index.md * Update tdx-hfl.md * Update HFL TDX (for Azure and Google Cloud) to use latest RA-TLS gRPC. * Update tdxstack.md * Upgrade gramine to v1.6 for VFL (Use RSA sign for RA) --------- Signed-off-by: RodgerZhu <yunge.zhu@intel.com> Signed-off-by: Liang Fang <liang.a.fang@intel.com> Signed-off-by: Bu Jianlin <jianlinx.bu@intel.com> Signed-off-by: Huang, Xiaojun <xiaojun.huang@intel.com> Signed-off-by: Zhu Yunge <yunge.zhu@intel.com> Signed-off-by: pengyuabc <pengyux.ji@intel.com> Signed-off-by: Xiaojun Huang <xiaojun.huang@intel.com> Signed-off-by: Liang Yang <liang3.yang@intel.com> Signed-off-by: <RodgerZhu> Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Kun Lai <me@imlk.top> Signed-off-by: yunge.zhu@intel.com <yunge.zhu@intel.com> Signed-off-by: Gopa Das <gopa.das@intel.com> Co-authored-by: Hui, Sammy <sammy.hui@intel.com> Co-authored-by: RodgerZhu <yunge.zhu@intel.com> Co-authored-by: Liang Fang <liang.a.fang@intel.com> Co-authored-by: Qiyuan Gong <qiyuan.gong@intel.com> Co-authored-by: Hsy-Intel <siyuan.hui@intel.com> Co-authored-by: root <root@icx004-S2600WC.sh.intel.com> Co-authored-by: hhr293 <17888821684@163.com> Co-authored-by: root <root@ocsbesrhlrepo01.amr.corp.intel.com> Co-authored-by: Huang, Xiaojun <xiaojun.huang@intel.com> Co-authored-by: Liang,Ma <liang3.ma@intel.com> Co-authored-by: pengyuabc <109656991+pengyuabc@users.noreply.github.com> Co-authored-by: pengyuabc <pengyux.ji@intel.com> Co-authored-by: ubuntu <ubuntu@localhost.localdomain> Co-authored-by: YangLiang <liang3.yang@intel.com> Co-authored-by: 0400h <git@0400h.cn> Co-authored-by: Hans Wang <hanboa@users.noreply.github.com> Co-authored-by: root <RodgerZhu> Co-authored-by: JinkaiYang <jinkai.yang@intel.com> Co-authored-by: Stewart Blacklock <stewart.f.blacklock@intel.com> Co-authored-by: Robert Dower <robert.dower@intel.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: imlk <me@imlk.top> Co-authored-by: Elliot Jones <elliotx.jones@intel.com> Co-authored-by: gopadas <74206306+gopadas@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description of the PR
How to test this PR?