Edgeless RT is an SDK and a runtime for Intel SGX. It combines top-notch Go support with simplicity, robustness and a small TCB. Developing confidential microservices has never been easier! C++17 and Rust (experimental) are also supported.
glibc >= 2.34 has a new implementation of pthread_cancel. It now always uses the fs register. (Previously, it did so only in situations not affecting us.) OE swaps fs when entering the enclave in simulation mode. If a thread is then canceled, it causes a segfault.
To fix this, only call pthread_cancel when the target thread is in an ocall. Let the target thread check for a cancelation request while it was inside the enclave.
Changes (I suggest looking at corresponding commits separately)
Properly fix a deadlock in cancel_all_threads. The previous fix left a small window where a deadlock can still happen. More importantly, it prevented creating threads in a new enclave if a previous enclave had been terminated.
Improve the test to catch the bugs.
Fix the bug by adding set_cancelable to EnclaveThreadManager.
glibc >= 2.34 has a new implementation of
pthread_cancel. It now always uses thefsregister. (Previously, it did so only in situations not affecting us.) OE swapsfswhen entering the enclave in simulation mode. If a thread is then canceled, it causes a segfault.To fix this, only call
pthread_cancelwhen the target thread is in an ocall. Let the target thread check for a cancelation request while it was inside the enclave.Changes (I suggest looking at corresponding commits separately)
cancel_all_threads. The previous fix left a small window where a deadlock can still happen. More importantly, it prevented creating threads in a new enclave if a previous enclave had been terminated.set_cancelabletoEnclaveThreadManager.