v0.7.1

Not Production Ready

This release is a developer-only, preview release. It is not production ready. We hope that you will experiment with it to see the progress we are making.

Summary

This release addresses the communication slowdown experienced by a .NET application deployed into the Enarx keep.
It also introduces a new internal crate that lays the foundation for future refactoring and consolidation of the common code in one place.

What's Changed

Features and fixes

• Set nonblocking on TCP by @puiterwijk in #2469
• Factor out cpuidpage to a shared crate by @haraldh in #2460
• Bring release helper script up to date by @bstrie in #2472

Dependencies and chores

• Switch workflows to dtolnay/rust-toolchain by @haraldh in #2468
• Release v0.7.1 by @dpal in #2475

Installation

For installation instructions, please see our updated Quick Installation guide.

For more detailed instructions, including instructions on how to configure your Trusted Execution Environments or compile from source, please refer to our Install Enarx from Source guide.

Known (Temporary) Issues

• No filesystem support yet
• Custom kernel required for AMD SEV-SNP-based machines

Full Changelog: v0.7.0...v0.7.1

v0.7.0

Not Production Ready

This release is a developer-only, preview release. It is not production ready. We hope that you will experiment with it to see the progress we are making.

Summary

This release significantly improves the performance of the Enarx runtime environment by allocating memory on an as-needed basis.

What's Changed

Features

• Add support for threading and synchronization by @haraldh in #2179
• Use tracing instead of log for logging by @haraldh in #2183
• Error on unknown fields by @rvolosatovs in #2193
• Print child stderr in tests by @rvolosatovs in #2194
• Introduce file types by @rvolosatovs in #2197
• Implement basic threading support for SGX by @haraldh in #2186
• Add an extra stack for CSSA > 0 by @haraldh in #2220
• Use CSSA level 0 EEXIT to return from exit() syscall by @haraldh in #2222
• Rename enarxcall TrimSgxPages to ModifySgxPageType by @haraldh in #2246
• Implement dynamic thread allocation by @haraldh in #2250
• Specify OIDC scopes and audience by @puiterwijk in #2311
• Remove naked functions by @bstrie in #2350
• Add client secrets login by @rvolosatovs in #2356
• Complete the TCS page struct and add the flags by @haraldh in #2366
• Set the keep's DEBUG flag on features dbg or gdb by @haraldh in #2385
• Crl caching by @rjzak in #2392
• Use new mmledger API by @haraldh in #2397
• Handle CSSA 0-3 with 2 sallyport blocks by @haraldh in #2396
• Add page fault handling and lazy mmap by @haraldh in #2406
• Add flame graph by @ishme-al in #2391
• Only log enarx workspace events by @rvolosatovs in #2437
• Snp backend sends CRL for attestation by @rjzak in #2428
• Sgx backend sends CRL for attestation by @rjzak in #2393
• Introduce dbg feature for exec-wasmtime by @rvolosatovs in #2454
• Store CRL & originating URL by @rjzak in #2447
• Add lazy memory mapping by @haraldh in #2429

