general/occlum
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,185 Commits 3 Branches 0 Tags 8.1 MiB
6b86f37bd4
Commit Graph

557 Commits

Author SHA1 Message Date
Zheng, Qi
6b86f37bd4 Bump version to 0.29.5 2023-02-24 11:20:00 +08:00
Zheng, Qi
500ca21d52 [libos] Fix bug of sigtimedwait for timeout NULL 2023-02-15 17:07:13 +08:00
Shaowei Song
dbe404f16a [sefs] Make cache size configurable in Occlum.json 2023-02-09 09:09:01 +08:00
Zheng, Qi
386e968ccb [libos] Enable backtrace for memory allocation failure 2023-02-02 10:26:12 +08:00
Hui, Chunyang
6107a32675 Fix mremap lock range when merging connecting chunks 2023-01-31 10:16:28 +08:00
volcano0dr
ea7a51be49 Bump version to 0.29.4 2023-01-16 11:32:43 +08:00
Hui, Chunyang
997c21a45f Fix reserved memory permission for EDMM support 2023-01-14 17:56:26 +08:00
Kun Lai
12cb488f36 [libos] Fix vulnerable nonce in DCAP verifier 
This commit fixed a security issue in the dcap verifier. The issue was caused by the '[in, out]' attributes of pointer parameter qve_report_info in the ocall function occlum_ocall_verify_dcap_quote(). This led to the vulnerability where the protected qve_report_info.nonce field in libos could be arbitrarily rewritten by attacker outside libos.

Signed-off-by: Kun Lai <me@imlk.top>
 2023-01-14 00:12:42 +08:00
Hui, Chunyang
f8825e453e Fix mmap with MAP_FIXED non-atomic behaviour 2023-01-11 16:47:20 +08:00
Hui, Chunyang
fb12642254 Fix brk not reset memory 2023-01-06 22:56:41 +08:00
Hui, Chunyang
0bf4a5a7f7 Fix mprotect and mremap potential failure 2023-01-06 22:56:41 +08:00
Zheng, Qi
7de4a2b3cd [libos] Add sgx_get_key ioctl command 2023-01-03 17:55:23 +08:00
Zheng, Qi
d34d54a821 Add syscall getrlimit and setrlimit support 2022-12-21 23:18:14 +08:00
Shaowei Song
588b458268 [sefs] Configure larger cache size to improve pfs performance 2022-12-12 14:03:59 +08:00
Zheng, Qi
77ff07f522 Bump to 0.29.3 2022-12-07 11:45:45 +08:00
Zheng, Qi
242e0b63d2 [libos] Fix envs overidden bug 2022-12-05 20:07:32 +08:00
LI Qing
70d3bf690c Print the raw errno if it is not an expected value 2022-12-05 13:57:13 +08:00
Hui, Chunyang
0f789b49bc Fix exit_group not interrupt wait4 2022-11-15 18:01:46 +08:00
Zheng, Qi
ac30c2b787 Bump to 0.29.2 2022-11-08 18:49:23 +08:00
LI Qing
64c75e6d40 Add partial support for '/proc/stat' and '/proc/[pid]/stat' 2022-11-06 20:56:29 +08:00
LI Qing
96166dadc2 Add setpriority and getpriority syscall 2022-10-26 13:00:19 +08:00
volcano0dr
a7da76ca42 Bump to 0.29.1 2022-10-24 14:28:01 +08:00
Hui, Chunyang
4c3ca79134 Make vfork stop parent child threads 
When vfork is called and the current process has other running child threads,
for Linux, the other threads remain running. For Occlum, this behavior is
different. All the other threads will be frozen until the vfork returns
or execve is called in the child process.

The reason is that since Occlum doesn't support fork, many applications will
use vfork to replace fork. For multi-threaded applications, if vfork doesn't
stop other child threads, the application will be more likely to fail because
the child process directly uses the VM and the file table of the parent process.
 2022-10-18 21:57:57 +08:00
LI Qing
f71e940cfd [libos] Fix the iterator index when unlock range lock 2022-10-13 17:29:23 +08:00
Hui, Chunyang
51eb43eb90 Fix epoll_ctl not waking up epoll_wait 
Co-authored-by: rduan@apache.org
 2022-09-22 15:11:31 +08:00
volcano0dr
52b75e3e06 Add metadata in HNode 2022-09-22 10:56:24 +08:00
volcano0dr
a389dc216c Bump to 0.29.0 2022-09-14 20:05:04 +08:00
volcano0dr
69b35e6429 [deps/rust-sgx-sdk] Upgrade rust-sgx-sdk to 1.1.5 2022-09-14 20:05:04 +08:00
volcano0dr
e13f6871cf Upgrade dependencies for libos 2022-09-07 10:01:34 +08:00
Hui, Chunyang
171faccea7 [libos] Fix munmap conflict chunk range and vma range 2022-09-06 12:57:16 +08:00
volcano0dr
e3a17946ac Bump to 0.28.1 2022-08-25 08:33:06 +08:00
Hui, Chunyang
6cb9ca7e44 Add sendmsg/recvmsg support for unix domain socket 2022-08-23 20:37:57 +08:00
Hui, Chunyang
71c4937b45 Fix listening socket epoll_wait not waken by connect 2022-08-23 20:37:57 +08:00
Hui, Chunyang
f87ee7c7a4 Support munmap multiple single VMA chunks with remaining ranges 2022-08-23 16:58:03 +08:00
LI Qing
54de00a3bc Fix the issue when path is suffixed by "/" 2022-08-15 09:21:52 +08:00
LI Qing
54afae9ed5 Fix the path length limit and update sefs 2022-08-15 09:19:09 +08:00
LI Qing
0513a17e81 Skip the inode permission check if uid is root 2022-08-09 09:58:25 +08:00
Hui, Chunyang
d1acb84362 Add support for /proc/self(pid)/maps 2022-08-08 08:40:52 +08:00
Ikko Ashimine
fc0f913940 Fix typo in stream.rs 
avaiable -> available
 2022-07-24 18:53:35 +08:00
dr264275
67ca5444f4 Bump to 0.28.0 
Signed-off-by: dr264275 <dr264275@antgroup.com>
 2022-07-17 17:12:14 +08:00
zhubojun
338dda643b [libos] Add PKU support 2022-07-17 17:12:14 +08:00
Zheng, Qi
526b6e1753 Update QvE ISV SVN threshold value 2022-07-17 17:12:14 +08:00
LI Qing
a2991cc9c0 Add seek support for stdin and stdout 2022-07-15 23:48:27 +08:00
Hui, Chunyang
0b824d3a98 Fix panic when build process VM failed 2022-07-13 16:35:04 +08:00
LI Qing
1dc2b517fc Fix the issue about fsync on hostfs's dir 
There are no sync methods about untrusted dir, so we do nothing.
 2022-07-13 13:42:51 +08:00
LI Qing
98dd3e8af3 Modify hostfs to support mode and some ops for dir 2022-07-06 15:54:15 +08:00
LI Qing
6dab561327 Disable DCAP in hyper mode 2022-06-23 10:25:16 +08:00
volcano0dr
fac632122e Bump to 0.27.3 
Signed-off-by: volcano0dr <volcano_dr@163.com>
 2022-06-06 09:32:50 +08:00
ClawSeven
40ad9d1648 [libos] Fix error handling of sendfile 2022-06-01 12:13:10 -07:00
Hui, Chunyang
2cd20d315e Refactor merge_all_single_vma_chunks to reduce iteration 2022-05-18 00:02:20 +08:00