Dmitrii Kuvaiskii
Dmitrii Kuvaiskii
Jenkins, test this please
Jenkins, test this please
Jenkins, test this please
Borys, could you provide some more background? I'm always getting lost in our signal handling... 1. Are you talking about asynchronous signals only (SIGTERM and SIGCONT)? 2. What happens in...
> I don't see this being possible in the way described in the comment, we cannot unwind arbitrary code. The mere check whether we arrived after or before syscall instruction...
> What if we get interrupted inside ocall_read before the syscall, while holding some lock? Ok, yes, I never actually went through this. I was under the impression that we...
@boryspoplawski Was there anything new on this issue since March? Looks like not really, we haven't worked on this problem.
One immediate comment: we need backwards-compatibility in our manifest file. While I agree that per-mount properties (`protected`, `key`) are better, we still need to support `sgx.protected_files` for some time. I...
> 5. Protected files module (`protected_files.[ch]`). This is a generic module for handling protected files. > * No real dependency on PAL (I think) > * **Move the generic module...
I created an example dir hierarchy. I think it reflects a typical application well, and it covers all things that we want to support with allowed/trusted/protected files. ``` . ├──...