v0.2.0
Pre-release
Pre-release
Added:
- EXT2 file system support
- Added an experimental pseudo-fork feature (disabled by default) that can work in similar ways to the vfork system call, except it gets its own copy of the stack
- Included the following test suites in our test pipelines: libcxx (targeting both musl and glibc), sockperf, Azure SDK for dotnet, and Azure SDK for C++
- Added code coverage measurement with gcov, using lcov to generate a report in our pipeline
- Added support for identity related syscalls, and partially enforce the permissions tied to the identities
- Added full or partial support for ~50 syscalls used by .NET runtime, Python runtime, and other key usages
- Allowed host file systems to be auto-mounted through config.json
- Multiple samples/solutions to showcase support for selected C/C++, C#, Java, Rust, and Python applications
- Partial support for virtual files under /dev and /proc
- Debugging capability of .NET applications with libsos
- Forward hardware exceptions to the kernel
- ‘Debug malloc’ option for detecting memory leaks and memory related bugs
Changed:
- Augmented musl based C-runtime for better compatibility with applications built against the glibc C-runtime
- Adopted Open Enclave SDK version 0.17.0 and the security fix from Open Enclave version 0.17.1.
- Enabled more tests in the following existing test suites: libc, .NET runtime, and ltp
- The attestation credentials generated by Mystikos and the interface for applications to request such credentials during startup time
- Retrieve DNS server configuration during Mystikos app launch time instead of build time
- Enhancement to the memory manager
- Separate kernel stacks from application stacks, and allocate the kernel stack on demand
- Improved capability and usability of myst-appbuilder tool
- Improved stability and performance in general
- Addressed issues report by CodeQL scan
Removed:
- The dependency on musl-gcc or Alpine Linux
- The need for users to specify a kernel memory size in config.json
- The need for users to specify a maximum number of threads required in config.json
Known issues:
- Under certain situations, a Mystikos app might fail to exit due to a blocking I/O syscall
- Under rare situation, a Mystikos app might crash instead of exiting normally.
Security updates:
- Applied Open Enclave SDK's fix to CVE-2021-33767