Fixes

• Use SnpReportRequest struct by @haraldh in #2178
• Log filter parsing by @haraldh in #2185
• Default to Profian Steward by @rvolosatovs in #2189
• Remove custom Serialize implementation by @rvolosatovs in #2190
• Reenable enarx deploy tests by @rvolosatovs in #2191
• Avoid capitalizing file names by @rvolosatovs in #2192
• Use a domain name in TLS connect by @rvolosatovs in #2195
• Use unbounded ranges in patterns by @bstrie in #2201
• Minor improvements by @rvolosatovs in #2196
• Replace echo server with hello world in integration test by @bstrie in #2207
• Optimize wasm example by @bstrie in #2208
• Handle cannot-be-a-base URLs in enarx deploy by @bstrie in #2206
• Disallow invalid file names by @rvolosatovs in #2202
• Reorganize by @rvolosatovs in #2204
• Parse Config, not Option<Config> by @rvolosatovs in #2223
• Set HWCAP2 and clear fsbase by @haraldh in #2221
• Outgoing TLS connections, localhost handling by @rvolosatovs in #2174
• Remove unused token by @rvolosatovs in #2224
• Ignore Windows listener tests by @rvolosatovs in #2227
• Switch to tracing by @rvolosatovs in #2226
• Replace unicode chars by @haraldh in #2233
• Revert "test(wasm): avoid using serial" by @haraldh in #2238
• Don't output dbg for SYS_clock_gettime by @haraldh in #2239
• Sync TLS listener and stream applications with upstream by @rvolosatovs in #2240
• Rely on exit code by @haraldh in #2244
• Check output during CLI integration tests by @bstrie in #2249
• Parse JSON in CLI tests and refactor by @bstrie in #2254
• Support all platforms in tests by @rvolosatovs in #2276
• Remove IS_X86_64_LINUX variable by @rvolosatovs in #2275
• Fix tests when RUST_BACKTRACE is set by @bstrie in #2315
• Correct main ref name for sign by @puiterwijk in #2313
• Parse CLI properly in integration test by @bstrie in #2349
• Prevent test FD from being prematurely dropped by @rvolosatovs in #2348
• Remove EncodePrivateKey workaround by @haraldh in #2361
• Prevent workload FD from being dropped by @rvolosatovs in #2357
• Remove unnecessary usage of Lazy by @bstrie in #2382
• Remove unused test binary by @rvolosatovs in #2370
• Return ExitCode, don't 'exit' by @rvolosatovs in #2384
• Refine sgx error handling especially for threads by @haraldh in #2386
• Unused import: std::process::ExitCode by @haraldh in #2387
• Remove unused crt0 environment variables by @rvolosatovs in #2398
• Check brk region for lower limit by @haraldh in #2402
• Use spin crate instead of spinning by @haraldh in #2410
• Remove comment about SEV-SNP TCB by @haraldh in #2415
• Make shims cargo test --workspace compatible by @haraldh in #2423
• Use workspace version of gdbstub by @haraldh in #2426
• Cross-platform --workspace support by @rvolosatovs in #2421
• Set Cr0Flags::MONITOR_COPROCESSOR by @haraldh in #2441
• Rework on-disk signature file locking by @rvolosatovs in #2436
• Wrap output writer into a LineWriter by @rvolosatovs in #2439
• Remove -v argument by @rvolosatovs in #2438
• Fix client/full test by @haraldh in #2457
• Split zerooneone test by @haraldh in #2458

... and multiple build and automation improvements.

Requirements

• Rust nightly

Installation

For installation instructions, please see our updated Quick Installation guide.

For more detailed instructions, including instructions on how to configure your Trusted Execution Environments or compile from source, please refer to our Install Enarx from Source guide.

Known (Temporary) Issues

• No filesystem support yet
• Custom kernel required for AMD SEV-SNP-based machines

Contributors

A hearty thanks to everyone who has contributed over the last few years. This release would not be successful without you!

@MikeCamel @npmccallum @haraldh @connorkuehl @lkatalin @mbestavros @wgwoods @axelsimon @ueno @ziyi-yan @ambaxter @squidboylan @blazebissar @michiboo @matt-ross16 @jyotsna-penumaka @steveej @greyspectrum @rvolosatovs @lilienbm @CyberEpsilon @kubkon @nickvidal @uudiin @zeenix @sagiegurari @platten @greyspectrum @bstrie @jarkkojs @definitelynobody @rjzak @Deepansharora27 @mayankkumar2 @moksh-pathak @puiterwijk @dpal

New Contributors

• @github-actions made their first contribution in #2284
• @dpal made their first contribution in #2408
• @ishme-al made their first contribution in #2391

Full Changelog: v0.6.4...v0.7.0

v0.6.4

Not Production Ready

This release is a developer-only, preview release. It is not production ready. We hope that you will experiment with it to see the progress we are making.

What's Changed

Features

• Extend the enarx CLI with a key command and change the sign command by @haraldh in #2151
• Add rpm and debian packages to release by @puiterwijk in #2154

Fixes:

• Dynamically enable AVX and AVX512 by @haraldh in #2144
• Check for the VCEK cache file by @haraldh in #2145
• Correctly set XCR0 according to cpuid by @haraldh in #2146
• Lower TLS cert serial number length by @rvolosatovs in #2171

Documentation:

• Add signing, and package install to QuickStart by @platten in #2163

Dependencies:

• Update drawbridge-client to 0.2.3 by @rvolosatovs in #2126
• Update wasmtime by @rvolosatovs in #2133
• Update serial_test dependency to 0.9 by @bstrie in #2155
• Bump ecdsa crate to 0.14.5 by @bstrie in #2168

Other:

• Update flake by @rvolosatovs in #1970
• Don't strip debug enarx binary by @haraldh in #2103
• Consolidate deny checks by @bstrie in #2120
• Remove opt-level="s" by @bstrie in #2127
• Update license files by @platten in #2147
• Add Enarx keep signatures to released artifacts by @platten in #2156
• Disable publishing to crates by @platten in #2162

Requirements

• Rust nightly

Installation

For installation instructions, please see our updated Quick Installation guide.

