Skip to content

@mkow mkow released this Sep 11, 2019 · 85 commits to master since this release

Change log

Stability improvements

  • Reworked signal subsystem.
  • Multiple fixes for race conditions.
  • Multiple bugfixes in almost every component of Graphene.


  • Reformatted most of the codebase to conform to our style guide.
  • Refactored multiple components (e.g. inter process communication, acync helper, signal subsystem).

Interface security for SGX

  • Multiple security fixes at the enclave-non-enclave boundary, including proper register cleaning in
    all possible code paths, clearing RFLAGS.DF and handling asynchronous enclave exits (AEX) in a few
    unexpected places.

Statically linked binaries support (SGX-only now)

  • Statically linked binaries can now be run under Linux-SGX PAL. This mainly consisted of proper
    handling of syscall instruction occuring in the user application itself and adding VDSO support.

Remote attestation

  • Support for a simple remote attestation protocol. Support for advanced use-cases coming soon.

Support for Ubuntu 18.04 and newer glibc versions

  • Ported our glibc patches to support versions 2.19, 2.23, and 2.27.

New sample integrations

  • Added: Memcached, Redis, and Tensorflow.
  • Reworked Busybox and R integrations, more reworks coming soon.
Assets 2

Fix compatibility issue for Linux kernel later than 3.5 and Ubuntu 10.10.
More portable PAL with organized platform-generic code.
PAL regression test to confirm completeness of implementation.
Plenty of bugfixes in both PAL and Graphene
More supported applications

Assets 2
You can’t perform that action at this time.