Kernel and System Libraries
The following notable features, enhancements, and changes apply to the Red Hat Compatible Kernel (RHCK) that's shipped with the current Oracle Linux 8 version.
Intel® SGX Available in RHCK
Intel® Software Guard Extensions (Intel® SGX) is an Intel® technology for protecting selected code and data from disclosure or modification.
Intel® SGX versions 1 and 2 are now available for use in Oracle Linux. Version 1 provides the Flexible Launch Control mechanism that enables SGX technology on platforms. Version 2 provides the Enclave Dynamic Memory Management (EDMM) functionality.
Notable functionality includes:
-
Update of EPCM permissions on regular enclave pages that belong to an initialized enclave.
-
Dynamically add regular enclave pages to an initialized enclave.
- Expand an initialized enclave to accommodate more threads.
-
Remove regular pages and TCS pages from an initialized enclave.