Enarx: Confidential Computing with WebAssembly
APACHE-2.0 License
Bot releases are visible (Hide)
This release is a developer-only, preview release. It is not production ready. We hope that you will experiment with it to see the progress we are making.
This release addresses the communication slowdown experienced by a .NET application deployed into the Enarx keep.
It also introduces a new internal crate that lays the foundation for future refactoring and consolidation of the common code in one place.
dtolnay/rust-toolchain
by @haraldh in https://github.com/enarx/enarx/pull/2468
For installation instructions, please see our updated Quick Installation guide.
For more detailed instructions, including instructions on how to configure your Trusted Execution Environments or compile from source, please refer to our Install Enarx from Source guide.
Full Changelog: https://github.com/enarx/enarx/compare/v0.7.0...v0.7.1
Published by github-actions[bot] almost 2 years ago
This release is a developer-only, preview release. It is not production ready. We hope that you will experiment with it to see the progress we are making.
This release significantly improves the performance of the Enarx runtime environment by allocating memory on an as-needed basis.
tracing
instead of log
for logging by @haraldh in https://github.com/enarx/enarx/pull/2183
exit()
syscall by @haraldh in https://github.com/enarx/enarx/pull/2222
TrimSgxPages
to ModifySgxPageType
by @haraldh in https://github.com/enarx/enarx/pull/2246
enarx
workspace events by @rvolosatovs in https://github.com/enarx/enarx/pull/2437
dbg
feature for exec-wasmtime
by @rvolosatovs in https://github.com/enarx/enarx/pull/2454
Serialize
implementation by @rvolosatovs in https://github.com/enarx/enarx/pull/2190
enarx deploy
tests by @rvolosatovs in https://github.com/enarx/enarx/pull/2191
enarx deploy
by @bstrie in https://github.com/enarx/enarx/pull/2206
Config
, not Option<Config>
by @rvolosatovs in https://github.com/enarx/enarx/pull/2223
localhost
handling by @rvolosatovs in https://github.com/enarx/enarx/pull/2174
token
by @rvolosatovs in https://github.com/enarx/enarx/pull/2224
tracing
by @rvolosatovs in https://github.com/enarx/enarx/pull/2226
serial
" by @haraldh in https://github.com/enarx/enarx/pull/2238
IS_X86_64_LINUX
variable by @rvolosatovs in https://github.com/enarx/enarx/pull/2275
ExitCode
, don't 'exit' by @rvolosatovs in https://github.com/enarx/enarx/pull/2384
std::process::ExitCode
by @haraldh in https://github.com/enarx/enarx/pull/2387
brk
region for lower limit by @haraldh in https://github.com/enarx/enarx/pull/2402
spin
crate instead of spinning
by @haraldh in https://github.com/enarx/enarx/pull/2410
cargo test --workspace
compatible by @haraldh in https://github.com/enarx/enarx/pull/2423
--workspace
support by @rvolosatovs in https://github.com/enarx/enarx/pull/2421
LineWriter
by @rvolosatovs in https://github.com/enarx/enarx/pull/2439
-v
argument by @rvolosatovs in https://github.com/enarx/enarx/pull/2438
... and multiple build and automation improvements.
For installation instructions, please see our updated Quick Installation guide.
For more detailed instructions, including instructions on how to configure your Trusted Execution Environments or compile from source, please refer to our Install Enarx from Source guide.
A hearty thanks to everyone who has contributed over the last few years. This release would not be successful without you!
@MikeCamel @npmccallum @haraldh @connorkuehl @lkatalin @mbestavros @wgwoods @axelsimon @ueno @ziyi-yan @ambaxter @squidboylan @blazebissar @michiboo @matt-ross16 @jyotsna-penumaka @steveeJ @greyspectrum @rvolosatovs @lilienbm @CyberEpsilon @kubkon @nickvidal @uudiin @zeenix @sagiegurari @platten @greyspectrum @bstrie @jarkkojs @definitelynobody @rjzak @Deepansharora27 @mayankkumar2 @moksh-pathak @puiterwijk @dpal
Full Changelog: https://github.com/enarx/enarx/compare/v0.6.4...v0.7.0
Published by github-actions[bot] about 2 years ago
This release is a developer-only, preview release. It is not production ready. We hope that you will experiment with it to see the progress we are making.
opt-level="s"
by @bstrie in #2127For installation instructions, please see our updated Quick Installation guide.
