- 10 7月, 2020 1 次提交
-
-
由 YiLin.Li 提交于
Both Support IAS API V3 and V4. Signed-off-by: NYilin Li <YiLin.Li@linux.alibaba.com>
-
- 06 7月, 2020 1 次提交
-
-
由 YiLin.Li 提交于
Signed-off-by: NYilin Li <YiLin.Li@linux.alibaba.com>
-
- 04 7月, 2020 1 次提交
-
-
由 jia zhang 提交于
Due to the design of runelet, the Enclave Runtime PAL is loaded in host but launched in container. The fact that certain libraries from Intel SGX PSW would use dlopen() to further load libsgx_launch.so, which means the container has to have it. In order to ensure all libraries dependent by Enclave Runtime PAL are completely loaded in host, preload them prior to switch into container. Signed-off-by: Jia Zhang <zhang.jia@linux.alibaba.com>
-
- 03 7月, 2020 1 次提交
-
-
由 jia zhang 提交于
Current cpuid is implemented in assembly, which disallows using cgo. Signed-off-by: Jia Zhang <zhang.jia@linux.alibaba.com>
-
- 01 7月, 2020 1 次提交
-
-
由 jia zhang 提交于
Signed-off-by: Jia Zhang <zhang.jia@linux.alibaba.com>
-
- 30 6月, 2020 5 次提交
-
-
由 hustliyilin 提交于
- Add docs/running_rune_with_occlum_bundle.md - Remove docs/running_rune_with_docker.md - Update skeleton README.md to add way to run rune with skeleton bundle - Update README.md of inclavare-containers - Add docs/running_rune_with_occlum.md Signed-off-by: NYilin Li <YiLin.Li@linux.alibaba.com>
-
由 wangxiaozhe 提交于
Signed-off-by: Njack.wxz <wangxiaozhe@linux.alibaba.com>
-
由 jia zhang 提交于
Introduce --gen-qe-target-info and --gen-quote options for this purpose. Signed-off-by: Jia Zhang <zhang.jia@linux.alibaba.com>
-
由 jia zhang 提交于
Signed-off-by: Jia Zhang <zhang.jia@linux.alibaba.com>
-
由 YiLin.Li 提交于
With the help of attestation package of rune/libenclave, you can connect IAS service to check and verify your sgx quote. Signed-off-by: NYilin Li <YiLin.Li@linux.alibaba.com> Signed-off-by: Jia Zhang <zhang.jia@linux.alibaba.com>
-
- 29 6月, 2020 2 次提交
-
-
由 YiLin.Li 提交于
1. Add way to build and install rune. 2. Add way to configure rune to Docker runtimes. Signed-off-by: NYilin Li <YiLin.Li@linux.alibaba.com>
-
由 jia zhang 提交于
So that the dynamic libraries are loaded in the host. The fix refers to https://github.com/moby/moby/pull/39612/commits/a316b10dab79d9298b02c7930958ed52e0ccf4e4Signed-off-by: Jia Zhang <zhang.jia@linux.alibaba.com>
-
- 27 6月, 2020 1 次提交
-
-
由 jia zhang 提交于
Signed-off-by: Jia Zhang <zhang.jia@linux.alibaba.com>
-
- 24 6月, 2020 2 次提交
-
-
由 Tianjia Zhang 提交于
This API is not defined in v1 at all. Signed-off-by: NTianjia Zhang <tianjia.zhang@linux.alibaba.com>
-
由 Tianjia Zhang 提交于
Signed-off-by: Njack.wxz <wangxiaozhe@linux.alibaba.com> Signed-off-by: NTianjia Zhang <tianjia.zhang@linux.alibaba.com>
-
- 23 6月, 2020 1 次提交
-
-
由 jia zhang 提交于
In order to implement more ecall functions, it is necessary to implement a general sgx entry point with ecall number to corresponding ecall handler. Signed-off-by: Jia Zhang <zhang.jia@linux.alibaba.com>
-
- 22 6月, 2020 3 次提交
-
-
由 jack.wxz 提交于
Signed-off-by: Njack.wxz <wangxiaozhe@linux.alibaba.com> Signed-off-by: NTianjia Zhang <tianjia.zhang@linux.alibaba.com>
-
由 Tianjia Zhang 提交于
Because there is no re-exec operation, there is no need to use environment variables to pass parameters between bootstrap and runelet, use global variables instead of environment variables. Signed-off-by: NTianjia Zhang <tianjia.zhang@linux.alibaba.com>
-
由 jia zhang 提交于
