x86_64-fortanix-unknown-sgx

Tier: 2

Secure enclaves using Intel Software Guard Extensions (SGX) based on the ABI defined by Fortanix for the Enclave Development Platform (EDP).

Target maintainers

The EDP team at Fortanix.

Requirements

The target supports std with a default allocator. Only cross compilation is supported.

Binaries support all CPUs that include Intel SGX. Only 64-bit mode is supported.

Not all std features are supported, see Using Rust's std for details.

The extern "C" calling convention is the System V AMD64 ABI.

The supported ABI is the fortanix-sgx-abi.

The compiler output is ELF, but the native format for the platform is the SGX stream (SGXS) format. A converter like ftxsgx-elf2sgxs is needed.

Programs in SGXS format adhering to the Fortanix SGX ABI can be run with any compatible runner, such as ftxsgx-runner.

See the EDP installation guide for recommendations on how to setup a development and runtime environment.

Building the target

As a tier 2 target, the target is built by the Rust project.

You can configure bootstrap like so:

[build]
build-stage = 1
target = ["x86_64-fortanix-unknown-sgx"]

Building Rust programs

Standard build flows using cargo or rustc should work.

Testing

The Rust test suite as well as custom unit and integration tests will run on hardware that has Intel SGX enabled if a cargo runner is configured correctly, see the requirements section.

Cross-compilation toolchains and C code

C code is not generally supported, as there is no libc. C code compiled for x86-64 in freestanding mode using the System V AMD64 ABI may work. The rs-libc crate contains a subset of libc that's known to work with this target.