Added
- Support for backtracing in debug and release builds.
- Implementations for GNU functions
backtraceandbacktrace_symbols(defined in execinfo.h) - Enclaves are built using
-fno-omit-frame-pointerfor accurate backtraces.
- Implementations for GNU functions
- Support for custom attestation data formats via new plugin model. Please refer to the design documentation.
- Support for host side sockets on Windows.
- Support to build OE enclave libraries with stack protector enabled.
- Enable
-fstack-protector-strongby default for enclave application build configurations in cmake and pkgconfig.
- Enable
Changed
- Open Enclave SDK is now officially an incubation project as part of the Linux
Foundation's Confidential Computing Consortium (CCC).- All contributions are now accepted under the terms of the Developer Certificate
of Origin. For details, see
Contributing to Open Enclave. - The copyright for all sources is now attributed to Open Enclave SDK contributors.
- All contributions are now accepted under the terms of the Developer Certificate
- Update Intel DCAP library dependencies to 1.4.1.
- Update Intel PSW dependencies to 2.6.100.2 on Windows.
- Enable
/W2 /WXon Windows builds by default to treat W2 warnings as errors. - Removed code related to deprecation of strftime.
- Enclave libs and enclaves are built using
-gc-sections. - Replace OCPWin and OCaml with esy. The CMake-driven OCaml build is replaced with esy and dune. To install esy as a prerequisite:
- On Linux,sudo ansible-playbook oe-linux-esy-setup.yml
- On Windows,npm install -g esy@0.5.8 - Update Ansible dependency from 2.8.0 to 2.8.2 in /scripts/ansible.
- safecrt.h and safemath.h are not installed as part of the SDK as they are meant for internal consumption.
Fixed
oe_random()now correctly returns a fully filled byte buffer for requests of > 1024 bytes.- Add
openenclavenamespace to dl and crypto libraries to prevent symbol collisions. Fixes #2082.