Dmitrii Kuvaiskii
Dmitrii Kuvaiskii
> [...] this issue is specifically about the RSA and RSA-PSK key exchange, and should not be interpreted as an indication that we are dropping all key exchanges that are...
Not sure if this will help bump the priority, but our Gramine project would like this feature to be added to mbedTLS: https://github.com/Mbed-TLS/mbedtls/issues/8170#issuecomment-2172715014
> After some more debugging we found out that the numpy version that is pulled by default is 1.20.1 What do you mean by "pulled by default". Pulled by whom,...
Maybe an important historic note: I originally wanted to reimplement `libos_pollable_event` as a **completely in-enclave shared-memory LibOS-only object**. In other words, `libos_pollable_event` would not use PAL pipes, or anything from...
@kailun-qin Doesn't #1513 fix this issue? If yes, please add to that PR a line with `Fixes #...`
Comments from an expert: > 1. XSAVEC is only a drop-in replacement for XSAVE if XSAVEC and XRSTOR are the only instructions that read/write to that XSAVE area. There are...
> Also, do we really need a manifest switch for this? If we can pick a good value then it will most likely work for 99% of the apps. I.e....
In recent tests, this optimization was shown to be not effective enough (we implemented other EDMM optimizations which yield higher benefits). Reassigned the priority to P3 (very low).
Thanks for reporting the perf numbers, I didn't expect such a huge overhead of trusted-files hash comparison. This is because Nginx relies on the Linux kernel's Page Cache feature (see...
The Page Cache I proposed above should have a size. I propose to use rlimits for this: https://github.com/gramineproject/gramine/issues/1714#issuecomment-1886616623 For this particular issue, we could have a new non-standard rlimit: `loader.rlimit.RLIMIT_TRUSTED_FILES_CACHE`...