For more detailed instructions, including instructions on how to configure your Trusted Execution Environments or compile from source, please refer to our Install Enarx from Source guide.

Known (Temporary) Issues

• Incomplete WASI support
• Custom kernel required for Intel SGX & AMD SEV-SNP-based machines

Contributors

A hearty thanks to everyone who has contributed over the last few years. This release would not be successful without you!

@MikeCamel @npmccallum @haraldh @connorkuehl @lkatalin @mbestavros @wgwoods @axelsimon @ueno @ziyi-yan @ambaxter @squidboylan @blazebissar @michiboo @matt-ross16 @jyotsna-penumaka @steveej @greyspectrum @rvolosatovs @lilienbm @CyberEpsilon @kubkon @nickvidal @uudiin @zeenix @sagiegurari @platten @greyspectrum @bstrie @jarkkojs @definitelynobody @rjzak @Deepansharora27 @mayankkumar2 @moksh-pathak @puiterwijk

Full Changelog: v0.6.3...v0.6.4

v0.6.3

Not Production Ready

This release is a developer-only, preview release. It is not production ready. We hope that you will experiment with it to see the progress we are making.

What's Changed

Features

• Panic on integer overflow for keep crates by @bstrie in #2114
• Add enarx sign and --signatures option by @haraldh in #2101
• Enforce OCI-like owner/repo:tag slug format by @rvolosatovs in #2117
• Validate workload digests by @rvolosatovs in #2118
• Add get_key syscall by @haraldh in #2109

Fixes:

• bool::into() for 0 and 1 by @haraldh in #2104
• Increase max wasm file size by @rvolosatovs in #2107

Documentation:

• Fix 50-sev.rules by @haraldh in #2100
• Update cargo install docs by @bstrie in #2122

Dependencies:

• Bump x509-cert to v0.1.0 by @bstrie in #2095
• Bump wasmtime deps to v0.39.1 by @bstrie in #2096
• Update aes-gcm requirement from 0.9 to 0.10.1 by @haraldh in #2106
• Update wix to 0.3.3 by @platten in #2108
• Update chrono from 0.4.19 to 0.4.20 by @bstrie in #2119
• Bump dependencies by @bstrie in #2121

Other:

• Don't strip debug enarx binary by @haraldh in #2103
• Consolidate deny checks by @bstrie in #2120

Requirements

• Rust nightly

Installation

For installation instructions please see our page on Installing Enarx.

If you are an application developer without a need for running inside of Trusted Execution Environments or do not have access to a Linux host with SGX2, SEV-SNP, or KVM support, please check out our new Quick Start guide

Known (Temporary) Issues

• Incomplete WASI support
• Custom kernel required for Intel SGX & AMD SEV-SNP-based machines

Contributors

A hearty thanks to everyone who has contributed over the last few years. This release would not be successful without you!

@MikeCamel @npmccallum @haraldh @connorkuehl @lkatalin @mbestavros @wgwoods @axelsimon @ueno @ziyi-yan @ambaxter @squidboylan @blazebissar @michiboo @matt-ross16 @jyotsna-penumaka @steveej @greyspectrum @rvolosatovs @lilienbm @CyberEpsilon @kubkon @nickvidal @uudiin @zeenix @sagiegurari @platten @greyspectrum @bstrie @jarkkojs @definitelynobody @rjzak @Deepansharora27 @mayankkumar2 @moksh-pathak

Full Changelog: v0.6.2...v0.6.3

v0.6.2

Not Production Ready

This release is a developer-only, preview release. It is not production ready. We hope that you will experiment with it to see the progress we are making.

What's Changed

Features:

• SGX: Add ENARX_TEST_SGX_KEY_FILE env variable by @haraldh in 2082
• Backend: Set main.wasm in argv[0] by @rvolosatovs in 2097
• Backend: Treat 0 exit code as success by @rvolosatovs in 2098

Requirements

• Rust nightly

Installation

For installation instructions please see our page on Installing Enarx.

If you are an application developer without a need for running inside of Trusted Execution Environments or do not have access to a Linux host with SGX2, SEV-SNP, or KVM support, please check out our new Quick Start guide

Known (Temporary) Issues

• Incomplete WASI support
• Custom kernel required for Intel SGX & AMD SEV-SNP-based machines

Contributors

A hearty thanks to everyone who has contributed over the last few years. This release would not be successful without you!