For more detailed instructions, including instructions on how to configure your Trusted Execution Environments or compile from source, please refer to our Install Enarx from Source guide.
A hearty thanks to everyone who has contributed over the last few years. This release would not be successful without you!
@MikeCamel @npmccallum @haraldh @connorkuehl @lkatalin @mbestavros @wgwoods @axelsimon @ueno @ziyi-yan @ambaxter @squidboylan @blazebissar @michiboo @matt-ross16 @jyotsna-penumaka @steveeJ @greyspectrum @rvolosatovs @lilienbm @CyberEpsilon @kubkon @nickvidal @uudiin @zeenix @sagiegurari @platten @greyspectrum @bstrie @jarkkojs @definitelynobody @rjzak @Deepansharora27 @mayankkumar2 @moksh-pathak @puiterwijk
Full Changelog: https://github.com/enarx/enarx/compare/v0.6.3...v0.6.4
Published by github-actions[bot] about 2 years ago
This release is a developer-only, preview release. It is not production ready. We hope that you will experiment with it to see the progress we are making.
--signatures
option by @haraldh in #2101owner/repo:tag
slug format by @rvolosatovs in #2117get_key
syscall by @haraldh in #2109bool::into()
for 0 and 1 by @haraldh in #210450-sev.rules
by @haraldh in #2100For installation instructions please see our page on Installing Enarx.
If you are an application developer without a need for running inside of Trusted Execution Environments or do not have access to a Linux host with SGX2, SEV-SNP, or KVM support, please check out our new Quick Start guide
A hearty thanks to everyone who has contributed over the last few years. This release would not be successful without you!
@MikeCamel @npmccallum @haraldh @connorkuehl @lkatalin @mbestavros @wgwoods @axelsimon @ueno @ziyi-yan @ambaxter @squidboylan @blazebissar @michiboo @matt-ross16 @jyotsna-penumaka @steveeJ @greyspectrum @rvolosatovs @lilienbm @CyberEpsilon @kubkon @nickvidal @uudiin @zeenix @sagiegurari @platten @greyspectrum @bstrie @jarkkojs @definitelynobody @rjzak @Deepansharora27 @mayankkumar2 @moksh-pathak
Full Changelog: https://github.com/enarx/enarx/compare/v0.6.2...v0.6.3
Published by github-actions[bot] about 2 years ago
This release is a developer-only, preview release. It is not production ready. We hope that you will experiment with it to see the progress we are making.
main.wasm
in argv[0]
by @rvolosatovs in 2097
For installation instructions please see our page on Installing Enarx.
If you are an application developer without a need for running inside of Trusted Execution Environments or do not have access to a Linux host with SGX2, SEV-SNP, or KVM support, please check out our new Quick Start guide
A hearty thanks to everyone who has contributed over the last few years. This release would not be successful without you!
@MikeCamel @npmccallum @haraldh @connorkuehl @lkatalin @mbestavros @wgwoods @axelsimon @ueno @ziyi-yan @ambaxter @squidboylan @blazebissar @michiboo @matt-ross16 @jyotsna-penumaka @steveeJ @greyspectrum @rvolosatovs @lilienbm @CyberEpsilon @kubkon @nickvidal @uudiin @zeenix @sagiegurari @platten @greyspectrum @bstrie @jarkkojs @definitelynobody @rjzak @Deepansharora27 @mayankkumar2 @moksh-pathak
Full Changelog: https://github.com/enarx/enarx/compare/v0.6.1...v0.6.2
Published by github-actions[bot] about 2 years ago
This release is a developer-only, preview release. It is not production ready. We hope that you will experiment with it to see the progress we are making.
enarx config init
by @haraldh in 2037
$HOME
by @haraldh in 2049
register_enc_memory_region()
by @haraldh in 2046
enarx platform snp info
by @haraldh in 2062
For installation instructions please see our page on Installing Enarx.
