Dmitrii Kuvaiskii
Dmitrii Kuvaiskii
Why do you need to do this: https://github.com/torokernel/torokernel/blob/master/rtl/Arch.pas#L1254 In particular, this sets the `PCD` (`cache disable`) bit in the PML4 page and the PDPT page. Is this really needed?
I am confused how can `FindVirtIOMMIODevices()` work with the latest QEMU + qboot and **without** `-no-acpi` qemu command line? In particular: https://github.com/torokernel/torokernel/blob/master/rtl/drivers/VirtIO.pas#L417. This function goes through the command line assuming...
## Description of the problem One (private, not open source) workload fails because it doesn't find the following NUMA node info files: ``` [P1:T1:app] trace: ---- shim_stat("/sys/devices/system/node/node1/meminfo", 0x502768a96dc0) = -2...
## Description of the changes Modern Intel CPUs have a large number of cores, and modern workloads (such as PyTorch) allocate a large number of threads (e.g., 4 threads per...
## Description of the changes This is a breaking change that modifies the API of the Secret Prov lib as follows: - `secret_provision_start()` allocates a context that should be supplied...
## Description of the problem Currently we put files like `/etc/resolv.conf` in the `sgx.allowed_files` list for simplicity. Example: https://github.com/gramineproject/gramine/blob/f7eae7eafab97b74023aadf279fb024cff9b8c78/CI-Examples/redis/redis-server.manifest.template#L130-L142 Having these files under `sgx.allowed_files` is not secure. They are read...
## Microsoft Azure Attestation (MAA) Microsoft Azure cloud provides its own service to attest enclaves, called Microsoft Azure Attestation (MAA), or simply Azure Attestation. MAA is a generic service that...
## Description of the changes This variable is wrong and shouldn't be used. But also see https://github.com/gramineproject/graphene/issues/2081 and the TODOs in this PR. ## How to test this PR? CI...
## Description of the problem The [man page for `execve`](https://man7.org/linux/man-pages/man2/execve.2.html) says: > On Linux, `argv` and `envp` can be specified as NULL. In both cases, this has the same effect...
## Description of the problem Some workloads seem to require the `link()` syscall to work properly. In particular, the `specperl` script got stuck in an inifinite loop like this: ```...