Added
- Initial implementation of the Malloc Info API for dlmalloc (default allocator), and snmalloc.
- Added missing attribute validations to oeedger8r C++ implementation.
- Added new API oe_log_message. See design doc and sample.
- Added APIs and a library for developers to detect leaks in enclaves. See design doc and sample.
- Added support of QVL/QVE based SGX evidence verification, as described in design doc.
Changed
- Fixed #3543, updated openenclaverc file and documents on Windows to avoid overwriting CMAKE_PREFIX_PATH.
- The local and remote attestation samples are merged into a single sample.
- Disabled a set of OpenSSL APIs/macros that are considered as unsafe based on OE's threat model.
More specifically, those APIs allow users to configure an OpenSSL application to read certificates from the host filesystem, which is not trusted, and therefore not recommended for use in enclaves. OpenSSLSupport.md has been updated to reflect the changes.
Deprecated
-
The Open Enclave SDK will be dropping support for Ubuntu 16.04 after Dec 2020.
Developers and partners using Ubuntu 16.04 will need to move to using Ubuntu 18.04 by then.
#3625 tracks this. -
The Open Enclave SDK will be dropping support for WS2016 after Dec 2020.
Developers and partners using WS2016 will need to move to using WS2019 by then.
#3539 tracks this. -
The Open Enclave SDK is deprecating support for gcc while building the SDK from source after Dec 2020.
The recommended compiler while building the SDK from source is Clang.
#3555 tracks this.
Security
- Security fixes in oeedger8r
- Fix TOCTOU vulnerability in NULL terminator checks for ocall in/out string parameters.
- Count/size properties in deep-copied in/out structs are treated as read-only to prevent the host
from changing corrupting enclave memory by changing these properties.
- Fixed Socket syscalls can leak enclave memory contents (CVE-2020-15224).
Known issues
- In the open-enclave-hostverify package, the host-verify sample cannot be built with cmake. Use make to build it on Linux. On Windows it cannot be built currently. #3300 tracks issues related to the host-verify sample.