See an online copy of the release notes at:
<https://docs.sel4.systems/sel4_release/seL4_9.0.0>
<https://docs.sel4.systems/camkes_release/CAmkES_3.3.0>
# seL4 Version 9.0.0 Release
Announcing the release of `seL4 9.0.0` with the following changes:
9.0.0 2018-04-11: BREAKING
# Changes
* Debugging option on x86 for syscall interface to read/write MSRs (this is an, equally
dangerous, alternative to
dangerous code injection)
* Mitigation for Meltdown (
https://meltdownattack.com) on x86-64 implemented. Mitigation
is via a form of kernel
page table isolation through the use of a Static Kernel Image with Microstate (SKIM)
window that is used for
trapping to and from the kernel address space. This can be enabled/disabled through the
build configuration
depending on whether you are running on vulnerable hardware or not.
* Mitigation for Spectre (
https://spectreattack.com) on x86 against the kernel
implemented. Default is software
mitigation and is the best performing so users need to do nothing. This does *not*
prevent user processes from
exploiting each other.
* x86 configuration option for performing branch prediction barrier on context switch to
prevent Spectre style
attacks between user processes using the indirect branch predictor
* x86 configuration option for flushing the RSB on context switch to prevent Spectre
style attacks between user
processes using the RSB
* Define extended bootinfo header for the x86 TSC frequency
* x86 TSC frequency exported in extended bootinfo header
* `archInfo` is no longer a member of the bootinfo struct. Its only use was for TSC
frequency on x86, which
can now be retrieved through the extended bootinfo
* Invocations to set thread priority and maximum control priority (MCP) have changed.
- For both invocations, users must now provide a TCB capability `auth`
- The requested MCP/priority is checked against the MCP of the `auth` capability.
- Previous behavior checked against the invoked TCB, which could be subject to the
confused deputy
problem.
* `seL4_TCB_Configure` no longer takes prio, mcp as an argument. Instead these fields
must be set separately
with `seL4_TCB_SetPriority` and `seL4_TCB_SetMCPriority`.
* `seL4_TCB_SetPriority` and `seL4_TCB_SetMCPriority` now take `seL4_Word` instead of
`seL4_Uint8`.
- `seL4_MaxPrio` remains at 255.
* `seL4_TCB_SetSchedParams` is a new method where MCP and priority can be set in the same
sytsem call.
* Size of the TCB object is increased for some build configurations
# Upgrade notes
* `seL4_TCB_Configure` calls that set priority should be changed to explicitly call
`seL4_TCB_SetSchedParams`
or `SetPriority`
* `seL4_TCB_Configure` calls that set MCP should be changed to explicitly call
`seL4_TCB_SetSchedParams`
or `seL4_TCB_SetMCPriority`
---
# Full changelog
Refer to the git log in
<https://github.com/seL4/seL4> using `git log 8.0.0..9.0.0`
# More details
See the
[9.0.0 manual](http://sel4.systems/Info/Docs/seL4-manual-9.0.0.pdf) included in the
release or ask on the mailing list!
----
# CAmkES Version camkes-3.3.0 Release
Announcing the release of `camkes-3.3.0` with the following changes:
camkes-3.3.0 2018-04-11
Using seL4 version 9.0.0
## Changes
* Hardware dataport with large frame sizes issue has been fixed
* Bug fix: Enumerating connections for hierarchical components with custom connection
types is now done correctly
* Bug fix: Data structure caching is now correctly invalidated between builds
* Initial CMake implementation for CAmkES. See the CAmkES test apps for examples.
## Upgrade notes
* No special upgrade requirements.
## Known issues
* Hierarchical components that export dataport connectors create compilation errors as the
templates cannot accurately
tell that the connector of the parent component is exported from the child and no code
should be generated. A
temporary workaround involves making the dataport connection explicitly available to the
parent component.
---
# Full changelog
Use `git log camkes-3.2.0..camkes-3.3.0` in
<https://github.com/seL4/camkes-tool>
# More details
See the
[
documentation](https://github.com/seL4/camkes-tool/blob/camkes-3.3.0/docs/i…
or ask on the mailing list!