@MikeCamel @npmccallum @haraldh @connorkuehl @lkatalin @mbestavros @wgwoods @axelsimon @ueno @ziyi-yan @ambaxter @squidboylan @blazebissar @michiboo @matt-ross16 @jyotsna-penumaka @steveej @greyspectrum @rvolosatovs @lilienbm @CyberEpsilon @kubkon @nickvidal @uudiin @zeenix @sagiegurari @platten @greyspectrum @bstrie @jarkkojs @definitelynobody @rjzak @Deepansharora27 @mayankkumar2 @moksh-pathak

Full Changelog: v0.6.1...v0.6.2

v0.6.1

Not Production Ready

This release is a developer-only, preview release. It is not production ready. We hope that you will experiment with it to see the progress we are making.

What's Changed

Features:

• UX: Add enarx config init by @haraldh in 2037
• UX: Support custom credential helpers by @rvolosatovs in 2041
• UX: Warn users to put Enarx.toml/main.wasm in an empty dir by @definitelynobody in 2075
• UX: Forbid publish of malformed packages by @bstrie in 2076
• Config: Add Serialize to enarx-config by @haraldh in 2036
• SEV: Remove vcek cache directory in $HOME by @haraldh in 2049
• SEV: Move sev_attestation test by @haraldh in 2056
• KVM: Enable CR0 WRITE_PROTECT by @haraldh in 2040
• Backend: Register well-known backend names by @haraldh in 2052

Fixes:

• Config: Correct repo link in Cargo.toml by @haraldh in 2031
• SEV: Return proper io::Error for register_enc_memory_region() by @haraldh in 2046
• SEV: Rename enarx platform snp info by @haraldh in 2062
• SGX: Filter attestation keys by @haraldh in 2051
• Sallyport: Avoid UB by removing implicit reference from indexing with range by @bstrie in 2069
• Example TCP Server: Harden the server and fix proto tls vs tcp by @haraldh in 2032

Documentation:

• Publish: Document publishing and deploying via CLI by @bstrie in 2038
• Quickstart: Update Quickstart.mdx, cleanup by @platten in 2059

Dependencies:

• Update linked_list_allocator requirement from 0.9.1 to 0.10.1 by @haraldh in 1993
• Bump wasmtime related dependencies by @platten in 2077
• Bump Rust toolchain to 2022-07-19 by @bstrie in 2067
• Bump drawbridge to 0.2 by @bstrie in 2065

Other:

• Add build test for examples/tcp_server by @haraldh in 2035
• Add .mailmap by @haraldh in 2034
• Add some testaso tests for the SEV-SNP backend by @haraldh in 2055
• Fix toolchain by @haraldh in 2060
• Remove tcp_server example by @bstrie in 2070
• Remove unused helper scripts by @bstrie in 2074
• Rename Windows artifact locations by @platten in 2072

Requirements

• Rust nightly

Installation

For installation instructions please see our page on Installing Enarx.

If you are an application developer without a need for running inside of Trusted Execution Environments, or do not have access to a Linux host with SGX2, SEV-SNP or KVM support, please check out our new Quick Start guide

Known (Temporary) Issues

• Incomplete WASI support
• Custom kernel required for Intel SGX & AMD SEV-SNP-based machines

Contributors

A hearty thanks to everyone who has contributed over the last few years. This release would not be successful without you!

@MikeCamel @npmccallum @haraldh @connorkuehl @lkatalin @mbestavros @wgwoods @axelsimon @ueno @ziyi-yan @ambaxter @squidboylan @blazebissar @michiboo @matt-ross16 @jyotsna-penumaka @steveej @greyspectrum @rvolosatovs @lilienbm @CyberEpsilon @kubkon @nickvidal @uudiin @zeenix @sagiegurari @platten @greyspectrum @bstrie @jarkkojs @definitelynobody @rjzak @Deepansharora27 @mayankkumar2 @moksh-pathak

Full Changelog: v0.6.0...v0.6.1

Fushimi Castle

Not Production Ready

This release is a developer-only, preview release. It is not production ready. We hope that you will experiment with it to see the progress we are making.

