- Reworked signal subsystem.
- Multiple fixes for race conditions.
- Multiple bugfixes in almost every component of Graphene.
- Reformatted most of the codebase to conform to our style guide.
- Refactored multiple components (e.g. inter process communication, acync helper, signal subsystem).
Interface security for SGX
- Multiple security fixes at the enclave-non-enclave boundary, including proper register cleaning in
all possible code paths, clearing RFLAGS.DF and handling asynchronous enclave exits (AEX) in a few
Statically linked binaries support (SGX-only now)
- Statically linked binaries can now be run under Linux-SGX PAL. This mainly consisted of proper
syscallinstruction occuring in the user application itself and adding VDSO support.
- Support for a simple remote attestation protocol. Support for advanced use-cases coming soon.
Support for Ubuntu 18.04 and newer glibc versions
- Ported our glibc patches to support versions 2.19, 2.23, and 2.27.
New sample integrations
- Added: Memcached, Redis, and Tensorflow.
- Reworked Busybox and R integrations, more reworks coming soon.