Added
- Ubuntu 20.04 packages are included in this release.
- OE SDK is now built using clang-10. It is required to upgrade the compiler to clang-10 if you are building the SDK from source.
- Add the CapturePFGPExceptions preference for the SGX2 feature of capturing #PF and #GP exceptions inside an enclave.
- Developers can specify the CapturePFGPExceptions with a binary value in the enclave config file or set the value via the newly added OE_SET_ENCLAVE_SGX2 macro, which is used to set SGX2-specific properties.
- When setting CapturePFGPExceptions=1, the OE loader will enable the feature when running on an SGX2-capable CPU.
- Once enabled, the in-enclave exception handler can capture the #PF (with the OE_EXCEPTION_PAGE_FAULT code) and #GP (with the code OE_EXCEPTION_ACCESS_VIOLATION code) exceptions.
- More information about the exceptions can be found in the
faulting_address
anderror_code
members of theoe_exception_record_t
structure passed into the handler.
- Add the following attestation claims from oe_verify_evidence():
- OE_CLAIM_TCB_STATUS
- OE_CLAIM_TCB_DATE
- Publish tool
oeutil
.- The tool, currently under the tools directory, will integrate multiple OE utilities in the future.
- The tool integrated
oegenerate
in this release.
- SGX enclaves created using OE SDK can now be debugged using
oelldb
.
oelldb
is a python based extension for LLDB that supports debugging SGX enclaves. lldb-7 or above is required.
Deprecated
- The
Release
build type for building the Open Enclave SDK from source is deprecated. The recommendation is usingRelWithDebInfo
instead. - Experimental support for RHEL has been deprecated.