CCF
CCF copied to clipboard
microsoft
Confidential Consortium Framework
Spotted and described in this backport: https://github.com/microsoft/CCF/pull/7001#discussion_r2081607778 To clarify terminology, we can consider "does a signature transaction contain a COSE signature" as a boolean, and the current code only works...
The usual - this isn't what I started today doing, but it became a stumbling block for something else so seemed worth cleaning up. This is an instance where we...
When there is a slow fsync, and the node is terminated before the fsync completes, the uv worker thread running the fsync may access deleted objects when the fsync completes....
Follow-up to #7029 (~~will rebase once that's in~~ _done_), implementing the additional calls to `fsync()` described in #7030. Opening as a draft so we can discuss the perf impact and...
Noted and mitigated around #7057. A node updates the cert it will put into signatures and use for node-to-node channels on a _local hook_. That means it might be rolled...
A confusing file-handle related issue from TSAN runs (spun out from #6616). Full stack is below, looks like some cross-thread interaction over file handles. Always involves the `ProcessWriter` or `ProcessReader`...
We currently parse the attestation then check the signature, and we should do this the other way round: - first validate the signature on the attestation against _all_ of the...
While reading about atomic rename semantics as part of #7029, we've surfaced something further that we may want to do to ensure the renames succeed, with the contents of the...
Can we use https://github.com/actions/attest-build-provenance to signed RPMs? We had this before for images in 5.x: https://github.com/microsoft/CCF/blob/release/5.x/.github/workflows/containers-ghcr.yml#L78C15-L78C49