Design of MesaPy for SGX


Recently, we first announced the MesaPy project, which aims to be a fast and safe Python implementation. MesaPy mainly focuses on improving its security and memory safety. We achieve the memory-safety promise through various methods: hardening RPython’s type system (RPython is the language for writing PyPy), modifying PyPy/RPython’s libraries, and verifying the RPython’s libraries as well as its translator/JIT backend.

Overall, there are three most notable security features of MesaPy:

  • Memory safety: To provide a memory-safe runtime, MesaPy replaces external libraries written in C, which could introduce memory issues, with Rust, a memory-safe programming language. This guarantees the memory safety across all libraries including those written in Python, but also external libraries.
  • Security hardening: PyPy is implemented with RPython, a statically-typed language with translation and support framework. We also enhanced memory-safety of RPython through hardening RPython’s type system, i.e., the RPython typer. For example, we improve RPython’s list with runtime index check to avoid arbitrarily list read/write during PyPy’s implementation.
  • Formal verification: Some code in RPython’s libraries and its translator/JIT backend are still written in C, which may contain potential memory bugs. To prove the memory safety of RPython, we aim to formally verify its libraries and backend written in C using state-of-the-art verification tools.

On top of the enhancements, we also bring MesaPy into Intel SGX to write memory-safe applications running in the trusted execution environment. Intel SGX provides integrity and confidentiality guarantees to security-sensitive computation. Developers now can easily use MesaPy for SGX to implement SGX applications (SGX enclaves) without worrying about memory issues and with minimal TCB (Trusted Computing Base).

Building a Python enclave is quite simple, and we provide several examples to show the capabilities. Let’s take “Hello World” as an example. Firstly, developers need a machine with SGX support, install with Intel SGX PSW/SDK, and its dependencies. Then, clone the MesaPy for SGX repository.

$ git clone -b sgx --recursive [email protected]:mesalock-linux/mesapy.git

Secondly, build MesaPy for SGX in the sgx directory.

$ make sgx    # build MesaPy for SGX

After successfully building MesaPy for SGX, you can start the “Hello World” project finally.

$ source $(SGX_SDK)/environment  # setup Intel SGX SDK environment variables
$ cd sgx/examples/hello_world    # change to the hello_world directory
$ make                           # compile, link and sign the enclave
$ ./app                          # run the enclave and get the "Hello, World!" message
Hello, World!
Welcome to MesaPy for SGX.
Do what I mean: 42

Info: hello_world successfully returned.
Enter a character before exit ...

To write a customized Python enclave, developers can just modify the Enclave/src/ file. Detailed instructions are described in the README file. In addition, we also provide Dockerfile to ease the developing process.

Because of security concerns, MesaPy for SGX is not designed as a general purpose Python interpreter for SGX. That is, some full-fledged libraries and modules can not be used in MesaPy for SGX without any modifications.

Currently, MesaPy for SGX supports Python 2 syntax and most built-in functions. For the standard library, it supports these modules (because dynamic module importing is an ongoing feature, more modules will be supported when it's done):

  • essential modules: exceptions, _file, sys, __builtin__, _warnings, itertools,
  • default modules: __pypy__, marshal, operator, _ast, _weakref, _cffi_backend
  • additional working modules: _codecs, gc, _weakref, marshal, errno, imp, math, cmath, _sre, _pickle_support, operator, parser, symbol, token, _ast, _io, _random, __pypy__, _testing, cStringIO, struct, array, binascii, itertools, _md5, _sha, _collections, micronumpy, _cffi_backend, _pypyjson.

The modules may be updated in the future, and the full list can be found at the pypy/config/ file. We also test these modules in SGX in the sgx/tests directory.

In the current release, MesaPy for SGX supports basic computation and some builtin modules. Supports of multithreading, GC and the standard library are still under developing. The project is open source in GitHub. If you are interested in contributing to MesaPy for SGX, feel free to open an issue with your plan and start working on it.


我们首次公布了 MesaPy 开源项目,致力提供一个内存安全、运行快速的 Python。MesaPy 继承了 PyPy 优越的性能优势,并提供内存安全、安全增强、形式化验证等安全特性。本次更新迎来了又一大安全特性,就是支持 Intel SGX 可信执行环境。

MesaPy for SGX 通过对 MesaPy 的精简和对内置库的改造,使得开发者可以使用 Python 轻松的编写出 SGX 应用(Python enclave)。MesaPy for SGX 不仅加速了 SGX 应用的开发效率,保证在可信执行环境中极小的 TCB(Trusted Computing Base),同时提供内存安全的运行环境。使用 MesaPy for SGX 进行 SGX 的应用开发非常简单,我们提供了多个样例应用,只需修改样例程序,编写自定义的 Python 代码,编译执行即可。

以 “Hello World” 为例,首先开发者在支持 SGX 的机器上,安装 Intel SGX PSW/SDK 程序以及编译所需的依赖,然后克隆 MesaPy for SGX 的代码仓库:

$ git clone -b sgx --recursive [email protected]:mesalock-linux/mesapy.git

进入 sgx 目录然后编译 MesaPy for SGX:

$ make sgx    # 编译 MesaPy for SGX

编译成功后就可以通过以下命令编译执行 “Hello World” 的例子。

$ source $(SGX_SDK)/environment  # 设置 Intel SGX SDK 的环境变量
$ cd sgx/examples/hello_world    # 进入 hello_world 例子的目录
$ make                           # 编译、链接、签名 hello_world
$ ./app                          # 执行 enclave,将输出 Hello, World!
Hello, World!
Welcome to MesaPy for SGX.
Do what I mean: 42

Info: hello_world successfully returned.
Enter a character before exit ...

如需要编写自己的 Python enclave,只需要修改 Enclave/src/ 文件即可,README 中也有详细的介绍。同样,我们也提供了 Dockerfile,为 Python enclave 的开发提供便利。

MesaPy for SGX 现在已经支持基本的数学运算和一些内置库,对于多线程、垃圾回收、标准库的移植等开发工作仍在进行中,所有代码已开源在 GitHub 中(链接),欢迎感兴趣的朋友加入共同推进 MesaPy 对于 SGX 的支持。