If you are an application developer without a need for running inside of Trusted Execution Environments, or do not have access to a Linux host with SGX2, SEV-SNP or KVM support, please check out our new Quick Start guide
A hearty thanks to everyone who has contributed over the last few years. This release would not be successful without you!
@MikeCamel @npmccallum @haraldh @connorkuehl @lkatalin @mbestavros @wgwoods @axelsimon @ueno @ziyi-yan @ambaxter @squidboylan @blazebissar @michiboo @matt-ross16 @jyotsna-penumaka @steveeJ @greyspectrum @rvolosatovs @lilienbm @CyberEpsilon @kubkon @nickvidal @uudiin @zeenix @sagiegurari @platten @greyspectrum @bstrie @jarkkojs @definitelynobody @rjzak @Deepansharora27 @mayankkumar2 @moksh-pathak
Full Changelog: https://github.com/enarx/enarx/compare/v0.6.0...v0.6.1
Published by platten over 2 years ago
This release is a developer-only, preview release. It is not production ready. We hope that you will experiment with it to see the progress we are making.
enarx cpu
to enarx platform
by @bstrie in #2016
addr
to listen
in Enarx.toml by @haraldh in #2008
Enarx_toml.md
by @haraldh in #2011
For installation instructions please see our page on Installing Enarx.
If you are an application developer without a need for running inside of Trusted Execution Environments, or do not have access to a Linux host with SGX2, SEV-SNP or KVM support, please check out our new Quick Start guide
A hearty thanks to everyone who has contributed over the last few years. This release would not be successful without you!
@MikeCamel @npmccallum @haraldh @connorkuehl @lkatalin @mbestavros @wgwoods @axelsimon @ueno @ziyi-yan @ambaxter @squidboylan @blazebissar @michiboo @matt-ross16 @jyotsna-penumaka @steveeJ @greyspectrum @rvolosatovs @lilienbm @CyberEpsilon @kubkon @nickvidal @uudiin @zeenix @sagiegurari @platten @greyspectrum @bstrie @jarkkojs @definitelynobody @rjzak @Deepansharora27 @mayankkumar2 @moksh-pathak
Full Changelog: https://github.com/enarx/enarx/compare/v0.5.1...v0.6.0
Published by platten over 2 years ago
The issue reported by @Freax13 and patched by @jarkkojs is a major security issue affecting workloads on SGX keeps. However, we are not aware of any successful attacks.
uname
system info only once by @haraldh in #1885
--version
and extend --help
by @haraldh in #1886
nil
backend by @haraldh in #1890
Full Changelog: (https://github.com/enarx/enarx/compare/v0.5.0...v0.5.1)
Published by haraldh over 2 years ago
This release is a developer-only, preview release. It is not production ready. We hope that you will experiment with it to see the progress we are making.
munmap()
, mprotect()
and mremap()
enarx deploy
subcommandFor installation instructions please see our page on Installing Enarx.
workldr
to exec
by @haraldh in https://github.com/enarx/enarx/pull/1802
core::ffi
for std::ffi::c_*
by @haraldh in https://github.com/enarx/enarx/pull/1809
core::ffi
for std::ffi::c_*
by @haraldh in https://github.com/enarx/enarx/pull/1811
x509::
to x509_cert::
by @haraldh in https://github.com/enarx/enarx/pull/1834
rcrt1::x86_64_linux_startup!
macro by @haraldh in https://github.com/enarx/enarx/pull/1823
cargo test --workspace
work by @bstrie in https://github.com/enarx/enarx/pull/1825
enarx deploy
subcommand by @rvolosatovs in https://github.com/enarx/enarx/pull/1826
Full Changelog: https://github.com/enarx/enarx/compare/v0.4.0...v0.5.0
Published by platten over 2 years ago
This release is a developer-only, preview release. It is not production ready. We hope that you will experiment with it to see the progress we are making.
For build instructions, see our build documentation.
For installation instructions please see our page on Installing Enarx.
unmap
, remap
and mprotect
for SGX2A hearty thanks to everyone who has contributed over the last few years. This release would not be successful without you!
