Rust SGX SDK v0.9.7
Rust SGX SDK v0.9.7 Release Notes
Provide sgx_tstd::untrusted
namespace v0.9.7 provides sgx_tstd::untrusted::{fs,path,time}
which related to ocall functions. They are always enabled no matter untrusted_fs
or untrusted_time
feature is enabled or not. The major concern of providing such a namespace is that we want the developer to know they are invoking ocall related functions which brings untrusted data into the trusted execution engine. For the best security practice, explicitly importing from sgx_tstd::untrusted
is better than enabling feature in Cargo.toml
. We stress that untrusted_fs
and untrusted_time
features are designed to be contingency plans and should only be enabled when porting an very complex Rust crate to Rust-SGX enclaves.
Rename feature untrusted_net
to net
net
is well-known as untrusted and we think net
is a better choice and similar to current features: backtrace
and stdio
.