Skip to content

v0.2.0

Pre-release
Pre-release
Compare
Choose a tag to compare
@salsal97 salsal97 released this 16 Jul 23:34
v0.2.0
a9cb5b1

Added:

  • EXT2 file system support
  • Added an experimental pseudo-fork feature (disabled by default) that can work in similar ways to the vfork system call, except it gets its own copy of the stack
  • Included the following test suites in our test pipelines: libcxx (targeting both musl and glibc), sockperf, Azure SDK for dotnet, and Azure SDK for C++
  • Added code coverage measurement with gcov, using lcov to generate a report in our pipeline
  • Added support for identity related syscalls, and partially enforce the permissions tied to the identities
  • Added full or partial support for ~50 syscalls used by .NET runtime, Python runtime, and other key usages
  • Allowed host file systems to be auto-mounted through config.json
  • Multiple samples/solutions to showcase support for selected C/C++, C#, Java, Rust, and Python applications
  • Partial support for virtual files under /dev and /proc
  • Debugging capability of .NET applications with libsos
  • Forward hardware exceptions to the kernel
  • ‘Debug malloc’ option for detecting memory leaks and memory related bugs

Changed:

  • Augmented musl based C-runtime for better compatibility with applications built against the glibc C-runtime
  • Adopted Open Enclave SDK version 0.17.0 and the security fix from Open Enclave version 0.17.1.
  • Enabled more tests in the following existing test suites: libc, .NET runtime, and ltp
  • The attestation credentials generated by Mystikos and the interface for applications to request such credentials during startup time
  • Retrieve DNS server configuration during Mystikos app launch time instead of build time
  • Enhancement to the memory manager
  • Separate kernel stacks from application stacks, and allocate the kernel stack on demand
  • Improved capability and usability of myst-appbuilder tool
  • Improved stability and performance in general
  • Addressed issues report by CodeQL scan

Removed:

  • The dependency on musl-gcc or Alpine Linux
  • The need for users to specify a kernel memory size in config.json
  • The need for users to specify a maximum number of threads required in config.json

Known issues:

  • Under certain situations, a Mystikos app might fail to exit due to a blocking I/O syscall
  • Under rare situation, a Mystikos app might crash instead of exiting normally.

Security updates:

Assets 4
Loading