This release is a developer-only, preview release. It is not production ready. We hope that you will experiment with it to see the progress we are making.

What's Changed

• Switch to Sallyport 0.3, Enarx’s API for the hypervisor-microkernel boundary features include:
  • Performance: architecture will now support batching of calls in upcoming releases
  • Security:
    • Validates syscalls during a keep exit
    • Only permits implemented syscalls
    • Guest no longer has knowledge about the host's address space
• Transparent network TLS support: a self-signed cert is generated during runtime along with the root of trust
• Attestation & validation support
• User experience improvements
• Improved SGX support

Breaking Changes

• Enarx.toml:
  • addr field no longer supported
  • prot field added. Valid values are: tcp or tls

Requirements

1. A supported hardware platform
2. Rust nightly

For build instructions, see our build documentation.

Installation

For installation instructions please see our page on Installing Enarx.

Known (Temporary) Issues

• Logging is forcibly enabled and outputs to standard error
• Incomplete WASI support

Contributors

A hearty thanks to everyone who has contributed over the last few years. This release would not be successful without you!

@MikeCamel @npmccallum @haraldh @connorkuehl @lkatalin @mbestavros @wgwoods @axelsimon @ueno @ziyi-yan @ambaxter @squidboylan @blazebissar @michiboo @matt-ross16 @jyotsna-penumaka @steveeJ @greyspectrum @rvolosatovs @lilienbm @CyberEpsilon @kubkon @nickvidal @uudiin @zeenix @sagiegurari @platten @greyspectrum @bstrie @jarkkojs @definitelynobody @Deepansharora27 @mayankkumar2 @moksh-pathak

A special thanks to Tony Arcieri from the RustCrypto project for reviewing and merging the dozens of patches we put into their crates in order to make this release happen.

Full Changelog: https://github.com/enarx/enarx/compare/v0.2.1...v0.3.0