* build(deps): Bump github/codeql-action from 3.28.18 to 3.28.19 (#4346)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.18 to 3.28.19.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Commits](https://github.com/github/codeql-action/compare/v3.28.18...v3.28.19)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-version: 3.28.19
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* wasi_socket_ext.c: avoid tls to make this library-friendly (#4338)
* Enable aot memory64 sw bounds checks by default (#4350)
- enable aot memory64 sw bounds checks by default
* build(deps): Bump requests from 2.32.3 to 2.32.4 in /build-scripts (#4349)
Bumps [requests](https://github.com/psf/requests) from 2.32.3 to 2.32.4.
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](https://github.com/psf/requests/compare/v2.32.3...v2.32.4)
---
updated-dependencies:
- dependency-name: requests
dependency-version: 2.32.4
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* wasi_nn_types.h: remove a seemingly stale comment (#4348)
* add heap-type check for GC when ref.null (#4300)
- According to [Link 1](https://webassembly.github.io/gc/core/valid/instructions.html#xref-syntax-instructions-syntax-instr-ref-mathsf-ref-null-mathit-ht), we must ensure that the heap type is valid when ref.null.
- According to [Link 2](https://webassembly.github.io/gc/core/valid/types.html#heap-types), a heap type is considered valid if it is either a concrete heap type or an abstract heap type.
However, in this function, the check for abstract heap types (absheaptype) was clearly missing, so this condition needs to be added explicitly in the if statement.
- When GC is disabled, no change is needed.
- When GC is enabled, heap types in WAMR are LEB-encoded values ([Link 3](https://webassembly.github.io/gc/core/appendix/index-types.html)). Therefore, we must use read_leb_int32 to parse the heap type correctly. And we can compute the original type1 using type1 = (uint8)((int32)0x80 + heap_type);.
* wamr-wasi-extensions: add a cmake package to provide our wasi extension (#4344)
* wasi_ephemeral_nn.h: add a convenience wrapper header
* wamr-wasi-extensions: add a cmake package to provide our wasi extension
the sample app was tested with:
* wasmtime
* iwasm with https://github.com/bytecodealliance/wasm-micro-runtime/pull/4308
currently only contains wasi-nn.
maybe it makes sense to add lib-socket things as well.
cf. https://github.com/bytecodealliance/wasm-micro-runtime/issues/4288
* wasi_nn_openvino.c: remove the tensor layout adjustment logic (#4308)
the logic in question seems like an attempt to work around
some application bugs.
my wild guess is that it was for classification-example.
cf. https://github.com/bytecodealliance/wasmtime/issues/10867
* Update type validation in load_table_import() and load_table() (#4296)
Prevent from value type.
https://webassembly.github.io/spec/core/valid/types.html#table-typeshttps://webassembly.github.io/gc/core/syntax/types.html#reference-types
* Follow #4268 to deprecate wamr_ide-related components (#4341)
refer to: Bypass wamr_ide-related components from the release process. (#4268)
* clean up incompatible running mode checks in test script and ci (#4342)
Rearrange the content of do_execute_in_running_mode() in alphabetical
order.
Add an incompatible check for x86_32. Now, all belows will be bypassed:
- jit, fast-jit, multi-tier-jit
- memory64
- multi-memory
- simd
* Update WABT downloads URL (#4357)
Plus, skip unsupported running mode instead quit during wamr compiler
test
* Modify AOT static PGO to conform to llvm-18 and add a CI job to test static PGO on the coremark benchmark (#4345)
* static PGO compatible with llvm18 and add CI job to test static PGO on coremark benchmark
* update comments and warning info, bitmaps section in llvm profdata shouldn't be used in PGO
* Collective fix for typos and minor bugs (#4369)
* wasi-nn: fix backend leak on multiple loads (#4366)
cf. https://github.com/bytecodealliance/wasm-micro-runtime/issues/4340
* build(deps): Bump github/codeql-action from 3.28.19 to 3.29.0 (#4371)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.19 to 3.29.0.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Commits](https://github.com/github/codeql-action/compare/v3.28.19...v3.29.0)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-version: 3.29.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* add validation for array type in load_init_expr(GC only) (#4370)
* wasi_nn_openvino.c: remove broken xml check (#4365)
`xml.buf[xml.size]` check is broken because it accesses past
the end of the buffer.
anyway, openvino doesn't seem to care the NUL termination.
