Added
- Ubuntu 20.04 packages are included in this release.
- OE SDK is now built using clang-10. It is required to upgrade the compiler to clang-10 if you are building the SDK from source.
- Add the CapturePFGPExceptions preference for the SGX2 feature of capturing #PF and #GP exceptions inside an enclave.
- Developers can specify the CapturePFGPExceptions with a binary value in the enclave config file or set the value via the newly added OE_SET_ENCLAVE_SGX2 macro, which is used to set SGX2-specific properties.
- When setting CapturePFGPExceptions=1, the OE loader will enable the feature when running on an SGX2-capable CPU.
- Once enabled, the in-enclave exception handler can capture the #PF (with the OE_EXCEPTION_PAGE_FAULT code) and #GP (with the code OE_EXCEPTION_ACCESS_VIOLATION code) exceptions.
- More information about the exceptions can be found in the
faulting_addressanderror_codemembers of theoe_exception_record_tstructure passed into the handler.
- Add the following attestation claims from oe_verify_evidence():
- OE_CLAIM_TCB_STATUS
- OE_CLAIM_TCB_DATE
- Publish tool
oeutil.- The tool, currently under the tools directory, will integrate multiple OE utilities in the future.
- The tool integrated
oegeneratein this release.
- SGX enclaves created using OE SDK can now be debugged using
oelldb.
oelldbis a python based extension for LLDB that supports debugging SGX enclaves. lldb-7 or above is required. - SGX Evidence verification stops checking SGX QEIdentity nextUpdate field.
Deprecated
- The
Releasebuild type for building the Open Enclave SDK from source is deprecated. The recommendation is usingRelWithDebInfoinstead.
Packages in this release have been tested against the following Intel packages
On Ubuntu 18.04: DCAP: 1.10.103.1-bionic1 PSW: 2.13.103.1-bionic1 SGXDriver: 1.35
On Ubuntu 20.04: DCAP: 1.10.103.1-focal1 PSW: 2.13.103.1-focal1 SGXDriver: 1.33
On Windows Server 2019: DCAP: 1.10.103.1 PSW: 2.12.103.1