mirror/freebsd
1
0
Fork 0
mirror of https://git.FreeBSD.org/src.git synced 2025-01-07 13:14:51 +00:00
Code Issues Releases Activity
2164af29a0
freebsd/sys
History
Ruslan Bukin 2164af29a0 Add support for Intel Software Guard Extensions (Intel SGX). 
Intel SGX allows to manage isolated compartments "Enclaves" in user VA
space. Enclaves memory is part of processor reserved memory (PRM) and
always encrypted. This allows to protect user application code and data
from upper privilege levels including OS kernel.

This includes SGX driver and optional linux ioctl compatibility layer.
Intel SGX SDK for FreeBSD is also available.

Note this requires support from hardware (available since late Intel
Skylake CPUs).

Many thanks to Robert Watson for support and Konstantin Belousov
for code review.

Project wiki: https://wiki.freebsd.org/Intel_SGX.

Reviewed by:	kib
Relnotes:	yes
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D11113
2017-08-16 10:38:06 +00:00
..
amd64 Add support for Intel Software Guard Extensions (Intel SGX). 2017-08-16 10:38:06 +00:00
arm Add back the drivers for Dallas/Maxim ds13xx and Seiko S35390x now that 2017-08-14 00:12:14 +00:00
arm64 Add support for multiple GICv3 ITS devices. For this we add sc_irq_base 2017-08-13 18:54:51 +00:00
boot loader.efi: repace XXX with real comments in trap.c 2017-08-15 14:03:26 +00:00
bsm
cam Do not loose CCB flags after r320493. 2017-08-09 09:13:15 +00:00
cddl Fix some ZFS debugging messages 2017-08-15 15:20:04 +00:00
compat Add device resource management fields to struct device. 2017-08-16 06:33:48 +00:00
conf Remove the old ds1374 driver and use the ds13rtc driver instead. Adjust 2017-08-13 22:07:42 +00:00
contrib Fix matchcing of NATed ICMP queries (resolving NATed MTU discovery). 2017-08-05 00:28:42 +00:00
crypto
ddb
dev cxgbe/t4_tom: Use correct name for the ISS-valid bit in options2. 2017-08-15 19:21:27 +00:00
fs Bump the maximum file name length in pseudofs filesystems to 48. 2017-08-03 21:35:53 +00:00
gdb
geom When read requests are sent from a filesystem running above g_journal, 2017-08-13 18:09:22 +00:00
gnu
i386 Split identify_cpu() into two functions for amd64 as we do for i386. This 2017-08-09 18:09:09 +00:00
isa Stop calling atrtc_set() from the xen timer clock_settime() method. That 2017-08-11 19:02:11 +00:00
kern Fix a couple of comment typos 2017-08-15 02:21:02 +00:00
kgssapi
libkern x86/crc32_sse42.c: quiet unused function warning 2017-08-11 17:05:31 +00:00
mips Plug memory leak in arge_encap(). 2017-08-15 06:01:36 +00:00
modules Add support for Intel Software Guard Extensions (Intel SGX). 2017-08-16 10:38:06 +00:00
net Rework vlan(4) locking. 2017-08-15 17:52:37 +00:00
net80211
netgraph
netinet Fix comment typo. 2017-08-09 10:46:34 +00:00
netinet6
netipsec Make user supplied data checks a bit stricter. 2017-08-09 19:58:38 +00:00
netpfil pf_get_sport(): Prevent possible endless loop when searching for an unused nat port 2017-08-08 21:09:26 +00:00
netsmb
nfs
nfsclient
nfsserver
nlm
ofed Change reject message type when destroying cm_id in ibore. 2017-08-03 09:31:10 +00:00
opencrypto
powerpc
riscv Support for v1.10 (latest) of RISC-V privilege specification. 2017-08-10 14:18:09 +00:00
rpc
security
sparc64 Modify vm_page_grab_pages() to handle VM_ALLOC_NOWAIT. 2017-08-11 16:29:22 +00:00
sys Add config_intrhook_oneshot(): schedule an intrhook function and unregister 2017-08-13 18:10:24 +00:00
teken
tests
tools
ufs Since the switch to GPT disk labels, fsck for UFS/FFS has been 2017-08-09 05:17:21 +00:00
vm Add OBJ_PG_DTOR flag to VM object. 2017-08-16 08:49:11 +00:00
x86 srat: use pmap_unmapbios 2017-08-13 14:50:38 +00:00
xdr
xen
Makefile