* wamr-wasi-extensions: add lib-socket things (#4360)
* improve installation steps for wasi-sdk and wabt on Windows (#4359)
* wasi_ephemeral_nn.h: prefix identfiers to avoid too generic names (#4358)
* wasi_nn_openvino.c: add a missing buffer overflow check in get_output (#4353)
cf. https://github.com/bytecodealliance/wasm-micro-runtime/issues/4351
* send an empty/error reply from server (#4362)
Signed-off-by: Su Yihan <yihan.su@intel.com>
* wasi_nn_openvino.c: remove pre/postprocessing and layout assumptions (#4361)
as wasi-nn doesn't have these concepts, the best we can do without
risking breaking certain applications here is to pass through tensors
as they are.
this matches wasmtime's behavior.
tested with:
* wasmtime classification-example
(with this change, this example fails on tensor size mismatch
instead of implicitly resizing it.)
* license-plate-recognition-barrier-0007, a converted version
with non-fp32 output. [1]
(with this change, this model outputs integers as expected.)
[1] cd7ebe313b/models/public/license-plate-recognition-barrier-0007
* add nn-cli example (#4373)
an example application with flexible cli options which
aims to allow us to perform any wasi-nn operations.
eg.
```
--load-graph=file=fixture/model.xml,file=fixture/model.bin,id=graph
--init-execution-context=graph-id=graph,id=ctx
--set-input=file=fixture/tensor.bgr,context-id=ctx,dim=1,dim=3,dim=224,dim=224
--compute=context-id=ctx
--get-output=context-id=ctx,file=output.bin
```
* wasi-nn: apply the shared library hack to darwin as well (#4374)
copied from the linux version.
i'm a bit skeptical with this workaround though.
it might be simpler to prohibit the use of wamr api in these
shared libraries. after all, what these libraries do is nothing
specific to wasm.
* wasi-nn: don't try to deinit uninitialized backend (#4375)
cf. https://github.com/bytecodealliance/wasm-micro-runtime/issues/4339
* core/iwasm/libraries/wasi-nn/test/build.sh: add a tip for intel mac (#4389)
i keep forgetting this and had to re-investigate it at least twice.
hopefully this can be helpful for others too.
* wasi_nn_tensorflowlite.cpp: reject non-fp32 input earlier (#4388)
this backend assumes fp32 here and there.
it's safer to reject unexpected inputs explicitly.
* Fix several issues related to night-run CI and test scripts. (#4385)
- remove duplicated options
- fix test script
- change ci to use binary
* core/iwasm/libraries/wasi-nn/test: use the correct version of keras (#4383)
* wasi-nn: fix tensor_data abi for wasi_ephemeral_nn (#4379)
it's "(list u8)" in the witx definition.
the new definition matches both of our own host definition
(struct tensor_wasm) and wasmtime.
cf. https://github.com/bytecodealliance/wasm-micro-runtime/issues/4352
* enable WAMR_BUILD_WASI_EPHEMERAL_NN by default (#4381)
cf. https://github.com/bytecodealliance/wasm-micro-runtime/issues/4326
* deprecate legacy WAMR-specific "wasi_nn" module (#4382)
wasi_nn.h: deprecate legacy "wasi_nn"
cf. https://github.com/bytecodealliance/wasm-micro-runtime/issues/4326
* wasi-nn: add minimum serialization on WASINNContext (#4387)
currently this is not necessary because context (WASINNContext) is
local to instance. (wasm_module_instance_t)
i plan to make a context shared among instances in a cluster when
fixing https://github.com/bytecodealliance/wasm-micro-runtime/issues/4313.
this is a preparation for that direction.
an obvious alternative is to tweak the module instance context APIs
to allow declaring some kind of contexts instance-local. but i feel,
in this particular case, it's more natural to make "wasi-nn handles"
shared among threads within a "process".
note that, spec-wise, how wasi-nn behaves wrt threads is not defined
at all because wasi officially doesn't have threads yet. i suppose, at
this point, that how wasi-nn interacts with wasi-threads is something
we need to define by ourselves, especially when we are using an outdated
wasi-nn version.
with this change, if a thread attempts to access a context while
another thread is using it, we simply make the operation fail with
the "busy" error. this is intended for the mimimum serialization to
avoid problems like crashes/leaks/etc. this is not intended to allow
parallelism or such.
no functional changes are intended at this point yet.
cf.
https://github.com/bytecodealliance/wasm-micro-runtime/issues/4313https://github.com/bytecodealliance/wasm-micro-runtime/issues/2430
* Improve spec test execution by adding retry logic for transient errors (#4393)
* wasi_nn_openvino.c: implement multiple models per instance (#4380)
tested with two models:
```
--load-graph=id=graph1,file=public/license-plate-recognition-barrier-0007/FP32/license-plate-recognition-barrier-0007.xml,file=public/license-plate-recognition-barrier-0007/FP32/license-plate-recognition-barrier-0007.bin \
--load-graph=id=graph2,file=classify/model.xml,file=classify/model.bin \
--init-execution-context=id=exec1,graph-id=graph1 \
--init-execution-context=id=exec2,graph-id=graph2 \
--set-input=context-id=exec1,dim=1,dim=24,dim=94,dim=3,file=out.bin \
--set-input=context-id=exec2,file=classify/banana-3x224x224-bgr.bin,dim=1,dim=3,dim=224,dim=224 \
--compute=context-id=exec1 \
--compute=context-id=exec2 \
--get-output=context-id=exec1,file=exec1-result.bin \
--get-output=context-id=exec2,file=exec2-result.bin
```
a detailed HOWTO: https://github.com/bytecodealliance/wasm-micro-runtime/pull/4380#issuecomment-2986882718
* wamr-wasi-extensions/socket: disable reference-types (#4392)
and add a comment to explain why.
* CI: fix the description of upload_url (#4407)
* wasi-nn: fix context lifetime issues (#4396)
* wasi-nn: fix context lifetime issues
use the module instance context api instead of trying to roll
our own with a hashmap. this fixes context lifetime problems mentioned in
https://github.com/bytecodealliance/wasm-micro-runtime/issues/4313.
namely,
* wasi-nn resources will be freed earlier now. before this change,
they used to be kept until the runtime shutdown. (wasm_runtime_destroy)
after this change, they will be freed together with the associated
instances.
* wasm_module_inst_t pointer uniqueness assumption (which is wrong
after wasm_runtime_deinstantiate) was lifted.
as a side effect, this change also makes a context shared among threads
within a cluster. note that this is a user-visible api/abi breaking change.
before this change, wasi-nn "handles" like wasi_ephemeral_nn_graph were
thread-local. after this change, they are shared among threads within
a cluster, similarly to wasi file descriptors. spec-wise, either behavior
should be ok simply because wasi officially doesn't have threads yet.
althogh i feel the latter semantics is more intuitive, if your application
depends on the thread-local behavior, this change breaks your application.
tested with wamr-wasi-extensions/samples/nn-cli, modified to
call each wasi-nn operations on different threads. (if you are
interested, you can find the modification at
https://github.com/yamt/wasm-micro-runtime/tree/yamt-nn-wip-20250619.)
cf.
https://github.com/bytecodealliance/wasm-micro-runtime/issues/4313https://github.com/bytecodealliance/wasm-micro-runtime/issues/2430
* runtime_lib.cmake: enable WAMR_BUILD_MODULE_INST_CONTEXT for wasi-nn
as we do for wasi (WAMR_BUILD_LIBC_WASI)
* wasi_nn_tensorflowlite.cpp: fix get_output return size (#4390)
it should be byte size, not the number of (fp32) values.
i'm ambivalent about how to deal with the compatibility for
the legacy wamr-specific "wasi_nn". for now, i avoided changing it.
(so that existing tests using the legacy abi, namely test_tensorflow.c
and test_tensorflow_quantized.c, passes as they are.)
if we have any users who still want to use the legacy abi,
i suppose they consider the compatibility is more important
than the consistency with other backends.
cf. https://github.com/bytecodealliance/wasm-micro-runtime/issues/4376
* Refactor copy callstack feature (#4401)
- Change `WAMR_ENABLE_COPY_CALLSTACK` to `WAMR_BUILD_COPY_CALL_STACK`, as
`WAMR_BUILD` is the prefix for a command line option.
- Change `WAMR_ENABLE_COPY_CALLSTACK` to `WASM_ENABLE_COPY_CALL_STACK`, as
`WASM_ENABLE` is the prefix for a macro in the source code.
- Change `CALLSTACK` to `CALL_STACK` to align with the existing
`DUMP_CALL_STACK` feature.
- Continue using `WASMCApiFrame` instead of `wasm_frame_t` outside of
*wasm_c_api.xxx* to avoid a typedef redefinition warning, which is
identified by Clang.
* loader: add type index checking (#4402)
* Fix handling of non-nullable global_type during global import (#4408)
* wasi_nn_llamacpp.c: make this compilable (#4403)
* fix bug in bh_vector when extending (#4414)
* Collective fix (#4413)
* Fix vector growth check and typos in core (#9)
* Fix resource cleanup in memory and running modes tests (#10)
* Add end of file empty line in wasm_running_modes_test.cc
* wasi-nn: make the host use the wasi_ephemeral_nn version of tensor_data (#4411)
the motivations:
* make the actual input size available to the backends.
(currently the backends have to make a guess from shape/type.)
* make the host logic look a bit similar to wasi_ephemeral_nn.
this is a backend api/abi change.
* wasi_nn_llamacpp.c: fix buffer overruns in set_input (#4420)
note: for some reasons, wasmedge seems to ignore type/dimensions
for the input of ggml. some user code relies on it.
cf. https://github.com/second-state/WasmEdge-WASINN-examples/issues/196
note: despite the comment in our code, the input doesn't seem
nul-terminated.
* wasi_nn_llamacpp.c: remove an unused variable (#4415)
* Fix few shadow warnings (#4409)
- declaration of ‘memidx’ shadows a previous local
- declaration of ‘count’ shadows a previous local
* CI: build wamr-wasi-extensions (#4394)
* wamr-wasi-extensions: separate test scripts
also, allow to specify the prefix directory.
for the convenience of the CI.
* CI: build wamr-wasi-extensions
fragments are copied from compilation_on_macos.yml.
(thus intel copyright notice)
* wasi_nn_openvino.c: fix a debug build (#4416)
after "wasi_nn_openvino.c: implement multiple models per instance" change.
(https://github.com/bytecodealliance/wasm-micro-runtime/pull/4380)
* loader: fix a potential overflow issue (#4427)
* CI: revert SGX retry attempts (#4421)
* Revert "Improve spec test execution by adding retry logic for transient errors (#4393)"
This reverts commit 64cafaff1e.
* Revert "Add error handling for sgx ci (#4222)"
This reverts commit 8ad47897d1.
* implement extended const expr (#4318)
* add a toggle to enable extended const on wamrc (#4412)
---------
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Su Yihan <yihan.su@intel.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: YAMAMOTO Takashi <yamamoto@midokura.com>
Co-authored-by: TianlongLiang <111852609+TianlongLiang@users.noreply.github.com>
Co-authored-by: Liu Jia <jia3.liu@intel.com>
Co-authored-by: liang.he <liang.he@intel.com>
Co-authored-by: Su Yihan <yihan.su@intel.com>
Raise wasi-sdk to 25 and wabt to 1.0.37. It includes
- Refactor CI workflow to install WASI-SDK and WABT from a composite action
- Use ExternalProject to bring wasm-apps for few samples. file/ wasi-threads/
- Refactor sample build and test steps in SGX compilation workflow for improved clarity and efficiency (workaround)
Add CMake support for EMSCRIPTEN and WAMRC, update module paths
3.14 is used and tested by linux mini-product
to fix
```
CMake Error at CMakeLists.txt:4 (cmake_minimum_required):
Compatibility with CMake < 3.5 has been removed from CMake.
Update the VERSION argument <min> value. Or, use the <min>...<max> syntax
to tell CMake that the project requires at least <min> but has been updated
to work with policies introduced by <max> or earlier.
Or, add -DCMAKE_POLICY_VERSION_MINIMUM=3.5 to try configuring anyway.
```
Implement the GC (Garbage Collection) feature for interpreter mode,
AOT mode and LLVM-JIT mode, and support most features of the latest
spec proposal, and also enable the stringref feature.
Use `cmake -DWAMR_BUILD_GC=1/0` to enable/disable the feature,
and `wamrc --enable-gc` to generate the AOT file with GC supported.
And update the AOT file version from 2 to 3 since there are many AOT
ABI breaks, including the changes of AOT file format, the changes of
AOT module/memory instance layouts, the AOT runtime APIs for the
AOT code to invoke and so on.
With this approach we can omit using memset() for the newly allocated memory
therefore the physical pages are not being used unless touched by the program.
This also simplifies the implementation.
Compilation error was reported when `cmake -DWAMR_BUILD_LIBC_WASI=0`
on linux-sgx platform:
```
core/shared/platform/linux-sgx/sgx_socket.c:8:10:
fatal error: libc_errno.h: No such file or directory
8 | #include "libc_errno.h"
| ^~~~~~~~~~~~~~
```
After fixing, both `cmake -DWAMR_BUILD_LIBC_WASI=1` and
`WAMR_BUILD_LIBC_WASI=0` work good.
Add an extra argument `os_file_handle file` for `os_mmap` to support
mapping file from a file fd, and remove `os_get_invalid_handle` from
`posix_file.c` and `win_file.c`, instead, add it in the `platform_internal.h`
files to remove the dependency on libc-wasi.
Signed-off-by: Huang Qi <huangqi3@xiaomi.com>
Support collecting code coverage with wamr-test-suites script by using
lcov and genhtml tools, eg.:
cd tests/wamr-test-suites
./test_wamr.sh -s spec -b -P -C
The default code coverage and html files are generated at:
tests/wamr-test-suites/workspace/wamr.lcov
tests/wamr-test-suites/workspace/wamr-lcov.zip
And update wamr-test-suites scripts to support testing GC spec cases to
avoid frequent synchronization conflicts between branch main and dev/gc.
Current SGX lib-rats wasm module hash is stored in a global buffer,
which may be overwritten if there are multiple wasm module loadings.
We move the module hash into the enclave module to resolve the issue.
And rename the SGX_IPFS macro/variable in Makefile and Enclave.edl to
make the code more consistent.
And refine the sgx-ra sample document.
Enlarge the default wasm operand stack size to 64KB since the original default
size 16KB is a little small, and the operand stack overflow exception is often
thrown when running wasm apps.
The current implementation of remote attestation does not take into
account the integrity of the wasm module. The SHA256 of the wasm
module has been put into user_data to generate the quote, and more
parameters are exposed for further verification.
Use the cmake variable `WAMR_BUILD_GLOBAL_HEAP_POOL` and
`WAMR_BUILD_GLOBAL_HEAP_SIZE` to enable/disable the global heap pool
and set its size. And set the default global heap size in core/config.h and
the cmake files.
As a result, the developers who build iwasm can easily enable/disable the
global heap pool and change its size regardless of the iwasm implementation,
without manually finding and patching the right location for that value.
This PR integrates an Intel SGX feature called Intel Protection File System Library (IPFS)
into the runtime to create, operate and delete files inside the enclave, while guaranteeing
the confidentiality and integrity of the data persisted. IPFS can be referred to here:
https://www.intel.com/content/www/us/en/developer/articles/technical/overview-of-intel-protected-file-system-library-using-software-guard-extensions.html
Introduce a cmake variable `WAMR_BUILD_SGX_IPFS`, when enabled, the files interaction
API of WASI will leverage IPFS, instead of the regular POSIX OCALLs. The implementation
has been written with light changes to sgx platform layer, so all the security aspects
WAMR relies on are conserved.
In addition to this integration, the following changes have been made:
- The CI workflow has been adapted to test the compilation of the runtime and sample
with the flag `WAMR_BUILD_SGX_IPFS` set to true
- Introduction of a new sample that demonstrates the interaction of the files (called `file`),
- Documentation of this new feature
Use the semantic versioning (https://semver.org) to replace the current date
versioning system, which is more general and is requested by some developers,
e.g. issue #1357.
There are three parts in the new version string:
- major. Any incompatible modification on ABIs and APIs will lead to an increment
in the value of major, which mainly includes: AOT calling conventions, AOT file
format, wasm_export.h, wasm_c_api.h, and so on.
