A minimal, resource efficient unikernel for cloud services
INCLUDEOS_PREFIX
in env variableshioa-cs
to includeos
organizationkernel::
namespace.install.sh
is gone as it does no longer work with the Conan workflowFixes a security issue where the stack protector is not properly initialized. Stack protector is now initialized using a proper rng at boot time and this patch improves how our rng is seeded, now requiring rdrand
or rdseed
instructions as entropy sources to be present at boot by default, unless this requirement is explicitly disabled.
Huge thanks to Spencer Michaels and Jeff Dileo of NCC Group who first reported this issue and to Jeff who helped us come up with this patch set.
We’ve experienced issues with running out of memory due to lack of a way to limit speed/memory consumption in TCP. This happened when using our load balancer on links with different speed. This release mainly consists of fixes to this issue (and other issues found along the way).
std::memory_resource
to be used with the C++17 concept polymorphic_allocator
Pmr_pool
and Pmr_resource
keep track and limits the amount of bytes an allocator can allocate.using buffer = std::pmr::vector<uint8_t>
Pmr_pool
), and each TCP connection now gets assigned its own resource (Pmr_resource
)
set_total_bufsize(const size_t size)
(default is set to 64MB)on_data()
callback to TCP connection with support functions read_next()
and next_size()
read_next()
on connection to retrieve)net::Stream
interfaceon_data()
callback instead of on_readRead more about our Linux compatibility here.
net::Socket
is now using union address net::Addr
which contains either a IPv4 or IPv6 address - many calls has now been replaced with net::Addrbuffer_limit
and send_queue_limit
IncludeOS v0.12.0-rc.2 with new bundles
Extra special thanks to @RicoAntonioFelix for innumerable improvements, and to @dfct for help with TCP cleanup.
All dependencies should now be built without redzone
cxxabi is now being built out of the LLVM source tree, invalidating previous bundles. This IncludeOS dependency release adds a new dependency bundle, improved scripts for building the bundle and newlib updated to the latest version.
Update: We've added another bundle which contains 64bit builds of all deps as well, for upcoming x86_64 support.
Extra special thanks to @andreashappe for getting us started!
All IncludeOS subprojects moved into main IncludeOS repo, including: