The current implementation of remote attestation does not take into
account the integrity of the wasm module. The SHA256 of the wasm
module has been put into user_data to generate the quote, and more
parameters are exposed for further verification.
Fix build error in sample ref-types and wasm-c-api caused by the
version of wat2wasm: refine makefile to auto detect the wat2wasm
version and add the compile flag accordingly.
A limitation of the current implementation of SGX IPFS in WAMR is that
it prevents to open files which are not in the current directory.
This restriction is lifted and can now open files in paths, similarly to the
WASI openat call, which takes into account the sandbox of the file system.
Improve the documentation for setting up SGX-RA using WAMR, based on
the feedback in #1670.
This notably highlights the dependency on Intel PCS and PCCS and how to
install/configure them.
Allow to have multiple stores in an engine and multiple instances
in a store. Letting a wasm_function_t pass its wasm_store_t to make
it more efficient.
Real world native libs likely need to access the wasm_runtime_xxx API.
This example demonstrates it.
Build vmlib as a shared lib to make it straightforward to share a
single runtime instance between iwasm and native libs.
Add CIs to enable the release process of a new version of WAMR,
and build and publish the binary files when a version is released,
including iwasm, wamrc, lldb, vscode-extension and wamr-ide for
Ubuntu-20.04, Ubuntu-22.04 and MacOS.
And refine the CIs to test spec cases.
Refactor the layout of interpreter and AOT module instance:
- Unify the interp/AOT module instance, use the same WASMModuleInstance/
WASMMemoryInstance/WASMTableInstance data structures for both interpreter
and AOT
- Make the offset of most fields the same in module instance for both interpreter
and AOT, append memory instance structure, global data and table instances to
the end of module instance for interpreter mode (like AOT mode)
- For extra fields in WASM module instance, use WASMModuleInstanceExtra to
create a field `e` for interpreter
- Change the LLVM JIT module instance creating process, LLVM JIT uses the WASM
module and module instance same as interpreter/Fast-JIT mode. So that Fast JIT
and LLVM JIT can access the same data structures, and make it possible to
implement the Multi-tier JIT (tier-up from Fast JIT to LLVM JIT) in the future
- Unify some APIs: merge some APIs for module instance and memory instance's
related operations (only implement one copy)
Note that the AOT ABI is same, the AOT file format, AOT relocation types, how AOT
code accesses the AOT module instance and so on are kept unchanged.
Refer to:
https://github.com/bytecodealliance/wasm-micro-runtime/issues/1384
Add a couple of socket examples that can be used with WAMR:
- The `timeout_client` and `timeout_server` examples demonstrate socket
send and receive timeouts using the socket options
- The `multicast_client` and `multicast_server` examples demonstrate receiving
multicast packets in WASM
And add several macro controls for `socket_opts` example.
This PR integrates an Intel SGX feature called Intel Protection File System Library (IPFS)
into the runtime to create, operate and delete files inside the enclave, while guaranteeing
the confidentiality and integrity of the data persisted. IPFS can be referred to here:
https://www.intel.com/content/www/us/en/developer/articles/technical/overview-of-intel-protected-file-system-library-using-software-guard-extensions.html
Introduce a cmake variable `WAMR_BUILD_SGX_IPFS`, when enabled, the files interaction
API of WASI will leverage IPFS, instead of the regular POSIX OCALLs. The implementation
has been written with light changes to sgx platform layer, so all the security aspects
WAMR relies on are conserved.
In addition to this integration, the following changes have been made:
- The CI workflow has been adapted to test the compilation of the runtime and sample
with the flag `WAMR_BUILD_SGX_IPFS` set to true
- Introduction of a new sample that demonstrates the interaction of the files (called `file`),
- Documentation of this new feature
Implement more socket APIs, refer to #1336 and below PRs:
- Implement wasi_addr_resolve function (#1319)
- Fix socket-api byte order issue when host/network order are the same (#1327)
- Enhance sock_addr_local syscall (#1320)
- Implement sock_addr_remote syscall (#1360)
- Add support for IPv6 in WAMR (#1411)
- Implement ns lookup allowlist (#1420)
- Implement sock_send_to and sock_recv_from system calls (#1457)
- Added http downloader and multicast socket options (#1467)
- Fix `bind()` calls to receive the correct size of `sockaddr` structure (#1490)
- Assert on correct parameters (#1505)
- Copy only received bytes from socket recv buffer into the app buffer (#1497)
Co-authored-by: Marcin Kolny <mkolny@amazon.com>
Co-authored-by: Marcin Kolny <marcin.kolny@gmail.com>
Co-authored-by: Callum Macmillan <callumimacmillan@gmail.com>
Fix multi-module issue:
don't call the sub module's function with "$sub_module_name$func_name"
Fix the aot_call_function free argv1 issue
Modify some API comments in wasm_export.h
Fix the wamrc help info
Upgrade `cmake_minimum_required` from `(VERSION 2.8)` to `(VERSION 2.9)` to
yield the warning:
"Compatibility with CMake < 2.8.12 will be removed from a future version of CMake"
Add "-Wno-unused" for CMAKE_CXX_FLAGS to yield the compilation warnings
when build LLVM JIT.
Fix the link error when code coverage is enabled.
When WAMR_BUILD_TARGET isn't set, choosing right target is decided
by checking `CMAKE_SIZEOF_VOID_P` variable. However, choosing `X86_32`
target is not doing specifically checking size of void pointer. It is kind
a fallback target for others.
This patch explicitly checks the size of void pointer before setting the target
to `X86_32` to fix the issue.
Re-implement socket api send/recv in an atomic-like way, fix the return value
check in posix.c.
And fix wasm-c-api sample callback_chain calling malloc issue.
wasm_c_api.c: add more checks, fix LOG_WARNING invalid specifier
aot_emit_aot_file: fix strncpy max size length to copy
posix.c: fix potential socket not close issue
wasm-c-api samples: add return value checks for fseek/ftell
cJSON.c: remove dead code
module_wasm_app.c: add return value check for wasm_runtime_call_wasm
aot_runtime.c: add return value check for aot_get_default_memory
aot_runtime.c: add return value check before calling wasm app malloc/free func
wasm_runtime_common.c: fix dead code warning in wasm_runtime_load_from_sections
aot_emit_memory.c: fix potential integer overflow issue
wasm_runtime.c: remove dead code in memory_instantiate, add assertion for globals
samples simple/gui/littlevgl: fix fields of struct sigaction initialization issue
host-tool: add return value check for sendto
runtime_sensor.c: add return value check for os_mutex_init
fix find_sensor_client
sensor_mgr_ref.c: add return value check for init_sensor_framework
app_manager_host.c: add return value check for app_manager_host_init
module_wasm_app.c: add bh_assert for m_data
fix mkdir potential issue
sample littlevgl/gui/simple: add return value check for init_sensor_framework
host_tool: add more check for g_conn_fd
Refer to [Networking API design](https://github.com/WebAssembly/WASI/issues/370)
and [feat(socket): berkeley socket API v2](https://github.com/WebAssembly/WASI/pull/459):
- Support the socket API of synchronous mode, including `socket/bind/listen/accept/send/recv/close/shutdown`,
the asynchronous mode isn't supported yet.
- Support adding `--addr-pool=<pool1,pool2,..>` argument for command line to identify the valid ip address range
- Add socket-api sample and update the document
The littlevgl library had changed its name and domain to [LVGL](https://lvgl.io).
See https://blog.lvgl.io/2020-06-01/announcement
We change some names and links accordingly.
Also remove the cloning for tlsf library as it isn't used now.
Currently when calling wasm_runtime_call_wasm() to invoke wasm function
with externref type argument from runtime embedder, developer needs to
use wasm_externref_obj2ref() to convert externref obj into an internal ref
index firstly, which is not convenient to developer.
To align with GC feature in which all the references passed to
wasm_runtime_call_wasm() can be object pointers directly, we change the
interface of wasm_runtime_call_wasm() to allow to pass object pointer
directly for the externref argument, and refactor the related codes, update
the related samples and the document.