What's Changed

Features:

• UX: Flesh out fundamental drawbridge CLI by @bstrie in #2020
• UX: User login CLI by @bstrie in #2002
• UX: Restructure CLI into new hierarchy by @bstrie in #1976
• UX: Rename enarx cpu to enarx platform by @bstrie in #2016
• UX: Add addr to listen in Enarx.toml by @haraldh in #2008

Fixes:

• SGX: Prevent aesmd error 42 - ATT_KEY_NOT_INITIALIZED by @haraldh in #1968
• SGX: Revert the use of AVX2 and AVX512 by @jarkkojs in #1974
• Example TCP Server: Correct target_os by @haraldh in #2023

Documentation:

• Install: Install documentation update by @platten in #1946
• Quickstart: Add Quickstart installation guide by @nickvidal in #1949
• Quickstart: Update links and formatting in Quickstart per additional feedback by @platten in #1956
• Install & Quickstart: Use --locked with cargo install and homebrew tap by @platten in #1957
• Enarx.toml: Add Enarx_toml.md by @haraldh in #2011
• README-DEBUG: Reburnish KVM / SNP in README-DEBUG.md by @jarkkojs in #1932
• README-DEBUG: Reburnish the SGX GDB documentation by @jarkkojs in #1937

Dependencies:

• Cargo update and wasmtime 0.38 by @haraldh in #2009
• Bump Rust toolchain by @bstrie in #1969
• Update serial_test requirement from 0.6 to 0.7 in /crates/sallyport by @dependabot in #1947

Other:

• Refactor: Reduce crate feature surface area by @bstrie in #1943
• Build: Use new Cargo sparse registry support by @bstrie in #2010
• Release: Extend release workflow to build Windows MSI installer by @platten in #1928
• NIX: Update flake lock by @rvolosatovs in #2024
• CI: Use published coverage tool and update coverage exclusions by @bstrie in #1923
• CI: Add built assets to release draft by @rvolosatovs in #1972

Requirements

• Rust nightly

Installation

For installation instructions please see our page on Installing Enarx.

If you are an application developer without a need for running inside of Trusted Execution Environments, or do not have access to a Linux host with SGX2, SEV-SNP or KVM support, please check out our new Quick Start guide

Known (Temporary) Issues

• Incomplete WASI support
• Custom kernel required for SGX or SEV-SNP

Contributors

A hearty thanks to everyone who has contributed over the last few years. This release would not be successful without you!

@MikeCamel @npmccallum @haraldh @connorkuehl @lkatalin @mbestavros @wgwoods @axelsimon @ueno @ziyi-yan @ambaxter @squidboylan @blazebissar @michiboo @matt-ross16 @jyotsna-penumaka @steveej @greyspectrum @rvolosatovs @lilienbm @CyberEpsilon @kubkon @nickvidal @uudiin @zeenix @sagiegurari @platten @greyspectrum @bstrie @jarkkojs @definitelynobody @rjzak @Deepansharora27 @mayankkumar2 @moksh-pathak

Full Changelog: v0.5.1...v0.6.0

v0.5.1

Note:

The issue reported by @Freax13 and patched by @jarkkojs is a major security issue affecting workloads on SGX keeps. However, we are not aware of any successful attacks.

What's Changed

Fixes

• SGX: check that sallyport block is outside shim in #1918
• KVM: Revert support old CPUs by @haraldh in #1884
• UX: Display uname system info only once by @haraldh in #1885

Features:

• SGX: host side mm-handlers by @jarkkojs in #1883
• UX: add --version and extend --help by @haraldh in #1886
• UX: add ignore message by @haraldh in #1896
• Platform: add Windows support with the nil backend by @haraldh in #1890
• Release: build artifacts for aarch64-apple-darwin, x86_64_windows and SBOMs by @platten in #1906
• CI: provide static, reproducible builds by @rvolosatovs in #1872
• CI: use codecov-action v3 by @haraldh in #1900

Full Changelog: (v0.5.0...v0.5.1)

Elmina Castle

Not Production Ready

This release is a developer-only, preview release. It is not production ready. We hope that you will experiment with it to see the progress we are making.

What's Changed

• Lower system requirements! New "nil" backend which enables development and testing on MacOS & Raspberry Pi 4B. Check out the blog post!
• Further improved SGX with Enclave Dynamic Memory Management (EDMM) / SGX2 platform support: munmap(), mprotect() and mremap()
• Ability to run package and hosted workfloads from Drawbridge with new enarx deploy subcommand
• Dependency on OpenSSL has been removed to make it easier to ship statically-linked binaries
• Programming language support for WASM:
  • Rust, C, C++, Go
• Experimental programming language support for WASM:
  • JavaScript, TypeScript, AssemblyScript, .NET, Python, Ruby, Grain, Zig
• User documentation is now versioned and tested automatically
• Sallyport moved into the Enarx monorepo for faster iteration
• Various bugfixes

Requirements

• Rust nightly

Installation

For installation instructions please see our page on Installing Enarx.