Support to retrieve quoting enclave's target information. Signed-off-by: Jia Zhang <zhang.jia@linux.alibaba.com>
-
- 21 6月, 2020 5 次提交
-
-
由 jia zhang 提交于
Signed-off-by: Jia Zhang <zhang.jia@linux.alibaba.com>
-
由 jia zhang 提交于
The interaction with aesmd can be shared with other aesm service messages. Signed-off-by: Jia Zhang <zhang.jia@linux.alibaba.com>
-
由 jia zhang 提交于
In order to involve more aesm services, prepare to place all request and response messages into the corresponding main sections. Signed-off-by: Jia Zhang <zhang.jia@linux.alibaba.com>
-
由 jia zhang 提交于
Signed-off-by: Jia Zhang <zhang.jia@linux.alibaba.com>
-
由 jia zhang 提交于
Signed-off-by: Jia Zhang <zhang.jia@linux.alibaba.com>
-
- 19 6月, 2020 2 次提交
-
-
由 jia zhang 提交于
Signed-off-by: Jia Zhang <zhang.jia@linux.alibaba.com>
-
由 jia zhang 提交于
Signed-off-by: Jia Zhang <zhang.jia@linux.alibaba.com>
-
- 18 6月, 2020 4 次提交
-
-
由 jia zhang 提交于
Signed-off-by: Jia Zhang <zhang.jia@linux.alibaba.com>
-
由 jia zhang 提交于
Currently, PAL API only implements v1. Signed-off-by: Jia Zhang <zhang.jia@linux.alibaba.com>
-
由 jack.wxz 提交于
Use unified API symbols starting with 'pal_'. Signed-off-by: Njack.wxz <wangxiaozhe@linux.alibaba.com> Signed-off-by: NTianjia Zhang <tianjia.zhang@linux.alibaba.com>
-
由 jack.wxz 提交于
Signed-off-by: Njack.wxz <wangxiaozhe@linux.alibaba.com>
-
- 16 6月, 2020 2 次提交
-
-
由 tianjia 提交于
Instead loading enclave runtime in container, rune should always load it at bootstrap, in order to avoid dlopen issue. Signed-off-by: NTianjia Zhang <tianjia.zhang@linux.alibaba.com>
-
由 wangxiaozhe 提交于
This new implementation inspires the design of https://github.com/jsakkine-intel/linux-sgx/tree/next/tools/testing/selftests/x86/sgx, which is a real enclave runtime. Signed-off-by: Njack.wxz <wangxiaozhe@linux.alibaba.com>
-
- 04 6月, 2020 1 次提交
-
-
由 jia zhang 提交于
It should be not so complex to cast client agent pipe in so many forms. Signed-off-by: Jia Zhang <zhang.jia@linux.alibaba.com>
-
- 02 6月, 2020 3 次提交
-
-
由 jack.wxz 提交于
Signed-off-by: Njack.wxz <wangxiaozhe@linux.alibaba.com>
-
由 jia zhang 提交于
If the returned error is empty, don't raise an error in any way. Signed-off-by: Jia Zhang <zhang.jia@linux.alibaba.com>
-
由 jia zhang 提交于
If the program launched by rune exec is terminated, runelet process is unstoppable. Just kick off it through the channel notifyExit. Signed-off-by: NXiaozhe Wang <wangxiaozhe@linux.alibaba.com> Signed-off-by: Jia Zhang <zhang.jia@linux.alibaba.com>
-
- 27 5月, 2020 2 次提交
-
-
由 jia zhang 提交于
Unlike what is done in the process of initialization of container entrypoint, the exec fifo fd is not closed without closing it explicitly, resulting in rune start cannot be terminated. Signed-off-by: Jia Zhang <zhang.jia@linux.alibaba.com>
-
由 jia zhang 提交于
It was intended to have fds without close-on-exec with the side effect of dup(), but acutally all fds staged are already close-on-exec clear. Thus dup() makes extra duplications of fds passed to init-runelet. Signed-off-by: Jia Zhang <zhang.jia@linux.alibaba.com>
-
- 26 5月, 2020 1 次提交
-
-
由 hustliyilin 提交于
Instead using the hard code "off". Signed-off-by: NYilin Li <YiLin.Li@linux.alibaba.com>
-
- 22 5月, 2020 1 次提交
-
-
由 tianjia 提交于
The prototype declaration of pal_init() is wrong, this is a copy-paste error, this patch fixes it. Signed-off-by: NTianjia Zhang <tianjia.zhang@linux.alibaba.com>
-