This repository has been archived by the owner on Jan 20, 2022. It is now read-only.

v1.0

mkow released this 11 Sep 16:25

· 1612 commits to master since this release

Change log

Stability improvements

Reworked signal subsystem.
Multiple fixes for race conditions.
Multiple bugfixes in almost every component of Graphene.

Refactoring

Reformatted most of the codebase to conform to our style guide.
Refactored multiple components (e.g. inter process communication, acync helper, signal subsystem).

Interface security for SGX

Multiple security fixes at the enclave-non-enclave boundary, including proper register cleaning in
all possible code paths, clearing RFLAGS.DF and handling asynchronous enclave exits (AEX) in a few
unexpected places.

Statically linked binaries support (SGX-only now)

Statically linked binaries can now be run under Linux-SGX PAL. This mainly consisted of proper
handling of syscall instruction occuring in the user application itself and adding VDSO support.

Remote attestation

Support for a simple remote attestation protocol. Support for advanced use-cases coming soon.

Support for Ubuntu 18.04 and newer glibc versions

Ported our glibc patches to support versions 2.19, 2.23, and 2.27.

New sample integrations

Added: Memcached, Redis, and Tensorflow.
Reworked Busybox and R integrations, more reworks coming soon.

Assets 2