Michał Kowalczyk
Michał Kowalczyk
## Description of the problem Our old filesystem implementation requires complete rewrite. * The code is ugly and unmaintainable, especially everything around `dentry` structures. * There are tons of bugs...
## Description of the changes LibOS can't implement such a combination of flags because PAL doesn't support shared mappings. I'm not sure about the non-anonymous shared case, as it currently...
```C #define _GNU_SOURCE #include #include int main(int argc, char** argv) { char* addr = (char*)((size_t)&main & ~0xffful); printf("%p\n", addr); addr += 0x3000; void* ptr = mmap(addr, 0x1000, PROT_READ | PROT_WRITE,...
Currently file/device types which doesn't support PAL_OPTION_NONBLOCK just ignore this param instead of returning an error. Example: https://github.com/oscarlab/graphene/blob/b3ea149df9dea2b963fe0b3390d66ec876565d1f/Pal/src/host/Linux/db_devices.c#L120-L140
Some chown-related tests were using undocumented flags, e.g. here: https://github.com/linux-test-project/ltp/blob/bcf373385e8c06e80b73fb3bbf2cc57ba341ac10/testcases/kernel/syscalls/fchown/fchown02.c#L42-L45 https://github.com/linux-test-project/ltp/blob/bcf373385e8c06e80b73fb3bbf2cc57ba341ac10/testcases/kernel/syscalls/fchown/fchown02.c#L143-L146 `man` says that `mode` argument supports only standard mode flags. On Linux, those LTP tests seem to work by...
## Description of the changes Found a few survivors left after the recent renamings. - - - This change is [](https://reviewable.io/reviews/gramineproject/gramine/831)
## Description of the problem We currently have `loader.argv_src_file` for reading hardcoded args from a file, but would be nice to have a way to specify them directly in the...
## Ideas for security mitigations and "bug prevention" ### Mitigations/sanitizations - [x] We need better sanitization of OCALL arguments. Current version most likely is not dangerous, but there's a chance...
This issue lists items that need to be kept in mind as you consider using Graphene in a production deployment scenario. Issues: (checked means "already fixed on master") - [x]...