@MikeCamel @npmccallum @haraldh @connorkuehl @lkatalin @mbestavros @wgwoods @axelsimon @ueno @ziyi-yan @ambaxter @squidboylan @blazebissar @michiboo @matt-ross16 @jyotsna-penumaka @steveeJ @greyspectrum @rvolosatovs @lilienbm @CyberEpsilon @kubkon @nickvidal @uudiin @zeenix @sagiegurari @platten @greyspectrum @bstrie @jarkkojs @definitelynobody @rjzak @Deepansharora27 @mayankkumar2 @moksh-pathak
Full Changelog: https://github.com/enarx/enarx/compare/v0.3.0...v0.4.0
Published by platten over 2 years ago
This release is a developer-only, preview release. It is not production ready. We hope that you will experiment with it to see the progress we are making.
Enarx.toml
:
addr
field no longer supportedprot
field added. Valid values are: tcp
or tls
For build instructions, see our build documentation.
For installation instructions please see our page on Installing Enarx.
A hearty thanks to everyone who has contributed over the last few years. This release would not be successful without you!
@MikeCamel @npmccallum @haraldh @connorkuehl @lkatalin @mbestavros @wgwoods @axelsimon @ueno @ziyi-yan @ambaxter @squidboylan @blazebissar @michiboo @matt-ross16 @jyotsna-penumaka @steveeJ @greyspectrum @rvolosatovs @lilienbm @CyberEpsilon @kubkon @nickvidal @uudiin @zeenix @sagiegurari @platten @greyspectrum @bstrie @jarkkojs @definitelynobody @jovanbulck @Deepansharora27 @mayankkumar2 @moksh-pathak @veehaitch
A special thanks to Tony Arcieri from the RustCrypto project for reviewing and merging the dozens of patches we put into their crates in order to make this release happen.
Full Changelog: https://github.com/enarx/enarx/compare/v0.2.1...v0.3.0
Published by platten over 2 years ago
The issue patched by @jovanbulck is a minor security issue and we are not aware of any successful attacks.
Full Changelog: https://github.com/enarx/enarx/compare/v0.2.0...v0.2.1
Published by platten over 2 years ago
This release is a developer-only, preview release. It is not production ready. We hope that you will experiment with it to see the progress we are making.
examples/tcp_server/
for a full fledged mio example TCP serverenarx info
displaying additional information and JSON output supportenarx sev vcek
- Download VCEK certificates for SEV platform and print to stdout in PEM formatFor build instructions, see our build documentation.
For installation instructions please see our page on Installing Enarx.
A hearty thanks to everyone who has contributed over the last few years. This release would not be successful without you!
@MikeCamel @npmccallum @haraldh @connorkuehl @lkatalin @mbestavros @wgwoods @axelsimon @ueno @ziyi-yan @ambaxter @squidboylan @blazebissar @michiboo @matt-ross16 @jyotsna-penumaka @steveeJ @greyspectrum @rvolosatovs @lilienbm @CyberEpsilon @kubkon @nickvidal @uudiin @zeenix @sagiegurari
A special thanks to our new contributors:
@greyspectrum @bstrie @jarkkojs @definitelynobody @Deepansharora27 @mayankkumar2 @moksh-pathak @platten
Full Changelog: https://github.com/enarx/enarx/compare/v0.1.0...v0.2.0
Published by npmccallum almost 3 years ago
This release is a developer-only, preview release. It is not production ready. We hope that you will experiment with it to see the progress we are making.
This release includes two top-level commands enarx info
and enarx run
.
The enarx info
command dumps information about your hardware platform. It can be useful for determining if your platform has support for one of the Enarx backends.
The enarx run
command executes a WASM binary in a Keep using either the SEV or SGX backends. For testing and development, you can also run a WASM binary in the unencrypted KVM backend. Applications are currently limited due to our incomplete support for WASI.
For build instructions, see our build documentation.
This release contains a mitigation for the SmashEx attack.
A hearty thanks to everyone who has contributed over the last few years. This release would not be successful without you!
@MikeCamel @npmccallum @haraldh @connorkuehl @lkatalin @mbestavros @wgwoods @axelsimon @ueno @ziyi-yan @ambaxter @squidboylan @blazebissar @michiboo @matt-ross16 @jyotsna-penumaka @steveeJ @greyspectrum @rvolosatovs @lilienbm @CyberEpsilon @kubkon @nickvidal @uudiin @zeenix @sagiegurari