- minor. It represents new features, including MVP/POST-MVP features, libraries,
WAMR private ones, and so one.
- patch. It represents patches.
The new version will start from 1.0.0. Update the help info and version showing for
iwasm and wamrc.
Upgrade `cmake_minimum_required` from `(VERSION 2.8)` to `(VERSION 2.9)` to
yield the warning:
"Compatibility with CMake < 2.8.12 will be removed from a future version of CMake"
Add "-Wno-unused" for CMAKE_CXX_FLAGS to yield the compilation warnings
when build LLVM JIT.
Fix the link error when code coverage is enabled.
Let iwasm return non-zero value when running failed
so that the caller (e.g. test framework) can check the
running status according to the return value.
Import WAMR Fast JIT which is a lightweight JIT with quick startup, small footprint,
relatively good performance (~40% to ~50% of LLVM JIT) and good portability.
Platforms supported: Linux, MacOS and Linux SGX.
Arch supported: x86-64.
When WAMR_BUILD_TARGET isn't set, choosing right target is decided
by checking `CMAKE_SIZEOF_VOID_P` variable. However, choosing `X86_32`
target is not doing specifically checking size of void pointer. It is kind
a fallback target for others.
This patch explicitly checks the size of void pointer before setting the target
to `X86_32` to fix the issue.
Implement Berkeley Socket API for Intel SGX
- bring Berkeley socket API in Intel SGX enclaves,
- adapt the documentation of the socket API to mention Intel SGX enclaves,
- adapt _iwasm_ in the mini-product _linux-sgx_ to support the same option as the one for _linux_,
- tested on the socket sample as provided by WAMR (the TCP client/server).
Refine is_xip_file check, when e_type isn't E_TYPE_XIP, just return false
and no need to go through all the other sections of the AOT file.
Refine pointer range check, convert pointer to uintptr_t type before
comparison to yield possible sanitizer pointer overflow error.
Auto detect whether file is XIP file before loading module in posix like and
linux-sgx platforms, and if yes, mmap executable memory automatically to
run the XIP file.
Add document about XIP feature.
Enable test spec cases with XIP feature.
fix the warnings as below:
App/App.cpp: In function ‘int wamr_pal_init(const wamr_pal_attr*)’:
App/App.cpp:759:1: warning: control reaches end of non-void function [-Wreturn-type]
759 | }
| ^
In file included from /usr/include/string.h:495,
from App/App.cpp:9:
In function ‘char* strncpy(char*, const char*, size_t)’,
inlined from ‘int enclave_init(sgx_enclave_id_t*)’ at App/App.cpp:104:16:
/usr/include/x86_64-linux-gnu/bits/string_fortified.h:106:34: warning: ‘char* __builtin___strncpy_chk(char*, const char*, long unsigned int, long unsigned int)’ specified bound depends on the length of the source argument [-Wstringop-overflow=]
106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
| ~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
App/App.cpp: In function ‘int enclave_init(sgx_enclave_id_t*)’:
App/App.cpp:102:16: note: length computed here
102 | (strlen(home_dir) + strlen("/") + sizeof(TOKEN_FILENAME) + 1) <= MAX_PATH) {
| ~~~~~~^~~~~~~~~~
Signed-off-by: LiFeng <lifeng68@huawei.com>
The global doc/linux_sgx.md needs to explicitly describe the methods to
build a debug enclave and hardware running mode. Because using debug key
to signing enclave image rather than production key is still not trivial
in reality.
For the adaption of Inclavare Containers part, add a prolog and give
more details in order to enhance the readability.
Signed-off-by: Jia Zhang <zhang.jia@linux.alibaba.com>
This commit mainly simplifies the description about building a
debug and hw mode enclave.
Signed-off-by: Jia Zhang <zhang.jia@linux.alibaba.com>
Co-authored-by: root <root@rs1g04412.et2sqa>
* Implement the PAL interface for rune
Work in progress
Signed-off-by: Le Yao <le.yao@intel.com>
* Support PAL for one runtime with multi-instances
Load runtime into enclave and run multi-instances
Signed-off-by: Le Yao <le.yao@intel.com>