Known (Temporary) Issues

• Incomplete WASI support
• Custom kernel required for SGX

Highlights

• fix: don't include the shim-kvm twice by @haraldh in #1694
• feat: replace C integration tests by @haraldh in #1690
• fix(exec-wasmtime): mark registers clobbered by @haraldh in #1706
• docs: overhaul readme badges and remove cargo-readme action by @bstrie in #1720
• fix(exec-wasmtime): use ureq with tls feature by @haraldh in #1778
• fix(exec-wasmtime): handle EPERM for get_att() syscall by @haraldh in #1745
• feat(sgx): display full exception information by @jarkkojs in #1781
• fix: propagate features to bindeps by @haraldh in #1788
• docs(versioned): add versioned documentation by @platten in #1795
• feat: add nil backend by @haraldh in #1794
• feat: rename workldr to exec by @haraldh in #1802
• fix: make a lot of crates optional by @haraldh in #1804
• feat: MacOS support with the nil backend by @haraldh in #1803
• fix: use core::ffi for std::ffi::c_* by @haraldh in #1809
• fix: use core::ffi for std::ffi::c_* by @haraldh in #1811
• feat(sgx): munmap() and mprotect() by @jarkkojs in #1776
• fix(exec-wasmtime): rename x509:: to x509_cert:: by @haraldh in #1834
• feat(rust_syscall_tests): use the rcrt1::x86_64_linux_startup! macro by @haraldh in #1823
• fix: reorganize test dirs and make cargo test --workspace work by @bstrie in #1825
• feat(tests): put tests in submodule by @haraldh in #1838
• docs: update README to link to website by @bstrie in #1864
• feat: add enarx deploy subcommand by @rvolosatovs in #1826
• docs(release): update docs prior to 0.5 Release by @platten in #1844
• feat: no more backend features by @haraldh in #1847
• docs: update docs/Install.md by @haraldh in #1866

Full Changelog: v0.4.0...v0.5.0

Fort of Dhat al-Hajj

Not Production Ready

This release is a developer-only, preview release. It is not production ready. We hope that you will experiment with it to see the progress we are making.

What's Changed

• Improved TLS support
• Improved SGX with Enclave Dynamic Memory Management (EDMM) / SGX2 platform support
• Support legacy CPUs using KVM backend
• Programming language support:
  • Rust, C, C++, Go
• Experimental programming language support:
  • JavaScript, TypeScript, AssemblyScript, .NET, Ruby, Grain, Zig
• User experience improvements
  • Added sub-commands for downloading and caching VCEK for AMD SEV-SNP hardware
  • Added sub-command for registering SGX hardware with Intel's key server
• Migration to cargo's binary dependencies for sub-crates
• Various bugfixes

Breaking Changes

• For SGX 2 support, custom kernel has to be installed from here.
• SGX support deprecated. Hardware with SGX 2 support, required to use SGX backend.
• AESMD w/ PCCS daemon connection needs to be running.

Requirements

1. A supported hardware platform
2. Rust nightly
3. A custom kernel for non-KVM backends:
   • For the SGX backend:
     • Hardware with SGX 2 support required. SGX support deprecated.
     • Custom kernel has to be installed from here.
   • For the SEV-SNP backend:
     • Hardware with SEV-SNP. SEV support deprecated.
     • Custom kernel has to be installed from here.

For build instructions, see our build documentation.

Installation

For installation instructions please see our page on Installing Enarx.

Known (Temporary) Issues

• Logging is forcibly enabled and outputs to standard error
• Incomplete WASI support
• Missing support for unmap, remap and mprotect for SGX2
• Custom kernel required for SGX.

Contributors

A hearty thanks to everyone who has contributed over the last few years. This release would not be successful without you!

@MikeCamel @npmccallum @haraldh @connorkuehl @lkatalin @mbestavros @wgwoods @axelsimon @ueno @ziyi-yan @ambaxter @squidboylan @blazebissar @michiboo @matt-ross16 @jyotsna-penumaka @steveej @greyspectrum @rvolosatovs @lilienbm @CyberEpsilon @kubkon @nickvidal @uudiin @zeenix @sagiegurari @platten @greyspectrum @bstrie @jarkkojs @definitelynobody @rjzak @Deepansharora27 @mayankkumar2 @moksh-pathak

Full Changelog: v0.3.0...v0.4.0