Previously, Linux-SGX PAL had a bug of creating any files from within the enclave, even though such files were not listed as allowed or trusted files/paths. This commit fixes this bug, and also disallows opening a trusted file for write/append (because this doesn't make sense and write operations are already disallowed for trusted files).
How to test this PR?
The file_check_policy LibOS regression test is augmented to test this bug fix.
Description of the changes
Previously, Linux-SGX PAL had a bug of creating any files from within the enclave, even though such files were not listed as allowed or trusted files/paths. This commit fixes this bug, and also disallows opening a trusted file for write/append (because this doesn't make sense and write operations are already disallowed for trusted files).
How to test this PR?
The
file_check_policyLibOS regression test is augmented to test this bug fix.This change is